name: OpenSpec Auto-Approval on: pull_request: paths: - 'openspec/changes/**' - 'openspec/specs/**' - '.github/workflows/openspec-auto-approve.yml' types: [opened, synchronize, reopened] permissions: pull-requests: write contents: read jobs: auto-approve-openspec: runs-on: ubuntu-latest # Only approve PRs from Claude (AI agents) if: github.actor == 'fullsizemalt' || contains(github.head_ref, 'claude/') steps: - name: Checkout code uses: actions/checkout@v4 - name: Check if PR is OpenSpec-related id: check_openspec run: | # Check if changes are only in openspec directory CHANGED_FILES=$(git diff --name-only origin/main...HEAD) OPENSPEC_FILES=$(echo "$CHANGED_FILES" | grep -E '^openspec/' | wc -l) TOTAL_FILES=$(echo "$CHANGED_FILES" | wc -l) if [ "$OPENSPEC_FILES" -eq "$TOTAL_FILES" ] && [ "$OPENSPEC_FILES" -gt 0 ]; then echo "is_openspec=true" >> $GITHUB_OUTPUT else echo "is_openspec=false" >> $GITHUB_OUTPUT fi - name: Auto-approve OpenSpec PR if: steps.check_openspec.outputs.is_openspec == 'true' uses: hmarr/auto-approve-action@v3 with: github-token: ${{ secrets.GITHUB_TOKEN }} - name: Add OpenSpec label if: steps.check_openspec.outputs.is_openspec == 'true' uses: actions/github-script@v7 with: script: | github.rest.issues.addLabels({ issue_number: context.issue.number, owner: context.repo.owner, repo: context.repo.repo, labels: ['openspec', 'auto-approved'] }) - name: Comment on PR if: steps.check_openspec.outputs.is_openspec == 'true' uses: actions/github-script@v7 with: script: | github.rest.issues.createComment({ issue_number: context.issue.number, owner: context.repo.owner, repo: context.repo.repo, body: '✅ **Auto-approved** via OpenSpec workflow.\n\nThis PR modifies only OpenSpec proposals and specs. Ready for merge. 🚀' })