{"id":24807456,"url":"https://github.com/nicconike/protected-auto-commits","last_synced_at":"2026-01-06T07:03:04.685Z","repository":{"id":245481407,"uuid":"818351527","full_name":"Nicconike/Protected-Auto-Commits","owner":"Nicconike","description":null,"archived":false,"fork":false,"pushed_at":"2024-09-15T21:48:39.000Z","size":114,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-09-19T09:07:41.862Z","etag":null,"topics":["auto-commit","autocommit","autocommits","automation","master","protected-auto-commits","protected-branches","protected-branches-true"],"latest_commit_sha":null,"homepage":"https://github.com/Nicconike/Protected-Auto-Commits","language":null,"has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Nicconike.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-06-21T16:50:25.000Z","updated_at":"2024-09-15T21:48:43.000Z","dependencies_parsed_at":"2024-06-22T10:27:36.080Z","dependency_job_id":"d1cf04db-c952-4f01-a7f6-82431bfeff08","html_url":"https://github.com/Nicconike/Protected-Auto-Commits","commit_stats":null,"previous_names":["nicconike/protected-auto-commits"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Nicconike/Protected-Auto-Commits","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nicconike%2FProtected-Auto-Commits","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nicconike%2FProtected-Auto-Commits/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nicconike%2FProtected-Auto-Commits/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nicconike%2FProtected-Auto-Commits/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Nicconike","download_url":"https://codeload.github.com/Nicconike/Protected-Auto-Commits/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nicconike%2FProtected-Auto-Commits/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28223115,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2026-01-06T02:00:07.049Z","response_time":56,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["auto-commit","autocommit","autocommits","automation","master","protected-auto-commits","protected-branches","protected-branches-true"],"created_at":"2025-01-30T09:18:41.716Z","updated_at":"2026-01-06T07:03:04.659Z","avatar_url":"https://github.com/Nicconike.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Protected-Auto-Commits\n[![wakatime](https://wakatime.com/badge/user/018e538b-3f55-4e8e-95fa-6c3225418eed/project/4cff8c09-5663-4680-b6f2-0c3d40fab4ea.svg)](https://wakatime.com/badge/user/018e538b-3f55-4e8e-95fa-6c3225418eed/project/4cff8c09-5663-4680-b6f2-0c3d40fab4ea)\n\nIf you want to automate the commits for a bot in a protected branch as well then below approach is the best possible option\n\n## Direct Approach\nThe direct or straight-forward approach is to just create a GitHub App for your organization/account and use it within your account with a bot like `github-actions[bot]` which can use github app's token to commit automatically to a protected branch\n\nIf you are new to [GitHub Apps](https://docs.github.com/en/apps/overview), then please follow below steps to create a new GitHub App for your work and then use it in the way you want.\n\n### GitHub App\nA GitHub App is a type of integration that you can build to interact with and extend the functionality of GitHub. You can build a GitHub App to provide flexibility and reduce friction in your processes, without needing to sign in a user or create a service account.\n\n#### Register a New GitHub App\nFirst, Creating a GitHub App for your organization or account. Please follow the official documentation [here](https://docs.github.com/en/apps/creating-github-apps/registering-a-github-app/registering-a-github-app) or if that seems confusing then please follow below steps:\n\n1. Goto your organization/account's setting then click on developer settings as shown below\n\t![Settings](https://github.com/Nicconike/Protected-Auto-Commits/blob/master/assets/Settings.png)\n\t![Developer Settings](https://github.com/Nicconike/Protected-Auto-Commits/blob/master/assets/Developer_Settings.png)\n\n2. Create New GitHub App\n\t![GitHub App](https://github.com/Nicconike/Protected-Auto-Commits/blob/master/assets/Github_App.png)\n\n3. Name the App and add a Homepage URL\n\t![Register](https://github.com/Nicconike/Protected-Auto-Commits/blob/master/assets/Register.png)\n\n\u003e [!Note]\n\u003e The GitHub App Name must be unique\n\u003e\n\u003e For Homepage URL, you can provide any URL since it will be for your account only.\n\n4. Permissions\n\t1. Only Repo permissions are needed for contents `Access: Read and Write`\n\t2. Metadata read only permission is mandatory `Access: Read-only`\n\t3. If needed you can also add Actions permission `Access: Read-only`\n\n#### Installation\n\n1. Installation\n\t1. Select `Only on this Account`\n\n\t![Installation](https://github.com/Nicconike/Protected-Auto-Commits/blob/master/assets/Installation.png)\n\n\t2. Install the app to the repository where you need to push commits to a protected branch\n\n2. Environment Variables\n\t1. APP ID: After App creation, copy the app id from the General section and save it your respective repo's env vars/secrets\n\t2. Private Key: Create a private key which is required to sign access token requests as shown below. Learn more about Private Keys from [here](https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/about-authentication-with-a-github-app#generating-a-private-key).\n\t![Private Key](https://github.com/Nicconike/Protected-Auto-Commits/blob/master/assets/Private_Key.png)\n\n3. Protected Branches\n\t1. If not enabled already, then enable branch protection rules in your repository and add the newly created Github App to bypass these rules\n\t2. Also, please make sure that you are creating a branch ruleset instead of the legacy or classic branch protection rule. Because the bypass won't work with classic rule.\n\t![Rulesets](https://github.com/Nicconike/Protected-Auto-Commits/blob/master/assets/Rulesets.png)\n\n#### Configuration\n\n1. Create a yml file in workflow folder let's say it as `release.yml`. Now, add below action as the 1st step in the workflow\n\t```yml\n\tsteps:\n          - name: GitHub App Token\n            uses: actions/create-github-app-token@v1\n            id: app-token\n            with:\n                app-id: ${{ secrets.APP_ID }}\n                private-key: ${{ secrets.APP_PRIVATE_KEY }}\n\t```\n\n2. For checkout step, use the created app token\n\t```yml\n\t- name: Checkout Repo\n            uses: actions/checkout@v4\n            with:\n                fetch-depth: 0\n                token: ${{ steps.app-token.outputs.token }}\n\t```\n\n3. Also, use this token in other steps as per your requirements\n4. You are all set!\n\n#### Examples\n\nHere are few real time examples which I use for my own repositories\n\n1. [Steam Stats](https://github.com/Nicconike/Steam-Stats)\n\n\tWorkflow file - [release.yml](https://github.com/Nicconike/Steam-Stats/blob/master/.github/workflows/release.yml#L25)\n\t```yml\n\tsteps:\n          - name: GitHub App Token\n            uses: actions/create-github-app-token@v1\n            id: app-token\n            with:\n                app-id: ${{ secrets.APP_ID }}\n                private-key: ${{ secrets.APP_PRIVATE_KEY }}\n\n          - name: Checkout Code\n            uses: actions/checkout@v4\n            with:\n                fetch-depth: 0\n                token: ${{ steps.app-token.outputs.token }}\n\n          - name: Set up Python\n            uses: actions/setup-python@v5\n            with:\n                python-version: '3.12'\n                cache: \"pip\"\n\n          - name: Cache Dependencies\n            uses: actions/cache@v4\n            with:\n                path: ~/.cache/pip\n                key: ${{ runner.os }}-pip-${{ hashFiles('requirements.txt') }}\n                restore-keys: |\n                    ${{ runner.os }}-pip-\n\n          - name: Install Dependencies\n            run: |\n                python -m pip install --upgrade pip\n                pip install python-semantic-release\n\n          - name: Semantic Release\n            id: github-release\n            uses: python-semantic-release/python-semantic-release@v9.8.5\n            with:\n                github_token: ${{ steps.app-token.outputs.token }}\n\t```\n\n2. [Steam Stats](https://github.com/Nicconike/Steam-Stats)\n\n\tWorkflow file - [codeql.yml](https://github.com/Nicconike/Steam-Stats/blob/master/.github/workflows/codeql.yml#L53)\n\t```yml\n\tsteps:\n          - name: GitHub App Token\n            uses: actions/create-github-app-token@v1\n            id: app-token\n            with:\n                app-id: ${{ secrets.APP_ID }}\n                private-key: ${{ secrets.APP_PRIVATE_KEY }}\n\n          - name: Checkout Code\n            uses: actions/checkout@v4\n            with:\n                token: ${{ steps.app-token.outputs.token }}\n\n          - name: Set up Python\n            uses: actions/setup-python@v5\n            with:\n                python-version: \"3.x\"\n                cache: \"pip\"\n\n          - name: Cache Dependencies\n            uses: actions/cache@v4\n            with:\n                path: ~/.cache/pip\n                key: ${{ runner.os }}-pip-${{ hashFiles('requirements.txt') }}\n                restore-keys: |\n                    ${{ runner.os }}-pip-\n\n          - name: Run Pylint and Generate Badge\n            id: run-pylint\n            run: |\n                python -m pip install --upgrade pip\n                pip install pylint\n                pylint_output=$(pylint api tests || true)\n                echo \"$pylint_output\"\n\n                score=$(echo \"$pylint_output\" | grep -oP 'Your code has been rated at \\K[0-9]+\\.[0-9]+' || echo \"0.0\")\n                color=\"red\"\n                if (( $(echo \"$score == 10\" | bc -l) )); then\n                    color=\"brightgreen\"\n                elif (( $(echo \"$score \u003e= 9\" | bc -l) )); then\n                    color=\"yellow\"\n                elif (( $(echo \"$score \u003e= 8\" | bc -l) )); then\n                    color=\"orange\"\n                elif (( $(echo \"$score \u003e= 6\" | bc -l) )); then\n                    color=\"red\"\n                fi\n\n                badge=\"![Pylint](https://img.shields.io/badge/Pylint-$score-$color?logo=python)\"\n                echo \"PYLINT_BADGE=$badge\" \u003e\u003e $GITHUB_OUTPUT\n\n          - name: Update README with Pylint Badge\n            if: github.ref == 'refs/heads/master'\n            env:\n                GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}\n            run: |\n                sed -i 's|!\\[Pylint\\](.*)|${{ steps.run-pylint.outputs.PYLINT_BADGE }}|' README.md\n                git config --global user.email \"41898282+github-actions[bot]@users.noreply.github.com\"\n                git config --global user.name \"github-actions[bot]\"\n                git add README.md\n                git diff --quiet \u0026\u0026 git diff --staged --quiet || (git commit -m \"chore: Update Pylint Badge\" \u0026\u0026 git push origin HEAD:master)\n\t```\n\n3. [Goautomate](https://github.com/Nicconike/goautomate)\n\n\tWorkflow file - [release.yml](https://github.com/Nicconike/goautomate/blob/master/.github/workflows/release.yml#L17)\n\t```yml\n\tsteps:\n          - name: GitHub App Token\n            uses: actions/create-github-app-token@v1\n            id: app-token\n            with:\n                app-id: ${{ secrets.APP_ID }}\n                private-key: ${{ secrets.APP_PRIVATE_KEY }}\n\n          - name: Checkout Repo\n            uses: actions/checkout@v4\n            with:\n                fetch-depth: 0\n                token: ${{ steps.app-token.outputs.token }}\n\n          - name: Setup Go\n            uses: actions/setup-go@v5\n            with:\n                go-version: \"1.22.x\"\n\n          - name: Semantic Release\n            uses: go-semantic-release/action@v1\n            id: semantic\n            with:\n                github-token: ${{ steps.app-token.outputs.token }}\n                changelog-file: CHANGELOG.md\n                update-file: go.mod\n                changelog-generator-opt: \"emojis=true\"\n\t```\n\n4. Automated GitHub Releases Example\n\t1. [Goautomate](https://github.com/Nicconike/goautomate/releases)\n\t2. [Steam-Stats](https://github.com/Nicconike/Steam-Stats/releases)\n\n5. Automated Github Commits in master (protected branch) Example\n    1. [Steam-Stats](https://github.com/Nicconike/Steam-Stats/commits/master/?author=protected-auto-commits%5Bbot%5D)\n\n## Thanks for Reading!\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnicconike%2Fprotected-auto-commits","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnicconike%2Fprotected-auto-commits","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnicconike%2Fprotected-auto-commits/lists"}