From 147375fd869eb523b60a60366cd28d7c403d80eb Mon Sep 17 00:00:00 2001 From: jdalton Date: Tue, 7 Apr 2026 13:30:23 -0400 Subject: [PATCH 1/2] fix(ci): trigger required checks on automated PRs --- .github/workflows/weekly-update.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/.github/workflows/weekly-update.yml b/.github/workflows/weekly-update.yml index 8e2d07044..b8b3ba53e 100644 --- a/.github/workflows/weekly-update.yml +++ b/.github/workflows/weekly-update.yml @@ -293,6 +293,21 @@ jobs: --head "$BRANCH_NAME" \ --base main + # Pushes made with GITHUB_TOKEN don't trigger other workflows. + # Close/reopen the PR to generate a pull_request.reopened event, + # which triggers required CI and enterprise audit workflows. + - name: Trigger CI checks + if: steps.final.outputs.success == 'true' && steps.validate.outputs.valid == 'true' && steps.changes.outputs.has-changes == 'true' + env: + GH_TOKEN: ${{ github.token }} + BRANCH_NAME: ${{ steps.branch.outputs.branch }} + run: | + pr_number=$(gh pr list --head "$BRANCH_NAME" --json number --jq '.[0].number') + if [ -n "$pr_number" ]; then + gh pr close "$pr_number" + gh pr reopen "$pr_number" + fi + - name: Add job summary if: steps.final.outputs.success == 'true' && steps.validate.outputs.valid == 'true' && steps.changes.outputs.has-changes == 'true' env: From c6edf405b57cdca94dc4e31e5ff21e2f18ed0457 Mon Sep 17 00:00:00 2001 From: Cursor Agent Date: Tue, 7 Apr 2026 17:35:34 +0000 Subject: [PATCH 2/2] fix(ci): use workflow_dispatch to trigger CI on automated PRs The close/reopen approach used GITHUB_TOKEN which cannot trigger workflow runs (GitHub limitation applies to all events except workflow_dispatch and repository_dispatch). Replace with gh workflow run ci.yml which uses the exempted workflow_dispatch event. Add actions:write permission required for workflow_dispatch. --- .github/workflows/weekly-update.yml | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/.github/workflows/weekly-update.yml b/.github/workflows/weekly-update.yml index b8b3ba53e..8d2286b29 100644 --- a/.github/workflows/weekly-update.yml +++ b/.github/workflows/weekly-update.yml @@ -59,6 +59,7 @@ jobs: if: needs.check-updates.outputs.has-updates == 'true' && inputs.dry-run != true runs-on: ubuntu-latest permissions: + actions: write contents: write pull-requests: write steps: @@ -293,20 +294,16 @@ jobs: --head "$BRANCH_NAME" \ --base main - # Pushes made with GITHUB_TOKEN don't trigger other workflows. - # Close/reopen the PR to generate a pull_request.reopened event, - # which triggers required CI and enterprise audit workflows. + # Events triggered by GITHUB_TOKEN don't create new workflow runs, + # with the exception of workflow_dispatch and repository_dispatch. + # Use workflow_dispatch to trigger CI on the newly pushed branch. - name: Trigger CI checks if: steps.final.outputs.success == 'true' && steps.validate.outputs.valid == 'true' && steps.changes.outputs.has-changes == 'true' env: GH_TOKEN: ${{ github.token }} BRANCH_NAME: ${{ steps.branch.outputs.branch }} run: | - pr_number=$(gh pr list --head "$BRANCH_NAME" --json number --jq '.[0].number') - if [ -n "$pr_number" ]; then - gh pr close "$pr_number" - gh pr reopen "$pr_number" - fi + gh workflow run ci.yml --ref "$BRANCH_NAME" - name: Add job summary if: steps.final.outputs.success == 'true' && steps.validate.outputs.valid == 'true' && steps.changes.outputs.has-changes == 'true'