Skip to content

feat: introduce gh-infra for declarative repository management #900

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
ryo246912 wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: introduce gh-infra for declarative repository management #900

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion .rulesync/rules/CLAUDE.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,9 @@ This is a comprehensive personal dotfiles repository managed with [chezmoi](http
6. **Configure GitHub repositories:**

```bash
setup-github
# Initial setup (requires gh-infra extension)
mise run gh-infra-setup
mise run gh-infra-apply
```

7. **Apply Karabiner key mappings (macOS only):**
Expand Down Expand Up @@ -195,6 +197,8 @@ This repository treats personal development environment as code:

- All command-line tools are managed through mise for version consistency

- GitHub repository settings and files are managed via gh-infra

- Chezmoi templates use hash-based change detection for efficient updates

## Useful References
Expand Down
6 changes: 5 additions & 1 deletion CLAUDE.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,9 @@ This is a comprehensive personal dotfiles repository managed with [chezmoi](http
6. **Configure GitHub repositories:**

```bash
setup-github
# Initial setup (requires gh-infra extension)
mise run gh-infra-setup
mise run gh-infra-apply
```

7. **Apply Karabiner key mappings (macOS only):**
Expand Down Expand Up @@ -187,6 +189,8 @@ This repository treats personal development environment as code:

- All command-line tools are managed through mise for version consistency

- GitHub repository settings and files are managed via gh-infra

- Chezmoi templates use hash-based change detection for efficient updates

## Useful References
Expand Down
43 changes: 43 additions & 0 deletions dot_config/gh-infra/dotfiles.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
apiVersion: gh-infra/v1
kind: Repository
metadata:
name: ryo246912/dotfiles
spec:
description: "ryo246912's dotfiles"
visibility: public
topics:
- dotfiles
- chezmoi
- mise
- zsh
homepage_url: https://github.com/ryo246912/dotfiles
has_issues: true
has_projects: false
has_wiki: false
allow_squash_merge: true
allow_merge_commit: true
allow_rebase_merge: false
delete_branch_on_merge: true
allow_update_branch: true
squash_merge_commit_title: PR_TITLE
squash_merge_commit_message: PR_BODY
rulesets:
- name: main
enforcement: active
target: branch
conditions:
ref_name:
include:
- "~DEFAULT_BRANCH"
exclude: []
rules:
- type: deletion
- type: non_fast_forward
- type: required_signatures
- type: pull_request
parameters:
required_approving_review_count: 1
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot Apr 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

個人リポジトリにおいて required_approving_review_count: 1 を設定すると、自分自身でプルリクエストを承認できないため、マージがブロックされる可能性があります。他に承認できる共同作業者がいない場合は、この値を 0 に設定することを検討してください。

            required_approving_review_count: 0

dismiss_stale_reviews_on_push: true
require_code_owner_review: false
require_last_push_approval: true
required_review_thread_resolution: false
Comment on lines +37 to +43
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Apr 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🌐 Web query:

GitHub branch ruleset pull_request required_approving_review_count behavior for repository owner self-approval and bypass actors

💡 Result:

In GitHub branch rulesets, the required_approving_review_count rule under pull_request requires a specified number of approving reviews from users with write or admin permissions before a PR can be merged to the protected branch. Pull request authors, including repository owners, cannot approve their own PRs, regardless of their permissions. This is a built-in restriction to enforce meaningful peer review. Repository owners (admins) can bypass rulesets entirely if listed in the bypass_actors (e.g., actor_type "RepositoryRole" with appropriate ID, or "RepositoryAdmin" in org contexts), allowing direct pushes or merges without PRs or reviews. Bypass actors can ignore required_approving_review_count and other PR rules by selecting the bypass option during merge. For self-approval without bypass, it is not possible; owners must get reviews from others or use workflows/apps for auto-approval (though bot approvals may not always count toward the required count). Sources confirm: PR authors cannot self-approve (StackOverflow), docs describe review requirements from write/admin users excluding authors (,,), bypass for admins/actors (,).

Citations:

🏁 Script executed:

cat dot_config/gh-infra/dotfiles.yaml

Repository: ryo246912/dotfiles

Length of output: 1177

required_approving_review_count: 1 がこのリポジトリの所有者による PR マージをブロック

GitHub の仕様上、PR 作者は自身の PR を承認できません。このリポジトリは単独メンテナ構成ですが、required_approving_review_count: 1 を強制すると、所有者が作成した PR をマージできなくなります。

現在の設定に bypass_actors がないため、この制限は回避できない状態です。自動化 (Renovate / Jules / GitHub Actions など) による PR のマージが目的であれば問題ありませんが、手動マージが必要な場合は、ルールセットに bypass_actors を追加するか、承認要件を見直してください。

12 changes: 12 additions & 0 deletions dot_config/mise/config.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -208,3 +208,15 @@ run = "prettier --check '**/*.json'"
[tasks.fix-json]
description = "Run fix json files"
run = "prettier --write '**/*.json'"

[tasks.gh-infra-setup]
description = "Install gh-infra extension"
run = "gh extension install babarot/gh-infra"

[tasks.gh-infra-plan]
description = "Run gh-infra plan"
run = "gh infra plan dot_config/gh-infra/"

[tasks.gh-infra-apply]
description = "Run gh-infra apply"
run = "gh infra apply dot_config/gh-infra/"
Comment on lines +212 to +222
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot Apr 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

これらのタスクはルートの mise.toml にも定義されており、重複しています。また、相対パス dot_config/gh-infra/ を使用しているため、リポジトリのルート以外(グローバルなコンテキスト)で実行するとパスが見つからずエラーになります。グローバル設定である dot_config/mise/config.toml からはこれらのタスクを削除し、リポジトリ内の mise.toml で管理することを推奨します。

Comment on lines +212 to +222
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Apr 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# 確認: 同一タスク名がリポジトリ内の複数 mise 設定で重複していないか
rg -nP '^\[tasks\.gh-infra-(setup|plan|apply)\]' --type=toml
# 確認: dot_config/mise/config.toml がチェズモイで ~/.config/mise/config.toml に展開される配置か
fd -a 'config.toml' dot_config/mise

Repository: ryo246912/dotfiles

Length of output: 383

🏁 Script executed:

# タスク内容の完全一致確認
echo "=== mise.toml tasks (lines 102-112) ===" && sed -n '102,112p' mise.toml
echo "" && echo "=== dot_config/mise/config.toml tasks (lines 212-222) ===" && sed -n '212,222p' dot_config/mise/config.toml

# チェズモイのデプロイ設定確認
echo "" && echo "=== chezmoi patterns ===" && find . -name '.chezmoi*' -o -name '*.tmpl' | head -20
echo "" && echo "=== dot_config directory structure ===" && find dot_config/mise -type f

Repository: ryo246912/dotfiles

Length of output: 1470

🏁 Script executed:

# chezmoiignore と chezmoi metadata
echo "=== .chezmoiignore ===" && cat .chezmoiignore | head -30
echo "" && echo "=== dot_config/mise/.chezmoi* files ===" && ls -la dot_config/mise/.chezmoi* 2>/dev/null || echo "No .chezmoi* metadata files found"
echo "" && echo "=== chezmoi source directory (if exists) ===" && ls -la .chezmoi/ 2>/dev/null | head -20 || echo "No .chezmoi directory"
echo "" && echo "=== Checking for exact_ prefix indicating exact copy ===" && ls -la dot_config/ | grep '^d' | head -20

Repository: ryo246912/dotfiles

Length of output: 1781

🏁 Script executed:

# mise.toml が chezmoiignore に含まれることを確認
grep -n "mise.toml" .chezmoiignore

# 相対パスが実際に機能するか確認するため、dot_config/gh-infra の存在確認
echo "" && echo "=== dot_config/gh-infra directory ===" && ls -la dot_config/gh-infra/ 2>/dev/null || echo "Directory exists or is checked"

# その他の mise config ファイルの内容を確認(タスク定義の有無)
echo "" && echo "=== Other mise config files (checking for gh-infra tasks) ===" && for f in dot_config/mise/config.*.toml; do echo "--- $f ---" && grep -c "gh-infra" "$f" || echo "0"; done

Repository: ryo246912/dotfiles

Length of output: 538

dot_config/mise/config.toml から gh-infra タスク定義を削除

同一タスク(gh-infra-setup/gh-infra-plan/gh-infra-apply)の定義が重複しています:

  • mise.toml(リポジトリ root):行 102-112
  • dot_config/mise/config.toml:行 212-222

.chezmoiignoremise.toml は除外されており、dot_config/mise/config.toml のみがチェズモイで ~/.config/mise/config.toml に展開されます。展開先の global 設定で dot_config/gh-infra/ という相対パスを参照すると、リポジトリ root 以外で実行した場合にパス解決に失敗します。

これらのタスクはリポジトリ root の mise.toml のみに定義すれば十分です。dot_config/mise/config.toml から削除してください。

削除対象 
-[tasks.gh-infra-setup]
-description = "Install gh-infra extension"
-run         = "gh extension install babarot/gh-infra"
-
-[tasks.gh-infra-plan]
-description = "Run gh-infra plan"
-run         = "gh infra plan dot_config/gh-infra/"
-
-[tasks.gh-infra-apply]
-description = "Run gh-infra apply"
-run         = "gh infra apply dot_config/gh-infra/"
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
[tasks.gh-infra-setup]
description = "Install gh-infra extension"
run = "gh extension install babarot/gh-infra"
[tasks.gh-infra-plan]
description = "Run gh-infra plan"
run = "gh infra plan dot_config/gh-infra/"
[tasks.gh-infra-apply]
description = "Run gh-infra apply"
run = "gh infra apply dot_config/gh-infra/"

17 changes: 17 additions & 0 deletions dot_config/rulesync/exact_dot_rulesync/skills/gh-infra/SKILL.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
# gh-infra

Manage GitHub repository settings and files declaratively using gh-infra.

## Commands

### /gh-infra-plan

Run `gh infra plan` to see changes.

### /gh-infra-apply

Run `gh infra apply` to apply changes.
Comment on lines +7 to +13
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Apr 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

コマンド表記の一貫性

mise.toml / dot_config/mise/config.toml / dot_config/zabrze/github.toml ではいずれも gh infra plan dot_config/gh-infra/gh infra apply dot_config/gh-infra/ と対象ディレクトリを明示しています。ここの gh infra plan / gh infra apply は引数なしのため、AI エージェントがそのままコピーして実行すると対象不明で失敗する可能性があります。同じパスを明示するか、mise run gh-infra-plan / mise run gh-infra-apply を案内する方が一貫します。

提案 diff 
 ### /gh-infra-plan

-Run `gh infra plan` to see changes.
+Run `mise run gh-infra-plan` (or `gh infra plan dot_config/gh-infra/`) to see changes.

 ### /gh-infra-apply

-Run `gh infra apply` to apply changes.
+Run `mise run gh-infra-apply` (or `gh infra apply dot_config/gh-infra/`) to apply changes.


## Usage

Use these commands when you want to update GitHub repository settings (topics, visibility, merge strategies) or distribute files across repositories managed by gh-infra.
14 changes: 14 additions & 0 deletions dot_config/zabrze/github.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
[[snippets]]
name = "gh infra plan"
snippet = "gh infra plan dot_config/gh-infra/"
trigger = "ghip"

[[snippets]]
name = "gh infra apply"
snippet = "gh infra apply dot_config/gh-infra/"
Comment on lines +3 to +8
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot Apr 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

スニペット内で相対パス dot_config/gh-infra/ が使用されています。zabrze の略称は任意のディレクトリで展開されるため、リポジトリのルート以外では正しく動作しません。リポジトリの場所を特定できる絶対パスを使用するか、実行時にディレクトリをチェックするような仕組みを検討してください。

trigger = "ghia"

[[snippets]]
name = "gh infra import"
snippet = "gh infra import"
trigger = "ghii"
12 changes: 12 additions & 0 deletions mise.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -98,3 +98,15 @@ run = [
"npm:@taplo/cli" = "0.7.0"
"npm:prettier" = "3.8.1"
"pipx:zizmor" = "1.23.1"

[tasks.gh-infra-setup]
description = "Install gh-infra extension"
run = "gh extension install babarot/gh-infra"

[tasks.gh-infra-plan]
description = "Run gh-infra plan"
run = "gh infra plan dot_config/gh-infra/"

[tasks.gh-infra-apply]
description = "Run gh-infra apply"
run = "gh infra apply dot_config/gh-infra/"
Loading