Update Helm release rollout-operator to v0.33.1 (main) #92

	name: Auto-review helm-weekly-release PRs

	on:
	pull_request:
	types: [opened]
	branches:
	- main
	paths:
	- operations/helm/charts/**

	permissions: {}

	jobs:
	auto-reviewer:
	runs-on: ubuntu-latest
	permissions:
	contents: read
	id-token: write

	if: ${{ ! github.event.pull_request.head.repo.fork && github.event.pull_request.user.login == 'mimir-vendoring[bot]' }}

	steps:
	- name: Checkout Repository
	uses: actions/checkout@v4
	with:
	persist-credentials: false

	- name: Retrieve GitHub App Credentials from Vault
	id: get-secrets
	uses: grafana/shared-workflows/actions/get-vault-secrets@5d7e361bc7e0a183cde8afe9899fb7b596d2659b # get-vault-secrets-v1.2.0
	with:
	repo_secrets: \|
	APP_ID=mimir-github-bot:app_id
	PRIVATE_KEY=mimir-github-bot:private_key

	- name: Generate GitHub App Token
	id: app-token
	uses: actions/create-github-app-token@v1
	with:
	app-id: ${{ env.APP_ID }}
	private-key: ${{ env.PRIVATE_KEY }}
	owner: ${{ github.repository_owner }}

	- name: Approve and auto-merge
	id: auto-merge
	if: startsWith(github.event.pull_request.head.ref, 'helm-chart-weekly-')
	run: \|
	gh pr merge --auto --squash "$PR_URL"
	gh pr review $PR_URL \
	--approve -b "I'm approving this pull request, since it is a helm release."
	env:
	PR_URL: ${{github.event.pull_request.html_url}}
	GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}

	- name: Manual review is required
	if: steps.auto-merge.conclusion != 'success'
	run: \|
	gh pr comment $PR_URL --body "This PR requires manual review."
	env:
	PR_URL: ${{github.event.pull_request.html_url}}
	GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

Provide feedback