From d71e8dd96afcbcac773b78e2218884d82fd1e8ed Mon Sep 17 00:00:00 2001
From: Michel Roegl-Brunner <michel.roegl-brunner@htl-braunau.at>
Date: Tue, 7 Oct 2025 11:30:28 +0200
Subject: [PATCH] Workflow

---
 .github/workflows/publish_release.yml | 47 ++++++++++++++++++++++-----
 1 file changed, 38 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/publish_release.yml b/.github/workflows/publish_release.yml
index b977bf6..2775c28 100644
--- a/.github/workflows/publish_release.yml
+++ b/.github/workflows/publish_release.yml
@@ -14,6 +14,24 @@ jobs:
       - name: Checkout repo
         uses: actions/checkout@v4
 
+      - name: Generate a token
+        id: generate-token
+        uses: actions/create-github-app-token@v2
+        with:
+          app-id: ${{ vars.APP_ID_APPROVE_AND_MERGE }}
+          private-key: ${{ secrets.APP_KEY_APPROVE_AND_MERGE }}
+          owner: community-scripts
+          repositories: ProxmoxVE-Local
+
+      - name: Generate a token for PR approval and merge
+        id: generate-token-merge
+        uses: actions/create-github-app-token@v2
+        with:
+          app-id: ${{ vars.APP_ID_APPROVE_AND_MERGE }}
+          private-key: ${{ secrets.APP_KEY_APPROVE_AND_MERGE }}
+          owner: community-scripts
+          repositories: ProxmoxVE-Local
+
       
       - name: Get latest draft release
         id: draft
@@ -67,17 +85,28 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
      
-      - name: Authenticate gh with PAT
-        run: |
-          echo "${{ secrets.PAT_MICHEL }}" | gh auth login --with-token
-
-
-      - name: Merge PR as PAT user
-        run: |
-          gh pr merge "${{ steps.pr.outputs.pr_number }}" --squash --body "Merge VERSION update" --admin
+      - name: Approve pull request
+        if: env.changed == 'true'
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          PR_NUMBER="${{ steps.pr.outputs.pr_number }}"
+          if [ -n "$PR_NUMBER" ]; then
+            gh pr review $PR_NUMBER --approve
+          fi
 
+      - name: Approve pull request and merge
+        if: env.changed == 'true'
+        env:
+          GH_TOKEN: ${{ steps.generate-token-merge.outputs.token }}
+        run: |
+          git config --global user.name "github-actions-automege[bot]"
+          git config --global user.email "github-actions-automege[bot]@users.noreply.github.com"
+          PR_NUMBER="${{ steps.pr.outputs.pr_number }}"
+          if [ -n "$PR_NUMBER" ]; then
+            gh pr review "$PR_NUMBER" --approve
+            gh pr merge "$PR_NUMBER" --squash --admin
+          fi        
       
       - name: Wait for PR merge
         uses: actions/github-script@v7