Jason Woltje
7c9bb67fcd
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Add automated PR merge system with strict quality gates ensuring code review, security review, and QA completion before merging to develop. Features: - Enhanced Woodpecker CI with strict quality gates - Automatic PR merging when all checks pass - Security scanning (dependency audit, secrets, SAST) - Test coverage enforcement (≥85%) - Comprehensive documentation and migration guide Quality Gates: ✅ Lint (strict, blocking) ✅ TypeScript (strict, blocking) ✅ Build verification (strict, blocking) ✅ Security audit (strict, blocking) ✅ Secret scanning (strict, blocking) ✅ SAST (Semgrep, currently non-blocking) ✅ Unit tests (strict, blocking) ⚠️ Test coverage (≥85%, planned) Auto-Merge: - Triggers when all quality gates pass - Only for PRs targeting develop - Automatically deletes source branch - Notifies on success/failure Files Added: - .woodpecker.enhanced.yml - Enhanced CI configuration - scripts/ci/auto-merge-pr.sh - Standalone merge script - docs/AUTOMATED-PR-MERGE.md - Complete documentation - docs/MIGRATION-AUTO-MERGE.md - Migration guide Migration Plan: Phase 1: Enhanced CI active, auto-merge in dry-run Phase 2: Enable auto-merge for clean PRs Phase 3: Enforce test coverage threshold Phase 4: Full enforcement (SAST blocking) Benefits: - Zero manual intervention for clean PRs - Strict quality maintained (85% coverage, no errors) - Security vulnerabilities caught before merge - Faster iteration (auto-merge within minutes) - Clear feedback (detailed quality gate results) Next Steps: 1. Review .woodpecker.enhanced.yml configuration 2. Test with dry-run PR 3. Configure branch protection for develop 4. Gradual rollout per migration guide Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>