top | item 43090097

(no title)

Hey HN! We recently got our SOC2 certification. One thing that really annoys us is having to get all deployment PRs approved by at least one person per guidelines. This might not sound like a lot but it gets annoying pretty fast when you are 2 people and deploy multiple times a day.

We built a very simple Github bot that snap-approves all pull requests for the default branch. For some extra flair, it sends a very dry joke about the contents of the PR.

In the off-chance that you are also a small team that has a Slack channel filled with PR links just to get them blindly approved, you can download it for yourself.

p.s. This is obviously mostly parody. Even though we have a small use-case for it, we realize how stupid this is.

discuss

AnBouch|1 year ago

Approval is not mandatory for all PRs. You can change your policy about it and easily justify it with your auditor. => It makes way more sense to have important stuff reviewed vs automated approval from a bot.

emregucerr|1 year ago

I think most people blindly try to get controls in Vanta/Drata to pass like us. I'd much rather build a dumb bot than having to talk to my auditor. But still

> we realize how stupid this is