PR Automation

Documentation Index

Fetch the complete documentation index at: https://docs.opentaco.dev/llms.txt

Use this file to discover all available pages before exploring further.

​

What you get

• PR-based plan/apply workflows in CI
• Comment-driven operations and approval controls
• Reusable workflows across infrastructure repositories

​

Why run Infrastructure as Code within Continuous Integration

• Standardized runtime behavior across teams, repos, and environments
• No need for every contributor to install and maintain the full IaC toolchain for routine changes
• GitOps visibility: plans, approvals, and applies are tied to pull requests and commits
• Better change and approval auditability through your existing VCS history and CI logs
• Fewer “works on my machine” issues due to centralized execution
• Easier policy and control enforcement (checks, approvals, and workflow gates)
• Reduced credential sprawl by keeping cloud and platform credentials off developer machines
• Support for short-lived workflow authentication (for example, OIDC-based tokens) instead of long-lived static secrets

​

Typical workflow

1. Install the OpenTaco GitHub App for your repos/org.
2. Add digger.yml to define projects and workflows.
3. Add the GitHub Actions workflow that runs OpenTaco automation.
4. Open a PR and use plan/apply commands through comments.

​

Common controls teams add

• Apply requirements (approval, mergeability, branch state)
• PR-level locking and concurrency controls
• Cost/security checks and custom command steps

​

When teams start with PR Automation

• You want safer PR review for infrastructure changes without changing state backend immediately.
• You want a standard CI automation layer across many repos.
• You want a path to add drift detection and state management incrementally.

​

Start here

• Onboarding: GitHub App setup
• Onboarding: PR automation workflow
• PR Automation docs