exempt an approval requirement for automated account

[kishor7007]

Select Topic Area

Question

Body

I want to exempt an approval requirement for automated account,
I have a branch protection rules setup with approval required count : 1 for user's PRs to review.
However, I have a bot account for automated work, those PRs are not required approval. How can I exempt it?

Restrict who can dismiss pull request reviews enabled and included my bot account.
Allow specified actors to bypass required pull requests enabled and included my bot account.

still it the bot created PR asking for approval. can someone help me on this?

[gechjs]

How to Let Your GitHub Bot Merge Pull Requests Without Needing Approval

If your bot is trying to merge pull requests (PRs) but keeps getting blocked because of review rules, here’s how to fix it.

Step-by-Step Guide

Go to Repository Settings

Open your repository on GitHub

Click on “Settings” at the top

Then go to “Branches”

Under “Branch protection rules,” find the one for your main branch (like main or master), and click “Edit”

Change the Bypass Settings
You will see two checkboxes:

Check "Allow specified actors to bypass required pull requests"

Check "Restrict who can dismiss pull request reviews"

Add Your Bot’s Name

After you check the boxes, a new input field will appear

Type in your bot’s GitHub username (this is case-sensitive)

Select your bot from the list that appears

Click "Save changes"

Important Things to Know

1. The bot must have write access to your repository
2. The pull request must come from the same repository (not from a fork)
3. Make sure the bot’s username is spelled exactly right

If It Still Doesn’t Work

Try these steps:

Give your bot temporary admin access to the repo

Check if the pull request is coming from a fork (bypass rules don’t work on fork PRs)

If it’s a GitHub App, write the bot name like this:
bot-name[bot]

Example

If your bot is called cool-bot, the rule should look like this:

yaml
Allow specified actors to bypass required pull requests:
  cool-bot

Restrict who can dismiss pull request reviews:
cool-bot
Now your bot can merge pull requests without needing approval, while other users will still be required to get reviews.

[kishor7007]

Thanks @gechjs , for the clear steps and response, I have setup all what ever you suggested includes the PR raised from a same repo and with admin access as well. Unfortunately, still I am getting the same review required for the bot account issue.

[gechjs]

You're very welcome! Thanks again for confirming all the details . Since you've:

Verified the bot has write/admin access

Ensured the PR is from the same repo (not a fork)

Enabled "Allow specified actors to bypass required pull requests"

Added the correct bot username (case-sensitive, bot-name[bot] for GitHub Apps)

Confirmed the bot is the one performing the merge

Checked for possible CODEOWNERS conflicts

Matched the exact branch name in protection rules

Yet you're still getting a “review required” error, then it might be a limitation or bug on GitHub’s side.

Next Step: Contact GitHub Support

At this point, I recommend reaching out directly to GitHub Support. Be sure to include:

The repo name and branch protection settings

The bot username

A link to a specific PR that got blocked

Confirmation that bypass rules were set up

Whether the bot is a GitHub App or user account

They can inspect backend logs and confirm if this is a known issue or a configuration quirk.

If you get a response from GitHub support, feel free to share it, happy to help interpret it or work through a workaround.

[muhammad-danial-malik]

Hi @kishor7007,

You're on the right track with the branch protection settings, but sometimes even with bypass options enabled, GitHub can still require reviews for bot accounts due to subtle misconfigurations.

Here’s a full checklist to make sure your automated account (bot) is truly exempt from PR review requirements:

---

✅ 1. Double-check "Bypass required pull request reviews"

Go to:

Repository → Settings → Branches → Edit your protection rule

• ✅ Check “Allow specified actors to bypass required pull requests”
• ✅ Add your bot’s exact username to the list (case-sensitive)

If it's a GitHub App bot, use the format:
your-bot-name[bot]

Example:
If your bot is ci-bot, write it as:

ci-bot\[bot]

---

✅ 2. Confirm the PR Origin

Bypass rules only apply if the pull request:

• Comes from the same repository (not a fork)
• Is authored by the specified actor (your bot)
• Is made using a GitHub App, or a GitHub user with write/admin access

If the PR comes from a fork or uses a generic token, the bypass rule won't apply.

---

✅ 3. Confirm Bot Permissions

• Make sure the bot has at least write access to the repo
• If it’s a GitHub App, ensure it’s installed with Pull Request write permissions

You can verify this under:
Settings → Installed GitHub Apps → Configure

---

🔧 Bonus: Using GitHub Actions Bot?

If your PRs are created by GitHub Actions (github-actions[bot]), you must also:

• Use a Personal Access Token (PAT) or GitHub App token to open PRs
  (the default GITHUB_TOKEN often doesn’t bypass protections)

---

❗ Still Doesn’t Work?

• Try recreating the branch protection rule from scratch
• Double-check for conflicting org-level rules
• If all else fails, open a GitHub support ticket — sometimes it’s a backend issue

---

Hope this helps!

[neeraj2019041078]

Hi @kishor7007,

Go to Repository Settings → Branches → select your protected branch rule.

Under “Allow specified actors to bypass required pull requests”, ensure:

Your bot account is listed.

The option “Require approvals” is not enforced on bypassed actors.

When your bot opens a PR, it cannot self-merge unless:

It is also the one merging the PR and

It has admin/bypass rights to the branch.

[AmanRai8]

To exempt your bot from PR approval:

• In branch protection, enable “Allow specified actors to bypass required pull request reviews” and add your bot.
• Ensure the bot’s username matches exactly and no other rules block it.
• Verify branch protection applies to the right branch.
• If it still asks for approval, try reapplying the rules or wait for changes to take effect.

[github-actions[bot]]

🕒 Discussion Activity Reminder 🕒

This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions:

1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as out of date at the bottom of the page.

2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own.

3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution.

Note: This dormant notification will only apply to Discussions with the Question label. To learn more, see our recent announcement.

Thank you for helping bring this Discussion to a resolution! 💬

[tienmynguyen]

Here’s what’s going on:

The setting “Allow specified actors to bypass required pull requests” means those accounts (your bot in this case) can push directly to the protected branch without opening a PR at all.
→ It does not make PRs created by that account automatically mergeable without review.

The required reviews rule applies to pull requests regardless of who opened them. There isn’t currently a first-class option to say “only require reviews for human accounts, but not for this bot’s PRs.”

Options you have

Let the bot push directly
If your workflow allows it, instead of making the bot open a PR, configure it to push changes directly to the protected branch. Since you’ve already added the bot to the bypass list, it can do this safely.

Use CODEOWNERS with ! negation
If the bot always touches the same paths, you can sometimes exclude them from requiring reviews by tuning your CODEOWNERS file.
But this only works if you’re using “Require review from Code Owners,” not the blanket “Required approval count.”

Use GitHub Actions / automation to auto-approve
If you still want PRs (for audit/history), you can set up a GitHub Action that auto-approves the bot’s PRs.
Example:

Use peter-evans/approve-pull-request
action.

Give a GitHub App or a separate bot token the ability to approve.

Trigger it on pull_request events where actor == your-bot.

Split branch protection rules
If your repo setup allows it, you can create different branch protection rules per branch pattern. For example:

main → requires 1 approval.

bot/* → no approvals required (and your automation PRs target those first, then merge/fast-forward to main).

👉 The key takeaway:
GitHub doesn’t currently allow “exempt PR approvals for specific accounts.”
The bypass permission lets them skip PRs entirely, not skip reviews inside a PR.

Do you want your bot’s changes to still go through PRs for visibility, or are you okay with letting it push directly to the branch? That determines the cleanest solution.

[github-actions[bot]]

🕒 Discussion Activity Reminder 🕒

This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions:

1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as out of date at the bottom of the page.

2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own.

3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution.

Note: This dormant notification will only apply to Discussions with the Question label. To learn more, see our recent announcement.

Thank you for helping bring this Discussion to a resolution! 💬