Skip to content

chore: sync with module template #76

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 16, 2025
Merged

chore: sync with module template #76

merged 1 commit into from
Jun 16, 2025

Conversation

oycyc
Copy link
Contributor

@oycyc oycyc commented Jun 16, 2025
edited by coderabbitai bot
Loading

Use our Taskfile to sync our .github files to be consistent with the module template repository workflows

This will address the pending checks here: #75

Summary by CodeRabbit

  • Chores
    • Updated lint workflow to use pull_request_target trigger and inject GITHUB_TOKEN for improved linter support.
    • Modified release workflow to authenticate using a GitHub App token for the release process.
    • Simplified trunk upgrade workflow by automating PR merges with improved token usage and streamlined commands.

@oycyc oycyc requested a review from Gowiem June 16, 2025 18:58
@oycyc oycyc requested a review from a team as a code owner June 16, 2025 18:58
@coderabbitai coderabbitai
Copy link
Contributor

coderabbitai bot commented Jun 16, 2025

Walkthrough

This set of changes updates three GitHub Actions workflow files. In the lint workflow, the trigger event is switched from pull_request to pull_request_target, and a GITHUB_TOKEN environment variable is added for the tflint linter step. The release-please workflow is modified to generate and use a GitHub App token for authentication, replacing the default token. The trunk-upgrade workflow simplifies the merge step by replacing explicit polling for status checks with a single gh pr merge --auto command and updates the environment variable name for the token.

Possibly related PRs

📜 Recent review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b19e782 and bf95a06.

📒 Files selected for processing (3)
  • .github/workflows/lint.yaml (2 hunks)
  • .github/workflows/release-please.yaml (1 hunks)
  • .github/workflows/trunk-upgrade.yaml (1 hunks)
🔇 Additional comments (5)
.github/workflows/release-please.yaml (2)

17-23: New GitHub App authentication step looks solid
The tibdex/github-app-token action is correctly configured to generate a GitHub App token. Ensure your MP_BOT_APP_PRIVATE_KEY secret is rotated regularly and the App has adequate repo installation permissions.

26-26: Explicitly passing the generated token
Replacing the implicit token with ${{ steps.generate-token.outputs.token }} is a good move for scoped auth.

.github/workflows/lint.yaml (2)

7-7: Verify security implications of pull_request_target
Switching to pull_request_target grants PR workflows access to base-branch secrets—double-check that this doesn’t expose sensitive operations to untrusted code.

23-27: Injecting GITHUB_TOKEN for tflint rate-limit avoidance
Adding GITHUB_TOKEN to the Trunk Check step aligns with the tflint plugin docs and prevents API throttling.

.github/workflows/trunk-upgrade.yaml (1)

37-44: Streamlined PR merge via GitHub CLI
Using gh pr merge --auto simplifies polling for checks. Confirm that gh on ubuntu-latest supports --auto and that your MasterpointBot App token has pull-requests: write & contents: write permissions.

✨ Finishing Touches
🧪 Generate Unit Tests
  • Create PR with Unit Tests
  • Commit Unit Tests in branch chore/sync-with-template
  • Post Copyable Unit Tests in Comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Explain this complex logic.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai explain this code block.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and explain its main purpose.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai auto-generate unit tests to generate unit tests for this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@oycyc
Copy link
Contributor Author

oycyc commented Jun 16, 2025

@Gowiem agh this is going to require an admin merge because of the chicken and egg problem with hte pull_request_target
image

Gowiem
Gowiem reviewed Jun 16, 2025
View reviewed changes
.github/workflows/trunk-upgrade.yaml Outdated
echo "Waiting for required status checks to pass on PR #$PR_NUMBER..."
while true; do
CHECKS_JSON=$(gh pr checks "$PR_NUMBER" --required --json state,bucket)
echo "Current checks status: $CHECKS_JSON"

if echo "$CHECKS_JSON" | jq -e '.[] | select(.bucket=="fail")' > /dev/null; then
echo "One or more required checks have failed. Exiting..."
exit 1
fi

FAILED_OR_PENDING_CHECKS=$(echo "$CHECKS_JSON" | jq '[.[] | select(.state!="SUCCESS" or .bucket!="pass")] | length')
if [ "$FAILED_OR_PENDING_CHECKS" -eq 0 ]; then
echo "All required checks passed. Merging PR #$PR_NUMBER..."
gh pr merge "$PR_NUMBER" --squash --delete-branch --admin
break
else
echo "Some required checks are still running or pending. Retrying in 30s..."
sleep 30
fi
done
gh pr merge "$PR_NUMBER" --squash --auto --delete-branch
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think @gberenice wanted to keep this... but we'll let her weigh in tomorrow. We can revert if needed...

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep good call out. Looking at her PR, she wrote that she'll propagate it to the module template repository afterwards: #71.

I've made this PR simply to just update the release-please.yaml file to avoid any other conflicts.

Gowiem
Gowiem previously approved these changes Jun 16, 2025
View reviewed changes
Copy link
Member

@Gowiem Gowiem left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:shipit:

@oycyc oycyc force-pushed the chore/sync-with-template branch from bf95a06 to 23e626d Compare June 16, 2025 19:07
@oycyc oycyc requested a review from Gowiem June 16, 2025 19:07
@oycyc oycyc enabled auto-merge (squash) June 16, 2025 19:08
Gowiem
Gowiem approved these changes Jun 16, 2025
View reviewed changes
Copy link
Member

@Gowiem Gowiem left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚢

@oycyc oycyc merged commit a170ab4 into main Jun 16, 2025
5 checks passed
@oycyc oycyc deleted the chore/sync-with-template branch June 16, 2025 19:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Gowiem Gowiem Gowiem approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@oycyc @Gowiem