feat(ci): create file sync and auto merge bot workflows #29
Conversation
|
Note Reviews pausedUse the following commands to manage reviews:
WalkthroughThe pull request introduces several changes to GitHub configuration files within the Changes
Possibly related PRs
Suggested reviewers
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
MSevey
changed the title
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 4
🧹 Outside diff range and nitpick comments (4)
.github/auto_request_review.yml (1)
17-17: Consider if 3 reviewers is optimal for your workflowSetting
number_of_reviewers: 3might introduce delays in the PR review process. Consider if this high number of required reviewers aligns with your team's size and review practices..github/workflows/semantic_release.yml (1)
Line range hint
15-18: Consider committing .releaserc.json instead of generating it dynamicallyWhile the current approach works, dynamically generating
.releaserc.jsonmakes the configuration less visible and harder to review. Consider committing this file to the repository instead.- run: echo '{"branches":[],"plugins":["@semantic-release/commit-analyzer","@semantic-release/release-notes-generator","@semantic-release/github"]}' > .releaserc.json + uses: actions/checkout@v4Then create a
.releaserc.jsonfile in the repository..github/sync.yml (2)
1-81: Consider standardizing ecosystem ordering across repositoriesThe ordering of ecosystems varies between repositories. Consider standardizing the order (e.g., gomod, docker, github-actions, npm) for better maintainability.
Example standardized order:
deps: [ + {ecosystem: "gomod"}, + {ecosystem: "docker"}, + {ecosystem: "github-actions"}, + {ecosystem: "npm"} ]
1-105: Consider adding documentation for the sync configurationThe file would benefit from documentation explaining:
- The purpose of the file sync mechanism
- How the template system works
- When and how the sync occurs
- How to add new repositories or workflows
Add a comment block at the top of the file:
+# File Sync Configuration +# ---------------------- +# This configuration manages file synchronization across Rollkit repositories. +# +# Structure: +# 1. Individual repository settings for Dependabot configuration +# - Uses dependabot.njk template to generate dependabot.yml +# - Customized per repository based on required dependency ecosystems +# +# 2. Group settings for shared workflow files +# - Maintains consistency of CI/CD workflows across repositories +# - Automatically syncs changes to all listed repositories + # Use individual repo settings for files that differ rollkit/.github: - source: .github/dependabot.njk
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
📒 Files selected for processing (8)
.github/auto_request_review.yml(1 hunks).github/dependabot.njk(1 hunks).github/dependabot.yml(0 hunks).github/sync.yml(1 hunks).github/workflows/approve_merge_bots.yml(1 hunks).github/workflows/semantic_pull_request.yml(1 hunks).github/workflows/semantic_release.yml(1 hunks).github/workflows/sync.yml(1 hunks)
💤 Files with no reviewable changes (1)
- .github/dependabot.yml
✅ Files skipped from review due to trivial changes (3)
- .github/workflows/semantic_pull_request.yml
- .github/dependabot.njk
- .github/workflows/sync.yml
🔇 Additional comments (5)
.github/workflows/semantic_release.yml (1)
Line range hint 19-24: Verify branch protection rules for secure releases
The semantic release workflow runs on pushes to main. Ensure that appropriate branch protection rules are in place to prevent unauthorized releases.
.github/workflows/approve_merge_bots.yml (1)
49-56:
Replace placeholder TBD token configuration
The TBD approval step is using a placeholder token. This needs to be properly configured before this workflow can function correctly.
Based on the previous review discussion, consider using @Manav-Aggarwal's PAT here since the bot can't approve its own PRs.
.github/sync.yml (3)
102-105: Verify the existence of shared workflow files
Let's ensure all referenced workflow files exist in the source repository.
✅ Verification successful
All referenced workflow files exist in the repository
All workflow files listed in the sync configuration are present in their specified locations:
.github/workflows/approve_merge_bots.yml.github/workflows/semantic_pull_request.yml.github/workflows/semantic_release.yml.github/auto_request_review.yml
🏁 Scripts executed
The following scripts were executed for the analysis:
Script:
#!/bin/bash
# Check if all workflow files exist
for file in \
".github/workflows/approve_merge_bots.yml" \
".github/workflows/semantic_pull_request.yml" \
".github/workflows/semantic_release.yml" \
".github/auto_request_review.yml"
do
if [ -f "$file" ]; then
echo "✓ $file exists"
else
echo "✗ $file missing"
fi
done
Length of output: 1339
3-6: Verify the existence and content of the template file
The configuration references .github/dependabot.njk as a template source. Let's ensure it exists and contains the necessary template variables.
✅ Verification successful
Template file exists and is properly configured
The .github/dependabot.njk template exists and correctly handles the ecosystem configurations defined in sync.yml. The template:
- Uses proper Nunjucks templating syntax to iterate over the provided ecosystems
- Includes consistent configuration for each ecosystem:
- Weekly schedule
- 10 open PR limit
- Patch/minor update grouping
- Standardized commit message format
The template aligns perfectly with the ecosystem configurations in the sync file, ensuring consistent Dependabot settings across repositories.
🏁 Scripts executed
The following scripts were executed for the analysis:
Script:
#!/bin/bash
# Check if the template file exists and contains expected variables
if [ -f ".github/dependabot.njk" ]; then
echo "Template exists"
cat ".github/dependabot.njk"
else
echo "Template file missing"
fi
Length of output: 549
85-100: Verify repository accessibility and consistency
Let's ensure all listed repositories are accessible and maintain consistency in the repository list.
✅ Verification successful
All repositories are accessible and verified
All 15 repositories listed in the sync configuration are accessible via the GitHub API, confirming their existence and proper access permissions.
🏁 Scripts executed
The following scripts were executed for the analysis:
Script:
#!/bin/bash
# Check repository accessibility using GitHub API
while IFS= read -r repo; do
repo=$(echo "$repo" | xargs) # Trim whitespace
if [ ! -z "$repo" ]; then
gh api "repos/$repo" --silent && \
echo "✓ $repo accessible" || \
echo "✗ $repo not accessible"
fi
done <<EOF
rollkit/astria-sequencer
rollkit/avail-da
rollkit/based-sequencer
rollkit/bitcoin-da
rollkit/centralized-sequencer
rollkit/cosmos-sdk-starter
rollkit/docs
rollkit/go-da
rollkit/go-execution
rollkit/go-execution-abci
rollkit/go-execution-evm
rollkit/go-sequencing
rollkit/local-da
rollkit/rollkit
rollkit/template-da-repo
EOF
Length of output: 3867
|
@coderabbitai ignore |
✅ Actions performedReviews paused. |
Overview
Closes #20
Closes #15
This PR add 2 key features.
File Sync
The File Sync action will sync key files from this repository to all repos listed in the
.github/sync.ymlconfig file. This allows use to manage changes to common files likedependabot.ymland other simple workflow files in a single place.On merge, the RollkitBot will create PRs for any diffs in the repos from the config file.
Auto merge bot PRs
The auto merge bot action will auto approve and merge dependabot PRs (as long as the CI passes).
Additionally, since the file sync action will be creating RollkitBot PRs, the auto approve action can approve and merge those as well.