feat(github): point to ref/repo from PR HEAD, add/remove labels

[prashant-shahi]

Features

• use repo and ref from PR HEAD for go-fmt, go-lint, go-test
• primus workflows to add/remove labels from issues/PRs

Summary by CodeRabbit

• New Features

  • Added two new GitHub Actions workflows:
    • github-add-label for automatically adding labels to GitHub issues
    • github-remove-label for removing labels from GitHub issues

• Improvements

  • Enhanced existing GitHub Actions workflows (go-fmt, go-lint, go-test) to dynamically check out specific pull request branches and repositories

[coderabbitai]

Walkthrough

This pull request introduces two new GitHub Actions workflows, github-add-label.yaml and github-remove-label.yaml, which automate the addition and removal of labels on GitHub issues, respectively. Additionally, it modifies existing workflows go-fmt.yaml, go-lint.yaml, and go-test.yaml to include dynamic parameters for checking out the appropriate branch and repository associated with pull requests. These changes enhance the automation capabilities within the repository, particularly for label management and ensuring accurate context during code formatting and testing.

Changes

File	Change Summary
.github/workflows/github-add-label.yaml	New workflow to add labels to GitHub issues
.github/workflows/github-remove-label.yaml	New workflow to remove labels from GitHub issues
.github/workflows/go-fmt.yaml	Added dynamic branch and repository checkout parameters
.github/workflows/go-lint.yaml	Added dynamic branch and repository checkout parameters
.github/workflows/go-test.yaml	Added dynamic branch and repository checkout parameters

Possibly related PRs

• feat(github): primus workflow to verify membership and trigger workflow #8: The github-add-label workflow and the github-trigger workflow both utilize the workflow_call event and share similar structures, including the use of environment variables and the actions/checkout action, indicating a related context in GitHub Actions workflows.
• fix(github): use env and compacted JSON for github-trigger input #9: The changes in the github-trigger workflow regarding the use of environment variables for inputs are relevant to the github-add-label workflow, as both workflows are part of the same automation framework and involve similar configurations.

Suggested reviewers

• grandwizard28

Poem

🐰 Workflows dancing, labels in flight,
Automation's magic, shining so bright!
Checkouts dynamic, commands precise,
GitHub Actions, oh so nice!
A rabbit's code ballet, pure delight! 🎉

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 2

♻️ Duplicate comments (1)

.github/workflows/github-remove-label.yaml (1)

6-10: 🛠️ Refactor suggestion

Remove default value for required input.

Same issue as in github-add-label workflow: the PRIMUS_REF input has a redundant default value while being required.

🧰 Tools

🪛 actionlint (1.7.4)

9-9: input "PRIMUS_REF" of workflow_call event has the default value "main", but it is also required. if an input is marked as required, its default value will never be used

(events)

🧹 Nitpick comments (1)

.github/workflows/github-add-label.yaml (1)

56-60: Consider escaping potential spaces in label names.

Label names might contain spaces, and while the current quoting handles it, consider using "${GH_LABEL_NAME}" for consistency with shell best practices.

         $MAKE github-add-label \
           GITHUB_ARGS="-t ${{ steps.token.outputs.token }} \
             -r ${GH_REPOSITORY} \
             -i ${GH_ISSUE_NUMBER} \
-             -l '${GH_LABEL_NAME}'"
+             -l \"${GH_LABEL_NAME}\""

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between dc5b0ec and a656638.

📒 Files selected for processing (5)

• .github/workflows/github-add-label.yaml (1 hunks)
• .github/workflows/github-remove-label.yaml (1 hunks)
• .github/workflows/go-fmt.yaml (1 hunks)
• .github/workflows/go-lint.yaml (1 hunks)
• .github/workflows/go-test.yaml (1 hunks)

🧰 Additional context used

🪛 actionlint (1.7.4)

.github/workflows/github-add-label.yaml

9-9: input "PRIMUS_REF" of workflow_call event has the default value "main", but it is also required. if an input is marked as required, its default value will never be used

(events)

.github/workflows/github-remove-label.yaml

9-9: input "PRIMUS_REF" of workflow_call event has the default value "main", but it is also required. if an input is marked as required, its default value will never be used

(events)

🔇 Additional comments (4)

.github/workflows/go-fmt.yaml (1)

28-30: LGTM! Consistent implementation across workflows.

The addition of ref and repository parameters to the self-checkout step correctly ensures that the formatting is applied to the PR's HEAD state.

.github/workflows/go-lint.yaml (1)

28-30: LGTM! Consistent with go-fmt workflow.

The changes ensure linting is performed on the PR's HEAD state.

.github/workflows/go-test.yaml (1)

36-38: LGTM! Consistent with other go workflows.

The changes ensure tests are run against the PR's HEAD state while preserving the workflow's test-specific configuration.

.github/workflows/github-remove-label.yaml (1)

51-60: Apply the same improvements as github-add-label workflow.

The same considerations about issue number availability and label name quoting apply here.

[coderabbitai]

🛠️ Refactor suggestion

Remove default value for required input.

The PRIMUS_REF input is marked as required but also has a default value. This is redundant as the default value will never be used for required inputs.

       PRIMUS_REF:
         description: 'The primus ref to checkout.'
         required: true
-        default: 'main'
         type: string

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	PRIMUS_REF:
	description: 'The primus ref to checkout.'
	required: true
	default: 'main'
	type: string
	PRIMUS_REF:
	description: 'The primus ref to checkout.'
	required: true
	type: string

🧰 Tools

🪛 actionlint (1.7.4)

9-9: input "PRIMUS_REF" of workflow_call event has the default value "main", but it is also required. if an input is marked as required, its default value will never be used

(events)

[coderabbitai]

💡 Codebase verification

The workflow needs context validation or parameter adjustment

The workflow is designed as a reusable workflow (workflow_call trigger) but assumes github.event.issue.number will always be available. This assumption is unsafe as:

• Pull requests use github.event.pull_request.number instead
• Other event contexts might not have an issue number
• As a reusable workflow, it could be called from various event contexts

Consider either:

• Adding the number as an input parameter
• Adding context validation
• Handling different event types (issues/PRs) appropriately

🔗 Analysis chain

Verify issue number availability in event context.

The workflow assumes github.event.issue.number will be available, but this might not be true for all trigger contexts (e.g., PRs vs Issues).

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check if the workflow is used in any other workflow files
# to understand the trigger contexts

echo "Checking workflow usage contexts..."
rg -l "uses: ./.github/workflows/github-add-label.yaml" .

Length of output: 140

---

Script:

#!/bin/bash
# First, let's look at the workflow file content
echo "=== Workflow File Content ==="
cat .github/workflows/github-add-label.yaml

echo -e "\n=== Searching for workflow references with different patterns ==="
rg -l "github-add-label" .

echo -e "\n=== Looking for workflow files that might use this ==="
fd "workflow" .github/

Length of output: 2060

---

Script:

#!/bin/bash
# Search for workflow files that might call this workflow
echo "=== Searching for workflow calls ==="
rg -l "workflow.*github-add-label" .github/workflows/

# Look for the actual workflow call pattern
echo -e "\n=== Searching for specific workflow call patterns ==="
rg "uses:.*github-add-label" .github/workflows/

Length of output: 311

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

.github/workflows/github-add-label.yaml (1)

25-27: Consider parameterizing the makefile path.

The makefile path is hardcoded in the MAKE environment variable. Consider making it configurable through an input parameter to improve maintainability if the repository structure changes.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a656638 and 0255607.

📒 Files selected for processing (2)

• .github/workflows/github-add-label.yaml (1 hunks)
• .github/workflows/github-remove-label.yaml (1 hunks)

🧰 Additional context used

🪛 actionlint (1.7.4)

.github/workflows/github-add-label.yaml

9-9: input "PRIMUS_REF" of workflow_call event has the default value "main", but it is also required. if an input is marked as required, its default value will never be used

(events)

.github/workflows/github-remove-label.yaml

9-9: input "PRIMUS_REF" of workflow_call event has the default value "main", but it is also required. if an input is marked as required, its default value will never be used

(events)

🔇 Additional comments (6)

.github/workflows/github-add-label.yaml (4)

6-10: Remove default value for required input.

The PRIMUS_REF input is marked as required but also has a default value. This is redundant as the default value will never be used for required inputs.

       PRIMUS_REF:
         description: 'The primus ref to checkout.'
         required: true
-        default: 'main'
         type: string

🧰 Tools

🪛 actionlint (1.7.4)

9-9: input "PRIMUS_REF" of workflow_call event has the default value "main", but it is also required. if an input is marked as required, its default value will never be used

(events)

---

29-35: LGTM! Good security practices.

The job configuration follows security best practices by:

• Using the latest stable runner
• Setting minimal required permissions

---

36-52: LGTM! Secure token handling.

The implementation follows security best practices:

• Uses GitHub App token instead of personal access token
• Properly scopes token to repository owner
• Securely passes token to checkout steps

---

55-65: LGTM! Safe command construction.

The label addition step:

• Properly handles spaces in label names
• Uses environment variables securely
• Passes token safely

.github/workflows/github-remove-label.yaml (2)

6-10: Remove default value for required input.

Same issue as in github-add-label.yaml: The PRIMUS_REF input is marked as required but also has a default value.

🧰 Tools

🪛 actionlint (1.7.4)

9-9: input "PRIMUS_REF" of workflow_call event has the default value "main", but it is also required. if an input is marked as required, its default value will never be used

(events)

---

11-15: Add validation for issue/PR number availability.

Same issue as in github-add-label.yaml: The default value assumes event context that might not be available.

[coderabbitai]

💡 Codebase verification

The review comment is valid and needs attention.

The workflow is a reusable workflow that relies on the calling workflow's event context. The current implementation could fail if:

1. The calling workflow's context doesn't have either pull_request.number or issue.number
2. The make command receives an empty issue number

Recommendations:

• Make GITHUB_ISSUE_NUMBER required (preferred)
• Or add explicit validation before the make command
• Document that this workflow expects to be called from issue/PR-related event contexts

🔗 Analysis chain

Add validation for issue/PR number availability.

The default value assumes either github.event.pull_request.number or github.event.issue.number will be available, but this might not be true for all workflow trigger contexts. Consider:

1. Adding explicit validation for the number
2. Making this input required
3. Documenting the expected event contexts

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check if the workflow is used in contexts where issue/PR numbers might be unavailable
echo "Checking workflow usage contexts..."
rg -l "uses: ./.github/workflows/github-add-label.yaml" .

Length of output: 140

---

Script:

#!/bin/bash
# Try different path formats and check the workflow file itself
echo "Checking workflow references with different path formats..."
rg -l "github-add-label\.ya?ml" .

echo -e "\nChecking the workflow file contents..."
cat .github/workflows/github-add-label.yaml

echo -e "\nChecking if this is a new workflow..."
git log --diff-filter=A -- .github/workflows/github-add-label.yaml

Length of output: 2219

[coderabbitai]

🛠️ Refactor suggestion

Consider creating a reusable workflow template.

This workflow is nearly identical to github-add-label.yaml. Consider:

1. Creating a template workflow that accepts an action input parameter
2. Using the template for both add and remove label operations
3. Reducing maintenance overhead and potential inconsistencies

Example implementation:

# .github/workflows/github-label-template.yaml
name: github-label-template

on:
  workflow_call:
    inputs:
      ACTION:
        description: 'The label action to perform (add/remove).'
        required: true
        type: string
      # ... other inputs remain same ...

# ... rest of the configuration remains same ...

      - name: label-action
        env:
          GH_REPOSITORY: ${{ github.repository }}
          GH_ISSUE_NUMBER: ${{ inputs.GITHUB_ISSUE_NUMBER }}
          GH_LABEL_NAME: ${{ inputs.GITHUB_LABEL_NAME }}
        run: |
          $MAKE github-${{ inputs.ACTION }}-label \
            GITHUB_ARGS="-t ${{ steps.token.outputs.token }} \
              -r ${GH_REPOSITORY} \
              -i ${GH_ISSUE_NUMBER} \
              -l '${GH_LABEL_NAME}'"

Then use it like:

# .github/workflows/github-add-label.yaml
name: github-add-label
on:
  workflow_call:
    # ... inputs remain same except ACTION ...
jobs:
  add-label:
    uses: ./.github/workflows/github-label-template.yaml
    with:
      ACTION: 'add'
      # ... pass other inputs ...

🧰 Tools

🪛 actionlint (1.7.4)

9-9: input "PRIMUS_REF" of workflow_call event has the default value "main", but it is also required. if an input is marked as required, its default value will never be used

(events)