feat(workflows): reusable auto-arm-merge workflow#7
Conversation
Reusable workflow that arms 'gh pr merge --auto --squash --delete-branch'
on every non-draft PR. Consumed via:
jobs:
arm:
uses: chittyfoundation/.github/.github/workflows/auto-arm-merge.yml@main
Skips drafts, dependabot/renovate, WIP-titled PRs, and forks. Relies on
repo ruleset to gate merge on required checks.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard. |
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
📝 WalkthroughWalkthroughAdds a reusable GitHub Actions workflow that arms auto-merge for eligible PRs, exposes a ChangesAuto-Merge Workflow Setup
Sequence DiagramsequenceDiagram
participant Runner
participant Shell
participant GH_CLI
participant GitHubAPI
Runner->>Shell: start arm job
Shell->>GH_CLI: validate gh
Shell->>GH_CLI: sanitize merge-method
Shell->>GH_CLI: run gh pr merge --auto --delete-branch
GH_CLI->>GitHubAPI: request enable auto-merge
GitHubAPI-->>GH_CLI: respond (enabled / not mergeable / error)
GH_CLI-->>Shell: return stdout/stderr
Shell->>Runner: exit 0 for benign cases or emit ::error:: and fail for config/auth/ruleset failures
Estimated code review effort🎯 4 (Complex) | ⏱️ ~45 minutes Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.github/workflows/auto-arm-merge.yml:
- Around line 5-18: Update the pull_request trigger types in the consuming
workflow so title edits re-run the reusable workflow: add "edited" to the types
list alongside "opened", "ready_for_review", and "reopened" in the workflow
header (the section that currently lists pull_request types) so the Auto-Arm
Merge logic will re-evaluate when a PR title is changed (e.g., removing a
WIP/Draft prefix).
- Around line 29-34: The workflow lets an arbitrary merge-method string through
and masks gh pr merge failures by converting errors into a warning + exit 0; add
a validation step that checks the inputs.merge-method value against the allowed
set ("squash","merge","rebase") and fails fast (exit non-zero) if invalid,
locate the input name merge-method and add the check in the job before running
gh pr merge; remove the masking logic that downgrades gh pr merge failures to
success (remove any || true, continue-on-error: true or step that always sets
exit 0) so gh pr merge returns a failing job on real errors, update any warning
text that incorrectly references forks to reflect that fork PRs are already
excluded, and add pull_request.edited to the workflow trigger set so
title-prefix opt-out toggles work when PR titles are edited.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 7266bd87-dea3-415a-a41d-12c467376dad
📒 Files selected for processing (1)
.github/workflows/auto-arm-merge.yml
| # name: Auto-Arm Merge | ||
| # on: | ||
| # pull_request: | ||
| # types: [opened, ready_for_review, reopened] | ||
| # jobs: | ||
| # arm: | ||
| # uses: chittyfoundation/.github/.github/workflows/auto-arm-merge.yml@main | ||
| # | ||
| # Skip conditions (PR is left alone): | ||
| # - draft PRs | ||
| # - authors: dependabot[bot], renovate[bot] (they have their own auto-merge logic) | ||
| # - title starts with: WIP, [WIP], Draft:, DO NOT MERGE | ||
| # - PRs from forks (GITHUB_TOKEN lacks write on the head ref; we no-op gracefully) | ||
| # |
There was a problem hiding this comment.
🧩 Analysis chain
🌐 Web query:
When a reusable workflow is called from a pull_requestworkflow, does subscribing the caller to theedited activity type trigger the called workflow again with the updated PR title?
💡 Result:
Yes, subscribing the caller workflow to the pull_request activity type edited will trigger the called (reusable) workflow again when a pull request title is updated [1][2][3]. When you define a reusable workflow, it is executed by a caller workflow [4]. If the caller workflow is configured to trigger on the pull_request event with the edited activity type, GitHub Actions will initiate a new workflow run whenever that activity occurs [5][6][7]. Because the reusable workflow is called within a job in that caller workflow, the reusable workflow will also be invoked as part of that new run [4][1]. Key details to keep in mind: 1. Configuration: By default, the pull_request event only triggers on opened, synchronize, and reopened activity types [5][6][8]. To capture title or body changes, you must explicitly include edited in your types configuration: on: pull_request: types: [opened, synchronize, edited] 2. Workflow Behavior: Every time the event occurs, a new workflow run is created [6][7]. If your reusable workflow performs actions (like commenting on the PR or deploying), it will execute these actions again [1]. 3. Common Issue: Users often find that enabling the edited activity type causes unnecessary workflow runs [2]. If you only want to trigger the workflow for specific types of edits (e.g., only when the title changes, rather than the body), you will need to add conditional logic (if statements) within your jobs to check the event context and decide whether to proceed or skip execution [9][2][10].
Citations:
- 1: https://stackoverflow.com/questions/75105072/how-to-separate-conditions-for-different-event-types-in-github-actions
- 2: fix(ci): prevent edited events from creating skipped CI runs CherryHQ/cherry-studio#13170
- 3: https://github.com/Checkmarx/kics/blob/ed47fffbddddedf55828e1931150ebea971e0516/.github/workflows/validate-prs.yaml
- 4: https://github.com/github/docs/blob/main/content/actions/how-tos/reuse-automations/reuse-workflows.md
- 5: https://docs.github.com/actions/using-workflows/events-that-trigger-workflows
- 6: https://docs.github.com/actions/using-workflows/triggering-a-workflow
- 7: https://docs.github.com/actions/using-workflows/workflow-syntax-for-github-actions
- 8: https://github.com/github/docs/blob/main/content/actions/reference/workflows-and-actions/events-that-trigger-workflows.md
- 9: https://stackoverflow.com/questions/79143203/is-it-possible-to-make-github-actions-ignore-edited-activity-when-its-only-pr
- 10: https://github.com/github/docs/blob/main/content/actions/how-tos/write-workflows/choose-when-workflows-run/trigger-a-workflow.md
🏁 Script executed:
#!/bin/bash
set -euo pipefail
ls -la .github/workflows || true
sed -n '1,120p' .github/workflows/auto-arm-merge.ymlRepository: chittyfoundation/.github
Length of output: 3400
Add edited to the caller pull_request types if the WIP/title opt-out should be reversible.
The reusable workflow’s if: skips based on the current PR title; since the consuming example only triggers on opened, ready_for_review, and reopened, removing a WIP/Draft prefix via title edit won’t re-invoke the workflow.
Suggested change
# on:
# pull_request:
-# types: [opened, ready_for_review, reopened]
+# types: [opened, edited, ready_for_review, reopened]🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In @.github/workflows/auto-arm-merge.yml around lines 5 - 18, Update the
pull_request trigger types in the consuming workflow so title edits re-run the
reusable workflow: add "edited" to the types list alongside "opened",
"ready_for_review", and "reopened" in the workflow header (the section that
currently lists pull_request types) so the Auto-Arm Merge logic will re-evaluate
when a PR title is changed (e.g., removing a WIP/Draft prefix).
…guards Critical: - Drop contents:write from permissions (auto-merge only needs pull-requests:write) - Classify gh pr merge stderr instead of blanket exit 0 (surface auth/method/config drift) Important: - Add job-level concurrency to collapse opened+ready_for_review duplicates - Validate merge-method input against squash|merge|rebase allowlist - Preflight check that gh is installed on the runner - Move WIP/Draft/DO-NOT-MERGE title check into the step using bash regex with a boundary class so WIPER/WIPE/WIPED no longer false-match Doc: - Rewrite header to reflect fork PRs are excluded at trigger level, not via no-op - Inline rationale next to permissions, concurrency, and the regex boundary Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1 participant
Summary
Adds
.github/workflows/auto-arm-merge.ymlas a reusable workflow that armsgh pr merge --auto --squash --delete-branchon every non-draft PR in any consuming repo.Adoption — one-liner for any ChittyOS repo
Drop this at
.github/workflows/auto-arm-merge.ymlin the target repo:Requires repo settings: Allow auto-merge + Automatically delete head branches + a ruleset gating merge on required checks.
Skip conditions (PR is left alone)
pull_request.draft == true)dependabot[bot],renovate[bot](their own auto-merge logic)WIP,[WIP],Draft:,DO NOT MERGEOpt out per-PR
Mark draft, or prefix title with
WIP/[WIP]/Draft:/DO NOT MERGE.Rollout
Initial callers in follow-up PRs:
chittyapps/chittyfinancechittyfoundation/chittyschemaWider rollout is a separate task.
Test plan
🤖 Generated with Claude Code
Summary by CodeRabbit