chore: deploy triage-bot.yml + canonical auto-merge.yml#57
Conversation
Final piece of the triage-gate stack: required_conversation_resolution is on, TRIAGE_PAT is set, triage-bot.yml classifies threads, canonical auto-merge.yml removes owner-clause (cooldown lives in pr-heal.yml).
|
Caution Review failedThe pull request is closed. ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Plus Run ID: 📒 Files selected for processing (2)
Cache: Disabled due to data retention organization setting Knowledge base: Disabled due to data retention organization setting Summary by CodeRabbit
WalkthroughThe PR separates owner PR auto-merge routing to a cron tier by removing the repository-owner condition from the auto-merge workflow, and introduces a new triage-bot workflow that automatically resolves or dismisses low-signal PR review threads (e.g., nits, praise, short Copilot comments, or explicitly marked ones) while preserving threads requiring human resolution. ChangesAuto-merge Tier Adjustment
Triage Bot Workflow
🎯 2 (Simple) | ⏱️ ~12 minutes
Comment |
Up to standards ✅🟢 Issues
|
![codacy-production[bot]](https://avatars.githubusercontent.com/in/56611?s=60&v=4){kind=small}
There was a problem hiding this comment.
Pull Request Overview
While the PR successfully introduces the triage bot and updates the auto-merge logic, there are two critical implementation issues that should be addressed before merging:
- Bot Identity Mismatch: The triage script expects the author login 'Copilot', but the standard GitHub Copilot bot uses 'github-copilot[bot]'. This will prevent automatic resolution of Copilot threads.
- Notification Spam: The bot is configured to create a new comment on every trigger (comment or review event), which will flood the PR timeline. The script should be updated to find and update a single persistent status comment.
Additionally, the PR description does not currently mention the functional change to the auto-merge workflow (removing the repository owner's immediate merge privilege), and the complex JavaScript logic embedded in the YAML is currently untested.
About this PR
- The PR description is missing information regarding the functional change to
auto-merge.yml, specifically the removal of the repository owner from the immediate auto-merge condition.
Test suggestions
- Review thread with 'nit: fix this' is automatically resolved.
- Review thread with '[triage:auto-resolve]' marker is automatically resolved.
- Copilot comment under 200 chars is automatically resolved.
- Human comment (not a nit) remains unresolved.
- PR from owner does not trigger the 'enable-auto-merge' job.
- PR approved by 'coderabbitai[bot]' triggers 'enable-auto-merge'.
Prompt proposal for missing tests
Consider implementing these tests if applicable:
1. Review thread with 'nit: fix this' is automatically resolved.
2. Review thread with '[triage:auto-resolve]' marker is automatically resolved.
3. Copilot comment under 200 chars is automatically resolved.
4. Human comment (not a nit) remains unresolved.
5. PR from owner does not trigger the 'enable-auto-merge' job.
6. PR approved by 'coderabbitai[bot]' triggers 'enable-auto-merge'.
Low confidence findings
- The JavaScript logic for triaging threads is implemented directly via
github-scriptwithout accompanying unit tests. For logic this complex, consider moving it to a separate script or action that can be tested independently.
TIP Improve review quality by adding custom instructions
TIP How was this review? Give us feedback
| } | ||
|
|
||
| if (summary.length > 0) { | ||
| await github.rest.issues.createComment({ |
There was a problem hiding this comment.
🔴 HIGH RISK
Suggestion: This logic creates a new issue comment on every run if any unresolved threads remain. This will flood the PR timeline with duplicate 'Triage Bot report' messages whenever a user replies or edits a comment. It is better to find an existing report comment and update it.
Try running the following prompt in your coding agent:
Update the triage script in the 'github-script' block to search for an existing issue comment starting with '## Triage Bot report'. If one exists, update it using
github.rest.issues.updateComment; otherwise, create a new one usinggithub.rest.issues.createComment.
| } else if (/^\s*(nit:|nitpick:|praise:)/i.test(body)) { | ||
| decision = 'dismiss'; | ||
| reason = 'classified as nit/nitpick/praise — non-blocking'; | ||
| } else if (author === 'Copilot' && body.length < 200) { |
There was a problem hiding this comment.
🟡 MEDIUM RISK
The login for the GitHub Copilot bot is typically github-copilot[bot], not Copilot. Using the incorrect string will prevent the auto-dismissal logic from correctly identifying and resolving Copilot-generated threads.
| } else if (author === 'Copilot' && body.length < 200) { | |
| } else if (author === 'github-copilot[bot]' && body.length < 200) { |
Triage Bot report
Threads marked |
1 similar comment
Triage Bot report
Threads marked |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: c64c33fd9b
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| - name: Triage unresolved review threads | ||
| uses: actions/github-script@v7 | ||
| with: | ||
| github-token: ${{ secrets.TRIAGE_PAT }} |
There was a problem hiding this comment.
This workflow is triggered by pull_request_review and pull_request_review_comment, but it authenticates actions/github-script with secrets.TRIAGE_PAT. For forked PRs (and Dependabot PRs treated as forks), GitHub does not pass Actions secrets to these events, so the token is unavailable and the triage step cannot resolve threads or post its report. In practice, that leaves unresolved threads unprocessed exactly on external/dependency PRs, which can keep required-conversation-resolution merges blocked.
Useful? React with 👍 / 👎.
| } else if (/^\s*(nit:|nitpick:|praise:)/i.test(body)) { | ||
| decision = 'dismiss'; | ||
| reason = 'classified as nit/nitpick/praise — non-blocking'; | ||
| } else if (author === 'Copilot' && body.length < 200) { |
There was a problem hiding this comment.
The Copilot rule checks author === 'Copilot', but GraphQL author.login for Copilot code reviews is a bot login (for example copilot-pull-request-reviewer[bot]), not the display label “Copilot”. As written, this branch never fires, so short Copilot comments fall through to needs-human and remain unresolved, which undermines the workflow’s stated intent to auto-resolve low-signal Copilot feedback.
Useful? React with 👍 / 👎.
| summary.push( | ||
| `- thread ${t.id.slice(-8)} from @${author}: **${decision}** — ${reason}\n > ${snippet}`); |
There was a problem hiding this comment.
The report entry is added before attempting resolveReviewThread, so a thread is always reported as dismiss even when the mutation fails (for example when viewerCanResolve is false or the API call errors). That can mislead maintainers into thinking a blocking thread was cleared when it is still unresolved, delaying manual intervention and leaving auto-merge blocked.
Useful? React with 👍 / 👎.
Triage Bot report
Threads marked |
|
To use Codex here, create an environment for this repo. |
Triage Bot report
Threads marked |
|
To use Codex here, create an environment for this repo. |
1 participant
Last piece of the triage-gate stack. The branch ruleset on this repo blocks direct workflow-file pushes, so this comes via PR.