common: Add rebase workflow #46
Conversation
Add automatic rebase workflow that triggers when the needs-rebase label is added to a pull request. This provides a secure way to trigger rebases since only users with triage or write permissions can add labels. The workflow uses the app token for permissions and removes the label after the rebase attempt completes. Assisted-by: Claude Code (Sonnet 4.5) Signed-off-by: Colin Walters <walters@verbum.org>
Summary of ChangesHello @cgwalters, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request introduces an automated rebase workflow to streamline the process of keeping feature branches up-to-date with the base branch. By simply adding a Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
|
Tested this over here bootc-dev/ci-sandbox#20 (comment) - works well! |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a new GitHub Actions workflow to automatically rebase pull requests when the needs-rebase label is applied. The approach of using a GitHub App token for permissions is secure and well-implemented. My review focuses on updating the versions of the GitHub Actions used in the workflow. Some of the specified versions are outdated and rely on deprecated Node.js versions, while others point to non-existent versions which would cause the workflow to fail. I've provided suggestions to update them to their latest stable versions to ensure the workflow is robust and maintainable.
| types: [labeled] | ||
|
|
||
| permissions: | ||
| contents: read |
There was a problem hiding this comment.
I think rebasing would also need write perms?
There was a problem hiding this comment.
Yeah it does, but we end up using the app token for this which bypasses this.
That said, it's probably safer to use GITHUB_TOKEN? From the docs on https://github.com/peter-evans/rebase it looks like it might work
There was a problem hiding this comment.
sounds good, let's go for it then:)
2 participants
Add automatic rebase workflow that triggers when the needs-rebase label is added to a pull request. This provides a secure way to trigger rebases since only users with triage or write permissions can add labels.
The workflow uses the app token for permissions and removes the label after the rebase attempt completes.
Assisted-by: Claude Code (Sonnet 4.5)