feat: add CodeRabbit AI configuration based on CLAUDE.md rules

[myakove]

• Configure assertive review profile for strict enforcement
• Enable Python linters: ruff, pylint
• Enable JavaScript linter: eslint
• Enable security tools: gitleaks, semgrep
• Enable CI/CD validation: actionlint, hadolint
• Enable YAML/shell validation: yamllint, shellcheck
• Reference CLAUDE.md as authoritative code guidelines
• Add path-specific coverage requirement overrides
• Configure auto-review for main/master branches

Summary by CodeRabbit

• Chores
  • Added a centralized repository configuration to enable automated AI review, multiple analysis tools, knowledge-base integration, path-specific overrides, and default workflow behaviors for drafts and branches.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Adds a new repository-level configuration file, .coderabbit.yaml, that centralizes CodeRabbit AI Review settings: language/tone, enabled static analysis tools, knowledge-base integration (CLAUDE.md), path-specific overrides for tests/migrations/frontend, and scopes for automated learning and drafts.

Changes

Cohort / File(s)	Change Summary
CodeRabbit Configuration /.coderabbit.yaml	New YAML config enabling CodeRabbit auto-review, listing analysis tools (ruff, pylint, eslint, shellcheck, yamllint, gitleaks, semgrep, actionlint, hadolint), specifying language/tone/review style, integrating CLAUDE.md as a knowledge source, and declaring path-specific overrides and learning scopes for issues/PRs/drafts.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

• Verify the enabled analysis tools match the repository tech stack and won’t produce excessive false positives (ruff/pylint for Python, eslint for JS, etc.). — HIGH
• Confirm CLAUDE.md exists at the referenced path and contains intended knowledge used by the reviewer. — MEDIUM
• Validate path-specific overrides (tests, migrations, frontend JS) match repository layout and naming conventions. — MEDIUM
• Check auto-review/draft/branch defaults to ensure they align with team workflow and won’t trigger undesired automated actions. — LOW

Possibly related issues

• feat: add CodeRabbit AI configuration based on CLAUDE.md rules - 947 #948 — Adds the same .coderabbit.yaml configuration referencing CLAUDE.md; likely the same standardized CodeRabbit setup being applied across repos.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly summarizes the main change: adding a CodeRabbit AI configuration file based on CLAUDE.md rules, which directly aligns with the primary change in the changeset (.coderabbit.yaml).
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch coderabbitai-instractions

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[myakove-bot]

Report bugs in Issues

Welcome! 🎉

This pull request will be automatically processed with the following features:

🔄 Automatic Actions

• Reviewer Assignment: Reviewers are automatically assigned based on the OWNERS file in the repository root
• Size Labeling: PR size labels (XS, S, M, L, XL, XXL) are automatically applied based on changes
• Issue Creation: A tracking issue is created for this PR and will be closed when the PR is merged or closed
• Pre-commit Checks: pre-commit runs automatically if .pre-commit-config.yaml exists
• Branch Labeling: Branch-specific labels are applied to track the target branch
• Auto-verification: Auto-verified users have their PRs automatically marked as verified

📋 Available Commands

PR Status Management

• /wip - Mark PR as work in progress (adds WIP: prefix to title)
• /wip cancel - Remove work in progress status
• /hold - Block PR merging (approvers only)
• /hold cancel - Unblock PR merging
• /verified - Mark PR as verified
• /verified cancel - Remove verification status
• /reprocess - Trigger complete PR workflow reprocessing (useful if webhook failed or configuration changed)

Review & Approval

• /lgtm - Approve changes (looks good to me)
• /approve - Approve PR (approvers only)
• /automerge - Enable automatic merging when all requirements are met (maintainers and approvers only)
• /assign-reviewers - Assign reviewers based on OWNERS file
• /assign-reviewer @username - Assign specific reviewer
• /check-can-merge - Check if PR meets merge requirements

Testing & Validation

• /retest tox - Run Python test suite with tox
• /retest build-container - Rebuild and test container image
• /retest python-module-install - Test Python package installation
• /retest pre-commit - Run pre-commit hooks and checks
• /retest conventional-title - Validate commit message format
• /retest all - Run all available tests

Container Operations

• /build-and-push-container - Build and push container image (tagged with PR number)
  • Supports additional build arguments: /build-and-push-container --build-arg KEY=value

Cherry-pick Operations

• /cherry-pick <branch> - Schedule cherry-pick to target branch when PR is merged
  • Multiple branches: /cherry-pick branch1 branch2 branch3

Label Management

• /<label-name> - Add a label to the PR
• /<label-name> cancel - Remove a label from the PR

✅ Merge Requirements

This PR will be automatically approved when the following conditions are met:

1. Approval: /approve from at least one approver
2. LGTM Count: Minimum 1 /lgtm from reviewers
3. Status Checks: All required status checks must pass
4. No Blockers: No WIP, hold, or conflict labels
5. Verified: PR must be marked as verified (if verification is enabled)

📊 Review Process

Approvers and Reviewers

Approvers:

• myakove
• rnetser

Reviewers:

• myakove
• rnetser

Available Labels

• hold
• verified
• wip
• lgtm
• approve
• automerge

💡 Tips

• WIP Status: Use /wip when your PR is not ready for review
• Verification: The verified label is automatically removed on each new commit
• Cherry-picking: Cherry-pick labels are processed when the PR is merged
• Container Builds: Container images are automatically tagged with the PR number
• Permission Levels: Some commands require approver permissions
• Auto-verified Users: Certain users have automatic verification and merge privileges

For more information, please refer to the project documentation or contact the maintainers.

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8968afc and 8e30e5e.

📒 Files selected for processing (1)

• .coderabbit.yaml (1 hunks)

🔇 Additional comments (6)

.coderabbit.yaml (6)

1-9: Configuration structure is clear and well-documented.

The header comments, language setting, and tone instructions are properly configured. The tone instructions explicitly define severity levels (CRITICAL/HIGH/MEDIUM/LOW), which aligns with professional code review standards.

---

12-12: Verify that early-access features align with team's risk tolerance.

Setting early_access: true enables CodeRabbit's experimental features, which may have breaking changes or instability. WHY this matters: early features haven't reached stable release status and could introduce unexpected behavior changes. Confirm your team accepts this tradeoff for access to bleeding-edge functionality.

---

14-34: Assertive profile will produce more feedback; verify team expectations.

The assertive profile (line 16) enables strict enforcement and generates more nitpicky feedback compared to the chill profile. WHY this matters: teams often aren't prepared for higher verbosity and may view detailed suggestions as pedantic. Ensure stakeholders understand this enables more comprehensive (and opinionated) reviews. The auto-review configuration correctly limits to main/master branches, which prevents unnecessary review cycles on development branches.

---

35-67: Tool configuration is comprehensive and well-chosen.

Enabling ruff, pylint (Python), eslint (JavaScript), shellcheck, yamllint, gitleaks, semgrep, actionlint, and hadolint provides strong coverage for security, linting, and CI/CD validation. WHY this matters: this stack catches common bugs, security issues, and infrastructure-as-code problems early. Configuration is appropriate for a Python/JavaScript webhook server project.

---

101-112: Knowledge base learnings scopes are appropriate.

Using scope: auto for learnings, issues, and pull requests allows CodeRabbit to adapt behavior based on repository visibility (local for public, org-level for private). WHY this matters: this balances privacy/security (private repos gain org context) with simplicity (public repos stay isolated). The configuration is sensible.

---

113-115: Chat auto-reply is enabled; consider monitoring initial interactions.

Setting auto_reply: true (line 115) allows CodeRabbit to respond to chat messages without explicit mentions. WHY this matters: this accelerates interactions but may produce unexpected responses in threads if the bot misinterprets context. Monitor the first few days of usage to ensure this setting produces desired behavior.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8e30e5e and 04ac3d7.

📒 Files selected for processing (1)

• .coderabbit.yaml (1 hunks)

🧰 Additional context used

🧠 Learnings (3)

📚 Learning: 2024-10-15T10:37:45.791Z

Learnt from: myakove
Repo: myk-org/github-webhook-server PR: 598
File: webhook_server_container/libs/github_api.py:1860-1874
Timestamp: 2024-10-15T10:37:45.791Z
Learning: In the `process_retest_command` method in `webhook_server_container/libs/github_api.py`, `_target_tests` is defined before use.

Applied to files:

• .coderabbit.yaml

📚 Learning: 2024-10-08T09:19:56.185Z

Learnt from: myakove
Repo: myk-org/github-webhook-server PR: 586
File: webhook_server_container/libs/github_api.py:1947-1956
Timestamp: 2024-10-08T09:19:56.185Z
Learning: In `webhook_server_container/libs/github_api.py`, the indentation style used in the `set_pull_request_automerge` method is acceptable as per the project's coding standards.

Applied to files:

• .coderabbit.yaml

📚 Learning: 2024-10-29T08:09:57.157Z

Learnt from: myakove
Repo: myk-org/github-webhook-server PR: 612
File: webhook_server_container/libs/github_api.py:2089-2100
Timestamp: 2024-10-29T08:09:57.157Z
Learning: In `webhook_server_container/libs/github_api.py`, when the function `_keep_approved_by_approvers_after_rebase` is called, existing approval labels have already been cleared after pushing new changes, so there's no need to check for existing approvals within this function.

Applied to files:

• .coderabbit.yaml

🔇 Additional comments (5)

.coderabbit.yaml (5)

1-12: Schema and basic configuration correctly configured.

Schema reference, language selection, and tone instructions align with project standards. Early access enabled appropriately for feature access.

---

14-32: Review profile and auto-review settings match PR objectives.

Assertive profile enforces strict code quality standards. request_changes_workflow enabled ensures critical violations block merges. Auto-review configured for main branch with drafts disabled. WHY: This creates a gating mechanism for code quality on your primary branch while allowing experimental changes in draft PRs.

---

34-66: All required analysis tools are properly enabled.

Python (ruff, pylint), JavaScript (eslint), shell (shellcheck), YAML (yamllint), security (gitleaks, semgrep), and CI/CD validators (actionlint, hadolint) are all configured. This matches your PR objectives across Python, JavaScript, shell, and container contexts.

---

68-86: Knowledge base integration correctly references CLAUDE.md guidelines.

Code guidelines enabled with filePatterns pointing to CLAUDE.md. Learning scopes set to auto for appropriate repo/org-level context switching. Per prior verification, CLAUDE.md exists (36KB) and will be enforced during reviews.

---

88-90: Chat configuration reasonable; auto-reply enabled for interactive mode.

[myakove-bot]

New container for ghcr.io/myk-org/github-webhook-server:latest published