Allow @VyOS-Networks/maintainers to run Mergify commands

[andamasov]

Summary

Add `sender=@VyOS-Networks/maintainers` to the shared `commands_restrictions` block so VyOS-Networks Maintainers can issue @Mergifyio slash commands on the VyOS-Networks side of the cross-org mirror pipeline.

Why

Incident: VyOS-Networks/vyatta-cfg#33. The T8531 predecessor inline config in vatta-cfg's `.github/mergify.yml` only listed `@vyos/maintainers`. The cross-org mirror pipeline replicated it byte-for-byte to `VyOS-Networks/vyatta-cfg`, where the team reference is cross-org and Mergify rejected `@Mergifyio backport circinus` from VyOS-Networks Maintainers with:

⚠️ Team `@vyos/maintainers` is not part of the organization `VyOS-Networks`

This PR addresses the central baseline. Defense-in-depth: any per-repo config copying these conditions to a VyOS-Networks repo without migrating to `extends:` will still accept commands from VyOS-Networks Maintainers.

Behavior on vyos/* PRs

Mergify evaluates each `or:` branch independently. The cross-org team reference evaluates to a non-match with a surfaced warning but does not fail the rule. So on vyos repo PRs:

• `@vyos/maintainers` matches normally (local team)
• `@VyOS-Networks/maintainers` falls through (warning, no effect)
• `vyosbot` matches when the actor is the bot

Related

• Pairs with the matching change to VyOS-Networks/mergify (separate PR).
• Pairs with vyos/vyatta-cfg#134 — migrating vyatta-cfg's inline `.github/mergify.yml` to `extends: mergify` so it consumes this central baseline.
• Rollout context: T8782, T8852.

🤖 Generated by robots

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Central YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro Plus

Run ID: a680ecbc-d67f-42da-a376-231695c072ab

📥 Commits

Reviewing files that changed from the base of the PR and between 4dd2af0 and f678357.

📒 Files selected for processing (1)

• .mergify.yml

---

📝 Walkthrough

Summary by CodeRabbit

• Chores
  • Updated Mergify configuration for the backport action, extending command allowances and adding comprehensive inline documentation for cross-organization pipeline scenarios.

Walkthrough

Lines 94–120 of .mergify.yml extend the backport command's sender authorization to permit both @vyos/maintainers and @VyOS-Networks/maintainers, with inline comments documenting the cross-org mirror pipeline scenario and extends inheritance behavior.

Changes

Backport Authorization Configuration

Layer / File(s)	Summary
Backport command sender restrictions .mergify.yml	commands_restrictions.backport now allows @VyOS-Networks/maintainers in addition to the existing @vyos/maintainers sender condition, accompanied by documentation of the cross-org inheritance pattern.

Possibly related PRs

• vyos/mergify#1: Establishes the baseline backport commands_restrictions configuration with the @vyos/maintainers sender allowlist that this PR extends to a second team.

✨ Finishing Touches

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch yuriy/cross-org-maintainers

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[andamasov]

@copilot review

[andamasov]

@copilot review