GitAuto: [FEATURE] Run workflow in the source branch

gitauto-ai[bot] commented 3 weeks ago

Resolves #246

What is the feature

Enable workflows to run in the source branch of a pull request, even when the source branch is in a different owner or repository. This functionality allows the workflow to execute in the context of the source branch and automatically propose a pull request to the target repository, targeting the branch referenced in the original PR.

Why we need the feature

Running workflows in the source branch ensures that code is tested and validated in its original context before integration. This is particularly important for contributions coming from forks or different repositories, as it maintains the integrity and consistency of both the source and target repositories. By executing workflows in the source branch, we can catch issues early and streamline the collaboration process across different repositories and ownerships.

How to implement and why

Detect Source Branch Information: Modify the workflow triggers to recognize when a pull request originates from a different owner or repository. This can be achieved by utilizing GitHub Actions' context and event payloads to identify the source repository and branch.
Execute Workflow in Source Context: Configure the workflow to run within the context of the source branch. This may involve setting up appropriate permissions and ensuring that the workflow has access to necessary resources in the source repository.
Automate Pull Request Creation: Implement a step in the workflow that automatically creates a pull request in the target repository. This PR should target the specific branch referenced in the original PR, ensuring that changes are proposed accurately.
Handle Cross-Repository Permissions: Ensure that the workflow has the necessary permissions to interact with both the source and target repositories. This might involve configuring repository secrets or using GitHub Apps to manage access securely.
Provide Configuration Options: Allow repository administrators to enable or disable this feature on a per-workflow basis. This flexibility ensures that only relevant workflows take advantage of running in the source branch, preventing unintended side effects.

This step-by-step implementation ensures that workflows are executed in the appropriate context, facilitates seamless integration between different repositories, and maintains security and consistency across the development process.

About backward compatibility

To maintain backward compatibility, introduce this feature as an optional configuration that can be enabled per workflow. Existing workflows will continue to operate as they currently do without any changes. By allowing repository administrators to opt-in to this feature, we prevent disruptions to existing processes and provide flexibility in adopting the new workflow execution model.

Test these changes locally

git checkout -b gitauto/issue-246-c400c1db-8a8f-4a20-8efe-9be37c00db63
git pull origin gitauto/issue-246-c400c1db-8a8f-4a20-8efe-9be37c00db63

coderabbitai[bot] commented 3 weeks ago

[!IMPORTANT]

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

🪧 Tips

### Chat There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai): - Review comments: Directly reply to a review comment made by CodeRabbit. Example: - `I pushed a fix in commit , please review it.` - `Generate unit testing code for this file.` - `Open a follow-up GitHub issue for this discussion.` - Files and specific lines of code (under the "Files changed" tab): Tag `@coderabbitai` in a new review comment at the desired location with your query. Examples: - `@coderabbitai generate unit testing code for this file.` - `@coderabbitai modularize this function.` - PR comments: Tag `@coderabbitai` in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples: - `@coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.` - `@coderabbitai read src/utils.ts and generate unit testing code.` - `@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.` - `@coderabbitai help me debug CodeRabbit configuration file.` Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. ### CodeRabbit Commands (Invoked using PR comments) - `@coderabbitai pause` to pause the reviews on a PR. - `@coderabbitai resume` to resume the paused reviews. - `@coderabbitai review` to trigger an incremental review. This is useful when automatic reviews are disabled for the repository. - `@coderabbitai full review` to do a full review from scratch and review all the files again. - `@coderabbitai summary` to regenerate the summary of the PR. - `@coderabbitai resolve` resolve all the CodeRabbit review comments. - `@coderabbitai configuration` to show the current CodeRabbit configuration for the repository. - `@coderabbitai help` to get help. ### Other keywords and placeholders - Add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed. - Add `@coderabbitai summary` to generate the high-level summary at a specific location in the PR description. - Add `@coderabbitai` anywhere in the PR title to generate the title automatically. ### CodeRabbit Configuration File (`.coderabbit.yaml`) - You can programmatically configure CodeRabbit by adding a `.coderabbit.yaml` file to the root of your repository. - Please see the [configuration documentation](https://docs.coderabbit.ai/guides/configure-coderabbit) for more information. - If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: `# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json` ### Documentation and Community - Visit our [Documentation](https://coderabbit.ai/docs) for detailed information on how to use CodeRabbit. - Join our [Discord Community](http://discord.gg/coderabbit) to get help, request features, and share feedback. - Follow us on [X/Twitter](https://twitter.com/coderabbitai) for updates and announcements.

github-actions[bot] commented 3 weeks ago

JSON and YAML Validation Results

JSON Validation Results

✅ File(s) Passed: 5
❌ File(s) Failed: 1
⏭️ File(s) Skipped: 0

Violations:

[
  {
    "file": "Src/config/commands.json",
    "errors": [
      {
        "path": null,
        "message": "Invalid JSON"
      }
    ]
  }
]

deepsource-io[bot] commented 3 weeks ago

Here's the code health analysis summary for commits e74be8f..8524845. View details on DeepSource ↗.

Analysis Summary

Analyzer	Status	Link
Docker	✅ Success	View Check ↗
PHP	✅ Success	View Check ↗
Secrets	✅ Success	View Check ↗
SQL	✅ Success	View Check ↗

💡 If you’re a repository administrator, you can configure the quality gates from the settings.

gitauto-ai[bot] commented 3 weeks ago

Committed the Check Run json-yaml-validate error fix! Running it again...

gitauto-ai[bot] commented 3 weeks ago

Committed the Check Run php-lint error fix! Running it again...

sonarcloud[bot] commented 1 week ago

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

github-actions[bot] commented 1 week ago

Infisical secrets check: ✅ No secrets leaked!

💻 Scan logs

```txt 1:07PM INF scanning for exposed secrets... 1:07PM INF 644 commits scanned. 1:07PM INF scan completed in 151ms 1:07PM INF no leaks found ```

guibranco / gstraccini-bot-service