Skip to content

docs: CI setup guide, cora-review-simple action, website link#53

Merged
ajianaz merged 1 commit into
developfrom
docs/ci-setup-guide
May 31, 2026
Merged

docs: CI setup guide, cora-review-simple action, website link#53
ajianaz merged 1 commit into
developfrom
docs/ci-setup-guide

Conversation

@ajianaz
Copy link
Copy Markdown
Collaborator

@ajianaz ajianaz commented May 31, 2026
edited by coderabbitai Bot
Loading

Changes

  • Add website link (codecora.dev) to README header
  • Rewrite CI/CD Integration section with full setup guide
    • Option A: cora-review (Infisical OIDC)
    • Option B: cora-review-simple (GitHub Secrets)
  • Add cora-review-simple composite action (no Infisical needed)
  • Fix cora-review action: add latest version resolve step via GitHub API
  • Add troubleshooting section with real-world pitfalls
  • Add comparison table between the two actions

Summary by CodeRabbit

  • New Features

    • New simplified code review action for easier CI/CD integration
    • Automatic resolution of "latest" CLI version at runtime
    • PR comments with severity-grouped findings summary
    • Workflow blocking checks for critical-level findings

  • Documentation

    • Comprehensive CI/CD setup guides with action comparison
    • New troubleshooting section addressing common issues
    • Branch protection enforcement and pre-commit hook guidance

docs: add CI setup guide, cora-review-simple action, website link
9820d14 
- Add website link (codecora.dev) to README header
- Rewrite CI/CD Integration section with full setup guide
- Add cora-review-simple action (GitHub Secrets, no Infisical)
- Fix cora-review action: add latest version resolve step
- Add troubleshooting section with real-world pitfalls
- Add comparison table: cora-review vs cora-review-simple
@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented May 31, 2026
edited
Loading

Review Change Stack

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 5c26b32d-630c-4f22-8a76-45b6bc4feccd

📥 Commits

Reviewing files that changed from the base of the PR and between a5dc105 and 9820d14.

📒 Files selected for processing (3)
  • .github/actions/cora-review-simple/action.yml
  • .github/actions/cora-review/action.yml
  • README.md
📝 Walkthrough

Walkthrough

This PR adds a new cora-review-simple composite GitHub Action and enhances cora-review with dynamic version resolution. Both actions automate code review via CORA, with the simpler variant providing GitHub Code Scanning integration, severity-grouped PR feedback, and workflow blocking. README documentation explains setup and troubleshooting.

Changes

Cora Review Actions and GitHub Integration

Layer / File(s) Summary
Dynamic Version Resolution for Latest Cora-CLI
.github/actions/cora-review/action.yml		 Adds a new step to resolve the latest cora-cli release tag from GitHub's API when inputs.cora-version is latest. The download command now uses the resolved version output instead of a static input value.
Cora-Review-Simple Action – Setup and Execution
.github/actions/cora-review-simple/action.yml		 Defines a new composite action with input contracts (base branch, severity, cora version, SARIF upload toggle, credentials, and token). Implements version resolution and architecture-aware binary installation, then executes cora review to produce SARIF output.
Cora-Review-Simple Action – Results Processing and Blocking
.github/actions/cora-review-simple/action.yml		 Conditionally uploads SARIF to GitHub Code Scanning, parses results to group findings by severity, creates or updates a PR comment with a summary table, and blocks the workflow with an error annotation if any findings have level: error.

Documentation

Layer / File(s) Summary
README – Actions Guide and Troubleshooting
README.md		 Adds website link, replaces prior CI/CD workflow example with side-by-side composite action setup (Infisical OIDC vs. GitHub Secrets), shared configuration reference, merge blocking guidance, and updated pre-commit hook instructions. Introduces a new troubleshooting section addressing binary download issues, version resolution, branch protection API visibility, release/merge timing, and CI self-review behavior.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

  • ajianaz/cora-cli#46: Extracted the original cora-review composite action with SARIF generation, PR comment posting, and blocking error checks; this PR extends and duplicates that pattern in cora-review-simple and adds dynamic version resolution to both actions.

Poem

🐇 A rabbit hops through CI gardens bright,
Where Cora reviews the code each night,
Two actions now, for paths both simple and keen,
With SARIF gates and feedback pristine—
Latest versions fetch on the fly,
Let no errors slip, or workflows will cry! 🚀

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch docs/ci-setup-guide

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@ajianaz ajianaz merged commit b3c7e97 into develop May 31, 2026
6 of 7 checks passed
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 31, 2026

🔍 Cora AI Code Review

No issues found. Code looks good!

@ajianaz ajianaz deleted the docs/ci-setup-guide branch June 1, 2026 02:28
@coderabbitai coderabbitai Bot mentioned this pull request Jun 1, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ajianaz