Skip to content

chore(standards): migrate reusable caller templates to <name>/stable channels (#482)#491

Merged
don-petry merged 1 commit into
mainfrom
chore/migrate-reusables-to-channels
Jun 19, 2026
Merged

chore(standards): migrate reusable caller templates to <name>/stable channels (#482)#491
don-petry merged 1 commit into
mainfrom
chore/migrate-reusables-to-channels

Conversation

@don-petry

@don-petry don-petry commented Jun 19, 2026

Copy link
Copy Markdown
Contributor

Summary

Phase 2 of the stub-pin reconciliation (#482). Points the six Tier-1 caller templates at the new per-reusable stable channels, adopting the documented North Star (Reusable workflow versioning).

Phase 1 (done): cut <name>/stable (moving) + <name>/v2.0.0 (immutable) tags at the v2 release commit 376a4fcb for all six reusables.

This PR:

  • agent-shield, auto-rebase, dependency-audit, dependabot-automerge, dependabot-rebase, pr-review-mention templates → uses: …/<name>-reusable.yml@<name>/stable.
  • Fixes the two off-standard templates: agent-shield (was SHA @208ec2d) and dependabot-rebase (was @9a694e5 # main) — neither matched the audit's expected pin or the channel model.
  • Replaces stale "bump the SHA/tag" comments with channel guidance.

Safety / phasing

  • No fleet impact from this PR — these are source-of-truth templates; merging changes no running workflow.
  • Phase 3 (next): re-sync the fleet to the channels via deploy-standard-workflows.sh — opens reviewable standards-sync PRs per repo. Note auto-rebase/dependabot-rebase move v1→v2 (the channel points at v2); landing via per-repo PRs means each runs the repo's CI before merge.
  • Phase 4 (last): update check_centralized_workflow_stubs to expect @<name>/stable. Deliberately ordered after Phase 3 so the fleet is never flagged non-compliant mid-migration.

Validation

  • All six templates parse as valid YAML; uses: refs point at the cut channels (verified resolving to 376a4fcb).

Refs #482.

🤖 Generated with Claude Code

Summary by CodeRabbit

  • Chores
    • Updated CI/CD workflow configurations to use stable channel references across multiple automation jobs (agent-shield, auto-rebase, dependabot-automerge, dependabot-rebase, dependency-audit, and pr-review-mention), enabling automatic compatibility updates while maintaining consistent behavior.

…channels (#482)

Phase 2 of the stub-pin reconciliation (#482). Channels were cut at the v2
release commit (376a4fc) for all six reusables (Phase 1); this points the
caller templates at them:

  agent-shield, auto-rebase, dependency-audit, dependabot-automerge,
  dependabot-rebase, pr-review-mention
    → uses: …/<name>-reusable.yml@<name>/stable

This also fixes the two templates that were pinned off-standard — agent-shield
(SHA @208ec2d) and dependabot-rebase (@9a694e5 # main) — which neither matched
the audit's expected pin nor the channel model. Stale "bump the SHA/tag"
guidance comments are replaced with channel guidance (a release is rolled out
by moving the channel centrally, never by editing callers).

No fleet impact from this PR: these are source-of-truth templates. The fleet
re-sync to the channels (Phase 3, via deploy-standard-workflows.sh) and the
compliance-audit update to expect the channel pins (Phase 4) follow — the audit
change lands last so the fleet is never flagged non-compliant mid-migration.

Refs #482.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@don-petry don-petry requested a review from a team as a code owner June 19, 2026 19:08
@chatgpt-codex-connector

Copy link
Copy Markdown

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.
To continue using code reviews, you can upgrade your account or add credits to your account and enable them for code reviews in your settings.

@sonarqubecloud

Copy link
Copy Markdown

@don-petry

Copy link
Copy Markdown
Contributor Author

Dev-Lead — review-changes (no-changes)

No changes were needed for this PR.

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates multiple GitHub Actions workflow files in standards/workflows/ to reference centrally managed stable channel tags (e.g., @agent-shield/stable, @auto-rebase/stable) instead of specific SHAs or version tags. The inline documentation has also been updated to reflect this new versioning policy. There are no review comments, and I have no additional feedback to provide.

@don-petry don-petry enabled auto-merge (squash) June 19, 2026 19:09
@don-petry don-petry disabled auto-merge June 19, 2026 19:10
@don-petry

Copy link
Copy Markdown
Contributor Author

Dev-Lead — fix-reviews (no-changes)

Agent reasoning
Addressed 0 threads:
(no open threads)
Test verification: pass — no changes made, working tree clean
Files changed: none
Holistic assessment:
- CI: all completed checks passed; 2 in_progress (non-blocking)
- Reviews: 1 COMMENTED review (gemini-code-assist), 0 CHANGES_REQUESTED
- PR is not blocked; no action required
```

@don-petry don-petry enabled auto-merge (squash) June 19, 2026 19:10
@don-petry don-petry merged commit f685935 into main Jun 19, 2026
27 checks passed
@don-petry don-petry deleted the chore/migrate-reusables-to-channels branch June 19, 2026 19:10
@coderabbitai

coderabbitai Bot commented Jun 19, 2026

Copy link
Copy Markdown

Review Change Stack

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: c9195b7b-540d-4920-b339-15b137be6c4b

📥 Commits

Reviewing files that changed from the base of the PR and between 068af9d and d379190.

📒 Files selected for processing (6)
  • standards/workflows/agent-shield.yml
  • standards/workflows/auto-rebase.yml
  • standards/workflows/dependabot-automerge.yml
  • standards/workflows/dependabot-rebase.yml
  • standards/workflows/dependency-audit.yml
  • standards/workflows/pr-review-mention.yml

📝 Walkthrough

Walkthrough

Six caller workflow files under standards/workflows/ replace their reusable workflow uses: references with per-workflow stable channel tags (e.g., @agent-shield/stable, @auto-rebase/stable). Three of those files also update inline comment guidance to explicitly prohibit future changes to the pinned ref.

Changes

Stable channel ref migration

Layer / File(s) Summary
Reusable workflow refs and guidance comments
standards/workflows/agent-shield.yml, standards/workflows/auto-rebase.yml, standards/workflows/dependabot-automerge.yml, standards/workflows/dependabot-rebase.yml, standards/workflows/dependency-audit.yml, standards/workflows/pr-review-mention.yml
Each caller's uses: line is switched from a SHA pin or @v1/@v2 tag to the corresponding @<name>/stable channel ref. auto-rebase.yml, dependabot-rebase.yml, and pr-review-mention.yml additionally update their inline comment blocks to explicitly forbid altering the pinned ref.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related issues

Possibly related PRs

  • petry-projects/.github#88: Touches the same caller stub files (agent-shield.yml, dependabot-automerge.yml, dependabot-rebase.yml, dependency-audit.yml) with prior changes to the uses: ref at the same callsites.
  • petry-projects/.github#302: Introduces stub-checker logic that validates the uses: pin/version expectations for refs like the pr-review-mention/stable channel updated here.
  • petry-projects/.github#440: Establishes and enforces the <name>/stable channel pinning pattern across caller workflows using the same stable channel convention applied in this PR.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch chore/migrate-reusables-to-channels

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant