ci: align release draft workflow with rokt-widget pattern#34
ci: align release draft workflow with rokt-widget pattern#34nickolas-dimitrakas wants to merge 5 commits into
Conversation
Replace peter-evans/create-pull-request with manual git operations and gh pr create using MP_SEMANTIC_RELEASE_BOT token, so the release PR is opened as mparticle-automation rather than github-actions[bot] and correctly triggers the pull-request CI workflow. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Use peter-evans/create-pull-request v8.1.0 with pinned SHA - Add MP_SEMANTIC_RELEASE_BOT token so PR is opened as mparticle-automation rather than github-actions[bot], enabling CI to trigger on the release PR - Add generate-changelog action and include release notes in PR body - Pin action SHAs for supply-chain security - Add patch as default bump-type Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
CI is triggered by the push event when peter-evans/create-pull-request pushes the release branch, so no bot PAT is needed. Add workflow_dispatch and push triggers on chore/release* branches to pull-request.yml to match the pattern used in repos where this flow works. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
PR SummaryMedium Risk Overview Extends the CI workflow to also run on pushes to Reviewed by Cursor Bugbot for commit e6a52d5. Bugbot is set up for automated code reviews on this repo. Configure here. |
Match the standard pattern: pull_request + push on main and workstation/*. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit e6a52d5. Configure here.
| push: | ||
| branches: | ||
| - main | ||
| - workstation/* |
There was a problem hiding this comment.
Missing chore/release* push trigger defeats PR's stated purpose
High Severity
The push.branches trigger adds main and workstation/* but is missing chore/release*, which is the branch pattern that peter-evans/create-pull-request in draft-release-publish.yml creates (via branch: chore/release-${{ steps.bump-version.outputs.new_version }}). The PR description explicitly states the intent is to add chore/release* to bypass GitHub's restriction on GITHUB_TOKEN-created PRs not triggering pull_request events, but this pattern was omitted from the implementation. CI will still not fire on release PRs.
Reviewed by Cursor Bugbot for commit e6a52d5. Configure here.
| push: | ||
| branches: | ||
| - main | ||
| - workstation/* |
There was a problem hiding this comment.
PR-specific jobs lack guards for new push trigger
Medium Severity
The new push trigger causes pr-branch-check-name and pr-title-check jobs to run on push events (e.g., every merge to main), where no pull request context exists. These reusable workflows rely on PR data (github.event.pull_request) to check branch names and titles. Unlike pr-notify, which correctly guards with if: github.event_name == 'pull_request', these jobs have no such condition and will likely fail on every push-triggered run, creating persistent CI noise.
Reviewed by Cursor Bugbot for commit e6a52d5. Configure here.
2 participants
Background
The release draft workflow used
peter-evans/create-pull-requestwithout pinned action SHAs, no changelog generation, and the pull-request CI workflow only triggered onpull_requestevents. This meant CI did not run consistently across branches and the release PR lacked a changelog summary.What Has Changed
draft-release-publish.ymlto align with the standard Rokt release draft patternROKT/rokt-workflows/actions/generate-changelogwith release notes included in the PR bodypeter-evans/create-pull-requestto v8.1.0pull_request+pushonmainandworkstation/*branchesChecklist
Reference Issue (For employees only. Ignore if you are an outside contributor)