Skip to content

ci: add commitMode github-api to trigger CI on version PR #477

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
TabishB merged 3 commits into from
Jan 11, 2026
Merged

ci: add commitMode github-api to trigger CI on version PR #477

TabishB merged 3 commits into from
Jan 11, 2026

Conversation

@TabishB
Copy link
Contributor

@TabishB TabishB commented Jan 11, 2026
edited by coderabbitai bot
Loading

Summary

Adds commitMode: github-api to the changesets/action configuration.

Why

The GitHub App token alone wasn't enough - commits were still being attributed to github-actions[bot] because the default commitMode is git-cli.

With commitMode: github-api:

  • Commits are pushed via the GitHub API
  • Commits are attributed to the GitHub App (not github-actions[bot])
  • This allows the commits to trigger CI workflows

References

🤖 Generated with Claude Code

Summary by CodeRabbit

  • Chores
    • Updated the release workflow's authentication and commit attribution process to improve CI integration reliability.

✏️ Tip: You can customize this high-level summary in your review settings.

@TabishB
ci: use GitHub App token to trigger CI on version PR
f2d5df2 
Replace GITHUB_TOKEN with a GitHub App token so that the version PR
can trigger CI workflows. GITHUB_TOKEN cannot trigger workflows by
design (to prevent infinite loops).

Requires APP_ID variable and APP_PRIVATE_KEY secret to be configured.
@TabishB
ci: upgrade create-github-app-token to v2
cc3ddf7
@TabishB
ci: add commitMode github-api to trigger CI on version PR
4db30bc
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Jan 11, 2026
edited
Loading

📝 Walkthrough

Walkthrough

The .github/workflows/release-prepare.yml workflow is updated to generate a GitHub App token during release preparation. This token replaces direct usage of secrets.GITHUB_TOKEN and GH_TOKEN in downstream steps, with commit mode set to github-api to ensure proper attribution.

Changes

Cohort / File(s) Summary
GitHub Actions Workflow - Token Authentication
\.github/workflows/release-prepare\.yml		 Adds actions/create-github-app-token@v2 step to generate an app token; updates Version PR creation to use commitMode: github-api; replaces secrets.GITHUB_TOKEN and GH_TOKEN references with app token output; includes annotation explaining token usage enables CI triggers on version commits.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

Poem

🐰 A token from the app, so shiny and new,
Commits flow through CI, authentic and true,
No secrets exposed, just cryptographic cheer,
The rabbit hops faster—release day is near! 🚀

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately captures the main change: adding commitMode github-api configuration to enable CI triggers on version PRs.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8f5a526 and 4db30bc.

📒 Files selected for processing (1)
  • .github/workflows/release-prepare.yml
🔇 Additional comments (4)
.github/workflows/release-prepare.yml (4)

53-54: LGTM! Correctly enables CI triggers via GitHub API commit mode.

The commitMode: github-api configuration properly addresses the attribution issue. With this setting, commits will be attributed to the GitHub App and can trigger CI workflows, which is the primary objective of this PR.

59-59: LGTM! Correctly uses GitHub App token.

The token replacement ensures the changesets action uses the GitHub App token with appropriate permissions and attribution.

67-67: LGTM! Consistent token usage for auto-merge.

Using the GitHub App token for the auto-merge step ensures consistent attribution and proper permissions for merging the version PR.

37-44: No action needed—the GitHub App token implementation is correctly configured.

The use of actions/create-github-app-token@v2 is correct (v2.2.1 is the latest stable version). The workflow already has the required permissions (contents: write and pull-requests: write). The GitHub App token enables workflow triggering not through a workflows: write permission, but because commits made by GitHub Apps can trigger workflows, unlike commits made with GITHUB_TOKEN (which cannot by design, as noted in the code comments). Ensure APP_ID and APP_PRIVATE_KEY are configured in repository settings.

Likely an incorrect or invalid review comment.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@vibe-kanban-cloud
Copy link

vibe-kanban-cloud bot commented Jan 11, 2026

Review Complete

Your review story is ready!

View Story

Comment !reviewfast on this PR to re-generate the story.

@TabishB TabishB merged commit 06097f9 into main Jan 11, 2026
7 checks passed
@TabishB TabishB deleted the github-app-token branch January 11, 2026 01:51
@coderabbitai coderabbitai bot mentioned this pull request Jan 11, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@TabishB