Skip to content

feat(ci): label PR review state via slash commands and lifecycle#3231

Merged
hubcio merged 1 commit into
masterfrom
feat/pr-triage-bot
May 14, 2026
Merged

feat(ci): label PR review state via slash commands and lifecycle#3231
hubcio merged 1 commit into
masterfrom
feat/pr-triage-bot

Conversation

@hubcio
Copy link
Copy Markdown
Contributor

@hubcio hubcio commented May 9, 2026

Reviewers cannot tell at a glance which open PRs are still in their
queue. Iggy's .asf.yaml requires 2 approvals with stale-dismiss, so
each push wipes prior approvals - the review backlog grows opaque
fast as PR volume rises.

Adopt rust-lang/triagebot's S-waiting-on-{review,author} pattern via
a single GitHub Actions workflow. Comment commands /ready, /author,
and /request-review @user move the labels explicitly; PR lifecycle
events (open, ready_for_review, converted_to_draft, closed) keep
them in sync without manual upkeep. Filter the queue with
is:open is:pr label:S-waiting-on-review.

The auth gate is author_association in {COLLABORATOR, OWNER}, which
matches @apache/iggy-committers. MEMBER is excluded deliberately -
it would admit any unrelated apache podling member.

issue_comment.created and pull_request_target are the only triggers;
the workflow never checks out a ref or executes PR-supplied code,
only calls the REST API via actions/github-script. This avoids the
pwn-request RCE class and stays inside the default GITHUB_TOKEN
scope - no PAT, no INFRA Jira ticket, no external host.

CODEOWNERS gains a * @apache/iggy-committers wildcard so reviewer
auto-request fires on every PR, not just .github/** changes.

@codecov
Copy link
Copy Markdown

codecov Bot commented May 9, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 73.81%. Comparing base (b6d162d) to head (0a3eadb).

Additional details and impacted files 
@@             Coverage Diff              @@
##             master    #3231      +/-   ##
============================================
- Coverage     73.85%   73.81%   -0.05%     
  Complexity      943      943              
============================================
  Files          1193     1193              
  Lines        108933   108933              
  Branches      85950    85968      +18     
============================================
- Hits          80457    80404      -53     
- Misses        25741    25766      +25     
- Partials       2735     2763      +28
Components Coverage Δ
Rust Core 74.87% <ø> (-0.03%) ⬇️
Java SDK 60.14% <ø> (ø)
C# SDK 69.13% <ø> (-0.33%) ⬇️
Python SDK 81.43% <ø> (ø)
Node SDK 91.41% <ø> (-0.13%) ⬇️
Go SDK 39.80% <ø> (ø)
see 25 files with indirect coverage changes
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@hubcio hubcio force-pushed the feat/pr-triage-bot branch 2 times, most recently from 2c74fff to 05e5279 Compare May 9, 2026 13:34
mmodzelewski
mmodzelewski previously approved these changes May 9, 2026
View reviewed changes
lukaszzborek
lukaszzborek reviewed May 9, 2026
View reviewed changes
Comment thread .github/workflows/pr-triage.yml Outdated
@hubcio
feat(ci): label PR review state via slash commands and lifecycle
0a3eadb 
Reviewers cannot tell at a glance which open PRs are still in their
queue. Iggy's .asf.yaml requires 2 approvals with stale-dismiss, so
each push wipes prior approvals - the review backlog grows opaque
fast as PR volume rises.

Adopt rust-lang/triagebot's S-waiting-on-{review,author} pattern via
a single GitHub Actions workflow. Comment commands /ready, /author,
and /request-review @user move the labels explicitly; PR lifecycle
events (open, ready_for_review, converted_to_draft, closed) keep
them in sync without manual upkeep. Filter the queue with
`is:open is:pr label:S-waiting-on-review`.

The auth gate is author_association in {COLLABORATOR, OWNER}, which
matches @apache/iggy-committers. MEMBER is excluded deliberately -
it would admit any unrelated apache podling member.

issue_comment.created and pull_request_target are the only triggers;
the workflow never checks out a ref or executes PR-supplied code,
only calls the REST API via actions/github-script. This avoids the
pwn-request RCE class and stays inside the default GITHUB_TOKEN
scope - no PAT, no INFRA Jira ticket, no external host.

CODEOWNERS gains a `* @apache/iggy-committers` wildcard so reviewer
auto-request fires on every PR, not just .github/** changes.
@hubcio hubcio force-pushed the feat/pr-triage-bot branch from 2a21f7f to 0a3eadb Compare May 14, 2026 10:11
@hubcio hubcio merged commit d158089 into master May 14, 2026
145 of 148 checks passed
@hubcio hubcio deleted the feat/pr-triage-bot branch May 14, 2026 11:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lukaszzborek lukaszzborek lukaszzborek left review comments

@mmodzelewski mmodzelewski mmodzelewski approved these changes

@numinnex numinnex numinnex approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@hubcio @mmodzelewski @lukaszzborek @numinnex