Skip to content

staging: test mobile deploy auto pull request (#1234) #1237

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
transphorm merged 2 commits into from
Oct 10, 2025
Merged

staging: test mobile deploy auto pull request (#1234) #1237

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
3b4c937
refine mobile deploy auto pr logic (#1234)
transphorm Oct 8, 2025
a66c590
SELF-832: tweak mobile deploy auto bump version pr feature; v2.7.0 (#…
transphorm Oct 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
62 changes: 62 additions & 0 deletions .github/actions/create-version-bump-pr/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
name: Create Version Bump PR
description: Creates a PR from staging changes onto dev branch
inputs:
platform:
description: Platform name (ios or android)
required: true
version:
description: Current version string
required: true
file_paths:
description: File paths to include in the PR (newline separated)
required: true
github_token:
description: GitHub token for creating PR
required: true

runs:
using: composite
steps:
- name: Create version bump PR
shell: bash
run: |
BRANCH_NAME="ci/bump-${{ inputs.platform }}-build-${{ github.run_id }}"

git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"

# Ensure we're on staging branch, not detached HEAD
git fetch origin staging dev
git checkout staging

# Check if staging has commits not in dev (version bumps + any build changes)
COMMITS_AHEAD=$(git rev-list --count origin/dev..staging)

Comment on lines +29 to +34
Copy link
Contributor

@coderabbitai coderabbitai bot Oct 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Ensure you base the branch and ahead-count on origin/staging (avoid stale local branch)

Using a possibly stale local staging branch risks false “no commits” and wrong diffs. Reset to the remote ref and compute ahead against origin/staging.

Apply this diff:

-        git fetch origin staging dev
-        git checkout staging
+        git fetch origin staging dev --prune
+        # Ensure local 'staging' matches the remote ref exactly
+        git checkout -B staging origin/staging
@@
-        COMMITS_AHEAD=$(git rev-list --count origin/dev..staging)
+        COMMITS_AHEAD=$(git rev-list --count origin/dev..origin/staging)
@@
-        git checkout -b ${BRANCH_NAME}
+        git checkout -b "${BRANCH_NAME}"

Also applies to: 42-47

🤖 Prompt for AI Agents 
In .github/actions/create-version-bump-pr/action.yml around lines 29 to 34 (and
similarly for lines 42 to 47), the script checks a possibly stale local staging
branch and computes commits-ahead against a local ref; update the workflow to
reset the local staging to the remote by fetching and checking out
origin/staging (or using git fetch origin staging && git checkout -B staging
origin/staging) and compute the ahead count against origin/staging (e.g., git
rev-list --count origin/dev..origin/staging) so the branch base and the
ahead-count are always computed from the remote refs rather than stale local
branches.

if [ "$COMMITS_AHEAD" -eq 0 ]; then
echo "ℹ️ No new commits on staging compared to dev. Skipping PR creation."
Comment on lines +28 to +36
Copy link
Contributor

@coderabbitai coderabbitai bot Oct 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Make branch checkout and ahead-count robust against detached HEADs

git checkout staging can fail if no local branch exists. Also compute ahead using remote refs to avoid local divergence.

Apply this diff:

-        # Ensure we're on staging branch, not detached HEAD
-        git fetch origin staging dev
-        git checkout staging
+        # Ensure we're on staging branch (freshly tracking remote), not detached HEAD
+        set -euo pipefail
+        git fetch --prune origin
+        git checkout -B staging origin/staging
@@
-        COMMITS_AHEAD=$(git rev-list --count origin/dev..staging)
+        COMMITS_AHEAD=$(git rev-list --count origin/dev..origin/staging)

Also applies to: 40-47

🤖 Prompt for AI Agents 
.github/actions/create-version-bump-pr/action.yml around lines 28-36 (and
similarly apply to lines 40-47): make the branch checkout robust by creating or
resetting the local staging branch from the remote instead of a plain checkout,
and compute the "commits ahead" count using remote refs only (compare origin/dev
to origin/staging) to avoid relying on local branch state or a detached HEAD;
update the script to fetch remotes, force-create/reset the local staging branch
to origin/staging, and replace the rev-list range with the
origin/dev..origin/staging remote-only range, and apply the same changes to the
other occurrence at lines 40-47.

exit 0
fi

echo "📊 Staging is $COMMITS_AHEAD commit(s) ahead of dev"

# Create new branch from current staging (which has all version changes)
git checkout -b ${BRANCH_NAME}

# Push the branch
git push --set-upstream origin ${BRANCH_NAME}

# Determine PR title based on platform
if [ "${{ inputs.platform }}" = "mobile" ]; then
PR_TITLE="chore: bump mobile app version to ${{ inputs.version }}"
else
PR_TITLE="chore: bump ${{ inputs.platform }} build for ${{ inputs.version }}"
fi

gh pr create \
--base dev \
--head ${BRANCH_NAME} \
--title "$PR_TITLE" \
--body "Automated version bump by CI" \
--label "automated"
env:
Comment on lines +20 to +61
Copy link
Contributor

@coderabbitai coderabbitai bot Oct 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Harden the script with bash strict mode; unused input is misleading

  • Without set -euo pipefail, errors in intermediary commands can slip by, creating or labeling an unintended PR.
  • inputs.file_paths is declared but unused; this is confusing and may imply partial-change PRs that the action doesn’t implement.

Apply this diff to harden the script:

     - name: Create version bump PR
       shell: bash
       run: |
+        set -euo pipefail
         BRANCH_NAME="ci/bump-${{ inputs.platform }}-build-${{ github.run_id }}"

And either remove the file_paths input from the action definition, or document it as unused. If you intend to restrict PRs to certain paths, implement staged commits based on the provided list before pushing.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- name: Create version bump PR
shell: bash
run: |
BRANCH_NAME="ci/bump-${{ inputs.platform }}-build-${{ github.run_id }}"
git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"
# Ensure we're on staging branch, not detached HEAD
git fetch origin staging dev
git checkout staging
# Check if staging has commits not in dev (version bumps + any build changes)
COMMITS_AHEAD=$(git rev-list --count origin/dev..staging)
if [ "$COMMITS_AHEAD" -eq 0 ]; then
echo "ℹ️ No new commits on staging compared to dev. Skipping PR creation."
exit 0
fi
echo "📊 Staging is $COMMITS_AHEAD commit(s) ahead of dev"
# Create new branch from current staging (which has all version changes)
git checkout -b ${BRANCH_NAME}
# Push the branch
git push --set-upstream origin ${BRANCH_NAME}
# Determine PR title based on platform
if [ "${{ inputs.platform }}" = "mobile" ]; then
PR_TITLE="chore: bump mobile app version to ${{ inputs.version }}"
else
PR_TITLE="chore: bump ${{ inputs.platform }} build for ${{ inputs.version }}"
fi
gh pr create \
--base dev \
--head ${BRANCH_NAME} \
--title "$PR_TITLE" \
--body "Automated version bump by CI" \
--label "automated"
env:
- name: Create version bump PR
shell: bash
run: |
set -euo pipefail
BRANCH_NAME="ci/bump-${{ inputs.platform }}-build-${{ github.run_id }}"
git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"
# Ensure we're on staging branch, not detached HEAD
git fetch origin staging dev
git checkout staging
# Check if staging has commits not in dev (version bumps + any build changes)
COMMITS_AHEAD=$(git rev-list --count origin/dev..staging)
if [ "$COMMITS_AHEAD" -eq 0 ]; then
echo "ℹ️ No new commits on staging compared to dev. Skipping PR creation."
exit 0
fi
echo "📊 Staging is $COMMITS_AHEAD commit(s) ahead of dev"
# Create new branch from current staging (which has all version changes)
git checkout -b ${BRANCH_NAME}
# Push the branch
git push --set-upstream origin ${BRANCH_NAME}
# Determine PR title based on platform
if [ "${{ inputs.platform }}" = "mobile" ]; then
PR_TITLE="chore: bump mobile app version to ${{ inputs.version }}"
else
PR_TITLE="chore: bump ${{ inputs.platform }} build for ${{ inputs.version }}"
fi
gh pr create \
--base dev \
--head ${BRANCH_NAME} \
--title "$PR_TITLE" \
--body "Automated version bump by CI" \
--label "automated"
env:
🤖 Prompt for AI Agents 
.github/actions/create-version-bump-pr/action.yml lines 20-61: the action's run
script lacks bash strict mode and declares an unused inputs.file_paths which is
misleading; enable strict mode (set -euo pipefail and IFS=$'\n\t') at the top of
the script and ensure variables are quoted to fail fast on errors, and then
either remove inputs.file_paths from the action.yml inputs or document it as
unused; if you intend to limit changes by path, implement staging/committing
only the listed paths before creating the branch and pushing.

GH_TOKEN: ${{ inputs.github_token }}
7 changes: 7 additions & 0 deletions .github/actions/get-version/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,18 @@ inputs:
description: "Path to the app directory"
required: true

outputs:
version:
description: "Extracted app version from package.json"
value: ${{ steps.get-version.outputs.version }}

runs:
using: "composite"
steps:
- name: Get version from package.json
id: get-version
shell: bash
run: |
VERSION=$(node -p "require('${{ inputs.app_path }}/package.json').version")
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "VERSION=$VERSION" >> $GITHUB_ENV
Comment on lines +19 to 24
Copy link
Contributor

@coderabbitai coderabbitai bot Oct 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Fix Node require path to avoid resolving a module instead of a file

require('${{ inputs.app_path }}/package.json') may resolve a package in node_modules if app_path doesn’t start with ./ or /. Use path.resolve and strict shell flags.

Apply this diff:

-    - name: Get version from package.json
-      id: get-version
-      shell: bash
-      run: |
-        VERSION=$(node -p "require('${{ inputs.app_path }}/package.json').version")
-        echo "version=$VERSION" >> $GITHUB_OUTPUT
-        echo "VERSION=$VERSION" >> $GITHUB_ENV
+    - name: Get version from package.json
+      id: get-version
+      shell: bash
+      run: |
+        set -euo pipefail
+        VERSION=$(node -p "require(require('path').resolve('${{ inputs.app_path }}', 'package.json')).version")
+        echo "version=$VERSION" >> \"$GITHUB_OUTPUT\"
+        echo "VERSION=$VERSION" >> \"$GITHUB_ENV\"

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents 
.github/actions/get-version/action.yml lines 19-24: the current shell command
uses node -p "require('${{ inputs.app_path }}/package.json').version" which can
cause Node to resolve a package from node_modules when app_path is not a file
path and lacks strict shell error handling; change the script to enable strict
shell flags (set -euo pipefail) and use Node to require a resolved absolute path
(e.g., path.resolve(process.cwd(), inputPath, 'package.json')) or otherwise call
require with a fully resolved path so Node loads the intended file, and
propagate any errors so the action fails fast.

Loading
Loading