ci: update of files from global .github repo

[asyncapi-bot]

Summary by CodeRabbit

• Bug Fixes

  • User mentions in automated comments (automerge, help, bounty) now resolve reliably.
  • Slack notifications for issues, PRs, and discussions use consistent, stable formatting.
  • Release announcements to Slack and Twitter are more robust and accurately include tag, URL, and author.
  • Issue transfer handles repo names safely with proper quoting and environment-driven inputs.

• Chores

  • Standardized workflows to pass data via environment variables instead of inline context, improving reliability and readability across CI notifications and commands.

[netlify]

✅ Deploy Preview for asyncapi-website ready!

Name	Link
🔨 Latest commit	62f0e0d
🔍 Latest deploy log	https://app.netlify.com/projects/asyncapi-website/deploys/68c8b19f3ac2570008e1d7a7
😎 Deploy Preview	https://deploy-preview-4418--asyncapi-website.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[coderabbitai]

Walkthrough

Workflows refactor step scripts to use environment variables instead of GitHub context expressions for actor, event metadata, and release data. Minor quoting/argument handling updates are added in transfer-issue. No structural changes to job/step ordering; logic remains functionally equivalent.

Changes

Cohort / File(s)	Summary of edits
Actor env in scripts .github/workflows/automerge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml, .github/workflows/bounty-program-commands.yml, .github/workflows/help-command.yml	Introduce ACTOR/GITHUB_ACTOR envs for steps and replace usages of github.actor in inline scripts/comments with `process.env.(ACTOR
Notifications env inputs .github/workflows/issues-prs-notifications.yml	Add per-event env vars (ISSUE_, PR_, DISCUSSION_*) and switch markdown inputs from github.event.* to env-based references. Step IDs unchanged.
Release announcements env propagation .github/workflows/release-announcements.yml	Provide release metadata via env across Slack/Twitter steps; rewrite message templates to use env vars. Minor script tweaks: pass previous/last version via env, expand author retrieval, supply RELEASE_URL/REPO_NAME/RELEASE_TAG/AUTHOR_NAME to steps.
Transfer issue quoting and env .github/workflows/transfer-issue.yml	Quote variables in extraction, write repo to outputs as quoted, and pass ISSUE_NUMBER/REPO_NAME via env to gh issue transfer with quoted args. Remove explicit GH_TOKEN in the step.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Maintainer
  participant GH as GitHub Actions
  participant Slack as Slack API
  participant Twitter as Twitter API

  Note over GH: Release Announcements Workflow
  Maintainer->>GH: Publish GitHub Release
  GH->>GH: Set env (RELEASE_TAG, URL, BODY, REPO_NAME, AUTHOR_NAME)
  GH->>Slack: Post release markdown (uses env vars)
  alt Release tweet enabled
    GH->>GH: Determine semver diff (PREV_VERSION/LAST_VERSION via env)
    GH->>Twitter: Publish tweet (uses env vars)
  end

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested labels

autoapproved, autoupdate

Suggested reviewers

• akshatnema
• anshgoyalevil
• derberg
• sambhavgupta0705
• Mayaleeeee

Poem

A bunny taps in YAML fields, so spry,
Swaps context for env—oh my!
With quoted hops and tidy trails,
Slack and tweets ride steady rails.
Carrots raised to CI’s might—
Green checks gleam in moonlit night. 🥕✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title "ci: update of files from global .github repo" accurately signals a CI-related sync of repository workflow files from the global .github repo, which matches the provided changes to multiple .github/workflows YAML files; it is concise and on-topic. It is slightly generic about which workflows were updated but still conveys the primary intent of the changeset.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch bot/update-files-from-global-repo

Tip

👮 Agentic pre-merge checks are now available in preview!

Pro plan users can now enable pre-merge checks in their settings to enforce checklists before merging PRs.

• Built-in checks – Quickly apply ready-made checks to enforce title conventions, require pull request descriptions that follow templates, validate linked issues for compliance, and more.
• Custom agentic checks – Define your own rules using CodeRabbit’s advanced agentic capabilities to enforce organization-specific policies and workflows. For example, you can instruct CodeRabbit’s agent to verify that API documentation is updated whenever API schema files are modified in a PR. Note: Upto 5 custom checks are currently allowed during the preview period. Pricing for this feature will be announced in a few weeks.

Please see the documentation for more information.

Example:

reviews:
  pre_merge_checks:
    custom_checks:
      - name: "Undocumented Breaking Changes"
        mode: "warning"
        instructions: |
          Pass/fail criteria: All breaking changes to public APIs, CLI flags, environment variables, configuration keys, database schemas, or HTTP/GraphQL endpoints must be documented in the "Breaking Change" section of the PR description and in CHANGELOG.md. Exclude purely internal or private changes (e.g., code not exported from package entry points or explicitly marked as internal).

Please share your feedback with us on this Discord post.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[asyncapi-bot]

⚡️ Lighthouse report for the changes in this PR:

Category	Score
🔴 Performance	40
🟢 Accessibility	98
🟢 Best practices	92
🟢 SEO	100
🔴 PWA	33

Lighthouse ran on https://deploy-preview-4418--asyncapi-website.netlify.app/

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (4)

.github/workflows/bounty-program-commands.yml (4)

26-29: Fix incorrect actor allowlist check (|| with strings collapses to first value).

('aeworxet' || 'thulieblack') evaluates to 'aeworxet', so thulieblack is never considered. Use explicit comparisons or array membership.

Apply:

-    if: >
-      github.actor != ('aeworxet' || 'thulieblack') &&
+    if: >
+      github.actor != 'aeworxet' &&
+      github.actor != 'thulieblack' &&
       (
         startsWith(github.event.comment.body, '/bounty' )
       )

---

54-57: Same allowlist bug in the “add-label-bounty” job.

Only aeworxet passes today; thulieblack is excluded.

-    if: >
-      github.actor == ('aeworxet' || 'thulieblack') &&
+    if: >
+      (github.actor == 'aeworxet' || github.actor == 'thulieblack') &&
       (
         startsWith(github.event.comment.body, '/bounty' )
       )

---

95-98: Same allowlist bug in the “remove-label-bounty” job.

Mirror the fix to ensure both users are allowed.

-    if: >
-      github.actor == ('aeworxet' || 'thulieblack') &&
+    if: >
+      (github.actor == 'aeworxet' || github.actor == 'thulieblack') &&
       (
         startsWith(github.event.comment.body, '/unbounty' )
       )

---

119-124: issues.removeLabel expects a string for name, not an array.

Passing [BOUNTY_PROGRAM_LABELS[0].name] will fail at runtime.

-              github.rest.issues.removeLabel({
+              await github.rest.issues.removeLabel({
                 issue_number: context.issue.number,
                 owner: context.repo.owner,
                 repo: context.repo.repo,
-                name: [BOUNTY_PROGRAM_LABELS[0].name]
+                name: BOUNTY_PROGRAM_LABELS[0].name
               })

🧹 Nitpick comments (13)

.github/workflows/bounty-program-commands.yml (2)

36-37: Good switch to env for actor; also await API calls for reliability.

Env-based actor usage looks good. Add await to createComment to avoid the step finishing before the API call resolves.

-            github.rest.issues.createComment({
+            await github.rest.issues.createComment({
               issue_number: context.issue.number,
               owner: context.repo.owner,
               repo: context.repo.repo,
               body: commentText
             })

Also applies to: 41-50

---

85-91: Await label addition for consistency.

Ensure the label API call settles before the step ends.

-            github.rest.issues.addLabels({
+            await github.rest.issues.addLabels({
               issue_number: context.issue.number,
               owner: context.repo.owner,
               repo: context.repo.repo,
               labels: [BOUNTY_PROGRAM_LABELS[0].name]
             })

.github/workflows/automerge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml (1)

40-46: Await GitHub API calls to avoid races.

Add await to addLabels and createComment.

-              github.rest.issues.addLabels({
+              await github.rest.issues.addLabels({
                 issue_number: context.issue.number,
                 owner: context.repo.owner,
                 repo: context.repo.repo,
                 labels: ['ready-to-merge']
               })  

-              github.rest.issues.createComment({
+              await github.rest.issues.createComment({
                 issue_number: context.issue.number,
                 owner: context.repo.owner,
                 repo: context.repo.repo,
                 body: `Hello, @${process.env.GITHUB_ACTOR}! 👋🏼

Also applies to: 57-69

.github/workflows/help-command.yml (3)

18-20: Env-based actor usage: LGTM; await the API call.

Switch to env is correct. Also add await to createComment.

-            github.rest.issues.createComment({
+            await github.rest.issues.createComment({

Also applies to: 30-41

---

36-36: Typo in user-facing text (“reviewrs”).

Fix spelling.

-                    - `/please-take-a-look` or `/ptal` - This comment will add a comment to the PR asking for attention from the reviewrs who have not reviewed the PR yet.
+                    - `/please-take-a-look` or `/ptal` - This comment will add a comment to the PR asking for attention from the reviewers who have not reviewed the PR yet.

---

49-51: Mirror the await fix in the issue flow.

Add await before createComment.

-            github.rest.issues.createComment({
+            await github.rest.issues.createComment({

Also applies to: 54-67

.github/workflows/transfer-issue.yml (2)

26-27: Extraction is better with quoting; add validation and strict shell opts.

Guard against empty/invalid repo and fail fast.

-          REPO=$(echo "$COMMENT" | awk '{print $2}')
-          echo "repo=$REPO" >> $GITHUB_OUTPUT
+          set -euo pipefail
+          REPO="$(echo "$COMMENT" | awk '{print $2}')"
+          if [[ -z "${REPO:-}" || ! "$REPO" =~ ^[A-Za-z0-9._-]+$ ]]; then
+            echo "Invalid or missing repo name in command. Usage: /ti <repo-name>"
+            exit 1
+          fi
+          echo "repo=$REPO" >> "$GITHUB_OUTPUT"

---

60-63: Token naming consistency (optional).

You use secrets.GH_TOKEN in “Check Repo” but secrets.GITHUB_TOKEN here. Prefer one consistently (either works for gh CLI if scoped properly).

Would you like me to align both steps to the same secret name across repos?

.github/workflows/issues-prs-notifications.yml (4)

26-32: Env-based composition: LGTM. Consider null-safe fallbacks.

Issue body can be null; default to empty to avoid “null” in Slack.

-          ISSUE_BODY: ${{github.event.issue.body}}
+          ISSUE_BODY: ${{ github.event.issue.body || '' }}

---

48-54: Apply the same null-safe fallback for PR body.

-          PR_BODY: ${{github.event.pull_request.body}}
+          PR_BODY: ${{ github.event.pull_request.body || '' }}

---

70-76: Apply the same null-safe fallback for Discussion body.

-          DISCUSSION_BODY: ${{github.event.discussion.body}}
+          DISCUSSION_BODY: ${{ github.event.discussion.body || '' }}

---

64-64: Minor copy: job/step names say “pull request” in the discussion job.

Rename for clarity in Actions UI.

-    name: Notify slack on every new pull request
+    name: Notify slack on every new discussion

-      - name: Convert markdown to slack markdown for pull request
+      - name: Convert markdown to slack markdown for discussion

Also applies to: 67-67

.github/workflows/release-announcements.yml (1)

71-75: Twitter flow updates look good; tiny robustness nit.

Using envs for semver-diff and tweet text is solid. If you want to be extra safe, quote npx args (already done) and keep as-is.

Also applies to: 85-92

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 659cff9 and 79a8802.

📒 Files selected for processing (6)

• .github/workflows/automerge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml (2 hunks)
• .github/workflows/bounty-program-commands.yml (1 hunks)
• .github/workflows/help-command.yml (3 hunks)
• .github/workflows/issues-prs-notifications.yml (3 hunks)
• .github/workflows/release-announcements.yml (2 hunks)
• .github/workflows/transfer-issue.yml (2 hunks)

🧰 Additional context used

🧠 Learnings (1)

📚 Learning: 2025-02-18T12:07:42.211Z

Learnt from: asyncapi-bot
PR: asyncapi/website#0
File: :0-0
Timestamp: 2025-02-18T12:07:42.211Z
Learning: The following PR commands are supported in the asyncapi/website repository:
- `/please-take-a-look` or `/ptal`: Requests attention from reviewers who haven't reviewed the PR
- `/ready-to-merge` or `/rtm`: Triggers automerge when all conditions are met
- `/do-not-merge` or `/dnm`: Blocks automerge even if all conditions are met
- `/autoupdate` or `/au`: Adds autoupdate label to keep PR in sync with target branch
- `/update` or `/u`: One-time update of PR with latest changes from target branch

Applied to files:

• .github/workflows/issues-prs-notifications.yml

⏰ Context from checks skipped due to timeout of 180000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: Automerge PR autoapproved by a bot
• GitHub Check: Redirect rules - asyncapi-website
• GitHub Check: Header rules - asyncapi-website
• GitHub Check: Pages changed - asyncapi-website
• GitHub Check: Lighthouse CI

🔇 Additional comments (3)

.github/workflows/automerge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml (1)

30-31: Env-based actor usage: LGTM.

Using process.env.GITHUB_ACTOR is correct and consistent with the repo-wide change.

Also applies to: 61-68

.github/workflows/transfer-issue.yml (1)

58-63: Good: arguments are now quoted and sourced from env.

Quoting both ISSUE_NUMBER and REPO_NAME eliminates whitespace parsing bugs.

.github/workflows/release-announcements.yml (1)

22-28: Env-based metadata propagation: LGTM.

Switching to env for Slack message composition and title is clean and consistent.

Also applies to: 31-37

[Shurtu-gal]

/rtm