Skip to content

Add workflow to route issues to team board#58

Merged
dkastl merged 2 commits into
mainfrom
dkastl-patch-2
Jun 12, 2026
Merged

Add workflow to route issues to team board#58
dkastl merged 2 commits into
mainfrom
dkastl-patch-2

Conversation

@dkastl

@dkastl dkastl commented Jun 12, 2026
edited by coderabbitai Bot
Loading

Copy link
Copy Markdown
Contributor

This workflow routes issues to the team board based on field changes.

Summary by CodeRabbit

  • Chores
    • Added automation to route issue field changes to the appropriate team board.
    • Ensures required dispatch secrets are forwarded so routing runs reliably and preserves expected department-routing behavior.

@dkastl
Add workflow to route issues to team board
77464f3 
This workflow routes issues to the team board based on field changes.
@coderabbitai

coderabbitai Bot commented Jun 12, 2026
edited
Loading

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 2681be56-6703-4352-9dad-6b6dd1c11d68

📥 Commits

Reviewing files that changed from the base of the PR and between 77464f3 and a1a6669.

📒 Files selected for processing (1)
  • .github/workflows/route-issue.yml

Walkthrough

Adds a new GitHub Actions workflow that triggers on issue field changes (field_added, field_removed) and delegates routing logic to a shared reusable workflow from the geolonia organization with inherited secrets.

Changes

Issue routing workflow

Layer / File(s) Summary
Route issue workflow trigger and job
.github/workflows/route-issue.yml		 Workflow triggers on issue field add/remove events with read-only contents permission, and a single route job calls the pinned reusable-route-issue.yml workflow while forwarding repository secrets (secrets: inherit).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related issues

  • geolonia/geolonia-backstage#207: Adds the same route-issue.yml caller that pins and delegates to the reusable-route-issue workflow.
  • geolonia/geolonia-operations#156: Adds a public-facing route-issue.yml that forwards Department field changes to the pinned reusable workflow for routing to org project boards.
  • Add reusable workflow: route tagged issues to team boards (public dispatch leg) #56: Related main issue describing the public dispatch leg and caller workflow that invokes the reusable routing logic.

Possibly related PRs

  • geolonia/.github#57: Introduces the reusable-route-issue.yml reusable workflow that this PR's new workflow delegates to.
🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name Status Explanation Resolution
Description check ❓ Inconclusive The description provided is minimal and lacks structured information matching the template requirements (Summary, Checklist, Related Issues sections). Expand the description to follow the template structure by adding details about what the workflow does, checking relevant boxes, and linking any related issues.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly and concisely summarizes the main change: adding a GitHub Actions workflow that routes issues to a team board.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch dkastl-patch-2

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions

github-actions Bot commented Jun 12, 2026

Copy link
Copy Markdown

Secret Leak Check

OK No secrets detected in this PR's diff.

coderabbitai[bot]
coderabbitai Bot reviewed Jun 12, 2026
View reviewed changes

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/route-issue.yml:
- Line 13: Replace the blanket "secrets: inherit" usage in the reusable workflow
call with an explicit secrets mapping that only passes OPS_DISPATCH_CLIENT_ID
and OPS_DISPATCH_APP_PRIVATE_KEY from the repository secrets into the reusable
workflow; remove "secrets: inherit" and add a secrets block that maps each
required secret name to the corresponding repository secret to enforce
least-privilege.
- Line 12: Replace the mutable tag reference in the workflow invocation string
"uses: geolonia/.github/.github/workflows/reusable-route-issue.yml@v1" with the
exact commit SHA recommended by static analysis (e.g., change "`@v1`" to
"@<commit-sha>") so the reusable workflow is pinned to an immutable commit;
update the single line that contains that uses: entry and commit the change.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: eabd4543-c1e5-448f-8224-05c4694f3dc3

📥 Commits

Reviewing files that changed from the base of the PR and between 92c8c6d and 77464f3.

📒 Files selected for processing (1)
  • .github/workflows/route-issue.yml

Comment thread .github/workflows/route-issue.yml Outdated
Comment thread .github/workflows/route-issue.yml
jobs:
route:
uses: geolonia/.github/.github/workflows/reusable-route-issue.yml@v1
secrets: inherit

@coderabbitai coderabbitai Bot Jun 12, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick | 🔵 Trivial | 💤 Low value

Consider explicit secret passing for improved security posture.

While secrets: inherit is convenient and works correctly for this workflow, it passes all repository secrets to the reusable workflow. The reusable workflow requires only OPS_DISPATCH_CLIENT_ID and OPS_DISPATCH_APP_PRIVATE_KEY secrets.

For better least-privilege security, consider explicitly listing only the required secrets:

🛡️ Optional improvement for explicit secret passing 
-    secrets: inherit
+    secrets:
+      OPS_DISPATCH_CLIENT_ID: ${{ secrets.OPS_DISPATCH_CLIENT_ID }}
+      OPS_DISPATCH_APP_PRIVATE_KEY: ${{ secrets.OPS_DISPATCH_APP_PRIVATE_KEY }}
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
secrets: inherit
secrets:
OPS_DISPATCH_CLIENT_ID: ${{ secrets.OPS_DISPATCH_CLIENT_ID }}
OPS_DISPATCH_APP_PRIVATE_KEY: ${{ secrets.OPS_DISPATCH_APP_PRIVATE_KEY }}
🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/route-issue.yml at line 13, Replace the blanket "secrets:
inherit" usage in the reusable workflow call with an explicit secrets mapping
that only passes OPS_DISPATCH_CLIENT_ID and OPS_DISPATCH_APP_PRIVATE_KEY from
the repository secrets into the reusable workflow; remove "secrets: inherit" and
add a secrets block that maps each required secret name to the corresponding
repository secret to enforce least-privilege.

Source: Linters/SAST tools

@dkastl
Update reusable-route-issue workflow reference
a1a6669 
Updated the reusable workflow reference to a specific commit hash for version 1.16.0.
@github-actions

github-actions Bot commented Jun 12, 2026

Copy link
Copy Markdown

Secret Leak Check

OK No secrets detected in this PR's diff.

@dkastl dkastl merged commit a0dda21 into main Jun 12, 2026
3 checks passed
@dkastl dkastl deleted the dkastl-patch-2 branch June 12, 2026 00:33
@coderabbitai coderabbitai Bot mentioned this pull request Jun 12, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dkastl