Skip to content

created separate files#50

Closed
yashgoyal0110 wants to merge 3 commits into
PalisadoesFoundation:mainfrom
yashgoyal0110:feat/separate-pr-merge-conflict-detector
Closed

created separate files#50
yashgoyal0110 wants to merge 3 commits into
PalisadoesFoundation:mainfrom
yashgoyal0110:feat/separate-pr-merge-conflict-detector

Conversation

@yashgoyal0110

@yashgoyal0110 yashgoyal0110 commented Feb 23, 2026

Copy link
Copy Markdown
Member

fixes: #33

Summary by CodeRabbit

  • Chores
    • Removed the legacy merge-conflict workflow and introduced two new workflows: a PR-triggered merge-conflict detector and a push-triggered merge-conflict detector.
    • New workflows provide clearer per-PR reporting, more reliable conflict detection on PR and push events, and improved CI organization with explicit success/failure reporting.

@coderabbitai

coderabbitai Bot commented Feb 23, 2026

Copy link
Copy Markdown

Walkthrough

The previous unified merge-conflict workflow was removed and replaced by two separate GitHub Actions: a PR-triggered detector that checks a single PR against its base, and a push-triggered detector that scans all open PRs after base-branch updates and reports per-PR check-runs.

Changes

Cohort / File(s) Summary
Removed Unified Workflow
​.github/workflows/merge-conflict-detector.yml
Deleted the single workflow that previously handled both pull_request_target and push events and performed aggregated PR enumeration and merge-tree conflict analysis.
PR-Triggered Detection
​.github/workflows/pull-request-merge-conflict-detector.yml
Added a workflow (triggers: pull_request_target, workflow_call) that fetches base and PR head SHAs, obtains PR metadata via gh, runs git merge-tree for that PR, prints structured results, and exits non-zero on conflict or error.
Push-Triggered Detection
​.github/workflows/push-merge-conflict-detector.yml
Added a workflow (triggers: push to main/develop, workflow_dispatch) that lists open PRs targeting the pushed branch, fetches base/head SHAs per PR, runs git merge-tree, filters conflicts to files touched by the PR, and creates per-PR check-runs (success/failure) with detailed Markdown summaries; aggregates results across PRs.

Sequence Diagram(s)

sequenceDiagram
  participant GH as GitHub (Event)
  participant Runner as Actions Runner
  participant Git as git (local)
  participant GHAPI as GitHub API / gh

  GH->>Runner: trigger (pull_request_target or push)
  Runner->>Git: checkout repo (fetch-depth=0)
  alt pull_request_target (single PR)
    Runner->>GHAPI: gh pr view (metadata)
    Runner->>Git: fetch base branch & PR head refs
    Runner->>Git: git merge-tree <base> <head>
    Git-->>Runner: merge-tree result (OK / CONFLICT)
    Runner->>GHAPI: optional check-run / console output
  else push (multiple PRs)
    Runner->>GHAPI: list open PRs for target branch
    loop per PR
      Runner->>Git: fetch PR head and base refs
      Runner->>Git: git merge-tree <base> <head>
      Git-->>Runner: merge-tree result
      Runner->>GHAPI: create/update check-run with result
    end
    Runner->>GHAPI: post aggregated summary
  end
Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 I hopped through branches, fetched each head and base,

Simulated merges in a careful little race,
I sniffed out tangles in files you change by hand,
Posted notes and check-runs so fixes can be planned,
Now repo fields are tidy across the land. 🥕✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name Status Explanation Resolution
Title check ❓ Inconclusive The title 'created separate files' is vague and generic, lacking specificity about what was changed or why. Use a more descriptive title like 'Refactor merge conflict detector into separate workflow files' to clearly convey the main change.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Linked Issues check ✅ Passed The PR implements all primary coding requirements from issue #33: detects merge conflicts via merge-tree, fetches full history, restricts conflicts to PR files, exits with appropriate status codes, uses GitHub CLI with proper permissions, includes structured logging, and handles edge cases.
Out of Scope Changes check ✅ Passed All changes are directly aligned with issue #33 objectives: the removal of the original workflow and addition of three replacement workflows (PR-triggered and push-triggered variants) fulfill the requirements without introducing unrelated modifications.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Tip

Try Coding Plans. Let us write the prompt for your AI agent so you can ship faster (with fewer bugs).
Share your feedback on Discord.


Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@yashgoyal0110

Copy link
Copy Markdown
Member Author

@palisadoes
kindly review.

@github-actions

Copy link
Copy Markdown

Our Pull Request Approval Process

This PR will be reviewed according to our:

  1. Palisadoes Contributing Guidelines

  2. AI Usage Policy

Your PR may be automatically closed if:

  1. Our PR template isn't filled in correctly
  2. You haven't correctly linked your PR to an issue

👉 https://docs.github.com/en/issues/tracking-your-work-with-issues/using-issues/linking-a-pull-request-to-an-issue

Thanks for contributing!

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 6

🧹 Nitpick comments (1)
.github/workflows/push-merge-conflict-detector.yml (1)

24-25: Replace inline ${{ }} expressions with env: variables.

Direct context interpolation into shell scripts is a GitHub Actions security anti-pattern. For this workflow the values are admin-controlled (branch name and repo slug), so the practical risk is low, but using env: variables eliminates the pattern entirely and is consistent with the fix needed in the PR workflow.

♻️ Proposed refactor

For the get-prs step:

+      env:
+        GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        BASE_BRANCH: ${{ github.ref_name }}
       run: |
+        set -euo pipefail
         gh pr list \
-          --base "${{ github.ref_name }}" \
+          --base "$BASE_BRANCH" \

For the check-all-prs step, add to the existing env: block and update the two gh api call lines:

       env:
         GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        REPO: ${{ github.repository }}
-              gh api repos/${{ github.repository }}/check-runs \
+              gh api "repos/${REPO}/check-runs" \

Apply the same replacement on both the failure (line 71) and success (line 85) paths.

Also applies to: 71-72, 85-86

🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/push-merge-conflict-detector.yml around lines 24 - 25,
Replace inline GitHub Actions expressions used inside shell commands with
environment variables: add env entries (e.g., BRANCH_NAME, REPO_SLUG or similar)
to the get-prs and check-all-prs steps and set them to the corresponding
expressions (e.g., ${{ github.ref_name }}, ${{ github.repository }}) then update
the two occurrences of gh pr list and both gh api call lines to reference those
env vars (e.g., "$BRANCH_NAME" and "$REPO_SLUG") instead of using ${ { ... } }
inline interpolation; update both the failure and success paths mentioned so all
inline ${{ }} usages in the step are replaced.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/pull-request-merge-conflict-detector.yml:
- Around line 3-5: The workflow currently triggers on every pull_request_target
activity; narrow it to the four PR event types required by adding a types: list
under the pull_request_target trigger. Modify the workflow root block that
contains "pull_request_target:" to include "types: [opened, synchronize,
reopened, ready_for_review]" (or the specific four events named in the PR
objectives) so the conflict detector runs only on those events.
- Around line 7-11: Add a job-level permissions block to the
detect-merge-conflict job to enforce least privilege: in the job named
detect-merge-conflict add a permissions map that grants only read access
required (e.g., contents: read and pull-requests: read) instead of the default
write token; update the job definition where runs-on is set so the token used by
this job is scoped to read-only access to repo contents and PR metadata.
- Around line 19-29: The run script currently interpolates GitHub context
expressions directly (e.g., `${{ github.event.pull_request.base.ref }}` and `${{
github.event.pull_request.number }}`) which enables script injection; move those
expressions into the job's env block (add env entries like BASE_REF: ${{
github.event.pull_request.base.ref }} and PR_NUMBER: ${{
github.event.pull_request.number }}) and update the script to read the safe
shell variables (e.g., use "$BASE_REF" and "$PR_NUMBER" in the run body) instead
of embedding `${{ }}` inside the run script; keep GH_TOKEN in env as-is and
remove any `${{ ... }}` usage from the run steps.

In @.github/workflows/push-merge-conflict-detector.yml:
- Around line 23-31: Add strict shell failure handling to the get-prs step by
prepending "set -euo pipefail" at the start of the run block so any failure in
the gh pr list command (or any subsequent pipe) aborts the job instead of
producing an empty pr_numbers.txt; keep references to the existing commands (gh
pr list, pr_numbers.txt, COUNT, and echo "count=$COUNT" >> $GITHUB_OUTPUT) so
behavior is unchanged except for immediate failure on errors.
- Around line 8-11: The detect-conflicts job needs an explicit job-level
permissions block so the GITHUB_TOKEN can create check-runs; add a permissions
section under the detect-conflicts job (referencing the job name
detect-conflicts) with checks: write (e.g., permissions: checks: write) to
ensure POST /repos/{owner}/{repo}/check-runs succeeds.
- Around line 55-64: The check currently treats only exit code 1 as a conflict,
so change the exit-code check around CODE (set from git merge-tree) to treat any
non-zero exit as a failure (use "-ne 0" instead of "-eq 1") so git errors (e.g.
128) are not considered clean; keep the existing grep for "CONFLICT" and still
set HAS_CONFLICT=true when either the grep finds "CONFLICT" in OUTPUT or CODE is
non-zero, referencing the git merge-tree call and the CODE and HAS_CONFLICT
variables in the diff.

---

Nitpick comments:
In @.github/workflows/push-merge-conflict-detector.yml:
- Around line 24-25: Replace inline GitHub Actions expressions used inside shell
commands with environment variables: add env entries (e.g., BRANCH_NAME,
REPO_SLUG or similar) to the get-prs and check-all-prs steps and set them to the
corresponding expressions (e.g., ${{ github.ref_name }}, ${{ github.repository
}}) then update the two occurrences of gh pr list and both gh api call lines to
reference those env vars (e.g., "$BRANCH_NAME" and "$REPO_SLUG") instead of
using ${ { ... } } inline interpolation; update both the failure and success
paths mentioned so all inline ${{ }} usages in the step are replaced.

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 30ebf2d and 8de5062.

📒 Files selected for processing (3)
  • .github/workflows/merge-conflict-detector.yml
  • .github/workflows/pull-request-merge-conflict-detector.yml
  • .github/workflows/push-merge-conflict-detector.yml
💤 Files with no reviewable changes (1)
  • .github/workflows/merge-conflict-detector.yml

Comment thread .github/workflows/pull-request-merge-conflict-detector.yml
Comment thread .github/workflows/pull-request-merge-conflict-detector.yml
Comment thread .github/workflows/pull-request-merge-conflict-detector.yml
Comment thread .github/workflows/push-merge-conflict-detector.yml
Comment thread .github/workflows/push-merge-conflict-detector.yml
Comment thread .github/workflows/push-merge-conflict-detector.yml

@palisadoes palisadoes left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please address these findings:

@yashgoyal0110

Copy link
Copy Markdown
Member Author

@coderabbitai review
earlier suggestions have been fixed
approve if GTG

@coderabbitai

coderabbitai Bot commented Feb 25, 2026

Copy link
Copy Markdown

@yashgoyal0110, I'll review the changes now to verify that the earlier suggestions have been addressed and check if everything is ready for approval.


🧠 Learnings used
Learnt from: palisadoes
Repo: PalisadoesFoundation/.github PR: 0
File: :0-0
Timestamp: 2026-01-24T14:42:32.004Z
Learning: In the Talawa project's merge conflict detector workflow, the push trigger now supports both `main` and `develop` branches to accommodate quarterly merges into main, providing necessary branch flexibility.
✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (1)
.github/workflows/push-merge-conflict-detector.yml (1)

74-99: Consider extracting duplicated check-run POST logic into a helper shell function.

Only conclusion/title/summary differ between the two branches; extracting one function will reduce maintenance risk.

🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/push-merge-conflict-detector.yml around lines 74 - 99,
Duplicate gh api POST blocks for creating check-runs should be extracted into a
helper shell function (e.g., post_check_run) to reduce duplication; implement a
function that accepts parameters for conclusion, output title, and output
summary (and uses CHECK_NAME and HEAD_SHA from the environment), call it in both
branches instead of repeating the long gh api invocation, and set FAILED=true in
the HAS_CONFLICT branch as before while keeping the echo messages for PR and
variable names (HAS_CONFLICT, PR, CHECK_NAME, HEAD_SHA, FAILED) intact.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/push-merge-conflict-detector.yml:
- Around line 51-99: The current conflict detector treats any merge-tree
conflict as a PR conflict and posts only a generic check-run; change logic to
(1) obtain the PR changed file list from gh (use the existing DATA/json fields
or call gh pr view "$PR" --json files to get files[]), (2) parse the raw OUTPUT
from git merge-tree to extract the list of conflicted file paths, (3) compute
the intersection between conflicted files and the PR file list and only set
HAS_CONFLICT=true (and FAILED=true) when that intersection is non-empty, and (4)
enrich the gh api repos/.../check-runs payload (the POST using
name="$CHECK_NAME", head_sha="$HEAD_SHA", etc.) to include a detailed output:
title, a summary and output[text] that contain PR title, base/head refs+SHAs
(use BASE_REF, BASE_SHA, HEAD_SHA and headRefName/title from DATA), total
changed files count, the list of conflicted PR files, and brief remediation
guidance; locate changes around the variables and commands OUTPUT, git
merge-tree, HAS_CONFLICT, HEAD_SHA, BASE_SHA and the gh api check-runs POST
blocks and replace the generic messages with the detailed payload built from the
intersected file list.

---

Nitpick comments:
In @.github/workflows/push-merge-conflict-detector.yml:
- Around line 74-99: Duplicate gh api POST blocks for creating check-runs should
be extracted into a helper shell function (e.g., post_check_run) to reduce
duplication; implement a function that accepts parameters for conclusion, output
title, and output summary (and uses CHECK_NAME and HEAD_SHA from the
environment), call it in both branches instead of repeating the long gh api
invocation, and set FAILED=true in the HAS_CONFLICT branch as before while
keeping the echo messages for PR and variable names (HAS_CONFLICT, PR,
CHECK_NAME, HEAD_SHA, FAILED) intact.

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8de5062 and b2c5f28.

📒 Files selected for processing (2)
  • .github/workflows/pull-request-merge-conflict-detector.yml
  • .github/workflows/push-merge-conflict-detector.yml
🚧 Files skipped from review as they are similar to previous changes (1)
  • .github/workflows/pull-request-merge-conflict-detector.yml

Comment thread .github/workflows/push-merge-conflict-detector.yml Outdated

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (1)
.github/workflows/push-merge-conflict-detector.yml (1)

94-103: Deduplicate relevant conflict paths before counting/reporting.

A file can appear multiple times in merge-tree output; without dedupe, CONFLICT_COUNT can be inflated.

♻️ Proposed refactor
-            RELEVANT_CONFLICTS=$(echo "$RELEVANT_CONFLICTS" | sed '/^$/d')
+            RELEVANT_CONFLICTS=$(printf '%s\n' "$RELEVANT_CONFLICTS" \
+              | sed '/^$/d' \
+              | sort -u)
             CONFLICT_COUNT=$(echo "$RELEVANT_CONFLICTS" | grep -c . || true)
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/push-merge-conflict-detector.yml around lines 94 - 103,
RELEVANT_CONFLICTS can contain duplicate paths from the merge-tree output,
inflating CONFLICT_COUNT; after building RELEVANT_CONFLICTS (from
ALL_CONFLICTED_FILES) deduplicate it before counting and reporting by replacing
the current RELEVANT_CONFLICTS processing with a step that sorts/uniques the
list (so subsequent CONFLICT_COUNT=$(echo "$RELEVANT_CONFLICTS" | grep -c . ||
true) reflects unique files only), ensuring references to RELEVANT_CONFLICTS and
CONFLICT_COUNT (and the source ALL_CONFLICTED_FILES / merge-tree generation) are
updated accordingly.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/push-merge-conflict-detector.yml:
- Around line 54-63: gh pr view --json files is truncating to 100 files so
PR_FILES (and therefore RELEVANT_CONFLICTS) can miss files; replace the files
extraction with a paginated REST call using "gh api" to list pull request files
(GET /repos/{owner}/{repo}/pulls/{pr}/files?per_page=100) and iterate pages to
collect all .path values into PR_FILES, then recompute TOTAL_FILES from that
full list; keep using gh pr view for HEAD_SHA, HEAD_REF, BASE_REF, TITLE but
remove files from that JSON usage and ensure any downstream variables (PR_FILES,
TOTAL_FILES, RELEVANT_CONFLICTS) use the fully-paginated file list.

---

Nitpick comments:
In @.github/workflows/push-merge-conflict-detector.yml:
- Around line 94-103: RELEVANT_CONFLICTS can contain duplicate paths from the
merge-tree output, inflating CONFLICT_COUNT; after building RELEVANT_CONFLICTS
(from ALL_CONFLICTED_FILES) deduplicate it before counting and reporting by
replacing the current RELEVANT_CONFLICTS processing with a step that
sorts/uniques the list (so subsequent CONFLICT_COUNT=$(echo
"$RELEVANT_CONFLICTS" | grep -c . || true) reflects unique files only), ensuring
references to RELEVANT_CONFLICTS and CONFLICT_COUNT (and the source
ALL_CONFLICTED_FILES / merge-tree generation) are updated accordingly.

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b2c5f28 and b26fe0a.

📒 Files selected for processing (1)
  • .github/workflows/push-merge-conflict-detector.yml

Comment thread .github/workflows/push-merge-conflict-detector.yml
@yashgoyal0110

Copy link
Copy Markdown
Member Author

@coderabbitai review
earlier suggestions have been fixed
approve if GTG

@coderabbitai

coderabbitai Bot commented Feb 26, 2026

Copy link
Copy Markdown

@yashgoyal0110, I'll review the changes now to verify that the earlier suggestions have been addressed and check if everything is ready for approval.

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@yashgoyal0110

Copy link
Copy Markdown
Member Author

@palisadoes

@palisadoes palisadoes left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will all open PRs in the repository receive a merge conflict message if any of the open PRs in the repository have a merge conflict? If this is so, then the solution isn't what we need. We cannot have false positives as they cause confusion and eventually people will ignore them.

@yashgoyal0110

Copy link
Copy Markdown
Member Author

Will all open PRs in the repository receive a merge conflict message if any of the open PRs in the repository have a merge conflict? If this is so, then the solution isn't what we need. We cannot have false positives as they cause confusion and eventually people will ignore them.

Yes it marks all of them if they have conflicting files.

@yashgoyal0110

Copy link
Copy Markdown
Member Author

What actually do we need then?

@github-actions

github-actions Bot commented Mar 9, 2026

Copy link
Copy Markdown

This pull request did not get any activity in the past 10 days and will be closed in 360 days if no update occurs. Please verify it has no conflicts with the develop branch and rebase if needed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

GitHub Action: Merge conflict detector in an existing pull request due to merging another pull request

2 participants