Skip to content

build: setup build ci/cd action#10

Merged
RohitRavindra-dev merged 4 commits into
mainfrom
feat/v1/cicd
Jun 26, 2026
Merged

build: setup build ci/cd action#10
RohitRavindra-dev merged 4 commits into
mainfrom
feat/v1/cicd

Conversation

@RohitRavindra-dev

@RohitRavindra-dev RohitRavindra-dev commented Jun 26, 2026

Copy link
Copy Markdown
Owner

Summary by CodeRabbit

  • New Features
    • Added an automated build check for pull requests targeting the main branch.
    • The check runs the project build on a Linux environment using the Go version defined by the project.

@RohitRavindra-dev RohitRavindra-dev self-assigned this Jun 26, 2026
@coderabbitai

coderabbitai Bot commented Jun 26, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 04aa7cea-30fe-4eca-9d53-0d8a955aba60

📥 Commits

Reviewing files that changed from the base of the PR and between 0c88289 and 01f4671.

📒 Files selected for processing (1)
  • .github/workflows/build.yml

📝 Walkthrough

Walkthrough

Adds a GitHub Actions workflow that runs a Go build on pull requests targeting main with read-only repository permissions.

Changes

Build check workflow

Layer / File(s) Summary
PR build job
.github/workflows/build.yml
Adds a pull-request workflow on main that checks out the repo, sets up Go from go.mod, and runs go build ..

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

A bunny hopped into CI land,
With go build close at hand.
On PRs to main, I cheer and twirl,
A tidy check for this code burrow world.
🐰

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly reflects the main change: adding a build CI/CD workflow.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feat/v1/cicd

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🧹 Nitpick comments (1)
.github/workflows/build.yml (1)

15-16: 🔒 Security & Privacy | 🔵 Trivial | ⚡ Quick win

Disable checkout credential persistence.

Line 16 leaves the repo-scoped token configured for later steps, even though this workflow only builds. Set persist-credentials: false on checkout so subsequent commands do not inherit git auth implicitly.

Suggested hardening
       - name: Checkout repository
         uses: actions/checkout@v4
+        with:
+          persist-credentials: false
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/build.yml around lines 15 - 16, The checkout step in the
build workflow leaves repository credentials available to later steps; update
the actions/checkout configuration to disable credential persistence by setting
persist-credentials to false. Locate the existing checkout step named Checkout
repository in the workflow and add the hardening option there so subsequent
build commands do not inherit git auth implicitly.

Source: Linters/SAST tools

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/build.yml:
- Around line 8-24: The build job currently relies on the default GITHUB_TOKEN
scope, so add an explicit permissions block to the build workflow with read-only
repository access. Update the build job definition alongside the existing
checkout/setup-go/build steps so the job’s token is least-privilege by default.
- Around line 15-21: The workflow job currently uses floating action tags and
broader credentials than needed; update the Checkout repository and Setup Go
steps in the build workflow to use immutable commit SHAs instead of
actions/checkout@v4 and actions/setup-go@v5, and tighten job permissions by
adding permissions: {} (or the minimum required). Also set persist-credentials:
false on the actions/checkout step since this job only runs go build . and does
not need repository token access.

---

Nitpick comments:
In @.github/workflows/build.yml:
- Around line 15-16: The checkout step in the build workflow leaves repository
credentials available to later steps; update the actions/checkout configuration
to disable credential persistence by setting persist-credentials to false.
Locate the existing checkout step named Checkout repository in the workflow and
add the hardening option there so subsequent build commands do not inherit git
auth implicitly.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 55b94362-6a32-4767-a8bb-d8ff76caf859

📥 Commits

Reviewing files that changed from the base of the PR and between 7cc6df4 and d792eaf.

📒 Files selected for processing (1)
  • .github/workflows/build.yml

Comment thread .github/workflows/build.yml
Comment thread .github/workflows/build.yml

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@internal/filesystem/utils.go`:
- Line 27: The stray local declaration in the utils code should be removed
because it is invalid and leaves an unused identifier that breaks compilation.
Locate the accidental `var x` in the affected utility function/module and delete
it entirely, leaving the surrounding logic unchanged.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 17956d71-47d0-44d4-9737-ab21a7d10c11

📥 Commits

Reviewing files that changed from the base of the PR and between d792eaf and 0c88289.

📒 Files selected for processing (1)
  • internal/filesystem/utils.go

Comment thread internal/filesystem/utils.go Outdated
@RohitRavindra-dev RohitRavindra-dev merged commit 1c79141 into main Jun 26, 2026
2 checks passed
@RohitRavindra-dev RohitRavindra-dev deleted the feat/v1/cicd branch June 26, 2026 18:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant