Skip to content

[MISC] Add 'auto' version bump to OSS create-release#2136

Open
ritwik-g wants to merge 3 commits into
mainfrom
misc-auto-oss-version-bump
Open

[MISC] Add 'auto' version bump to OSS create-release#2136
ritwik-g wants to merge 3 commits into
mainfrom
misc-auto-oss-version-bump

Conversation

@ritwik-g

@ritwik-g ritwik-g commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

What

Adds an auto choice (now the default) to version_bump in create-release.yaml. When auto is selected, the workflow derives the OSS bump from merged PR titles:

  • a [FEAT] or [GATED-FEAT] PR merged since the last release → minor
  • otherwise → patch

These are the only feature PR types in the Contribution Guidelines, so this matches the documented SemVer intent with no new labeling discipline.

Why

Cutting an OSS release currently requires a human to pick patch/minor every time — an easy thing to get wrong (a feature shipped as a patch drifts the public version). This is also a prerequisite for making the enterprise RC build trigger OSS releases hands-free: the RC workflow can dispatch version_bump=auto instead of guessing.

How

  • New Resolve auto bump step (runs only when version_bump == 'auto'), placed after the existing Ensure there are new commits no-op guard:
    • main mode only — hotfix lines are patch-only, so auto maps to patch there.
    • counts [FEAT]/[GATED-FEAT] PRs merged into main after the base release's published_at.
    • fail-safe is always patch — a compare/PR-list query hiccup never over-bumps the public version.
    • emits a ::notice with the decision, including a "re-run with version_bump=minor to override" hint when it lands on patch.
  • Hotfix-mode input validation now accepts auto (maps to patch).
  • compute-version consumes the resolved bump via a passthrough expression (auto → resolved, otherwise the raw input).
  • Dry-run and final summaries render auto -> minor/patch for an explicit audit trail.
  • auto never selects major — that stays behind the confirm_major gate.

Can this PR break any existing features?

Low risk. patch/minor/major behave exactly as before (the resolve step is gated on auto and the passthrough expression falls through for non-auto). Only the default changes from patch to auto. Worst case for auto is a query failure, which deterministically falls back to patch — the pre-existing behavior — and is still overridable by selecting a bump explicitly.

Notes on Testing

  • YAML validated; the exact gh/jq commands in the resolve step were run against the live repo and return the expected result (v0.177.6patch, 0 FEAT PRs since).
  • Classifier replayed over the last 13 real releases: 12/13 matched the human bump. The single divergence was a discretionary minor (v0.176.5 → v0.177.0) with zero FEAT/GATED-FEAT PRs across the whole 0.176.x line — i.e. a bump not driven by the convention, recoverable via the manual minor override the notice points to.
  • Recommend a dry_run=true dispatch after merge to eyeball the resolved bump before a real release.

Related Issues or PRs

Enables defaulting the enterprise RC build's OSS-release trigger to auto (follow-up in unstract-cloud).

🤖 Generated with Claude Code

Adds an 'auto' choice (now the default) to create-release.yaml that picks
the OSS version bump from merged PR titles: a [FEAT]/[GATED-FEAT] PR merged
since the last release -> minor, otherwise patch. These are the only feature
PR types in the contribution guide, so this matches the documented SemVer
intent without any new labeling.

Details:
- 'auto' resolves in a new "Resolve auto bump" step (main mode only; hotfix
  lines stay patch-only). Fail-safe is always patch, so a compare/PR query
  hiccup never over-bumps the public version.
- Hotfix-mode input validation now accepts 'auto' (maps to patch).
- compute-version consumes the resolved bump; dry-run/final summaries show
  "auto -> minor/patch" for an explicit audit trail.
- 'auto' never selects major — that stays behind the confirm_major gate.

Validated by replaying the classifier over the last 13 real releases: 12/13
matched the human bump; the lone diff was a discretionary minor with no FEAT
PR (recoverable via manual minor override, which the notice points to).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@coderabbitai

coderabbitai Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 01c1bf83-8fc8-4bcb-8fb1-9bfc4241cf6d

📥 Commits

Reviewing files that changed from the base of the PR and between 573f569 and 80611db.

📒 Files selected for processing (1)
  • .github/workflows/create-release.yaml
🚧 Files skipped from review as they are similar to previous changes (1)
  • .github/workflows/create-release.yaml

Summary by CodeRabbit

  • New Features

    • Added version_bump=auto to automatically determine whether the next release is minor or patch based on merged feature work since the last base release.
    • Release summaries now display auto -> <resolved> so the final bump type is clear.
  • Bug Fixes

    • Hotfix branches consistently resolve to patch, even when automatic bumping is selected.
    • Improved resilience: if release/PR lookup fails, the workflow safely falls back to patch.

Walkthrough

The release workflow now accepts version_bump=auto, resolves it during execution from branch and merged PR data, and displays the resolved bump in both dry-run and final release summaries.

Changes

Release workflow auto bump

Layer / File(s) Summary
Input and validation
.github/workflows/create-release.yaml
The dispatch input adds auto with a new default and help text, job permissions include pull request reads, and hotfix validation accepts auto alongside patch.
Resolve auto bump
.github/workflows/create-release.yaml
The workflow resolves auto to patch on hotfix branches or to minor/patch on main by checking the base release timestamp and merged PR titles, then passes the resolved value into version computation.
Summary output
.github/workflows/create-release.yaml
The dry-run and final summaries derive BUMP_DISPLAY for auto -> <resolved> and print that value in the bump type row.

Estimated code review effort: 3 (Moderate) | ~20 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly describes the main change: adding auto version bumping to the release workflow.
Description check ✅ Passed The description covers What/Why/How, breakage risk, testing, and related PRs, but omits several template sections.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch misc-auto-oss-version-bump

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/create-release.yaml:
- Around line 190-193: The auto-bump classifier in the release workflow is
querying merged pull requests with gh pr list, but the job only has contents:
write, so it cannot read PR metadata. Update the permissions for the job that
runs resolve-bump to include pull-requests: read alongside the existing contents
permission so FEAT_COUNT and the auto bump logic can evaluate merged PR titles
correctly.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 6525cb9c-9123-4206-920e-37cf6d5188a3

📥 Commits

Reviewing files that changed from the base of the PR and between 71c55e5 and b6cd143.

📒 Files selected for processing (1)
  • .github/workflows/create-release.yaml

Comment thread .github/workflows/create-release.yaml Outdated
@greptile-apps

greptile-apps Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Greptile Summary

This PR adds an auto choice (now the default) to the version_bump input of create-release.yaml. When selected, the workflow queries merged PR titles since the last release's published_at and picks minor if any [FEAT]/[GATED-FEAT] PR is found, otherwise patch.

  • A new Resolve auto bump step fetches merged PR JSON via gh pr list --search "merged:>$SINCE", parses with jq, and sets a resolved output (minor or patch). Every failure path degrades silently to patch with a warning notice — the job never hard-fails on a transient API hiccup.
  • The BUMP_TYPE env expression in compute-version uses the resolved value for auto, falling through to 'patch' if the output is empty, and passes the raw input unchanged for patch/minor/major.
  • Dry-run and final summaries now render auto -> minor/patch for an explicit audit trail, and hotfix-mode input validation accepts auto (mapping it to patch).

Confidence Score: 5/5

Safe to merge — all failure paths degrade to patch, non-auto inputs are unaffected, and the previous truncation-cap and BUMP_TYPE fallback concerns are both addressed.

The change is additive and well-guarded: patch/minor/major flow through unchanged, auto has explicit fallbacks at every failure point, and the hotfix path is correctly short-circuited to patch. The only finding is a missing regex anchor that could over-count FEAT PRs (biasing toward minor rather than patch), which is the less harmful direction.

No files require special attention.

Important Files Changed

Filename Overview
.github/workflows/create-release.yaml Adds auto version-bump mode that queries merged PR titles via gh pr list and picks minor/patch based on FEAT/GATED-FEAT prefixes; error paths all degrade to patch with warnings. Previously flagged truncation-cap warning and BUMP_TYPE fallback are addressed. One minor regex nit: FEAT matching lacks a ^ anchor.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[workflow_dispatch
version_bump input] --> B{version_bump == 'auto'?}
    B -- No --> C[Use raw input
patch / minor / major]
    B -- Yes --> D{branch mode?}
    D -- hotfix --> E[resolved = patch]
    D -- main --> F[Fetch release published_at
via gh api]
    F -->|API failure| G[resolved = patch
+ warning]
    F -->|Success| H[gh pr list --search merged:>SINCE
--limit 200 --json title]
    H -->|query failure| I[resolved = patch
+ warning]
    H -->|Success| J{jq: FEAT_COUNT > 0?}
    J -- Yes --> K[resolved = minor]
    J -- No --> L[resolved = patch]
    L --> M{TOTAL >= 200?}
    M -- Yes --> N[emit warning:
truncation possible]
    M -- No --> O[no warning]
    E & G & I & K & N & O --> P[compute-version
BUMP_TYPE = resolved or raw]
    C --> P
    P --> Q[new_tag = v X.Y.Z]
Loading
%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
flowchart TD
    A[workflow_dispatch
version_bump input] --> B{version_bump == 'auto'?}
    B -- No --> C[Use raw input
patch / minor / major]
    B -- Yes --> D{branch mode?}
    D -- hotfix --> E[resolved = patch]
    D -- main --> F[Fetch release published_at
via gh api]
    F -->|API failure| G[resolved = patch
+ warning]
    F -->|Success| H[gh pr list --search merged:>SINCE
--limit 200 --json title]
    H -->|query failure| I[resolved = patch
+ warning]
    H -->|Success| J{jq: FEAT_COUNT > 0?}
    J -- Yes --> K[resolved = minor]
    J -- No --> L[resolved = patch]
    L --> M{TOTAL >= 200?}
    M -- Yes --> N[emit warning:
truncation possible]
    M -- No --> O[no warning]
    E & G & I & K & N & O --> P[compute-version
BUMP_TYPE = resolved or raw]
    C --> P
    P --> Q[new_tag = v X.Y.Z]
Loading

Reviews (3): Last reviewed commit: "[MISC] Harden auto-bump resolve step (re..." | Re-trigger Greptile

Comment thread .github/workflows/create-release.yaml Outdated
Comment thread .github/workflows/create-release.yaml Outdated
ritwik-g and others added 2 commits July 1, 2026 16:47
- Add `pull-requests: read` to the job (the permissions block sets unlisted
  scopes to none, so `gh pr list` would 403 and 'auto' would silently always
  fall back to patch). [CodeRabbit]
- BUMP_TYPE falls back to 'patch' instead of 'auto' when resolved is empty,
  avoiding a latent "Unknown bump type: 'auto'" job failure. [Greptile]
- Surface a warning when the merged-PR query hits the 200-result cap instead
  of silently under-counting FEAT PRs. [Greptile]

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
From a multi-agent review of the auto-bump step:

- Guard the jq parses: malformed/non-array stdout now degrades to patch
  instead of crashing the job under set -e/pipefail (upholds the "never fail
  the release outright" invariant). Also validates TOTAL/FEAT_COUNT are numeric
  before arithmetic.
- Detect gh failure by exit status (if ! PR_JSON=$(...)) and surface captured
  stderr, so a permanent 403 (e.g. dropped pull-requests scope) is diagnosable
  rather than a cause-free warning that silently patches forever.
- Add '// empty' to the published_at lookup for consistency with get-latest,
  so a JSON null can't leak through as the literal "null".
- Only emit the truncation warning when no FEAT was found within the cap (the
  only case where truncation could change the outcome).
- Fix an inaccurate comment ("silently" -> "with a warning") and reword the
  self-referential permissions comment.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@sonarqubecloud

sonarqubecloud Bot commented Jul 1, 2026

Copy link
Copy Markdown

@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Unstract test results

Per-group results

Status Group Tier Passed Failed Errors Skipped Duration (s)
unit-connectors unit 64 12 0 3 16.8
unit-core unit 0 0 4 0 1.2
unit-platform-service unit 9 0 1 0 1.3
unit-rig unit 53 0 0 0 3.4
unit-runner unit 11 0 0 0 3.4
unit-sdk1 unit 381 0 0 0 18.7
unit-tool-registry unit 0 0 1 0 1.3
unit-workers unit 0 0 0 0 17.7
TOTAL 518 12 6 3 63.9

Critical paths

⚠️ Critical paths not yet covered

  • auth-login — User can log in and obtain a session cookie. (entry: POST /api/v1/auth/login; declared coverage: no groups declared)
  • adapter-register-llm — Register and validate an LLM adapter. (entry: POST /api/v1/adapter/; declared coverage: no groups declared)
  • workflow-create-execute — Create a workflow, configure source+destination, execute, poll, fetch result. (entry: POST /api/v1/workflow/{id}/execute/; declared coverage: e2e-workflow)
  • api-deployment-run — Deploy a workflow as an API, POST a document, receive structured JSON. (entry: POST /deployment/api/{org}/{name}/; declared coverage: e2e-api-deployment)
  • prompt-studio-fetch-response — Prompt Studio: create project, add prompt, run single-pass, get response. (entry: POST /api/v1/prompt-studio/prompt-studio-tool/{id}/fetch_response/; declared coverage: e2e-prompt-studio)
  • pipeline-etl-execute — Run an ETL pipeline from source connector to destination. (entry: POST /api/v1/pipeline/{id}/execute/; declared coverage: no groups declared)
  • usage-token-tracking — Per-execution token usage is recorded and retrievable. (entry: GET /api/v1/usage/get_token_usage/; declared coverage: no groups declared)
  • workflow-execution-fan-out — Multi-file workflow execution fans out to file-processing workers and rejoins. (entry: internal: backend → rabbitmq → workers/file_processing; declared coverage: no groups declared)
  • callback-result-delivery — Async results are posted back via the callback worker. (entry: internal: workers/callback → backend /internal endpoints; declared coverage: no groups declared)
✅ Covered critical paths
  • tool-sandbox-exec — covered by unit-runner

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants