feat(ci): add qlty gate and weekly health scan#67
Conversation
|
Warning Review limit reached
More reviews will be available in 34 minutes and 51 seconds. Learn how PR review limits work. Your organization has run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: ASSERTIVE Plan: Pro Run ID: 📒 Files selected for processing (2)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.OpenSSF Scorecard
Scanned Files
|
There was a problem hiding this comment.
Pull request overview
Adds Qlty-based quality enforcement and monitoring to the repo’s CI posture by introducing a PR diff “gate” check and a scheduled full-codebase “health” scan, alongside the existing coverage upload integration.
Changes:
- Extend the existing
Qltyworkflow to run onpull_request,schedule, andworkflow_dispatchevents. - Add a
qlty-gatejob for PR diff scanning (blocking at medium+ severity). - Add a
qlty-healthjob for a weekly full scan (informational viano-fail: true).
| concurrency: | ||
| group: qlty-coverage-${{ github.event.workflow_run.head_branch }} | ||
| group: qlty-${{ github.event.workflow_run.head_branch || github.ref }} | ||
| cancel-in-progress: true |
| # Check name: "qlty-gate / Qlty Gate" -- required by org docs-tier ruleset. | ||
| qlty-gate: | ||
| if: github.event_name == 'pull_request' | ||
| uses: ByronWilliamsCPA/.github/.github/workflows/python-qlty-gate.yml@040026ab682aa4b9ef491750d62cdd1592cdb659 |
| # Remove no-fail once existing qlty debt is resolved. | ||
| qlty-health: | ||
| if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' | ||
| uses: ByronWilliamsCPA/.github/.github/workflows/python-qlty-gate.yml@040026ab682aa4b9ef491750d62cdd1592cdb659 |
PR ReviewBUILD FAILING (invisible in the Checks tab): the Critical (must fix before merge)[CI/reusable-workflow] Evidence:
GitHub Actions cannot resolve a reusable workflow at an unreachable SHA, so the workflow fails at startup and the intended Fix: re-pin both Sequencing risk: the plan to add Important (should fix)[supply-chain] Same two lines: the new SHA pins lack the trailing Notes
🤖 Generated with Claude Code |
Adds qlty-gate job (PR diff mode, fail-level medium) and qlty-health job (weekly full scan, informational) alongside existing coverage upload. Refs: ByronWilliamsCPA/.github#188 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The qlty-gate and qlty-health jobs pinned python-qlty-gate.yml@040026ab, a pre-merge commit from the ByronWilliamsCPA/.github PR #188 branch that is not reachable from that repo's main (the source branch was deleted on merge). GitHub Actions cannot resolve a reusable workflow at an unreachable SHA, so qlty.yml failed at startup on every pull_request event (0 jobs scheduled), and the intended "qlty-gate / Qlty Gate" check never appeared. Re-pin both jobs to 1561a3ef, the #188 merge commit on .github main, which exposes the same input interface (fail-level, check-all, no-fail, upstream) and the same contents: read permissions. Add a CHANGELOG entry documenting the gate and weekly health scan. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
PR Fix SummaryAddressed the review findings and rebased onto current CI Fix (Critical): the Supply-chain (Important): added a CHANGELOG (Suggested): added a Verification: actionlint PASS, pre-commit (workflow + yaml) PASS, commits GPG-signed, rebased cleanly onto Sequencing reminder: hold the org-ruleset change (adding Generated with Claude Code |
|
Adds qlty-gate job (PR diff gate, fail-level medium) and qlty-health job (weekly Monday scan, informational). Depends on ByronWilliamsCPA/.github#188 merging first. After both merge, PATCH org ruleset 17200214 to add qlty-gate / Qlty Gate to required_status_checks.