summaryrefslogtreecommitdiff
path: root/.coderabbit.yaml
blob: 4487471f156870ac420e7cc5c0e59d1fde29fa0c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json
inheritance: true
language: en-US
# Lifted from the Org-UI Web dashboard (2026-05-12) so this YAML is the
# canonical source of truth. Org-UI editor should be cleared after this lands.
early_access: true
tone_instructions: >
  Concise, technical, no filler. Focus on correctness, security, performance,
  maintainability. Cite file paths and line numbers.

reviews:
  profile: chill
  request_changes_workflow: false
  high_level_summary: true
  high_level_summary_placeholder: "@coderabbitai summary"
  auto_title_placeholder: "@coderabbitai"
  review_status: true
  poem: false
  collapse_walkthrough: true
  changed_files_summary: true
  sequence_diagrams: false
  assess_linked_issues: true
  related_issues: true
  related_prs: true
  suggested_labels: false
  auto_apply_labels: false
  suggested_reviewers: false

  # Lifted from Org-UI Web dashboard (2026-05-12).
  high_level_summary_in_walkthrough: true
  review_details: true
  fail_commit_status: true
  estimate_code_review_effort: false
  in_progress_fortune: false

  auto_review:
    enabled: true
    auto_incremental_review: true
    drafts: false
    # Lifted from Org-UI (2026-05-12). 0 = never auto-pause after N reviewed commits.
    auto_pause_after_reviewed_commits: 0
    base_branches:
      - current
      # rollout 1c (T8943): additive new trunk names alongside `current`.
      # `current` retained through the post-window bake period; removed in
      # Task 7 cleanup once no repo defaults to it.
      - rolling
      - production
      - main
      - master
      - sagitta
      - circinus
      - equuleus
      - crux
    ignore_title_keywords:
      - WIP
      - DO NOT MERGE
      - Bump
    # Skip auto-review for PRs authored by these accounts. Manual
    # `@coderabbitai review` still works if a human asks for one. The list
    # targets bots that open mechanical PRs whose content was already
    # reviewed upstream (e.g. Mergify cherry-picks the merge commit of an
    # already-reviewed source PR; Netlify and Claude bots either deploy
    # or post code that's reviewed elsewhere) — re-reviewing the port
    # adds no signal and burns rate limit. Both the bare login and the
    # `[bot]` suffix are listed because GitHub Apps use the `[bot]`
    # form, while service/human accounts may share the bare name.
    ignore_usernames:
      - "mergify"
      - "mergify[bot]"
      - "netlify"
      - "netlify[bot]"
      - "claude"
      - "claude[bot]"

  path_filters:
    - "!**/*.lock"
    - "!**/package-lock.json"
    - "!**/yarn.lock"
    - "!**/pnpm-lock.yaml"
    - "!**/poetry.lock"
    - "!**/uv.lock"
    - "!**/Cargo.lock"
    - "!**/dist/**"
    - "!**/build/**"
    - "!**/node_modules/**"
    - "!**/__pycache__/**"
    - "!**/*.pyc"
    - "!**/*.egg-info/**"
    - "!**/.venv/**"
    - "!**/.tox/**"
    - "!**/.pytest_cache/**"
    - "!**/htmlcov/**"
    - "!**/coverage/**"
    - "!**/.worktrees/**"
    - "!**/*.snap"
    - "!**/.terraform/**"
    - "!**/*.tfstate*"
    - "!**/.terragrunt-cache/**"

  # Post-rollout-1c (Phorge T8943, 2026-05-30) context for workflow reviews.
  # Many repo AGENTS.md files still describe the pre-1c branch layout and bias
  # CodeRabbit toward stale `@current` suggestions; this counters that.
  path_instructions:
    - path: ".github/workflows/**"
      instructions: >
        Rollout 1c (Phorge T8943, 2026-05-30) renamed default branches fleet-wide:
        release-train repos `current` -> `rolling`; `vyos/.github` and other
        non-release-train repos `current` -> `production`.
        (1) Reusable-workflow refs of the form
        `vyos/.github/.github/workflows/<name>.yml@production` are CORRECT and
        canonical. Do NOT suggest changing `@production` to `@current`: `current`
        is the OLD name, retained only as a temporary bake-period alias and slated
        for removal. Any AGENTS.md still saying "reusables pinned to @current" or
        "current (rolling)" is stale post-1c and must not drive review suggestions.
        (2) In the mirror caller `pr-mirror-repo-sync.yml`, `permissions: contents: read`
        is INTENTIONAL: the central reusable workflow performs all push/PR writes with
        the `vyos-bot` GitHub App installation token (minted via the `get-token`
        action), not the inherited `GITHUB_TOKEN`. Do NOT suggest broadening the
        caller's `permissions` to `contents: write` / `pull-requests: write`.

  finishing_touches:
    # Both docstring and unit-test generation are disabled at the org-wide
    # level; per-repo `.coderabbit.yaml` files re-enable either feature
    # where the stack (language, testing framework, doc conventions)
    # makes it a good fit. Fleet-wide generation is too noisy because
    # the conventions differ across repos.
    docstrings:
      enabled: false
    unit_tests:
      enabled: false
    simplify:
      enabled: true

  tools:
    github-checks: { enabled: true, timeout_ms: 90000 }
    gitleaks: { enabled: true }
    semgrep: { enabled: true }
    languagetool: { enabled: true, level: default, enabled_only: false }
    markdownlint: { enabled: true }
    yamllint: { enabled: true }
    actionlint: { enabled: true }
    ast-grep: { essential_rules: true }
    # Linters disabled fleet-wide because they don't match our stack
    # (Swift/Ruby/Rails/Ember/Shopify/CircleCI/PMD). Lifted from Org-UI
    # Web dashboard (2026-05-12).
    swiftlint: { enabled: false }
    detekt: { enabled: false }
    rubocop: { enabled: false }
    regal: { enabled: false }
    pmd: { enabled: false }
    circleci: { enabled: false }
    shopifyThemeCheck: { enabled: false }
    brakeman: { enabled: false }
    blinter: { enabled: false }
    smartyLint: { enabled: false }
    emberTemplateLint: { enabled: false }

chat:
  auto_reply: true
  # Allow non-organization members to interact with CodeRabbit in comment
  # chat. The vyos org hosts public OSS repos where external contributors
  # routinely open PRs; restricting chat to org members blocks them from
  # using CodeRabbit's `@coderabbitai` commands on their own PRs. Does
  # NOT affect auto-review eligibility — that's governed by
  # `reviews.auto_review` (drafts, ignore_usernames, base_branches).
  allow_non_org_members: true
  integrations:
    jira: { usage: disabled }
    linear: { usage: disabled }

knowledge_base:
  opt_out: false
  learnings: { scope: auto }
  issues: { scope: auto }
  pull_requests: { scope: auto }
  # Lifted from Org-UI Web dashboard (2026-05-12).
  jira: { usage: disabled }
  linear: { usage: disabled }
  mcp: { usage: enabled }
  # Linked repositories provide cross-repo context to CodeRabbit. Org-specific
  # — vyos org consumes Ansible context because the `vyos.vyos` Ansible
  # collection lives here and references upstream ansible/ansible patterns.
  linked_repositories:
    - repository: ansible/ansible
      instructions: >
        This is the main repo for Ansible; our current repo is a collection
        for Ansible.