ci(workflows): add merge_group trigger to unblock GitHub Merge Queue#1008
Conversation
|
✅ Template check passed after update. Thanks for fixing the PR description. |
|
Warning Review limit reached
More reviews will be available in 39 minutes and 1 second. Learn how PR review limits work. Your organization has run out of usage credits. Purchase more credits in the billing tab to continue. ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits. 🚦 How do rate limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan refill rate. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, the refill rate gradually slows as usage increases. The highest same-day bursts are limited more strictly. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Repository YAML (base), Organization UI (inherited) Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (2)
📝 WalkthroughWalkthroughAdds GitHub Merge Queue support by inserting ChangesGitHub Merge Queue Support
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Suggested labels
Suggested reviewers
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
github-actions
Bot
added this to the
ci(workflows): add merge_group trigger to unblock GitHub Merge Queue milestone
🔍 Reviewer Summary for PR #1008CI Status: ❌ Recommendations
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request configures a merge queue ruleset for both the develop and main branches. The reviewer correctly identified that the merge_method parameter is unsupported in GitHub's merge_queue ruleset schema and will cause validation failures, providing a clean code suggestion to resolve the issue.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
| { | ||
| "type": "merge_queue", | ||
| "parameters": { | ||
| "check_response_timeout_minutes": 60, | ||
| "grouping_strategy": "ALLGREEN", | ||
| "max_entries_to_build": 5, | ||
| "max_entries_to_merge": 5, | ||
| "merge_method": "SQUASH", | ||
| "min_entries_to_merge": 1, | ||
| "min_entries_to_merge_wait_minutes": 0 | ||
| } | ||
| } |
There was a problem hiding this comment.
The merge_queue rule type in GitHub Repository Rulesets does not support the merge_method parameter. Including it will cause ruleset validation to fail when GitHub parses the JSON schema. The merge method is instead determined by the repository's general settings or pull request merge settings.
{
"type": "merge_queue",
"parameters": {
"check_response_timeout_minutes": 60,
"grouping_strategy": "ALLGREEN",
"max_entries_to_build": 5,
"max_entries_to_merge": 5,
"min_entries_to_merge": 1,
"min_entries_to_merge_wait_minutes": 0
}
}| { | ||
| "type": "merge_queue", | ||
| "parameters": { | ||
| "check_response_timeout_minutes": 60, | ||
| "grouping_strategy": "ALLGREEN", | ||
| "max_entries_to_build": 5, | ||
| "max_entries_to_merge": 5, | ||
| "merge_method": "SQUASH", | ||
| "min_entries_to_merge": 1, | ||
| "min_entries_to_merge_wait_minutes": 0 | ||
| } | ||
| } |
There was a problem hiding this comment.
The merge_queue rule type in GitHub Repository Rulesets does not support the merge_method parameter. Including it will cause ruleset validation to fail when GitHub parses the JSON schema. The merge method is instead determined by the repository's general settings or pull request merge settings.
{
"type": "merge_queue",
"parameters": {
"check_response_timeout_minutes": 60,
"grouping_strategy": "ALLGREEN",
"max_entries_to_build": 5,
"max_entries_to_merge": 5,
"min_entries_to_merge": 1,
"min_entries_to_merge_wait_minutes": 0
}
}
All three gating workflows (checks, validate-pr-template, main-branch-guard) were missing the merge_group event trigger. GitHub Merge Queue creates a temporary branch per enqueued PR and runs required status checks against it — without the trigger those checks never ran, causing the queue to hang indefinitely waiting for results that never arrived. Changes: - checks.yml: add merge_group trigger; fix BRANCH_NAME resolution to use github.event.merge_group.head_ref so branch-name validation works inside the queue's temporary branch context - validate-pr-template.yml: add merge_group trigger with an early-pass step (PR body was already validated when the PR was opened or edited) - main-branch-guard.yml: add merge_group trigger; early-return for merge_group events since branch shape is verified at PR open/edit time - develop.ruleset.json / main.ruleset.json: add merge_queue rule to formally declare the queue configuration on both protected branches (SQUASH strategy, ALLGREEN grouping, 60-minute check timeout) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01KQWMqnpRCVoEELo6hzzpHZ
GitHub's merge_queue ruleset schema does not accept a merge_method parameter — including it causes ruleset validation to fail. Merge method is controlled via repository settings, not the ruleset rule type. Also rebases onto current develop to fix the frontmatter:changed CI step which was diffing against a stale base SHA and picking up unrelated markdown changes from intermediate develop commits. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01KQWMqnpRCVoEELo6hzzpHZ
ashleyshaw
force-pushed
the
ci/workflows-merge-group-support
branch
from
0d5e471 to
fdddc8d
Compare
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01KQWMqnpRCVoEELo6hzzpHZ
|
@Mergifyio queue |
Merge Queue Status
Waiting for
All conditions
|
github-actions
Bot
added
status:needs-review
coderabbitai
Bot
added
lang:json
github-actions
Bot
removed
type:build
ashleyshaw
added
type:build
Claude
github-actions
Bot
removed
type:build
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.github/workflows/checks.yml:
- Around line 8-9: The changed-files base SHA computation on Line 64 does not
account for the merge_group context that was added as a trigger. When the
workflow is triggered from the merge queue, the PR and push context fields are
empty, causing the base SHA calculation to fail. Extend the conditional logic
around Line 64 to handle the merge_group context similar to how Line 59 already
handles it for branch name detection, ensuring the --base parameter is properly
computed for merge queue scenarios.
In `@CHANGELOG.md`:
- Line 30: The GitHub Merge Queue support changelog entry under the [Unreleased]
section includes a PR link (`#1008`) but is missing the required issue link
reference. Add the corresponding issue link to the changelog entry following the
PR link reference, ensuring it follows the repository's changelog guidelines
that require both PR and issue links for each entry.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository YAML (base), Organization UI (inherited)
Review profile: CHILL
Plan: Pro
Run ID: 36f1f1ea-b825-4e3c-8791-6a3dd22178fc
📒 Files selected for processing (6)
.github/rulesets/develop.ruleset.json.github/rulesets/main.ruleset.json.github/workflows/checks.yml.github/workflows/main-branch-guard.yml.github/workflows/validate-pr-template.ymlCHANGELOG.md
📜 Review details
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)
- GitHub Check: Mergify Merge Protections
- GitHub Check: Summary
🧰 Additional context used
📓 Path-based instructions (4)
**/.github/workflows/*.yml
⚙️ CodeRabbit configuration file
**/.github/workflows/*.yml: Review GitHub Actions workflows for this governance repo:
- Security: check for least-privilege permissions (use
permissions:at job level, default to read-only).- Secret handling: ensure secrets are passed via env vars, not interpolated directly into run: steps to prevent injection.
- Action pinning: prefer SHA-pinned actions over mutable tags (e.g.
actions/checkout@v4is acceptable; SHA pins are better).- No
pull_request_targetwith untrusted code execution unless explicitly justified.- Avoid storing sensitive outputs as unmasked step outputs.
- Check for reusable workflow patterns and matrix strategies where appropriate.
- Validate
on:triggers: ensure branch/path filters are present to avoid unnecessary runs.- Confirm workflows are documented, DRY, and maintainable.
- Ensure agent-triggered workflows use
workflow_dispatchwith defined inputs.
Files:
.github/workflows/main-branch-guard.yml.github/workflows/validate-pr-template.yml.github/workflows/checks.yml
**/*.{md,markdown,txt,instructions.md}
📄 CodeRabbit inference engine (CLAUDE.md)
Language: Use UK English throughout (optimise, organisation, colour, behaviour).
Files:
CHANGELOG.md
**/*.md
📄 CodeRabbit inference engine (AGENTS.md)
All documentation must follow Markdown formatting standards and include YAML frontmatter as specified in instructions/documentation-formats.instructions.md
Files:
CHANGELOG.md
CHANGELOG.md
⚙️ CodeRabbit configuration file
CHANGELOG.md: Review CHANGELOG.md:
- Confirm entries follow Keep a Changelog 1.1.0 format.
- Each entry under [Unreleased] must include a PR link and issue link.
- Verify entries use the correct section headings (Added, Changed, Fixed, Deprecated, Removed, Security, Documentation, Performance).
- Check UK English spelling throughout.
Files:
CHANGELOG.md
🪛 zizmor (1.25.2)
.github/workflows/validate-pr-template.yml
[error] 3-11: use of fundamentally insecure workflow trigger (dangerous-triggers): pull_request_target is almost always used insecurely
(dangerous-triggers)
🔇 Additional comments (4)
.github/rulesets/develop.ruleset.json (1)
42-51: LGTM!.github/rulesets/main.ruleset.json (1)
39-48: LGTM!.github/workflows/main-branch-guard.yml (1)
7-8: LGTM!Also applies to: 50-53
.github/workflows/validate-pr-template.yml (1)
10-11: LGTM!Also applies to: 22-27
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: de8bea2cc3
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| - name: Validate branch name | ||
| env: | ||
| BRANCH_NAME: ${{ github.event.pull_request.head.ref || github.ref_name }} | ||
| BRANCH_NAME: ${{ github.event.merge_group.head_ref || github.event.pull_request.head.ref || github.ref_name }} |
There was a problem hiding this comment.
When this job runs for merge_group, GitHub uses a temporary queue branch (gh-readonly-queue/{base_branch}/... in the merge-queue docs), so this value becomes a queue ref rather than the original PR branch. scripts/validation/validate-branch-name.js only accepts protected names, bot names, audit branches, or {prefix}/..., so npm run validate:branch-name exits 1 and CI • Unified Checks / All Checks Passed still fails in the queue. Skip this step for merge_group or teach the validator to accept the queue ref.
Useful? React with 👍 / 👎.
| }, | ||
| { | ||
| "type": "merge_queue", | ||
| "parameters": { |
There was a problem hiding this comment.
When these ruleset JSON files are applied through the GitHub repository rulesets API, this new merge_queue rule is invalid because parameters.merge_method is documented as required (MERGE, SQUASH, or REBASE). The same block was added to main.ruleset.json, so both protected branches may reject the ruleset update rather than enabling the queue. Add the chosen method to each merge_queue parameters object.
Useful? React with 👍 / 👎.
|
@Mergifyio rebase |
☑️ Nothing to do, the required conditions are not metDetails
|
There was a problem hiding this comment.
Pull request overview
This PR aims to unblock GitHub Merge Queue by ensuring required CI workflows run on the queue’s temporary merge_group branches, and by declaring merge queue behaviour in the protected-branch rulesets.
Changes:
- Added
merge_group: types: [checks_requested]triggers to the three gating workflows so required checks execute on merge-queue branches. - Added early-pass/early-return logic in PR-template and main-branch guard workflows for
merge_groupevents. - Added a
merge_queuerule to bothdevelop.ruleset.jsonandmain.ruleset.json(ALLGREEN grouping, 60-minute timeout).
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
CHANGELOG.md |
Documents the Merge Queue support work (needs adjustment if branch-name validation is skipped for merge queue). |
.github/workflows/validate-pr-template.yml |
Triggers on merge_group and skips re-validating the PR body in merge queue context. |
.github/workflows/main-branch-guard.yml |
Triggers on merge_group and returns early (passing) in merge queue context. |
.github/workflows/checks.yml |
Triggers on merge_group and attempts to adapt branch-name validation for merge queue runs (currently still risks failing on gh-readonly-queue/*). |
.github/rulesets/main.ruleset.json |
Declares merge_queue rule for main. |
.github/rulesets/develop.ruleset.json |
Declares merge_queue rule for develop. |
| - name: Validate branch name | ||
| env: | ||
| BRANCH_NAME: ${{ github.event.pull_request.head.ref || github.ref_name }} | ||
| BRANCH_NAME: ${{ github.event.merge_group.head_ref || github.event.pull_request.head.ref || github.ref_name }} | ||
| run: npm run validate:branch-name |
|
|
||
| ### Added | ||
|
|
||
| - **GitHub Merge Queue support** — Added `merge_group: types: [checks_requested]` trigger to `checks.yml`, `validate-pr-template.yml`, and `main-branch-guard.yml` so required status checks fire correctly inside GitHub's Merge Queue. Fixed `BRANCH_NAME` resolution in `checks.yml` to use `github.event.merge_group.head_ref` in queue context. Added `merge_queue` rule (ALLGREEN grouping, 60-minute check timeout) to both `develop` and `main` branch rulesets. ([#1008](https://github.com/lightspeedwp/.github/pull/1008)) |
Summary
merge_groupevent trigger, causing GitHub Merge Queue to hang indefinitely — the temporary branch created by the queue never received a status check result because the workflows never fired on itmerge_group: types: [checks_requested]tochecks.yml,validate-pr-template.yml, andmain-branch-guard.ymlmerge_queuerule to bothdevelop.ruleset.jsonandmain.ruleset.jsonto formally declare the queue configuration on both protected branchesWhat was broken
GitHub Merge Queue works by creating a temporary merge branch (e.g.
gh-readonly-queue/develop/pr-123-…) and running required status checks against it. Without themerge_grouptrigger:CI • Unified Checks / All Checks Passed— never ran → queue stuckValidate PR Template / validate-pr-template— never ran → queue stuckChanges
checks.ymlmerge_grouptrigger; fixBRANCH_NAMEto usegithub.event.merge_group.head_refso branch-name validation resolves correctly inside the queue's temporary branchvalidate-pr-template.ymlmerge_grouptrigger with an early-pass step (PR body was already validated when the PR was opened/edited)main-branch-guard.ymlmerge_grouptrigger; early-return for merge_group events since branch shape is verified at PR timedevelop.ruleset.jsonmerge_queuerule (ALLGREEN grouping, 60-min timeout)main.ruleset.jsonmerge_queuerule (ALLGREEN grouping, 60-min timeout)Linked issues
Changelog
merge_grouptrigger tochecks.yml,validate-pr-template.yml, andmain-branch-guard.ymlto unblock GitHub Merge Queuemerge_queuerule in both branch rulesetsChecklist (Global DoD / PR)
merge_methodfrom ruleset schema🤖 Generated with Claude Code
https://claude.ai/code/session_01KQWMqnpRCVoEELo6hzzpHZ