ci(scripts): Add coordinated release orchestrator and runbook#7
Conversation
|
Warning Review limit reached
Next review available in: 39 minutes Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available. How can I continue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews. How do review limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please refer docs for additional details. Review details⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (4)
📝 WalkthroughWalkthroughAdds ChangesMulti-repo Release Orchestration
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
PR Summary by QodoAdd coordinated multi-repo release orchestrator and release runbook
AI Description
Diagram
High-Level Assessment
Files changed (3)
|
Code Review by Qodo
1.
|
There was a problem hiding this comment.
Actionable comments posted: 3
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@release-all.ps1`:
- Around line 274-299: The Invoke-Adopt flow only updates upstream versions when
parent/core are explicitly selected, which causes subset releases like
core,spring-boot to skip required upstream adoption. Update Invoke-Adopt to
carry adopt versions for omitted upstreams before the release loop, either by
prompting for the missing parent/core versions or resolving them from existing
tags, and then use those resolved values in the existing Commit-AdoptBump and
Invoke-Mvnw paths for the core and spring-boot branches.
- Around line 158-183: The version prompts in Read-ReleaseVersion and
Read-DevelopmentVersion are too loose and currently allow non-final release
strings like 1.2.3-rc1 and invalid snapshot prefixes like foo-SNAPSHOT. Tighten
the regex checks so Read-ReleaseVersion only accepts plain numeric release
versions with no suffixes, and Read-DevelopmentVersion only accepts a numeric
version ending in -SNAPSHOT. Keep the existing prompt flow and error messages,
but update the validation logic in these two functions to reject any extra
qualifiers.
- Around line 202-209: The branch sync check in release-all.ps1 can continue
after a failed git fetch and use stale refs, so make the fetch step fail fast
before reading refs/remotes/origin/$branch. Update the fetch logic near the repo
validation block to explicitly detect a non-zero git -C $RepoPath fetch origin
exit and throw immediately, so the later rev-parse comparison only runs when
fetch succeeds. Use the existing branch-check flow and variables ($RepoPath,
$branch, $remoteRef, $localRef) to keep the fix localized.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro Plus
Run ID: 7af71064-cd91-43c6-b9a5-f358a3128629
📒 Files selected for processing (3)
README.adocRELEASING.adocrelease-all.ps1
| param([hashtable] $Plan, [string] $Name, [string[]] $Selected) | ||
| $repo = $Plan[$Name] | ||
| if ($Name -eq 'core') { | ||
| if ($Selected -contains 'parent') { | ||
| $parentVersion = $Plan['parent'].ReleaseVersion | ||
| Write-Step "Adopt parent $parentVersion" | ||
| Invoke-Mvnw $repo.Path @('-B', 'versions:update-parent', "-DparentVersion=$parentVersion", '-DallowSnapshots=false', '-DgenerateBackupPoms=false') | ||
| $actual = Get-MvnwValue $repo.Path 'project.parent.version' | ||
| Commit-AdoptBump $repo.Path "build(pom): Bump database-audits-parent to $parentVersion" 'the parent version' $actual $parentVersion | ||
| } | ||
| } | ||
| elseif ($Name -eq 'spring-boot') { | ||
| if ($Selected -contains 'parent') { | ||
| $parentVersion = $Plan['parent'].ReleaseVersion | ||
| Write-Step "Adopt parent $parentVersion" | ||
| Invoke-Mvnw $repo.Path @('-B', 'versions:update-parent', "-DparentVersion=$parentVersion", '-DprocessAllModules=true', '-DallowSnapshots=false', '-DgenerateBackupPoms=false') | ||
| $actual = Get-MvnwValue $repo.Path 'project.parent.version' | ||
| Commit-AdoptBump $repo.Path "build(pom): Bump database-audits-parent to $parentVersion" 'the parent version' $actual $parentVersion | ||
| } | ||
| if ($Selected -contains 'core') { | ||
| $coreVersion = $Plan['core'].ReleaseVersion | ||
| Write-Step "Adopt core $coreVersion" | ||
| Invoke-Mvnw $repo.Path @('-B', 'versions:set-property', '-Dproperty=database-audits-core.version', "-DnewVersion=$coreVersion", '-DprocessAllModules=true', '-DgenerateBackupPoms=false') | ||
| $actual = Get-CorePropertyVersion $repo.Path | ||
| Commit-AdoptBump $repo.Path "build(pom): Bump database-audits-core to $coreVersion" 'the database-audits-core.version property' $actual $coreVersion | ||
| } |
There was a problem hiding this comment.
🗄️ Data Integrity & Integration | 🟠 Major | 🏗️ Heavy lift
Subset runs cannot adopt already-released upstreams.
Invoke-Adopt only bumps parent/core when that upstream is also in $Selected. A resumed run like -Modules core,spring-boot therefore skips the parent bump entirely and can release core/spring-boot against stale upstream versions, even though the docs advertise that flow. Please carry adopt versions for omitted upstreams too (for example by prompting for them or resolving them from tags) before entering the release loop.
🧰 Tools
🪛 PSScriptAnalyzer (1.25.0)
[info] 282-282: Cmdlet 'Commit-AdoptBump' has positional parameter. Please use named parameters instead of positional parameters when calling a command.
(PSAvoidUsingPositionalParameters)
[info] 291-291: Cmdlet 'Commit-AdoptBump' has positional parameter. Please use named parameters instead of positional parameters when calling a command.
(PSAvoidUsingPositionalParameters)
[info] 298-298: Cmdlet 'Commit-AdoptBump' has positional parameter. Please use named parameters instead of positional parameters when calling a command.
(PSAvoidUsingPositionalParameters)
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@release-all.ps1` around lines 274 - 299, The Invoke-Adopt flow only updates
upstream versions when parent/core are explicitly selected, which causes subset
releases like core,spring-boot to skip required upstream adoption. Update
Invoke-Adopt to carry adopt versions for omitted upstreams before the release
loop, either by prompting for the missing parent/core versions or resolving them
from existing tags, and then use those resolved values in the existing
Commit-AdoptBump and Invoke-Mvnw paths for the core and spring-boot branches.
0950c53 to
fa099c9
Compare
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@release-all.ps1`:
- Around line 217-220: The remote tag lookup in Test-RemoteTagExists currently
treats every empty git ls-remote result as a missing tag, which can hide network
or auth failures. Update this function to check the exit status of the git -C
$RepoPath ls-remote --tags origin refs/tags/$Tag call and throw an error when
the remote query fails instead of returning false. Keep the fix localized to
Test-RemoteTagExists so the release resume flow stops early on lookup errors
rather than continuing into release:prepare.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro Plus
Run ID: 78809b03-c6c1-481b-b844-f89ff5daf72a
📒 Files selected for processing (3)
README.adocRELEASING.adocrelease-all.ps1
✅ Files skipped from review due to trivial changes (2)
- README.adoc
- RELEASING.adoc
Add release-all.ps1 to drive the parent -> core -> spring-boot release in dependency order: prompt for each module's release and next-development version, run pre-flight (no uncommitted tracked changes, current branch level with origin, Docker up), adopt each freshly released upstream as a build(pom) bump, run release:prepare, and wait for the artifact on Maven Central before releasing the dependent module. The script is subset-capable (-Modules), resumable, and has a -DryRun rehearsal. The branch need not be main; loose untracked files do not block a release. Add README.adoc for orientation -- module layout, dependency order, and cross-reference pinning -- and RELEASING.adoc for the procedure: the one-command path, the manual fallback, the rollback steps, and post-release verification. The signed deploy stays with each repo's tag-triggered release.yml workflow; this orchestrates only the local release:prepare side. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_018eNGdoLaGxu7yrMnHgLg3B
So it's clear in Sonatype's Central publishing list.
bc29904 to
6963821
Compare
|
@coderabbitai review |
✅ Action performedReview finished.
|
What
Adds the coordinated release tooling for the database-audits modules to the parent repo.
release-all.ps1— orchestrates theparent -> core -> spring-bootrelease in dependency order: prompts for each module's release/next-development versions, runs pre-flight, adopts each freshly released upstream as abuild(pom)bump, runsrelease:prepare, and waits for the artifact on Maven Central before releasing the dependent module. Subset-capable (-Modules), resumable, and has a-DryRunrehearsal.README.adoc— orientation: module layout, dependency order, and how cross-references are pinned.RELEASING.adoc— the release procedure: one-command path, manual fallback, rollback, and post-release verification.Pre-flight behavior
The pre-flight confirms each repo is releasable rather than imposing rigid requirements:
origincounterpart — the branch need not bemain, but whatever you release from must already be pushed.core/spring-bootintegration tests duringrelease:prepare).The signed deploy stays with each repo's tag-triggered
release.yml; this orchestrates only the localrelease:prepareside.🤖 Generated with Claude Code
https://claude.ai/code/session_01UitsP43vNdmvr9HVHaToTq
Summary by CodeRabbit
New Features
release-all.ps1, supporting dry runs, interactive confirmation, resumable releases, and selective module execution in dependency order.Documentation
README.adocdescribing the shared Maven parent layout, version line conventions, and required release sequencing.RELEASING.adocwith end-to-end release instructions, rollback/abort guidance, and post-release verification.