feat: Workflow changes which will label issues automatically as per #2256

[SGI-CAPP-AT2]

What kind of change does this PR introduce?
feature about issue workflows

**Issue Number: **

Fixes #2256

Did you add tests for your changes?
No

Snapshots/Videos:
Results:

If relevant, did you update the documentation?

Summary
As described in issue #2256 the workflows will be able to add automatic labels for following conditions
Dependencies: When the words dependabot, dependency or dependencies are in the body of the issue Add the labels dependencies, security and good first issue
Security: When the word security are in the body of the issue Add the label security and good first issue
Design: When the words layout, screen, design or figma are in the body of the issue Add the label ui/ux and good first issue

Does this PR introduce a breaking change?

Other information
Added a extra step in the given issue.yml file which uses actions/github-script@v6 for solving following problem
Problem : We can not have same synonym for multiple labels if we add same synonym in multiple if we add same synonym in multiple lists of synonyms then it adds only single label in latest list refer auto-lable/issue-93
Soultution By me:

1. We want to add security for same synonyms from dependencies and synonym security: we'll have only security as synonym in the labelsSynonyms and for same synonyms from dependencies we'll have github script to add the labels by detecting if dependencies is label to issue
2. Same for good first issue if we have anyone label from dependencies, security, ui/ux assigned to issue

Have you read the contributing guide?
Yes

Summary by CodeRabbit

• New Features

  • Introduced a new labeling system for issues, allowing for synonyms and default labels to enhance organization.
  • Automatically assigns labels like "good first issue" and "security" based on issue content.

• Bug Fixes

  • Updated the auto-labeling action to improve performance and accuracy in label management.

• Chores

  • Updated configuration files for better workflow management and streamlined processes.

[coderabbitai]

Walkthrough

The changes introduce a new JSON5 configuration file for GitHub workflows that defines label synonyms and default labels. Modifications to the existing workflow file enhance the automation of issue labeling based on specific keywords in issue descriptions. The updated workflow now checks for keywords related to dependencies, security, and design, applying appropriate labels accordingly. The configuration aims to streamline the labeling process, reducing manual overhead.

Changes

File	Change Summary
.github/workflows/auto-label.json5	New configuration file added defining labelsSynonyms and defaultLabels.
.github/workflows/issue.yml	Updated Opened-issue-label job to utilize actions/checkout@v4 and Renato66/auto-label@v3. Added a new step with actions/github-script@v6 for dynamic label assignment based on issue content. Removed ignore-comments and default-labels parameters.

Assessment against linked issues

Objective	Addressed	Explanation
Add labels for dependencies based on specific keywords (#2256)	✅
Add labels for security based on specific keywords (#2256)	✅
Add labels for design-related keywords (#2256)	✅
Ensure no other functionality is affected (#2256)	❓	Unclear if all previous functionalities remain intact.

• fix: pull-request.yml to ignore actions on ignore-sensitive-files-pr and Introspection workflow #2391: The changes in pull-request.yml regarding the Check-Target-Branch job are related to the main PR's introduction of the defaultLabels in auto-label.json5, as both PRs involve modifications to GitHub Actions workflows that manage pull request processes.

• Suggested reviewers:

  • palisadoes
  • AVtheking
  • varshith257
  • gautam-divyanshu

🐰 "In the garden of code, we hop with glee,
Labels now dance, as easy as can be!
With synonyms bright, and defaults in place,
Automation's here, quickening the pace.
No more manual toil, just watch us thrive,
In this workflow wonder, we come alive!" 🐇✨

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

Our Pull Request Approval Process

We have these basic policies to make the approval process smoother for our volunteer team.

Testing Your Code

Please make sure your code passes all tests. Our test code coverage system will fail if these conditions occur:

1. The overall code coverage drops below the target threshold of the repository
2. Any file in the pull request has code coverage levels below the repository threshold
3. Merge conflicts

The process helps maintain the overall reliability of the code base and is a prerequisite for getting your PR approved. Assigned reviewers regularly review the PR queue and tend to focus on PRs that are passing.

Reviewers

Do not assign reviewers. Our Queue Monitors will review your PR and assign them.
When your PR has been assigned reviewers contact them to get your code reviewed and approved via:

1. comments in this PR or
2. our slack channel

Reviewing Your Code

Your reviewer(s) will have the following roles:

1. arbitrators of future discussions with other contributors about the validity of your changes
2. point of contact for evaluating the validity of your work
3. person who verifies matching issues by others that should be closed.
4. person who gives general guidance in fixing your tests

CONTRIBUTING.md

Read our CONTRIBUTING.md file. Most importantly:

1. PRs with issues not assigned to you will be closed by the reviewer
2. Fix the first comment in the PR so that each issue listed automatically closes

Other

1. 🎯 Please be considerate of our volunteers' time. Contacting the person who assigned the reviewers is not advised unless they ask for your input. Do not @ the person who did the assignment otherwise.
2. Read the CONTRIBUTING.md file make

[github-actions]

Congratulations on making your first PR! 🎊 If you haven't already, check out our Contributing Guidelines and PR Reporting Guidelines to ensure that you are following our guidelines for contributing and creating PR.

[coderabbitai]

Actionable comments posted: 3

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between af2f509 and 46b2938.

📒 Files selected for processing (2)

• .github/workflows/auto-label.json5 (1 hunks)
• .github/workflows/issue.yml (1 hunks)

✅ Files skipped from review due to trivial changes (1)

• .github/workflows/auto-label.json5

🧰 Additional context used

🪛 yamllint

.github/workflows/issue.yml

[error] 47-47: trailing spaces

(trailing-spaces)

---

[error] 54-54: trailing spaces

(trailing-spaces)

🔇 Additional comments (2)

.github/workflows/issue.yml (2)

21-25: LGTM! Efficient repository checkout configuration.

The sparse checkout configuration is well-optimized, only fetching the required configuration file.

---

26-28: Verify auto-label configuration file existence and format.

The workflow depends on .github/workflows/auto-label.json5, but we should verify its existence and format.

✅ Verification successful

Configuration file exists and is properly formatted

The auto-label configuration file .github/workflows/auto-label.json5 exists and contains valid JSON5 with the expected structure:

• Defines label synonyms for dependencies, security, and ui/ux categories
• Includes defaultLabels configuration

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check if the config file exists and is valid JSON5
if [ -f ".github/workflows/auto-label.json5" ]; then
    echo "Config file exists"
    # Use grep to check for expected content structure
    rg -U "labelsSynonyms.*dependencies.*security.*ui/ux" .github/workflows/auto-label.json5
else
    echo "Error: auto-label.json5 not found"
    exit 1
fi

Length of output: 185

---

Script:

#!/bin/bash
# Let's check if the file exists and show its contents
if [ -f ".github/workflows/auto-label.json5" ]; then
    echo "=== Content of auto-label.json5 ==="
    cat .github/workflows/auto-label.json5
else
    echo "File not found: .github/workflows/auto-label.json5"
fi

# Also check for any similar config files in case it's in a different location
echo -e "\n=== Similar config files ==="
fd -g "*auto-label*.json*"

Length of output: 492

[coderabbitai]

⚠️ Potential issue

Logic doesn't match requirements - should check issue body for keywords.

The current implementation checks existing labels instead of scanning the issue body for keywords as specified in the requirements. Additionally, some required label combinations are missing.

Here's the corrected implementation:

-            if(labels.data.reduce((a, c)=>a||["dependencies"].includes(c.name), false))
-              await github.rest.issues.addLabels({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                issue_number: context.issue.number,
-                labels: ["good first issue", "security"]  
-              });
-            else if(labels.data.reduce((a, c)=>a||["security", "ui/ux"].includes(c.name), false))
-              await github.rest.issues.addLabels({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                issue_number: context.issue.number,
-                labels: ["good first issue"]  
-              });
+            const issue = await github.rest.issues.get({
+              owner,
+              repo,
+              issue_number
+            });
+            
+            const body = issue.data.body.toLowerCase();
+            const labelsToAdd = new Set(["good first issue"]);
+            
+            if (body.match(/\b(dependabot|dependency|dependencies)\b/)) {
+              labelsToAdd.add("dependencies").add("security");
+            }
+            if (body.match(/\bsecurity\b/)) {
+              labelsToAdd.add("security");
+            }
+            if (body.match(/\b(layout|screen|design|figma)\b/)) {
+              labelsToAdd.add("ui/ux");
+            }
+            
+            if (labelsToAdd.size > 1) { // More than just "good first issue"
+              await github.rest.issues.addLabels({
+                owner,
+                repo,
+                issue_number,
+                labels: Array.from(labelsToAdd)
+              });
+            }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	if(labels.data.reduce((a, c)=>a||["dependencies"].includes(c.name), false))
	await github.rest.issues.addLabels({
	owner: context.repo.owner,
	repo: context.repo.repo,
	issue_number: context.issue.number,
	labels: ["good first issue", "security"]
	});
	else if(labels.data.reduce((a, c)=>a||["security", "ui/ux"].includes(c.name), false))
	await github.rest.issues.addLabels({
	owner: context.repo.owner,
	repo: context.repo.repo,
	issue_number: context.issue.number,
	labels: ["good first issue"]
	});
	const issue = await github.rest.issues.get({
	owner,
	repo,
	issue_number
	});
	const body = issue.data.body.toLowerCase();
	const labelsToAdd = new Set(["good first issue"]);
	if (body.match(/\b(dependabot|dependency|dependencies)\b/)) {
	labelsToAdd.add("dependencies").add("security");
	}
	if (body.match(/\bsecurity\b/)) {
	labelsToAdd.add("security");
	}
	if (body.match(/\b(layout|screen|design|figma)\b/)) {
	labelsToAdd.add("ui/ux");
	}
	if (labelsToAdd.size > 1) { // More than just "good first issue"
	await github.rest.issues.addLabels({
	owner,
	repo,
	issue_number,
	labels: Array.from(labelsToAdd)
	});
	}

🧰 Tools

🪛 yamllint

[error] 47-47: trailing spaces

(trailing-spaces)

---

[error] 54-54: trailing spaces

(trailing-spaces)

[coderabbitai]

Seems like the humans are having a chat. I'll hop back into my burrow for now. If you need me again, just tag @coderabbitai in a new comment, and I'll come hopping out!

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 98.06%. Comparing base (ed2a945) to head (8cf9c9b).
Report is 10 commits behind head on develop.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #2390      +/-   ##
===========================================
- Coverage    98.08%   98.06%   -0.03%     
===========================================
  Files          249      255       +6     
  Lines         7194     7169      -25     
  Branches      2066     2071       +5     
===========================================
- Hits          7056     7030      -26     
- Misses         128      129       +1     
  Partials        10       10              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[palisadoes]

1. Please merge with the latest upstream
2. Please make sure coderabbit approves your changes

[coderabbitai]

Actionable comments posted: 2

🧹 Outside diff range and nitpick comments (1)

.github/workflows/issue.yml (1)

29-55: Add error handling to the script.

Consider wrapping the script in a try-catch block to handle potential API errors gracefully.

Add error handling:

 script: |
+  try {
     const { owner, repo } = context.repo;
     // ... rest of the script ...
+  } catch (error) {
+    core.setFailed(`Action failed with error: ${error}`);
+  }

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 46b2938 and 8cf9c9b.

📒 Files selected for processing (1)

• .github/workflows/issue.yml (1 hunks)

🔇 Additional comments (1)

.github/workflows/issue.yml (1)

21-25: LGTM! Efficient checkout configuration.

The sparse checkout is well configured to only fetch the required configuration file.

[coderabbitai]

⚠️ Potential issue

Implementation doesn't match requirements.

The current implementation has several issues:

1. It checks existing labels instead of scanning the issue body for keywords
2. The label combinations don't match the requirements
3. It doesn't handle all required keyword cases
4. There's potential for duplicate label additions

Here's the corrected implementation:

 - uses: actions/github-script@v6
   env:
     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   with:
     script: |
       const { owner, repo } = context.repo;
       const issue_number = context.issue.number;
       const apiParams = {
         owner,
         repo,
         issue_number
       };
-      const labels = await github.rest.issues.listLabelsOnIssue(apiParams);
-      if(labels.data.reduce((a, c)=>a||["dependencies"].includes(c.name), false))
-        await github.rest.issues.addLabels({
-          owner: context.repo.owner,
-          repo: context.repo.repo,
-          issue_number: context.issue.number,
-          labels: ["good first issue", "security"]
-        });
-      else if(labels.data.reduce((a, c)=>a||["security", "ui/ux"].includes(c.name), false))
-        await github.rest.issues.addLabels({
-          owner: context.repo.owner,
-          repo: context.repo.repo,
-          issue_number: context.issue.number,
-          labels: ["good first issue"]
-        });
+      // Get issue details
+      const issue = await github.rest.issues.get(apiParams);
+      const body = issue.data.body?.toLowerCase() || '';
+      
+      // Initialize labels set with the default label
+      const labelsToAdd = new Set(['good first issue']);
+      
+      // Check for dependencies keywords
+      if (body.match(/\b(dependabot|dependency|dependencies)\b/)) {
+        labelsToAdd.add('dependencies').add('security');
+      }
+      
+      // Check for security keyword
+      if (body.match(/\bsecurity\b/)) {
+        labelsToAdd.add('security');
+      }
+      
+      // Check for UI/UX keywords
+      if (body.match(/\b(layout|screen|design|figma)\b/)) {
+        labelsToAdd.add('ui/ux');
+      }
+      
+      // Add labels if we have more than just the default label
+      if (labelsToAdd.size > 1) {
+        await github.rest.issues.addLabels({
+          ...apiParams,
+          labels: Array.from(labelsToAdd)
+        });
+      }

Key improvements:

1. Scans issue body for keywords as per requirements
2. Handles all required keyword-label mappings
3. Uses Set to prevent duplicate labels
4. Adds null check for issue body
5. Reuses apiParams object

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- uses: actions/github-script@v6
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	script: |
	const { owner, repo } = context.repo;
	const issue_number = context.issue.number;
	const apiParams = {
	owner,
	repo,
	issue_number
	};
	const labels = await github.rest.issues.listLabelsOnIssue(apiParams);
	if(labels.data.reduce((a, c)=>a||["dependencies"].includes(c.name), false))
	await github.rest.issues.addLabels({
	owner: context.repo.owner,
	repo: context.repo.repo,
	issue_number: context.issue.number,
	labels: ["good first issue", "security"]
	});
	else if(labels.data.reduce((a, c)=>a||["security", "ui/ux"].includes(c.name), false))
	await github.rest.issues.addLabels({
	owner: context.repo.owner,
	repo: context.repo.repo,
	issue_number: context.issue.number,
	labels: ["good first issue"]
	});
	- uses: actions/github-script@v6
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	script: |
	const { owner, repo } = context.repo;
	const issue_number = context.issue.number;
	const apiParams = {
	owner,
	repo,
	issue_number
	};
	// Get issue details
	const issue = await github.rest.issues.get(apiParams);
	const body = issue.data.body?.toLowerCase() || '';
	// Initialize labels set with the default label
	const labelsToAdd = new Set(['good first issue']);
	// Check for dependencies keywords
	if (body.match(/\b(dependabot|dependency|dependencies)\b/)) {
	labelsToAdd.add('dependencies').add('security');
	}
	// Check for security keyword
	if (body.match(/\bsecurity\b/)) {
	labelsToAdd.add('security');
	}
	// Check for UI/UX keywords
	if (body.match(/\b(layout|screen|design|figma)\b/)) {
	labelsToAdd.add('ui/ux');
	}
	// Add labels if we have more than just the default label
	if (labelsToAdd.size > 1) {
	await github.rest.issues.addLabels({
	...apiParams,
	labels: Array.from(labelsToAdd)
	});
	}

[SGI-CAPP-AT2]

The changes suggested by the coderabbit will add 'good first issue' to every issue by default.
@palisadoes
and my approach is not to use script for that but to use for detecting labels as mentioned in PR Body.

[coderabbitai]

Seems like the humans are having a chat. I'll hop back into my burrow for now. If you need me again, just tag @coderabbitai in a new comment, and I'll come hopping out!