Skip to content

ci: add workflow to auto-rebase feature branches #2290

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

ci: add workflow to auto-rebase feature branches #2290

wants to merge 4 commits into from

Conversation

@jonathanpwang
Copy link
Contributor

@jonathanpwang jonathanpwang commented Dec 2, 2025
edited
Loading

Summary

Adds a GitHub Actions workflow that automatically keeps long-running feature branches rebased onto main. This reduces manual maintenance overhead and ensures feature branches stay current.

How it works

  1. Triggers on push to main - When commits are merged/pushed to main, the workflow runs
  2. Rebases each configured feature branch onto origin/main
  3. Creates backup branches before force pushing (e.g., develop-v2-backup-20241202-143052)
  4. Force pushes with lease - Only if rebase changed history and backup succeeded
  5. Sends Slack notifications - Reports success/failure with branch details

Configured branches

  • develop-v2
  • develop-v1.5.0
  • develop-v1.6.0

Safety features

  • Backup branches - Always created before force push, with timestamp
  • --force-with-lease - Prevents overwriting unexpected changes
  • Aborts on conflict - Does not force push if rebase fails; sends Slack alert for manual resolution
  • Backup validation - Only force pushes if backup push succeeded

Security

  • Uses GitHub App token for authentication (configured via REBASE_APP_ID and REBASE_APP_PRIVATE_KEY secrets)
  • Explicit permissions: contents: write block
  • Uses jq for safe JSON construction in Slack payloads (prevents injection)
  • Environment variables passed via env: block rather than inline ${{ }} interpolation

Prerequisites

The following secrets must be configured:

  • REBASE_APP_ID - GitHub App ID
  • REBASE_APP_PRIVATE_KEY - GitHub App private key
  • SLACK_WEBHOOK_URL - Slack incoming webhook URL

The GitHub App needs write access to repository contents.

Test plan

  • Verify secrets are configured in repository settings
  • Merge a test commit to main and observe workflow execution
  • Verify Slack notifications are received
  • Test conflict scenario to verify abort behavior and notification

🤖 Generated with Claude Code

@jonathanpwang @claude
ci: add workflow to auto-rebase feature branches
bde1fb1 
Add a GitHub Actions workflow that automatically rebases long-running
feature branches onto main when changes are pushed to main.

Features:
- Triggers on push to main branch
- Rebases configured feature branches (develop-v2, develop-v1.5.0, develop-v1.6.0)
- Creates timestamped backup branches before force pushing
- Uses --force-with-lease for safer force pushes
- Sends Slack notifications on success or failure
- Only force pushes if rebase actually changed history

Security:
- Uses GitHub App token for authentication (bypasses branch protection)
- Explicit permissions block (contents: write)
- Uses jq for safe JSON construction in Slack payloads
- Environment variables passed via env: block to prevent injection

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>
Copilot AI review requested due to automatic review settings December 2, 2025 22:52
Copilot finished reviewing on behalf of jonathanpwang December 2, 2025 22:56
Copilot AI reviewed Dec 2, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds a GitHub Actions workflow to automatically rebase long-running feature branches (develop-v2, develop-v1.5.0, develop-v1.6.0) onto main whenever commits are pushed to the main branch. The workflow creates timestamped backups before force-pushing, uses --force-with-lease for safety, and sends Slack notifications on both success and failure scenarios.

Key Changes

  • Automated rebase workflow triggered on push to main with backup and force-push safety mechanisms
  • GitHub App token-based authentication for git operations
  • Slack notification system for rebase success/failure with detailed branch status reporting

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

jonathanpwang and others added 3 commits December 2, 2025 18:14
@jonathanpwang
chore: pin action versions
c90324e
@jonathanpwang @claude
fix: use actual newlines in Slack notification strings
dfaae16 
The $'\n' syntax produces actual newline characters that jq will
properly JSON-encode, rather than literal backslash-n which would
be double-escaped.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>
@jonathanpwang
Update .github/workflows/rebase-feature-branches.yml
0870e98 
Co-authored-by: Copilot <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@yi-sun yi-sun Awaiting requested review from yi-sun

@shuklaayush shuklaayush Awaiting requested review from shuklaayush

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jonathanpwang