INFRA-001: Restrict AI reviews to release/* → main PRs

[menvil]

Summary

Configure CodeRabbit and Cubic.dev so only release/* → main PRs are reviewed; feature/* → develop traffic is skipped.

Mechanism

• CodeRabbit uses label-gated auto-review: `auto_review.enabled: false` plus `auto_review.labels: ["release"]`. The label is auto-applied to release PRs by a GitHub Actions workflow.
• Cubic uses ignore filters (`base_branches`, `head_branches`) listing everything that is NOT release/* → main.

Files

• `.coderabbit.yaml`
• `cubic.yaml`
• `.github/workflows/label-release-prs.yml`
• (`release` label pre-created via gh CLI)

Verification

• Test plan: open a feature/* → develop PR → no review fires.
• Open release/* → main PR → workflow adds `release` label → CodeRabbit reviews; Cubic also reviews.
• `@coderabbitai review` still works as manual override.

---

Summary by cubic

INFRA-001: Restrict automated reviews to release/* → main PRs. Feature/* → develop PRs are skipped; manual @coderabbitai review remains available.

• New Features
  • Add .coderabbit.yaml: disable auto-review globally; re-enable when release label is present.
  • Add .github/workflows/label-release-prs.yml: auto-applies release label to release/* → main PRs; pin actions/github-script to commit SHA.
  • Add cubic.yaml: ignore rules skip all non–release/* → main traffic.

^{Written for commit aca9677. Summary will update on new commits.}

Review in cubic

Summary by CodeRabbit

Release Notes

• Chores
  • Настроена автоматизация процесса разработки для улучшения управления pull requests и релизами.
  • Добавлены инструменты для автоматической маркировки и анализа pull requests.
  • Обновлены параметры проверки качества кода в рабочих процессах.

[coderabbitai]

📝 Walkthrough

Walkthrough

Добавлены три связанные конфигурационные файла для управления автоматизированным ревью релизных PR. GitHub Actions автоматически помечает PR, исходящие из веток release/*, меткой "release", CodeRabbit использует эту метку для включения авто-ревью, а Cubic ограничивает анализ только переходами release/* → main.

Changes

Release PR Review Automation

Layer / File(s)	Summary
CodeRabbit auto-review configuration .coderabbit.yaml	Настройка CodeRabbit с профилем "chill", глобальным отключением авто-ревью и повторным включением для PR с меткой "release". Включены high-level summary и auto-reply в чате, отключены поэма и request_changes workflow.
GitHub Actions workflow for release PR labeling .github/workflows/label-release-prs.yml	Workflow срабатывает на событиях pull_request_target и добавляет метку "release" к PR, чьи ветка начинается с release/ и база равна main.
Cubic review filtering configuration cubic.yaml	Конфигурация Cubic фильтрует анализ через раздел reviews.ignore, пропуская все комбинации веток кроме переходов из release/* в main.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 Конфиг за конфигом, в стройном ряду,
Релизные ветки на марше в беду!
Метки летят, авто-ревью поёт,
Cubic фильтрует и строго следит.
Система настроена, сервис в пути! 🚀

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	Заголовок точно отражает основное изменение: ограничение автоматических AI-ревью только PR с веткой release/* в main. Содержит идентификатор задачи и ясно описывает назначение конфигурации.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/INFRA-001-ai-review-config

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/label-release-prs.yml:
- Line 16: The workflow pins the action using the floating tag
"actions/github-script@v7", which is vulnerable to supply-chain tampering;
replace that reference with the action's immutable commit SHA (use the exact
full 40-char git commit SHA from the actions/github-script repo for the v7
release), i.e., update the uses entry that currently reads
"actions/github-script@v7" to "actions/github-script@<commit-sha>" so the
workflow always runs the known-good commit.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 7e1ad22f-3edd-4845-a621-9bd8722c90c0

📥 Commits

Reviewing files that changed from the base of the PR and between 74cd03e and 41a416c.

📒 Files selected for processing (3)

• .coderabbit.yaml
• .github/workflows/label-release-prs.yml
• cubic.yaml