get PR review apps working again

[justin808]

This change is 

Summary by CodeRabbit

• Workflow Updates

  • Refined deployment workflow for PR review apps.
  • Enhanced secret validation and deployment logic.
  • Improved app naming and organization handling.
  • Updated workflow name and run-name for clarity.
  • Added new steps for setting up Control Plane apps and validating required variables.

• Deployment Changes

  • Simplified deployment process.
  • Removed detailed commit SHA retrieval script.
  • Streamlined deployment action configuration.
  • Introduced new error handling and logging for better traceability.

• New Features

  • Introduced a new debug workflow for logging GitHub context and branch information.

[coderabbitai]

Warning

Rate limit exceeded

@justin808 has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 11 minutes and 38 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between 751eb87 and e113f47.

📒 Files selected for processing (4)

• .github/actions/delete-control-plane-app/action.yml (1 hunks)
• .github/workflows/delete-review-app.yml (1 hunks)
• .github/workflows/help-command.yml (1 hunks)
• .github/workflows/review-app-help.yml (1 hunks)

Walkthrough

This pull request introduces significant changes to the deployment workflow for review applications in the Control Plane. The modifications simplify the deployment process by removing detailed secret validation, commit SHA retrieval, and output handling steps. The workflow now uses a more streamlined approach with fewer explicit checks, relying on a single deployment script and updated environment variable handling. The changes focus on making the deployment mechanism more concise while maintaining the core functionality of deploying review applications.

Changes

File	Change Summary
.github/actions/deploy-to-control-plane/action.yml	- Removed secret validation steps - Simplified deployment logic - Added/removed environment variables - Replaced complex deployment steps with a single deploy.sh script
.github/actions/deploy-to-control-plane/scripts/get-commit-sha.sh	- Entire script removed
.github/workflows/deploy-to-control-plane.yml	- Updated workflow name - Added secret and variable validation - Refined PR number handling - Enhanced deployment condition logic - Updated environment variable references
.github/workflows/debug-workflow.yml	- New workflow added for debugging information

Possibly related PRs

• Github actions fixes #618: Adds validation steps for deployment secrets.
• More work on actions #622: Introduces new input parameters for Control Plane deployment.

Poem

🐰 Deployment's dance, simplified and light,
Scripts trimmed down with rabbit's might
No more complex SHA's to trace
Just deploy with minimal grace
A streamlined path to cloud's embrace! 🚀

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

Hi 👋 Here are the commands available for this PR:

• /deploy-review-app: Deploy your changes to a review environment
• /delete-review-app: Clean up the review environment when you're done
• /help: Show detailed information about all commands

Use /help to see full documentation, including configuration options.

[github-actions]

🚀 Starting deployment process...

undefined

[github-actions]

🏗️ Building Docker image for PR #623, commit 8fbd752

📝 View Build Logs

🎮 Control Plane Console

[github-actions]

🏗️ Building Docker image for PR #623, commit 735e7f6

📝 View Build Logs

🎮 Control Plane Console

[github-actions]

🚀 Deploying to Control Plane...

⏳ Waiting for deployment to be ready...

📝 View Deploy Logs

🎮 Control Plane Console

[github-actions]

🚀 Deploying to Control Plane...

⏳ Waiting for deployment to be ready...

📝 View Deploy Logs

🎮 Control Plane Console

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

.github/workflows/deploy-to-control-plane.yml (2)

94-152: Enhance error handling in PR reference resolution.

While the PR reference handling is thorough, consider adding more specific error messages for different failure scenarios.

 if [[ -z "$PR_DATA" ]]; then
   PR_DATA=$(gh pr view "$PR_NUMBER" --json headRefName,headRefOid)
   if [[ -z "$PR_DATA" ]]; then
-    echo "Error: PR DATA for PR #$PR_NUMBER not found"
+    echo "Error: Failed to fetch PR #$PR_NUMBER data. Possible reasons:"
+    echo "- PR no longer exists"
+    echo "- PR is not accessible"
+    echo "- GitHub API rate limit exceeded"
     echo "Event type: ${{ github.event_name }}"
     echo "Event action: ${{ github.event.action }}"
     echo "Ref name: ${{ github.ref_name }}"

🧰 Tools

🪛 YAMLlint (1.35.1)

[error] 134-134: trailing spaces

(trailing-spaces)

---

[error] 147-147: trailing spaces

(trailing-spaces)

---

250-268: Enhance status messages with deployment environment details.

While the status updates are comprehensive, consider adding the deployment environment name for clarity.

 const successMessage = [
-  '✅ Deployment complete for PR #' + prNumber + ', commit ' + '${{ env.PR_SHA }}',
+  '✅ Deployment complete to ' + process.env.CPLN_ORG + ' for PR #' + prNumber + ', commit ' + '${{ env.PR_SHA }}',
   '',
   '🚀 [Review App for PR #' + prNumber + '](' + appUrl + ')',

Also applies to: 299-301, 386-401

🧰 Tools

🪛 YAMLlint (1.35.1)

[error] 262-262: trailing spaces

(trailing-spaces)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ebbc8d8 and 0d4d7a0.

📒 Files selected for processing (3)

• .github/actions/deploy-to-control-plane/action.yml (1 hunks)
• .github/actions/deploy-to-control-plane/scripts/get-commit-sha.sh (0 hunks)
• .github/workflows/deploy-to-control-plane.yml (12 hunks)

💤 Files with no reviewable changes (1)

• .github/actions/deploy-to-control-plane/scripts/get-commit-sha.sh

🧰 Additional context used

🪛 YAMLlint (1.35.1)

.github/workflows/deploy-to-control-plane.yml

[error] 69-69: trailing spaces

(trailing-spaces)

---

[error] 74-74: trailing spaces

(trailing-spaces)

---

[error] 79-79: trailing spaces

(trailing-spaces)

---

[error] 83-83: trailing spaces

(trailing-spaces)

---

[error] 134-134: trailing spaces

(trailing-spaces)

---

[error] 147-147: trailing spaces

(trailing-spaces)

---

[error] 262-262: trailing spaces

(trailing-spaces)

---

[error] 285-285: trailing spaces

(trailing-spaces)

---

[error] 288-288: trailing spaces

(trailing-spaces)

---

[error] 289-289: trailing spaces

(trailing-spaces)

🪛 actionlint (1.7.4)

.github/workflows/deploy-to-control-plane.yml

187-187: "github.event.comment.body" is potentially untrusted. avoid using it directly in inline scripts. instead, pass it through an environment variable. see https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions for more details

(expression)

⏰ Context from checks skipped due to timeout of 90000ms (2)

• GitHub Check: Process-Deployment-Command
• GitHub Check: test (22.x, 3.3.4)

🔇 Additional comments (6)

.github/actions/deploy-to-control-plane/action.yml (2)

39-42: LGTM! Environment variables are properly configured.

The environment variables are correctly mapped from input parameters, maintaining proper separation of concerns.

---

44-47: Verify error handling in the deployment script.

While the script execution is properly checked for failures, we should verify that the deploy.sh script provides adequate error messages and handles failures gracefully.

✅ Verification successful

Error handling in deploy.sh is robust and well-implemented ✅

The deployment script implements comprehensive error handling including fail-fast behavior, input validation, proper cleanup, detailed error messages, and timeout handling. All failure scenarios are properly handled with appropriate error messages and exit codes.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check if deploy.sh exists and contains proper error handling

# Check if the script exists
if ! fd -t f "deploy.sh" .github/actions/deploy-to-control-plane/scripts/; then
  echo "Error: deploy.sh not found"
  exit 1
fi

# Check for basic error handling patterns in deploy.sh
rg -l "exit [1-9]|set -e" .github/actions/deploy-to-control-plane/scripts/deploy.sh

Length of output: 270

---

Script:

#!/bin/bash
# Show the content of deploy.sh and search for error handling patterns
echo "=== Content of deploy.sh ==="
cat .github/actions/deploy-to-control-plane/scripts/deploy.sh

echo -e "\n=== Error handling patterns ==="
echo "1. Error messages:"
rg "echo.*[Ee]rror|printf.*[Ee]rror" .github/actions/deploy-to-control-plane/scripts/deploy.sh

echo -e "\n2. Exit statements with context:"
rg -C 2 "exit [1-9]" .github/actions/deploy-to-control-plane/scripts/deploy.sh

echo -e "\n3. Set options and error traps:"
rg "set -|trap|catch" .github/actions/deploy-to-control-plane/scripts/deploy.sh

Length of output: 3019

.github/workflows/deploy-to-control-plane.yml (4)

1-3: LGTM! Clear workflow naming and environment configuration.

The workflow name and environment variables are well-structured, using repository variables for configuration.

Also applies to: 27-30

---

65-87: LGTM! Comprehensive validation of required secrets and variables.

The validation step properly checks for all required secrets and variables before proceeding with deployment.

🧰 Tools

🪛 YAMLlint (1.35.1)

[error] 69-69: trailing spaces

(trailing-spaces)

---

[error] 74-74: trailing spaces

(trailing-spaces)

---

[error] 79-79: trailing spaces

(trailing-spaces)

---

[error] 83-83: trailing spaces

(trailing-spaces)

---

178-182: LGTM! Proper app existence check with clear state management.

The app existence check is well-implemented, setting the appropriate environment variable for later use.

---

228-234: LGTM! Clear app setup with proper organization context.

The Control Plane app setup is well-implemented, using the correct organization context.

[coderabbitai]

⚠️ Potential issue

Address potential security risk in comment handling.

The comment body is used directly in the script, which could be a security risk as noted by actionlint.

-              COMMENT_BODY=$(echo "${{ github.event.comment.body }}" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
+              # Set comment body through environment
+              echo "COMMENT_BODY<<EOF" >> $GITHUB_ENV
+              echo "${{ github.event.comment.body }}" >> $GITHUB_ENV
+              echo "EOF" >> $GITHUB_ENV
+              
+              # Use environment variable instead of direct expansion
+              TRIMMED_COMMENT=$(echo "$COMMENT_BODY" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
+              if [[ "$TRIMMED_COMMENT" == "/deploy-review-app" ]]; then

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	# Skip validation if deployment is already disabled
	if [[ "${{ env.DO_DEPLOY }}" == "false" ]]; then
	echo "Skipping validation - deployment already disabled"
	exit 0
	fi
	if ! [[ "${{ github.event_name }}" == "workflow_dispatch" || \
	("${{ github.event_name }}" == "issue_comment" && "${{ github.event.comment.body }}" == "/deploy-review-app") || \
	"${{ github.event_name }}" == "pull_request" ]]; then
	echo "Skipping deployment - not a valid trigger (event: ${{ github.event_name }})"
	"${{ github.event_name }}" == "issue_comment" || \
	"${{ github.event_name }}" == "pull_request" || \
	"${{ github.event_name }}" == "push" ]]; then
	echo "Error: Unsupported event type ${{ github.event_name }}"
	exit 1
	fi
	# Set DO_DEPLOY based on event type and conditions
	if [[ "${{ github.event_name }}" == "pull_request" && \
	("${{ github.event.action }}" == "opened" || \
	"${{ github.event.action }}" == "synchronize" || \
	"${{ github.event.action }}" == "reopened") ]]; then
	echo "DO_DEPLOY=true" >> $GITHUB_ENV
	elif [[ "${{ github.event_name }}" == "push" ]]; then
	echo "DO_DEPLOY=true" >> $GITHUB_ENV
	elif [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
	echo "DO_DEPLOY=true" >> $GITHUB_ENV
	elif [[ "${{ github.event_name }}" == "issue_comment" ]]; then
	if [[ "${{ github.event.issue.pull_request }}" ]]; then
	# Trim spaces and check for exact command
	COMMENT_BODY=$(echo "${{ github.event.comment.body }}" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
	if [[ "$COMMENT_BODY" == "/deploy-review-app" ]]; then
	echo "DO_DEPLOY=true" >> $GITHUB_ENV
	else
	echo "DO_DEPLOY=false" >> $GITHUB_ENV
	echo "Skipping deployment - comment '$COMMENT_BODY' does not match '/deploy-review-app'"
	fi
	else
	echo "DO_DEPLOY=false" >> $GITHUB_ENV
	echo "Skipping deployment for non-PR comment"
	fi
	fi
	# Skip validation if deployment is already disabled
	if [[ "${{ env.DO_DEPLOY }}" == "false" ]]; then
	echo "Skipping validation - deployment already disabled"
	exit 0
	fi
	if ! [[ "${{ github.event_name }}" == "workflow_dispatch" || \
	"${{ github.event_name }}" == "issue_comment" || \
	"${{ github.event_name }}" == "pull_request" || \
	"${{ github.event_name }}" == "push" ]]; then
	echo "Error: Unsupported event type ${{ github.event_name }}"
	exit 1
	fi
	# Set DO_DEPLOY based on event type and conditions
	if [[ "${{ github.event_name }}" == "pull_request" && \
	("${{ github.event.action }}" == "opened" || \
	"${{ github.event.action }}" == "synchronize" || \
	"${{ github.event.action }}" == "reopened") ]]; then
	echo "DO_DEPLOY=true" >> $GITHUB_ENV
	elif [[ "${{ github.event_name }}" == "push" ]]; then
	echo "DO_DEPLOY=true" >> $GITHUB_ENV
	elif [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
	echo "DO_DEPLOY=true" >> $GITHUB_ENV
	elif [[ "${{ github.event_name }}" == "issue_comment" ]]; then
	if [[ "${{ github.event.issue.pull_request }}" ]]; then
	# Set comment body through environment
	echo "COMMENT_BODY<<EOF" >> $GITHUB_ENV
	echo "${{ github.event.comment.body }}" >> $GITHUB_ENV
	echo "EOF" >> $GITHUB_ENV
	# Use environment variable instead of direct expansion
	TRIMMED_COMMENT=$(echo "$COMMENT_BODY" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
	if [[ "$TRIMMED_COMMENT" == "/deploy-review-app" ]]; then
	echo "DO_DEPLOY=true" >> $GITHUB_ENV
	else
	echo "DO_DEPLOY=false" >> $GITHUB_ENV
	echo "Skipping deployment - comment '$COMMENT_BODY' does not match '/deploy-review-app'"
	fi
	else
	echo "DO_DEPLOY=false" >> $GITHUB_ENV
	echo "Skipping deployment for non-PR comment"
	fi
	fi

[github-actions]

🚀 Deploying to Control Plane...

⏳ Waiting for deployment to be ready...

📝 View Deploy Logs

🎮 Control Plane Console

[github-actions]

🚀 Deploying to Control Plane...

⏳ Waiting for deployment to be ready...

📝 View Deploy Logs

🎮 Control Plane Console

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (1)

.github/workflows/deploy-to-control-plane.yml (1)

213-226: ⚠️ Potential issue

Security risk in comment handling persists.

The direct use of github.event.comment.body in the script remains a security risk.

Apply the previously suggested fix:

-              COMMENT_BODY=$(echo "${{ github.event.comment.body }}" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
+              # Set comment body through environment
+              echo "COMMENT_BODY<<EOF" >> $GITHUB_ENV
+              echo "${{ github.event.comment.body }}" >> $GITHUB_ENV
+              echo "EOF" >> $GITHUB_ENV
+              
+              # Use environment variable instead of direct expansion
+              TRIMMED_COMMENT=$(echo "$COMMENT_BODY" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')

🧹 Nitpick comments (3)

.github/workflows/deploy-to-control-plane.yml (3)

27-30: Consider standardizing environment variable naming.

While the configuration is correct, consider standardizing the naming convention:

• REVIEW_APP_PREFIX (from vars)
• CPLN_TOKEN_STAGING (from secrets)
• CPLN_ORG_STAGING (from vars)

The mix of suffixed (_STAGING) and non-suffixed names could be confusing.

Consider renaming REVIEW_APP_PREFIX to REVIEW_APP_PREFIX_STAGING for consistency.

---

65-87: Consider enhancing secret/variable validation.

While the existence check is good, consider adding type/format validation:

• REVIEW_APP_PREFIX: Should not contain spaces or special characters
• CPLN_TOKEN_STAGING: Should match expected token format

 if [ -z "${{ vars.REVIEW_APP_PREFIX }}" ]; then
   missing+=("Variable: REVIEW_APP_PREFIX")
+elif [[ "${{ vars.REVIEW_APP_PREFIX }}" =~ [^a-zA-Z0-9-] ]]; then
+  echo "Error: REVIEW_APP_PREFIX should only contain alphanumeric characters and hyphens"
+  exit 1
 fi

🧰 Tools

🪛 YAMLlint (1.35.1)

[error] 69-69: trailing spaces

(trailing-spaces)

---

[error] 74-74: trailing spaces

(trailing-spaces)

---

[error] 79-79: trailing spaces

(trailing-spaces)

---

[error] 83-83: trailing spaces

(trailing-spaces)

---

Line range hint 386-395: Enhance deployment status error reporting.

Consider adding more detailed error information in the failure message to help with troubleshooting.

 const failureMessage = [
   '❌ Deployment failed for PR #' + prNumber + ', commit ' + '${{ env.PR_SHA }}',
   '',
+  '🔍 Error Details:',
+  '```',
+  process.env.ERROR_MESSAGE || 'No detailed error information available',
+  '```',
+  '',
   consoleLink,
   '',
   '📋 [View Deployment Logs with Errors](' + workflowUrl + ')'
 ].join('\n');

🧰 Tools

🪛 YAMLlint (1.35.1)

[error] 383-383: trailing spaces

(trailing-spaces)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0d4d7a0 and 6cb3858.

📒 Files selected for processing (1)

• .github/workflows/deploy-to-control-plane.yml (12 hunks)

🧰 Additional context used

🪛 YAMLlint (1.35.1)

.github/workflows/deploy-to-control-plane.yml

[error] 69-69: trailing spaces

(trailing-spaces)

---

[error] 74-74: trailing spaces

(trailing-spaces)

---

[error] 79-79: trailing spaces

(trailing-spaces)

---

[error] 83-83: trailing spaces

(trailing-spaces)

---

[error] 134-134: trailing spaces

(trailing-spaces)

---

[error] 147-147: trailing spaces

(trailing-spaces)

---

[error] 262-262: trailing spaces

(trailing-spaces)

---

[error] 285-285: trailing spaces

(trailing-spaces)

---

[error] 288-288: trailing spaces

(trailing-spaces)

---

[error] 289-289: trailing spaces

(trailing-spaces)

🪛 actionlint (1.7.4)

.github/workflows/deploy-to-control-plane.yml

187-187: "github.event.comment.body" is potentially untrusted. avoid using it directly in inline scripts. instead, pass it through an environment variable. see https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions for more details

(expression)

⏰ Context from checks skipped due to timeout of 90000ms (3)

• GitHub Check: Process-Deployment-Command
• GitHub Check: test (22.x, 3.3.4)
• GitHub Check: Process-Deployment-Command

🔇 Additional comments (1)

.github/workflows/deploy-to-control-plane.yml (1)

Line range hint 1-26: Well-structured workflow configuration!

The workflow configuration is well-organized with:

• Clear naming that reflects its purpose
• Comprehensive event triggers
• Proper concurrency handling to prevent parallel deployments

[github-actions]

🚀 Deploying to Control Plane...

⏳ Waiting for deployment to be ready...

📝 View Deploy Logs

🎮 Control Plane Console

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

.github/workflows/deploy-to-control-plane.yml (1)

219-222: ⚠️ Potential issue

Address potential security risk in comment handling.

Direct use of github.event.comment.body in shell scripts poses a security risk.

🧹 Nitpick comments (2)

.github/workflows/debug-workflow.yml (1)

30-36: Consider enhancing the GitHub context output.

While the current implementation is functional, consider structuring the JSON output for better readability.

Apply this diff to improve the output formatting:

       - name: Debug GitHub Context
         run: |
           echo "Event name: ${{ github.event_name }}"
           echo "Event path: ${{ github.event_path }}"
           echo "Repository: ${{ github.repository }}"
           echo "Full GitHub context:"
-          echo '${{ toJson(github) }}'
+          echo '${{ toJson(github) }}' | jq '.'

🧰 Tools

🪛 YAMLlint (1.35.1)

[error] 36-36: no new line character at the end of file

(new-line-at-end-of-file)

---

[error] 36-36: trailing spaces

(trailing-spaces)

.github/workflows/deploy-to-control-plane.yml (1)

234-241: Consider adding error handling for app setup.

The app setup step should include error handling and logging for better debugging.

Apply this diff to improve error handling:

       - name: Setup Control Plane App if Not Existing
         if: env.DO_DEPLOY == 'true' && env.APP_EXISTS == 'false'
         env:
           CPLN_TOKEN: ${{ secrets.CPLN_TOKEN_STAGING }}
         run: |
           echo "🔧 Setting up new Control Plane app..."
-          cpflow setup-app -a ${{ env.APP_NAME }} --org ${{ vars.CPLN_ORG_STAGING }}
+          if ! cpflow setup-app -a ${{ env.APP_NAME }} --org ${{ vars.CPLN_ORG_STAGING }}; then
+            echo "❌ Failed to setup Control Plane app"
+            exit 1
+          fi
+          echo "✅ Successfully setup Control Plane app"

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6cb3858 and dea9fba.

📒 Files selected for processing (2)

• .github/workflows/debug-workflow.yml (1 hunks)
• .github/workflows/deploy-to-control-plane.yml (12 hunks)

🧰 Additional context used

🪛 actionlint (1.7.4)

.github/workflows/debug-workflow.yml

22-22: "github.head_ref" is potentially untrusted. avoid using it directly in inline scripts. instead, pass it through an environment variable. see https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions for more details

(expression)

.github/workflows/deploy-to-control-plane.yml

193-193: "github.event.comment.body" is potentially untrusted. avoid using it directly in inline scripts. instead, pass it through an environment variable. see https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions for more details

(expression)

🪛 YAMLlint (1.35.1)

.github/workflows/debug-workflow.yml

[error] 16-16: trailing spaces

(trailing-spaces)

---

[error] 36-36: no new line character at the end of file

(new-line-at-end-of-file)

---

[error] 36-36: trailing spaces

(trailing-spaces)

.github/workflows/deploy-to-control-plane.yml

[error] 37-37: trailing spaces

(trailing-spaces)

---

[error] 44-44: trailing spaces

(trailing-spaces)

---

[error] 45-45: trailing spaces

(trailing-spaces)

---

[error] 75-75: trailing spaces

(trailing-spaces)

---

[error] 80-80: trailing spaces

(trailing-spaces)

---

[error] 85-85: trailing spaces

(trailing-spaces)

---

[error] 89-89: trailing spaces

(trailing-spaces)

---

[error] 140-140: trailing spaces

(trailing-spaces)

---

[error] 153-153: trailing spaces

(trailing-spaces)

---

[error] 268-268: trailing spaces

(trailing-spaces)

---

[error] 291-291: trailing spaces

(trailing-spaces)

---

[error] 294-294: trailing spaces

(trailing-spaces)

---

[error] 295-295: trailing spaces

(trailing-spaces)

---

[error] 331-331: trailing spaces

(trailing-spaces)

---

[error] 341-341: trailing spaces

(trailing-spaces)

---

[error] 350-350: trailing spaces

(trailing-spaces)

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: test (22.x, 3.3.4)

🔇 Additional comments (4)

.github/workflows/debug-workflow.yml (1)

1-15: LGTM! Well-structured workflow configuration.

The workflow is well-designed with:

• Clear name and purpose
• Conditional execution based on input or environment variable
• Appropriate runner selection

.github/workflows/deploy-to-control-plane.yml (3)

33-37: LGTM! Good integration with debug workflow.

The debug job is well-configured with appropriate dependencies and conditional execution.

🧰 Tools

🪛 YAMLlint (1.35.1)

[error] 37-37: trailing spaces

(trailing-spaces)

---

71-93: LGTM! Thorough validation of required secrets and variables.

The validation step effectively checks for all required secrets and variables before proceeding with deployment.

🧰 Tools

🪛 YAMLlint (1.35.1)

[error] 75-75: trailing spaces

(trailing-spaces)

---

[error] 80-80: trailing spaces

(trailing-spaces)

---

[error] 85-85: trailing spaces

(trailing-spaces)

---

[error] 89-89: trailing spaces

(trailing-spaces)

---

323-352: LGTM! Well-structured GitHub deployment initialization.

The deployment initialization is thorough with appropriate status updates and error handling.

🧰 Tools

🪛 YAMLlint (1.35.1)

[error] 331-331: trailing spaces

(trailing-spaces)

---

[error] 341-341: trailing spaces

(trailing-spaces)

---

[error] 350-350: trailing spaces

(trailing-spaces)

[coderabbitai]

⚠️ Potential issue

Address potential security risk in branch info logging.

The direct use of github.head_ref in shell scripts poses a security risk. GitHub recommends passing such values through environment variables.

Apply this diff to fix the security concern:

       - name: Log Branch Info
         run: |
+          # Set branch ref through environment variables
+          echo "HEAD_REF=${{ github.head_ref }}" >> $GITHUB_ENV
+          echo "REF_NAME=${{ github.ref_name }}" >> $GITHUB_ENV
+
           echo "Branch for this run:"
           if [ "${{ github.event_name }}" == "pull_request" ]; then
-            echo "Pull Request Source Branch: ${{ github.head_ref }}"
+            echo "Pull Request Source Branch: $HEAD_REF"
           else
-            echo "Branch: ${{ github.ref_name }}"
+            echo "Branch: $REF_NAME"
           fi

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- name: Log Branch Info
	run: |
	echo "Branch for this run:"
	if [ "${{ github.event_name }}" == "pull_request" ]; then
	echo "Pull Request Source Branch: ${{ github.head_ref }}"
	else
	echo "Branch: ${{ github.ref_name }}"
	fi
	- name: Log Branch Info
	run: |
	# Set branch ref through environment variables
	echo "HEAD_REF=${{ github.head_ref }}" >> $GITHUB_ENV
	echo "REF_NAME=${{ github.ref_name }}" >> $GITHUB_ENV
	echo "Branch for this run:"
	if [ "${{ github.event_name }}" == "pull_request" ]; then
	echo "Pull Request Source Branch: $HEAD_REF"
	else
	echo "Branch: $REF_NAME"
	fi

🧰 Tools

🪛 actionlint (1.7.4)

22-22: "github.head_ref" is potentially untrusted. avoid using it directly in inline scripts. instead, pass it through an environment variable. see https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions for more details

(expression)

[github-actions]

🚀 Deploying to Control Plane...

⏳ Waiting for deployment to be ready...

📝 View Deploy Logs

🎮 Control Plane Console

[github-actions]

🏗️ Building Docker image for PR #623, commit 3d6bf48

📝 View Build Logs

🎮 Control Plane Console

[github-actions]

🏗️ Building Docker image for PR #623, commit 3d6bf48

📝 View Build Logs

🎮 Control Plane Console

[github-actions]

✅ Deployment complete for PR #623, commit 0173d2d

🚀 Review App for PR #623
🎮 Control Plane Console

📋 View Completed Action Build and Deploy Logs

[github-actions]

✅ Deployment complete for PR #623, commit 0173d2d

🚀 Review App for PR #623
🎮 Control Plane Console

📋 View Completed Action Build and Deploy Logs

[coderabbitai]

Caution

Inline review comments failed to post. This is likely due to GitHub's limits when posting large numbers of comments.

Actionable comments posted: 1

♻️ Duplicate comments (2)

.github/workflows/debug-workflow.yml (1)

21-28: ⚠️ Potential issue

Address potential security risk in branch info logging.

The direct use of github.head_ref and github.ref_name in shell scripts poses a security risk.

Apply this diff to fix the security concern:

      - name: Log Branch Info
        run: |
+          # Set branch refs through environment variables
+          echo "HEAD_REF=${{ github.head_ref }}" >> $GITHUB_ENV
+          echo "REF_NAME=${{ github.ref_name }}" >> $GITHUB_ENV
+
           echo "Branch for this run:"
           if [ "${{ github.event_name }}" == "pull_request" ]; then
-            echo "Pull Request Source Branch: ${{ github.head_ref }}"
+            echo "Pull Request Source Branch: $HEAD_REF"
           else
-            echo "Branch: ${{ github.ref_name }}"
+            echo "Branch: $REF_NAME"
           fi

🧰 Tools

🪛 actionlint (1.7.4)

22-22: "github.head_ref" is potentially untrusted. avoid using it directly in inline scripts. instead, pass it through an environment variable. see https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions for more details

(expression)

.github/workflows/deploy-to-control-plane.yml (1)

219-232: ⚠️ Potential issue

Address potential security risk in comment handling.

The comment body is used directly in the script, which could be a security risk.

Apply this diff to fix the security concern:

              # Trim spaces and check for exact command
-              COMMENT_BODY=$(echo "${{ github.event.comment.body }}" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
+              # Set comment body through environment
+              echo "COMMENT_BODY<<EOF" >> $GITHUB_ENV
+              echo "${{ github.event.comment.body }}" >> $GITHUB_ENV
+              echo "EOF" >> $GITHUB_ENV
+              
+              # Use environment variable instead of direct expansion
+              TRIMMED_COMMENT=$(echo "$COMMENT_BODY" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
+              if [[ "$TRIMMED_COMMENT" == "/deploy-review-app" ]]; then

🧹 Nitpick comments (2)

.github/workflows/debug-workflow.yml (1)

15-15: Consider using environment conditions.

The condition if: inputs.debug_enabled || vars.DEBUG_WORKFLOW == 'true' could be moved to an environment-level configuration for better maintainability.

jobs:
  debug-info:
    runs-on: ubuntu-latest
-    if: inputs.debug_enabled || vars.DEBUG_WORKFLOW == 'true'
+    environment:
+      name: debug
+    if: ${{ vars.DEBUG_WORKFLOW == 'true' }} || inputs.debug_enabled

.github/workflows/deploy-to-control-plane.yml (1)

33-37: Consider explicit debug workflow versioning.

The workflow uses a local reference without version pinning.

Consider creating a release tag for the debug workflow and referencing it explicitly:

   debug:
-    uses: ./.github/workflows/debug-workflow.yml
+    uses: ./.github/workflows/debug-workflow.yml@v1
     with:
       debug_enabled: false  # Will still run if vars.DEBUG_WORKFLOW is true

🧰 Tools

🪛 YAMLlint (1.35.1)

[error] 37-37: trailing spaces

(trailing-spaces)

🛑 Comments failed to post (1)

.github/workflows/deploy-to-control-plane.yml (1)

234-241: 🛠️ Refactor suggestion

Consider adding error handling for app setup.

The Control Plane app setup step lacks error handling.

Add error handling and logging:

       - name: Setup Control Plane App if Not Existing
         if: env.DO_DEPLOY == 'true' && env.APP_EXISTS == 'false'
         env:
           CPLN_TOKEN: ${{ secrets.CPLN_TOKEN_STAGING }}
         run: |
           echo "🔧 Setting up new Control Plane app..."
-          cpflow setup-app -a ${{ env.APP_NAME }} --org ${{ vars.CPLN_ORG_STAGING }}
+          if ! cpflow setup-app -a ${{ env.APP_NAME }} --org ${{ vars.CPLN_ORG_STAGING }}; then
+            echo "❌ Failed to setup Control Plane app"
+            exit 1
+          fi
+          echo "✅ Successfully setup Control Plane app"

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

      - name: Setup Control Plane App if Not Existing
        if: env.DO_DEPLOY == 'true' && env.APP_EXISTS == 'false'
        env:
          CPLN_TOKEN: ${{ secrets.CPLN_TOKEN_STAGING }}
        run: |
          echo "🔧 Setting up new Control Plane app..."
          if ! cpflow setup-app -a ${{ env.APP_NAME }} --org ${{ vars.CPLN_ORG_STAGING }}; then
            echo "❌ Failed to setup Control Plane app"
            exit 1
          fi
          echo "✅ Successfully setup Control Plane app"

[github-actions]

🚀 Deploying to Control Plane...

⏳ Waiting for deployment to be ready...

📝 View Deploy Logs

🎮 Control Plane Console

[github-actions]

🚀 Deploying to Control Plane...

⏳ Waiting for deployment to be ready...

📝 View Deploy Logs

🎮 Control Plane Console

[coderabbitai]

Actionable comments posted: 1

🔭 Outside diff range comments (1)

.github/workflows/deploy-to-control-plane.yml (1)

Line range hint 408-454: Improve deployment status update error handling.

The deployment status update lacks proper error handling and could fail silently.

       - name: Update Status - Deployment Complete
         if: env.DO_DEPLOY != 'false'
         uses: actions/github-script@v7
         with:
           script: |
+            try {
               const prNumber = process.env.PR_NUMBER;
               const appUrl = process.env.APP_URL;
               const workflowUrl = process.env.WORKFLOW_URL;
               const isSuccess = '${{ job.status }}' === 'success';
               
               const consoleLink = process.env.CONSOLE_LINK;
               
               // Create GitHub deployment status
               const deploymentStatus = {
                 owner: context.repo.owner,
                 repo: context.repo.repo,
                 deployment_id: ${{ steps.init-deployment.outputs.result }},
                 state: isSuccess ? 'success' : 'failure',
                 environment_url: isSuccess ? appUrl : undefined,
                 log_url: workflowUrl,
                 environment: 'review'
               };
               
               await github.rest.repos.createDeploymentStatus(deploymentStatus);
               
               // Update the existing comment
               await github.rest.issues.updateComment({
                 owner: context.repo.owner,
                 repo: context.repo.repo,
                 comment_id: ${{ steps.create-comment.outputs.comment-id }},
                 body: isSuccess ? successMessage : failureMessage
               });
+            } catch (error) {
+              core.error(`Failed to update deployment status: ${error.message}`);
+              throw error;
+            }

🧹 Nitpick comments (3)

.github/workflows/debug-workflow.yml (1)

30-36: Consider adding error handling for GitHub context debugging.

The debug output includes sensitive GitHub context information. Consider adding error handling and redacting sensitive data.

      - name: Debug GitHub Context
        run: |
+         # Function to redact sensitive values
+         redact_sensitive() {
+           sed 's/\(token":\s*\)"[^"]*"/\1"[REDACTED]"/'
+         }
+
          echo "Event name: ${{ github.event_name }}"
          echo "Event path: ${{ github.event_path }}"
          echo "Repository: ${{ github.repository }}"
          echo "Full GitHub context:"
-         echo '${{ toJson(github) }}'
+         echo '${{ toJson(github) }}' | redact_sensitive

🧰 Tools

🪛 YAMLlint (1.35.1)

[error] 36-36: no new line character at the end of file

(new-line-at-end-of-file)

---

[error] 36-36: trailing spaces

(trailing-spaces)

.github/actions/deploy-to-control-plane/scripts/deploy.sh (2)

42-44: Enhance URL extraction robustness.

The URL extraction using grep could be more robust by validating the URL format and providing a more descriptive error message.

-APP_URL=$(grep -oP 'https://[^[:space:]]*\.cpln\.app(?=\s|$)' "$TEMP_OUTPUT" | head -n1)
+# Extract and validate app URL
+APP_URL=$(grep -oP 'https://[^[:space:]]*\.cpln\.app(?=\s|$)' "$TEMP_OUTPUT" | head -n1)
 if [ -z "$APP_URL" ]; then
-  echo "❌ Error: Could not find app URL in deployment output"
+  echo "❌ Error: Could not find valid app URL (https://*.cpln.app) in deployment output"
+  echo "Last 10 lines of output:"
+  tail -n 10 "$TEMP_OUTPUT"
   exit 1
 fi

---

63-64: Consider adding URL validation before output.

Add a final validation step before writing the URL to GITHUB_OUTPUT to ensure it's well-formed.

+# Validate URL format before output
+if ! [[ "$APP_URL" =~ ^https://[^[:space:]]+\.cpln\.app$ ]]; then
+  echo "❌ Error: Invalid app URL format: $APP_URL"
+  exit 1
+fi
+
 echo "🌐 App URL: $APP_URL"
 echo "APP_URL=$APP_URL" >> "$GITHUB_OUTPUT"

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 3d6bf48 and 751eb87.

📒 Files selected for processing (4)

• .github/actions/deploy-to-control-plane/scripts/delete-app.sh (0 hunks)
• .github/actions/deploy-to-control-plane/scripts/deploy.sh (3 hunks)
• .github/workflows/debug-workflow.yml (1 hunks)
• .github/workflows/deploy-to-control-plane.yml (13 hunks)

💤 Files with no reviewable changes (1)

• .github/actions/deploy-to-control-plane/scripts/delete-app.sh

🧰 Additional context used

🪛 YAMLlint (1.35.1)

.github/workflows/deploy-to-control-plane.yml

[error] 37-37: trailing spaces

(trailing-spaces)

---

[error] 44-44: trailing spaces

(trailing-spaces)

---

[error] 45-45: trailing spaces

(trailing-spaces)

---

[error] 75-75: trailing spaces

(trailing-spaces)

---

[error] 80-80: trailing spaces

(trailing-spaces)

---

[error] 85-85: trailing spaces

(trailing-spaces)

---

[error] 89-89: trailing spaces

(trailing-spaces)

---

[error] 140-140: trailing spaces

(trailing-spaces)

---

[error] 153-153: trailing spaces

(trailing-spaces)

---

[error] 268-268: trailing spaces

(trailing-spaces)

---

[error] 289-289: trailing spaces

(trailing-spaces)

---

[error] 296-296: trailing spaces

(trailing-spaces)

---

[error] 300-300: trailing spaces

(trailing-spaces)

---

[error] 303-303: trailing spaces

(trailing-spaces)

---

[error] 304-304: trailing spaces

(trailing-spaces)

---

[error] 340-340: trailing spaces

(trailing-spaces)

---

[error] 350-350: trailing spaces

(trailing-spaces)

---

[error] 359-359: trailing spaces

(trailing-spaces)

.github/workflows/debug-workflow.yml

[error] 16-16: trailing spaces

(trailing-spaces)

---

[error] 36-36: no new line character at the end of file

(new-line-at-end-of-file)

---

[error] 36-36: trailing spaces

(trailing-spaces)

🪛 actionlint (1.7.4)

.github/workflows/deploy-to-control-plane.yml

193-193: "github.event.comment.body" is potentially untrusted. avoid using it directly in inline scripts. instead, pass it through an environment variable. see https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions for more details

(expression)

.github/workflows/debug-workflow.yml

22-22: "github.head_ref" is potentially untrusted. avoid using it directly in inline scripts. instead, pass it through an environment variable. see https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions for more details

(expression)

⏰ Context from checks skipped due to timeout of 90000ms (3)

• GitHub Check: Process-Deployment-Command
• GitHub Check: Process-Deployment-Command
• GitHub Check: test (22.x, 3.3.4)

🔇 Additional comments (2)

.github/workflows/debug-workflow.yml (1)

21-28: Address potential security risk in branch info logging.

The direct use of github.head_ref and github.ref_name in shell scripts poses a security risk.

Apply this diff to fix the security concern:

      - name: Log Branch Info
        run: |
+         # Set branch ref through environment variables
+         echo "HEAD_REF=${{ github.head_ref }}" >> $GITHUB_ENV
+         echo "REF_NAME=${{ github.ref_name }}" >> $GITHUB_ENV
+
          echo "Branch for this run:"
          if [ "${{ github.event_name }}" == "pull_request" ]; then
-           echo "Pull Request Source Branch: ${{ github.head_ref }}"
+           echo "Pull Request Source Branch: $HEAD_REF"
          else
-           echo "Branch: ${{ github.ref_name }}"
+           echo "Branch: $REF_NAME"
          fi

🧰 Tools

🪛 actionlint (1.7.4)

22-22: "github.head_ref" is potentially untrusted. avoid using it directly in inline scripts. instead, pass it through an environment variable. see https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions for more details

(expression)

.github/workflows/deploy-to-control-plane.yml (1)

219-232: Address potential security risk in comment handling.

The direct use of github.event.comment.body in shell scripts poses a security risk.

Apply this diff to fix the security concern:

-              COMMENT_BODY=$(echo "${{ github.event.comment.body }}" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
+              # Set comment body through environment
+              echo "COMMENT_BODY<<EOF" >> $GITHUB_ENV
+              echo "${{ github.event.comment.body }}" >> $GITHUB_ENV
+              echo "EOF" >> $GITHUB_ENV
+              
+              # Use environment variable instead of direct expansion
+              TRIMMED_COMMENT=$(echo "$COMMENT_BODY" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
+              if [[ "$TRIMMED_COMMENT" == "/deploy-review-app" ]]; then

[coderabbitai]

🛠️ Refactor suggestion

Enhance GitHub deployment initialization error handling.

The deployment initialization lacks proper error handling for API failures.

       - name: Initialize GitHub Deployment
         if: env.DO_DEPLOY != 'false'
         uses: actions/github-script@v7
         id: init-deployment
         with:
           script: |
+            try {
               const ref = process.env.PR_SHA;
               const environment = process.env.ENVIRONMENT_NAME || 'review-app';
               
               const deployment = await github.rest.repos.createDeployment({
                 owner: context.repo.owner,
                 repo: context.repo.repo,
                 ref: ref,
                 environment: environment,
                 auto_merge: false,
                 required_contexts: [],
                 description: `Deployment for PR #${process.env.PR_NUMBER}`
               });
               
               // Create initial deployment status
               await github.rest.repos.createDeploymentStatus({
                 owner: context.repo.owner,
                 repo: context.repo.repo,
                 deployment_id: deployment.data.id,
                 state: 'in_progress',
                 description: 'Deployment started'
               });
               
               return deployment.data.id;
+            } catch (error) {
+              core.error(`Failed to initialize deployment: ${error.message}`);
+              throw error;
+            }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- name: Initialize GitHub Deployment
	if: env.DO_DEPLOY != 'false'
	uses: actions/github-script@v7
	id: init-deployment
	with:
	script: |
	const ref = process.env.PR_SHA;
	const environment = process.env.ENVIRONMENT_NAME || 'review-app';
	const deployment = await github.rest.repos.createDeployment({
	owner: context.repo.owner,
	repo: context.repo.repo,
	ref: ref,
	environment: environment,
	auto_merge: false,
	required_contexts: [],
	description: `Deployment for PR #${process.env.PR_NUMBER}`
	});
	// Create initial deployment status
	await github.rest.repos.createDeploymentStatus({
	owner: context.repo.owner,
	repo: context.repo.repo,
	deployment_id: deployment.data.id,
	state: 'in_progress',
	description: 'Deployment started'
	});
	return deployment.data.id;
	- name: Initialize GitHub Deployment
	if: env.DO_DEPLOY != 'false'
	uses: actions/github-script@v7
	id: init-deployment
	with:
	script: |
	try {
	const ref = process.env.PR_SHA;
	const environment = process.env.ENVIRONMENT_NAME || 'review-app';
	const deployment = await github.rest.repos.createDeployment({
	owner: context.repo.owner,
	repo: context.repo.repo,
	ref: ref,
	environment: environment,
	auto_merge: false,
	required_contexts: [],
	description: `Deployment for PR #${process.env.PR_NUMBER}`
	});
	// Create initial deployment status
	await github.rest.repos.createDeploymentStatus({
	owner: context.repo.owner,
	repo: context.repo.repo,
	deployment_id: deployment.data.id,
	state: 'in_progress',
	description: 'Deployment started'
	});
	return deployment.data.id;
	} catch (error) {
	core.error(`Failed to initialize deployment: ${error.message}`);
	throw error;
	}

🧰 Tools

🪛 YAMLlint (1.35.1)

[error] 340-340: trailing spaces

(trailing-spaces)

---

[error] 350-350: trailing spaces

(trailing-spaces)

---

[error] 359-359: trailing spaces

(trailing-spaces)

[github-actions]

✅ Deployment complete for PR #623, commit e113f47

🚀 Review App for PR #623
🎮 Control Plane Console

📋 View Completed Action Build and Deploy Logs