fix: pull-request.yml to ignore actions on ignore-sensitive-files-pr and Introspection workflow

[govindsingh3477]

What kind of change does this PR introduce?

Issue Number:

Closes #2385
Closes #2383
Did you add tests for your changes?

Snapshots/Videos:

If relevant, did you update the documentation?

Summary

Does this PR introduce a breaking change?

Other information

Have you read the contributing guide?

Summary by CodeRabbit

• New Features

  • Introduced a consolidated CREATE_CHAT mutation for creating both group and direct chats with an additional name parameter.

• Bug Fixes

  • Enhanced GitHub Actions workflow to enforce stricter checks on sensitive files and target branches for pull requests.

• Refactor

  • Removed outdated CREATE_GROUP_CHAT and CREATE_DIRECT_CHAT mutations to streamline chat creation functionality.
  • Updated components to utilize the new CREATE_CHAT mutation instead of the removed direct chat mutation.

[coderabbitai]

Walkthrough

The pull request introduces modifications to the GitHub Actions workflow in the pull-request.yml file, enhancing the conditions for checking sensitive files and enforcing stricter target branch requirements. Additionally, it consolidates GraphQL mutations related to chat creation by removing CREATE_GROUP_CHAT and CREATE_DIRECT_CHAT, while updating the CREATE_CHAT mutation to differentiate between group and direct chats. The changes ensure that only the necessary functionality remains and that the workflow adheres to new conditions.

Changes

File Path	Change Summary
.github/workflows/pull-request.yml	Added condition to Check-Sensitive-Files job for label 'ignore-sensitive-files-pr'; updated Check-Target-Branch job to enforce 'develop' as target branch.
src/GraphQl/Mutations/OrganizationMutations.ts	Removed CREATE_GROUP_CHAT and CREATE_DIRECT_CHAT mutations; updated CREATE_CHAT to include name parameter and isGroup boolean.
src/GraphQl/Mutations/mutations.ts	Removed export of CREATE_DIRECT_CHAT.
src/components/UserPortal/CreateDirectChat/CreateDirectChat.tsx	Removed import of CREATE_DIRECT_CHAT, continues using CREATE_CHAT.

Assessment against linked issues

Objective	Addressed	Explanation
Update the offending code to make the introspection tests pass (2385)	❌	Changes do not address introspection tests.
All existing tests must pass and must be valid tests of the code base (2385)	❓	Unclear if all tests are still valid.
No other functionality must be affected (2385)	✅	No additional functionality was altered.

Possibly related PRs

• fixed the eslint checker #2318: This PR modifies the .github/workflows/pull-request.yml file, similar to the main PR, by adding a job that checks the target branch for pull requests and enhances the linting process.

Suggested reviewers

• palisadoes

Poem

In the garden of code, we hop and play,
With branches and chats, we clear the way.
Sensitive checks now dance with a label,
Creating new chats, we're strong and stable!
A swift little rabbit, we leap with delight,
As our code blooms bright, all feels just right! 🐇✨

---

📜 Recent review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between e634495 and b6c579d.

📒 Files selected for processing (2)

• src/GraphQl/Mutations/OrganizationMutations.ts (0 hunks)
• src/components/UserPortal/CreateDirectChat/CreateDirectChat.tsx (1 hunks)

💤 Files with no reviewable changes (1)

• src/GraphQl/Mutations/OrganizationMutations.ts

🚧 Files skipped from review as they are similar to previous changes (1)

• src/components/UserPortal/CreateDirectChat/CreateDirectChat.tsx

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

Our Pull Request Approval Process

We have these basic policies to make the approval process smoother for our volunteer team.

Testing Your Code

Please make sure your code passes all tests. Our test code coverage system will fail if these conditions occur:

1. The overall code coverage drops below the target threshold of the repository
2. Any file in the pull request has code coverage levels below the repository threshold
3. Merge conflicts

The process helps maintain the overall reliability of the code base and is a prerequisite for getting your PR approved. Assigned reviewers regularly review the PR queue and tend to focus on PRs that are passing.

Reviewers

Do not assign reviewers. Our Queue Monitors will review your PR and assign them.
When your PR has been assigned reviewers contact them to get your code reviewed and approved via:

1. comments in this PR or
2. our slack channel

Reviewing Your Code

Your reviewer(s) will have the following roles:

1. arbitrators of future discussions with other contributors about the validity of your changes
2. point of contact for evaluating the validity of your work
3. person who verifies matching issues by others that should be closed.
4. person who gives general guidance in fixing your tests

CONTRIBUTING.md

Read our CONTRIBUTING.md file. Most importantly:

1. PRs with issues not assigned to you will be closed by the reviewer
2. Fix the first comment in the PR so that each issue listed automatically closes

Other

1. 🎯 Please be considerate of our volunteers' time. Contacting the person who assigned the reviewers is not advised unless they ask for your input. Do not @ the person who did the assignment otherwise.
2. Read the CONTRIBUTING.md file make

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (2)

.github/workflows/pull-request.yml (2)

Line range hint 249-254: Enhance Target Branch Check Message

While the implementation correctly enforces the develop branch requirement, the error message could be more helpful.

Consider this enhanced error message:

-          echo "Error: Pull request target branch must be 'develop'. Please refer PR_GUIDELINES.md"
+          echo "Error: Invalid target branch '${github.event.pull_request.base.ref}'"
+          echo "All pull requests must target the 'develop' branch as per our branching strategy."
+          echo "Please update your PR to target 'develop' and refer to PR_GUIDELINES.md for more information."
+          echo "Current source branch: ${github.event.pull_request.head.ref}"
+          echo "Current target branch: ${github.event.pull_request.base.ref}"

---

Line range hint 219-236: Improve GraphQL Inspector Job Robustness

While the implementation is correct, consider enhancing error handling and validation.

Consider these improvements:

       - name: Clone API Repository
         run: |
           # Retrieve the complete branch name directly from the GitHub context
           FULL_BRANCH_NAME=${{ github.base_ref }}
           echo "FULL_Branch_NAME: $FULL_BRANCH_NAME"
           
-          # Clone the specified repository using the extracted branch name
-          git clone --branch $FULL_BRANCH_NAME https://github.com/PalisadoesFoundation/talawa-api && ls -a 
+          # Clone with error handling and validation
+          if ! git clone --branch $FULL_BRANCH_NAME https://github.com/PalisadoesFoundation/talawa-api; then
+            echo "Failed to clone talawa-api repository"
+            exit 1
+          fi
+          
+          # Verify schema file exists
+          if [ ! -f "./talawa-api/schema.graphql" ]; then
+            echo "schema.graphql not found in talawa-api"
+            exit 1
+          fi

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between af2f509 and e634495.

📒 Files selected for processing (4)

• .github/workflows/pull-request.yml (1 hunks)
• src/GraphQl/Mutations/OrganizationMutations.ts (0 hunks)
• src/GraphQl/Mutations/mutations.ts (0 hunks)
• src/components/UserPortal/CreateDirectChat/CreateDirectChat.tsx (0 hunks)

💤 Files with no reviewable changes (3)

• src/GraphQl/Mutations/OrganizationMutations.ts
• src/GraphQl/Mutations/mutations.ts
• src/components/UserPortal/CreateDirectChat/CreateDirectChat.tsx

🔇 Additional comments (1)

.github/workflows/pull-request.yml (1)

83-83: Security Concern: Sensitive Files Check Bypass

Adding the ability to bypass sensitive file checks with a label could potentially weaken repository security. While this might be necessary for authorized maintainers, it should be carefully controlled.

Let's verify if there are any existing protections:

Consider implementing additional safeguards:

1. Document the purpose and usage of this label in CONTRIBUTING.md
2. Restrict who can add this label through branch protection rules
3. Add required approvals from CODEOWNERS when this label is used

✅ Verification successful

Let me gather more information about the sensitive files check implementation and documentation.

---

Let me check the content of CODEOWNERS and look for any documentation about the label usage in contribution guidelines.

---

Sensitive Files Check Bypass Implementation is Appropriate

The implementation of the ignore-sensitive-files-pr label is well-controlled and secure:

1. The CODEOWNERS file shows that .github/ directory is protected and can only be modified by @palisadoes team
2. The label exists with a clear description: "The contributor has a legitimate reason for editing protected files"
3. The sensitive files check implementation includes comprehensive protection for critical infrastructure files
4. Only repository maintainers can apply labels, providing an additional layer of control

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check if branch protection rules exist for sensitive files
gh api repos/PalisadoesFoundation/talawa-admin/branches/develop/protection --jq '.required_status_checks'

# Check if the label is already being used
gh api repos/PalisadoesFoundation/talawa-admin/labels --jq '.[] | select(.name=="ignore-sensitive-files-pr")'

Length of output: 751

---

Script:

#!/bin/bash
# Check for documentation about the label usage
rg -i "ignore-sensitive-files-pr" -A 3 -B 3

# Check the sensitive files check implementation
cat .github/workflows/pull-request.yml

# Look for CODEOWNERS file
fd "CODEOWNERS" --type f

Length of output: 9147

---

Script:

#!/bin/bash
# Check CODEOWNERS content
cat CODEOWNERS

# Check contribution guidelines for label documentation
cat CONTRIBUTING.md
cat PR_GUIDELINES.md

Length of output: 16601

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 98.04%. Comparing base (af2f509) to head (b6c579d).
Report is 1 commits behind head on develop.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #2391      +/-   ##
===========================================
- Coverage    98.04%   98.04%   -0.01%     
===========================================
  Files          249      249              
  Lines         7197     7194       -3     
  Branches      2066     2069       +3     
===========================================
- Hits          7056     7053       -3     
  Misses         131      131              
  Partials        10       10              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[varshith257]

@pranshugupta54 / @AVtheking / @Doraemon012 / @gautam-divyanshu / @Atharva-Kanherkar
Can you approve the PR?

[Atharva-Kanherkar]

@pranshugupta54 / @AVtheking / @Doraemon012 / @gautam-divyanshu / @Atharva-Kanherkar
Can you approve the PR?

sure I'll review and tell you

[varshith257]

@palisadoes After 3 formal contributors' approvals.

[varshith257]

@gautam-divyanshu @Atharva-Kanherkar Can you see the merge pull request button enabled on your screens? Can post the image?

[Atharva-Kanherkar]

@gautam-divyanshu @Atharva-Kanherkar Can you see the merge pull request button enabled on your screens? Can post the image?

No I can not.

[varshith257]

@palisadoes I think there are restrictions enabled to branch