chore(ci): complete Forgejo migration and adopt auto_review #386

jwilger · 2026-06-12T17:19:24-07:00

jwilger commented

2026-06-12 17:19:24 -07:00

Summary

Finishes the GitHub → Forgejo migration started in #385.

Workflows

Runner label: all jobs now run on ubuntu-24.04 (the label used by every other Slipstream repo). The docker label's runner currently fails every job at image pull with a broken docker credential helper — this is why the release-plz run on main failed after #385 merged.
CodeRabbit → auto_review: deleted coderabbit.yml; added the org-standard semantic-review job to ci.yml that requests a review from the self-hosted auto_review gateway (uses org-level AUTO_REVIEW_GATEWAY_URL / AR_CI_REVIEW_TOKEN).
release-plz: switched --backend to the current --forge flag and configure the release-bot git identity from org-level RELEASE_BOT_NAME / RELEASE_BOT_EMAIL before creating release PRs.

Metadata and docs

Cargo.toml repository URL, README CI badge, eventcore-sqlite/README.md, and the security-manual compliance link now point at git.johnwilger.com/Slipstream/eventcore.
SECURITY.md: vulnerabilities are reported privately by email (Forgejo has no Security Advisories feature).
CONTRIBUTING.md: Forgejo clone URLs, GPG key instructions, tea pr create, Forgejo Issues.
docs/RELEASE_PROCESS.md: removed references to the deleted .github/scripts lockstep scripts — lockstep versioning is enforced structurally by workspace version inheritance.

Notes

The CODERABBIT_API_KEY repo secret is now unused and can be deleted from repo settings (left in place intentionally).
Process note: this is CI/infra and docs work only — no library code or behavior changes, so the BDD/TDD development phases do not apply.

## Summary Finishes the GitHub → Forgejo migration started in #385. ### Workflows - **Runner label**: all jobs now run on `ubuntu-24.04` (the label used by every other Slipstream repo). The `docker` label's runner currently fails every job at image pull with a broken docker credential helper — this is why the release-plz run on `main` failed after #385 merged. - **CodeRabbit → auto_review**: deleted `coderabbit.yml`; added the org-standard `semantic-review` job to `ci.yml` that requests a review from the self-hosted auto_review gateway (uses org-level `AUTO_REVIEW_GATEWAY_URL` / `AR_CI_REVIEW_TOKEN`). - **release-plz**: switched `--backend` to the current `--forge` flag and configure the release-bot git identity from org-level `RELEASE_BOT_NAME` / `RELEASE_BOT_EMAIL` before creating release PRs. ### Metadata and docs - `Cargo.toml` repository URL, README CI badge, `eventcore-sqlite/README.md`, and the security-manual compliance link now point at `git.johnwilger.com/Slipstream/eventcore`. - `SECURITY.md`: vulnerabilities are reported privately by email (Forgejo has no Security Advisories feature). - `CONTRIBUTING.md`: Forgejo clone URLs, GPG key instructions, `tea pr create`, Forgejo Issues. - `docs/RELEASE_PROCESS.md`: removed references to the deleted `.github/scripts` lockstep scripts — lockstep versioning is enforced structurally by workspace version inheritance. ### Notes - The `CODERABBIT_API_KEY` repo secret is now unused and can be deleted from repo settings (left in place intentionally). - Process note: this is CI/infra and docs work only — no library code or behavior changes, so the BDD/TDD development phases do not apply.

jwilger added 1 commit

2026-06-12 17:19:25 -07:00

chore(ci): complete Forgejo migration and adopt auto_review

CI / Detect Changes (pull_request) Successful in 4s

Details

CI / Request auto_review semantic review (pull_request) Successful in 1s

Details

auto_review auto_review: 2 warnings

CI / Format (pull_request) Successful in 16s

Details

CI / Clippy (pull_request) Successful in 2m1s

Details

CI / Security Audit (pull_request) Successful in 25s

Details

CI / Test (pull_request) Successful in 2m56s

Details

CI / Mutation (pull_request) Has been skipped

Details

CI / CI Gate (pull_request) Successful in 2s

Details

0d10c6ee54

The GitHub-to-Forgejo migration (#385) left the workflows pointing at the
wrong runner and the old review bot, and left GitHub-specific URLs in repo
metadata and docs.

Workflows:
- Run all jobs on the ubuntu-24.04 runner label used by the other
  Slipstream repos. The docker label's runner currently fails every job
  at image pull (broken docker credential helper), which is why the
  release-plz run on main failed after the migration merge.
- Replace the CodeRabbit workflow with the org-standard semantic-review
  job that requests a review from the self-hosted auto_review gateway
  (AUTO_REVIEW_GATEWAY_URL / AR_CI_REVIEW_TOKEN are org-level config).
- Use release-plz's current --forge flag and configure the release bot
  git identity from org-level variables before creating release PRs.

Metadata and docs:
- Point Cargo.toml repository, the README CI badge, and stray doc links
  at git.johnwilger.com/Slipstream/eventcore.
- SECURITY.md: report vulnerabilities by email instead of GitHub
  Security Advisories.
- CONTRIBUTING.md: Forgejo clone URLs, GPG key setup, tea pr create,
  Forgejo Issues for tracking.
- docs/RELEASE_PROCESS.md: drop references to deleted .github lockstep
  scripts; lockstep versioning is enforced by workspace version
  inheritance, not scripts.

auto-review approved these changes

2026-06-12 17:19:40 -07:00

auto-review left a comment

This PR completes the migration from GitHub to Forgejo by updating CI workflows, documentation, and metadata links. The changes appear safe to merge, but ensure that all new configurations and environment settings are correctly applied.

Walkthrough

CI Workflows:
- Updated runner labels from docker to ubuntu-24.04 across all workflows.
- Removed coderabbit.yml and added semantic-review job for auto_review.
- Changed release-plz command from --backend to --forge.
- Added git identity configuration in release-plz.yml.
Documentation and Metadata:
- Updated repository URLs and CI badges to point to Forgejo.
- Revised security and contribution guidelines to reflect Forgejo processes.
- Removed references to GitHub-specific features and replaced them with Forgejo equivalents.

LLM usage and cost

Reasoning (gpt-4o) in=8296 out=525 cost=$0.049355
Cheap (gpt-4o-mini) in=8163 out=80 cost=$0.001272
Estimated total USD: $0.050627 via https://api.openai.com and https://api.openai.com

This PR completes the migration from GitHub to Forgejo by updating CI workflows, documentation, and metadata links. The changes appear safe to merge, but ensure that all new configurations and environment settings are correctly applied. ## Walkthrough - **CI Workflows**: - Updated runner labels from `docker` to `ubuntu-24.04` across all workflows. - Removed `coderabbit.yml` and added `semantic-review` job for auto_review. - Changed `release-plz` command from `--backend` to `--forge`. - Added git identity configuration in `release-plz.yml`. - **Documentation and Metadata**: - Updated repository URLs and CI badges to point to Forgejo. - Revised security and contribution guidelines to reflect Forgejo processes. - Removed references to GitHub-specific features and replaced them with Forgejo equivalents. ## LLM usage and cost - Reasoning (gpt-4o) in=8296 out=525 cost=$0.049355 - Cheap (gpt-4o-mini) in=8163 out=80 cost=$0.001272 Estimated total USD: $0.050627 via https://api.openai.com and https://api.openai.com

.forgejo/workflows/ci.yml

					
				@ -17,7 +17,7 @@ env:

				jobs:

🟡 Warning: The runner label has been changed from docker to ubuntu-24.04. Ensure that all dependencies and configurations are compatible with this new environment.

🟡 **Warning:** The runner label has been changed from `docker` to `ubuntu-24.04`. Ensure that all dependencies and configurations are compatible with this new environment.

.forgejo/workflows/publish.yml

				`@ -62,5 +62,5 @@ jobs:`

🟡 Warning: The --backend flag in the release-plz command has been replaced with --forge. Ensure that this change is compatible with the current setup and does not affect the release process.

🟡 **Warning:** The `--backend` flag in the `release-plz` command has been replaced with `--forge`. Ensure that this change is compatible with the current setup and does not affect the release process.