fix: resolve CI check failures on all PRs — regex false positive + concurrency#2974
fix: resolve CI check failures on all PRs — regex false positive + concurrency#2974marcusquinn merged 1 commit intomainfrom
Conversation
…ncurrency Three compounding bugs caused every PR to show failing/cancelled checks: 1. opencode-agent.yml regex /\/(oc|opencode)\b/ matched file paths in CodeRabbit review comments (e.g., /opencode-aidevops/observability.mjs), triggering the workflow on every bot review. Fixed by requiring the trigger to appear at line start or after whitespace: /(^|\s)\/(oc|opencode)\b/m 2. opencode-agent.yml security-check job had no permissions block, so GITHUB_TOKEN defaulted to read-only. When the regex false-positive fired and the job tried to reply to CodeRabbit's comment with a rejection message, it failed with 403. Added pull-requests: write and issues: write permissions. 3. review-bot-gate.yml used cancel-in-progress: true, which cancelled the initial pull_request:opened run when a bot posted (triggering issue_comment:created). The cancelled run left a permanent stale CANCELLED check, making mergeStateStatus UNSTABLE. Changed to false. Closes #2973
|
Warning You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again! |
|
Warning Rate limit exceeded
⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (2)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
🔍 Code Quality Report�[0;35m[MONITOR]�[0m Code Review Monitoring Report �[0;34m[INFO]�[0m Latest Quality Status: �[0;34m[INFO]�[0m Recent monitoring activity: 📈 Current Quality Metrics
Generated on: Fri Mar 6 04:45:18 UTC 2026 Generated by AI DevOps Framework Code Review Monitoring |
|
1 participant
Summary
Fixes three compounding bugs that caused every open PR to show failing/cancelled CI checks:
/\/(oc|opencode)\b/matched file paths in CodeRabbit review comments (e.g.,.agents/plugins/opencode-aidevops/observability.mjs), causing the workflow to fire on every bot review. Fixed by requiring the trigger at line start or after whitespace.security-checkjob had nopermissionsblock, soGITHUB_TOKENdefaulted to read-only. When the false-positive fired and the job tried to reply with a rejection message, it failed with HTTP 403.cancel-in-progress: truecancelled the initialpull_request:openedrun when a bot posted, leaving a permanent stale CANCELLED check that mademergeStateStatus: UNSTABLE.Why self-improvement didn't catch this
The pulse/supervisor checks for open PRs and stale issues but doesn't analyze why CI checks fail. It sees
UNSTABLEbut doesn't drill into which check or root cause. The OpenCode Agent workflow (which could fix this via/occommands) was itself broken by the same regex bug — a circular failure.Testing
/ocand/opencodecommands still trigger correctlyCloses #2973