feat: add /prerelease slash command to trigger publish workflow

[Aaron ("AJ") Steers (aaronsteers)]

feat: add /prerelease slash command to trigger publish workflow

Summary

This PR adds a new /prerelease slash command that allows maintainers to trigger the publish workflow with default arguments directly from a PR comment. This simplifies the process of creating prereleases during development.

Changes:

• Created new workflow file .github/workflows/prerelease-command.yml that triggers the publish workflow with default arguments (publish to PyPI, DockerHub, and Manifest Server, but don't update Connector Builder)
• Updated slash_command_dispatch.yml to recognize and dispatch the /prerelease command
• Updated publish.yml workflow description to recommend using the slash command for prereleases
• Added /prerelease to both internal and community PR welcome messages
• Added /prerelease to the slash command help text

Review & Testing Checklist for Human

This is a yellow risk PR - the workflow logic is new and untested in production.

• Test the /prerelease command end-to-end - Comment /prerelease on a test PR and verify it triggers the publish workflow correctly
• Verify workflow ref handling - Check that the publish workflow runs against the correct branch when triggered from a PR comment (the workflow uses --ref ${{ github.ref }} which may need adjustment)
• Check workflow URL capture - Verify that the workflow run URL is correctly captured and posted back to the PR comment (there's a 5-second sleep + query that could be fragile)
• Validate default arguments - Confirm the hardcoded defaults in prerelease-command.yml match the intended behavior (currently: publish_to_pypi=true, publish_to_dockerhub=true, publish_manifest_server=true, update_connector_builder=false)

Test Plan

1. Create a test PR or use an existing one
2. Comment /prerelease on the PR
3. Verify the workflow is triggered and runs successfully
4. Check that the bot posts updates to the PR comment with the workflow run URL
5. Verify the publish workflow runs with the expected default arguments

Notes

• The workflow uses gh workflow run to trigger publish.yml, which requires the GitHub App token for authentication
• There's a potential race condition in capturing the workflow run URL (5-second sleep + query for most recent run)
• The --ref parameter may need adjustment depending on how GitHub Actions resolves refs when triggered from PR comments

---

Requested by: AJ Steers (Aaron ("AJ") Steers (@aaronsteers))
Devin Session: https://app.devin.ai/sessions/b5ff1b85488c40b691bdda024f919b91

Summary by CodeRabbit

• New Features

  • Added a /prerelease slash command for PR comments to trigger a prerelease publish with default arguments.

• Chores

  • Added an on‑demand prerelease workflow that can be manually triggered and optionally posts status comments to the PR.
  • Updated workflow help and input guidance to document the new prerelease command and versioning options.

[devin-ai-integration]

Original prompt from AJ Steers

Received message in Slack channel #ask-devin-ai:

@Devin - Create a `/prerelease` slash command that calls this workflow with default args to publish a prerelease with default version: <https://github.com/airbytehq/airbyte-python-cdk/blob/main/.github/workflows/publish.yml>
Thread URL: https://airbytehq-team.slack.com/archives/C08BHPUMEPJ/p1762681612446039

<https://github.com/airbytehq/airbyte-python-cdk/blob/main/.github/workflows/publish.yml|publish.yml>

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring

[github-actions]

👋 Greetings, Airbyte Team Member!

Here are some helpful tips and reminders for your convenience.

Testing This CDK Version

You can test this version of the CDK using the following:

# Run the CLI from this branch:
uvx 'git+https://github.com/airbytehq/airbyte-python-cdk.git@devin/1762681962-add-prerelease-slash-command#egg=airbyte-python-cdk[dev]' --help

# Update a connector to use the CDK from this branch ref:
cd airbyte-integrations/connectors/source-example
poe use-cdk-branch devin/1762681962-add-prerelease-slash-command

Helpful Resources

• CDK API Reference

PR Slash Commands

Airbyte Maintainers can execute the following slash commands on your PR:

• /autofix - Fixes most formatting and linting issues
• /poetry-lock - Updates poetry.lock file
• /test - Runs connector tests with the updated CDK
• /prerelease - Triggers a prerelease publish with default arguments
• /poe build - Regenerate git-committed build artifacts, such as the pydantic models which are generated from the manifest JSON schema in YAML.
• /poe <command> - Runs any poe command in the CDK environment

📝 Edit this welcome message.

[Copilot]

Pull Request Overview

This PR introduces a /prerelease slash command that enables maintainers to trigger prerelease publishes directly from PR comments, streamlining the prerelease workflow by eliminating the need to manually navigate to the Actions tab.

Key Changes:

• New prerelease-command.yml workflow that triggers the publish workflow with sensible defaults
• Integration with existing slash command dispatch system
• Updated documentation across help text and PR welcome messages

Reviewed Changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
.github/workflows/prerelease-command.yml	New workflow that handles /prerelease command execution and triggers publish workflow with default parameters
.github/workflows/slash_command_dispatch.yml	Registers /prerelease command in dispatch list and adds it to help text
.github/workflows/publish.yml	Updates description to recommend using /prerelease slash command for prereleases
.github/pr-welcome-internal.md	Adds /prerelease to the list of available slash commands for internal contributors
.github/pr-welcome-community.md	Adds /prerelease to the list of available slash commands for community contributors

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

📝 Walkthrough

Walkthrough

Adds a new /prerelease PR slash command, registers it in the dispatcher and PR welcome docs, creates a new prerelease-command.yml workflow to trigger the publish workflow for prereleases, and updates the publish.yml input description to document the new command.

Changes

Cohort / File(s)	Summary
PR Slash Command Documentation .github/pr-welcome-community.md, .github/pr-welcome-internal.md	Added /prerelease slash command entry with description "Triggers a prerelease publish with default arguments".
Prerelease Workflow .github/workflows/prerelease-command.yml	New workflow On-Demand Prerelease triggered by workflow_dispatch with inputs pr and comment-id; authenticates as GitHub App, validates PR origin, optionally posts initial comment, triggers publish.yml on the PR branch with prerelease inputs, waits for completion, and appends success/failure comment when comment-id provided.
Slash Command Registration .github/workflows/slash_command_dispatch.yml	Registered prerelease as a supported slash command and added it to generated help text.
Publish Workflow Documentation .github/workflows/publish.yml	Expanded inputs.version description to mention the /prerelease slash command and clarify behavior for leaving version blank or overriding it.

Sequence Diagram

sequenceDiagram
    participant User as PR Author
    participant GH as GitHub PR
    participant Dispatcher as Slash Command Dispatcher
    participant PrereleaseWF as Prerelease Command Workflow
    participant PublishWF as Publish Workflow
    participant GHApp as GitHub App

    User->>GH: Comment `/prerelease`
    GH->>Dispatcher: Dispatch slash command
    Dispatcher->>PrereleaseWF: workflow_dispatch(pr, comment-id)
    PrereleaseWF->>GHApp: Authenticate (GitHub App)
    PrereleaseWF->>GH: (optional) Post initial comment with run URL
    PrereleaseWF->>PublishWF: Trigger publish.yml on PR head ref (prerelease args)
    PublishWF-->>PrereleaseWF: Complete (success/failure)
    PrereleaseWF->>GH: Update comment with publish run URL and status

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

• Areas to focus review on:
  • .github/workflows/prerelease-command.yml — GitHub App authentication, PR origin validation, and wait/propagation of publish run status.
  • Conditional comment posting and error branches tied to comment-id.
  • Consistency between dispatch inputs and publish.yml expected inputs.
• Should we verify the GitHub App token scopes and secrets usage in the new workflow to ensure least privilege, wdyt?

Possibly related PRs

• CI: Implement automatic dynamic versioning for pre-releases #469 — Modifies CI publish/prerelease flows and publish workflow inputs; likely related at the workflow/publish input level.

Suggested labels

ci

Suggested reviewers

• dbgold17
• pedroslopez
• ChristoGrab

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically describes the main change: adding a new /prerelease slash command to trigger the publish workflow.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch devin/1762681962-add-prerelease-slash-command

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6504148 and 563b6e8.

📒 Files selected for processing (5)

• .github/pr-welcome-community.md (1 hunks)
• .github/pr-welcome-internal.md (1 hunks)
• .github/workflows/prerelease-command.yml (1 hunks)
• .github/workflows/publish.yml (1 hunks)
• .github/workflows/slash_command_dispatch.yml (2 hunks)

🧰 Additional context used

🧠 Learnings (1)

📚 Learning: 2024-11-20T12:05:50.628Z

Learnt from: ChristoGrab
Repo: airbytehq/airbyte-python-cdk PR: 77
File: .github/workflows/pypi_publish.yml:70-75
Timestamp: 2024-11-20T12:05:50.628Z
Learning: In the file `.github/workflows/pypi_publish.yml`, when setting the `VERSION` variable in a shell script, avoid adding quotes around the variable assignment, as it can include the quotes in the variable's value. This can lead to unintended Docker tags like `airbyte/source-declarative-manifest:'6.7.0dev8'`.

Applied to files:

• .github/workflows/publish.yml

🪛 GitHub Check: CodeQL

.github/workflows/prerelease-command.yml

[warning] 17-90: Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{}}

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: MyPy Check
• GitHub Check: Pytest (Fast)
• GitHub Check: preview_docs
• GitHub Check: SDM Docker Image Build
• GitHub Check: Manifest Server Docker Image Build
• GitHub Check: Analyze (python)

🔇 Additional comments (5)

.github/pr-welcome-community.md (1)

30-30: LGTM!

Clear and consistent documentation that aligns well with the other slash commands.

.github/pr-welcome-internal.md (1)

29-29: LGTM!

Consistent documentation with the community version. Both welcome messages now accurately reflect the new slash command.

.github/workflows/slash_command_dispatch.yml (1)

38-38: LGTM!

Command properly registered in both the dispatch list and help text. Help text is consistent with the welcome documentation.

Also applies to: 67-67

.github/workflows/publish.yml (1)

23-26: LGTM!

Enhanced description clearly documents the three options for triggering: via /prerelease slash command, manual trigger with blank version, or with explicit version override. This aligns well with the new workflow.

.github/workflows/prerelease-command.yml (1)

52-52: Verify that github.ref is correct when triggered via the slash command.

When this workflow is invoked from a PR slash command dispatch, github.ref will reflect the context in which the dispatch step runs. Can you confirm this is the desired ref (i.e., the branch or ref of the PR where the command was issued)?

If the dispatch happens from a PR comment, we might need to explicitly pass the PR's head ref instead of relying on github.ref.

You can verify this by checking what ref value is used when the workflow runs from a PR comment trigger. Does it use the PR's branch, or the repo's default branch?

Also applies to: 52-52

[github-actions]

PyTest Results (Fast)

3 817 tests  ±0   3 805 ✅ ±0   6m 33s ⏱️ -10s
    1 suites ±0      12 💤 ±0 
    1 files   ±0       0 ❌ ±0 

Results for commit 1ae8562. ± Comparison against base commit 6504148.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.github/workflows/prerelease-command.yml (1)

98-108: Consider adding explicit success() condition to the success comment.

The success comment (lines 98-107) currently only checks for comment-id, but best practice would also verify that all prior steps succeeded. Currently, if the publish workflow trigger fails, the job fails overall so the success comment won't post—but adding an explicit success() condition would make the intent crystal clear and protect against edge cases.

  - name: Append success comment
-   if: github.event.inputs.comment-id
+   if: success() && github.event.inputs.comment-id
    uses: peter-evans/create-or-update-comment@v4

Wdyt—does this feel like a good safeguard to add?

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 563b6e8 and 1ae8562.

📒 Files selected for processing (1)

• .github/workflows/prerelease-command.yml (1 hunks)

🧰 Additional context used

🧠 Learnings (1)

📚 Learning: 2024-11-10T03:44:36.017Z

Learnt from: aaronsteers
Repo: airbytehq/airbyte-python-cdk PR: 2
File: .github/workflows/pypi_publish.yml:0-0
Timestamp: 2024-11-10T03:44:36.017Z
Learning: In GitHub Actions workflows, when a job includes an `if` condition to execute only when `startsWith(github.ref, 'refs/tags/')`, it's acceptable to have broader `on: push` triggers because the job will skip execution unless a tag is pushed.

Applied to files:

• .github/workflows/prerelease-command.yml

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Pytest (Fast)

🔇 Additional comments (4)

.github/workflows/prerelease-command.yml (4)

1-19: Permissions and inputs look solid.

The minimal permission set (read contents, write PRs/issues) aligns well with the operations performed, and optional inputs provide flexibility without sacrificing security.

---

26-43: GitHub App auth and guards are well-structured.

Good separation of concerns: token creation, run URL for the prerelease job itself, and a clear guard to prevent misuse on non-PR contexts.

---

45-63: PR validation logic is solid.

The fork detection is important and correctly implemented. The gh api call will fail clearly if there are any issues (network, permissions, PR not found), which is acceptable for a workflow.

---

81-116: Marketplace action integration and comment flow look good.

The the-actions-org/workflow-dispatch@v4 action with wait-for-completion: true is a solid upgrade from the previous gh workflow run approach—it eliminates race conditions and provides reliable workflow-url output. The hardcoded prerelease defaults match the PR objectives, and failure handling with the failure() guard is in place.

One small note: the initial comment (lines 65-79) posts before the workflow actually runs, which is fine for UX (gives users immediate feedback), but it references "Check job output" which then gets enriched in the success comment with the actual publish workflow URL. This flow makes sense.