fix: use pull_request_target for CodeRabbit review trigger

[alexeyv]

Summary

• Fixes 403 "Resource not accessible by integration" error on the CodeRabbit review trigger workflow
• Changes pull_request to pull_request_target so the workflow runs in the base repo context with write permissions, which is required for fork PRs
• Safe because the workflow only posts a comment and does not check out or execute any PR code

Context

The workflow triggers when a draft PR is marked "ready for review" to request a CodeRabbit review via comment. For cross-repository (fork) PRs, GitHub restricts GITHUB_TOKEN to read-only on pull_request events regardless of declared permissions. pull_request_target resolves this by running in the base repo context.

Failed run: https://github.com/bmad-code-org/BMAD-METHOD/actions/runs/21776395455

Test plan

• Merge this PR
• Mark PR chore: configure dual-mode AI code review #1511 (or another fork draft PR) as "ready for review"
• Verify the workflow posts the @coderabbitai review comment successfully

🤖 Generated with Claude Code

[augmentcode]

🤖 Augment PR Summary

Summary: Updates the CodeRabbit “Ready for review” workflow trigger to use pull_request_target so it can run with the required permissions on forked PRs.
Changes: Switches the event from pull_request to pull_request_target to avoid 403 “Resource not accessible by integration” when posting the @coderabbitai review comment.

_{🤖 Was this summary useful? React with 👍 or 👎}

[augmentcode]

Review completed. No suggestions at this time.

Comment augment review to trigger a new review at any time.

[coderabbitai]

📝 Walkthrough

Walkthrough

The GitHub Actions workflow trigger for CodeRabbit review is changed from pull_request to pull_request_target while preserving the ready_for_review types filter. This alters the execution context and permissions available during workflow runs. The remainder of the workflow configuration remains unchanged.

Changes

Cohort / File(s)	Summary
GitHub Actions Workflow Configuration .github/workflows/coderabbit-review.yaml	Modified workflow trigger event from pull_request to pull_request_target while maintaining the ready_for_review types filter.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• ci: trigger CodeRabbit review on PR un-draft #1558: Also modifies the same CodeRabbit review workflow and handles PR ready-for-review event handling, which complements this trigger modification.

Suggested reviewers

• bmadcode
• pbean
• cecil-the-coder

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically summarizes the main change: switching the GitHub Actions workflow trigger from pull_request to pull_request_target to fix the CodeRabbit review permissions issue.
Description check	✅ Passed	The description is comprehensive and directly related to the changeset, explaining the problem, the solution, why it's safe, and providing a test plan.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}