LCORE-1319: PR title checker configuration

[tisnik]

Description

LCORE-1319: PR title checker configuration

Type of change

• Refactor
• New feature
• Bug fix
• CVE fix
• Optimization
• Documentation Update
• Configuration Update
• Bump-up service version
• Bump-up dependent library
• Bump-up library or tool used for development (does not change the final image)
• CI configuration change
• Konflux configuration change
• Unit tests improvement
• Integration tests improvement
• End to end tests improvement
• Benchmarks improvement

Tools used to create PR

• Assisted-by: N/A
• Generated by: N/A

Related Tickets & Documents

• Related Issue #LCORE-1319

Summary by CodeRabbit

• Chores
  • Implemented automated PR title validation to enforce consistent formatting standards for pull request submissions with defined prefix requirements and user feedback messages.

[coderabbitai]

Walkthrough

Adds automated PR title validation by introducing a GitHub Actions workflow and configuration file. The workflow triggers on pull request events and uses the thehanimo/pr-title-checker action to validate PR titles against the configured ruleset, which requires titles to begin with the LCORE- prefix.

Changes

Cohort / File(s)	Summary
GitHub PR Title Validation .github/pr-title-checker-config.json, .github/workflows/pr-title-checker.yaml	Introduced PR title validation automation. Config file defines LCORE- as required prefix, labels non-compliant PRs with "title needs formatting", and sets success/failure CI messages. Workflow triggers on PR open, edit, sync, label, and unlabel events to execute validation checks.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main changes: adding PR title checker configuration files (.github/pr-title-checker-config.json and the GitHub Actions workflow).
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

✨ Simplify code

• Create PR with simplified code

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/pr-title-checker.yaml:
- Around line 3-18: Replace the tag-pinned action reference
thehanimo/pr-title-checker@v1.4.3 with a commit SHA to harden the supply chain
(update the step that uses the action in the job "check"); keep the same inputs
(GITHUB_TOKEN, pass_on_octokit_error, configuration_path) but change the uses
line to thehanimo/pr-title-checker@<commit-sha> where <commit-sha> is the exact
full commit hash from the action repo you want to lock to, and ensure you verify
the chosen commit before committing the change.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 25ced972-8d47-438e-893a-d3cdd554aea8

📥 Commits

Reviewing files that changed from the base of the PR and between 509987f and d0c8c97.

📒 Files selected for processing (2)

• .github/pr-title-checker-config.json
• .github/workflows/pr-title-checker.yaml

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: build-pr
• GitHub Check: E2E: server mode / ci
• GitHub Check: E2E: library mode / ci
• GitHub Check: E2E Tests for Lightspeed Evaluation job
• GitHub Check: Konflux kflux-prd-rh02 / lightspeed-stack-on-pull-request

🔇 Additional comments (1)

.github/pr-title-checker-config.json (1)

1-14: Configuration looks correct and aligned with the workflow.

The JSON is valid, and the rule/message structure matches the intended PR title check behavior.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

wf=".github/workflows/pr-title-checker.yaml"

echo "Checking trigger type:"
rg -n 'pull_request_target' "$wf"

echo
echo "Checking action reference pinning style:"
rg -n 'uses:\s*thehanimo/pr-title-checker@' "$wf"

echo
echo "Checking explicit permissions blocks:"
rg -n '^\s*permissions:' "$wf" -C2 || true

Repository: lightspeed-core/lightspeed-stack

Length of output: 255

---

Consider pinning the action to a commit SHA for supply-chain hardening.

While pull_request_target with secrets access is your stated preference, the tag-pinned action reference (thehanimo/pr-title-checker@v1.4.3, line 14) creates a supply-chain risk—tags can be retargeted at the source. Pinning to a specific commit SHA mitigates this without requiring changes to your trigger model.

Explicit permissions declaration (contents, pull-requests, issues) is optional given your acceptance of the implicit full-context model.

SHA pinning example

-      - uses: thehanimo/pr-title-checker@v1.4.3
+      - uses: thehanimo/pr-title-checker@<commit_sha>

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/pr-title-checker.yaml around lines 3 - 18, Replace the
tag-pinned action reference thehanimo/pr-title-checker@v1.4.3 with a commit SHA
to harden the supply chain (update the step that uses the action in the job
"check"); keep the same inputs (GITHUB_TOKEN, pass_on_octokit_error,
configuration_path) but change the uses line to
thehanimo/pr-title-checker@<commit-sha> where <commit-sha> is the exact full
commit hash from the action repo you want to lock to, and ensure you verify the
chosen commit before committing the change.