Fix changelog automation workflow

[amyblais]

Quick fix for the changelog automation workflow based on the failure at https://github.com/mattermost/docs/actions/runs/25428124725.

Added a few additional minor fixes.

[Copilot]

Pull request overview

This PR aims to fix the changelog generation GitHub Actions workflow by adjusting the inputs passed to the actions/create-github-app-token steps so the automation can successfully obtain GitHub App tokens and create/update changelog PRs.

Changes:

• Updates the token-generation steps to pass client-id instead of app-id for both the read-token and write-token GitHub Apps.

[coderabbitai]

📝 Walkthrough

Walkthrough

Normalize PR body line endings and require a #### Release Notes heading; change changelog entry assembly (short version, RELEASE_DATE, ESR header, anchor, blog_url fallback); update workflow_dispatch metadata; pass RELEASE_DATE into the script; use client-id for token actions and change generated PR title.

Changes

Changelog generation DAG

Layer / File(s)	Summary
Release-notes extraction normalization .github/scripts/generate_changelog.py	Normalize PR body line endings to LF and match content under #### Release Notes when extracting notes.
Changelog entry assembly .github/scripts/generate_changelog.py	Derive short VERSION (strip trailing .0), add RELEASE_DATE fallback, add "Extended Support Release" heading and anchor, auto-build blog_url when unset, and append polished content or a no-notes path consistent with the new header structure.
Workflow dispatch metadata .github/workflows/generate-changelog.yml	Update workflow_dispatch input descriptions/examples for milestone, version, server_repos, and blog_post_url.
RELEASE_DATE env wiring .github/workflows/generate-changelog.yml	Pass inputs.release_date into the RELEASE_DATE environment variable for the changelog script.
GitHub App token input key fix .github/workflows/generate-changelog.yml	Two steps requesting tokens from actions/create-github-app-token replace app-id with client-id (read and write token steps).
Generated PR title change .github/workflows/generate-changelog.yml	Change the PR title passed to gh pr create to use "{version} Changelog".

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• mattermost/docs#8824: Updates the same generate-changelog workflow to pass client-id instead of app-id to the GitHub App token action.
• mattermost/docs#8916: Modifies the same workflow's changelog automation token generation for both read and write GitHub App tokens.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title directly relates to the main changes, which fix the changelog automation workflow in both the YAML configuration and Python script.
Description check	✅ Passed	The description appropriately references the failing workflow and mentions additional minor fixes that are evident in the file changes.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch amyblais-changelogfix

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

.github/workflows/generate-changelog.yml (1)

79-79: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Hardcoded CHANGELOG_PATH will silently write future changelogs into the wrong file.

source/product-overview/mattermost-v11-changelog.md is fixed regardless of the version input. Running the workflow for v12+ will append content to the v11 file instead of the appropriate one.

🛠️ Suggested fix — derive the path from the `version` input

-          CHANGELOG_PATH: source/product-overview/mattermost-v11-changelog.md
+          CHANGELOG_PATH: source/product-overview/mattermost-v${{ inputs.version }}-changelog.md

Note: this assumes the changelog filename encodes the minor version only (e.g. 10.6 → mattermost-v10.6-changelog.md). Adjust the expression if the major-version grouping (v11) is intentional and a separate mapping is needed.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/generate-changelog.yml at line 79, The hardcoded
CHANGELOG_PATH will always point to
source/product-overview/mattermost-v11-changelog.md; update the workflow to
compute CHANGELOG_PATH from the workflow input (the version input) instead of a
fixed string — read the version input (e.g., inputs.version or
github.event.inputs.version) and build the filename using the expected pattern
(e.g., mattermost-v{minor-major?}-changelog.md or
mattermost-v{version}-changelog.md depending on your naming convention), then
set CHANGELOG_PATH to that constructed value so running the workflow for v12+
writes to the correct file.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In @.github/workflows/generate-changelog.yml:
- Line 79: The hardcoded CHANGELOG_PATH will always point to
source/product-overview/mattermost-v11-changelog.md; update the workflow to
compute CHANGELOG_PATH from the workflow input (the version input) instead of a
fixed string — read the version input (e.g., inputs.version or
github.event.inputs.version) and build the filename using the expected pattern
(e.g., mattermost-v{minor-major?}-changelog.md or
mattermost-v{version}-changelog.md depending on your naming convention), then
set CHANGELOG_PATH to that constructed value so running the workflow for v12+
writes to the correct file.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 388db96a-f75a-4f65-b56b-60de8c7313ed

📥 Commits

Reviewing files that changed from the base of the PR and between a1052c0 and d8218f0.

📒 Files selected for processing (1)

• .github/workflows/generate-changelog.yml

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA d8218f0

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 8d33775

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 16ed2e1

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 3d8cad2

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA c911c96

[amyblais]

Re-requesting a review as I added a few other minor fixes.

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA c703e1d

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 6fd3820

[amyblais]

@coderabbitai full review

[coderabbitai]

✅ Actions performed

Full review triggered.

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

.github/workflows/generate-changelog.yml (1)

87-103: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

gh pr create will fail on workflow re-runs if a PR already exists for the branch.

If the workflow is re-triggered for the same version (e.g., to regenerate after a script fix), git push --force will succeed but gh pr create will exit non-zero because the PR already exists, failing the step.

🛡️ Proposed fix

-          gh pr create \
-            --title "${{ inputs.version }} Changelog" \
-            --body "Auto-generated changelog for milestone \`${{ inputs.milestone }}\` from \`${{ inputs.server_repos }}\`." \
-            --base master \
-            --head "changelog/${{ inputs.version }}"
+          gh pr list --head "changelog/${{ inputs.version }}" --json number --jq '.[0].number' | grep -q . || \
+          gh pr create \
+            --title "${{ inputs.version }} Changelog" \
+            --body "Auto-generated changelog for milestone \`${{ inputs.milestone }}\` from \`${{ inputs.server_repos }}\`." \
+            --base master \
+            --head "changelog/${{ inputs.version }}"

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/generate-changelog.yml around lines 87 - 103, The gh pr
create step fails if a PR already exists for the "changelog/${{ inputs.version
}}" branch; update the workflow to check for an existing PR before calling gh pr
create (e.g., run gh pr list or gh api to search for a PR with head
"changelog/${{ inputs.version }}" and only run gh pr create when none is found),
and if a PR exists, echo a message and skip creation so the step exits
successfully; ensure you reference the branch name "changelog/${{ inputs.version
}}" and the gh pr create invocation when implementing the conditional check.

🧹 Nitpick comments (2)

.github/scripts/generate_changelog.py (2)

262-268: ⚡ Quick win

BLOG_POST_URL placeholder replacement could silently fail if Claude reformats it.

polished.replace("BLOG_POST_URL", blog_url) is a bare string replace with no verification that the substitution actually occurred. If the model rephrases the sentence or places the placeholder inside angle brackets or quotes (deviating from the system prompt instruction), the literal string BLOG_POST_URL will appear in the published changelog.

Consider asserting the replacement happened, or logging a warning:

🛡️ Proposed guard

         polished = polished.replace("BLOG_POST_URL", blog_url)
+        if "BLOG_POST_URL" in polished:
+            print("⚠️  Warning: BLOG_POST_URL placeholder was not replaced — check AI output")
         entry += polished + "\n"

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/scripts/generate_changelog.py around lines 262 - 268, Ensure the
placeholder substitution for BLOG_POST_URL actually took place: after computing
blog_url (using VERSION) and performing polished =
polished.replace("BLOG_POST_URL", blog_url), verify that the polished string no
longer contains the placeholder (or variants like "<BLOG_POST_URL>" or quoted
forms) and fail fast or emit a warning if it remains; update the code around the
polished.replace call to check polished for the original token(s) and log an
error or raise an exception (using process logger or similar) including the
offending polished snippet so the replacement issue is visible and prevents
publishing.

---

246-258: ⚡ Quick win

The "Extended Support Release" label and anchor are unconditional — non-ESR versions will be mislabelled.

The heading and anchor always include -extended-support-release regardless of the VERSION input. If the script is ever run for a regular (non-ESR) milestone, the generated changelog heading will be incorrect.

Consider adding an optional is_esr workflow input and toggling the heading/anchor format accordingly:

♻️ Proposed change

-    # e.g. (release-v11.7-extended-support-release)=
-    anchor = f"(release-{version_short}-extended-support-release)="
-    heading = (
-        f"## Release {version_short} - "
-        f"[Extended Support Release]"
-        f"(https://docs.mattermost.com/product-overview/release-policy.html#release-types)"
-    )
-    entry = f"{anchor}\n{heading}\n\n**Release day: {release_date}**\n\n"
+    is_esr = os.environ.get("IS_ESR", "false").strip().lower() in ("1", "true", "yes")
+    if is_esr:
+        anchor = f"(release-{version_short}-extended-support-release)="
+        heading = (
+            f"## Release {version_short} - "
+            f"[Extended Support Release]"
+            f"(https://docs.mattermost.com/product-overview/release-policy.html#release-types)"
+        )
+    else:
+        anchor = f"(release-{version_short})="
+        heading = f"## Release {version_short}"
+    entry = f"{anchor}\n{heading}\n\n**Release day: {release_date}**\n\n"

And add the corresponding input to the workflow:

      is_esr:
        description: 'Whether this is an Extended Support Release'
        required: false
        default: 'false'
        type: boolean

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/scripts/generate_changelog.py around lines 246 - 258, The
anchor/heading generation always appends "-extended-support-release" regardless
of release type; update the logic to accept an is_esr flag (passed from
workflow) and conditionally build anchor and heading: keep existing
VERSION/version_short and release_date usage, but when is_esr is true set anchor
to f"(release-{version_short}-extended-support-release)=" and heading to the
current ESR string, otherwise set anchor to f"(release-{version_short})=" and
heading to a non-ESR string (e.g., f"## Release {version_short} - [Release]" or
similar); ensure entry uses the selected anchor and heading variables and that
is_esr defaults to false when not provided.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/scripts/generate_changelog.py:
- Line 267: The print statement that logs the auto-constructed blog URL uses the
ambiguous Unicode character "ℹ" and should be replaced with either plain ASCII
"i" or the consistent emoji sequence "ℹ️" used elsewhere; update the print call
that references blog_url (the line: print(f"ℹ️  No blog post URL provided —
using auto-constructed URL: {blog_url}")) to use the standard "ℹ️" emoji
sequence or "i" to satisfy Ruff RUF001, keeping the rest of the message and the
blog_url interpolation unchanged.

---

Outside diff comments:
In @.github/workflows/generate-changelog.yml:
- Around line 87-103: The gh pr create step fails if a PR already exists for the
"changelog/${{ inputs.version }}" branch; update the workflow to check for an
existing PR before calling gh pr create (e.g., run gh pr list or gh api to
search for a PR with head "changelog/${{ inputs.version }}" and only run gh pr
create when none is found), and if a PR exists, echo a message and skip creation
so the step exits successfully; ensure you reference the branch name
"changelog/${{ inputs.version }}" and the gh pr create invocation when
implementing the conditional check.

---

Nitpick comments:
In @.github/scripts/generate_changelog.py:
- Around line 262-268: Ensure the placeholder substitution for BLOG_POST_URL
actually took place: after computing blog_url (using VERSION) and performing
polished = polished.replace("BLOG_POST_URL", blog_url), verify that the polished
string no longer contains the placeholder (or variants like "<BLOG_POST_URL>" or
quoted forms) and fail fast or emit a warning if it remains; update the code
around the polished.replace call to check polished for the original token(s) and
log an error or raise an exception (using process logger or similar) including
the offending polished snippet so the replacement issue is visible and prevents
publishing.
- Around line 246-258: The anchor/heading generation always appends
"-extended-support-release" regardless of release type; update the logic to
accept an is_esr flag (passed from workflow) and conditionally build anchor and
heading: keep existing VERSION/version_short and release_date usage, but when
is_esr is true set anchor to
f"(release-{version_short}-extended-support-release)=" and heading to the
current ESR string, otherwise set anchor to f"(release-{version_short})=" and
heading to a non-ESR string (e.g., f"## Release {version_short} - [Release]" or
similar); ensure entry uses the selected anchor and heading variables and that
is_esr defaults to false when not provided.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: da988327-a168-4984-be45-bb47eda4550a

📥 Commits

Reviewing files that changed from the base of the PR and between 35d838b and 6fd3820.

📒 Files selected for processing (2)

• .github/scripts/generate_changelog.py
• .github/workflows/generate-changelog.yml

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 33b398e

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 8a249ed