Skip to content

chore: add GitHub Actions workflow to automate OpenAPI types generation#44

Open
karamouche wants to merge 1 commit into
mainfrom
feat/auto-update-types
Open

chore: add GitHub Actions workflow to automate OpenAPI types generation#44
karamouche wants to merge 1 commit into
mainfrom
feat/auto-update-types

Conversation

@karamouche

@karamouche karamouche commented Jul 13, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Add a daily workflow that regenerates OpenAPI types from https://api.gladia.io/openapi.json
  • Opens a PR with the changes and requests review from egenthon-cmd when types differ

Test plan

  • Trigger the workflow via workflow_dispatch
  • Confirm a PR is opened (or skipped) correctly when types change / don’t change

Summary by CodeRabbit

  • Chores
    • Added an automated daily process to regenerate OpenAPI types.
    • Added manual triggering for on-demand updates.
    • Automatically creates a pull request with regenerated types for review.

@karamouche karamouche requested a review from egenthon-cmd July 13, 2026 12:26
@coderabbitai

coderabbitai Bot commented Jul 13, 2026

Copy link
Copy Markdown

Review Change Stack

Warning

Review limit reached

@karamouche, you've reached your PR review limit, so we couldn't start this review.

Next review available in: 56 minutes

Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available.
You're only billed for reviews past your plan's rate limits ($0.25/file).

How can I continue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews.

How do review limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please refer docs for additional details.

Review details
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 4bb2e665-c437-459e-b768-572ad57c3665

📥 Commits

Reviewing files that changed from the base of the PR and between ee45f84 and cd6deb6.

📒 Files selected for processing (1)
  • .github/workflows/update-openapi-types.yml
📝 Walkthrough

Walkthrough

Adds a GitHub Actions workflow that runs daily or manually, regenerates OpenAPI types using Bun, and opens a pull request against main with the generated changes.

Changes

OpenAPI Type Update Automation

Layer / File(s) Summary
Workflow triggers and generation pipeline
.github/workflows/update-openapi-types.yml
Adds scheduled and manual triggers, write permissions, Bun and Node.js setup, dependency synchronization, OpenAPI type generation, and automated pull request creation.

Estimated code review effort: 2 (Simple) | ~10 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly describes the new GitHub Actions workflow that automates OpenAPI types generation.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feat/auto-update-types

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@karamouche karamouche changed the title chore: add GitHub Actions workflow to automate OpenAPI types generationW chore: add GitHub Actions workflow to automate OpenAPI types generation Jul 13, 2026
@karamouche karamouche force-pushed the feat/auto-update-types branch from ee45f84 to cd6deb6 Compare July 13, 2026 12:27

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (1)
.github/workflows/update-openapi-types.yml (1)

23-25: 🩺 Stability & Availability | 🔵 Trivial | ⚡ Quick win

Pin the Bun version used for generation.

Using bun-version: latest makes daily output depend on an uncontrolled toolchain change, which can create unrelated type diffs or break generation. Use an exact version or a committed version file instead. (github.com)

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/update-openapi-types.yml around lines 23 - 25, Update the
setup-bun step in the OpenAPI generation workflow to replace bun-version: latest
with a deterministic exact Bun version or a committed version-file reference,
ensuring generated types use a stable toolchain.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/update-openapi-types.yml:
- Around line 21-40: Add persist-credentials: false to the actions/checkout@v7
step so the checkout token is not retained for subsequent repository scripts or
dependencies. Leave the remaining workflow steps unchanged.

---

Nitpick comments:
In @.github/workflows/update-openapi-types.yml:
- Around line 23-25: Update the setup-bun step in the OpenAPI generation
workflow to replace bun-version: latest with a deterministic exact Bun version
or a committed version-file reference, ensuring generated types use a stable
toolchain.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2c2fe20d-bda8-4958-b6f7-7e7e3383d165

📥 Commits

Reviewing files that changed from the base of the PR and between cf256e9 and ee45f84.

📒 Files selected for processing (1)
  • .github/workflows/update-openapi-types.yml

Comment on lines +21 to +40
- uses: actions/checkout@v7

- uses: oven-sh/setup-bun@v2
with:
bun-version: latest
- uses: actions/setup-node@v6
with:
node-version: 22
package-manager-cache: false
- run: bun install

- name: Install uv
uses: astral-sh/setup-uv@v7
with:
enable-cache: true
- name: Install Python deps
run: bun nx run-many -t sync

- name: Generate OpenAPI types
run: bun nx run generator:generate

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔒 Security & Privacy | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

printf '\n== workflow ==\n'
git ls-files '.github/workflows/update-openapi-types.yml'
wc -l .github/workflows/update-openapi-types.yml
sed -n '1,120p' .github/workflows/update-openapi-types.yml

printf '\n== checkout usage in repo ==\n'
rg -n "actions/checkout@v[0-9]+|persist-credentials" .github/workflows .github -S

printf '\n== nearby permissions/context ==\n'
rg -n "contents:\s*write|pull_request|workflow_dispatch|permissions:" .github/workflows/update-openapi-types.yml .github/workflows -n -S

Repository: gladiaio/sdk

Length of output: 1947


Disable persisted checkout credentials. Add persist-credentials: false to actions/checkout; this job runs repository code with contents: write, so the default token should not be left available to scripts or dependencies.

🧰 Tools
🪛 zizmor (1.26.1)

[warning] 21-21: credential persistence through GitHub Actions artifacts (artipacked): does not set persist-credentials: false

(artipacked)

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/update-openapi-types.yml around lines 21 - 40, Add
persist-credentials: false to the actions/checkout@v7 step so the checkout token
is not retained for subsequent repository scripts or dependencies. Leave the
remaining workflow steps unchanged.

Source: Linters/SAST tools

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant