moving logic to shared with input channel id

[trumanfolkersTZ]

Summary by CodeRabbit

• New Features

  • Automatic Slack emoji reactions will be posted when pull requests are approved or merged, linking reactions to the relevant PR.

• Chores

  • Centralized and renamed the Slack auto-reaction workflow into a reusable workflow to simplify maintenance and allow reuse across CI templates.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 4a7c3cd6-d011-4830-9f82-bdd04a7779c8

📥 Commits

Reviewing files that changed from the base of the PR and between 3719bdc and da8e930.

📒 Files selected for processing (1)

• workflow-templates/slack-react.yml

🚧 Files skipped from review as they are similar to previous changes (1)

• workflow-templates/slack-react.yml

---

Walkthrough

Extracts Slack auto-reaction logic into a reusable workflow .github/workflows/shared-slack-logic.yml and updates workflow-templates/slack-react.yml to call that reusable workflow, passing SLACK_CHANNEL_ID and inheriting secrets instead of inlining Slack API calls.

Changes

Slack Reaction Automation

Layer / File(s)	Summary
Reusable workflow contract and triggers .github/workflows/shared-slack-logic.yml	The new shared-slack-logic.yml workflow defines a required SLACK_CHANNEL_ID input and responds to pull_request (closed) and pull_request_review (submitted) event triggers.
Reusable workflow execution and Slack API calls .github/workflows/shared-slack-logic.yml	The auto_react job runs conditionally for merged PR closes or submitted approved reviews, sets Slack env vars, queries conversations.history, validates the response, finds the first message containing the PR URL, and conditionally posts a reaction via reactions.add.
Workflow template refactoring and delegation workflow-templates/slack-react.yml	The workflow name is shortened to "Slack Auto-React", and the inline auto_react job is replaced by trigger-slack-reaction, which invokes the reusable workflow with SLACK_CHANNEL_ID and secrets: inherit.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: moving Slack reaction logic from a workflow template to a shared reusable workflow with a configurable channel ID input.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/movingLogicToSharedFile

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[deepsource-io]

DeepSource Code Review

We reviewed changes in 6888af5...da8e930 on this pull request. Below is the summary for the review, and you can see the individual issues we found as inline review comments.

See full review on DeepSource ↗

PR Report Card

Overall Grade

Security   Reliability   Complexity   Hygiene

Code Review Summary

Analyzer	Status	Updated (UTC)	Details
Secrets		Jun 9, 2026 1:26p.m.	Review ↗

---

Important

AI Review is run only on demand for your team. We're only showing results of static analysis review right now. To trigger AI Review, comment @deepsourcebot review on this thread.

[coderabbitai]

Actionable comments posted: 4

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/shared-slack-logic.yml:
- Around line 3-12: The workflow currently mixes reusable-workflow inputs
(workflow_call with inputs.SLACK_CHANNEL_ID) and direct triggers (pull_request,
pull_request_review), which causes inputs.SLACK_CHANNEL_ID to be undefined when
run standalone; either remove the direct triggers (delete the pull_request and
pull_request_review keys) if this should be reusable-only, or add a fallback for
SLACK_CHANNEL_ID when handling direct triggers (e.g., read from an environment
variable or repository secret) and update any Slack send step to prefer
inputs.SLACK_CHANNEL_ID but fall back to that env/secret; locate the top-level
keys workflow_call, inputs.SLACK_CHANNEL_ID, pull_request and
pull_request_review to implement the chosen fix.
- Around line 43-47: The curl call invoking the Slack API method reactions.add
currently discards the response to /dev/null so failures are ignored; update the
invocation that posts to https://slack.com/api/reactions.add (the curl using
$SLACK_BOT_TOKEN, $SLACK_CHANNEL_ID, $TS, $EMOJI) to capture the response
output, parse/check the Slack JSON "ok" field and HTTP status similar to the
existing conversations.history handling, and log or act on errors (rate_limited,
already_reacted, invalid_emoji, etc.) instead of discarding them.
- Around line 14-20: Add an explicit permissions block scoped to the auto_react
job to follow least-privilege: in the job definition for auto_react, replace
reliance on default permissions with a permissions map that grants only what
this job needs (e.g., "pull-requests: read" to read PR metadata and "contents:
read" if the job reads repository files; do not grant write rights). Ensure the
permissions block is placed under the job key (auto_react) and keep any GitHub
token usage unchanged while removing broad default permissions.

In `@workflow-templates/slack-react.yml`:
- Around line 10-14: Update the reusable workflow reference in the trigger
"trigger-slack-reaction" so the path does not duplicate ".github": change the
`uses:` value that currently points to
"tractorzoom/.github/.github/workflows/shared-slack-logic.yml@main" to reference
"tractorzoom/.github/workflows/shared-slack-logic.yml@main" (i.e., remove the
extra ".github"). Also ensure the shared workflow is intended to be invoked via
workflow_call only — confirm the target workflow uses `on: workflow_call` and
remove/ignore any other triggers in the caller.

🪄 Autofix (Beta)

❌ Autofix failed (check again to retry)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: dc620f9d-96b6-45f7-aa31-0dadfab22a2d

📥 Commits

Reviewing files that changed from the base of the PR and between 6888af5 and 7e24c8b.

📒 Files selected for processing (2)

• .github/workflows/shared-slack-logic.yml
• workflow-templates/slack-react.yml

[coderabbitai]

Note

Autofix is a beta feature. Expect some limitations and changes as we gather feedback and continue to improve it.

Autofix skipped. No unresolved CodeRabbit review comments with fix instructions found.

[hmandsager]

Assumes PRs for a given repo all go to same channel. Assumption is true probably 98% of the time but occasionally we'll cross different channels. Also, will this work for private channels? E.g. #the-room