Create release docs automation

[amyblais]

Full spec doc: https://mattermost.atlassian.net/wiki/spaces/Security/pages/4518772760/Automation+-+Release+Docs+Update+GitHub+Actions+Workflow.

Adds a GitHub Actions workflow that automates docs updates for Mattermost releases. Instead of manually opening a GitHub issue, tagging claude, and pasting file URLs each time, you go to Actions → Update Docs → Run workflow and fill in four fields:

• Component — Server, Mobile, or Desktop
• Release type — ESR, Feature Release, Security Release, Patch/Dot Release, or Other
• Version — e.g. 11.7, 2.40, 6.2
• Release date — e.g. May 15, 2026
• Additional instructions (optional) — any extra context like an ESR end-of-support date

The workflow then automatically selects the right set of files for that component and release type, sends each one to Claude via the Anthropic API with the release context, and opens a PR with all the updated files — no issue, no copy-pasting URLs, no manual file list.

[Copilot]

Pull request overview

Adds a manually triggered GitHub Actions workflow intended to automate release documentation updates by running a Python script and opening a PR in this docs repository.

Changes:

• Introduces a new workflow_dispatch workflow with inputs (component, release type, version, release date, instructions, draft PR).
• Sets up Python, installs the Anthropic SDK, runs a docs update script, and opens a PR via peter-evans/create-pull-request.

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA bf7c558

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 836a331

[coderabbitai]

Warning

Rate limit exceeded

@amyblais has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 40 minutes and 49 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: db672a70-4764-4cc5-a06b-d5d8062b8748

📥 Commits

Reviewing files that changed from the base of the PR and between 03d7946 and 518d76f.

📒 Files selected for processing (2)

• .github/scripts/update_docs.py
• .github/workflows/update-docs.yml

📝 Walkthrough

Walkthrough

Adds a workflow and Python script that read release metadata, regenerate selected docs via the Anthropic Messages API with safety checks, and create a pull request with the updates.

Changes

Automated Documentation Updates

Layer / File(s)	Summary
Configuration & File Selection .github/scripts/update_docs.py range_a41d7b812290, range_001d1cfbfe5c, range_d1f6fceb5c01	Environment variables define component, release type, version, and release date; per-component/release-type file lists are hardcoded; get_files() selects files or exits on unknown component.
Prompt Templates .github/scripts/update_docs.py range_e82df704ba7e, range_fded3ca2ba11	Fixed SYSTEM_PROMPT and build_user_prompt() compose release metadata (including optional instructions) plus full file content into the user prompt.
API Call & Safety Checks .github/scripts/update_docs.py range_9d39ec15666c	update_file() reads file, calls Anthropic Messages API, extracts response.content[0].text, enforces non-empty, >=50% length, and changed-after-trim checks, and writes updated content when safe.
Script Orchestration .github/scripts/update_docs.py range_c962d210293b	main() prints run metadata, instantiates client from ANTHROPIC_API_KEY, iterates selected files collecting per-file exceptions, and exits with non-zero status on any failure.
Workflow Trigger & PR Creation .github/workflows/update-docs.yml range_46be5cec72d8, range_44fe30c40993, range_1dc4750d3cc9	workflow_dispatch with typed inputs; job checks out repo, sets up Python, installs anthropic, runs the script with env vars, sanitizes version into safe_version, and creates a PR to docs/{component}-v{safe_version} with generated title/body and optional draft state.

Sequence Diagram

sequenceDiagram
    actor User
    participant GitHub as GitHub Actions
    participant Script as update_docs.py
    participant Anthropic as Anthropic API
    participant FileSystem as File System

    User->>GitHub: Trigger workflow_dispatch (component, version, release_type, etc.)
    GitHub->>GitHub: Checkout repo, setup Python, install anthropic
    GitHub->>Script: Run with env vars (ANTHROPIC_API_KEY, metadata)
    Script->>Script: get_files()
    loop For each documentation file
        Script->>FileSystem: Read file content
        Script->>Script: Build user prompt (metadata + content)
        Script->>Anthropic: Call Messages API (system + user prompt)
        Anthropic-->>Script: Return response.content[0].text
        Script->>Script: Validate (non-empty, length >=50%, changed)
        Script->>FileSystem: Write updated file (if safe)
    end
    Script-->>GitHub: Exit status
    GitHub->>GitHub: Create PR docs/{component}-v{safe_version}
    GitHub-->>User: PR created (draft or ready)

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Create release docs automation' directly and clearly describes the main change: a new GitHub Actions workflow and supporting script that automates the release documentation update process.
Description check	✅ Passed	The description is directly related to the changeset, providing clear context about the automation workflow, its inputs, and benefits by replacing a manual process with an automated GitHub Actions workflow.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch amyblais-releasedocsautomation

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 2eed2fe

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA cb4dc94

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 8b3f734

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (1)

.github/workflows/update-docs.yml (1)

58-59: ⚡ Quick win

Pin the Anthropic SDK version for reproducible workflow runs.

Installing anthropic without a version can pull breaking changes and make the automation flaky over time. The latest stable version is 0.97.0 and is compatible with Python 3.11.

Suggested fix

-      - name: Install dependencies
-        run: pip install anthropic
+      - name: Install dependencies
+        run: pip install -r .github/scripts/update-docs-requirements.txt

# .github/scripts/update-docs-requirements.txt
anthropic==0.97.0

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/update-docs.yml around lines 58 - 59, Replace the unpinned
pip install in the "Install dependencies" workflow step by pinning the Anthropic
SDK to 0.97.0: create a requirements file named
.github/scripts/update-docs-requirements.txt containing anthopic==0.97.0 and
change the step that currently runs "pip install anthropic" to "pip install -r
.github/scripts/update-docs-requirements.txt" so the workflow uses the fixed
anthropic==0.97.0 release for reproducible runs.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/scripts/update_docs.py:
- Around line 138-140: The current handlers in update_docs.py (including the
except FileNotFoundError block and the other early-return sites around where
errors/warnings are logged) log problems then return, allowing main() to exit
success; change those returns to fail-fast behavior by raising or exiting
non‑zero (e.g., raise RuntimeError or call sys.exit(1)) so the workflow fails
when safety checks reject an update; update the except FileNotFoundError handler
and the two locations that log error/warning (the blocks referenced around lines
152–163) to propagate a non‑zero failure instead of returning normally.
- Line 142: The print statements using f-strings with no placeholders (e.g.,
print(f"  Sending to Claude...") and the similar print at line 183) should be
converted to plain strings; locate the print calls in update_docs.py (look for
the exact message "  Sending to Claude..." and the other analogous message) and
change them from f-strings to normal string literals (remove the leading f) so
they are simple print("  Sending to Claude...") calls.

In @.github/workflows/update-docs.yml:
- Line 75: Sanitize the free-form inputs.version before using it in the branch
ref: replace or remove characters that can make invalid Git branch names
(spaces, slashes, colons, parentheses, and other non-alphanumeric characters
except dot and dash), collapse consecutive separators to a single dash, trim
leading/trailing separators, and normalize case; then use that sanitized value
instead of inputs.version in the branch expression (replace branch: docs/${{
inputs.component }}-v${{ inputs.version }} with branch: docs/${{
inputs.component }}-v${{ steps.sanitize-version.outputs.version }} and add a
short step named sanitize-version that computes and outputs the cleaned version
string).

---

Nitpick comments:
In @.github/workflows/update-docs.yml:
- Around line 58-59: Replace the unpinned pip install in the "Install
dependencies" workflow step by pinning the Anthropic SDK to 0.97.0: create a
requirements file named .github/scripts/update-docs-requirements.txt containing
anthopic==0.97.0 and change the step that currently runs "pip install anthropic"
to "pip install -r .github/scripts/update-docs-requirements.txt" so the workflow
uses the fixed anthropic==0.97.0 release for reproducible runs.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: dde1a4b0-2311-4c59-9766-35b752c87527

📥 Commits

Reviewing files that changed from the base of the PR and between 560c09f and 8b3f734.

📒 Files selected for processing (2)

• .github/scripts/update_docs.py
• .github/workflows/update-docs.yml

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 36da96b

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 121da36

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 25408b2

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (1)

.github/scripts/update_docs.py (1)

28-32: 💤 Low value

Bare os.environ[...] at module scope emits a cryptic KeyError when a required variable is absent.

A missing COMPONENT or VERSION raises KeyError: 'COMPONENT' with no indication that this is a required workflow input. A small validation block early in main() (or a helper) would provide an actionable error message and keep side-effects out of module initialisation.

♻️ Proposed refactor

-COMPONENT = os.environ["COMPONENT"]
-RELEASE_TYPE = os.environ["RELEASE_TYPE"]
-VERSION = os.environ["VERSION"]
-RELEASE_DATE = os.environ["RELEASE_DATE"]
-INSTRUCTIONS = os.environ.get("INSTRUCTIONS", "").strip()
+def _require_env(name: str) -> str:
+    value = os.environ.get(name)
+    if not value:
+        print(f"ERROR: Required environment variable '{name}' is not set.")
+        sys.exit(1)
+    return value
+
+COMPONENT = _require_env("COMPONENT")
+RELEASE_TYPE = _require_env("RELEASE_TYPE")
+VERSION = _require_env("VERSION")
+RELEASE_DATE = _require_env("RELEASE_DATE")
+INSTRUCTIONS = os.environ.get("INSTRUCTIONS", "").strip()

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/scripts/update_docs.py around lines 28 - 32, Move environment access
out of module scope and add explicit validation: stop reading COMPONENT,
RELEASE_TYPE, VERSION, RELEASE_DATE, and INSTRUCTIONS at import time and instead
read them inside main() (or a new helper like validate_env_vars()) and raise a
clear RuntimeError or print an actionable message if any required variable
(COMPONENT, VERSION, RELEASE_DATE) is missing; keep optional INSTRUCTIONS using
os.environ.get(...).strip() inside the same helper, and update any references to
use the local variables returned by main()/validate_env_vars() so module import
no longer raises KeyError.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/scripts/update_docs.py:
- Around line 196-200: The try/except around update_file(client, filepath)
currently catches all Exception; change it to only catch expected recoverable
errors (e.g., OSError, anthropic.APIError, RuntimeError) and let fatal errors
propagate; update the except handler for the tuple (OSError, anthropic.APIError,
RuntimeError) to log the exception type and message (including type(e).__name__)
and append to errors as before, and remove or avoid a broad except Exception so
functions like update_file, client, or filepath-related fatal exceptions bubble
up instead of being swallowed.
- Around line 142-149: Guard against empty/invalid response.content and detect
truncated outputs before writing files: after calling client.messages.create
(the response object used as response.content[0].text), verify response.content
is a non-empty list and that response.content[0] has a text field (and/or type
== "text") before accessing .text to avoid IndexError/AttributeError;
additionally check response.stop_reason and refuse to accept outputs where
stop_reason == "max_tokens" (or any non-null truncation indicator) — in that
case either retry with a larger/max_tokens or surface an explicit error so the
file is not overwritten with truncated content; make max_tokens configurable
(e.g., increase to 32000) if needed and ensure any early-return paths raise or
log a clear error rather than letting the broad except() silently skip writing.
- Around line 42-69: SERVER_FILES currently includes
"source/product-overview/mattermost-desktop-releases.md" which should not be
updated for Server releases; remove that string from the SERVER_FILES list so it
only exists in DESKTOP_BASE_FILES, i.e., edit the SERVER_FILES definition to
delete the "source/product-overview/mattermost-desktop-releases.md" entry and
leave DESKTOP_BASE_FILES unchanged.

---

Nitpick comments:
In @.github/scripts/update_docs.py:
- Around line 28-32: Move environment access out of module scope and add
explicit validation: stop reading COMPONENT, RELEASE_TYPE, VERSION,
RELEASE_DATE, and INSTRUCTIONS at import time and instead read them inside
main() (or a new helper like validate_env_vars()) and raise a clear RuntimeError
or print an actionable message if any required variable (COMPONENT, VERSION,
RELEASE_DATE) is missing; keep optional INSTRUCTIONS using
os.environ.get(...).strip() inside the same helper, and update any references to
use the local variables returned by main()/validate_env_vars() so module import
no longer raises KeyError.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 28615292-da7e-4fa9-9990-46d9386a94cb

📥 Commits

Reviewing files that changed from the base of the PR and between 8b3f734 and 25408b2.

📒 Files selected for processing (2)

• .github/scripts/update_docs.py
• .github/workflows/update-docs.yml

🚧 Files skipped from review as they are similar to previous changes (1)

• .github/workflows/update-docs.yml

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 98a634c

[amyblais]

@coderabbitai full review

[coderabbitai]

✅ Actions performed

Full review triggered.

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 7972411

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 518d76f

[amyblais]

@coderabbitai resolve

[coderabbitai]

✅ Actions performed

Comments resolved and changes approved.