temporary remove branch validation

[yashodgayashan]

Purpose

temporary remove branch validation

Goals

Describe the solutions that this feature/fix will introduce to resolve the problems described above

Approach

Describe how you are implementing the solutions. Include an animated GIF or screenshot if the change affects the UI (email documentation@wso2.com to review all UI text). Include a link to a Markdown file or Google doc if the feature write-up is too long to paste here.

User stories

Summary of user stories addressed by this change>

Release note

Brief description of the new feature or bug fix as it will appear in the release notes

Documentation

Link(s) to product documentation that addresses the changes of this PR. If no doc impact, enter “N/A” plus brief explanation of why there’s no doc impact

Training

Link to the PR for changes to the training content in https://github.com/wso2/WSO2-Training, if applicable

Certification

Type “Sent” when you have provided new/updated certification questions, plus four answers for each question (correct answer highlighted in bold), based on this change. Certification questions/answers should be sent to certification@wso2.com and NOT pasted in this PR. If there is no impact on certification exams, type “N/A” and explain why.

Marketing

Link to drafts of marketing content that will describe and promote this feature, including product page changes, technical articles, blog posts, videos, etc., if applicable

Automation tests

• Unit tests

  Code coverage information

• Integration tests

  Details about the test cases and coverage

Security checks

• Followed secure coding standards in http://wso2.com/technical-reports/wso2-secure-engineering-guidelines? yes/no
• Ran FindSecurityBugs plugin and verified report? yes/no
• Confirmed that this PR doesn't commit any keys, passwords, tokens, usernames, or other secrets? yes/no

Samples

Provide high-level details about the samples related to this feature

Related PRs

List any other related PRs

Migrations (if applicable)

Describe migration steps and platforms on which migration has been tested

Test environment

List all JDK versions, operating systems, databases, and browser/versions on which this feature/fix was tested

Learning

Describe the research phase and any blog posts, patterns, libraries, or add-ons you used to solve the problem.

Summary by CodeRabbit

• Chores
  • Modified release workflow validation checks and branch creation logic.
  • Adjusted release gating mechanisms and remote verification procedures.
  • Updated release orchestration workflow to modify validation steps for release branches and existing tags.
  • Changed conditional logic affecting automated release branch creation processes.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR disables multiple release gating mechanisms in the release orchestration workflow. Branch existence validation now hardcodes true instead of checking remote refs, remote tag duplication checks are commented out, and the release branch creation job is unconditionally prevented from executing.

Changes

Release Workflow Guard Disabling

Layer / File(s)	Summary
Disable release gating checks in validate job .github/workflows/release-orchestrator.yml	The validate job's branch existence check hardcodes branch-exists=true instead of querying the remote release branch; the failing guard for tag mode without a release branch is commented out. The remote tag existence check is disabled by commenting out its conditional execution.
Disable release branch creation job .github/workflows/release-orchestrator.yml	The branch job's conditional execution is changed to include false && ..., effectively preventing release branch creation from running.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested reviewers

• kaviththiranga
• sameerajayasoma
• stefinie123
• VajiraPrabuddhaka

Poem

A rabbit hops through the CI-CD night,
Disabling gates, turning guards to light,
No branch checks, no tag duplication's fright,
The release flow runs free and right,
🐰✨ Let workflows take flight!

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description is largely incomplete; it only fills the Purpose section with 'temporary remove branch validation' and leaves all other required template sections as unfilled placeholders with no substantive content.	Complete the description by filling in Goals, Approach, Release note, and other relevant sections with details about why branch validation is being removed and what impact this change has.
Title check	❓ Inconclusive	The title 'temporary remove branch validation' is vague and uses generic phrasing; it lacks specificity about what 'temporary' means and what exactly 'branch validation' refers to in the context of the changes.	Replace with a more descriptive title that clarifies the scope and intent, such as 'Disable release branch validation in CI workflow' or 'Temporarily skip branch existence checks in release workflow'.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/release-orchestrator.yml:
- Around line 110-122: The temporary bypass in the "check-branch" step currently
forces branch-exists=true globally; narrow this to only the specific release
line you're unblocking by emitting BRANCH_EXISTS and the branch-exists output
only when the computed release name matches that exact value (e.g., compare
env.MAJOR/env.MINOR or the computed release branch string), otherwise run the
normal branch check. Update the "check-branch" step (id: check-branch) to
conditionally set echo "branch-exists=true" >> $GITHUB_OUTPUT and echo
"BRANCH_EXISTS=true" >> $GITHUB_ENV only for the targeted release branch,
leaving the original fail/guard logic for other MAJOR.MINOR combinations intact
so downstream steps like "Validate VERSION file" and "Determine commit to tag"
still see accurate branch existence.
- Around line 227-228: The if-condition currently short-circuits release branch
creation by prefixing the job-level conditional with "false &&", making
"action=branch" and parts of "action=full" unreachable; remove the "false &&"
short-circuit from the if expression and replace it with a targeted guard that
only disables branch creation for the specific exceptional case (e.g., check for
the existing release name like release-v1.1 or a dedicated input flag) so the
original condition (needs.validate.outputs.branch-exists == 'false' &&
(github.event.inputs.action == 'full' || github.event.inputs.action == 'branch')
&& github.event.inputs.pre_release_id == '') can run normally for new releases
while still blocking only the known existing-release case.
- Around line 142-150: Restore the commented "Check for existing tag" workflow
step so the job fails fast when releasing an already-published tag: re-enable
the step named "Check for existing tag" (the blocked run using TAG="${{
env.RELEASE_TAG }}" and git ls-remote origin "refs/tags/${TAG}"), keep its
condition if: ${{ github.event.inputs.action == 'full' ||
github.event.inputs.action == 'tag' }}, and ensure it prints a clear error
including ${TAG} and exits with non-zero status so downstream jobs like
build-and-test are skipped on duplicate tags.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 1eb55e13-1a6a-4c7f-801c-58c09b6f2c72

📥 Commits

Reviewing files that changed from the base of the PR and between 95a49ee and 601b362.

📒 Files selected for processing (1)

• .github/workflows/release-orchestrator.yml

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Scope this branch-exists bypass to the specific release line.

Hardcoding branch-exists=true here changes the workflow semantics for every major.minor, not just the temporary release-v1.1 case. For any future release line without an existing release-vX.Y, Validate VERSION file and Determine commit to tag will still try to read/fetch that remote branch and fail later with raw git errors, and the early action=tag guard is gone as well. Please gate the bypass to the exact version you’re unblocking instead of overriding the output globally.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/release-orchestrator.yml around lines 110 - 122, The
temporary bypass in the "check-branch" step currently forces branch-exists=true
globally; narrow this to only the specific release line you're unblocking by
emitting BRANCH_EXISTS and the branch-exists output only when the computed
release name matches that exact value (e.g., compare env.MAJOR/env.MINOR or the
computed release branch string), otherwise run the normal branch check. Update
the "check-branch" step (id: check-branch) to conditionally set echo
"branch-exists=true" >> $GITHUB_OUTPUT and echo "BRANCH_EXISTS=true" >>
$GITHUB_ENV only for the targeted release branch, leaving the original
fail/guard logic for other MAJOR.MINOR combinations intact so downstream steps
like "Validate VERSION file" and "Determine commit to tag" still see accurate
branch existence.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Keep the explicit existing-tag precheck.

With this disabled, rerunning a release for an already-published tag no longer fails fast. The workflow can now wait on build-and-test and only die much later during git tag/git push, with a less clear operator message. Restoring the remote tag check preserves the intended fail-fast behavior.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/release-orchestrator.yml around lines 142 - 150, Restore
the commented "Check for existing tag" workflow step so the job fails fast when
releasing an already-published tag: re-enable the step named "Check for existing
tag" (the blocked run using TAG="${{ env.RELEASE_TAG }}" and git ls-remote
origin "refs/tags/${TAG}"), keep its condition if: ${{
github.event.inputs.action == 'full' || github.event.inputs.action == 'tag' }},
and ensure it prints a clear error including ${TAG} and exits with non-zero
status so downstream jobs like build-and-test are skipped on duplicate tags.

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

false && makes branch and half of full permanently unreachable.

Line 228 disables release-branch creation for all inputs, so action=branch can never work and action=full silently degrades into “tag only if the branch already exists.” That breaks future stable releases for new major.minor values. If this is only meant to unblock release-v1.1, gate it on that version instead of globally short-circuiting the job.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/release-orchestrator.yml around lines 227 - 228, The
if-condition currently short-circuits release branch creation by prefixing the
job-level conditional with "false &&", making "action=branch" and parts of
"action=full" unreachable; remove the "false &&" short-circuit from the if
expression and replace it with a targeted guard that only disables branch
creation for the specific exceptional case (e.g., check for the existing release
name like release-v1.1 or a dedicated input flag) so the original condition
(needs.validate.outputs.branch-exists == 'false' && (github.event.inputs.action
== 'full' || github.event.inputs.action == 'branch') &&
github.event.inputs.pre_release_id == '') can run normally for new releases
while still blocking only the known existing-release case.

[yashodgayashan]

Closing this as invalid