TT-15793 add wf to test branch recomendation merges

[sredxny]

Description

.

Related Issue

Motivation and Context

How This Has Been Tested

Screenshots (if appropriate)

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Refactoring or add test (improvements in base code or adds test coverage to functionality)

Checklist

• I ensured that the documentation is up to date
• I explained why this PR updates go.mod in detail with reasoning why it's required
• I would like a code coverage CI quality gate exception and have explained why

Ticket Details

TT-15793

Status	In Dev
Summary	Implement Intelligent Branch Merge Recommendations

Generated at: 2025-11-05 18:28:44

[github-actions]

API Changes

--- prev.txt	2025-11-05 18:29:05.615964723 +0000
+++ current.txt	2025-11-05 18:28:55.874958610 +0000
@@ -5476,13 +5476,13 @@
 func NewMockCertificateManager(ctrl *gomock.Controller) *MockCertificateManager
     NewMockCertificateManager creates a new mock instance.
 
-func (m *MockCertificateManager) Add(certData []byte, orgID string) (string, error)
+func (m *MockCertificateManager) Add(arg0 []byte, arg1 string) (string, error)
     Add mocks base method.
 
-func (m *MockCertificateManager) CertPool(certIDs []string) *x509.CertPool
+func (m *MockCertificateManager) CertPool(arg0 []string) *x509.CertPool
     CertPool mocks base method.
 
-func (m *MockCertificateManager) Delete(certID, orgID string)
+func (m *MockCertificateManager) Delete(arg0, arg1 string)
     Delete mocks base method.
 
 func (m *MockCertificateManager) EXPECT() *MockCertificateManagerMockRecorder
@@ -5491,19 +5491,19 @@
 func (m *MockCertificateManager) FlushCache()
     FlushCache mocks base method.
 
-func (m *MockCertificateManager) GetRaw(certID string) (string, error)
+func (m *MockCertificateManager) GetRaw(arg0 string) (string, error)
     GetRaw mocks base method.
 
-func (m *MockCertificateManager) List(certIDs []string, mode certs.CertificateType) []*tls.Certificate
+func (m *MockCertificateManager) List(arg0 []string, arg1 certs.CertificateType) []*tls.Certificate
     List mocks base method.
 
-func (m *MockCertificateManager) ListAllIds(prefix string) []string
+func (m *MockCertificateManager) ListAllIds(arg0 string) []string
     ListAllIds mocks base method.
 
-func (m *MockCertificateManager) ListPublicKeys(keyIDs []string) []string
+func (m *MockCertificateManager) ListPublicKeys(arg0 []string) []string
     ListPublicKeys mocks base method.
 
-func (m *MockCertificateManager) ListRawPublicKey(keyID string) any
+func (m *MockCertificateManager) ListRawPublicKey(arg0 string) any
     ListRawPublicKey mocks base method.
 
 type MockCertificateManagerMockRecorder struct {
@@ -5512,31 +5512,31 @@
     MockCertificateManagerMockRecorder is the mock recorder for
     MockCertificateManager.
 
-func (mr *MockCertificateManagerMockRecorder) Add(certData, orgID any) *gomock.Call
+func (mr *MockCertificateManagerMockRecorder) Add(arg0, arg1 any) *gomock.Call
     Add indicates an expected call of Add.
 
-func (mr *MockCertificateManagerMockRecorder) CertPool(certIDs any) *gomock.Call
+func (mr *MockCertificateManagerMockRecorder) CertPool(arg0 any) *gomock.Call
     CertPool indicates an expected call of CertPool.
 
-func (mr *MockCertificateManagerMockRecorder) Delete(certID, orgID any) *gomock.Call
+func (mr *MockCertificateManagerMockRecorder) Delete(arg0, arg1 any) *gomock.Call
     Delete indicates an expected call of Delete.
 
 func (mr *MockCertificateManagerMockRecorder) FlushCache() *gomock.Call
     FlushCache indicates an expected call of FlushCache.
 
-func (mr *MockCertificateManagerMockRecorder) GetRaw(certID any) *gomock.Call
+func (mr *MockCertificateManagerMockRecorder) GetRaw(arg0 any) *gomock.Call
     GetRaw indicates an expected call of GetRaw.
 
-func (mr *MockCertificateManagerMockRecorder) List(certIDs, mode any) *gomock.Call
+func (mr *MockCertificateManagerMockRecorder) List(arg0, arg1 any) *gomock.Call
     List indicates an expected call of List.
 
-func (mr *MockCertificateManagerMockRecorder) ListAllIds(prefix any) *gomock.Call
+func (mr *MockCertificateManagerMockRecorder) ListAllIds(arg0 any) *gomock.Call
     ListAllIds indicates an expected call of ListAllIds.
 
-func (mr *MockCertificateManagerMockRecorder) ListPublicKeys(keyIDs any) *gomock.Call
+func (mr *MockCertificateManagerMockRecorder) ListPublicKeys(arg0 any) *gomock.Call
     ListPublicKeys indicates an expected call of ListPublicKeys.
 
-func (mr *MockCertificateManagerMockRecorder) ListRawPublicKey(keyID any) *gomock.Call
+func (mr *MockCertificateManagerMockRecorder) ListRawPublicKey(arg0 any) *gomock.Call
     ListRawPublicKey indicates an expected call of ListRawPublicKey.
 
 # Package: ./checkup
@@ -6532,15 +6532,6 @@
 	Tags []string `json:"tags"`
 }
 
-type DNSMonitorConfig struct {
-	// Enable background DNS monitoring for proactive detection of MDCB DNS changes
-	Enabled bool `json:"enabled"`
-	// Check interval in seconds for DNS monitoring (default: 30)
-	CheckInterval int `json:"check_interval"`
-}
-    DNSMonitorConfig configures the background DNS monitoring for worker
-    gateways
-
 type DevelopmentConfig struct{}
     DevelopmentConfig should contain no flags for official release builds.
 
@@ -7123,9 +7114,6 @@
 
 	// SynchroniserEnabled enable this config if MDCB has enabled the synchoniser. If disabled then it will ignore signals to synchonise recources
 	SynchroniserEnabled bool `json:"synchroniser_enabled"`
-
-	// DNSMonitor configures background DNS monitoring for proactive detection of MDCB DNS changes
-	DNSMonitor DNSMonitorConfig `json:"dns_monitor"`
 }
 
 type StorageOptionsConf struct {
@@ -8111,8 +8099,6 @@
 	CacheOptions
 	OASDefinition
 	SelfLooping
-	// RequestStartTime holds the time when the request entered the middleware chain
-	RequestStartTime
 )
 # Package: ./dlpython
 
@@ -12566,51 +12552,6 @@
     HTTP response code if provided. The message is usually just "Finished" for
     those cases, this would likely produce a better log message.
 
-# Package: ./pkg/alias/crypto
-
-package crypto // import "github.com/TykTechnologies/tyk/pkg/alias/crypto"
-
-
-VARIABLES
-
-var (
-	HashStr = crypto.HashStr
-)
-# Package: ./pkg/alias/gateway
-
-package gateway // import "github.com/TykTechnologies/tyk/pkg/alias/gateway"
-
-
-CONSTANTS
-
-const (
-	EventBreakerTriggered  = event.BreakerTriggered
-	EventRateLimitExceeded = event.RateLimitExceeded
-	EventWebHookHandler    = event.WebHookHandler
-	TestHttpAny            = gateway.TestHttpAny
-)
-
-VARIABLES
-
-var (
-	LoopingUrl            = gateway.LoopingUrl
-	StartTest             = gateway.StartTest
-	InitTestMain          = gateway.InitTestMain
-	CreateStandardSession = gateway.CreateStandardSession
-	APILoopingName        = gateway.APILoopingName
-	EnableTestDNSMock     = gateway.EnableTestDNSMock
-)
-
-TYPES
-
-type APIAllCertificateBasics = gateway.APIAllCertificateBasics
-
-type OASSchemaResponse = gateway.OASSchemaResponse
-
-type Test = gateway.Test
-
-type TestConfig = gateway.TestConfig
-
 # Package: ./pkg/errpack
 
 package errpack // import "github.com/TykTechnologies/tyk/pkg/errpack"
@@ -12917,9 +12858,6 @@
     fall into emergency mode( That is handled outside of this function call)
 
 func GroupLogin() bool
-func IsDNSMonitorRunning() bool
-    IsDNSMonitorRunning returns whether the DNS monitor is currently running
-
 func IsEmergencyMode() bool
 func LoadCount() int
 func Login() bool
@@ -12932,12 +12870,6 @@
     SetEmergencyMode used in tests to force emergency mode
 
 func SetLoadCounts(t *testing.T, value int)
-func StartDNSMonitor(enabled bool, checkInterval int, connectionString string)
-    StartDNSMonitor initializes and starts the background DNS monitor
-
-func StopDNSMonitor()
-    StopDNSMonitor gracefully stops the DNS monitor
-
 
 TYPES
 
@@ -12953,24 +12885,17 @@
 	CallTimeout           int    `json:"call_timeout"`
 	PingTimeout           int    `json:"ping_timeout"`
 	RPCPoolSize           int    `json:"rpc_pool_size"`
-	DNSMonitorEnabled     bool   `json:"dns_monitor_enabled"`
-	DNSMonitorInterval    int    `json:"dns_monitor_interval"`
-}
-
-type DNSMonitor struct {
-	// Has unexported fields.
 }
-    DNSMonitor handles background DNS monitoring for worker gateways
 
 type DNSResolver interface {
-	LookupIP(ctx context.Context, host string) ([]net.IP, error)
+	LookupIP(host string) ([]net.IP, error)
 }
     DNSResolver provides methods for DNS resolution
 
 type DefaultDNSResolver struct{}
     DefaultDNSResolver implements DNSResolver using the standard library
 
-func (r *DefaultDNSResolver) LookupIP(ctx context.Context, host string) ([]net.IP, error)
+func (r *DefaultDNSResolver) LookupIP(host string) ([]net.IP, error)
 
 type Purger struct {
 	Store storage.Handler
@@ -13704,7 +13629,7 @@
 func (m *MockHandler) GetRawKey(arg0 string) (string, error)
     GetRawKey mocks base method.
 
-func (m *MockHandler) GetRollingWindow(key string, per int64, pipeline bool) (int, []any)
+func (m *MockHandler) GetRollingWindow(arg0 string, arg1 int64, arg2 bool) (int, []any)
     GetRollingWindow mocks base method.
 
 func (m *MockHandler) GetSet(arg0 string) (map[string]string, error)
@@ -13734,7 +13659,7 @@
 func (m *MockHandler) SetRawKey(arg0, arg1 string, arg2 int64) error
     SetRawKey mocks base method.
 
-func (m *MockHandler) SetRollingWindow(key string, per int64, val string, pipeline bool) (int, []any)
+func (m *MockHandler) SetRollingWindow(arg0 string, arg1 int64, arg2 string, arg3 bool) (int, []any)
     SetRollingWindow mocks base method.
 
 type MockHandlerMockRecorder struct {
@@ -13809,7 +13734,7 @@
 func (mr *MockHandlerMockRecorder) GetRawKey(arg0 any) *gomock.Call
     GetRawKey indicates an expected call of GetRawKey.
 
-func (mr *MockHandlerMockRecorder) GetRollingWindow(key, per, pipeline any) *gomock.Call
+func (mr *MockHandlerMockRecorder) GetRollingWindow(arg0, arg1, arg2 any) *gomock.Call
     GetRollingWindow indicates an expected call of GetRollingWindow.
 
 func (mr *MockHandlerMockRecorder) GetSet(arg0 any) *gomock.Call
@@ -13839,7 +13764,7 @@
 func (mr *MockHandlerMockRecorder) SetRawKey(arg0, arg1, arg2 any) *gomock.Call
     SetRawKey indicates an expected call of SetRawKey.
 
-func (mr *MockHandlerMockRecorder) SetRollingWindow(key, per, val, pipeline any) *gomock.Call
+func (mr *MockHandlerMockRecorder) SetRollingWindow(arg0, arg1, arg2, arg3 any) *gomock.Call
     SetRollingWindow indicates an expected call of SetRollingWindow.
 
 # Package: ./tcp

[probelabs]

🔍 Code Analysis Results

This PR introduces a new GitHub Actions workflow to provide intelligent merge target suggestions for pull requests.

Files Changed Analysis

• .github/workflows/branch-suggestion.yml: A new workflow file has been added (+17 lines). This change is confined to the repository's CI/CD configuration and does not impact the application's source code.

Architecture & Impact Assessment

• What this PR accomplishes: The PR adds a workflow that automatically suggests the correct base branches for pull requests. It integrates with Jira to read the ticket's "Fix Version" field, determines the appropriate release branches, and posts a comment on the PR with its recommendations. This aims to streamline the merge process and prevent changes from being missed in relevant release streams.

• Key technical changes introduced:

  • A new GitHub Actions workflow named intelligent branch merge suggestion. is added, triggered on pull_request events (opened, synchronize, reopened).
  • It utilizes a reusable workflow from the TykTechnologies/github-actions repository, pinned to a specific commit (c3d7081...).
  • It requires pull-requests: write permissions to comment on PRs and a JIRA_TOKEN secret to communicate with Jira.

• Affected system components: This change exclusively affects the developer workflow and CI/CD pipeline. It has no impact on the Tyk application's runtime architecture.

• Workflow Visualization:

  graph TD
      A[Pull Request Event] --> B{Trigger 'intelligent branch merge suggestion' workflow};
      B --> C[Execute reusable workflow<br>TykTechnologies/github-actions/branch-suggestion.yml];
      C -- Uses JIRA_TOKEN --> D[Fetch ticket details from Jira];
      D --> E[Determine correct base branches from 'Fix Version'];
      E --> F[Post merge suggestions as a PR comment];
  

  Loading

Scope Discovery & Context Expansion

• The core logic for determining branch suggestions is encapsulated within the reusable workflow in the TykTechnologies/github-actions repository. A full understanding of the suggestion mechanism would require analyzing that external workflow.
• The effectiveness of this automation depends on two external factors:
  1. Developers consistently linking PRs to the correct Jira tickets.
  2. The "Fix Version" field in Jira tickets being maintained accurately.
• The workflow is pinned to a specific commit hash. This is a good practice for stability but means that updates to the reusable workflow will require a manual change in this repository.

Metadata

• Review Effort: 1 / 5
• Primary Label: chore

---

Powered by Visor from Probelabs

Last updated: 2025-11-05T18:31:34.191Z | Triggered by: synchronize | Commit: 3cbdb37

💡 TIP: You can chat with Visor using /visor ask <your question>

[probelabs]

🔍 Code Analysis Results

Security Issues (1)

Severity	Location	Issue
🟡 Warning	.github/workflows/branch-suggestion.yml:17	The workflow passes a JIRA_TOKEN to a reusable workflow. To adhere to the principle of least privilege, the permissions associated with this token should be minimized. 💡 Suggestion Ensure the `JIRA_TOKEN` secret is configured with the minimum required permissions in Jira. It should ideally have read-only access limited to the specific projects needed to fetch ticket information. This minimizes the potential impact should the token ever be exposed.

✅ Architecture Check Passed

No architecture issues found – changes LGTM.

✅ Performance Check Passed

No performance issues found – changes LGTM.

Quality Issues (2)

Severity	Location	Issue
🟡 Warning	.github/workflows/branch-suggestion.yml:1	The workflow name 'intelligent branch merge suggestion.' does not follow common conventions for GitHub Actions. Workflow names are typically capitalized and should not end with a period, which improves readability and consistency in the Actions UI. 💡 Suggestion Rename the workflow to 'Intelligent Branch Merge Suggestion'.
🟡 Warning	.github/workflows/branch-suggestion.yml:17	The file is missing a final newline character. POSIX standards recommend that text files end with a newline, and its absence can cause issues with some command-line tools and scripts. 💡 Suggestion Add a newline at the end of the file.

✅ Dependency Check Passed

No dependency issues found – changes LGTM.

✅ Connectivity Check Passed

No connectivity issues found – changes LGTM.

---

Powered by Visor from Probelabs

Last updated: 2025-11-05T18:31:35.531Z | Triggered by: synchronize | Commit: 3cbdb37

💡 TIP: You can chat with Visor using /visor ask <your question>

[github-actions]

🎯 Recommended Merge Targets

Based on JIRA ticket TT-15793: Implement Intelligent Branch Merge Recommendations

Fix Version: Tyk 5.10.1

Required:

• release-5.10.1 - Exact version branch for Tyk 5.10.1 - specific patch release
• release-5.10 - Minor version branch for 5.10.x patches - required for creating Tyk 5.10.1
• master - Main development branch - ensures fix is in all future releases

---

📋 Workflow

1. Merge this PR to master first

2. Cherry-pick to release branches by commenting on the merged PR:

   • /release to release-5.10.1
   • /release to release-5.10

3. Automated backport - The bot will automatically create backport PRs to the specified release branches

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
85.7% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud