coderabbit-multi-env-setup

Configure CodeRabbit review behavior per branch and environment using path instructions and base branches. Use when setting different review profiles per branch, configuring stricter reviews for release branches, or customizing CodeRabbit behavior across dev/staging/prod workflows. Trigger with phrases like "coderabbit environments", "coderabbit staging", "coderabbit per-branch config", "coderabbit release review", "coderabbit environment setup".

25 stars

byComeOnOliver

View on GitHub Installation ↓

Best use case

coderabbit-multi-env-setup is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Teams using coderabbit-multi-env-setup should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

You only need a quick one-off answer and do not need a reusable workflow.
You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/coderabbit-multi-env-setup/SKILL.md --create-dirs "https://raw.githubusercontent.com/ComeOnOliver/skillshub/main/skills/jeremylongshore/claude-code-plugins-plus-skills/coderabbit-multi-env-setup/SKILL.md"

Manual Installation

Download SKILL.md from GitHub
Place it in .claude/skills/coderabbit-multi-env-setup/SKILL.md inside your project
Restart your AI agent — it will auto-discover the skill

How coderabbit-multi-env-setup Compares

Feature / Agent	coderabbit-multi-env-setup	Standard Approach
Platform Support	Not specified	Limited / Varies
Context Awareness	High	Baseline
Installation Complexity	Unknown	N/A

Frequently Asked Questions

What does this skill do?

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

Related Guides

Cursor vs Codex for AI Workflows

Compare Cursor and Codex for AI coding workflows, repository assistance, debugging, refactoring, and reusable developer skills.

AI Agents for Coding

Browse AI agent skills for coding, debugging, testing, refactoring, code review, and developer workflows across Claude, Cursor, and Codex.

Best AI Skills for Claude

Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.

SKILL.md Source

# CodeRabbit Multi-Environment Setup

## Overview
Configure CodeRabbit review behavior based on branch targets and environments. CodeRabbit reads `.coderabbit.yaml` from the PR's base branch, allowing different review configurations per branch. This enables stricter reviews for production branches, relaxed reviews for development, and custom instructions per environment.

## Prerequisites
- CodeRabbit GitHub App installed on repository
- Branch strategy defined (e.g., GitFlow, trunk-based, GitHub Flow)
- `.coderabbit.yaml` committed to each relevant branch

## How Branch-Based Config Works
```
Developer opens PR: feature/auth → develop
  CodeRabbit reads: .coderabbit.yaml from develop branch
  Profile: "chill" (development, quick iteration)

Developer opens PR: develop → main
  CodeRabbit reads: .coderabbit.yaml from main branch
  Profile: "assertive" (production, thorough review)

Developer opens PR: hotfix/fix → release/v2.1
  CodeRabbit reads: .coderabbit.yaml from release/v2.1 branch
  Profile: "assertive" + security-focused instructions
```

## Instructions

### Step 1: Configure Development Branch (Relaxed)
```yaml
# .coderabbit.yaml on develop branch
language: "en-US"

reviews:
  profile: "chill"                     # Fewer comments for rapid iteration
  request_changes_workflow: false      # Don't block merges to develop
  high_level_summary: true
  sequence_diagrams: false             # Skip diagrams for dev PRs

  auto_review:
    enabled: true
    drafts: false
    base_branches:
      - develop
    ignore_title_keywords:
      - "WIP"
      - "DO NOT MERGE"
      - "experiment"

  path_filters:
    - "!**/*.lock"
    - "!**/*.snap"
    - "!dist/**"
    - "!**/*.generated.*"

  path_instructions:
    - path: "**"
      instructions: |
        Development branch review:
        - Only flag bugs, security issues, and obvious errors
        - Do NOT comment on code style, naming, or formatting
        - Do NOT suggest refactoring unless it fixes a bug

chat:
  auto_reply: true
```

### Step 2: Configure Production Branch (Strict)
```yaml
# .coderabbit.yaml on main branch
language: "en-US"

reviews:
  profile: "assertive"                 # Thorough review for production
  request_changes_workflow: true       # Block merge on issues
  high_level_summary: true
  high_level_summary_in_walkthrough: true
  sequence_diagrams: true
  review_status: true

  auto_review:
    enabled: true
    drafts: false
    base_branches:
      - main

  path_filters:
    - "!**/*.lock"
    - "!**/*.snap"
    - "!dist/**"
    - "!vendor/**"

  path_instructions:
    - path: "**"
      instructions: |
        Production review checklist:
        1. Flag any hardcoded secrets, API keys, or credentials
        2. Check error handling: no empty catch blocks, proper error propagation
        3. Verify input validation on all API endpoints
        4. Check for proper logging (structured, no PII)

    - path: "src/api/**"
      instructions: |
        API review (production):
        - Verify proper HTTP status codes
        - Check auth middleware is applied to protected routes
        - Validate request bodies with schema validation
        - Ensure error responses follow RFC 7807 format
        - Flag missing rate limiting

    - path: "src/db/**"
      instructions: |
        Database review (production):
        - All queries MUST use parameterized statements
        - Transactions required for multi-table mutations
        - Check for N+1 query patterns
        - Verify index usage for complex queries
        - Flag any raw SQL string concatenation

    - path: ".github/workflows/**"
      instructions: |
        CI/CD review (production):
        - Pin ALL action versions to SHA (not tags)
        - Never echo or log secrets
        - Include timeout-minutes on all jobs
        - Use OIDC for cloud provider authentication

chat:
  auto_reply: true
```

### Step 3: Configure Release Branch (Security-Focused)
```yaml
# .coderabbit.yaml on release/* branches
language: "en-US"

reviews:
  profile: "assertive"
  request_changes_workflow: true       # Block merges on issues

  auto_review:
    enabled: true
    drafts: false
    base_branches:
      - "release/*"

  path_instructions:
    - path: "**"
      instructions: |
        RELEASE BRANCH - Security and stability focus:
        1. Flag ANY security vulnerability (priority over all other feedback)
        2. Check for backward compatibility
        3. Verify no debug code (console.log, debugger statements)
        4. Ensure proper error messages (no stack traces exposed to users)
        5. Check for feature flags guarding unreleased features
        Only provide feedback on bugs and security. Skip style comments entirely.

    - path: "src/auth/**"
      instructions: |
        CRITICAL PATH for release. Check:
        - Token validation and expiry
        - Session management security
        - CSRF protection
        - No auth bypass vulnerabilities

chat:
  auto_reply: true
```

### Step 4: Maintain Branch Configs with a Script
```bash
#!/bin/bash
# update-coderabbit-configs.sh - Keep branch configs in sync
set -euo pipefail

CURRENT_BRANCH=$(git branch --show-current)

# Update develop branch config
git checkout develop 2>/dev/null || git checkout -b develop
cp configs/coderabbit-develop.yaml .coderabbit.yaml
git add .coderabbit.yaml
git diff --cached --quiet || git commit -m "chore: update CodeRabbit config for develop"

# Update main branch config
git checkout main
cp configs/coderabbit-main.yaml .coderabbit.yaml
git add .coderabbit.yaml
git diff --cached --quiet || git commit -m "chore: update CodeRabbit config for main"

# Return to original branch
git checkout "$CURRENT_BRANCH"

echo "CodeRabbit configs updated on develop and main"
echo "Push both branches to apply: git push origin develop main"
```

### Step 5: Verify Per-Branch Configuration
```markdown
# On a PR targeting develop:
@coderabbitai configuration
# Should show: profile: "chill", request_changes_workflow: false

# On a PR targeting main:
@coderabbitai configuration
# Should show: profile: "assertive", request_changes_workflow: true

# If both show the same config, the branch-specific .coderabbit.yaml
# is not committed to the base branch. Verify with:
# git show main:.coderabbit.yaml
# git show develop:.coderabbit.yaml
```

### Step 6: Branch Protection per Environment
```bash
set -euo pipefail
OWNER="your-org"
REPO="your-repo"

# Main: require CodeRabbit approval
gh api "repos/$OWNER/$REPO/branches/main/protection" \
  --method PUT \
  --field 'required_status_checks={"strict":true,"contexts":["coderabbitai"]}' \
  --field 'required_pull_request_reviews={"required_approving_review_count":1}' \
  --field 'enforce_admins=true' \
  --field 'restrictions=null'

# Develop: CodeRabbit review optional (not required)
gh api "repos/$OWNER/$REPO/branches/develop/protection" \
  --method PUT \
  --field 'required_status_checks={"strict":false,"contexts":[]}' \
  --field 'required_pull_request_reviews={"required_approving_review_count":0}' \
  --field 'enforce_admins=false' \
  --field 'restrictions=null'

echo "Branch protection configured"
echo "  main: CodeRabbit required"
echo "  develop: CodeRabbit optional"
```

## Output
- Branch-specific `.coderabbit.yaml` configs committed
- Development branch with relaxed review profile
- Production branch with strict review and security instructions
- Release branches with security-focused review
- Branch protection rules aligned with review policies

## Error Handling
| Issue | Cause | Solution |
|-------|-------|----------|
| Same review profile on all branches | Config only on one branch | Commit different `.coderabbit.yaml` to each base branch |
| Config changes not applied | YAML not on the base branch | Merge config changes to the target branch first |
| PR to main gets "chill" review | `.coderabbit.yaml` on main has wrong profile | Check config with `git show main:.coderabbit.yaml` |
| Release branch not reviewed | `base_branches` doesn't include `release/*` | Add glob pattern `release/*` to base_branches |

## Resources
- [CodeRabbit Configuration Reference](https://docs.coderabbit.ai/reference/configuration)
- [CodeRabbit Branch-Based Config](https://docs.coderabbit.ai/guides/review-instructions)
- [GitHub Branch Protection](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository)

## Next Steps
For deployment and org-wide rollout, see `coderabbit-deploy-integration`.

Related Skills

websocket-handler-setup

from ComeOnOliver/skillshub

Websocket Handler Setup - Auto-activating skill for Backend Development. Triggers on: websocket handler setup, websocket handler setup Part of the Backend Development skill category.

vpc-network-setup

from ComeOnOliver/skillshub

Vpc Network Setup - Auto-activating skill for GCP Skills. Triggers on: vpc network setup, vpc network setup Part of the GCP Skills skill category.

tensorflow-serving-setup

from ComeOnOliver/skillshub

Tensorflow Serving Setup - Auto-activating skill for ML Deployment. Triggers on: tensorflow serving setup, tensorflow serving setup Part of the ML Deployment skill category.

sqs-queue-setup

from ComeOnOliver/skillshub

Sqs Queue Setup - Auto-activating skill for AWS Skills. Triggers on: sqs queue setup, sqs queue setup Part of the AWS Skills skill category.

spy-setup-helper

from ComeOnOliver/skillshub

Spy Setup Helper - Auto-activating skill for Test Automation. Triggers on: spy setup helper, spy setup helper Part of the Test Automation skill category.

spike-test-setup

from ComeOnOliver/skillshub

Spike Test Setup - Auto-activating skill for Performance Testing. Triggers on: spike test setup, spike test setup Part of the Performance Testing skill category.

sla-monitor-setup

from ComeOnOliver/skillshub

Sla Monitor Setup - Auto-activating skill for Enterprise Workflows. Triggers on: sla monitor setup, sla monitor setup Part of the Enterprise Workflows skill category.

server-sent-events-setup

from ComeOnOliver/skillshub

Server Sent Events Setup - Auto-activating skill for API Integration. Triggers on: server sent events setup, server sent events setup Part of the API Integration skill category.

react-context-setup

from ComeOnOliver/skillshub

React Context Setup - Auto-activating skill for Frontend Development. Triggers on: react context setup, react context setup Part of the Frontend Development skill category.

rds-instance-setup

from ComeOnOliver/skillshub

Rds Instance Setup - Auto-activating skill for AWS Skills. Triggers on: rds instance setup, rds instance setup Part of the AWS Skills skill category.

rabbitmq-queue-setup

from ComeOnOliver/skillshub

Rabbitmq Queue Setup - Auto-activating skill for Backend Development. Triggers on: rabbitmq queue setup, rabbitmq queue setup Part of the Backend Development skill category.

pre-commit-hook-setup

from ComeOnOliver/skillshub

Pre Commit Hook Setup - Auto-activating skill for DevOps Basics. Triggers on: pre commit hook setup, pre commit hook setup Part of the DevOps Basics skill category.