feat(actions): add pr lifecycle workflow configuration

[0xisk]

Types of changes

What types of changes does your code introduce to OpenZeppelin Midnight Contracts?
Put an x in the boxes that apply

• Bugfix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation Update (if none of the other choices apply)

Fixes #371

PR Checklist

• I have read the Contributing Guide
• I have added tests that prove my fix is effective or that my feature works. See GUIDELINES.md#testing for more information.
• I have added documentation for new methods or changes to existing method behavior. See GUIDELINES.md#documentation for more information.
• CI Workflows Are Passing

Further comments

If this is a relatively large or complex change, kick off the discussion by explaining why you chose the solution you did and what alternatives you considered, etc...

Summary by CodeRabbit

• Chores
  • Added automated PR lifecycle workflow configuration to streamline pull request management and improve development process efficiency.

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

Walkthrough

A new GitHub Actions workflow is added to manage PR lifecycle events by delegating to a reusable template workflow, passing a project token for integration.

Changes

Cohort / File(s)	Summary
PR Lifecycle Workflow .github/pr-lifecycle.yml	New workflow file that triggers on PR state changes (opened, reopened, converted_to_draft, ready_for_review, closed) and delegates to a reusable template workflow from OpenZeppelin/midnight-handbook, passing PROJECT_TOKEN from secrets.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related issues

• PR Lifecycle workflow midnight-apps#295 — This PR implements the exact PR lifecycle state management (Draft → In Progress, Open → Needs Review, Closed → Completed) that was discussed in the related issue, providing the GitHub Actions infrastructure for managing PR transitions.

Poem

🐰 A workflow so neat, with events to complete,
PR states dance through the autumn breeze,
From draft to review, the journey anew,
Template-powered magic puts repos at ease! ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: adding a GitHub Actions workflow configuration for PR lifecycle management.
Linked Issues check	✅ Passed	The PR implements the core requirement from issue #371 by adding a workflow that manages PR lifecycle states through GitHub Actions, addressing the stated transitions (draft/open/closed states).
Out of Scope Changes check	✅ Passed	The PR contains only the necessary workflow configuration file with no extraneous changes outside the scope of the linked issue requirements.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/pr-lifecycle

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/pr-lifecycle.yml:
- Line 11: Replace the mutable branch ref in the reusable workflow invocation by
pinning the "uses" reference string
"OpenZeppelin/midnight-handbook/.github/workflows/pr-lifecycle-template.yml@main"
to a full immutable commit SHA: locate the "uses" entry in
.github/pr-lifecycle.yml and update the "@main" suffix to the exact commit SHA
(e.g., "@<commit-sha>") of the template repository, then commit the change so
the workflow calls that specific immutable revision.
- Around line 1-13: The workflow file defining "name: PR Lifecycle" and job
"pr-lifecycle" (which uses
OpenZeppelin/midnight-handbook/.github/workflows/pr-lifecycle-template.yml@main)
is placed in the wrong location and will never be picked up by GitHub Actions;
move this YAML into the repository's GitHub Actions workflows directory so
GitHub will load and run it, keeping the existing trigger block (pull_request
types), permissions, job name "pr-lifecycle" and secrets mapping intact.
- Around line 3-5: The workflow trigger uses pull_request which prevents access
to secrets for forked PRs; change the event key to pull_request_target (replace
pull_request: with pull_request_target:) so secrets.PROJECT_TOKEN is available
for fork PRs, and apply the same replacement for the other occurrence referenced
(lines 12-13); before merging, verify that the called workflow
(pr-lifecycle-template.yml) does not checkout or execute untrusted PR code to
avoid security risks when using pull_request_target.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 962d54a and fa94d5c.

📒 Files selected for processing (1)

• .github/pr-lifecycle.yml