chore(ci): migrate AI auto-review off sticky_namespace hack to use_sticky_comment: false

[sfreudenthaler]

Proposal

Replace the sticky_namespace: ${{ github.sha }} workaround in the ai-automatic-review job with the first-class use_sticky_comment: false input (dotCMS/ai-workflows v3.1.8, already on the pinned @v3).

-      # Each push gets a unique SHA → unique sticky marker → new comment instead of overwrite.
-      sticky_namespace: ${{ github.sha }}
+      use_sticky_comment: false

Why

Day-to-day behavior is equivalent — both produce a fresh review comment per commit with the in-progress placeholder reconciled to final. This isn't a behavior change for the common path; it's a clarity + correctness cleanup:

• sticky_namespace is the wrong tool. Its purpose is to separate different review jobs on one PR. Overloading it with the commit SHA to defeat stickiness is a hack; use_sticky_comment: false says what we actually mean.
• More correct on re-runs. The hack keys on github.sha (the PR merge commit, which changes when main advances even if the PR head doesn't), so re-running a review after a base move posts a duplicate comment for the same code. The flag keys on the PR head SHA → updates in place.
• Collision-safe for multi-model review (the main motivator). We're moving toward multiple review models. The flag's marker includes the model id (...:<model>:<sha>), so each model gets its own comment lane. The hack's marker is just the SHA, so two models reviewing the same commit would clobber each other's comment. (If we instead decide each model should share one lane, that's a deliberate choice we can make then — the point is the flag gives us the safe default.)

Verification

E2E-tested on the DeepSeek R1 (bedrock-generic) path in core-workflow-test (throwaway PR, now closed): two commits → two distinct final review comments, each in-progress placeholder reconciled in place, zero orphans.

Related (not fixed here)

A cancelled review run can still strand a "🔄 in progress" comment under this job's cancel-in-progress: true concurrency — that's an upstream gap in the bedrock-generic executor, fixed separately in dotCMS/ai-workflows#50. It affects the hack and the flag equally, so it's orthogonal to this migration.

Closes: #36301

🤖 Generated with Claude Code

[claude]

Claude finished @sfreudenthaler's task in 38s —— View job

---

Rollback Safety Analysis

• Read rollback-unsafe categories reference
• Get full PR diff
• Analyze diff against all unsafe categories

---

Result: ✅ Safe to Rollback

The only changed file is .github/workflows/ai_claude-orchestrator.yml — a CI/CD workflow configuration. The change replaces the sticky_namespace: ${{ github.sha }} workaround with use_sticky_comment: false.

Checked against all unsafe categories:

Category	Match
C-1 Structural Data Model Change	❌ No DB changes
C-2 Elasticsearch Mapping Change	❌ No ES changes
C-3 Content JSON Model Version Bump	❌ No content model changes
C-4 DROP TABLE/Column	❌ No DB changes
H-1 One-Way Data Migration	❌ No data migration
H-2 RENAME TABLE/COLUMN	❌ No DB changes
H-3 PK Restructuring	❌ No DB changes
H-4 New Content Type Field	❌ No content type changes
H-5 Storage Provider Change	❌ No storage changes
H-6 DROP PROCEDURE/FUNCTION	❌ No DB changes
H-7 NOT NULL Column	❌ No DB changes
H-8 VTL Viewtool Contract	❌ No VTL changes
M-1 Column Type Change	❌ No DB changes
M-2 Push Publishing Bundle Format	❌ No bundle changes
M-3 REST/GraphQL API Contract	❌ No API changes
M-4 OSGi Plugin API	❌ No OSGi changes

This is a pure CI workflow configuration change with no impact on application data, storage, or APIs.

[github-actions]

🤖 Bedrock Review — us.deepseek.r1-v1:0

New Issues

• 🟠 High: .github/workflows/ai_claude-orchestrator.yml:185 — Setting use_sticky_comment: false disables comment updates, causing duplicate review comments on workflow re-runs (retries/redeliveries). This contradicts the stated goal of "each commit gets its own review comment" since GitHub SHA remains constant per commit — multiple runs would create multiple comments instead of updating one. Should either set use_sticky_comment: true or remove the parameter to allow the orchestrator's built-in SHA+model collision protection.

---

_{Run: #28067285809 · tokens: in: 1341 · out: 990 · total: 2331}

[chatgpt-codex-connector]

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

[wezell]

Let's see if it works.

[mergify]

Tick the box to add this pull request to the merge queue (same as @mergifyio queue).

• Queue this pull request