Share GitHub login config validation

[xiefuzheng713-alt]

Refs #846 / Bounty #846.

Summary

• Adds a shared _github_login_list_errors() helper for deploy-time GitHub login list validation.
• Reuses it for both MERGEWORK_ADMIN_LOGINS and MERGEWORK_GITHUB_ACCEPTED_LABELERS.
• Preserves the existing required/empty/duplicate/invalid error messages and the cross-list admin inclusion check.

Duplicate check

I searched open PRs for deploy settings login validation helpers, MERGEWORK_ADMIN_LOGINS / MERGEWORK_GITHUB_ACCEPTED_LABELERS cleanup, and duplicate GitHub login config cleanup before opening this. I did not find an open PR covering this same helper extraction.

Validation

• uv run --extra dev python -m pytest tests/test_deploy_readiness.py -q -> 36 passed.
• uv run --extra dev ruff check app/config.py tests/test_deploy_readiness.py -> passed.
• uv run --extra dev ruff format --check app/config.py tests/test_deploy_readiness.py -> 2 files already formatted.
• uv run --extra dev mypy app/config.py -> success.
• git diff --check origin/main...HEAD -> clean.
• git merge-tree --write-tree origin/main HEAD -> clean tree abda6f4c7b8cc6d19c1ef4bc0fd2711b121cfce1.

Scope

Focused deploy-readiness maintainability cleanup only. No runtime auth behavior, ledger, wallet, treasury, payout, proposal execution, bridge, exchange, cash-out, MRWK price, private data, credentials, or secrets behavior changed.

Summary by CodeRabbit

• Refactor
  • Improved validation logic organization by consolidating repeated checks into a centralized helper, enhancing code maintainability.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: da1d7c54-67b2-4bf1-b2c6-e8f4a0419183

📥 Commits

Reviewing files that changed from the base of the PR and between d4d0e48 and e512e97.

📒 Files selected for processing (1)

• app/config.py

---

📝 Walkthrough

Walkthrough

app/config.py introduces a new helper function _github_login_list_errors() that consolidates validation for GitHub login environment lists. The function checks for required status, empty entries, duplicates, and login format validity. validate_deploy_settings() is refactored to call this helper for MERGEWORK_ADMIN_LOGINS and MERGEWORK_GITHUB_ACCEPTED_LABELERS, replacing duplicated inline conditional logic.

Changes

GitHub login validation refactoring

Layer / File(s)	Summary
Extract and integrate GitHub login list validation helper app/config.py	New _github_login_list_errors() helper centralizes validation logic for GitHub login tuple inputs (required/non-empty, no empty entries, no duplicates, valid format). validate_deploy_settings() refactored to call this helper for MERGEWORK_ADMIN_LOGINS and MERGEWORK_GITHUB_ACCEPTED_LABELERS instead of repeating inline checks.

🚥 Pre-merge checks | ✅ 6

✅ Passed checks (6 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Share GitHub login config validation' directly names the changed surface (GitHub login config validation refactoring) and accurately reflects the main change of extracting and sharing a validation helper.
Description check	✅ Passed	The PR description covers the summary, evidence of prior duplicate checking, and comprehensive validation across all required checks (pytest, ruff, mypy, git checks) with clear scope delineation.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Mergework Public Artifact Hygiene	✅ Passed	Documentation correctly describes MRWK as native ledger coin and explicitly disclaims cash-out/off-ramp features. No investment/price/fabricated payout claims found.
Bounty Pr Focus	✅ Passed	Diff matches stated scope: app/config.py refactors GitHub login validation with new shared helper, preserves error messages and logic, covered by tests, no unrelated changes.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[mauricemohr88-debug]

Reviewed current head e512e97bb6c2b4802502ca5190826611679e5cb1.

Approved. I inspected app/config.py and verified this is a behavior-preserving deploy-readiness refactor:

• _github_login_list_errors() centralizes the existing required, empty-entry, duplicate-login, and invalid-login checks for GitHub login lists;
• validate_deploy_settings() now uses the helper for both MERGEWORK_ADMIN_LOGINS and MERGEWORK_GITHUB_ACCEPTED_LABELERS while preserving the prior error text for each setting;
• the admin-includes-labelers cross-list check remains separate and still runs only when both lists are present;
• existing deploy-readiness coverage still exercises missing maintainer logins, duplicate admin/labeler logins, invalid login values, and empty CSV entries;
• no runtime auth behavior, ledger, wallet, treasury, payout, proposal execution, admin-token API, bridge, exchange, cash-out, MRWK price, private-data, credential, or secret-handling behavior is changed.

Validation on this exact head:

• uv run --python 3.12 --extra dev python -m pytest tests/test_deploy_readiness.py -q -> 36 passed.
• uv run --python 3.12 --extra dev ruff check app/config.py tests/test_deploy_readiness.py -> passed.
• uv run --python 3.12 --extra dev ruff format --check app/config.py tests/test_deploy_readiness.py -> 2 files already formatted.
• uv run --python 3.12 --extra dev mypy app/config.py -> success.
• uv run --python 3.12 --extra dev python scripts/docs_smoke.py -> docs smoke ok.
• git diff --check origin/main...HEAD -> clean.
• git merge-tree --write-tree origin/main HEAD -> clean tree 6855bd12da7fec87e704ac451aa01d089ef161d1.

GitHub state checked before approval: mergeStateStatus=CLEAN; hosted Quality, readiness, docs, and image checks and CodeRabbit statuses are successful on this head. I found no prior human review and no existing #838 claim for PR #887 / this head before posting this review.