feat: add centralized contributor governance workflow

[R-Lawton]

adds a reusable GitHub Actions workflow that enforces contributor governance across Kuadrant repos:

• auto-labels new issues with triage/needs-triage
• protects triage labels — only org members can change them
• closes PRs from non-org-members that don't link to a triaged issue
• limits external contributors to one active PR per repo (extras auto-drafted)

target repos adopt this via a thin caller workflow (~15 lines) with secrets: inherit.

TEST REPO https://github.com/Kuadrant/governance-test

requires

• org-level secret ORG_MEMBER_TOKEN with read:org scope (done)
• triage/* labels created in target repos (separate rollout step)

[coderabbitai]

Warning

Review limit reached

@R-Lawton, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 3 minutes and 53 seconds. Learn how PR review limits work.

Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file).

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits.

🚦 How do rate limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan refill rate.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, the refill rate gradually slows as usage increases. The highest same-day bursts are limited more strictly.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 72c045cb-6cf1-4cb9-8545-905e7e18ce62

📥 Commits

Reviewing files that changed from the base of the PR and between 4ba7a5e and ef0cdfc.

📒 Files selected for processing (1)

• .github/workflows/contributor-governance.yml

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/contributor-governance

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[eguzki]

I wonder about adding some documentation in our contributors guides related to this governance workflow. Maybe some template in this repo so others can render their own?