added PR reviewer workflow #6
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: PR Review | |
| on: | |
| issue_comment: # Enables /review command in PR comments | |
| types: [created] | |
| pull_request_review_comment: # Captures feedback on review comments for learning | |
| types: [created] | |
| pull_request_target: # Triggers auto-review on PR open; uses base branch context so secrets work with forks | |
| types: [ready_for_review, opened] | |
| permissions: | |
| contents: read | |
| jobs: | |
| review: | |
| uses: docker/cagent-action/.github/workflows/review-pr.yml@latest | |
| # Scoped to the job so other jobs in this workflow aren't over-permissioned | |
| permissions: | |
| contents: read # Read repository files and PR diffs | |
| pull-requests: write # Post review comments and approve/request changes | |
| issues: write # Create security incident issues if secrets are detected in output | |
| secrets: | |
| ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} | |
| CAGENT_ORG_MEMBERSHIP_TOKEN: ${{ secrets.CAGENT_ORG_MEMBERSHIP_TOKEN }} # PAT with read:org scope; gates auto-reviews to org members only | |
| CAGENT_REVIEWER_APP_ID: ${{ secrets.CAGENT_REVIEWER_APP_ID }} # GitHub App ID; reviews appear as your app instead of github-actions[bot] | |
| CAGENT_REVIEWER_APP_PRIVATE_KEY: ${{ secrets.CAGENT_REVIEWER_APP_PRIVATE_KEY }} # GitHub App private key; paired with App ID above | |
| with: | |
| add-prompt-files: "CLAUDE.md" |