mirror of
https://github.com/imjasonh/git-k8s
synced 2026-07-10 15:41:54 +00:00
compile again
Signed-off-by: Jason Hall <imjasonh@gmail.com>
This commit is contained in:
parent
dfacd609b5
commit
3d9ad780f3
1 changed files with 7 additions and 7 deletions
14
.github/workflows/code-review.lock.yml
generated
vendored
14
.github/workflows/code-review.lock.yml
generated
vendored
|
|
@ -27,7 +27,7 @@
|
|||
# pushes minor fixes (formatting, linting) directly. Assigns the maintainer
|
||||
# only when human judgment is genuinely needed.
|
||||
#
|
||||
# gh-aw-metadata: {"schema_version":"v1","frontmatter_hash":"007ad9202bdb3d170000a59f0c090c87226ca3ae38058806d15d02ca9d029668","compiler_version":"v0.50.7"}
|
||||
# gh-aw-metadata: {"schema_version":"v1","frontmatter_hash":"dfa45fdc312db55a0f80440c4033526192f20ea76482ba2b11c9740be8651fdf","compiler_version":"v0.50.7"}
|
||||
|
||||
name: "Automated Code Reviewer"
|
||||
"on":
|
||||
|
|
@ -344,17 +344,16 @@ jobs:
|
|||
run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.23.0
|
||||
- name: Install Claude Code CLI
|
||||
run: npm install -g --silent @anthropic-ai/claude-code@2.1.62
|
||||
- name: Validate lockdown mode requirements
|
||||
id: validate-lockdown-requirements
|
||||
- name: Determine automatic lockdown mode for GitHub MCP Server
|
||||
id: determine-automatic-lockdown
|
||||
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
|
||||
env:
|
||||
GITHUB_MCP_LOCKDOWN_EXPLICIT: "true"
|
||||
GH_AW_GITHUB_TOKEN: ${{ secrets.GH_AW_GITHUB_TOKEN }}
|
||||
GH_AW_GITHUB_MCP_SERVER_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN }}
|
||||
with:
|
||||
script: |
|
||||
const validateLockdownRequirements = require('/opt/gh-aw/actions/validate_lockdown_requirements.cjs');
|
||||
validateLockdownRequirements(core);
|
||||
const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs');
|
||||
await determineAutomaticLockdown(github, context, core);
|
||||
- name: Download container images
|
||||
run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/gh-aw-firewall/agent:0.23.0 ghcr.io/github/gh-aw-firewall/api-proxy:0.23.0 ghcr.io/github/gh-aw-firewall/squid:0.23.0 ghcr.io/github/gh-aw-mcpg:v0.1.6 ghcr.io/github/github-mcp-server:v0.31.0 node:lts-alpine
|
||||
- name: Write Safe Outputs Config
|
||||
|
|
@ -750,6 +749,7 @@ jobs:
|
|||
GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }}
|
||||
GH_AW_SAFE_OUTPUTS_API_KEY: ${{ steps.safe-outputs-start.outputs.api_key }}
|
||||
GH_AW_SAFE_OUTPUTS_PORT: ${{ steps.safe-outputs-start.outputs.port }}
|
||||
GITHUB_MCP_LOCKDOWN: ${{ steps.determine-automatic-lockdown.outputs.lockdown == 'true' && '1' || '0' }}
|
||||
GITHUB_MCP_SERVER_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
|
||||
run: |
|
||||
set -eo pipefail
|
||||
|
|
@ -774,7 +774,7 @@ jobs:
|
|||
"github": {
|
||||
"container": "ghcr.io/github/github-mcp-server:v0.31.0",
|
||||
"env": {
|
||||
"GITHUB_LOCKDOWN_MODE": "1",
|
||||
"GITHUB_LOCKDOWN_MODE": "$GITHUB_MCP_LOCKDOWN",
|
||||
"GITHUB_PERSONAL_ACCESS_TOKEN": "$GITHUB_MCP_SERVER_TOKEN",
|
||||
"GITHUB_READ_ONLY": "1",
|
||||
"GITHUB_TOOLSETS": "pull_requests,repos"
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue