diff --git a/.github/workflows/bot-reply.yml b/.github/workflows/bot-reply.yml index f7938f1a..6ffc5950 100644 --- a/.github/workflows/bot-reply.yml +++ b/.github/workflows/bot-reply.yml @@ -8,6 +8,8 @@ jobs: continuous-reply: # Skip if comment author is a bot (workflow will show as "skipped") if: | + secrets.BOT_APP_ID != '' && + secrets.BOT_PRIVATE_KEY != '' && github.event.comment.user.login != 'mirrobot' && github.event.comment.user.login != 'mirrobot-agent' && github.event.comment.user.login != 'mirrobot-agent[bot]' && @@ -635,4 +637,4 @@ jobs: LAST_REVIEWED_SHA="" fi VARS='$THREAD_CONTEXT $NEW_COMMENT_AUTHOR $NEW_COMMENT_BODY $THREAD_NUMBER $GITHUB_REPOSITORY $THREAD_AUTHOR $PR_HEAD_SHA $IS_FIRST_REVIEW $FULL_DIFF_PATH $INCREMENTAL_DIFF_PATH $LAST_REVIEWED_SHA' - FULL_DIFF_PATH="$FULL_DIFF_PATH" INCREMENTAL_DIFF_PATH="$INCREMENTAL_DIFF_PATH" LAST_REVIEWED_SHA="$LAST_REVIEWED_SHA" envsubst "$VARS" < /tmp/bot-reply.md | opencode run --share - \ No newline at end of file + FULL_DIFF_PATH="$FULL_DIFF_PATH" INCREMENTAL_DIFF_PATH="$INCREMENTAL_DIFF_PATH" LAST_REVIEWED_SHA="$LAST_REVIEWED_SHA" envsubst "$VARS" < /tmp/bot-reply.md | opencode run --share - diff --git a/.github/workflows/compliance-check.yml b/.github/workflows/compliance-check.yml index 18ef01ff..7534aca2 100644 --- a/.github/workflows/compliance-check.yml +++ b/.github/workflows/compliance-check.yml @@ -62,18 +62,22 @@ jobs: # Bot check is in the issue_comment branch - workflow shows "skipped" for bot comments # Note: workflow_run is NOT in this condition - the trigger exists but job skips unless other conditions match if: | - github.event_name == 'workflow_dispatch' || - (github.event_name == 'pull_request_target' && - (github.event.action == 'ready_for_review' || - (github.event.action == 'labeled' && contains(github.event.label.name, 'ready-for-merge')))) || + secrets.BOT_APP_ID != '' && + secrets.BOT_PRIVATE_KEY != '' && ( - github.event_name == 'issue_comment' && - github.event.issue.pull_request && - github.event.comment.user.login != 'mirrobot' && - github.event.comment.user.login != 'mirrobot-agent' && - github.event.comment.user.login != 'mirrobot-agent[bot]' && - (contains(github.event.comment.body, '/mirrobot-check') || - contains(github.event.comment.body, '/mirrobot_check')) + github.event_name == 'workflow_dispatch' || + (github.event_name == 'pull_request_target' && + (github.event.action == 'ready_for_review' || + (github.event.action == 'labeled' && contains(github.event.label.name, 'ready-for-merge')))) || + ( + github.event_name == 'issue_comment' && + github.event.issue.pull_request && + github.event.comment.user.login != 'mirrobot' && + github.event.comment.user.login != 'mirrobot-agent' && + github.event.comment.user.login != 'mirrobot-agent[bot]' && + (contains(github.event.comment.body, '/mirrobot-check') || + contains(github.event.comment.body, '/mirrobot_check')) + ) ) runs-on: ubuntu-latest diff --git a/.github/workflows/issue-comment.yml b/.github/workflows/issue-comment.yml index 2bc0a64b..2ffe648e 100644 --- a/.github/workflows/issue-comment.yml +++ b/.github/workflows/issue-comment.yml @@ -12,6 +12,7 @@ on: jobs: check-issue: + if: ${{ secrets.BOT_APP_ID != '' && secrets.BOT_PRIVATE_KEY != '' }} runs-on: ubuntu-latest permissions: contents: read @@ -154,4 +155,4 @@ jobs: run: | # Only substitute the variables we intend; leave example $vars and secrets intact VARS='${ISSUE_CONTEXT} ${ISSUE_NUMBER} ${ISSUE_AUTHOR}' - envsubst "$VARS" < /tmp/issue-comment.md | opencode run --share - \ No newline at end of file + envsubst "$VARS" < /tmp/issue-comment.md | opencode run --share - diff --git a/.github/workflows/pr-review.yml b/.github/workflows/pr-review.yml index 1ebea35c..98590e08 100644 --- a/.github/workflows/pr-review.yml +++ b/.github/workflows/pr-review.yml @@ -20,17 +20,21 @@ jobs: review-pr: # Bot check is in the issue_comment branch - workflow shows "skipped" for bot comments if: | - github.event_name == 'workflow_dispatch' || - (github.event.action == 'opened' && github.event.pull_request.draft == false) || - github.event.action == 'ready_for_review' || - (github.event.action == 'synchronize' && contains(github.event.pull_request.labels.*.name, 'Agent Monitored')) || + secrets.BOT_APP_ID != '' && + secrets.BOT_PRIVATE_KEY != '' && ( - github.event_name == 'issue_comment' && - github.event.issue.pull_request && - github.event.comment.user.login != 'mirrobot' && - github.event.comment.user.login != 'mirrobot-agent' && - github.event.comment.user.login != 'mirrobot-agent[bot]' && - (contains(github.event.comment.body, '/mirrobot-review') || contains(github.event.comment.body, '/mirrobot_review')) + github.event_name == 'workflow_dispatch' || + (github.event.action == 'opened' && github.event.pull_request.draft == false) || + github.event.action == 'ready_for_review' || + (github.event.action == 'synchronize' && contains(github.event.pull_request.labels.*.name, 'Agent Monitored')) || + ( + github.event_name == 'issue_comment' && + github.event.issue.pull_request && + github.event.comment.user.login != 'mirrobot' && + github.event.comment.user.login != 'mirrobot-agent' && + github.event.comment.user.login != 'mirrobot-agent[bot]' && + (contains(github.event.comment.body, '/mirrobot-review') || contains(github.event.comment.body, '/mirrobot_review')) + ) ) runs-on: ubuntu-latest permissions: @@ -793,4 +797,4 @@ jobs: fi else echo "Verification passed! No corrections needed." - fi \ No newline at end of file + fi diff --git a/.github/workflows/status-check-init.yml b/.github/workflows/status-check-init.yml index 0e676b4d..60dbca96 100644 --- a/.github/workflows/status-check-init.yml +++ b/.github/workflows/status-check-init.yml @@ -6,6 +6,7 @@ on: jobs: init-status: + if: ${{ secrets.BOT_APP_ID != '' && secrets.BOT_PRIVATE_KEY != '' }} runs-on: ubuntu-latest permissions: statuses: write