Skip to content

Commit d10f0dc

Browse files
ci: add Grippy code review workflow (#5)
* ci: add Grippy code review workflow Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: install grippy-code-review from GitHub repo Package is not yet published to PyPI, so install directly from the Project-Navi/grippy-code-review repository. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: address code review feedback on Grippy workflow - Add concurrency group to cancel superseded runs - Skip job on fork PRs (secrets unavailable) - Set persist-credentials: false on checkout - Pin grippy-code-review to commit SHA - Use python -I to prevent module shadowing - Fix action version comments to match repo convention Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
1 parent 7148b81 commit d10f0dc

1 file changed

Lines changed: 46 additions & 0 deletions

File tree

Lines changed: 46 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,46 @@
1+
name: Grippy Review
2+
3+
on:
4+
pull_request:
5+
types: [opened, synchronize, reopened]
6+
7+
concurrency:
8+
group: grippy-${{ github.ref }}
9+
cancel-in-progress: true
10+
11+
permissions:
12+
contents: read
13+
pull-requests: write
14+
15+
jobs:
16+
review:
17+
name: Grippy Code Review
18+
if: github.event.pull_request.head.repo.full_name == github.repository
19+
runs-on: ubuntu-latest
20+
steps:
21+
- uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
22+
with:
23+
egress-policy: audit
24+
25+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
26+
with:
27+
persist-credentials: false
28+
29+
- uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
30+
with:
31+
python-version: '3.12'
32+
33+
- name: Install Grippy
34+
run: pip install "grippy-code-review[persistence] @ git+https://github.com/Project-Navi/grippy-code-review.git@19f078e42e7b8bee38a990ccf03236ea44ae2d71"
35+
36+
- name: Run review
37+
env:
38+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
39+
GITHUB_EVENT_PATH: ${{ github.event_path }}
40+
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
41+
GRIPPY_TRANSPORT: openai
42+
GRIPPY_MODEL_ID: gpt-4.1
43+
GRIPPY_EMBEDDING_MODEL: text-embedding-3-large
44+
GRIPPY_DATA_DIR: ./grippy-data
45+
GRIPPY_TIMEOUT: 300
46+
run: python -I -m grippy

0 commit comments

Comments
 (0)