claude-code-api/.github/workflows/opencode-review-manual.yml at main · codingworkflow/claude-code-api · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
name: OpenCode Manual PR Review

on:
  workflow_dispatch:
    inputs:
      pr_number:
        description: Pull request number to review
        required: true
        type: number
      model:
        description: Single OpenCode model in provider/model format (used when models is empty)
        required: false
        default: zai-coding-plan/glm-4.7
        type: string
      models:
        description: Optional comma or newline separated model list (overrides model)
        required: false
        default: ""
        type: string
      max_parallel:
        description: Maximum parallel model reviews
        required: true
        default: 1
        type: number
      force_review:
        description: Run review even when the PR is below default size thresholds
        required: false
        default: false
        type: boolean

permissions:
  contents: read
  pull-requests: write # zizmor: ignore[excessive-permissions] required for reusable review workflow
  issues: write # zizmor: ignore[excessive-permissions] required for reusable review workflow
  id-token: write # zizmor: ignore[excessive-permissions] required for Azure OIDC login

jobs:
  opencode-review:
    uses: codingworkflow/codingworkflow-security-policies/.github/workflows/reusable-opencode-review.yml@55070d1bc124fbe46d9a8edbc8d536826d4e15ed
    with:
      pr_number: ${{ fromJSON(format('{0}', inputs.pr_number)) }}
      force_review: ${{ fromJSON(format('{0}', inputs.force_review)) }}
      model: ${{ inputs.model }}
      models: ${{ inputs.models }}
      max_parallel: ${{ fromJSON(format('{0}', inputs.max_parallel)) }}
      allowed_actors: ${{ vars.ALLOWED_ACTORS }}
      azure_client_id: ${{ vars.AZURE_CLIENT_ID }}
      azure_tenant_id: ${{ vars.AZURE_TENANT_ID }}
      azure_subscription_id: ${{ vars.AZURE_SUBSCRIPTION_ID }}
      azure_key_vault_name: ${{ vars.AZURE_KEYVAULT_NAME || vars.AZURE_KEY_VAULT_NAME }}
      zhipu_secret_name: ${{ vars.OPENCODE_ZHIPU_API_KEY_SECRET_NAME || 'zhipu-api-key' }}
      min_changed_files: 5
      min_total_changes: 20