feat(reusable): ship the curated swarm as the default config consumers inherit (#10)
Build & push image / build-and-push (push) Successful in 8s

This commit was merged in pull request #10.
This commit is contained in:
2026-06-28 02:23:40 +00:00
parent 20a5c431f2
commit b02b11d691
6 changed files with 64 additions and 40 deletions
+14 -7
View File
@@ -5,7 +5,12 @@
# workflow, which holds the image pin + all the env plumbing. You only declare
# the triggers, the comment-trigger actor gate, and any overrides you want.
#
# Needs: secret OLLAMA_CLOUD_API_KEY (the default Ollama Cloud provider).
# The reusable ships a DEFAULT swarm: 3 cloud models + the Claude Code engine
# (sonnet/opus/opus:max), 5-lens suite. That default needs BOTH
# OLLAMA_CLOUD_API_KEY and CLAUDE_CODE_OAUTH_TOKEN. This example overrides
# `models:` to a cloud-only set so it works with just OLLAMA_CLOUD_API_KEY —
# delete that override (and forward the Claude token) to inherit the full default.
#
# Forward ONLY the secrets the reviewer uses (least privilege) — see the
# `secrets:` block below. GITEA_TOKEN is automatic. `secrets: inherit` also works
# but hands the reusable EVERY secret in your repo (registry/deploy/db creds the
@@ -13,9 +18,8 @@
# Gadfly commit (not @main) so a push there can't change what runs with your
# secrets.
#
# Prefer this when you're happy with the defaults. For custom named endpoints
# (GADFLY_ENDPOINT_<NAME>) or a provider the reusable doesn't map, use the full
# stub in adversarial-review.yml instead.
# For custom named endpoints (GADFLY_ENDPOINT_<NAME>) or a provider the reusable
# doesn't map, use the full stub in adversarial-review.yml instead.
name: Adversarial Review (Gadfly)
@@ -56,7 +60,10 @@ jobs:
# GADFLY_FINDINGS_URL: ${{ secrets.GADFLY_FINDINGS_URL }}
# GADFLY_FINDINGS_TOKEN: ${{ secrets.GADFLY_FINDINGS_TOKEN }}
with:
# All optional — omit to take Gadfly's defaults. Examples:
# models: "qwen3-coder:480b-cloud,gpt-oss:120b-cloud"
# specialists: "security,correctness,error-handling"
# Cloud-only override so this works with just OLLAMA_CLOUD_API_KEY. Delete
# this line (and forward CLAUDE_CODE_OAUTH_TOKEN above) to inherit the full
# default swarm (3 cloud + Claude Code sonnet/opus/opus:max, 5 lenses).
models: "minimax-m3:cloud,glm-5.2:cloud,deepseek-v4-pro:cloud"
# Other inputs inherit the default (5-lens suite, concurrency, 90-min cap);
# override any of them here (specialists, provider, base_url, timeout_secs…).
allowed_users: "your-username"