27aa92a6e0
Build & push image / build-and-push (pull_request) Successful in 7s
The swarm reviewed PR #8 *through the reusable path itself* — proving github.event context propagates into a workflow_call reusable workflow on this act_runner (the one part the probes hadn't covered). Folded in the warranted findings: - review-reusable.yml: bump timeout_minutes default 30 -> 45 (a multi- model/slow-lens review can exceed 30); map the generic GADFLY_API_KEY secret (was missing); add an explicit permissions block; drop the dead `specialist_suite` input. - examples/reusable.yml: actor gate now also requires github.event.issue.pull_request (so an issue-comment on a plain issue doesn't waste a runner), and a note to pin @<ref> to a release tag. Graded ~70 findings (heavy clustering): the real ones above + several by-design/documented (inputs replace vars-overrides; only M1/M5 named endpoints mapped) and many false positives (IS_DRAFT pattern, GITEA_TOKEN via inherit, "empty specialists" misread — empty does default). YAML validated; Go unchanged. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Example consumer workflows
Each file here is a complete, copy-paste stub workflow. Pick the one that matches your
setup, copy it to .gitea/workflows/adversarial-review.yml in the repo you want reviewed, and
set the secrets/vars it references. Gadfly is advisory only — it never blocks a merge.
| File | Backend | Needs |
|---|---|---|
reusable.yml |
slimmest stub — calls Gadfly's reusable workflow (secrets: inherit); take the defaults or override a few inputs |
secret OLLAMA_CLOUD_API_KEY |
adversarial-review.yml |
Ollama Cloud (default) + inline notes for every provider; full self-contained stub | secret OLLAMA_CLOUD_API_KEY |
local-ollama.yml |
a local/LAN Ollama daemon | nothing (or GADFLY_BASE_URL for a remote host) |
openai-compatible.yml |
any OpenAI-compatible endpoint (local Ollama /v1, gateway, vLLM, OpenRouter…) |
GADFLY_BASE_URL (+ a key for most gateways) |
endpoint-aliases.yml |
several named backends at once (one comment each) | repo vars GADFLY_ENDPOINT_<NAME> |
claude-code.yml |
the bundled Claude Code CLI engine (claude-code/<model>) |
secret CLAUDE_CODE_OAUTH_TOKEN (or ANTHROPIC_API_KEY) |
.gadfly.yml |
per-repo specialist config (not a workflow — goes at your repo root) | — |
Common to all:
- Triggers: new/reopened/ready non-draft PR (auto),
@gadfly reviewcomment (allowed users), or manualworkflow_dispatchwith apr_number. GITEA_TOKENis provided automatically; comments post asgitea-actions.- Tested backends are the Ollama ones; OpenAI/Anthropic/Google are wired via majordomo but untested. See the repo README for the full config reference and the honest tested/untested status.
Gitea note: repo
vars/secretsare not auto-exposed as env — anything you reference via${{ vars.X }}/${{ secrets.X }}must appear in the step'senv:block (already wired in these examples).