82f7ef78d5
Build & push image / build-and-push (push) Successful in 10s
Phase 2: bump majordomo to latest and wire its new llamaswap provider into gadfly's endpoint switches; add claude-code/sonnet to gadfly's own dogfood swarm (pin :sha-86f12c1, map CLAUDE_CODE_OAUTH_TOKEN) so the Phase-1 engine runs as a live competitor; document the Ollama-through-CC ANTHROPIC_BASE_URL proxy path as example-only. The 11-model swarm (incl. claude-code/sonnet) reviewed it; 52 findings graded via the MCP. Folded in the two real ones: a llamaswap endpointProvider test (caught by claude-code/sonnet, citing CLAUDE.md) and adding "openai-compatible" to the provider error messages (gpt-oss). gofmt clean, go vet quiet, go build + go test -race green. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Co-authored-by: Steve Dudenhoeffer <steve@stevedudenhoeffer.com> Co-committed-by: Steve Dudenhoeffer <steve@stevedudenhoeffer.com>
79 lines
3.6 KiB
YAML
79 lines
3.6 KiB
YAML
# Gadfly reviewing via the Claude Code CLI engine.
|
|
# Copy to .gitea/workflows/adversarial-review.yml in your repo.
|
|
#
|
|
# Instead of a majordomo model, each lens shells out to the bundled `claude` CLI
|
|
# inside the checked-out repo (it uses its own Read/Grep/Glob tools to verify
|
|
# findings), then Gadfly runs its usual verdict + recheck + consolidate pipeline.
|
|
#
|
|
# Auth: a Pro/Max subscription token from `claude setup-token` (no --bare),
|
|
# stored as the CLAUDE_CODE_OAUTH_TOKEN secret. Falls back to ANTHROPIC_API_KEY
|
|
# if you'd rather pay per-token — set only ONE.
|
|
#
|
|
# Heads-up: this engine is wired but not yet validated end-to-end here, and using
|
|
# subscription auth in automated CI is a gray area in Anthropic's terms — read
|
|
# the README's "Claude Code engine" note before relying on it.
|
|
|
|
name: Adversarial Review (Gadfly)
|
|
|
|
on:
|
|
pull_request:
|
|
types: [opened, reopened, ready_for_review]
|
|
issue_comment:
|
|
types: [created]
|
|
workflow_dispatch:
|
|
inputs:
|
|
pr_number: { description: "PR number to review", required: true }
|
|
|
|
permissions:
|
|
contents: read
|
|
issues: write
|
|
pull-requests: write
|
|
|
|
concurrency:
|
|
group: gadfly-${{ github.event.issue.number || github.event.pull_request.number || github.event.inputs.pr_number }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
review:
|
|
# Security: only trusted users may trigger a secret-bearing run via a PR
|
|
# comment. Replace the username(s) below with your maintainers — keep them in
|
|
# sync with GADFLY_ALLOWED_USERS (the in-container belt-and-suspenders check).
|
|
if: >-
|
|
github.event_name != 'issue_comment'
|
|
|| github.actor == 'your-username'
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 30
|
|
steps:
|
|
- uses: docker://gitea.stevedudenhoeffer.com/steve/gadfly:latest
|
|
env:
|
|
GITEA_API: ${{ github.server_url }}/api/v1/repos/${{ github.repository }}
|
|
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
|
|
# --- Claude Code engine ---
|
|
# Pro/Max subscription token (preferred). Or set ANTHROPIC_API_KEY
|
|
# instead for per-token billing — but never both.
|
|
CLAUDE_CODE_OAUTH_TOKEN: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
|
|
# ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
|
|
# bare "claude-code" uses the CLI default model; "claude-code/<model>"
|
|
# sets --model (sonnet/opus/haiku, or a full id). One comment per entry.
|
|
GADFLY_MODELS: "claude-code/sonnet"
|
|
# Optional CLI tuning (defaults are read-only-safe):
|
|
# GADFLY_CLAUDE_PERMISSION_MODE: plan # read-only; never edits
|
|
# GADFLY_CLAUDE_ALLOWED_TOOLS: "Read,Grep,Glob"
|
|
# GADFLY_CLAUDE_EXTRA_ARGS: "--max-turns 30"
|
|
# Alternate backend (EXAMPLE ONLY, not validated): point Claude Code at
|
|
# an Anthropic-API-compatible proxy (e.g. claude-code-router / LiteLLM in
|
|
# front of Ollama) to run Ollama models THROUGH the CC harness. The
|
|
# subprocess env forwards ANTHROPIC_*, so just set these instead of the
|
|
# token above. Tool-use support depends on the proxy/backend.
|
|
# ANTHROPIC_BASE_URL: ${{ vars.ANTHROPIC_BASE_URL }}
|
|
# ANTHROPIC_AUTH_TOKEN: ${{ secrets.ANTHROPIC_AUTH_TOKEN }}
|
|
GADFLY_ALLOWED_USERS: "your-username"
|
|
# --- event context (leave as-is) ---
|
|
EVENT_NAME: ${{ github.event_name }}
|
|
PR: ${{ github.event.pull_request.number || github.event.issue.number || github.event.inputs.pr_number }}
|
|
PR_BRANCH: ${{ github.head_ref }}
|
|
IS_DRAFT: ${{ github.event.pull_request.draft }}
|
|
COMMENT_BODY: ${{ github.event.comment.body }}
|
|
COMMENT_ID: ${{ github.event.comment.id }}
|
|
ACTOR: ${{ github.actor }}
|