b860119332
Fixes the large-PR token burn: a ~250K-token diff was re-sent every agent step across models × lenses × passes, draining a metered usage block in minutes. Small PRs are untouched (every mitigation is size-gated / no-op under threshold). - Re-platform the in-process review path onto executus run.Executor: context compaction (executus/compact, threshold from the model's real context window via executus/model), run-bounding, a per-PR budget gate (Ports.Budget), and the wrap-up nudge re-expressed as a run.Critic. Lens fan-out now uses executus/fanout. gadfly keeps its own model.go, so GADFLY_ENDPOINT_<NAME> aliases and the claude-code engine are unaffected. No majordomo bump; the binary stays static (executus core is majordomo+stdlib only). - Paginate get_diff (per-file `path` + start_line/limit) instead of dumping the whole diff; trim the recheck diff embed (60k -> 20k chars). - entrypoint.sh: downshift the fleet above GADFLY_HUGE_DIFF_BYTES (one cheap model, fewer lenses/steps, no recheck) + a swarm-wide GADFLY_PR_BUDGET_SECS wall-clock backstop (adds procps for pkill). All advisory; CI never fails. - README + CLAUDE.md + tests updated. Note: run.Result exposes no transcript, so the old transcript-based forced- finalization fallback is dropped; the wrap-up critic nudge is the remaining "always emit something" mechanism. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
41 lines
1.9 KiB
Docker
41 lines
1.9 KiB
Docker
# syntax=docker/dockerfile:1
|
|
#
|
|
# Multi-stage so the private-module credentials (used to fetch the majordomo
|
|
# dependency) live ONLY in the build stage via BuildKit secrets and never land
|
|
# in the final image. Mirrors mort's Dockerfile secret idiom.
|
|
|
|
FROM golang:1.26 AS build
|
|
ARG GIT_HOST=gitea.stevedudenhoeffer.com
|
|
ENV CGO_ENABLED=0 \
|
|
GOFLAGS=-mod=mod \
|
|
GOSUMDB=off \
|
|
GOTOOLCHAIN=auto
|
|
ENV GOPRIVATE=${GIT_HOST}/* GONOSUMDB=${GIT_HOST}/*
|
|
WORKDIR /src
|
|
COPY go.mod go.sum ./
|
|
RUN --mount=type=secret,id=REGISTRY_USER \
|
|
--mount=type=secret,id=REGISTRY_PASSWORD \
|
|
--mount=type=cache,target=/go/pkg/mod \
|
|
git config --global url."https://$(cat /run/secrets/REGISTRY_USER):$(cat /run/secrets/REGISTRY_PASSWORD)@${GIT_HOST}/".insteadOf "https://${GIT_HOST}/" \
|
|
&& go mod download
|
|
COPY . .
|
|
RUN --mount=type=cache,target=/go/pkg/mod \
|
|
--mount=type=cache,target=/root/.cache/go-build \
|
|
go build -trimpath -ldflags="-s -w" -o /out/gadfly ./cmd/gadfly
|
|
|
|
FROM alpine:3.20
|
|
# procps provides pkill/pgrep, which entrypoint.sh's per-PR wall-clock backstop
|
|
# (GADFLY_PR_BUDGET_SECS) uses to stop the review subtrees — busybox's applets
|
|
# are not guaranteed to include them.
|
|
RUN apk add --no-cache bash git curl jq ca-certificates nodejs npm procps
|
|
# Bundle the Claude Code CLI so the `claude-code` review engine works out of the
|
|
# box (GADFLY_MODELS=claude-code or claude-code/<model>). This adds Node + the
|
|
# CLI to the image (notably larger); ollama-only users pay the size but nothing
|
|
# else. Auth is provided at runtime via CLAUDE_CODE_OAUTH_TOKEN / ANTHROPIC_API_KEY.
|
|
RUN npm install -g @anthropic-ai/claude-code && npm cache clean --force
|
|
COPY --from=build /out/gadfly /usr/local/bin/gadfly
|
|
COPY scripts /app/scripts
|
|
COPY entrypoint.sh /entrypoint.sh
|
|
RUN chmod +x /entrypoint.sh /app/scripts/run.sh /app/scripts/status-board.sh /usr/local/bin/gadfly
|
|
ENTRYPOINT ["/entrypoint.sh"]
|