From 825e9e93133cfc8b0d987b785a31ec580a5feea4 Mon Sep 17 00:00:00 2001 From: syntaxsdev Date: Wed, 18 Mar 2026 11:29:51 -0400 Subject: [PATCH 1/6] ci: pull review gha --- .github/workflows/pull-reviews.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 .github/workflows/pull-reviews.yml diff --git a/.github/workflows/pull-reviews.yml b/.github/workflows/pull-reviews.yml new file mode 100644 index 000000000..434c27382 --- /dev/null +++ b/.github/workflows/pull-reviews.yml @@ -0,0 +1,18 @@ +name: Video Review + +on: + pull_request: + types: [opened, synchronize] + +jobs: + preel: + uses: ambient-code/pull-reviews/.github/workflows/review.yml@main + secrets: + OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + S3_ENDPOINT: ${{ secrets.S3_ENDPOINT }} + S3_ACCESS_KEY_ID: ${{ secrets.S3_ACCESS_KEY_ID }} + S3_SECRET_ACCESS_KEY: ${{ secrets.S3_SECRET_ACCESS_KEY }} + CDN_BASE_URL: ${{ secrets.CDN_BASE_URL }} + with: + s3_bucket: pull-reviews From 78bb8af45bb667a54666095c386e45d2bf74dc72 Mon Sep 17 00:00:00 2001 From: syntaxsdev Date: Wed, 18 Mar 2026 11:39:54 -0400 Subject: [PATCH 2/6] ci: fix --- .github/workflows/pull-reviews.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pull-reviews.yml b/.github/workflows/pull-reviews.yml index 434c27382..47390f9d8 100644 --- a/.github/workflows/pull-reviews.yml +++ b/.github/workflows/pull-reviews.yml @@ -7,6 +7,8 @@ on: jobs: preel: uses: ambient-code/pull-reviews/.github/workflows/review.yml@main + with: + s3_bucket: pull-reviews secrets: OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} @@ -14,5 +16,3 @@ jobs: S3_ACCESS_KEY_ID: ${{ secrets.S3_ACCESS_KEY_ID }} S3_SECRET_ACCESS_KEY: ${{ secrets.S3_SECRET_ACCESS_KEY }} CDN_BASE_URL: ${{ secrets.CDN_BASE_URL }} - with: - s3_bucket: pull-reviews From bfa5573f6cac785f3c44ce725665686baa33870c Mon Sep 17 00:00:00 2001 From: syntaxsdev Date: Wed, 18 Mar 2026 11:42:01 -0400 Subject: [PATCH 3/6] ci: add perms to action --- .github/workflows/pull-reviews.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/pull-reviews.yml b/.github/workflows/pull-reviews.yml index 47390f9d8..10df93f87 100644 --- a/.github/workflows/pull-reviews.yml +++ b/.github/workflows/pull-reviews.yml @@ -4,6 +4,10 @@ on: pull_request: types: [opened, synchronize] +permissions: + contents: read + pull-requests: write + jobs: preel: uses: ambient-code/pull-reviews/.github/workflows/review.yml@main From 5e7af873d0e05f4c5fb393354d2278f7a634333a Mon Sep 17 00:00:00 2001 From: syntaxsdev Date: Thu, 19 Mar 2026 13:04:18 -0400 Subject: [PATCH 4/6] feat: use gcp WIF --- .github/workflows/pull-reviews.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pull-reviews.yml b/.github/workflows/pull-reviews.yml index 10df93f87..b5fa97d77 100644 --- a/.github/workflows/pull-reviews.yml +++ b/.github/workflows/pull-reviews.yml @@ -7,15 +7,17 @@ on: permissions: contents: read pull-requests: write + id-token: write jobs: preel: uses: ambient-code/pull-reviews/.github/workflows/review.yml@main with: s3_bucket: pull-reviews + gcp_project_id: ambient-code-platform + gcp_region: us-east5 + gcp_workload_identity_provider: projects/888214980327/locations/global/workloadIdentityPools/github/providers/ambient-code-github-actions secrets: - OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} - ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} S3_ENDPOINT: ${{ secrets.S3_ENDPOINT }} S3_ACCESS_KEY_ID: ${{ secrets.S3_ACCESS_KEY_ID }} S3_SECRET_ACCESS_KEY: ${{ secrets.S3_SECRET_ACCESS_KEY }} From ee6309966ef4e996611ae6dd49ef47d5cf07a899 Mon Sep 17 00:00:00 2001 From: syntaxsdev Date: Fri, 20 Mar 2026 14:38:11 -0400 Subject: [PATCH 5/6] ci: trigger pull-reviews From c94d9717b1c76606c3ca5bef40bb03be5ec98a8b Mon Sep 17 00:00:00 2001 From: syntaxsdev Date: Fri, 20 Mar 2026 14:38:21 -0400 Subject: [PATCH 6/6] ci: trigger pull-reviews