ci: also relock enterprise/poetry.lock in version-bump PR workflow #4814
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: PR Review by OpenHands | |
| on: | |
| # Use pull_request for same-repo PRs so workflow changes can self-verify in PRs. | |
| pull_request: | |
| types: [opened, ready_for_review, labeled, review_requested] | |
| # Use pull_request_target for fork PRs. | |
| # The bot token used here is intentionally scoped to PR review operations, | |
| # so the remaining blast radius is bounded even though PR content is untrusted. | |
| pull_request_target: | |
| types: [opened, ready_for_review, labeled, review_requested] | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| issues: write | |
| jobs: | |
| pr-review: | |
| # Run on same-repo PRs via pull_request and on fork PRs via pull_request_target. | |
| # Trigger when one of the following conditions is met: | |
| # 1. A new non-draft PR is opened by a non-first-time contributor, OR | |
| # 2. A draft PR is converted to ready for review by a non-first-time contributor, OR | |
| # 3. The 'review-this' label is added, OR | |
| # 4. openhands-agent or all-hands-bot is requested as a reviewer | |
| # Note: FIRST_TIME_CONTRIBUTOR and NONE PRs require manual trigger via label/reviewer request. | |
| if: | | |
| ( | |
| ( | |
| github.event_name == 'pull_request' && | |
| github.event.pull_request.head.repo.full_name == github.repository | |
| ) || | |
| ( | |
| github.event_name == 'pull_request_target' && | |
| github.event.pull_request.head.repo.full_name != github.repository | |
| ) | |
| ) && | |
| ( | |
| (github.event.action == 'opened' && github.event.pull_request.draft == false && github.event.pull_request.author_association != 'FIRST_TIME_CONTRIBUTOR' && github.event.pull_request.author_association != 'NONE') || | |
| (github.event.action == 'ready_for_review' && github.event.pull_request.author_association != 'FIRST_TIME_CONTRIBUTOR' && github.event.pull_request.author_association != 'NONE') || | |
| (github.event.action == 'labeled' && github.event.label.name == 'review-this') || | |
| ( | |
| github.event.action == 'review_requested' && | |
| ( | |
| github.event.requested_reviewer.login == 'openhands-agent' || | |
| github.event.requested_reviewer.login == 'all-hands-bot' | |
| ) | |
| ) | |
| ) | |
| concurrency: | |
| group: pr-review-${{ github.event.pull_request.number }} | |
| cancel-in-progress: true | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Run PR Review | |
| uses: OpenHands/extensions/plugins/pr-review@main | |
| with: | |
| llm-model: litellm_proxy/claude-sonnet-4-5-20250929 | |
| llm-base-url: https://llm-proxy.app.all-hands.dev | |
| # Enable experimental sub-agent delegation for file-level reviews | |
| use-sub-agents: 'true' | |
| llm-api-key: ${{ secrets.LLM_API_KEY }} | |
| github-token: ${{ secrets.OPENHANDS_BOT_GITHUB_PAT_PUBLIC || github.token }} | |
| lmnr-api-key: ${{ secrets.LMNR_SKILLS_API_KEY }} |