Add OpenMetrics exporter (with QUIC stats) #265
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Codex auto review | |
| on: | |
| pull_request_target: | |
| types: [opened, reopened, synchronize] | |
| jobs: | |
| codex: | |
| # Only run Codex for PRs authored by allowed users | |
| if: | | |
| github.event.pull_request.user.login == 'EmelyanenkoK' || | |
| github.event.pull_request.user.login == 'tolya-yanot' || | |
| github.event.pull_request.user.login == 'SpyCheese' || | |
| github.event.pull_request.user.login == 'neodix42' || | |
| github.event.pull_request.user.login == 'dungeon-master-666' || | |
| github.event.pull_request.user.login == 'igroman787' || | |
| github.event.pull_request.user.login == 'kdimentionaltree' || | |
| github.event.pull_request.user.login == 'sonofmom' || | |
| github.event.pull_request.user.login == 'Trinketer22' || | |
| github.event.pull_request.user.login == 'xssnick' || | |
| github.event.pull_request.user.login == 'tolk-vm' || | |
| github.event.pull_request.user.login == 'DanShaders' || | |
| github.event.pull_request.user.login == 'birydrad' || | |
| github.event.pull_request.user.login == 'abacabadabacaba' || | |
| github.event.pull_request.user.login == 'Mustang98' || | |
| github.event.pull_request.user.login == 'avevad' || | |
| github.event.pull_request.user.login == 'tvorogme' || | |
| github.event.pull_request.user.login == 'krigga' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| outputs: | |
| final_message: ${{ steps.run_codex.outputs['final-message'] }} | |
| steps: | |
| # 1. Checkout the trusted base commit | |
| - name: Checkout base branch (trusted) | |
| uses: actions/checkout@v5 | |
| with: | |
| ref: ${{ github.event.pull_request.base.sha }} | |
| fetch-depth: 0 | |
| persist-credentials: false | |
| # 2. Fetch PR head as a separate local branch, without checking it out | |
| - name: Fetch PR head | |
| run: | | |
| git fetch origin \ | |
| pull/${{ github.event.pull_request.number }}/head:pr-${{ github.event.pull_request.number }} | |
| # Optional diagnostics | |
| - name: Show diff summary | |
| run: | | |
| git diff --stat \ | |
| ${{ github.event.pull_request.base.sha }}...pr-${{ github.event.pull_request.number }} | |
| # 3. Run Codex safely | |
| - name: Run Codex | |
| id: run_codex | |
| uses: openai/codex-action@02e7b2943818fbac9f077c3d1249a198ab358352 | |
| with: | |
| # IMPORTANT: this is safe only because: | |
| # - workflow file lives in base repo (attacker cannot change it) | |
| # - we do not run arbitrary PR code, only git commands | |
| openai-api-key: ${{ secrets.OPENAI_API_KEY }} | |
| prompt: | | |
| This is PR #${{ github.event.pull_request.number }} for ${{ github.repository }}. | |
| Review ONLY the changes introduced by this PR. | |
| Diff range: | |
| ${{ github.event.pull_request.base.sha }}...pr-${{ github.event.pull_request.number }} | |
| Pull request title and body: | |
| ---- | |
| ${{ github.event.pull_request.title }} | |
| ${{ github.event.pull_request.body }} | |
| post_feedback: | |
| runs-on: ubuntu-latest | |
| needs: codex | |
| if: needs.codex.outputs.final_message != '' | |
| permissions: | |
| issues: write | |
| pull-requests: write | |
| steps: | |
| - name: Report Codex feedback | |
| uses: actions/github-script@v7 | |
| env: | |
| CODEX_FINAL_MESSAGE: ${{ needs.codex.outputs.final_message }} | |
| with: | |
| github-token: ${{ github.token }} | |
| script: | | |
| await github.rest.issues.createComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: context.payload.pull_request.number, | |
| body: process.env.CODEX_FINAL_MESSAGE, | |
| }); |