sarman/tftsr-devops_investigation
1
0
Fork 0
Code Issues 1 Pull Requests Actions 34 Packages Projects 3 Releases 9 Wiki Activity
1a4c6df6c9
tftsr-devops_investigation/.gitea/workflows
History
Shaun Arman 1a4c6df6c9 fix: harden pr-review workflow — URLs, DNS, correctness and reliability 
Security:
- Replace http://172.0.0.29:3000 git remote with https://gogs.tftsr.com
- Replace http://172.0.0.29:3000 Gitea API URL with https://gogs.tftsr.com
- Remove internal 172.0.0.29 from container DNS (keep 8.8.8.8, 1.1.1.1)
- Move PR_TITLE and PR_NUMBER to env vars to prevent shell injection

Correctness:
- Fix diff_size comparison from lexicographic > '0' to != '0'
- Strip leading whitespace from wc -l output via tr -d ' '
- Switch diff truncation from head -c 20000 to head -n 500 (line-safe)
- Add jq empty validation before parsing Ollama response

Reliability:
- Add --connect-timeout 30 and --retry 3 --retry-delay 5 to Ollama curl
- Add --connect-timeout 10 to review POST curl
- Change Post review comment to if: always() so it runs on analysis failure
- Post explicit failure comment when analysis produces no output
2026-04-12 17:40:12 -05:00
..
auto-tag.yml fix(ci): remove all Ollama bundle download steps — use UI download button instead 2026-04-05 20:53:57 -05:00
build-images.yml fix(ci): remove explicit docker.sock mount — act_runner mounts it automatically 2026-04-05 21:18:11 -05:00
pr-review.yml fix: harden pr-review workflow — URLs, DNS, correctness and reliability 2026-04-12 17:40:12 -05:00
test.yml fix: force single test thread for Rust tests to eliminate race conditions 2026-04-09 10:43:45 -05:00