Copilot commented on code in PR #62302:
URL: https://github.com/apache/doris/pull/62302#discussion_r3063188402
##########
.claude/skills/code-review/SKILL.md:
##########
@@ -86,6 +90,8 @@ After checking all the above items with code. Use the
remaining parts of this sk
#### 1.3.1 Concurrency and Thread Safety (Highest Priority)
+If it involves the judgment of concurrent scenarios, it is necessary to find
the starting point of concurrency and actually understand all actually possible
concurrent situations (which thread initiated what at what stage, and what
concurrent operations there will be). Due to the clear program semantics, some
functions of the same module are executed in stages, so concurrency is
definitely not present, there should be no misjudgment.
Review Comment:
This added sentence has awkward repeated wording (“actually understand all
actually possible…”), which reads like a copy/edit mistake. Please rephrase to
remove the repetition so the guideline is clear.
```suggestion
If it involves the judgment of concurrent scenarios, it is necessary to find
the starting point of concurrency and fully understand all possible concurrent
situations (which thread initiated what at what stage, and what concurrent
operations there will be). Due to the clear program semantics, some functions
of the same module are executed in stages, so concurrency is definitely not
present, there should be no misjudgment.
```
##########
.github/workflows/opencode-review.yml:
##########
@@ -1,167 +1,46 @@
name: Code Review
on:
- issue_comment:
- types: [created]
+ pull_request:
+ types: [opened, synchronize, reopened, ready_for_review]
permissions:
- pull-requests: write
- contents: read
- issues: write
+ pull-requests: read
jobs:
code-review:
runs-on: ubuntu-latest
timeout-minutes: 60
- if: >-
- github.event.issue.pull_request &&
- contains(github.event.comment.body, '/review')
steps:
Review Comment:
PR description says the main workflow (`opencode-review.yml`) “only runs
actual review when called via workflow_call”, but `opencode-review.yml` no
longer has a `workflow_call` trigger—the review execution lives in
`opencode-review-runner.yml`. Please align the PR description (or workflow
naming/triggers) so future maintainers understand which workflow is the
callable runner vs the required-check gate.
##########
.github/workflows/opencode-review.yml:
##########
@@ -1,167 +1,46 @@
name: Code Review
on:
- issue_comment:
- types: [created]
+ pull_request:
+ types: [opened, synchronize, reopened, ready_for_review]
permissions:
- pull-requests: write
- contents: read
- issues: write
+ pull-requests: read
Review Comment:
This PR removes the `Need_2_Approval` workflow, but `.asf.yaml` still lists
`Need_2_Approval` as a required status check for `master` (see `.asf.yaml:65`).
As-is, merges to `master` will be blocked because the required context can no
longer be produced. Please either keep a workflow that reports
`Need_2_Approval` or update the required contexts accordingly.
##########
.github/workflows/opencode-review-comment.yml:
##########
@@ -0,0 +1,75 @@
+name: Code Review Comment Dispatch
+
+on:
+ issue_comment:
+ types: [created]
+
+permissions:
+ actions: write
+ pull-requests: write
+ contents: read
+ issues: write
+
+jobs:
+ resolve-pr:
+ runs-on: ubuntu-latest
+ if: >-
+ github.event.issue.pull_request &&
+ contains(github.event.comment.body, '/review')
+ outputs:
Review Comment:
This workflow can be triggered by any user who comments “/review”, but it
runs with write permissions and uses inherited secrets. Please restrict
triggering to trusted actors (e.g., check
`github.event.comment.author_association` for OWNER/MEMBER/COLLABORATOR or
verify org/team membership) to avoid untrusted users invoking a secrets-bearing
workflow.
##########
.github/workflows/opencode-review-comment.yml:
##########
@@ -0,0 +1,75 @@
+name: Code Review Comment Dispatch
+
+on:
+ issue_comment:
+ types: [created]
+
+permissions:
+ actions: write
+ pull-requests: write
+ contents: read
+ issues: write
+
+jobs:
+ resolve-pr:
+ runs-on: ubuntu-latest
+ if: >-
+ github.event.issue.pull_request &&
+ contains(github.event.comment.body, '/review')
+ outputs:
+ pr_number: ${{ steps.pr.outputs.pr_number }}
+ head_sha: ${{ steps.pr.outputs.head_sha }}
+ base_sha: ${{ steps.pr.outputs.base_sha }}
+ steps:
+ - name: Get PR info
+ id: pr
+ env:
+ GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ run: |
+ PR_JSON=$(gh api repos/${{ github.repository }}/pulls/${{
github.event.issue.number }})
+ HEAD_SHA=$(echo "$PR_JSON" | jq -r '.head.sha')
+ BASE_SHA=$(echo "$PR_JSON" | jq -r '.base.sha')
+ echo "pr_number=${{ github.event.issue.number }}" >> "$GITHUB_OUTPUT"
+ echo "head_sha=$HEAD_SHA" >> "$GITHUB_OUTPUT"
+ echo "base_sha=$BASE_SHA" >> "$GITHUB_OUTPUT"
+
+ code-review:
+ needs: resolve-pr
+ if: >-
+ github.event.issue.pull_request &&
+ contains(github.event.comment.body, '/review')
+ uses: ./.github/workflows/opencode-review-runner.yml
+ secrets: inherit
+ with:
+ pr_number: ${{ needs.resolve-pr.outputs.pr_number }}
+ head_sha: ${{ needs.resolve-pr.outputs.head_sha }}
+ base_sha: ${{ needs.resolve-pr.outputs.base_sha }}
+
+ refresh-required-check:
+ needs:
+ - resolve-pr
+ - code-review
+ runs-on: ubuntu-latest
+ if: ${{ always() && needs.resolve-pr.result == 'success' &&
needs.code-review.result != 'skipped' }}
+ steps:
+ - name: Rerun pull_request Code Review workflow for current head
+ env:
+ GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ REPO: ${{ github.repository }}
+ HEAD_SHA: ${{ needs.resolve-pr.outputs.head_sha }}
+ run: |
+ RUNS_JSON=$(gh api
repos/${REPO}/actions/workflows/opencode-review.yml/runs --paginate -f
event=pull_request -f head_sha=${HEAD_SHA})
+ RUN_ID=$(printf '%s' "$RUNS_JSON" | jq -r '
+ .workflow_runs
+ | sort_by(.created_at)
+ | reverse
+ | map(select(.head_sha != null))
Review Comment:
The rerun logic relies on `gh api .../actions/workflows/.../runs` query
params `event` and especially `head_sha`. If `head_sha` is not
supported/ignored, this may select and rerun the most recent workflow run from
a different PR/commit. Safer approach: fetch recent runs and filter in `jq` by
both `.head_sha == HEAD_SHA` and `.pull_requests[].number == PR_NUMBER` (you
already have `pr_number` available) before picking the run id.
```suggestion
PR_NUMBER: ${{ needs.resolve-pr.outputs.pr_number }}
run: |
RUNS_JSON=$(gh api
repos/${REPO}/actions/workflows/opencode-review.yml/runs --paginate -f
event=pull_request)
RUN_ID=$(printf '%s' "$RUNS_JSON" | jq -r --arg head_sha
"$HEAD_SHA" --argjson pr_number "$PR_NUMBER" '
.workflow_runs
| map(
select(
.head_sha == $head_sha and
any(.pull_requests[]?; .number == $pr_number)
)
)
| sort_by(.created_at)
| reverse
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
