sam_oneal/pulumi-docker-build
1
0
Fork 0
Code Actions Packages Releases Wiki Activity

Update GitHub Actions workflows. (#851)

Browse Source 
This PR was triggered by @t0yv0 generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[daf8aba035d6ed8919db6089c780f56cb7fefc69](daf8aba035).

Co-authored-by: Pulumi Bot <bot@pulumi.com>
This commit is contained in:
pulumi-provider-automation[bot]
2026-05-12 06:35:37 +00:00
committed by GitHub
parent d8c7696758
commit 9048892848
13 changed files with 2760 additions and 2443 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
.github/workflows/shared/plugins/code-review/code-review.md vendored
View File

@@ -9,8 +9,10 @@ Provide a code review for the given pull request.
- Only call a tool if it is required to complete the task. Every tool call should have a clear purpose.
- Use GitHub MCP tools for repository reads. Do not use `gh` CLI commands for repository inspection or for posting review output.
- Use the workflow PR number as the authoritative target.
- Review output must be terse and issue-focused. Do not praise the PR, narrate checks that passed, explain why code is correct, or offer "good change" commentary.
- Use only gh-aw safe outputs for review side effects:
- `create-pull-request-review-comment` for actionable inline findings on changed lines
- `resolve-pull-request-review-thread` for unresolved bot-authored review threads that are now fixed or clearly acknowledged
- `submit-pull-request-review` for the final review decision
- `noop` when no action should be taken
- Use cache-memory only for short-lived continuity and deduplication hints. Treat live PR state and current review threads as the source of truth.
@@ -55,10 +57,11 @@ Note: Do not skip solely because prior automated review comments exist. Use prio
- The main behavioral changes in the diff
- Any obvious risk areas worth checking carefully
6. Fetch existing review comments on the PR before preparing any new findings. Use them to identify:
6. Fetch existing review comments and review threads on the PR before preparing any new findings. Use them to identify:
- Similar issues already flagged
- Threads where a human already acknowledged the feedback
- Comments on code that has changed since the earlier review and may now be stale
- Unresolved bot-authored review threads that may now be fixed or obsolete
7. Launch 4 review subagents in parallel. Each agent should return a list of candidate issues, where each issue includes:
- A concise description
@@ -109,9 +112,24 @@ Note: Do not skip solely because prior automated review comments exist. Use prio
- Findings that are not on changed lines or cannot be tied to a changed hunk
- Findings that only came from cache-memory and are not confirmed by the current PR state
Also create a separate internal list of review threads to resolve. A thread is eligible for resolution only when all of the following are true:
- The thread is currently unresolved
- The thread was started by this automation or another bot, not by a human reviewer
- The underlying issue is fixed in the latest diff, outdated, or explicitly acknowledged by a human as intentionally left as-is
- You have high confidence that resolving it will not hide an outstanding real issue
Never resolve human-authored review threads. When uncertain, leave the thread unresolved.
11. Classify the remaining issues:
- `Blocking`: correctness, security, regression, data loss, or clear required-rule violations
- `Non-blocking`: actionable but not merge-blocking concerns
- `Non-blocking`: actionable but not merge-blocking concerns that are still worth interrupting the author for now
Drop any candidate that is merely:
- praise
- reassurance
- a follow-up idea
- a readability suggestion with no concrete risk
- an observation that does not require author action
12. Produce a short internal summary of findings for yourself:
- If issues remain, list the highest-signal ones first
@@ -119,8 +137,9 @@ Note: Do not skip solely because prior automated review comments exist. Use prio
13. If no actionable issues remain, submit exactly one final review with `submit-pull-request-review`:
- Use `APPROVE`
- Briefly state that no issues were found after checking for bugs and `CLAUDE.md` compliance
- Use one short sentence only, such as `No actionable issues found.`
- Do not create inline comments
- Do not include praise, summaries of what was checked, or correctness narration
- Before stopping, write a compact review memory file for this PR containing:
- review timestamp
- PR number
@@ -131,21 +150,33 @@ Note: Do not skip solely because prior automated review comments exist. Use prio
14. If actionable issues remain, choose the highest-signal unique issues up to the safe-output comment limit. Create a list of planned inline comments for yourself before posting anything.
Prefer zero comments over low-signal comments. Non-blocking comments should be rare.
15. Post one inline comment per chosen issue using `create-pull-request-review-comment`. For each comment:
- Provide a brief description of the issue
- Explain why it matters
- Reference the exact changed line
- Cite the relevant `CLAUDE.md` rule when applicable
- Keep the comment concise and actionable
- Do not post comments that merely suggest optional follow-up cleanup or extra documentation
- Do not post comments whose conclusion is that the code is acceptable as-is
- Do not post duplicate comments for the same issue
16. Submit exactly one final review using `submit-pull-request-review`:
16. Resolve eligible stale review threads using `resolve-pull-request-review-thread` before submitting the final review.
- Resolve only threads from your internal resolution list
- Resolve only bot-authored threads
- Do not add explanatory comments when resolving
- If no threads qualify, do nothing
17. Submit exactly one final review using `submit-pull-request-review`:
- Use `REQUEST_CHANGES` when at least one blocking issue remains
- Use `APPROVE` otherwise, including when only non-blocking inline comments were left
- Do not use `COMMENT` as the final review state
- Keep the summary short and aligned with the issues you posted
- Keep the summary to one or two short sentences
- Do not restate inline comments in the final review; point readers to the inline comments instead
- Do not include praise, correctness checklists, or "overall LGTM" framing unless there are zero inline comments and you are using the exact terse approval style above
17. After the final review is submitted, update the PR-specific cache-memory file with a compact record of this review. Store only short-lived operational state such as:
18. After the final review is submitted, update the PR-specific cache-memory file with a compact record of this review. Store only short-lived operational state such as:
- review timestamp
- PR number
- files reviewed
@@ -163,12 +194,16 @@ Use this list when evaluating issues in Steps 4 and 5 (these are false positives
- General code quality concerns (e.g., lack of test coverage, general security issues) unless explicitly required in CLAUDE.md
- Issues mentioned in CLAUDE.md but explicitly silenced in the code (e.g., via a lint ignore comment)
- Differences that exist only in files classified as generated by `.gitattributes`, unless they expose a real issue in the source workflow, prompt, or other source-of-truth file
- Explanations that a change is good, correct, well-structured, or acceptable as-is
- Non-blocking observations that do not require the author to change anything now
- Requests for extra comments or documentation unless their absence creates a concrete correctness risk
Notes:
- Use GitHub tools for all repository reads. Do not use web fetch.
- Always operate on the workflow PR target rather than guessing from local git state.
- Inline comments should only be created for actionable issues on changed lines.
- If you leave inline comments, the final review should not repeat them.
- Cache-memory is best-effort and may be missing or stale. Use it to improve continuity, never to override current repository state.
- When linking to code in an inline comment, use a full GitHub blob URL with a full SHA and a line range, for example: https://github.com/anthropics/claude-code/blob/c21d3c10bc8e898b7ac1a2d745bdc9bc4e423afe/package.json#L10-L15
- Requires full git sha