docs: add enterprise directory PR restriction notice #365
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: PR Review by OpenHands | |
| on: | |
| # Use pull_request_target to allow fork PRs to access secrets when triggered by maintainers | |
| # Security: This workflow runs when: | |
| # 1. A new PR is opened (non-draft), OR | |
| # 2. A draft PR is marked as ready for review, OR | |
| # 3. A maintainer adds the 'review-this' label, OR | |
| # 4. A maintainer requests openhands-agent or all-hands-bot as a reviewer | |
| # Adding labels and requesting reviewers requires write access. | |
| # The PR code is explicitly checked out for review, but secrets are only accessible | |
| # because the workflow runs in the base repository context. | |
| pull_request_target: | |
| types: [opened, ready_for_review, labeled, review_requested] | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| issues: write | |
| jobs: | |
| pr-review: | |
| # Run when one of the following conditions is met: | |
| # 1. A new non-draft PR is opened by a non-first-time contributor, OR | |
| # 2. A draft PR is converted to ready for review by a non-first-time contributor, OR | |
| # 3. 'review-this' label is added, OR | |
| # 4. openhands-agent or all-hands-bot is requested as a reviewer | |
| # Note: FIRST_TIME_CONTRIBUTOR and NONE PRs require manual trigger via label/reviewer request. | |
| if: | | |
| (github.event.action == 'opened' && github.event.pull_request.draft == false && github.event.pull_request.author_association != 'FIRST_TIME_CONTRIBUTOR' && github.event.pull_request.author_association != 'NONE') || | |
| (github.event.action == 'ready_for_review' && github.event.pull_request.author_association != 'FIRST_TIME_CONTRIBUTOR' && github.event.pull_request.author_association != 'NONE') || | |
| github.event.label.name == 'review-this' || | |
| github.event.requested_reviewer.login == 'openhands-agent' || | |
| github.event.requested_reviewer.login == 'all-hands-bot' | |
| concurrency: | |
| group: pr-review-${{ github.event.pull_request.number }} | |
| cancel-in-progress: true | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Run PR Review | |
| uses: OpenHands/extensions/plugins/pr-review@main | |
| with: | |
| llm-model: litellm_proxy/claude-sonnet-4-5-20250929 | |
| llm-base-url: https://llm-proxy.app.all-hands.dev | |
| # Review style: roasted (other option: standard) | |
| review-style: roasted | |
| llm-api-key: ${{ secrets.LLM_API_KEY }} | |
| github-token: ${{ secrets.ALLHANDS_BOT_GITHUB_PAT }} | |
| lmnr-api-key: ${{ secrets.LMNR_SKILLS_API_KEY }} |