Skip to content

fix(ci): gate comment-triggered AI workflows on author association (#748)#828

Merged
frankbria merged 1 commit into
mainfrom
fix/748-gate-ai-workflows-author-association
Jul 7, 2026
Merged

fix(ci): gate comment-triggered AI workflows on author association (#748)#828
frankbria merged 1 commit into
mainfrom
fix/748-gate-ai-workflows-author-association

Conversation

@frankbria

Copy link
Copy Markdown
Owner

Closes #748

Problem

opencode.yml (/oc, /opencode) and claude.yml (@claude) triggered on issue_comment / review / issues events with no author_association restriction, spending ZHIPU_API_KEY / CLAUDE_CODE_OAUTH_TOKEN. On a public repo, any external commenter could drain paid AI credits. The /oc match was also a loose substring.

Fix

Both jobs now gate on author_association ∈ {OWNER, MEMBER, COLLABORATOR} via contains(fromJSON('["OWNER","MEMBER","COLLABORATOR"]'), …).

  • claude.yml — the association is read from the correct object for each of the four event branches:
    • issue_comment / pull_request_review_commentgithub.event.comment.author_association
    • pull_request_reviewgithub.event.review.author_association
    • issuesgithub.event.issue.author_association
  • opencode.yml — association gate on github.event.comment.author_association, and the loose /oc / /opencode contains substrings are dropped; only startsWith('/oc') / startsWith('/opencode') prefix matches remain, so a command must begin the comment.

Acceptance criteria

  • Jobs gate on author_association ∈ {OWNER, MEMBER, COLLABORATOR}
  • The /oc match is tightened to a prefix

Verification

  • Both files parse as valid YAML (pyyaml).
  • Cross-family review (opencode/GLM-4.7) confirmed correct per-event object mapping, fromJSON array + contains logic, boolean precedence, and prefix tightening — no blocking issues.
  • Boolean logic walk-through below.

Boolean truth-table (per event)

Actor association @claude//oc present Job runs?
OWNER/MEMBER/COLLABORATOR yes ✅ yes
CONTRIBUTOR/NONE/FIRST_TIMER yes 🚫 no (credit drain blocked)
any no 🚫 no

Known limitations

  • GitHub Actions if: expression semantics can't be executed locally, so the gate is verified by static reasoning + cross-family review + YAML validity rather than a runtime unit test. A true end-to-end check requires a non-member comment against the live workflow, which isn't reproducible in CI.
  • startsWith('/oc') still matches a hypothetical /ocean … prefix; treating the command as an exact token isn't expressible in GHA's expression language without regex. The credit-drain threat is fully closed by the association gate regardless.

)

Comment-triggered AI workflows spent paid credits (ZHIPU_API_KEY,
CLAUDE_CODE_OAUTH_TOKEN) for any commenter, since neither job gated on
author_association. External users could drain credits at will.

- opencode.yml + claude.yml: gate on author_association in
  {OWNER, MEMBER, COLLABORATOR}, read from the correct event object
  per trigger (comment/review/issue).
- opencode.yml: drop the loose ' /oc'/' /opencode' substring matches;
  keep only startsWith prefix matches so the command must begin the
  comment.

Closes #748
@coderabbitai

coderabbitai Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

Warning

Review limit reached

You’ve reached a temporary PR review limit under our Fair Usage Limits Policy.

Your recent review volume is higher than typical usage, so adaptive limits are currently applied.

Next review available in: 54 minutes

Your organization has reached its usage spending cap. Adjust your spending cap in the billing tab.

How can I continue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews.

How do review limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please refer docs for additional details.

Review details
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: aa9ee31d-d94a-420d-bd82-ca38977a0b4e

📥 Commits

Reviewing files that changed from the base of the PR and between 0b9a962 and 67120cd.

📒 Files selected for processing (2)
  • .github/workflows/claude.yml
  • .github/workflows/opencode.yml
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/748-gate-ai-workflows-author-association

Comment @coderabbitai help to get the list of available commands.

@frankbria

Copy link
Copy Markdown
Owner Author

Cross-family review (opencode / GLM-4.7) — clean

No blocking issues.
All author_association checks use the correct event objects: issue_comment/pull_request_review_commentgithub.event.comment, pull_request_reviewgithub.event.review, issuesgithub.event.issue. fromJSON() array + contains() logic correct; boolean precedence properly grouped; /oc prefix tightening via startsWith() appropriate.

Gate behavior demo (outcome evidence)

A line-for-line Python mirror of both if: conditions was evaluated against representative event payloads — all 12 assertions pass:

  • AC1 (association gate): MEMBER/OWNER/COLLABORATOR → job runs; NONE / CONTRIBUTOR / FIRST_TIME_CONTRIBUTOR → blocked, verified across all four event objects (comment / review / issue).
  • AC2 (prefix tightening): mid-comment please run /oc nowno longer triggers; /opencode prefix preserved; external actor with valid prefix still blocked (association wins).

@opencode-agent

opencode-agent Bot commented Jul 7, 2026

Copy link
Copy Markdown

remote: Duplicate header: "Authorization"
fatal: unable to access 'https://github.com/frankbria/codeframe/': The requested URL returned error: 400

opencode session  |  github run

@frankbria frankbria merged commit a563f4f into main Jul 7, 2026
10 checks passed
@frankbria frankbria deleted the fix/748-gate-ai-workflows-author-association branch July 7, 2026 04:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[P1.21] Gate comment-triggered AI workflows on author association (any user can spend paid credits)

1 participant