fix: exclude self lgtm.toml from ending up in docker file (#78)

scastlara · web-flow · commit 3e1e9d74e339 · 2025-08-12T16:09:58.000+02:00
diff --git a/.dockerignore b/.dockerignore
@@ -40,6 +40,9 @@ tests/
 # Poetry files you don't need in container (optional)
 poetry.lock  # If you're using only pyproject.toml
 
+# Configuration files (users provide their own)
+lgtm.toml
+
 # Docker files
 Dockerfile
 .dockerignore
diff --git a/.github/workflows/lgtm.yml b/.github/workflows/lgtm.yml
@@ -5,14 +5,16 @@ on:
     types: [created]
 
 jobs:
-  lgtm-review:
+  check-permission:
     if: |
       github.event.issue.pull_request &&
       startsWith(github.event.comment.body, '/lgtm review')
     runs-on: ubuntu-latest
+    outputs:
+      has-permission: ${{ steps.check.outputs.has-permission }}
     steps:
       - name: Check if commenter has write access
-        id: check-permission
+        id: check
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
@@ -22,28 +24,27 @@ jobs:
             https://api.github.com/repos/$REPO/collaborators/$USER/permission \
             | jq -r '.permission')
 
-
           if [[ "$PERMISSION" == "admin" || "$PERMISSION" == "maintain" || "$PERMISSION" == "write" ]]; then
-            echo "HAS_PERMISSION=true" >> $GITHUB_ENV
+            echo "has-permission=true" >> $GITHUB_OUTPUT
           else
-            echo "HAS_PERMISSION=false" >> $GITHUB_ENV
+            echo "has-permission=false" >> $GITHUB_OUTPUT
           fi
 
-      - name: Fail if unauthorized
-        if: env.HAS_PERMISSION == 'false'
-        run: |
-          echo "User ${{ github.event.comment.user.login }} is not authorized to trigger this workflow."
-          exit 1
-
+  lgtm-review:
+    needs: check-permission
+    if: needs.check-permission.outputs.has-permission == 'true'
+    runs-on: ubuntu-latest
+    container:
+      image: elementsinteractive/lgtm-ai
+    steps:
       - name: Checkout PR code
         uses: actions/checkout@v4
         with:
           ref: refs/pull/${{ github.event.issue.number }}/merge
 
       - name: Run LGTM Review
         run: |
-          docker run --rm elementsinteractive/lgtm-ai \
-          review \
+          lgtm review \
           --pr-url "https://github.com/${{ github.repository }}/pull/${{ github.event.issue.number }}" \
           --git-api-key "${{ secrets.GITHUB_TOKEN }}" \
           --ai-api-key "${{ secrets.AI_API_TOKEN }}" \
