Merged
Conversation
提交 review 任务时传 user_id,轮询时带 user_id 查询参数, 解决无 owner 任务被 403 拒绝的问题。 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
Auto Review (Round 1) — ❌ Changes Requested 第 1 轮审查:Request Changes。核心修复方向正确(传入 user_id 解决 403),但存在 1 个 Critical 问题(硬编码 user_id 可能导致跨 PR 任务泄露)和 2 个 Warning(错误处理缺失、轮询超时配置不合理)。 核心问题:硬编码 'github-actions' 作为 user_id 会让所有 PR 的审查任务共享同一个 owner,可能导致 PR A 的轮询拿到 PR B 的结果。建议改用 'github-actions-pr-{PR_NUMBER}' 或 'github-actions-{GITHUB_RUN_ID}' 确保任务隔离。
修复方案:使用 PR 号或 run ID 作为 user_id 后缀,确保任务隔离: user_id="github-actions-pr-${{ github.event.pull_request.number }}"
# 或
user_id="github-actions-${{ github.run_id }}"然后在 Python 脚本中: print(json.dumps({'task': task, 'format': 'json', 'user_id': os.environ['USER_ID']}))在轮询 URL 中同样使用该变量: curl -s "https://crew.knowlyr.com/tasks/${TASK_ID}?user_id=${USER_ID}"
建议增强错误处理: POLL_RESP=$(curl -s -w "\n%{http_code}" "https://crew.knowlyr.com/tasks/${TASK_ID}?user_id=github-actions" \
-H "Authorization: Bearer ${CREW_API_TOKEN}")
HTTP_CODE=$(echo "$POLL_RESP" | tail -n1)
if [ "$HTTP_CODE" != "200" ]; then
echo "::error::轮询失败 (HTTP $HTTP_CODE): $(echo "$POLL_RESP" | head -n-1)"
exit 1
fi
STATUS=$(echo "$POLL_RESP" | head -n-1 | python3 -c "import json,sys; print(json.load(sys.stdin).get('status','unknown'))" 2>/dev/null)
if [ "$STATUS" = "unknown" ]; then
echo "::warning::无法解析任务状态,响应: $(echo "$POLL_RESP" | head -n-1)"
fi
建议调整为: POLL_TIMEOUT=600 # 10 分钟,给复杂审查留足时间
POLL_INTERVAL=10 # 10 秒间隔,减少服务端压力或者使用指数退避策略: POLL_INTERVAL=5
while [ $POLL_ELAPSED -lt $POLL_TIMEOUT ]; do
sleep $POLL_INTERVAL
POLL_ELAPSED=$((POLL_ELAPSED + POLL_INTERVAL))
# ... 轮询逻辑 ...
POLL_INTERVAL=$((POLL_INTERVAL * 2)) # 指数退避:5s -> 10s -> 20s ...
if [ $POLL_INTERVAL -gt 30 ]; then POLL_INTERVAL=30; fi # 最大 30s
done
env:
CREW_USER_ID: github-actions-pr-${{ github.event.pull_request.number }}然后在脚本中引用 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
user_id: github-actions,使任务有 owner?user_id=github-actions查询参数,解决 403 拒绝Root Cause
auto-review 提交 review 任务时没传 user_id,导致任务无 owner,轮询
/tasks/{task_id}时被 403 拒绝。