Add label-based trigger for Gemini PR review workflow #37
Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
| @@ -2,11 +2,12 @@ name: Gemini PR Review | |||
|
|
|||
| on: | |||
| pull_request_target: | |||
| types: [opened, synchronize] | |||
| types: [opened, synchronize, labeled] | |||
|
|
|||
There was a problem hiding this comment.
Suggestion: Add a condition to only run this job when a specific label (e.g., api-review) is present on the pull request. This prevents the Gemini review from running on every PR, reducing unnecessary load. Add a comment to explain to the user what the job does.
|
|
||
| jobs: | ||
| gemini_review: | ||
| runs-on: ubuntu-latest | ||
| if: contains(github.event.pull_request.labels.*.name, 'api-review') | ||
|
|
There was a problem hiding this comment.
Suggestion: Use pull_request instead of pull_request_target. The pull_request_target event has security implications. It is designed to be used with caution, mainly when the workflow needs access to secrets or write access to the repository based on untrusted code. The standard pull_request event is usually sufficient and safer. For example: if: github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'api-review')
Trigger only when "api-review" is labeled on the PR