Skip to content

Update tenet-pr-review.yml #111

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
S3DFX-CYBER wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Update tenet-pr-review.yml #111

Changes from 2 commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
98b9a96
Update tenet-pr-review.yml
S3DFX-CYBER Jun 5, 2026
b89669a
Update tenet-pr-review.yml
S3DFX-CYBER Jun 5, 2026
927e40e
Update .github/workflows/tenet-pr-review.yml
S3DFX-CYBER Jun 5, 2026
8009c3c
Merge branch 'main' into S3DFX-CYBER-patch-6
S3DFX-CYBER Jun 7, 2026
98c85e0
Merge branch 'main' into S3DFX-CYBER-patch-6
S3DFX-CYBER Jun 10, 2026
6a85340
Merge branch 'main' into S3DFX-CYBER-patch-6
S3DFX-CYBER Jun 13, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 17 additions & 13 deletions .github/workflows/tenet-pr-review.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
name: 🤖 TENET Agent - PR Review

on:
pull_request:
pull_request_target:
types: [opened, synchronize, reopened]

permissions:
Expand All @@ -13,38 +13,42 @@ jobs:
tenet-review:
name: TENET Security Review
runs-on: ubuntu-latest
# Skip bot-created PRs to avoid loops
if: |
github.actor != 'github-actions[bot]' &&
github.actor != 'coderabbitai[bot]'
if: github.event.pull_request.user.login != 'github-actions[bot]' && github.event.pull_request.user.login != 'coderabbitai[bot]'

# SECURITY: Do NOT add `ref: github.event.pull_request.head.sha` here.
# pull_request_target runs with repository secrets.
# Checking out fork code could expose secrets.
# TENET reads PR diffs through the GitHub API using HEAD_SHA.

steps:
- name: Checkout repository
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2
with:
fetch-depth: 0
Comment thread
coderabbitai[bot] marked this conversation as resolved.
Comment thread
S3DFX-CYBER marked this conversation as resolved.

- name: Set up Python
uses: actions/setup-python@v6
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 #v6.2.0
with:
python-version: "3.11"
cache: "pip"
cache-dependency-path: .github/tenet_agent/requirements.txt
cache-dependency-path: agent/tenet_agent/requirements.txt
Comment thread
coderabbitai[bot] marked this conversation as resolved.

- name: Install TENET agent dependencies
run: pip install -r .github/tenet_agent/requirements.txt
run: pip install -r agent/tenet_agent/requirements.txt
Comment thread
S3DFX-CYBER marked this conversation as resolved.

- name: Check TENET_AI_KEY is configured
id: key_check
run: |
if [ -z "$TENET_AI_KEY" ]; then
echo "⚠️ TENET_AI_KEY is not set — skipping review."
echo "Add it under Settings → Secrets and variables → Actions."
exit 0
echo "has_key=false" >> "$GITHUB_OUTPUT"
else
echo "has_key=true" >> "$GITHUB_OUTPUT"
fi
env:
TENET_AI_KEY: ${{ secrets.TENET_AI_KEY }}

- name: Run TENET PR Review
if: steps.key_check.outputs.has_key == 'true'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
TENET_AI_KEY: ${{ secrets.TENET_AI_KEY }}
Expand All @@ -57,4 +61,4 @@ jobs:
HEAD_SHA: ${{ github.event.pull_request.head.sha }}
run: |
cd .github/tenet_agent

@cubic-dev-ai cubic-dev-ai Bot Jun 5, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1: This path change is inconsistent with earlier workflow steps, which still use agent/tenet_agent; the review job will fail before execution due to invalid dependency paths.

Prompt for AI agents 
Check if this issue is valid — if so, understand the root cause and fix it. At .github/workflows/tenet-pr-review.yml, line 63:

<comment>This path change is inconsistent with earlier workflow steps, which still use `agent/tenet_agent`; the review job will fail before execution due to invalid dependency paths.</comment>

<file context>
@@ -60,5 +60,5 @@ jobs:
           HEAD_SHA: ${{ github.event.pull_request.head.sha }}
         run: |
-          cd agent/tenet_agent
+          cd .github/tenet_agent
           python tenet_review.py
\ No newline at end of file
</file context>
Fix with cubic

python tenet_review.py
python tenet_review.py
Loading