Add label-based trigger for Gemini PR review workflow#37
Add label-based trigger for Gemini PR review workflow#37richabanker merged 1 commit intorichabanker:hackathonfrom
Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
| pull_request_target: | ||
| types: [opened, synchronize] | ||
| types: [opened, synchronize, labeled] | ||
|
|
There was a problem hiding this comment.
Suggestion: Add a condition to only run this job when a specific label (e.g., api-review) is present on the pull request. This prevents the Gemini review from running on every PR, reducing unnecessary load. Add a comment to explain to the user what the job does.
| gemini_review: | ||
| runs-on: ubuntu-latest | ||
| if: contains(github.event.pull_request.labels.*.name, 'api-review') | ||
|
|
There was a problem hiding this comment.
Suggestion: Use pull_request instead of pull_request_target. The pull_request_target event has security implications. It is designed to be used with caution, mainly when the workflow needs access to secrets or write access to the repository based on untrusted code. The standard pull_request event is usually sufficient and safer. For example: if: github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'api-review')
2 participants
Trigger only when "api-review" is labeled on the PR