Lead — Review #207
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Lead — Review | |
| on: | |
| pull_request: | |
| types: [opened, synchronize, reopened] | |
| paths: | |
| - 'examples/**' | |
| schedule: | |
| - cron: '37 */4 * * *' # Fallback sweep every 4h (event-driven for new PRs) | |
| workflow_dispatch: | |
| inputs: | |
| pr_number: | |
| description: 'PR number to review' | |
| required: false | |
| concurrency: | |
| group: lead-review-${{ github.event.pull_request.number || inputs.pr_number || 'sweep' }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| issues: write | |
| jobs: | |
| review: | |
| if: > | |
| github.event_name == 'schedule' || | |
| github.event_name == 'workflow_dispatch' || | |
| startsWith(github.event.pull_request.title, '[Example]') || | |
| startsWith(github.event.pull_request.title, '[Fix]') || | |
| contains(github.event.pull_request.labels.*.name, 'type:example') || | |
| contains(github.event.pull_request.labels.*.name, 'type:fix') | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20' | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.11' | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: '1.22' | |
| - name: Configure git | |
| run: | | |
| git config user.name "examples-bot" | |
| git config user.email "noreply@deepgram.com" | |
| - name: Check actor is a team member | |
| id: auth | |
| if: github.event_name == 'pull_request' | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| ACTOR="${{ github.actor }}" | |
| # Bots are always allowed — they act on behalf of the system | |
| if [[ "$ACTOR" == *"[bot]"* ]] || [[ "$ACTOR" == "github-actions" ]]; then | |
| echo "allowed=true" >> $GITHUB_OUTPUT; exit 0 | |
| fi | |
| IS_ORG_MEMBER=false | |
| if gh api "orgs/deepgram/members/${ACTOR}" -i 2>/dev/null | head -1 | grep -q "204"; then | |
| IS_ORG_MEMBER=true | |
| fi | |
| PERM=$(gh api "repos/${{ github.repository }}/collaborators/${ACTOR}/permission" \ | |
| --jq '.permission' 2>/dev/null || echo "none") | |
| if [[ "$IS_ORG_MEMBER" == "true" || "$PERM" == "write" || "$PERM" == "maintain" || "$PERM" == "admin" ]]; then | |
| echo "allowed=true" >> $GITHUB_OUTPUT | |
| else | |
| echo "allowed=false" >> $GITHUB_OUTPUT | |
| echo "Actor $ACTOR not a Deepgram org member or repo collaborator — silently exiting" | |
| fi | |
| - name: Get date | |
| id: date | |
| run: echo "date=$(date -u +%Y-%m-%d)" >> $GITHUB_OUTPUT | |
| - name: Fetch latest Deepgram SDK versions | |
| id: sdk | |
| run: | | |
| latest() { curl -sf "https://api.github.com/repos/deepgram/$1/releases/latest" | jq -r '.tag_name // "unknown"'; } | |
| echo "python=$(latest deepgram-python-sdk)" >> $GITHUB_OUTPUT | |
| echo "js=$(latest deepgram-js-sdk)" >> $GITHUB_OUTPUT | |
| echo "go=$(latest deepgram-go-sdk)" >> $GITHUB_OUTPUT | |
| echo "java=$(latest deepgram-java-sdk)" >> $GITHUB_OUTPUT | |
| echo "rust=$(latest deepgram-rust-sdk)" >> $GITHUB_OUTPUT | |
| echo "dotnet=$(latest deepgram-dotnet-sdk)" >> $GITHUB_OUTPUT | |
| echo "cli=$(latest cli)" >> $GITHUB_OUTPUT | |
| cat $GITHUB_OUTPUT | grep -E "^(python|js|go|java|rust|dotnet|cli)=" | |
| - name: Run instruction | |
| if: steps.auth.outputs.allowed != 'false' | |
| uses: anthropics/claude-code-action@beta | |
| with: | |
| anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| mode: agent | |
| model: claude-opus-4-6 | |
| allowed_tools: "Bash,Read,Glob,Grep" | |
| timeout_minutes: 30 | |
| direct_prompt: | | |
| Read and execute instructions/lead-review.md. | |
| Context: | |
| - PR_NUMBER: ${{ github.event.pull_request.number || inputs.pr_number }} | |
| - Today's date: ${{ steps.date.outputs.date }} | |
| - Repository: ${{ github.repository }} | |
| - Trigger: ${{ github.event_name }} | |
| REQUIRED SDK versions — flag any PR that uses an older version: | |
| - Python: deepgram-sdk==${{ steps.sdk.outputs.python }} | |
| - JavaScript: @deepgram/sdk@${{ steps.sdk.outputs.js }} | |
| - Go: ${{ steps.sdk.outputs.go }} | |
| - Java: ${{ steps.sdk.outputs.java }} | |
| - Rust: ${{ steps.sdk.outputs.rust }} | |
| - .NET: ${{ steps.sdk.outputs.dotnet }} | |
| - CLI: ${{ steps.sdk.outputs.cli }} | |
| env: | |
| KAPA_API_KEY: ${{ secrets.KAPA_API_KEY }} | |
| KAPA_PROJECT_ID: ${{ vars.KAPA_PROJECT_ID }} | |
| DEEPGRAM_API_KEY: ${{ secrets.DEEPGRAM_API_KEY }} | |
| TWILIO_ACCOUNT_SID: ${{ secrets.TWILIO_ACCOUNT_SID }} | |
| TWILIO_AUTH_TOKEN: ${{ secrets.TWILIO_AUTH_TOKEN }} | |
| TWILIO_PHONE_NUMBER: ${{ secrets.TWILIO_PHONE_NUMBER }} | |
| LIVEKIT_URL: ${{ secrets.LIVEKIT_URL }} | |
| LIVEKIT_API_KEY: ${{ secrets.LIVEKIT_API_KEY }} | |
| LIVEKIT_API_SECRET: ${{ secrets.LIVEKIT_API_SECRET }} | |
| OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} | |
| DISCORD_BOT_TOKEN: ${{ secrets.DISCORD_BOT_TOKEN }} | |
| DISCORD_CLIENT_ID: ${{ secrets.DISCORD_CLIENT_ID }} | |
| VONAGE_APPLICATION_ID: ${{ secrets.VONAGE_APPLICATION_ID }} | |
| VONAGE_PRIVATE_KEY: ${{ secrets.VONAGE_PRIVATE_KEY }} | |
| DAILY_API_KEY: ${{ secrets.DAILY_API_KEY }} | |
| PIPECAT_API_KEY: ${{ secrets.PIPECAT_API_KEY }} | |
| SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} | |
| SLACK_APP_TOKEN: ${{ secrets.SLACK_APP_TOKEN }} | |
| TELEGRAM_BOT_TOKEN: ${{ secrets.TELEGRAM_BOT_TOKEN }} | |
| ZOOM_ACCOUNT_ID: ${{ secrets.ZOOM_ACCOUNT_ID }} | |
| ZOOM_CLIENT_ID: ${{ secrets.ZOOM_CLIENT_ID }} | |
| ZOOM_CLIENT_SECRET: ${{ secrets.ZOOM_CLIENT_SECRET }} | |
| ZOOM_WEBHOOK_SECRET_TOKEN: ${{ secrets.ZOOM_WEBHOOK_SECRET_TOKEN }} |