ci: review PR files sequentially to mitigate 403/html API failures

2026-03-30 03:33:00 +05:30
parent 392cc78933
commit eeddcafe40
1 changed files with 32 additions and 7 deletions
--- a/.gitea/workflows/codeant.yml
+++ b/.gitea/workflows/codeant.yml
@@ -96,14 +96,39 @@ jobs:

          if [ "${GITHUB_EVENT_NAME}" = "pull_request" ] && [ -n "${GITHUB_BASE_REF}" ]; then
            echo "Running PR review against base branch: ${GITHUB_BASE_REF}"
-            for attempt in 1 2 3; do
-              echo "PR review attempt $attempt/3"
-              codeant review --base "${GITHUB_BASE_REF}" --exclude "${REVIEW_EXCLUDES}" 2>&1 | tee review.txt || true
-              if ! grep -q "Unexpected token '<'" review.txt; then
-                break
+            git fetch origin "${GITHUB_BASE_REF}" --depth=1 || true
+
+            CHANGED_FILES=$(git diff --name-only "origin/${GITHUB_BASE_REF}...HEAD" | grep '^.gitea/workflows/src/' | grep -v '^.gitea/workflows/codeant.yml' || true)
+
+            if [ -z "${CHANGED_FILES}" ]; then
+              echo "No source files changed in PR scope." | tee review.txt
+              exit 0
+            fi
+
+            echo "Files to review:"
+            echo "${CHANGED_FILES}"
+
+            FAILED=0
+            : > review.txt
+            while IFS= read -r file; do
+              [ -z "$file" ] && continue
+              echo "--- Reviewing: $file ---" | tee -a review.txt
+              codeant review --base "${GITHUB_BASE_REF}" --include "$file" --exclude "${REVIEW_EXCLUDES}" 2>&1 | tee -a review.txt || true
+
+              if grep -q "Unexpected token '<'\|HTTP error 403" review.txt; then
+                FAILED=1
+                echo "Transient API failure detected for $file; continuing to next file." | tee -a review.txt
+              fi
+
+              # Pace requests to avoid backend throttling on CI runners.
+              sleep 12
+            done <<EOF
+${CHANGED_FILES}
+EOF
+
+            if [ "$FAILED" -eq 1 ]; then
+              echo "Completed with API instability; some files may be partially reviewed." | tee -a review.txt
            fi
-              sleep $((attempt * 15))
-            done
          else
            # For push to main: check if HEAD is a merge commit
            PARENTS=$(git log -1 --format="%P" HEAD | wc -w)