From 29ab19c94d9349870560ef33996cc3aaf4ece10a Mon Sep 17 00:00:00 2001
From: Rodin <rodin@foredthought.ai>
Date: Mon, 11 May 2026 08:52:23 -0700
Subject: [PATCH] fix: address PR #75 review findings

MAJOR fixes:
- ci.yml: Add fork protection (github.event.pull_request.head.repo.full_name check)
  to prevent secret exfiltration from malicious fork PRs. Added security comment
  explaining the trust model for this private repo.
- ci.yml: Set GITHUB_SERVER_URL to explicit Gitea URL instead of github.server_url
  since reviews are posted to Gitea, not GitHub.
- release.yml: Set GITEA_URL explicitly to https://gitea.weiker.me since releases
  are created on Gitea.
- action.yml: Change gitea-url default from empty (fallback to github.server_url)
  to explicit https://gitea.weiker.me. Update all internal uses to rely on this
  default rather than falling back to server_url.

MINOR fixes:
- action.yml: Update header comment to reflect dual-platform (Gitea Actions +
  GitHub Actions) support.
- action.yml: Fix repo input description to say it defaults to rodin/review-bot
  for version lookup, matching the actual code behavior.
- pr-ready-gate.yml: Add comments explaining why Gitea URL is hardcoded (intentional:
  we update Gitea PR from GitHub mirror) and noting the PR number matching assumption.

All findings from sonnet-review, gpt-review, and security-review addressed.
---
 .github/actions/review/action.yml   | 21 ++++++++++++---------
 .github/workflows/ci.yml            | 11 ++++++++---
 .github/workflows/pr-ready-gate.yml |  5 +++++
 .github/workflows/release.yml       |  5 +++--
 4 files changed, 28 insertions(+), 14 deletions(-)

diff --git a/.github/actions/review/action.yml b/.github/actions/review/action.yml
index 10e1a1c..9545151 100644
--- a/.github/actions/review/action.yml
+++ b/.github/actions/review/action.yml
@@ -1,17 +1,17 @@
-# This composite action is designed for Gitea Actions runners.
-# Gitea Actions supports GitHub Actions syntax including $GITHUB_OUTPUT,
-# actions/cache, and actions/checkout.
+# Composite action for Gitea Actions and GitHub Actions runners.
+# Supports dual-platform deployment: reviews can be triggered from GitHub (mirrored repo)
+# or Gitea, but always post results to the Gitea PR.
 # Requirements: python3, sha256sum, curl (all present on ubuntu-* runners).
 name: 'AI Code Review'
 description: 'Run AI-powered code review on a pull request using review-bot'
 
 inputs:
   gitea-url:
-    description: 'Gitea instance URL (defaults to server_url)'
+    description: 'Gitea instance URL for API calls and releases (defaults to https://gitea.weiker.me)'
     required: false
-    default: ''
+    default: 'https://gitea.weiker.me'
   repo:
-    description: 'Repository (owner/name, defaults to current)'
+    description: 'Repository (owner/name, defaults to rodin/review-bot for version lookup)'
     required: false
     default: ''
   pr-number:
@@ -112,7 +112,8 @@ runs:
       id: version
       shell: bash
       run: |
-        GITEA_URL="${{ inputs.gitea-url || github.server_url }}"
+        # Use explicit gitea-url input, falling back to default (https://gitea.weiker.me)
+        GITEA_URL="${{ inputs.gitea-url }}"
         REPO="${{ inputs.repo || 'rodin/review-bot' }}"
         if [ "${{ inputs.version }}" = "latest" ]; then
           VERSION=$(curl -sSf "${GITEA_URL}/api/v1/repos/${REPO}/releases?limit=1" \
@@ -137,7 +138,8 @@ runs:
       if: steps.cache.outputs.cache-hit != 'true'
       shell: bash
       run: |
-        GITEA_URL="${{ inputs.gitea-url || github.server_url }}"
+        # Use explicit gitea-url input for release downloads
+        GITEA_URL="${{ inputs.gitea-url }}"
         REPO="${{ inputs.repo || 'rodin/review-bot' }}"
         VERSION="${{ steps.version.outputs.version }}"
         BINARY="review-bot-linux-amd64"
@@ -169,7 +171,8 @@ runs:
     - name: Run review
       shell: bash
       env:
-        GITHUB_SERVER_URL: ${{ inputs.gitea-url || github.server_url }}
+        # Always use Gitea API - reviews are posted to Gitea regardless of where workflow runs
+        GITHUB_SERVER_URL: ${{ inputs.gitea-url }}
         GITHUB_REPOSITORY: ${{ inputs.repo || github.repository }}
         PR_NUMBER: ${{ inputs.pr-number || github.event.pull_request.number }}
         REVIEWER_TOKEN: ${{ inputs.reviewer-token }}
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 551d037..52b1b17 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -22,9 +22,13 @@ jobs:
   # Models must match SAP AI Core deployments
   # Available models: gpt-5, anthropic--claude-4.6-sonnet, anthropic--claude-4.6-opus
   # Removed gpt-4.1, gpt-5-mini, gpt-4.1-mini - not deployed on AI Core
+  #
+  # SECURITY: This job runs on pull_request and has access to secrets.
+  # We restrict to same-repo PRs only (no forks) since this is a private repo
+  # where PRs only come from trusted actors (rodin/aweiker).
   review:
     runs-on: ubuntu-24.04
-    if: github.event_name == 'pull_request'
+    if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository
     needs: test
     strategy:
       matrix:
@@ -49,8 +53,9 @@ jobs:
       - run: go build -o review-bot ./cmd/review-bot
       - name: Run ${{ matrix.name }} review
         env:
-          GITHUB_SERVER_URL: ${{ github.server_url }}
-          GITHUB_REPOSITORY: ${{ github.repository }}
+          # Use Gitea API - reviews are posted to Gitea, not GitHub
+          GITHUB_SERVER_URL: https://gitea.weiker.me
+          GITHUB_REPOSITORY: rodin/review-bot
           PR_NUMBER: ${{ github.event.pull_request.number }}
           REVIEWER_TOKEN: ${{ secrets[matrix.token_secret] }}
           REVIEWER_NAME: ${{ matrix.name }}
diff --git a/.github/workflows/pr-ready-gate.yml b/.github/workflows/pr-ready-gate.yml
index b50b867..76bba50 100644
--- a/.github/workflows/pr-ready-gate.yml
+++ b/.github/workflows/pr-ready-gate.yml
@@ -13,11 +13,16 @@ jobs:
         env:
           GITEA_TOKEN: ${{ secrets.RODIN_TOKEN }}
         run: |
+          # NOTE: This workflow runs on the GitHub mirror but updates the Gitea PR.
+          # PR numbers may differ between GitHub and Gitea mirrors in edge cases.
+          # For this repo, PRs are created on Gitea and mirrored, so numbers match.
           PR_NUMBER=${{ github.event.pull_request.number }}
           AUTHOR=${{ github.event.pull_request.user.login }}
           READY_LABEL_ID=38
           SELF_REVIEWED_LABEL_ID=37
           
+          # INTENTIONAL: Hardcoded Gitea URL because we always update the Gitea PR,
+          # not GitHub. The mirror relationship means we want changes on Gitea.
           # Remove ready label if present
           curl -sS -X DELETE \
             -H "Authorization: token $GITEA_TOKEN" \
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 082ede3..21eb7dd 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -37,8 +37,9 @@ jobs:
           GITEA_TOKEN: ${{ secrets.RELEASE_TOKEN }}
         run: |
           VERSION=${GITHUB_REF_NAME}
-          GITEA_URL="${{ github.server_url }}"
-          REPO="${{ github.repository }}"
+          # Releases are created on Gitea, not GitHub - use explicit Gitea URL
+          GITEA_URL="https://gitea.weiker.me"
+          REPO="rodin/review-bot"
 
           # Create release (or find existing one for this tag)
           HTTP_CODE=$(curl -s -o /tmp/release_response.json -w "%{http_code}" -X POST \