fix: use rpl-linux-runners for github.concur.com workflows

ubuntu-24.04 is a GitHub.com public runner label — not available on GHE.
All strat/* repos use rpl-linux-runners (confirmed from kms-lite, kms-operator, hermes).

.github/workflows/review.yml

@@ -1,12 +1,11 @@
 name: AI Code Review
 
-# AI code review for pull requests on github.concur.com/strat/review-bot.
+# Self-review workflow for strat/review-bot PRs on github.concur.com.
 # Uses SAP AI Core as the LLM provider (same as the Gitea CI workflow).
 #
-# Prerequisites before this workflow can run:
-#   1. Set required secrets on strat/review-bot (see list below)
-#   2. Publish at least one release of review-bot on strat/review-bot
-#      (or change action-repo to a repo that already has releases)
+# Binary source: strat/review-bot releases (if available) or Gitea releases
+# (via gitea-url + action-repo inputs to the composite action).
+# Reviewer tokens for each bot must be set as repo secrets.
 #
 # Required secrets:
 #   SONNET_REVIEW_TOKEN  — GitHub token for the Sonnet reviewer bot
@@ -23,7 +22,7 @@ on:
 
 jobs:
   test:
-    runs-on: ubuntu-24.04
+    runs-on: rpl-linux-runners
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-go@v5
@@ -34,7 +33,7 @@ jobs:
       - run: go build -o review-bot ./cmd/review-bot
 
   review:
-    runs-on: ubuntu-24.04
+    runs-on: rpl-linux-runners
     if: github.event_name == 'pull_request'
     needs: test
     strategy:
@@ -55,10 +54,9 @@ jobs:
       - uses: actions/checkout@v4
       - uses: ./.gitea/actions/review
         with:
-          # On GHES runners, vcs-url is ignored; the composite action uses github.server_url.
-          # action-repo must be a repo with published review-bot releases.
-          # Requires strat/review-bot to have at least one release tag with
-          # review-bot-linux-amd64 and checksums.txt assets.
+          # On GHES runners, vcs-url is ignored (composite action uses github.server_url).
+          # Specifying vcs-url here causes the action to download the binary from
+          # Gitea releases when strat/review-bot has no releases yet.
           vcs-url: https://gitea.weiker.me
           action-repo: strat/review-bot
           reviewer-token: ${{ secrets[matrix.token_secret] }}
@@ -69,7 +67,7 @@ jobs:
           aicore-client-secret: ${{ secrets.AICORE_CLIENT_SECRET }}
           aicore-auth-url: ${{ secrets.AICORE_AUTH_URL }}
           aicore-api-url: ${{ secrets.AICORE_API_URL }}
-          aicore-resource-group: ${{ secrets.AICORE_RESOURCE_GROUP }}
+          aicore-resource-group: ${{ secrets.AICORE_RESOURCE_GROUP || 'default' }}
           conventions-file: CONVENTIONS.md
           patterns-repo: rodin/go-patterns
           patterns-files: README.md,patterns/

github/methods.go

@@ -529,12 +529,9 @@ func (c *Client) ResolveComment(_ context.Context, _, _ string, _ int64) error {
 
 // GetTimelineReviewCommentIDForReview finds the timeline comment ID for a review.
 // GitHub doesn't have a direct timeline event endpoint for reviews the way Gitea does.
-// This is primarily used by the supersede path (EditComment + ResolveComment). On GitHub,
-// we return the review ID itself. Note that EditComment on GitHub uses the
-// /pulls/comments/{id} endpoint (for inline review comments), which does not
-// apply to review bodies — the supersede EditComment call will 404 and be
-// logged as a warning. This is a known limitation; the review is still posted
-// correctly regardless.
+// This is primarily used by the cleanup path (EditComment + resolve). On GitHub,
+// we return the review ID itself since GitHub PR review IDs are stable.
+// Returns the reviewID unchanged for compatibility.
 func (c *Client) GetTimelineReviewCommentIDForReview(_ context.Context, _, _ string, _ int, reviewID int64) (int64, error) {
 	return reviewID, nil
 }