From 4d2221cbaa6098d9e9ef11772072c37fe6404140 Mon Sep 17 00:00:00 2001 From: Docker Agent Date: Tue, 23 Jun 2026 07:50:31 -0400 Subject: [PATCH 1/3] chore: migrate cagent-action to docker-agent-action (v2.0.0) --- .github/workflows/pr-review.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-review.yml b/.github/workflows/pr-review.yml index b7e8e297..c840c2c6 100644 --- a/.github/workflows/pr-review.yml +++ b/.github/workflows/pr-review.yml @@ -12,7 +12,7 @@ permissions: jobs: review: - uses: docker/cagent-action/.github/workflows/review-pr.yml@d98096f432f2aea5091c811852c4da804e60623a # v1.4.1 + uses: docker/docker-agent-action/.github/workflows/review-pr.yml@3c0fa9d282c3f84d08dfd70ab0a28b151d11db70 # v2.0.0 # Scoped to the job so other jobs in this workflow aren't over-permissioned permissions: contents: read # Read repository files and PR diffs From 5b112b61f227918dd9607b2f1164106ae7f582af Mon Sep 17 00:00:00 2001 From: Docker Agent Date: Tue, 23 Jun 2026 21:21:59 +0000 Subject: [PATCH 2/3] fix: add review_requested trigger, add actions:read permission --- .github/workflows/pr-review.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pr-review.yml b/.github/workflows/pr-review.yml index c840c2c6..c744b387 100644 --- a/.github/workflows/pr-review.yml +++ b/.github/workflows/pr-review.yml @@ -5,7 +5,7 @@ on: pull_request_review_comment: # Captures feedback on review comments for learning types: [created] pull_request: # Triggers auto-review on PR open (same-repo branches only; fork PRs use /review) - types: [ready_for_review, opened] + types: [ready_for_review, opened, review_requested] permissions: contents: read # Required at top-level so `issue_comment` events can read repository contents. @@ -13,10 +13,12 @@ permissions: jobs: review: uses: docker/docker-agent-action/.github/workflows/review-pr.yml@3c0fa9d282c3f84d08dfd70ab0a28b151d11db70 # v2.0.0 - # Scoped to the job so other jobs in this workflow aren't over-permissioned + # Scoped to the job so other jobs in this workflow are not over-permissioned permissions: contents: read # Read repository files and PR diffs pull-requests: write # Post review comments and approve/request changes issues: write # Create security incident issues if secrets are detected in output checks: write # (Optional) Show review progress as a check run on the PR id-token: write # Required for OIDC authentication to AWS Secrets Manager + actions: read # Required for the reusable workflow + From a0347c55e96be311f0d93c1d3b0780a5c486633d Mon Sep 17 00:00:00 2001 From: Docker Agent Date: Tue, 23 Jun 2026 23:38:20 +0000 Subject: [PATCH 3/3] chore: bump docker-agent-action to v2.0.1 --- .github/workflows/pr-review.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/pr-review.yml b/.github/workflows/pr-review.yml index c744b387..92c7650c 100644 --- a/.github/workflows/pr-review.yml +++ b/.github/workflows/pr-review.yml @@ -12,7 +12,7 @@ permissions: jobs: review: - uses: docker/docker-agent-action/.github/workflows/review-pr.yml@3c0fa9d282c3f84d08dfd70ab0a28b151d11db70 # v2.0.0 + uses: docker/docker-agent-action/.github/workflows/review-pr.yml@e96a4bb40cac114f64358621e1d08346c8eadc8c # v2.0.1 # Scoped to the job so other jobs in this workflow are not over-permissioned permissions: contents: read # Read repository files and PR diffs @@ -21,4 +21,3 @@ jobs: checks: write # (Optional) Show review progress as a check run on the PR id-token: write # Required for OIDC authentication to AWS Secrets Manager actions: read # Required for the reusable workflow -