actions/checkout@v5 stores credentials in $RUNNER_TEMP which is not
mounted into the Docker container. Instead of requiring a pre-fetch
step in the workflow, we now inject the token into the remote URL
so git operations work inside the container.
Workflow no longer needs the 'Fetch base branch' pre-step.
The Docker container has no git auth credentials. Instead of trying
to fetch (which silently fails), first check if origin/main already
exists from a workflow pre-step. Only fall back to fetching if no
refs are found, with a clear error message telling users to add a
pre-fetch step.
actions/checkout for PRs only fetches refs/pull/N/head into FETCH_HEAD.
Remote tracking branches (origin/main) don't exist.
Fix: explicit refspec fetch (refs/heads/main:refs/remotes/origin/main)
with fallback to GITEA_BASE_REF / GITHUB_BASE_REF for the target branch.
Also removed --filter=blob:none which could cause empty diffs.
Added diagnostic logging for base ref and file stats.
Pi doesn't log tool calls to stderr in print mode. Instead, we save
the session (.jsonl) and parse it to extract every tool_use entry
showing which files were read, grep patterns used, etc.
When debug: true, the review comment includes a collapsible section
showing which files the agent read, grep patterns used, etc.
Also prints agent log on failure for easier troubleshooting.
Reusable Gitea/GitHub action that runs Pi coding agent for
AI-powered code reviews on pull requests.
- Docker image based on node:24-slim (112 packages)
- Supports built-in providers (zai, anthropic, openai, deepseek, openrouter)
and custom OpenAI-compatible endpoints
- Generates git diff (excludes lockfiles/generated code by default)
- Posts review as idempotent PR comment (updates existing on re-run)
- Read-only tools only: agent investigates but never modifies code
- 80KB default diff truncation to stay within LLM context windows
- No curl/python3 dependency — uses Node.js for HTTP and JSON
