From bbe48c5f0f86ddfcf0d39de6124eb0dfa0a264a8 Mon Sep 17 00:00:00 2001
From: ivanmilevtues <ivanmilevtues@gmail.com>
Date: Wed, 17 Jun 2026 02:29:06 +0300
Subject: [PATCH 1/4] ci: use CodeBoarding license secret

Amp-Thread-ID: https://ampcode.com/threads/T-019ed0f0-d9f9-75da-a034-cbfda2dcd6d1
Co-authored-by: Amp <amp@ampcode.com>
---
 .github/workflows/codeboarding-sync.yml | 1 +
 .github/workflows/codeboarding.yml      | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/.github/workflows/codeboarding-sync.yml b/.github/workflows/codeboarding-sync.yml
index d12d518..93ff27f 100644
--- a/.github/workflows/codeboarding-sync.yml
+++ b/.github/workflows/codeboarding-sync.yml
@@ -37,4 +37,5 @@ jobs:
       - uses: CodeBoarding/CodeBoarding-action@v1
         with:
           mode: sync
+          license_key: ${{ secrets.CODEBOARDING_LICENSE }}
           force_full: ${{ inputs.force_full || false }}
diff --git a/.github/workflows/codeboarding.yml b/.github/workflows/codeboarding.yml
index 4522bc3..c2c775c 100644
--- a/.github/workflows/codeboarding.yml
+++ b/.github/workflows/codeboarding.yml
@@ -30,3 +30,5 @@ jobs:
        contains(fromJSON('["OWNER","MEMBER","COLLABORATOR"]'), github.event.comment.author_association))
     steps:
       - uses: CodeBoarding/CodeBoarding-action@v1
+        with:
+          license_key: ${{ secrets.CODEBOARDING_LICENSE }}

From 02ee17869d909721f9d85034b1189ae15132fb0c Mon Sep 17 00:00:00 2001
From: ivanmilevtues <ivanmilevtues@gmail.com>
Date: Wed, 17 Jun 2026 18:43:55 +0300
Subject: [PATCH 2/4] ci: use Google API key for CodeBoarding

Amp-Thread-ID: https://ampcode.com/threads/T-019ed0f0-d9f9-75da-a034-cbfda2dcd6d1
Co-authored-by: Amp <amp@ampcode.com>
---
 .github/workflows/codeboarding-sync.yml |  4 ++--
 .github/workflows/codeboarding.yml      | 15 +++++++++++++--
 2 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/codeboarding-sync.yml b/.github/workflows/codeboarding-sync.yml
index 93ff27f..533d345 100644
--- a/.github/workflows/codeboarding-sync.yml
+++ b/.github/workflows/codeboarding-sync.yml
@@ -22,7 +22,6 @@ on:
 
 permissions:
   contents: write   # commit the generated baseline + docs to the branch
-  id-token: write   # mint a GitHub OIDC token for the free hosted tier (omit if you set a key/license)
 
 concurrency:
   # Serialize against itself so a push landing mid-run can't make two commits.
@@ -37,5 +36,6 @@ jobs:
       - uses: CodeBoarding/CodeBoarding-action@v1
         with:
           mode: sync
-          license_key: ${{ secrets.CODEBOARDING_LICENSE }}
+          llm_provider: google
+          llm_api_key: ${{ secrets.GOOGLE_API_KEY }}
           force_full: ${{ inputs.force_full || false }}
diff --git a/.github/workflows/codeboarding.yml b/.github/workflows/codeboarding.yml
index c2c775c..e5e5aa2 100644
--- a/.github/workflows/codeboarding.yml
+++ b/.github/workflows/codeboarding.yml
@@ -22,13 +22,24 @@ jobs:
       contents: read        # check out the repo + read the committed baseline (no writes in review mode)
       pull-requests: write  # post the architecture-diff PR comment
       issues: write         # the /codeboarding issue_comment trigger + comment API
-      id-token: write       # mint a GitHub OIDC token for the free hosted tier (write is the only level for id-token)
     if: >
       (github.event_name == 'pull_request' && github.event.action != 'closed' && github.event.pull_request.draft == false) ||
       (github.event_name == 'issue_comment' && github.event.issue.pull_request != null &&
        startsWith(github.event.comment.body, '/codeboarding') &&
        contains(fromJSON('["OWNER","MEMBER","COLLABORATOR"]'), github.event.comment.author_association))
     steps:
+      - name: Verify Google API key secret is available
+        shell: bash
+        env:
+          GOOGLE_API_KEY: ${{ secrets.GOOGLE_API_KEY }}
+        run: |
+          if [ -z "${GOOGLE_API_KEY}" ]; then
+            echo "::error::GOOGLE_API_KEY secret is missing or empty."
+            exit 1
+          fi
+          echo "GOOGLE_API_KEY secret is present."
+
       - uses: CodeBoarding/CodeBoarding-action@v1
         with:
-          license_key: ${{ secrets.CODEBOARDING_LICENSE }}
+          llm_provider: google
+          llm_api_key: ${{ secrets.GOOGLE_API_KEY }}

From b0cb7455825cb9cb93cc9962a80a0ea1dd7cba34 Mon Sep 17 00:00:00 2001
From: ivanmilevtues <ivanmilevtues@gmail.com>
Date: Wed, 17 Jun 2026 18:44:49 +0300
Subject: [PATCH 3/4] ci: rerun CodeBoarding review on PR updates

Amp-Thread-ID: https://ampcode.com/threads/T-019ed0f0-d9f9-75da-a034-cbfda2dcd6d1
Co-authored-by: Amp <amp@ampcode.com>
---
 .github/workflows/codeboarding.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/codeboarding.yml b/.github/workflows/codeboarding.yml
index e5e5aa2..b884c31 100644
--- a/.github/workflows/codeboarding.yml
+++ b/.github/workflows/codeboarding.yml
@@ -2,7 +2,7 @@ name: CodeBoarding review
 
 on:
   pull_request:
-    types: [opened, reopened, ready_for_review, closed]
+    types: [opened, synchronize, reopened, ready_for_review, closed]
   issue_comment:
     types: [created]
 

From 1c83326714cfad70fc3f7b1d28404eca23447bbb Mon Sep 17 00:00:00 2001
From: ivanmilevtues <ivanmilevtues@gmail.com>
Date: Wed, 17 Jun 2026 19:25:49 +0300
Subject: [PATCH 4/4] test: use rebased CodeBoarding action branch

---
 .github/workflows/codeboarding-sync.yml | 2 +-
 .github/workflows/codeboarding.yml      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/codeboarding-sync.yml b/.github/workflows/codeboarding-sync.yml
index 533d345..7f2aa5f 100644
--- a/.github/workflows/codeboarding-sync.yml
+++ b/.github/workflows/codeboarding-sync.yml
@@ -33,7 +33,7 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 60
     steps:
-      - uses: CodeBoarding/CodeBoarding-action@v1
+      - uses: CodeBoarding/CodeBoarding-action@fix/review-target-baseline
         with:
           mode: sync
           llm_provider: google
diff --git a/.github/workflows/codeboarding.yml b/.github/workflows/codeboarding.yml
index b884c31..16f47a0 100644
--- a/.github/workflows/codeboarding.yml
+++ b/.github/workflows/codeboarding.yml
@@ -39,7 +39,7 @@ jobs:
           fi
           echo "GOOGLE_API_KEY secret is present."
 
-      - uses: CodeBoarding/CodeBoarding-action@v1
+      - uses: CodeBoarding/CodeBoarding-action@fix/review-target-baseline
         with:
           llm_provider: google
           llm_api_key: ${{ secrets.GOOGLE_API_KEY }}