ci: resolve latest Opus model dynamically for Claude review#278
ci: resolve latest Opus model dynamically for Claude review#278fan-zhang-sv wants to merge 1 commit into
Conversation
Query the LLM Gateway's /v1/models endpoint at job time and pick the highest-versioned clean Opus alias (e.g. claude-opus-4-6) rather than pinning to a single model string. Falls back to claude-opus-4-6 if the gateway is unreachable or returns no matches, so the workflow stays functional even when the lookup fails. This lets the reviewer pick up new Opus families (4-7, 5, etc.) without a workflow edit, while still allowing a manual bump of the fallback as a safety net. Made-with: Cursor
🟡 Heimdall Review Status
|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
| # Match only clean Opus version aliases (e.g. claude-opus-4-6), | ||
| # excluding suffixed variants like -default, [1m], #priority. | ||
| resolved=$(printf '%s' "$response" \ | ||
| | jq -r '.data[].id? // empty | select(test("^claude-opus-[0-9]+(-[0-9]+)?$"))' 2>/dev/null \ |
There was a problem hiding this comment.
The regex pattern ^claude-opus-[0-9]+(-[0-9]+)?$ only matches single-digit version components. This would fail to match versions like claude-opus-10 or claude-opus-4-10. Consider using [0-9]+ instead of [0-9] to match multi-digit version numbers:
| | jq -r '.data[].id? // empty | select(test("^claude-opus-[0-9]+(-[0-9]+)?$"))' 2>/dev/null \ | |
| | jq -r '.data[].id? // empty | select(test("^claude-opus-[0-9]+(-[0-9]+)?$"))' 2>/dev/null \ |
Review SummaryThis PR implements dynamic resolution of the latest Opus model for the Claude review workflow, replacing the hardcoded model version. The implementation is generally solid with proper error handling and fallback behavior. FindingI identified one issue with the regex pattern used to filter model names - it currently only matches single-digit version components (e.g., claude-opus-4-6) but would fail on future versions with multi-digit components (e.g., claude-opus-4-10 or claude-opus-10). I've posted an inline comment with the fix. The rest of the implementation looks correct:
Once the regex issue is addressed, this should be ready to merge. |
2 participants
Summary
--model claude-opus-4-6-defaultin the Claude Code review workflow with a dynamically resolved model/v1/modelsendpoint, filters for clean Opus aliases matchingclaude-opus-N(-M)?(excludes-default,[1m],#priority, and non-Opus families), sorts withsort -V, and picks the highestclaude-opus-4-6if the gateway is unreachable, returns a non-2xx, returns malformed JSON, or yields no matches — so the workflow stays functional under all failure modesWhy
The reviewer was pinned to a single Opus string, so picking up newer families (e.g.,
claude-opus-4-7,claude-opus-5) required a workflow edit. This makes the version tracking automatic while still letting us manually bump the safety-net fallback.Relevant context:
harden-runneregress allowlist, so no network policy changes neededBehavior
claude-opus-4-6,...-default, Sonnet, GPTclaude-opus-4-6(filters out-defaultand non-Opus)claude-opus-5-1claude-opus-5-1automaticallyclaude-opus-4-6, emits::warning::data: []claude-opus-4-6, emits::warning::Verified the
jqfilter +sort -Vpipeline locally against mock gateway responses (including multi-family, suffixed aliases, and empty cases).Test plan
::notice::Resolved latest Opus model: claude-opus-<version>lineMade with Cursor