rodin/review-bot
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity
Files
1b472cc6b4691cc77aa05dec653988f5cb25df49
review-bot/.github/workflows/review.yml
T
Rodin 1b472cc6b4 feat(ci): add GitHub Actions workflow for strat/review-bot PRs 
Adds .github/workflows/review.yml to run AI code review on PRs using
SAP AI Core. Three reviewers: sonnet, gpt, security (same as Gitea CI).

Uses the .gitea/actions/review composite action which auto-detects
GitHub vs Gitea runners via GITHUB_API_URL and uses GitHub REST API
accordingly. action-repo points to strat/review-bot for binary downloads.

Required secrets: SONNET_REVIEW_TOKEN, GPT_REVIEW_TOKEN, AICORE_*
2026-05-14 20:15:38 +00:00

76 lines
2.8 KiB
YAML
Raw Blame History

name: AI Code Review
# Self-review workflow for strat/review-bot PRs on github.concur.com.
# Uses SAP AI Core as the LLM provider (same as the Gitea CI workflow).
#
# Binary source: strat/review-bot releases (if available) or Gitea releases
# (via gitea-url + action-repo inputs to the composite action).
# Reviewer tokens for each bot must be set as repo secrets.
#
# Required secrets:
# SONNET_REVIEW_TOKEN — GitHub token for the Sonnet reviewer bot
# GPT_REVIEW_TOKEN — GitHub token for the GPT reviewer bot
# AICORE_CLIENT_ID — SAP AI Core OAuth client ID
# AICORE_CLIENT_SECRET — SAP AI Core OAuth client secret
# AICORE_AUTH_URL — SAP AI Core OAuth token endpoint
# AICORE_API_URL — SAP AI Core inference API URL
# AICORE_RESOURCE_GROUP — SAP AI Core resource group (optional, default: default)
on:
pull_request:
types: [opened, synchronize]
jobs:
test:
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: '1.26'
- run: go test ./...
- run: go vet ./...
- run: go build -o review-bot ./cmd/review-bot
review:
runs-on: ubuntu-24.04
if: github.event_name == 'pull_request'
needs: test
strategy:
fail-fast: false
matrix:
include:
- name: sonnet
token_secret: SONNET_REVIEW_TOKEN
model: anthropic--claude-4.6-sonnet
- name: gpt
token_secret: GPT_REVIEW_TOKEN
model: gpt-5
- name: security
token_secret: GPT_REVIEW_TOKEN
model: gpt-5
system_prompt_file: SECURITY_REVIEW.md
steps:
- uses: actions/checkout@v4
- uses: ./.gitea/actions/review
with:
# On GHES runners, vcs-url is ignored (composite action uses github.server_url).
# Specifying gitea-url here causes the action to download the binary from
# Gitea releases when strat/review-bot has no releases yet.
vcs-url: https://gitea.weiker.me
action-repo: strat/review-bot
reviewer-token: ${{ secrets[matrix.token_secret] }}
reviewer-name: ${{ matrix.name }}
llm-provider: aicore
llm-model: ${{ matrix.model }}
aicore-client-id: ${{ secrets.AICORE_CLIENT_ID }}
aicore-client-secret: ${{ secrets.AICORE_CLIENT_SECRET }}
aicore-auth-url: ${{ secrets.AICORE_AUTH_URL }}
aicore-api-url: ${{ secrets.AICORE_API_URL }}
aicore-resource-group: ${{ secrets.AICORE_RESOURCE_GROUP || 'default' }}
conventions-file: CONVENTIONS.md
patterns-repo: rodin/go-patterns
patterns-files: README.md,patterns/
llm-timeout: "600"
system-prompt-file: ${{ matrix.system_prompt_file || '' }}
Reference in New Issue View Git Blame Copy Permalink