feat: add code-review task (initial commit) (testing) #21103
Conversation
This comment was marked as duplicate.
This comment was marked as duplicate.
Sorry, something went wrong.
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
DevelopmentCats
left a comment
There was a problem hiding this comment.
🔍 Code Review
This PR adds a GitHub Actions workflow for AI-powered code reviews using Coder Tasks. The workflow triggers on the "code-review" label and creates a task that analyzes PRs and posts inline suggestions.
Found: 0 issues
✅ Looks good - The workflow follows existing patterns from doc-check.yaml, includes proper error handling with set -euo pipefail, validates inputs appropriately, and uses correct security practices. The implementation is consistent with the codebase standards.
AI review via Coder Tasks
DevelopmentCats
left a comment
There was a problem hiding this comment.
🔍 Code Review
Reviewed the workflow for production-breaking bugs, security issues, and logic errors.
Found: 0 critical issues
The workflow follows good practices:
- ✅ Proper input validation (line 79)
- ✅ Error handling with
set -euo pipefail(line 62) - ✅ Proper variable quoting throughout
- ✅ Timeout protection (30 minutes)
- ✅ Scoped GitHub permissions (read contents, write PRs)
- ✅ Conditional logic properly handles both event types
Minor observations (not blocking):
- The
grep -oPon line 90 works fine on GitHub Actions runners but could be replaced withsedfor maximum portability - The workflow intentionally gives the AI task GitHub access via external-auth, which is the expected behavior for code review
AI review - no production-breaking issues found
…le feedback and improve clarity
DevelopmentCats
left a comment
There was a problem hiding this comment.
🔍 Code Review
Reviewed GitHub Actions workflow for AI code review.
Found 2 issues (1 portability nitpick, 1 missing error handling) - see inline suggestions for fixes.
AI review via Coder Tasks
.github/workflows/code-review.yaml
Outdated
| echo "pr_url=${ISSUE_URL}" >> "${GITHUB_OUTPUT}" | ||
|
|
||
| # Extract PR number from URL | ||
| PR_NUMBER=$(echo "${INPUTS_PR_URL}" | grep -oP '(?<=pull/)\d+') |
There was a problem hiding this comment.
Issue: [NITPICK] grep -oP uses Perl regex which is GNU-specific. While it works on GitHub Actions (Ubuntu), sed is more portable across all Unix systems.
This matches the portability pattern mentioned in the workflow's own examples (lines 221-226).
| PR_NUMBER=$(echo "${INPUTS_PR_URL}" | grep -oP '(?<=pull/)\d+') | |
| PR_NUMBER=$(echo "${INPUTS_PR_URL}" | sed -n 's|.*/pull/\([0-9]*\)$|\1|p') |
| run: | | ||
| echo "owner=${REPO_OWNER}" >> "${GITHUB_OUTPUT}" | ||
| echo "repo=${REPO_NAME}" >> "${GITHUB_OUTPUT}" |
There was a problem hiding this comment.
Issue: Missing error handling with set -euo pipefail at the start of this script block.
The "Determine PR Context" step (line 62) has proper error handling, but this "Extract repository info" step doesn't. If REPO_OWNER or REPO_NAME are empty, the workflow would continue with empty values rather than failing fast.
Impact: Silent failures could lead to malformed task prompts or API calls.
| run: | | |
| echo "owner=${REPO_OWNER}" >> "${GITHUB_OUTPUT}" | |
| echo "repo=${REPO_NAME}" >> "${GITHUB_OUTPUT}" | |
| run: | | |
| set -euo pipefail | |
| echo "owner=${REPO_OWNER}" >> "${GITHUB_OUTPUT}" | |
| echo "repo=${REPO_NAME}" >> "${GITHUB_OUTPUT}" |
… false positives and clarify feedback examples
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
… set -u and its limitations on empty strings
DevelopmentCats
left a comment
There was a problem hiding this comment.
🔍 Code Review
Reviewed GitHub Actions workflow for AI code review.
Found 1 issue (1 portability nitpick) - see inline suggestion for fix.
The workflow follows good patterns from doc-check.yaml with proper error handling, validation, and permissions. The only issue is using GNU-specific grep syntax.
AI review via Coder Tasks
…link for AI-generated summaries
… retrieval and review.json structure
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
…lines and actionable examples
DevelopmentCats
left a comment
There was a problem hiding this comment.
🔍 Code Review
Reviewed GitHub Actions workflow for code review automation.
✅ Looks good - no production issues found.
This workflow improves upon the existing doc-check.yaml pattern by:
- Including proper URL validation for workflow_dispatch inputs (lines 78-83)
- Using portable
sedinstead of GNU-specificgrep -oPfor URL parsing (line 90) - Including
set -euo pipefailfor proper error handling (line 62)
The workflow correctly handles secrets, validates inputs, and follows GitHub Actions security best practices.
AI review via Coder Tasks
No description provided.