mirror of
https://github.com/Mail-0/Zero.git
synced 2026-06-28 14:56:48 +00:00
9f7803f025
# Add automated PR review with ampcode integration
## Summary
This PR introduces a new GitHub Action workflow that automatically reviews pull requests using the Ampcode AI service. When a non-draft PR is opened or updated, the workflow:
- Spins up a containerized Ubuntu environment with Node.js
- Installs the Ampcode CLI (`@sourcegraph/amp`)
- Analyzes changed files in the PR using AI-powered code review
- Posts structured review comments directly on the PR
- Implements scalable matrix strategy for handling multiple concurrent PRs
- Includes proper cleanup and error handling
The workflow is designed to provide immediate, AI-powered feedback on code quality, potential bugs, security issues, and best practices while being scalable to handle multiple PRs simultaneously.
## Review & Testing Checklist for Human
- [ ] **Configure AMPCODE_API_KEY secret** - The workflow requires this secret to be set up in GitHub repository settings before it can function
- [ ] **Test end-to-end with a real PR** - Create a test PR to verify the workflow triggers correctly, ampcode CLI works, and comments are posted as expected
- [ ] **Verify ampcode CLI authentication** - Ensure the API key works with the `@sourcegraph/amp` package and ampcode service
- [ ] **Check GitHub API integration** - Confirm that the JSON formatting for PR comments is correct and doesn't cause API errors
- [ ] **Validate workflow triggers and scaling** - Test that the concurrency controls work properly and multiple PRs can be processed simultaneously
---
### Diagram
```mermaid
%%{ init : { "theme" : "default" }}%%
graph TD
subgraph "GitHub Actions Workflows"
WorkflowNew[".github/workflows/<br/>ampcode-pr-review.yml"]:::major-edit
WorkflowCI[".github/workflows/<br/>ci.yml"]:::context
WorkflowSync[".github/workflows/<br/>sync-production.yml"]:::context
end
subgraph "External Services"
Ampcode["Ampcode AI Service<br/>(ampcode.com)"]:::context
GitHubAPI["GitHub API<br/>(PR Comments)"]:::context
end
subgraph "Secrets & Config"
AmpcodeKey["AMPCODE_API_KEY<br/>(Repository Secret)"]:::context
GitHubToken["GITHUB_TOKEN<br/>(Built-in)"]:::context
end
WorkflowNew -->|"Installs & authenticates"| Ampcode
WorkflowNew -->|"Posts review comments"| GitHubAPI
WorkflowNew -->|"Requires"| AmpcodeKey
WorkflowNew -->|"Uses"| GitHubToken
subgraph Legend
L1[Major Edit]:::major-edit
L2[Minor Edit]:::minor-edit
L3[Context/No Edit]:::context
end
classDef major-edit fill:#90EE90
classDef minor-edit fill:#87CEEB
classDef context fill:#FFFFFF
```
### Notes
- **Security consideration**: The workflow uses the AMPCODE_API_KEY secret and GitHub token for API access. Ensure the ampcode service is trusted before enabling.
- **Performance**: The workflow has a 15-minute timeout and processes up to 50 changed files to prevent resource exhaustion.
- **File filtering**: Only reviews common code file types (ts, tsx, js, jsx, py, etc.) to focus on relevant content.
- **Scalability**: Uses matrix strategy with max 3 parallel jobs and concurrency controls to handle multiple PRs efficiently.
**Link to Devin run**: https://app.devin.ai/sessions/d48a696c401a4b2a9c54dcf487601fd0
**Requested by**: Adam (@MrgSub)
<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Added a GitHub Action that automatically reviews PRs using Ampcode, posting structured feedback on code quality, bugs, and best practices.
- **New Features**
- Runs on PR open or update for main and staging branches.
- Installs Ampcode CLI, analyzes up to 50 changed files, and posts review comments.
- Handles multiple PRs with concurrency controls and error handling.
- Requires AMPCODE_API_KEY secret for authentication.
<!-- End of auto-generated description by cubic. -->