Automated AI code review workflow #8
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: AI Code Review | |
| permissions: | |
| contents: read | |
| pull-requests: read | |
| issues: read | |
| id-token: write | |
| on: | |
| workflow_dispatch: | |
| pull_request: | |
| jobs: | |
| ai-review: | |
| runs-on: ubuntu-latest | |
| env: | |
| AWS_REGION: us-west-2 | |
| steps: | |
| - name: Checkout CI code | |
| uses: actions/checkout@v4 | |
| with: | |
| sparse-checkout: | | |
| .github | |
| ci | |
| - name: Generate GitHub App token | |
| id: app-token | |
| uses: actions/create-github-app-token@v2 | |
| with: | |
| app-id: ${{ secrets.KP_REVIEW_BOT_APP_ID }} | |
| private-key: ${{ secrets.KP_REVIEW_BOT_APP_PRIVATE_KEY }} | |
| - name: Configure AWS Credentials (OIDC) | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_BEDROCK_ROLE }} | |
| aws-region: us-west-2 | |
| - name: Checkout prompts repo | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: 'masoncl/review-prompts' | |
| path: 'review' | |
| - name: Download Linux source tree | |
| uses: libbpf/ci/get-linux-source@v3 | |
| env: | |
| FETCH_DEPTH: 10 | |
| with: | |
| dest: 'linux' | |
| rev: '77620d1267392b1a34bfc437d2adea3006f95865' | |
| - uses: anthropics/claude-code-action@v1 | |
| with: | |
| github_token: ${{ steps.app-token.outputs.token }} | |
| use_bedrock: "true" | |
| claude_args: '--model us.anthropic.claude-sonnet-4-20250514-v1:0 --max-turns 100' | |
| settings: ${{ github.workspace }}/ci/claude/settings.json | |
| prompt: | | |
| Directory `linux` is the root of a Linux Kernel git repository. | |
| Using the prompt `review/review-core.md` and the review prompt directory `review`, | |
| do a code review of the top commit in `linux` producing `review-inline.txt`. | |
| - name: cat review-inline.txt | |
| shell: bash | |
| run: | | |
| cat ${{ github.workspace }}/review-inline.txt || true | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: ai-review-output | |
| if-no-files-found: ignore | |
| path: ${{ github.workspace }}/review-inline.txt |