π§ Gemini Pull Request Review #515
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'π§ Gemini Pull Request Review' | |
| on: | |
| pull_request: | |
| types: | |
| - 'opened' | |
| pull_request_review_comment: | |
| types: | |
| - 'created' | |
| pull_request_review: | |
| types: | |
| - 'submitted' | |
| workflow_dispatch: | |
| inputs: | |
| pr_number: | |
| description: 'PR number to review' | |
| required: true | |
| type: 'number' | |
| concurrency: | |
| group: '${{ github.workflow }}-${{ github.head_ref || github.ref }}' | |
| cancel-in-progress: true | |
| defaults: | |
| run: | |
| shell: 'bash' | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| issues: 'write' | |
| pull-requests: 'write' | |
| statuses: 'write' | |
| jobs: | |
| review-pr: | |
| if: |- | |
| github.event_name == 'workflow_dispatch' || | |
| (github.event_name == 'pull_request' && github.event.action == 'opened') || | |
| (github.event_name == 'issue_comment' && github.event.issue.pull_request && | |
| contains(github.event.comment.body, '@gemini-cli /review') && | |
| ( | |
| github.event.comment.author_association == 'OWNER' || | |
| github.event.comment.author_association == 'MEMBER' || | |
| github.event.comment.author_association == 'COLLABORATOR' | |
| ) | |
| ) || | |
| (github.event_name == 'pull_request_review_comment' && | |
| contains(github.event.comment.body, '@gemini-cli /review') && | |
| ( | |
| github.event.comment.author_association == 'OWNER' || | |
| github.event.comment.author_association == 'MEMBER' || | |
| github.event.comment.author_association == 'COLLABORATOR' | |
| ) | |
| ) || | |
| (github.event_name == 'pull_request_review' && | |
| contains(github.event.review.body, '@gemini-cli /review') && | |
| ( | |
| github.event.review.author_association == 'OWNER' || | |
| github.event.review.author_association == 'MEMBER' || | |
| github.event.review.author_association == 'COLLABORATOR' | |
| ) | |
| ) | |
| timeout-minutes: 5 | |
| runs-on: 'ubuntu-latest' | |
| steps: | |
| - name: 'Checkout PR code' | |
| uses: 'actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683' # ratchet:actions/checkout@v4 | |
| - name: 'Generate GitHub App Token' | |
| id: 'generate_token' | |
| if: |- | |
| ${{ vars.APP_ID }} | |
| uses: 'actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e' # ratchet:actions/create-github-app-token@v2 | |
| with: | |
| app-id: '${{ vars.APP_ID }}' | |
| private-key: '${{ secrets.APP_PRIVATE_KEY }}' | |
| - name: 'Get PR details (pull_request & workflow_dispatch)' | |
| id: 'get_pr' | |
| if: |- | |
| ${{ github.event_name == 'pull_request' || github.event_name == 'workflow_dispatch' }} | |
| env: | |
| GITHUB_TOKEN: '${{ steps.generate_token.outputs.token || secrets.GITHUB_TOKEN }}' | |
| EVENT_NAME: '${{ github.event_name }}' | |
| WORKFLOW_PR_NUMBER: '${{ github.event.inputs.pr_number }}' | |
| PULL_REQUEST_NUMBER: '${{ github.event.pull_request.number }}' | |
| run: |- | |
| set -euo pipefail | |
| if [[ "${EVENT_NAME}" = "workflow_dispatch" ]]; then | |
| PR_NUMBER="${WORKFLOW_PR_NUMBER}" | |
| else | |
| PR_NUMBER="${PULL_REQUEST_NUMBER}" | |
| fi | |
| echo "pr_number=${PR_NUMBER}" >> "${GITHUB_OUTPUT}" | |
| # Get PR details | |
| PR_DATA="$(gh pr view "${PR_NUMBER}" --json title,body,additions,deletions,changedFiles,baseRefName,headRefName)" | |
| echo "pr_data=${PR_DATA}" >> "${GITHUB_OUTPUT}" | |
| # Get file changes | |
| CHANGED_FILES="$(gh pr diff "${PR_NUMBER}" --name-only)" | |
| { | |
| echo "changed_files<<EOF" | |
| echo "${CHANGED_FILES}" | |
| echo "EOF" | |
| } >> "${GITHUB_OUTPUT}" | |
| - name: 'Get PR details (issue_comment)' | |
| id: 'get_pr_comment' | |
| if: |- | |
| ${{ github.event_name == 'issue_comment' }} | |
| env: | |
| GITHUB_TOKEN: '${{ steps.generate_token.outputs.token || secrets.GITHUB_TOKEN }}' | |
| COMMENT_BODY: '${{ github.event.comment.body }}' | |
| PR_NUMBER: '${{ github.event.issue.number }}' | |
| run: |- | |
| set -euo pipefail | |
| echo "pr_number=${PR_NUMBER}" >> "${GITHUB_OUTPUT}" | |
| # Extract additional instructions from comment | |
| ADDITIONAL_INSTRUCTIONS="$( | |
| echo "${COMMENT_BODY}" | sed 's/.*@gemini-cli \/review//' | xargs | |
| )" | |
| echo "additional_instructions=${ADDITIONAL_INSTRUCTIONS}" >> "${GITHUB_OUTPUT}" | |
| # Get PR details | |
| PR_DATA="$(gh pr view "${PR_NUMBER}" --json title,body,additions,deletions,changedFiles,baseRefName,headRefName)" | |
| echo "pr_data=${PR_DATA}" >> "${GITHUB_OUTPUT}" | |
| # Get file changes | |
| CHANGED_FILES="$(gh pr diff "${PR_NUMBER}" --name-only)" | |
| { | |
| echo "changed_files<<EOF" | |
| echo "${CHANGED_FILES}" | |
| echo "EOF" | |
| } >> "${GITHUB_OUTPUT}" | |
| - name: 'Run Gemini PR Review' | |
| uses: './' | |
| id: 'gemini_pr_review' | |
| env: | |
| GITHUB_TOKEN: '${{ steps.generate_token.outputs.token || secrets.GITHUB_TOKEN }}' | |
| PR_NUMBER: '${{ steps.get_pr.outputs.pr_number || steps.get_pr_comment.outputs.pr_number }}' | |
| PR_DATA: '${{ steps.get_pr.outputs.pr_data || steps.get_pr_comment.outputs.pr_data }}' | |
| CHANGED_FILES: '${{ steps.get_pr.outputs.changed_files || steps.get_pr_comment.outputs.changed_files }}' | |
| ADDITIONAL_INSTRUCTIONS: '${{ steps.get_pr.outputs.additional_instructions || steps.get_pr_comment.outputs.additional_instructions }}' | |
| REPOSITORY: '${{ github.repository }}' | |
| with: | |
| gemini_cli_version: '${{ vars.GEMINI_CLI_VERSION }}' | |
| gcp_workload_identity_provider: '${{ vars.GCP_WIF_PROVIDER }}' | |
| gcp_project_id: '${{ vars.GOOGLE_CLOUD_PROJECT }}' | |
| gcp_location: '${{ vars.GOOGLE_CLOUD_LOCATION }}' | |
| gcp_service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}' | |
| gemini_api_key: '${{ secrets.GEMINI_API_KEY }}' | |
| use_vertex_ai: '${{ vars.GOOGLE_GENAI_USE_VERTEXAI }}' | |
| use_gemini_code_assist: '${{ vars.GOOGLE_GENAI_USE_GCA }}' | |
| settings: |- | |
| { | |
| "maxSessionTurns": 20, | |
| "mcpServers": { | |
| "github": { | |
| "command": "docker", | |
| "args": [ | |
| "run", | |
| "-i", | |
| "--rm", | |
| "-e", | |
| "GITHUB_PERSONAL_ACCESS_TOKEN", | |
| "ghcr.io/github/github-mcp-server" | |
| ], | |
| "includeTools": [ | |
| "create_pending_pull_request_review", | |
| "add_comment_to_pending_review", | |
| "submit_pending_pull_request_review" | |
| ], | |
| "env": { | |
| "GITHUB_PERSONAL_ACCESS_TOKEN": "${GITHUB_TOKEN}" | |
| } | |
| } | |
| }, | |
| "coreTools": [ | |
| "run_shell_command(echo)", | |
| "run_shell_command(gh pr view)", | |
| "run_shell_command(gh pr diff)", | |
| "run_shell_command(cat)", | |
| "run_shell_command(head)", | |
| "run_shell_command(tail)", | |
| "run_shell_command(grep)" | |
| ], | |
| "telemetry": { | |
| "enabled": true, | |
| "target": "gcp" | |
| }, | |
| "sandbox": false | |
| } | |
| prompt: |- | |
| ## Role | |
| You are an expert code reviewer. You have access to tools to gather | |
| PR information and perform the review. Use the available tools to | |
| gather information; do not ask for information to be provided. | |
| ## Steps | |
| Start by running these commands to gather the required data: | |
| 1. Run: echo "${PR_DATA}" to get PR details (JSON format) | |
| 2. Run: echo "${CHANGED_FILES}" to get the list of changed files | |
| 3. Run: echo "${PR_NUMBER}" to get the PR number | |
| 4. Run: echo "${ADDITIONAL_INSTRUCTIONS}" to see any specific review | |
| instructions from the user | |
| 5. Run: gh pr diff "${PR_NUMBER}" to see the full diff | |
| 6. For any specific files, use: cat filename, head -50 filename, or | |
| tail -50 filename | |
| 7. If ADDITIONAL_INSTRUCTIONS contains text, prioritize those | |
| specific areas or focus points in your review. Common instruction | |
| examples: "focus on security", "check performance", "review error | |
| handling", "check for breaking changes" | |
| ## Guidelines | |
| - Reference all shell variables as "${VAR}" (with quotes and braces) | |
| - Be specific and actionable in feedback; suggest improvements or | |
| alternatives. | |
| - Be respectful and constructive; focus on the code, not the author. | |
| - Use clear, concise language and avoid jargon when possible. | |
| ## Review | |
| Review Areas: | |
| - **Security**: Authentication, authorization, input validation, | |
| data sanitization | |
| - **Performance**: Algorithms, database queries, caching, resource | |
| usage | |
| - **Reliability**: Error handling, logging, testing coverage, edge | |
| cases | |
| - **Maintainability**: Code structure, documentation, naming | |
| conventions | |
| - **Functionality**: Logic correctness, requirements fulfillment | |
| Once you have the information, provide a comprehensive code review by: | |
| 1. Creating a pending review: Use the mcp__github__create_pending_pull_request_review to create a Pending Pull Request Review. | |
| 2. Adding review comments: | |
| 2.1 Use the mcp__github__add_comment_to_pending_review to add comments to the Pending Pull Request Review. Inline comments are preffered whenever possible, so repeat this step, calling mcp__github__add_comment_to_pending_review, as needed. All comments about specific lines of code should use inline comments. It is preferred to use code suggestions when possible, which include a code block that is labeled "suggestion", which contains what the new code should be. All comments should also have a piority. They syntax is: | |
| Normal Comment Syntax: | |
| <COMMENT> | |
| {{PRIORITY}} {{COMMENT_TEXT}} | |
| </COMMENT> | |
| Inline Comment Syntax: (Preferred): | |
| <COMMENT> | |
| {{PRIORITY}} {{COMMENT_TEXT}} | |
| ```suggestion | |
| {{CODE_SUGGESTION}} | |
| ``` | |
| </COMMENT> | |
| Prepend a priority emoji to each comment: | |
| - π’ for low priority | |
| - π‘ for medium priority | |
| - π for high priority | |
| - π΄ for critical priority | |
| - π΅ if priority is unclear | |
| Including all of this, an example inline comment would be: | |
| <COMMENT> | |
| π’ Use camelCase for function names | |
| ```suggestion | |
| myFooBarFunction | |
| ``` | |
| </COMMENT> | |
| A critical priority example would be: | |
| <COMMENT> | |
| π΄ Remove storage key from GitHub | |
| ```suggestion | |
| ``` | |
| 3. Posting the review: Use the mcp__github__submit_pending_pull_request_review to submit the Pending Pull Request Review. | |
| 3.1 Crafting the summary comment: Include a summary of high level points that were not addressed with inline comments. Be concise. Do not repeat details mentioned inline. | |
| Structure your summary comment using this exact format with markdown: | |
| ## π Review Summary | |
| Provide a brief 2-3 sentence overview of the PR and overall | |
| assessment. | |
| ## π General Feedback | |
| - List general observations about code quality | |
| - Mention overall patterns or architectural decisions | |
| - Highlight positive aspects of the implementation | |
| - Note any recurring themes across files | |
| - name: 'Post PR review failure comment' | |
| if: |- | |
| ${{ failure() && steps.gemini_pr_review.outcome == 'failure' }} | |
| uses: 'actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea' | |
| with: | |
| github-token: '${{ steps.generate_token.outputs.token || secrets.GITHUB_TOKEN }}' | |
| script: | | |
| github.rest.issues.createComment({ | |
| owner: '${{ github.repository }}'.split('/')[0], | |
| repo: '${{ github.repository }}'.split('/')[1], | |
| issue_number: '${{ steps.get_pr.outputs.pr_number || steps.get_pr_comment.outputs.pr_number }}', | |
| body: 'There is a problem with the Gemini CLI PR review. Please check the [action logs](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) for details.' | |
| }) |