AI-based PR reviewer and summarizer w/ Amazon Bedrock Claude

This is a modified version of coderabbitai/ai-pr-reviewer to use Amazon Bedrock instead.

Overview

ai-pr-reviewer is an AI-based code reviewer and summarizer for GitHub pull requests using Bedrock's Anthropic Claude models. It is designed to be used as a GitHub Action and can be configured to run on every pull request and review comments.

Reviewer Features:

• PR Summarization: It generates a summary and release notes of the changes in the pull request.
• Line-by-line code change suggestions: Reviews the changes line by line and provides code change suggestions.
• Continuous, incremental reviews: Reviews are performed on each commit within a pull request, rather than a one-time review on the entire pull request.
• Cost-effective and reduced noise: Incremental reviews save on Bedrock costs and reduce noise by tracking changed files between commits and the base of the pull request.
• "Light" model for summary: Designed to be used with a "light" summarization model and a "heavy" review model.
• Chat with bot: Supports conversation with the bot in the context of lines of code or entire files, useful for providing context, generating test cases, and reducing code complexity.
• Smart review skipping: By default, skips in-depth review for simple changes (e.g. typo fixes) and when changes look good for the most part. It can be disabled by setting review_simple_changes and review_comment_lgtm to true.
• Customizable prompts: Tailor the system_message, summarize, and summarize_release_notes prompts to focus on specific aspects of the review process or even change the review objective.

To use this tool, you need to add the provided YAML file to your repository and configure the required IAM role. For more information on usage, examples, contributing, and FAQs, you can refer to the sections below.

• Overview
• Reviewer Features
• Install instructions
• Conversation with AI reviewer
• Examples
• Contribute
• FAQs

Install instructions

You have to create an IAM role first for authenticating Bedrock API. You can use the CloudFormation template to create one. Please replace SubjectClaimFilters field value to allow access to your GitHub repository.

ai-pr-reviewer runs as a GitHub Action. Add the below file to your repository at .github/workflows/ai-pr-reviewer.yml. Please replace role-to-assume field value to the actual IAM role ARN created by the CloudFormation template.

name: Code Review

permissions:
  id-token: write
  contents: read
  pull-requests: write

on:
  pull_request:
  pull_request_review_comment:
    types: [created]

concurrency:
  group:
    ${{ github.repository }}-${{ github.event.number || github.head_ref ||
    github.sha }}-${{ github.workflow }}-${{ github.event_name ==
    'pull_request_review_comment' && 'pr_comment' || 'pr' }}
  cancel-in-progress: ${{ github.event_name != 'pull_request_review_comment' }}

jobs:
  review:
    runs-on: ubuntu-latest
    steps:
      - name: configure aws credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          role-to-assume: arn:aws:iam::123456789012:role/YourOidcIamRole
          role-session-name: gha-session
          aws-region: us-east-1
      - name: PR review
        uses: tmokmss/bedrock-pr-reviewer@main
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          debug: false
          review_simple_changes: false
          review_comment_lgtm: false

Environment variables

• GITHUB_TOKEN: This should already be available to the GitHub Action environment. This is used to add comments to the pull request.

Prompts & Configuration

See: action.yml

Tip: You can change the bot personality by configuring the system_message value. For example, to review docs/blog posts, you can use the following prompt:

Blog Reviewer Prompt

system_message: |
  You are `/reviewbot` (aka `github-actions[bot]`), a language model
  trained by Bedrock. Your purpose is to act as a highly experienced
  DevRel (developer relations) professional with focus on cloud-native
  infrastructure.

  Company context -
  AI reviewer is an AI-powered Code reviewer.It boosts code quality and cuts manual effort. Offers context-aware, line-by-line feedback, highlights critical changes,
  enables bot interaction, and lets you commit suggestions directly from GitHub.

  When reviewing or generating content focus on key areas such as -
  - Accuracy
  - Relevance
  - Clarity
  - Technical depth
  - Call-to-action
  - SEO optimization
  - Brand consistency
  - Grammar and prose
  - Typos
  - Hyperlink suggestions
  - Graphics or images (suggest Dall-E image prompts if needed)
  - Empathy
  - Engagement

Conversation with AI reviewer

You can reply to a review comment made by this action and get a response based on the diff context. Additionally, you can invite the bot to a conversation by tagging it in the comment (/reviewbot).

Example:

/reviewbot Please generate a test plan for this file.

Note: A review comment is a comment made on a diff or a file in the pull request.

Ignoring PRs

Sometimes it is useful to ignore a PR. For example, if you are using this action to review documentation, you can ignore PRs that only change the documentation. To ignore a PR, add the following keyword in the PR description:

/reviewbot: ignore

Examples

Some of the reviews done by ai-pr-reviewer

Any suggestions or pull requests for improving the prompts are highly appreciated.

Contribute

Developing

First, you'll need to have a reasonably modern version of node handy, tested with node 17+.

Install the dependencies

$ npm install

Build the typescript and package it for distribution

$ npm run build && npm run package

FAQs

Review pull requests from forks

GitHub Actions limits the access of secrets from forked repositories. To enable this feature, you need to use the pull_request_target event instead of pull_request in your workflow file. Note that with pull_request_target, you need extra configuration to ensure checking out the right commit:

name: Code Review

permissions:
  contents: read
  pull-requests: write

on:
  pull_request_target:
    types: [opened, synchronize, reopened]
  pull_request_review_comment:
    types: [created]

concurrency:
  group:
    ${{ github.repository }}-${{ github.event.number || github.head_ref ||
    github.sha }}-${{ github.workflow }}-${{ github.event_name ==
    'pull_request_review_comment' && 'pr_comment' || 'pr' }}
  cancel-in-progress: ${{ github.event_name != 'pull_request_review_comment' }}

jobs:
  review:
    runs-on: ubuntu-latest
    steps:
      - name: configure aws credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          role-to-assume: arn:aws:iam::123456789012:role/YourOidcIamRole
          role-session-name: gha-session
          aws-region: us-east-1
      - name: PR review
        uses: tmokmss/bedrock-pr-reviewer@main
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          debug: false
          review_simple_changes: false
          review_comment_lgtm: false

See also: https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target

Inspect the messages between Bedrock server

Set debug: true in the workflow file to enable debug mode, which will show the messages

Disclaimer

• Your code (files, diff, PR title/description) will be sent to Bedrock's servers for processing. Please check with your compliance team before using this on your private code repositories.
• This action is not affiliated with Bedrock.

Copyright notice

Copyright for portions of project ai-pr-reviewer are held by CodeRabbit as part of project bedrock-pr-reviewer. See CodeRabbit.LICENSE for the original license.