[feat] Check if auto PR reviews are enabled for a given owner

[rohitvinnakota-codecov]

Purpose/Motivation

What is the feature? Why is this being done?

This will be consumed in shelter. Forwarded pull request webhooks from codecov AI will check if the user has configured an auto-review setting for their org. If they have, the resulting response will be used upstream to kick off a review PR flow in seer.

Legal Boilerplate

Look, I get it. The entity doing business as "Sentry" was incorporated in the State of Delaware in 2015 as Functional Software, Inc. In 2022 this entity acquired Codecov and as result Sentry is going to need some rights from me in order to utilize my contributions in this PR. So here's the deal: I retain all rights, title and interest in and to my contributions, and by keeping this boilerplate intact I confirm that Sentry can use, modify, copy, and redistribute my contributions, under Sentry's choice of terms.

[sentry-autofix]

🚨 Sentry detected 1 potential issue in your recent changes 🚨

Lower risk findings

• Line 372, webhook_handlers/views/github.py

  • The target_id is converted to string, but self.ai_features_app_id might not be a string.

_{Did you find this useful? React with a 👍 or 👎}

[codecov-notifications]

Codecov Report

All modified and coverable lines are covered by tests ✅

✅ All tests successful. No failed tests found.

📢 Thoughts on this report? Let us know!

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 96.35%. Comparing base (d3f7e91) to head (459bbbf).
Report is 8 commits behind head on main.

✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1285   +/-   ##
=======================================
  Coverage   96.35%   96.35%           
=======================================
  Files         488      488           
  Lines       16919    16932   +13     
=======================================
+ Hits        16302    16315   +13     
  Misses        617      617           

Flag	Coverage Δ
unit	96.35% <100.00%> (+<0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[rohitvinnakota-codecov]

@codecov-ai-reviewer test

[codecov-ai]

On it! Codecov is generating unit tests for this PR.

[rohitvinnakota-codecov]

@codecov-ai-reviewer review

[codecov-ai]

On it! We are reviewing the PR and will provide feedback shortly.

[codecov-ai]

The string comparison with AI_FEATURES_GH_APP_ID could be unsafe if the types don't match. Consider adding type conversion to ensure robust comparison. Also, consider extracting this check into a helper method for better readability and reusability.

Suggested change

	def pull_request(self, request, *args, **kwargs):
	if (
	request.META.get(GitHubHTTPHeaders.HOOK_INSTALLATION_TARGET_ID, "")
	== AI_FEATURES_GH_APP_ID
	):
	def _is_ai_features_request(self, request):
	target_id = request.META.get(GitHubHTTPHeaders.HOOK_INSTALLATION_TARGET_ID, '')
	return str(target_id) == str(AI_FEATURES_GH_APP_ID)
	def pull_request(self, request, *args, **kwargs):
	if self._is_ai_features_request(request):
	return self.check_codecov_ai_auto_enabled_reviews(request)

[rohitvinnakota-codecov]

On it! We are reviewing the PR and will provide feedback shortly.

[rohitvinnakota-codecov]

PR Description:

Here's a detailed analysis of this pull request:

Purpose

This PR implements a webhook-based mechanism to check if AI-powered code reviews should be automatically triggered for GitHub pull requests. It's part of a larger AI features integration system that appears to be controlled by a separate GitHub App installation.

Key Technical Changes

1. Configuration and Infrastructure

• Adds a new GitHub webhook header constant HOOK_INSTALLATION_TARGET_ID to identify requests from specific GitHub App installations
• Introduces configuration for an AI features app ID, separate from the default app ID
• Sets up the foundation for differentiating webhook requests between multiple GitHub Apps

2. Feature Detection Logic

• Implements a new endpoint handler that checks if automatic AI reviews are enabled for a repository
• Uses organization-level YAML configuration to control the feature (ai_pr_review.auto_review setting)
• Intercepts pull request webhooks to determine if they should trigger AI reviews

3. Testing Infrastructure

• Comprehensive test coverage for various configuration scenarios:
  • Explicitly enabled AI reviews
  • Explicitly disabled AI reviews
  • Missing configuration
  • Partial configuration
• Uses factory patterns for test data generation
• Mocks configuration values for consistent testing

Architecture Decisions

1. Feature Toggle Design

• Uses YAML-based configuration at the organization level, allowing granular control
• Follows an opt-in model where the feature is disabled by default
• Separates the feature check from the actual review implementation

2. Multi-App Architecture

• Implements a pattern for handling webhooks from multiple GitHub App installations
• Uses the installation target ID to route requests to appropriate handlers
• Maintains backward compatibility with existing webhook handling

Dependencies and Interactions

1. System Dependencies

• Relies on existing Owner model and YAML configuration system
• Integrates with existing webhook validation and handling infrastructure
• Uses the GitHub Apps installation system

2. External Dependencies

• Requires GitHub webhook delivery with installation target ID
• Depends on proper GitHub App installation and configuration

Risk Considerations

1. Operational Risks

• New webhook handling path could affect existing webhook processing
• Additional database queries for configuration checks
• Potential for increased API latency due to additional checks

2. Security Considerations

• Maintains existing webhook signature validation
• Properly validates GitHub App installation IDs
• Uses existing security patterns for webhook handling

Notable Implementation Details

• Clean separation of concerns between feature detection and implementation
• Extensive test coverage for different configuration scenarios
• Maintains existing error handling patterns
• Uses property decorators for configuration access
• Follows existing coding patterns for webhook handling

This PR appears to be laying the groundwork for a larger AI-powered code review feature while maintaining a clean separation of concerns and following existing architectural patterns. The implementation is well-tested and includes appropriate error handling and validation.

[adrian-codecov]

Note for later: think whether you want to use the full yaml vs the org yaml or any variant