ci: add PR-Agent review + Qodo merge + upstream issues watch#46
ci: add PR-Agent review + Qodo merge + upstream issues watch#46bong-water-water-bong wants to merge 2 commits into
Conversation
|
cc: @bitgamma @Geramy @jeremyfowers @kenvandine @sofiageo @superm1 — clean PR with just the 3 workflow files. Once merged, every PR gets automated reviews from both PR-Agent (DeepSeek) and Qodo. Secrets `DEEPSEEK_API_KEY` and `QODO_API_KEY` need to be set in the repo settings. |
|
Closing — not proceeding with this repo. |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 27ef67b9e5
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| pr_agent_job: | ||
| name: PR-Agent (DeepSeek) | ||
| runs-on: ubuntu-latest | ||
| if: ${{ github.event.sender.type != 'Bot' && secrets.DEEPSEEK_API_KEY != '' }} |
There was a problem hiding this comment.
Move the secret check out of the job condition
GitHub Actions does not make the secrets context available in jobs.<job_id>.if conditions, so when a PR or comment triggers this workflow GitHub cannot evaluate this expression and the PR-Agent review job never reaches the action step. Gate the step using an environment value or handle the missing secret inside the job instead.
Useful? React with 👍 / 👎.
|
|
||
| jobs: | ||
| qodo-merge: | ||
| if: ${{ secrets.QODO_API_KEY != "" }} |
There was a problem hiding this comment.
Move the secret check out of the job condition
GitHub Actions does not allow referencing the secrets context directly from a job-level if, so this workflow cannot evaluate the condition before starting the Qodo review job. As written, the new Qodo review pass will not run successfully on PR events even when the secret is configured.
Useful? React with 👍 / 👎.
|
|
||
| - name: Commit updated issue list | ||
| run: | | ||
| if git diff --quiet UPSTREAM_ISSUES.md; then |
There was a problem hiding this comment.
Include the untracked cache in the change check
UPSTREAM_ISSUES.md is not tracked in the current tree, and git diff --quiet UPSTREAM_ISSUES.md ignores a newly created untracked file. On the first scheduled or manual run the fetch step creates the cache, this condition exits 0, and the job exits before git add, so the cache is never committed and later runs keep starting from scratch.
Useful? React with 👍 / 👎.
| contents: read | ||
| steps: | ||
| - name: Qodo Merge Review | ||
| uses: qodo-ai/qodo-merge@main |
There was a problem hiding this comment.
Point Qodo review at a published action
When this job reaches the review step, GitHub resolves uses: qodo-ai/qodo-merge@main as an action repository, but Qodo does not publish a GitHub Action at that path. The runner will fail while downloading action metadata before any review can run, so this needs to use the supported Qodo GitHub integration or the correct action repository.
Useful? React with 👍 / 👎.
| if: ${{ github.event.sender.type != 'Bot' && secrets.DEEPSEEK_API_KEY != '' }} | ||
| steps: | ||
| - name: PR Agent review | ||
| uses: the-pr-agent/pr-agent@main |
There was a problem hiding this comment.
Pin PR-Agent to a reviewed release
This workflow runs a third-party action from the moving main branch while handing it DEEPSEEK_API_KEY and a write-capable GitHub token. Any upstream branch update will execute in this repository without review and can either break all PR reviews or expose those credentials, so pin it to a trusted release or commit instead of main.
Useful? React with 👍 / 👎.
| echo "Last checked: ${NOW}" >> "${CACHE}.new" | ||
| echo "" >> "${CACHE}.new" | ||
|
|
||
| curl -s "https://api.github.com/repos/${UPSTREAM}/issues?state=open&per_page=50&sort=created&direction=desc" \ |
There was a problem hiding this comment.
Filter the upstream query to help wanted issues
The PR describes this watcher as tracking upstream issues tagged help wanted, but this request fetches every open upstream issue because it never passes a labels=help%20wanted filter to the GitHub Issues API. On repositories with unrelated open issues, the generated cache and new-issue log will be dominated by issues this workflow was not meant to watch.
Useful? React with 👍 / 👎.
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| DEEPSEEK_API_KEY: ${{ secrets.DEEPSEEK_API_KEY }} | ||
| config.model: "deepseek/deepseek-chat" |
There was a problem hiding this comment.
Choose a supported DeepSeek model before the alias retires
DeepSeek currently marks deepseek-chat for deprecation on July 24, 2026, so this newly added review workflow is set up with a model name that is scheduled to stop being supported shortly after merge. When that alias is retired, PR-Agent review runs using this configuration will start failing even though the API key and action setup are otherwise valid.
Useful? React with 👍 / 👎.
Summary
Three CI workflow files — clean, no other changes:
Two independent PR review passes on every PR.
Secrets required (set in repo):
cc: @bitgamma @Geramy @jeremyfowers @kenvandine @sofiageo @superm1