Skip to content

Instantly share code, notes, and snippets.

@TafadzwaD

TafadzwaD/HOW_TO.md

Last active July 22, 2024 08:51
Show Gist options
  • Save TafadzwaD/1a4be31ce3ac564069f1c5d589dd479c to your computer and use it in GitHub Desktop.
Save TafadzwaD/1a4be31ce3ac564069f1c5d589dd479c to your computer and use it in GitHub Desktop.
Download ZIP
Supercharge Your Code Reviews with GitHub Actions and GPT-4 (Any Model)
Raw
HOW_TO.md

Automatic PR Code Reviews with GitHub Actions and GPT-4

Overview

In this Gist, I'll guide you through creating a GitHub Actions workflow that uses GPT-4 (any model) to automate code reviews on your Pull Requests.

Review code with Gpt4 using Github Actions

Table of Contents

Key Takeaways

  • AI-Powered Code Reviews: Learn how to leverage GPT-4 for code analysis and feedback, unlocking new insights.
  • Workflow Automation: Automate the code review process with GitHub Actions, streamlining your development journey.
  • Code Quality Optimization: Utilize AI-generated insights to identify patterns and optimize code quality.

Setting Up GitHub Actions

Repository Setup

Browser

  • Create a new GitHub repository or select an existing one.
  • Navigate to the "Actions" tab and click Set up a workflow yourself.
  • Choose to create a new custom workflow.
  • Give your workflow a descriptive name, such as gpt-code-review.yml

Code Editor

  • In the .github/workflows folder, create a new YAML file with the name you chose (e.g., gpt-code-review.yml) ignore this step if you have used the browser set up.

Workflow Configuration

  • Configure the workflow to run on pull request events - what triggers the workflow (customise based on your needs):

    on:
  pull_request:

  • Set the necessary permissions:

    permissions:
  contents: read
  issues: write
  pull-requests: write

Integrating GPT-4, Github Actions & GitHub API

API Credentials & Variables

  • Obtain an API key or token for the GPT-4 language model.
  • Securely store the API credentials in GitHub Secrets:
    • Click Secrets and variables in your repository settings.
    • Add new secrets for the API key/token.
    • Also, create a secret for a GitHub API token, which will be used for posting code review comments.

  • Create a variable with the CODE_REVIEW_PROMPT, under Variables and specify the prompt. For the tutorial I used the below prompt:

      You play the role of a code reviewer on GitHub. Please conduct a thorough code review based on the provided raw Git diff.

Referencing Credentials

  • Reference the API credentials in your GitHub Actions workflow file (gpt-code-review.yml or similar):
    • Use the secrets context to access the stored credentials.
    • Provide the API key/token as an input to the code review action.

Automating Code Reviews with Custom Action

Code Retrieval

  • Use the actions/checkout action to retrieve the code changes in the pull request - created by @Github.
  • Gather the git diff of the pull request using a custom action like git-diff-action - created by @GrantBirki.

AI Code Review

  • Invoke the GPT-4 model with the code changes as input to generate code review suggestions, provide the prompt, variable defined here.
  • Process the model's output to extract relevant feedback - GPT4 will respond with Markdown-formatted comments.The model is context aware as we specified in the prompt that we're on Github 🧠.

Posting Code Review Comments

  • Use the GitHub API to post the AI-generated code review comments on the pull request.

Full Workflow Code 

name: GPT Code Review

on:
  pull_request:
permissions:
  contents: read
  issues: write
  pull-requests: write

jobs:
  code_review:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4.1.1
        with:
          fetch-depth: 0

      - uses: GrantBirki/git-diff-action@v2.4.0  # A github action for gathering the git diff of our pull request
        id: git-diff
        with:
          raw_diff_file_output: diff.txt
          file_output_only: "true" #Makes us exclude printing the diff on the console for security purposes

      - name: Perfom Code Review With gpt-4
        id: code_review_suggestions
        run: |
          # Get the code changes
          changed_code=$(cat ${{steps.git-diff.outputs.raw-diff-path}})
          
          echo "PR Changes $changed_code"
          
          # Escape newlines and double quotes in the changed_code
          escaped_code=$(echo "$changed_code" | jq -s -R -r @json)
          
          response=$(curl -s https://api.openai.com/v1/chat/completions \
            -H "Content-Type: application/json" \
            -H "Authorization: Bearer ${{ secrets.OPEN_AI_KEY }}" \
            -d "{
              \"model\": \"gpt-4\",
              \"messages\": [
                { \"role\": \"system\", \"content\": \"${{ vars.CODE_REVIEW_PROMPT }}\" },
                { \"role\": \"user\", \"content\": $escaped_code }
              ]
            }")
          
          echo "This is the response $response"
          
          code_review_suggestions=$(echo "$response" | jq -r '.choices[0].message.content')
          
          echo "$code_review_suggestions" > code_suggestions.txt

      - name: Add Code Suggestions Comment
        run: |
          cat code_suggestions.txt
          
          escaped_comments=$(echo "$(cat code_suggestions.txt)" | jq -s -R -r @json)
          
          curl -s -L \
            -X POST \
            -H "Accept: application/vnd.github+json" \
            -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
            -H "X-GitHub-Api-Version: 2022-11-28" \
            https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.number }}/comments \
            -d "{\"body\":$escaped_comments\"}"

Step by Step Video

Review code with Gpt4 using Github Actions

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment