diff --git a/actions/README.md b/actions/README.md index 6d3bbf377dd..6e1ddd9e70c 100644 --- a/actions/README.md +++ b/actions/README.md @@ -4,26 +4,188 @@ GitHub Actions that provide automated code reviews for pull requests using Conti ## Available Actions -This repository provides two GitHub Actions for different review styles: +This repository provides three GitHub Actions for automated code reviews: -### 1. General Review Action +### 1. Base Review Action (Recommended) + +Zero-config AI code review that automatically handles both general and detailed reviews. + +- **Path:** `continuedev/continue/actions/base-review@main` +- **Trigger:** `@continue-agent` (with optional custom instructions) +- **Output:** Comprehensive review with inline comments + +### 2. General Review Action Provides high-level PR assessment with overall feedback and recommendations. -- **Path:** `continuedev/continue/actions/general-review@` +- **Path:** `continuedev/continue/actions/general-review@main` - **Trigger:** `@continue-general-review` - **Output:** Summary comment with strengths, issues, and recommendations -### 2. Detailed Review Action +### 3. Detailed Review Action Provides line-by-line inline comments on specific code changes. -- **Path:** `continuedev/continue/actions/detailed-review@` +- **Path:** `continuedev/continue/actions/detailed-review@main` - **Trigger:** `@continue-detailed-review` - **Output:** Inline review comments on specific lines of code ## Quick Start +### Zero-Config Setup (Recommended) + +The simplest way to add AI code reviews to your repository: + +```yaml +name: AI Code Review +on: + pull_request: + types: [opened, synchronize, ready_for_review] + issue_comment: + types: [created] + +permissions: + contents: read + pull-requests: write + issues: write + actions: read + checks: write + +jobs: + review: + # Only run on PRs or when @continue-agent is mentioned + if: | + github.event_name == 'pull_request' || + (github.event_name == 'issue_comment' && + github.event.issue.pull_request && + contains(github.event.comment.body, '@continue-agent')) + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - uses: continuedev/continue/actions/base-review@main + with: + continue-api-key: ${{ secrets.CONTINUE_API_KEY }} +``` + +### With GitHub App (For Bot Identity) + +```yaml +name: AI Code Review +on: + pull_request: + types: [opened, synchronize, ready_for_review] + issue_comment: + types: [created] + +permissions: + contents: read + pull-requests: write + issues: write + actions: read + checks: write + +jobs: + review: + if: | + github.event_name == 'pull_request' || + (github.event_name == 'issue_comment' && + github.event.issue.pull_request && + contains(github.event.comment.body, '@continue-agent')) + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Generate GitHub App Token + id: app-token + uses: actions/create-github-app-token@v2 + with: + app-id: ${{ secrets.CONTINUE_APP_ID }} + private-key: ${{ secrets.CONTINUE_APP_PRIVATE_KEY }} + + - uses: continuedev/continue/actions/base-review@main + with: + continue-api-key: ${{ secrets.CONTINUE_API_KEY }} + github-token: ${{ steps.app-token.outputs.token }} +``` + +### With Custom Configuration + +```yaml +- uses: continuedev/continue/actions/base-review@main + with: + continue-api-key: ${{ secrets.CONTINUE_API_KEY }} + continue-org: "your-org-name" + continue-config: "your-org-name/custom-review-bot" +``` + +## Usage Examples + +### Basic Usage + +#### Automatic Review on PR + +When a PR is opened or marked ready for review, the Continue Agent will automatically perform a code review. + +#### Manual Trigger with @mention + +Comment on any PR with: + +``` +@continue-agent +``` + +#### Request Detailed Review + +``` +@continue-agent detailed +``` + +### Custom Review Focus + +You can provide specific instructions after the @mention: + +``` +@continue-agent please focus on security implications and performance +``` + +``` +@continue-agent check if this follows our team's React best practices +``` + +``` +@continue-agent detailed review the error handling and edge cases +``` + +## Security Features + +### Multi-Layer Security + +1. **Workflow-level filtering**: The workflow only runs when: + + - It's a PR event (opened, synchronized, ready_for_review) + - It's a comment on a PR that contains `@continue-agent` + +2. **Action-level authorization**: Only authorized users (OWNER, MEMBER, COLLABORATOR) can trigger reviews + +3. **Input sanitization**: Custom prompts are: + - Read as data, not executed as code + - Written to temporary files to prevent injection + - Passed through environment variables safely + +### How Custom Prompts Work + +When you comment `@continue-agent [your custom instructions]`, the action: + +1. Extracts the text after `@continue-agent` +2. Sanitizes it by treating it as data (no shell execution) +3. Passes it to the review action as additional context +4. The AI incorporates your instructions into its review + +This allows flexible, context-aware reviews while maintaining security. + +## Quick Start + ### Using Both Actions Together ```yaml @@ -117,17 +279,32 @@ jobs: ## Inputs +### Base Review Action + +| Input | Description | Required | Default | +| ------------------ | -------------------------------------- | -------- | ------------------------ | +| `continue-api-key` | API key for Continue service | Yes | - | +| `continue-org` | Organization for Continue config | No | `continuedev` | +| `continue-config` | Config path (e.g., "myorg/review-bot") | No | `continuedev/review-bot` | +| `use_github_app` | Use GitHub App for bot identity | No | `true` | +| `app-id` | GitHub App ID | No | `1090372` | +| `app-private-key` | GitHub App Private Key | No | - | +| `github-token` | GitHub token for API access | No | - | + +### General and Detailed Review Actions + Both actions accept the same inputs: -| Input | Description | Required | -| ------------------ | -------------------------------------- | -------- | -| `continue-api-key` | API key for Continue service | Yes | -| `continue-org` | Organization for Continue config | Yes | -| `continue-config` | Config path (e.g., "myorg/review-bot") | Yes | +| Input | Description | Required | Default | +| ------------------ | ---------------------------------------------- | -------- | ------- | +| `continue-api-key` | API key for Continue service | Yes | - | +| `continue-org` | Organization for Continue config | Yes | - | +| `continue-config` | Config path (e.g., "myorg/review-bot") | Yes | - | +| `use_github_app` | Use Continue Agent GitHub App for bot identity | No | `true` | ## Setup Requirements -### 1. Continue API Key +### 1. Continue API Key (Required) Add your Continue API key as a secret named `CONTINUE_API_KEY` in your repository: @@ -137,7 +314,41 @@ Add your Continue API key as a secret named `CONTINUE_API_KEY` in your repositor 4. Name: `CONTINUE_API_KEY` 5. Value: Your Continue API key -### 2. Continue Configuration +### 2. Continue Agent GitHub App (Recommended) + +To enable reviews with the `continue-agent[bot]` identity instead of `github-actions[bot]`: + +#### Option A: Install the Continue Agent App + +1. **Install the app**: Visit https://github.com/apps/continue-agent +2. **Grant repository access**: Select the repositories where you want to use Continue reviews +3. **Configure secrets and variables**: + - Add a **repository secret**: `CONTINUE_APP_PRIVATE_KEY` + - This should contain your GitHub App's private key (the entire .pem file content) + - Add a **repository variable**: `CONTINUE_APP_ID` + - This should contain your GitHub App's ID + +#### Option B: Use without GitHub App + +If you prefer to use the standard `github-actions[bot]` identity, add this to your workflow: + +```yaml +- uses: continuedev/continue/actions/general-review@main + with: + continue-api-key: ${{ secrets.CONTINUE_API_KEY }} + continue-org: "your-org-name" + continue-config: "your-org-name/review-bot" + use_github_app: false # Disable GitHub App integration +``` + +#### Benefits of Using the GitHub App + +- ✅ **Branded Identity**: Reviews appear as `continue-agent[bot]` with custom avatar +- ✅ **Better Rate Limits**: App rate limits scale with repository count +- ✅ **Professional Appearance**: Distinctive bot identity for your reviews +- ✅ **Enhanced Security**: Short-lived tokens (1 hour expiry) with automatic revocation + +### 3. Continue Configuration Set up your review bot configuration in Continue: @@ -145,7 +356,7 @@ Set up your review bot configuration in Continue: 2. Configure the review bot settings 3. Note your organization name and config path -### 3. Workflow Permissions +### 4. Workflow Permissions The workflow requires these permissions: @@ -224,6 +435,26 @@ uses: continuedev/continue/actions/general-review@64bda6b2b3dac1037e9895dbee4ce1 ## Troubleshooting +### GitHub App Installation Issues + +#### Error: "Continue Agent GitHub App is not installed or configured properly" + +This error means the GitHub App token could not be generated. Common causes: + +1. **App not installed**: Visit https://github.com/apps/continue-agent and install it +2. **Missing secrets/variables**: Ensure you've added: + - Secret: `CONTINUE_APP_PRIVATE_KEY` (the entire .pem file content) + - Variable: `CONTINUE_APP_ID` (your app's ID number) +3. **No repository access**: Check that the app has access to your repository +4. **Incorrect private key format**: Make sure you include the full private key with headers: + ``` + -----BEGIN RSA PRIVATE KEY----- + [key content] + -----END RSA PRIVATE KEY----- + ``` + +**Quick fix**: Set `use_github_app: false` in your workflow to bypass app authentication + ### Review not triggering - Ensure the PR author or commenter has appropriate permissions (OWNER, MEMBER, or COLLABORATOR) diff --git a/actions/base-review/action.yml b/actions/base-review/action.yml new file mode 100644 index 00000000000..961d47ed741 --- /dev/null +++ b/actions/base-review/action.yml @@ -0,0 +1,177 @@ +name: "Continue Base Review" +description: "Zero-config AI code review - just add this action and optionally an API key" +author: "Continue Dev, Inc." + +inputs: + continue-api-key: + description: "API key for Continue service (required)" + required: true + use_github_app: + description: "Use GitHub App for bot identity (defaults to true)" + default: "true" + required: false + continue-org: + description: "Organization for Continue config (optional)" + required: false + default: "continuedev" + continue-config: + description: "Config path to use (optional)" + required: false + default: "continuedev/review-bot" + app-id: + description: "GitHub App ID (optional, defaults to Continue Agent app)" + required: false + default: "1090372" # Continue Agent App ID + app-private-key: + description: "GitHub App Private Key (optional, defaults to repository secret)" + required: false + +runs: + using: "composite" + steps: + - name: Check trigger + id: check + shell: bash + run: | + # Determine if we should run based on event type + SHOULD_RUN="false" + REVIEW_TYPE="general" + CUSTOM_PROMPT="" + + if [ "${{ github.event_name }}" = "pull_request" ]; then + if [ "${{ github.event.pull_request.draft }}" != "true" ]; then + SHOULD_RUN="true" + fi + elif [ "${{ github.event_name }}" = "issue_comment" ]; then + if [ "${{ github.event.issue.pull_request }}" != "" ]; then + # Safely handle comment body to prevent injection + COMMENT_FILE=$(mktemp) + cat > "$COMMENT_FILE" << 'END_COMMENT' + ${{ github.event.comment.body }} + END_COMMENT + + # Check for @continue-agent mention + if grep -qi "@continue-agent" "$COMMENT_FILE"; then + SHOULD_RUN="true" + + # Extract custom prompt after @continue-agent (if any) + # This sanitizes the input by reading it as data, not executing it + CUSTOM_PROMPT=$(grep -i "@continue-agent" "$COMMENT_FILE" | sed 's/.*@continue-agent\s*//i' | head -1) + + # Check for review type keywords in the full comment + if grep -qi "detailed" "$COMMENT_FILE"; then + REVIEW_TYPE="detailed" + fi + fi + + rm -f "$COMMENT_FILE" + fi + fi + + # Write outputs safely + echo "should_run=$SHOULD_RUN" >> "$GITHUB_OUTPUT" + echo "review_type=$REVIEW_TYPE" >> "$GITHUB_OUTPUT" + + # Save custom prompt to a file to avoid issues with special characters + if [ -n "$CUSTOM_PROMPT" ]; then + echo "$CUSTOM_PROMPT" > custom_prompt.txt + echo "has_custom_prompt=true" >> "$GITHUB_OUTPUT" + else + echo "has_custom_prompt=false" >> "$GITHUB_OUTPUT" + fi + + # Debug output + echo "Event: ${{ github.event_name }}" + echo "Should run: $SHOULD_RUN" + echo "Review type: $REVIEW_TYPE" + echo "Has custom prompt: $([ -n "$CUSTOM_PROMPT" ] && echo "yes" || echo "no")" + + - name: Generate GitHub App Token + if: steps.check.outputs.should_run == 'true' && inputs.use_github_app == 'true' + id: app-token + uses: actions/create-github-app-token@v2 + with: + app-id: ${{ inputs.app-id || secrets.CONTINUE_APP_ID || '1090372' }} + private-key: ${{ inputs.app-private-key || secrets.CONTINUE_APP_PRIVATE_KEY }} + continue-on-error: true + + - name: Comment on App Installation + if: steps.check.outputs.should_run == 'true' && inputs.use_github_app == 'true' && steps.app-token.outcome == 'failure' + uses: actions/github-script@v7 + with: + github-token: ${{ github.token }} + script: | + const prNumber = context.payload.pull_request?.number || context.payload.issue?.number; + if (prNumber) { + await github.rest.issues.createComment({ + issue_number: prNumber, + owner: context.repo.owner, + repo: context.repo.repo, + body: `## 🤖 Continue Agent Setup\n\nI noticed the Continue Agent GitHub App isn't installed on this repository.\n\n**To enable AI-powered code reviews with proper bot identity:**\n\n1. 📱 [Install the Continue Agent app](https://github.com/apps/continue-agent)\n2. ✅ Grant it access to this repository\n3. 🔄 Re-run this workflow or comment \`@continue-agent\` to trigger a new review\n\n**Benefits of using the app:**\n- Reviews appear from the Continue Agent bot instead of github-actions\n- Better formatting and threading of review comments\n- Enhanced permissions for code analysis\n\n*Note: Reviews will still work without the app, but with limited features.*` + }); + } + + - name: Validate GitHub App Credentials + if: steps.check.outputs.should_run == 'true' && inputs.use_github_app == 'true' + shell: bash + run: | + # Validate that both app-id and app-private-key are provided together + if [ -n "${{ inputs.app-private-key }}" ] && [ -z "${{ inputs.app-id }}" ]; then + echo "::warning::app-private-key provided without app-id. Both are required for GitHub App authentication." + elif [ -n "${{ inputs.app-id }}" ] && [ -z "${{ inputs.app-private-key }}" ] && [ -z "${{ secrets.CONTINUE_APP_PRIVATE_KEY }}" ]; then + echo "::warning::app-id provided without app-private-key. Both are required for GitHub App authentication." + fi + + - name: Check Authorization + if: steps.check.outputs.should_run == 'true' + shell: bash + run: | + # Check user permissions for PR or comment events + AUTHORIZED="false" + + if [ "${{ github.event_name }}" = "pull_request" ]; then + AUTHOR_ASSOC="${{ github.event.pull_request.author_association }}" + if [ "$AUTHOR_ASSOC" = "OWNER" ] || [ "$AUTHOR_ASSOC" = "MEMBER" ] || [ "$AUTHOR_ASSOC" = "COLLABORATOR" ]; then + AUTHORIZED="true" + else + echo "::notice::Skipping review - PR author is not a team member (association: $AUTHOR_ASSOC)" + fi + elif [ "${{ github.event_name }}" = "issue_comment" ]; then + COMMENTER_ASSOC="${{ github.event.comment.author_association }}" + if [ "$COMMENTER_ASSOC" = "OWNER" ] || [ "$COMMENTER_ASSOC" = "MEMBER" ] || [ "$COMMENTER_ASSOC" = "COLLABORATOR" ]; then + AUTHORIZED="true" + else + echo "::notice::Skipping review - Commenter is not a team member (association: $COMMENTER_ASSOC)" + fi + fi + + if [ "$AUTHORIZED" != "true" ]; then + echo "should_run=false" >> "$GITHUB_OUTPUT" + exit 0 + fi + + - name: Pass Custom Prompt to Review + if: steps.check.outputs.should_run == 'true' && steps.check.outputs.has_custom_prompt == 'true' + shell: bash + run: | + # Append custom prompt to the review configuration + # This will be picked up by the detailed-review action + echo "CUSTOM_REVIEW_PROMPT<> "$GITHUB_ENV" + cat custom_prompt.txt >> "$GITHUB_ENV" + echo "EOF" >> "$GITHUB_ENV" + + - name: Run Continue Detailed Review + if: steps.check.outputs.should_run == 'true' + uses: continuedev/continue/actions/detailed-review@main + with: + continue-api-key: ${{ inputs.continue-api-key }} + continue-org: ${{ inputs.continue-org }} + continue-config: ${{ inputs.continue-config }} + use_github_app: ${{ inputs.use_github_app }} + app-id: ${{ inputs.app-id }} + app-private-key: ${{ inputs.app-private-key }} + github-token: ${{ steps.app-token.outputs.token || github.token }} + +branding: + icon: "code" + color: "blue" diff --git a/actions/detailed-review/action.yml b/actions/detailed-review/action.yml index 97c47018f9d..27f246facd0 100644 --- a/actions/detailed-review/action.yml +++ b/actions/detailed-review/action.yml @@ -1,23 +1,63 @@ -name: 'Continue Detailed PR Review' -description: 'Automated inline code review for pull requests using Continue CLI' -author: 'Continue Dev, Inc.' +name: "Continue Detailed PR Review" +description: "Automated inline code review for pull requests using Continue CLI" +author: "Continue Dev, Inc." inputs: continue-api-key: - description: 'API key for Continue service' + description: "API key for Continue service" required: true continue-org: - description: 'Organization for Continue config' + description: "Organization for Continue config" required: true continue-config: description: 'Config path to use (e.g., "myorg/review-bot")' required: true + use_github_app: + description: "Use GitHub App for bot identity (defaults to true)" + default: "true" + required: false + app-id: + description: "GitHub App ID (optional, defaults to Continue Agent app)" + required: false + default: "1090372" # Continue Agent App ID + app-private-key: + description: "GitHub App Private Key (optional, defaults to repository secret)" + required: false + github-token: + description: "GitHub token for API operations (optional, overrides app token)" + required: false runs: - using: 'composite' + using: "composite" steps: + - name: Generate GitHub App Token + if: inputs.use_github_app == 'true' && inputs.github-token == '' + id: app-token + uses: actions/create-github-app-token@v2 + with: + app-id: ${{ inputs.app-id || secrets.CONTINUE_APP_ID || '1090372' }} + private-key: ${{ inputs.app-private-key || secrets.CONTINUE_APP_PRIVATE_KEY }} + continue-on-error: true + + - name: Set GitHub Token + shell: bash + run: | + # Priority: provided token > app token > default token + if [ "${{ inputs.github-token }}" != "" ]; then + echo "GH_TOKEN=${{ inputs.github-token }}" >> $GITHUB_ENV + echo "Using provided GitHub token for operations" + elif [ "${{ inputs.use_github_app }}" = "true" ] && [ "${{ steps.app-token.outcome }}" = "success" ]; then + echo "GH_TOKEN=${{ steps.app-token.outputs.token }}" >> $GITHUB_ENV + echo "Using GitHub App token for operations" + else + echo "GH_TOKEN=${{ github.token }}" >> $GITHUB_ENV + echo "Using default GitHub Actions token" + fi + - name: Checkout Repository uses: actions/checkout@v4 + with: + token: ${{ env.GH_TOKEN }} - name: Check Authorization shell: bash @@ -26,8 +66,13 @@ runs: HAS_TRIGGER_PHRASE: ${{ contains(github.event.comment.body, '@continue-detailed-review') }} run: | # Check if this action should run based on event type and user permissions + # TODO: Future improvement - consolidate into a single action that responds to + # @continue-agent mentions with smart heuristics to determine review type: + # - "@continue-agent" or "@continue-agent review" -> general review + # - "@continue-agent detailed" or similar keywords -> detailed review + # This would provide a more natural bot interaction similar to Claude or GitHub Copilot SHOULD_RUN="false" - + if [ "${{ github.event_name }}" = "pull_request" ]; then # Check if PR is a draft if [ "${{ github.event.pull_request.draft }}" = "true" ]; then @@ -56,12 +101,12 @@ runs: else echo "::notice::Skipping review - Event type ${{ github.event_name }} is not supported" fi - + if [ "$SHOULD_RUN" != "true" ]; then echo "SKIP_REVIEW=true" >> $GITHUB_ENV exit 0 fi - + echo "SKIP_REVIEW=false" >> $GITHUB_ENV - name: Setup Node.js @@ -78,8 +123,6 @@ runs: - name: Build Inline Review Prompt if: env.SKIP_REVIEW != 'true' shell: bash - env: - GH_TOKEN: ${{ github.token }} run: | # Get PR number based on event type if [ "${{ github.event_name }}" = "pull_request" ]; then @@ -97,7 +140,7 @@ runs: # Annotate diff with GitHub API positions node ${{ github.action_path }}/annotate-diff.js pr_diff.txt > pr_diff_annotated.txt - + # Debug: Show sample of annotated diff echo "=== SAMPLE OF ANNOTATED DIFF ===" head -100 pr_diff_annotated.txt | grep -E "^\[POS:|^@@|^diff --git" || head -50 pr_diff_annotated.txt @@ -188,7 +231,7 @@ runs: echo "Error: continue-org input is required" exit 1 fi - + if [ -z "${{ inputs.continue-config }}" ]; then echo "Error: continue-config input is required" exit 1 @@ -213,7 +256,7 @@ runs: echo "Error: Invalid JSON output from Continue CLI" exit 1 fi - + # Use the JSON output directly cp inline_review_raw.json inline_review.json echo "Review output:" @@ -223,6 +266,7 @@ runs: if: env.SKIP_REVIEW != 'true' uses: actions/github-script@v7 with: + github-token: ${{ env.GH_TOKEN }} script: | const fs = require('fs'); @@ -358,8 +402,6 @@ runs: console.log('Failed to post review:', error.message); console.log('Error details:', error); } - env: - GITHUB_TOKEN: ${{ github.token }} - name: Upload Review Artifacts if: env.SKIP_REVIEW != 'true' && always() @@ -372,4 +414,4 @@ runs: inline_review_prompt.txt pr_diff.txt pr_diff_annotated.txt - retention-days: 7 \ No newline at end of file + retention-days: 7 diff --git a/actions/general-review/action.yml b/actions/general-review/action.yml index bf5e221e1f3..e7c60f05b76 100644 --- a/actions/general-review/action.yml +++ b/actions/general-review/action.yml @@ -1,23 +1,63 @@ -name: 'Continue PR Review' -description: 'Automated code review for pull requests using Continue CLI' -author: 'Continue Dev, Inc.' +name: "Continue PR Review" +description: "Automated code review for pull requests using Continue CLI" +author: "Continue Dev, Inc." inputs: continue-api-key: - description: 'API key for Continue service' + description: "API key for Continue service" required: true continue-org: - description: 'Organization for Continue config' + description: "Organization for Continue config" required: true continue-config: description: 'Config path to use (e.g., "myorg/review-bot")' required: true + use_github_app: + description: "Use GitHub App for bot identity (defaults to true)" + default: "true" + required: false + app-id: + description: "GitHub App ID (optional, defaults to Continue Agent app)" + required: false + default: "1090372" # Continue Agent App ID + app-private-key: + description: "GitHub App Private Key (optional, defaults to repository secret)" + required: false + github-token: + description: "GitHub token for API operations (optional, overrides app token)" + required: false runs: - using: 'composite' + using: "composite" steps: + - name: Generate GitHub App Token + if: inputs.use_github_app == 'true' && inputs.github-token == '' + id: app-token + uses: actions/create-github-app-token@v2 + with: + app-id: ${{ inputs.app-id || secrets.CONTINUE_APP_ID || '1090372' }} + private-key: ${{ inputs.app-private-key || secrets.CONTINUE_APP_PRIVATE_KEY }} + continue-on-error: true + + - name: Set GitHub Token + shell: bash + run: | + # Priority: provided token > app token > default token + if [ "${{ inputs.github-token }}" != "" ]; then + echo "GH_TOKEN=${{ inputs.github-token }}" >> $GITHUB_ENV + echo "Using provided GitHub token for operations" + elif [ "${{ inputs.use_github_app }}" = "true" ] && [ "${{ steps.app-token.outcome }}" = "success" ]; then + echo "GH_TOKEN=${{ steps.app-token.outputs.token }}" >> $GITHUB_ENV + echo "Using GitHub App token for operations" + else + echo "GH_TOKEN=${{ github.token }}" >> $GITHUB_ENV + echo "Using default GitHub Actions token" + fi + - name: Checkout Repository uses: actions/checkout@v4 + with: + token: ${{ env.GH_TOKEN }} - name: Check Authorization shell: bash @@ -26,8 +66,13 @@ runs: HAS_TRIGGER_PHRASE: ${{ contains(github.event.comment.body, '@continue-general-review') }} run: | # Check if this action should run based on event type and user permissions + # TODO: Future improvement - consolidate into a single action that responds to + # @continue-agent mentions with smart heuristics to determine review type: + # - "@continue-agent" or "@continue-agent review" -> general review + # - "@continue-agent detailed" or similar keywords -> detailed review + # This would provide a more natural bot interaction similar to Claude or GitHub Copilot SHOULD_RUN="false" - + if [ "${{ github.event_name }}" = "pull_request" ]; then # Check if PR is a draft if [ "${{ github.event.pull_request.draft }}" = "true" ]; then @@ -56,7 +101,7 @@ runs: else echo "::notice::Skipping review - Unsupported event type: ${{ github.event_name }}" fi - + echo "SHOULD_RUN=$SHOULD_RUN" >> $GITHUB_ENV - name: Setup Node.js @@ -73,8 +118,6 @@ runs: - name: Build PR Review Prompt if: env.SHOULD_RUN == 'true' shell: bash - env: - GH_TOKEN: ${{ github.token }} run: | # Get PR number based on event type if [ "${{ github.event_name }}" = "pull_request" ]; then @@ -162,7 +205,7 @@ runs: echo "Error: Invalid organization name. Must contain only alphanumeric characters, hyphens, and underscores." exit 1 fi - + if [[ ! "$CONTINUE_CONFIG" =~ ^[a-zA-Z0-9_/-]+$ ]]; then echo "Error: Invalid config path. Must contain only alphanumeric characters, hyphens, underscores, and forward slashes." exit 1 @@ -186,6 +229,7 @@ runs: if: env.SHOULD_RUN == 'true' && always() uses: actions/github-script@v7 with: + github-token: ${{ env.GH_TOKEN }} script: | const fs = require('fs'); @@ -229,5 +273,5 @@ runs: } branding: - icon: 'code' - color: 'blue' \ No newline at end of file + icon: "code" + color: "blue"