AI Review
About 394 wordsAbout 1 min
With AI capabilities, you can have pipelines automatically review Pull Requests (PRs), quickly discovering potential issues and improving code quality.
Cloud Native Build supports two ways to perform AI code review:
| Comparison | AI Review Plugin | NPC Event |
|---|---|---|
| Trigger | Automatically on PR events | On-demand via NPC mention in PR comment |
| Use case | Auto-review every PR | On-demand review, flexible control |
| Configuration | .cnb.yml in current repo | No config needed (custom NPC defined in NPC repo) |
Both methods use the CNB_TOKEN environment variable to call platform APIs. When mentioning a custom NPC role, the token represents the mentioned role's identity.
Use AI Review Plugin
Use the cnbcool/code-review plugin to automatically perform code review when PR events are triggered. This plugin is based on CodeBuddy CLI, supports multiple programming languages, automatically filters non-code files, and submits review results as comments on the PR.
Configuration Example
main:
pull_request:
- stages:
- name: Code Review
image: cnbcool/code-review:latest
settings:
comment: true
max_comments: 10
fail_on_critical: falseFor more configuration options, see the cnbcool/code-review plugin.
Trigger via NPC Event
Mention an NPC role in a PR comment to trigger the pull_request.comment@npc event, which runs an NPC pipeline to perform AI review.
How to Trigger
- System NPC: Mention
@CodeBuddyin the PR comment:
@CodeBuddy Code review- Custom NPC: First configure a custom NPC role, then mention it in the PR comment:
@cnb/feedback(Review Expert) Code reviewHow It Works
- Mentioning an NPC in a PR comment triggers the
pull_request.comment@npcevent. - The system loads the
.cnb.ymlfrom the NPC's repository and executes the corresponding event pipeline. - The pipeline uses
CNB_TOKENto call AI capabilities for review, and results are submitted as PR comments under the NPC's identity.
For detailed configuration, see NPC documentation.
Notes
- Both methods require the pipeline to have permissions to access the repository and submit comments.
- When triggered by an NPC event, the TOKEN permissions are limited to the current repository.
- If you need to modify code during review, enable NPC Work Mode.