--- url: /en/build/showcase/ai-review.md --- With AI capabilities, you can let pipelines automatically review Pull Requests (PRs), quickly discovering potential issues and improving code quality. **Cloud Native Build** supports two ways to perform AI code reviews. You can choose the method that suits your scenario. ## Token Overview The pipeline provides three NPC-related environment variables. They all have the same permissions and represent the pipeline trigger, only differing in which NPC role they represent: | Environment Variable | Description | |---------------------|-------------| | `CNB_TOKEN` | When mentioning a custom NPC role, represents the mentioned custom role | | `CNB_TOKEN_FOR_CODEBUDDY` | When mentioning the system role CodeBuddy, represents the system role CodeBuddy | | `CNB_TOKEN_FOR_AI` | Can be used by users in non-NPC pipelines as needed | ## Comparison | Comparison | Method 1: AI Review Plugin | Method 2: NPC Event | |------------|---------------------------|---------------------| | Trigger | Automatic via pipeline | Mention NPC in PR comment | | Token used | `CNB_TOKEN_FOR_AI` | `CNB_TOKEN` (custom role) or `CNB_TOKEN_FOR_CODEBUDDY` (system role) | | Use case | Auto-review every PR event | On-demand review, flexible control | | Config location | `.cnb.yml` pipeline config | `.cnb.yml` + `.cnb/settings.yml` (custom role) | ## Method 1: Use AI Review Plugin Use the `cnbcool/ai-review` image as a pipeline plugin to automatically perform code review when PR events are triggered. ### Configuration Example ```yaml title=".cnb.yml" main: pull_request: - stages: - name: Code Review image: cnbcool/ai-review:latest settings: type: code-review ``` ### How It Works 1. When a PR is created or updated on the `main` branch, the pipeline is automatically triggered. 2. The pipeline can use the `CNB_TOKEN_FOR_AI` environment variable to call the OpenAPI AI capability. 3. The AI reviews the code changes in the PR and submits review results as comments on the PR. ### Use Cases * Automatically get AI review feedback on every PR * Enforce quality checks before merging code ## Method 2: Trigger NPC Event Mention an NPC role in a PR comment to trigger the NPC event pipeline and perform AI review. ### How to Trigger * **System NPC**: Simply mention `@CodeBuddy` in the PR comment, for example: ```text @CodeBuddy Code review ``` * **Custom NPC**: First [configure a custom NPC role](../npc.md#custom-npc) in your repository, then mention it in the PR comment, for example: ```text @cnb/feedback(评审专家) Code review ``` ### NPC Event How It Works 1. When someone comments and mentions an NPC in a PR, it triggers the `pull_request.comment@npc` event. 2. The system loads the `.cnb.yml` configuration from the NPC's repository and parses the corresponding role's event pipeline. 3. The pipeline calls the OpenAPI AI capability using the token: * When mentioning a custom NPC, uses `CNB_TOKEN`, representing the mentioned custom role * When mentioning the system role CodeBuddy, uses `CNB_TOKEN_FOR_CODEBUDDY`, representing the system role CodeBuddy 4. The review results are submitted to the PR comment with the NPC's identity. For detailed configuration, see [NPC](../npc.md). ### NPC Event Use Cases * Trigger review on demand instead of every PR automatically * Use custom review roles and styles * Let NPC perform other automation tasks during the review ## Notes * Both methods require ensuring the pipeline has sufficient permissions to access the code repository and submit comments. * When the NPC event pipeline runs, its TOKEN permissions are limited to the current repository. * If you need to make code changes during review, you can enable [NPC Work Mode](../npc.md#work-mode).