Code Review Sweep #1829
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Code Review Sweep | |
| on: | |
| schedule: | |
| # Every 15 minutes | |
| - cron: "*/15 * * * *" | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| # Prevent overlapping sweeps | |
| concurrency: | |
| group: code-review-sweep | |
| cancel-in-progress: false | |
| jobs: | |
| # --------------------------------------------------------------------------- | |
| # Job 1: Determine which modules to review | |
| # --------------------------------------------------------------------------- | |
| dispatch: | |
| # Only run on official repo, not forks | |
| if: github.repository == 'open-telemetry/opentelemetry-java-instrumentation' | |
| runs-on: ubuntu-latest | |
| outputs: | |
| matrix: ${{ steps.build-matrix.outputs.matrix }} | |
| has_work: ${{ steps.build-matrix.outputs.has_work }} | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| fetch-depth: 1 | |
| - name: Fetch progress branch | |
| run: git fetch origin otelbot/code-review-progress || true | |
| - name: Build review matrix | |
| id: build-matrix | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| # Read progress from the dedicated orphan branch (if it exists) | |
| progress=$(git show origin/otelbot/code-review-progress:reviewed.txt 2>/dev/null || true) | |
| if [[ -n "$progress" ]]; then | |
| export REVIEW_PROGRESS="$progress" | |
| fi | |
| python .github/scripts/build-review-matrix.py | |
| # --------------------------------------------------------------------------- | |
| # Job 2: Run copilot review for each module in the matrix | |
| # --------------------------------------------------------------------------- | |
| review: | |
| needs: dispatch | |
| if: needs.dispatch.outputs.has_work == 'true' | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: ${{ fromJSON(needs.dispatch.outputs.matrix) }} | |
| fail-fast: false | |
| max-parallel: 3 # keep low to avoid Copilot API rate limits | |
| environment: protected | |
| permissions: | |
| contents: write # for git push | |
| env: | |
| MODULE_DIR: ${{ matrix.module_dir }} | |
| SHORT_NAME: ${{ matrix.short_name }} | |
| MODEL: "gpt-5.4" | |
| COPILOT_OUTPUT: /tmp/copilot-output.jsonl | |
| FINAL_ASSISTANT_MESSAGE: /tmp/final-assistant-message.txt | |
| REVIEW_REPORT: /tmp/review-report.json | |
| REVIEW_DIAGNOSTICS: /tmp/review-diagnostics.txt | |
| PR_BODY: /tmp/pr-body.md | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Fetch progress branch | |
| run: git fetch origin otelbot/code-review-progress || true | |
| - name: Free disk space | |
| run: .github/scripts/gha-free-disk-space.sh | |
| - name: Set up JDK for running Gradle | |
| uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0 | |
| with: | |
| distribution: temurin | |
| java-version-file: .java-version | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@50e97c2cd7a37755bbfafc9c5b7cafaece252f6e # v6.1.0 | |
| with: | |
| cache-read-only: true | |
| - name: Install Copilot CLI | |
| run: | | |
| curl -fsSL https://gh.io/copilot-install | bash | |
| echo "$HOME/.local/bin" >> "$GITHUB_PATH" | |
| - name: Use CLA approved bot | |
| run: .github/scripts/use-cla-approved-bot.sh | |
| - name: Check out review branch | |
| run: | | |
| branch="otelbot/code-review-${SHORT_NAME//:/-}" | |
| git checkout -B "$branch" origin/main | |
| - name: Run Copilot review | |
| id: copilot-review | |
| env: | |
| COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} | |
| COPILOT_REVIEW_PROMPT_TEMPLATE: >- | |
| Review all files under __MODULE_DIR__. Apply safe repository-guideline fixes directly. | |
| Return ONLY a valid JSON object as your final answer with this exact schema: | |
| {"summary": string, "changes": [{"path": string, "category": string, "change": string, "reason": string, "line_hint": number|null}], "unresolved": [{"path": string, "reason": string}]} | |
| Include one changes entry for every file you changed. | |
| Use concise factual reasons that cite the review guideline or repository rule behind each change. | |
| In `summary`, `change`, and `reason`, use Markdown inline code backticks around code-like constructs when helpful, | |
| including annotations, class names, method names, field names, file names, Gradle tasks, commands, flags, and config keys. | |
| If no safe fixes were applied, still return valid JSON with an empty changes array and a brief summary. | |
| Do not write markdown and do not wrap the JSON in code fences. | |
| run: | | |
| rm -f "$COPILOT_OUTPUT" | |
| rm -f "$FINAL_ASSISTANT_MESSAGE" | |
| rm -f "$REVIEW_REPORT" | |
| echo "::group::Copilot review ($MODEL) for $MODULE_DIR" | |
| prompt=${COPILOT_REVIEW_PROMPT_TEMPLATE/__MODULE_DIR__/$MODULE_DIR} | |
| copilot -p "$prompt" \ | |
| --agent code-review-and-fix \ | |
| --model "$MODEL" \ | |
| --output-format json \ | |
| --silent \ | |
| --stream off \ | |
| --yolo \ | |
| > "$COPILOT_OUTPUT" | |
| echo "::endgroup::" | |
| - name: Extract review report | |
| id: extract-review-report | |
| run: | | |
| python .github/scripts/code-review-extract-report.py \ | |
| --input "$COPILOT_OUTPUT" \ | |
| --final-message-output "$FINAL_ASSISTANT_MESSAGE" \ | |
| --output "$REVIEW_REPORT" | |
| echo "::group::Extracted review report" | |
| python -m json.tool "$REVIEW_REPORT" | |
| echo "::endgroup::" | |
| - name: Generate review diagnostics | |
| if: always() | |
| run: | | |
| python .github/scripts/code-review-jsonl-diagnostics.py --input "$COPILOT_OUTPUT" > "$REVIEW_DIAGNOSTICS" | |
| - name: Dump review diagnostics on failure | |
| if: failure() | |
| run: | | |
| echo "::group::Copilot JSONL diagnostics" | |
| cat "$REVIEW_DIAGNOSTICS" | |
| echo "::endgroup::" | |
| if [[ -f "$FINAL_ASSISTANT_MESSAGE" ]]; then | |
| echo "::group::Extracted final assistant message" | |
| cat "$FINAL_ASSISTANT_MESSAGE" | |
| echo "::endgroup::" | |
| fi | |
| if [[ -f "$REVIEW_REPORT" ]]; then | |
| echo "::group::Partial extracted review report" | |
| cat "$REVIEW_REPORT" | |
| echo "::endgroup::" | |
| fi | |
| if [[ -f "$COPILOT_OUTPUT" ]]; then | |
| echo "::group::Raw Copilot JSONL" | |
| cat "$COPILOT_OUTPUT" | |
| echo "::endgroup::" | |
| fi | |
| - name: Prepare diagnostics artifact name | |
| if: always() | |
| id: diagnostics-artifact-name | |
| run: | | |
| echo "name=code-review-diagnostics-${SHORT_NAME//:/-}" >> "$GITHUB_OUTPUT" | |
| - name: Upload review diagnostics artifact | |
| if: always() | |
| id: upload-review-diagnostics | |
| uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 | |
| with: | |
| name: ${{ steps.diagnostics-artifact-name.outputs.name }} | |
| path: | | |
| /tmp/copilot-output.jsonl | |
| /tmp/final-assistant-message.txt | |
| /tmp/review-report.json | |
| /tmp/review-diagnostics.txt | |
| if-no-files-found: ignore | |
| - name: Prepare PR body | |
| run: | | |
| python .github/scripts/code-review-pr-body.py \ | |
| --input "$REVIEW_REPORT" \ | |
| --output "$PR_BODY" \ | |
| --module-dir "$MODULE_DIR" \ | |
| --model "$MODEL" \ | |
| --artifact-url "${{ steps.upload-review-diagnostics.outputs.artifact-url }}" | |
| - name: Commit and push fixes | |
| id: commit | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| branch="otelbot/code-review-${SHORT_NAME//:/-}" | |
| # Skip if a PR already exists — a maintainer may have pushed follow-up commits | |
| existing=$(gh pr list --head "$branch" --state open --json number --jq 'length') | |
| if [[ "$existing" -ne 0 ]]; then | |
| echo "PR already exists for $branch — skipping to avoid overwriting maintainer changes" | |
| exit 0 | |
| fi | |
| # Reset any copilot commits back to origin/main, keeping changes staged | |
| base_sha=$(git rev-parse origin/main) | |
| git reset --soft "$base_sha" | |
| # Stage everything and check if there are real changes vs origin/main | |
| git add -A | |
| if git diff --cached --quiet origin/main; then | |
| echo "No changes to submit" | |
| exit 0 | |
| fi | |
| git commit -m "Review fixes for ${SHORT_NAME}" \ | |
| -m "Automated code review of ${MODULE_DIR}." | |
| git push -f origin "$branch" | |
| echo "pushed=true" >> "$GITHUB_OUTPUT" | |
| - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1 | |
| id: otelbot-token | |
| if: steps.commit.outputs.pushed == 'true' | |
| with: | |
| app-id: ${{ vars.OTELBOT_APP_ID }} | |
| private-key: ${{ secrets.OTELBOT_PRIVATE_KEY }} | |
| - name: Create PR | |
| if: steps.commit.outputs.pushed == 'true' | |
| env: | |
| GH_TOKEN: ${{ steps.otelbot-token.outputs.token }} | |
| run: | | |
| branch="otelbot/code-review-${SHORT_NAME//:/-}" | |
| # Create PR (skip if one already exists for this branch) | |
| existing=$(gh pr list --head "$branch" --state open --json number --jq 'length') | |
| if [[ "$existing" -eq 0 ]]; then | |
| gh pr create \ | |
| --title "Review fixes for ${SHORT_NAME}" \ | |
| --body-file "$PR_BODY" \ | |
| --base main \ | |
| --head "$branch" \ | |
| --label "automated code review" | |
| else | |
| echo "PR already exists for $branch — skipping creation" | |
| fi | |
| - name: Ensure progress branch exists | |
| run: | | |
| if ! git rev-parse --verify origin/otelbot/code-review-progress >/dev/null 2>&1; then | |
| git checkout --orphan otelbot/code-review-progress | |
| git reset --hard | |
| git commit --allow-empty -m "Initialize progress tracking" | |
| git push origin HEAD:otelbot/code-review-progress || true | |
| fi | |
| - name: Check out progress branch | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| ref: otelbot/code-review-progress | |
| path: progress | |
| - name: Mark module as reviewed | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| cd progress | |
| git config user.name otelbot | |
| git config user.email 197425009+otelbot@users.noreply.github.com | |
| # Append this module (one per line, matching build-review-matrix.py) | |
| echo "$SHORT_NAME" >> reviewed.txt | |
| git add reviewed.txt | |
| git commit -m "Mark $SHORT_NAME as reviewed" | |
| git push origin HEAD:otelbot/code-review-progress |