Skip to content

Add portable local PR review workflow#10

Merged
amikofalvy merged 4 commits intomainfrom
varun/ws1-portable-review
Mar 18, 2026
Merged

Add portable local PR review workflow#10
amikofalvy merged 4 commits intomainfrom
varun/ws1-portable-review

Conversation

@vnv-varun
Copy link
Contributor

@vnv-varun vnv-varun commented Mar 17, 2026
edited
Loading

Summary

This PR implements Nick's draft proposal in #6: make the PR review system portable so the same review shape can run locally before a PR exists.

Today, the strongest review machinery in team-skills assumes a GitHub PR already exists. This change makes that review flow usable before push and before PR creation, so an autonomous /ship run can review its own branch locally, fix validated issues, and only then open a draft PR.

Concretely, the new behavior is:

  • stage the review bundle into the target repo
  • generate PR context from local git state
  • run the multi-agent review flow locally
  • write a markdown review artifact to tmp/ship/review-output.md
  • let /ship use that artifact as a bounded pre-push gate

Key decisions

  • Keep reviewer selection and adjudication shared between GitHub and local modes. Local mode changes delivery only: it writes markdown findings instead of pending review comments.
  • Stage the review bundle into tmp/ship/pr-review-plugin and execute the staged copy from the target repo so feature repos do not need to vendor ci/pr-review.
  • In Docker mode, run local review from a slim temporary workspace copy that excludes heavy local-only trees like .claude/worktrees; this avoids container hangs from repo-local Claude state while preserving git state and copying review artifacts back.
  • In Docker mode, prefer a validated Anthropic API key first, then fall back to host-backed claude.ai credentials only if no valid API key is available.

What changed

  • Added ci/pr-review/agents/pr-review-local.md and ci/pr-review/agents/references/pr-review-core-workflow.md.
  • Added local review scripts: detect-target-branch.sh, generate-pr-context.sh, and pr-review.sh.
  • Added ship helpers: run-local-review.sh and stage-local-review-bundle.sh.
  • Updated pr-review-output-contract for local repo-relative citations.
  • Updated /ship docs, stop-hook guidance, and PR-creation timing to make the local review gate a bounded pre-push step.
  • Updated ci/pr-review/README.md to document the new local entrypoints and durable run artifacts.
  • Added wrapper hardening so a valid local review artifact can be treated as success even if Claude exits nonzero after writing it, while still recording the raw exit code in run metadata.
  • Added Docker auth hardening so run-local-review.sh validates API key sources, prefers a working repo or shell API key, and falls back to host-backed claude.ai credentials only when needed.

Validation

  • bash -n on the new and updated shell scripts.
  • End-to-end Docker-mode run from code/agents on branch codex/preview-auto-followup-2440-clean using .ai-dev/docker-compose.yml.
  • Verified the run stages the bundle, auto-detects main as the target branch, generates local pr-context, writes tmp/ship/review-output.md, and copies durable artifacts back under tmp/ship/local-review-runs/.
  • Verified the Docker path now runs Claude from /tmp/local-review-workspace instead of the mounted /workspace repo, which avoids recursing through the repo's 9.1 GB .claude/worktrees tree during startup.
  • Validation artifact from the successful writeback case: code/agents/tmp/ship/local-review-runs/20260317T134310Z-codex-preview-auto-followup-2440-clean-9410/review-output.md.
  • Traced the earlier Docker auth failure to a stale shell ANTHROPIC_API_KEY that overrode a different valid key in code/agents/.env.
  • Validated the repo-local Anthropic key against https://api.anthropic.com/v1/models.
  • Verified direct sandbox Claude execution with the validated repo key via claude -p "reply with OK only" --dangerously-skip-permissions --max-turns 1, which returned OK.
  • Verified a full API-key-backed local review pass completed and produced a real markdown review summary under the corrected auth path.

Notes

  • Nick's PR proposal: portable code review system #6 was a design proposal, not an implementation. This PR is the implementation of that design plus the Docker and runtime hardening needed to make it work against the real code/agents isolated environment.
  • The review findings emitted by the end-to-end validation are findings on the target code/agents branch being reviewed, not failures in the local-review transport itself.

@vnv-varun
Add portable local PR review workflow
73e1a49
@vnv-varun
Merge remote-tracking branch 'origin/main' into varun/ws1-portable-re…
412c687 
…view

# Conflicts:
#	ci/pr-review/agents/pr-review.md
#	ci/pr-review/skills/pr-review-output-contract/SKILL.md
#	plugins/eng/skills/ship/SKILL.md
@vnv-varun
Treat valid local review artifacts as success
e5122be
@vnv-varun
Prefer validated API key for local review
1353b2d
@vnv-varun vnv-varun mentioned this pull request Mar 17, 2026
Merged
6 tasks
@vnv-varun vnv-varun marked this pull request as ready for review March 17, 2026 13:54
@vnv-varun vnv-varun requested a review from nick-inkeep March 17, 2026 14:18
@amikofalvy amikofalvy merged commit b292af0 into main Mar 18, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nick-inkeep nick-inkeep Awaiting requested review from nick-inkeep

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@vnv-varun @amikofalvy