Skip to content

Implement multi-AI PR automation with intelligent auto-merge#3

Draft
Copilot wants to merge 4 commits intomainfrom
copilot/implement-ci-cd-pr-automation
Draft

Implement multi-AI PR automation with intelligent auto-merge#3
Copilot wants to merge 4 commits intomainfrom
copilot/implement-ci-cd-pr-automation

Conversation

Copy link

Copilot AI commented Jan 25, 2026
edited
Loading

Adds comprehensive PR automation system with parallel AI reviews (CodeRabbit, Claude, Codex), content-based auto-labeling, and safe auto-merge logic.

Workflows

Main Orchestrator (.github/workflows/pr-automation.yml)

  • Content-based labeling: implementation, enhancement, bugfix, documentation, dependencies, ci-cd, tests
  • Triggers parallel AI reviews on PR open/update
  • Integrates with chittyfoundation/ops canonical checks

AI Reviews

  • .github/workflows/ai-review-claude.yml - Claude 3.5 Sonnet for deep analysis
  • .github/workflows/ai-review-codex.yml - GPT-4 Turbo for implementation quality + static checks

Both post review comments and set commit statuses for auto-merge evaluation.

Auto-Merge (.github/workflows/auto-merge.yml)
Evaluates on check/status completion:

  • All CI passes
  • AI reviews complete without critical issues
  • No conflicts, up-to-date with base
  • Not draft, no do-not-merge/wip labels
  • Merge state: CLEAN, HAS_HOOKS, or UNSTABLE

Enables squash-merge when conditions met, posts informative status comments.

Branch Cleanup (.github/workflows/auto-delete-branch.yml)
Deletes source branch post-merge, skips protected patterns and forks.

Configuration

.github/coderabbit.yml

  • Project-specific review rules and path instructions
  • Enhanced secret detection: (password|secret|api[_-]?key|token|private[_-]?key|access[_-]?key)
  • Complexity threshold: 15, profile: chill

Secrets Required

Organization-level:

  • ANTHROPIC_API_KEY - Claude API
  • OPENAI_API_KEY - Codex API
  • CHITTYCONNECT_API_KEY - Already configured

Design Notes

  • 50KB diff limit for AI APIs with truncation warnings
  • Diff size checked and logged for large PRs
  • All workflows reusable across chittyos/chittyapps/chittycorp/furnished-condos/chicagoapps
  • Follows existing ChittyConnect ephemeral credentials pattern
  • CodeQL validated: 0 security issues

Usage

# Prevent auto-merge
gh pr edit {PR} --add-label "do-not-merge"

# Manual trigger AI reviews
gh workflow run ai-review-claude.yml -f pr_number={PR} -f pr_sha={SHA}

# Check auto-merge eligibility
gh workflow run auto-merge.yml -f pr_number={PR}

Documentation in PR_AUTOMATION.md covers setup, configuration, and troubleshooting.

Original prompt

CI/CD PR Automation Implementation

Create comprehensive GitHub Actions workflows for automated PR management across the organization.

Requirements

1. AI Review Integration

Implement multi-AI review system using:

  • CodeRabbit AI: Primary automated code review (GitHub App integration)
  • Claude (Anthropic): Secondary code analysis and review comments
  • OpenAI Codex: Code quality and implementation verification

2. Auto-Assignment & Labeling

  • Auto-assign PRs to AI reviewers on creation
  • Auto-label PRs based on content:
    • implementation - new features/functionality
    • enhancement - improvements to existing code
    • bugfix - bug fixes
    • documentation - doc changes
    • dependencies - dependency updates

3. Canonical Reviews Integration

  • Integrate with chittyfoundation/ops for core and canonical review checks
  • Reference shared workflows from chittyfoundation/ops/.github/workflows/
  • Ensure compliance with organization-wide standards

4. Auto-Merge Logic

Auto-merge PRs when ALL conditions are met:

  • ✅ All CI/CD checks pass
  • ✅ CodeRabbit AI review approved
  • ✅ Claude analysis completed
  • ✅ Codex verification passed
  • ✅ Canonical checks from chittyfoundation/ops pass
  • ✅ No merge conflicts
  • ✅ Branch is up to date with base branch
  • ✅ Required approvals obtained (if configured)

5. Auto-Delete Branch

  • Automatically delete branch after successful merge
  • Only delete if merge was successful
  • Skip deletion for protected branches

Implementation Files Needed

.github/workflows/pr-automation.yml

Main workflow that triggers on PR events (opened, synchronize, reopened):

  • Auto-assign CodeRabbit AI
  • Trigger Claude and Codex reviews
  • Auto-label based on PR content
  • Call canonical checks from chittyfoundation/ops

.github/workflows/ai-review-claude.yml

Claude integration workflow:

  • Use Anthropic API (ANTHROPIC_API_KEY secret)
  • Analyze PR diff and provide review comments
  • Post results as PR comments
  • Set commit status

.github/workflows/ai-review-codex.yml

OpenAI Codex integration workflow:

  • Use OpenAI API (OPENAI_API_KEY secret)
  • Verify code implementation quality
  • Check for common issues
  • Post results as PR comments

.github/workflows/auto-merge.yml

Auto-merge workflow that triggers when checks complete:

  • Verify all required checks passed
  • Verify AI reviews approved
  • Enable auto-merge via GitHub API
  • Use GITHUB_TOKEN for authentication

.github/workflows/auto-delete-branch.yml

Branch cleanup workflow triggered on PR close:

  • Check if PR was merged
  • Delete source branch automatically
  • Skip protected branches

.github/coderabbit.yml

CodeRabbit AI configuration:

  • Review rules and patterns
  • Auto-review settings
  • Integration preferences

Configuration Requirements

GitHub Secrets to Configure:

  • ANTHROPIC_API_KEY - Claude API access
  • OPENAI_API_KEY - Codex API access
  • GITHUB_TOKEN - Automatically provided, used for API calls

GitHub App Installation:

  • CodeRabbit AI must be installed on the organization

Repository Settings:

  • Enable "Allow auto-merge" in repository settings
  • Configure branch protection rules as needed
  • Enable GitHub Actions

Integration with chittyfoundation/ops

Reference shared canonical workflows using:

jobs:
  canonical-checks:
    uses: chittyfoundation/ops/.github/workflows/canonical-review.yml@main
    secrets: inherit

Success Criteria

  1. PRs automatically get AI reviews from all three services
  2. PRs are automatically labeled based on content
  3. PRs auto-merge when all conditions are met
  4. Branches are auto-deleted after successful merge
  5. Integration with chittyfoundation/ops canonical checks works
  6. All workflows are reusable across organizations

Notes

  • Workflows should be designed to be copied to other repos in: chittyos, chittyapps, chittycorp, furnished-condos, chicagoapps
  • Use best practices for GitHub Actions (proper error handling, status checks, etc.)
  • Include detailed comments in workflow files
  • Ensure workflows are efficient and don't waste Actions minutes

This pull request was created from Copilot chat.

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

@chitcommit chitcommit self-requested a review January 25, 2026 07:05
Copilot AI and others added 3 commits January 25, 2026 07:10
@chitcommit
Add comprehensive PR automation workflows
a22dbcd 
- pr-automation.yml: Main workflow for auto-labeling and AI review triggering
- ai-review-claude.yml: Claude/Anthropic AI code review integration
- ai-review-codex.yml: OpenAI Codex code review integration
- auto-merge.yml: Intelligent auto-merge logic with comprehensive checks
- auto-delete-branch.yml: Automatic branch cleanup after merge
- coderabbit.yml: CodeRabbit AI configuration with project-specific rules

Co-authored-by: chitcommit <208086304+chitcommit@users.noreply.github.com>
@chitcommit
Add comprehensive PR automation documentation
85109b8 
- PR_AUTOMATION.md: Complete guide for PR automation workflows
- Update CICD-Quick-Reference.md with PR automation commands
- Update README.md to highlight PR automation features
- Document AI review integration, auto-merge, and auto-delete

Co-authored-by: chitcommit <208086304+chitcommit@users.noreply.github.com>
@chitcommit
Address code review feedback - improve workflows
489c9c3 
- Fix JQ filter in auto-merge.yml (proper variable interpolation)
- Add comments explaining merge state values
- Improve secret detection patterns (more comprehensive)
- Add diff truncation warnings for large PRs
- Expand dependency file patterns to include more formats
- Validate all YAML files successfully

Co-authored-by: chitcommit <208086304+chitcommit@users.noreply.github.com>
Copilot AI changed the title [WIP] Implement CI/CD PR automation with AI review integration Implement multi-AI PR automation with intelligent auto-merge Jan 25, 2026
chitcommit added a commit that referenced this pull request Feb 9, 2026
@chitcommit @claude
fix: Address security and correctness issues from code review
5fb354f 
Critical fixes:
- Fix command injection in remediate.js: switch from execSync with
  string interpolation to execFileSync with argument arrays (#1)
- Fix shell injection in github-checker.js: all execSync calls
  replaced with execFileSync using argument arrays (#2)
- Fix audit:service arg parsing: parser now handles both --service=NAME
  and --service NAME formats (#3)

Significant fixes:
- Fix onboard-service.sh YAML append: use python3 for org-aware
  insertion instead of blind file append (#4)
- Clarify checks.yml as reference doc, remove unused loadChecks()
  method from audit engine (#5)
- Add compliance/README.md so remediation issue links work (#7)
- Remove dead parseSimpleYaml fallback, use js-yaml directly (#8)

Minor fixes:
- Fix inverted return codes in deploy_file/deploy_template/deploy_workflow
  to follow bash convention (0=success, 1=skip) (#9)
- Add cleanup trap to setup-org-workflows.sh to remove /tmp clones (#10)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chitcommit chitcommit Awaiting requested review from chitcommit

Copilot code review Copilot Awaiting requested review from Copilot Copilot will automatically review once the pull request is marked ready for review

At least 1 approving review is required to merge this pull request.

Assignees

Copilot code review Copilot

@chitcommit chitcommit

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@chitcommit