Skip to content

priyanshupardhi/code-review-ai

BranchesTags

Repository files navigation

Autonomous Code Review Agent

An AI-powered code review service that automatically analyzes GitHub pull requests using FastAPI, Celery, and OpenAI/Ollama.

Overview

This service provides automated code review capabilities by:

  • Fetching PR diffs and files from GitHub
  • Analyzing code using AI (OpenAI GPT or local Ollama)
  • Returning structured feedback with issues and suggestions
  • Processing requests asynchronously with Celery workers

Features

  • 🔍 AI Code Analysis - Uses OpenAI GPT or local Ollama models
  • Async Processing - FastAPI + Celery for scalable background tasks
  • 🔒 API Protection - Rate limiting and optional API key authentication
  • 🐳 Docker Ready - Complete Docker Compose setup
  • ☁️ Cloud Deployable - Railway, Render, Fly.io configurations
  • 📊 Structured Results - JSON responses with categorized issues
  • 🚀 Production Ready - Health checks, logging, and monitoring

Quick Start

Prerequisites

  • Python 3.9+
  • Docker & Docker Compose
  • OpenAI API key OR Ollama (for local AI)

Local Development

  1. Clone and setup:

    git clone https://github.com/priyanshupardhi/code-review-ai.git
cd code-review-ai

  2. Create environment file:

    # Copy example environment file
cp env.example .env

# Edit .env with your configuration
nano .env

  3. Run with Docker:

    docker-compose up --build

  4. Test the API:

    curl -X POST "http://localhost:8000/api/analyze-pr" \
  -H "Content-Type: application/json" \
  -d '{"repo_url": "https://github.com/user/repo", "pr_number": 1}'

API Documentation

Base URL

  • Local: http://localhost:8000
  • Production: https://your-app.railway.app

Authentication

  • Optional API Key: Include X-API-Key header for protection
  • Rate Limiting: 2 requests per minute (configurable)

Endpoints

1. Health Check

GET /health

Response:

{
  "status": "healthy",
  "service": "code-review-agent"
}

2. Analyze Pull Request

POST /api/analyze-pr
Content-Type: application/json
X-API-Key: your-api-key (optional)

Request Body:

{
  "repo_url": "https://github.com/user/repo",
  "pr_number": 1,
  "github_token": "optional-github-token"
}

Response:

{
  "task_id": "abc123-def456-ghi789"
}

3. Check Analysis Status

GET /api/status/{task_id}

Response:

{
  "task_id": "abc123-def456-ghi789",
  "status": "PROCESSING" // PENDING, PROCESSING, SUCCESS, FAILURE
}

4. Get Analysis Results

GET /api/results/{task_id}

Response:

{
  "task_id": "abc123-def456-ghi789",
  "status": "completed",
  "results": {
    "files": [
      {
        "name": "main.py",
        "issues": [
          {
            "type": "style",
            "line": 15,
            "description": "Line too long",
            "suggestion": "Break line into multiple lines",
            "severity": "low"
          }
        ]
      }
    ],
    "summary": {
      "total_files": 1,
      "total_issues": 1,
      "critical_issues": 0
    }
  }
}

Error Responses

400 Bad Request

{
  "detail": "Invalid request data"
}

401 Unauthorized

{
  "detail": "Invalid or missing API key"
}

429 Too Many Requests

{
  "detail": "Rate limit exceeded. Try again later."
}

404 Not Found

{
  "detail": "Results not ready or task failed"
}

Deployment

Railway (Recommended)

  1. Connect your GitHub repo to Railway
  2. Add Redis service from marketplace
  3. Set environment variables:
    • OPENAI_API_KEY
    • CELERY_BROKER_URL (from Redis service)
    • CELERY_RESULT_BACKEND (from Redis service)
    • REDIS_URL (from Redis service)
    • SECRET_KEY (generate a strong key)

Other Platforms

  • Render: Use render.yaml configuration
  • Fly.io: Use fly.toml configuration
  • Any Docker platform: Use Dockerfile.prod

Design Decisions

Architecture Choices

1. FastAPI + Celery Architecture

  • FastAPI: Modern, fast web framework with automatic API documentation
  • Celery: Robust task queue for async processing of AI analysis
  • Redis: Lightweight broker and result backend for Celery

2. AI Provider Abstraction

  • Plugin Pattern: Easy to switch between OpenAI and Ollama
  • Cost Optimization: Default to gpt-3.5-turbo for free tier compatibility
  • Local Option: Ollama support for privacy-sensitive environments

3. Security-First Design

  • Rate Limiting: Prevents abuse and manages costs
  • API Key Protection: Optional authentication layer
  • Environment Validation: Pydantic settings with validation
  • Secret Management: Secure handling of API keys and tokens

4. Production Readiness

  • Health Checks: /health endpoint for monitoring
  • Structured Logging: JSON logs for observability
  • Docker Optimization: Multi-stage builds and non-root users
  • Cloud Native: Railway, Render, Fly.io configurations

Data Flow

Client Request → FastAPI → Celery Task → GitHub API → AI Analysis → Redis Storage → Client Response

Error Handling Strategy

  1. Graceful Degradation: Service continues if AI provider fails
  2. Retry Logic: Built into Celery for transient failures
  3. User Feedback: Clear error messages and status codes
  4. Logging: Comprehensive error tracking for debugging

Configuration

Environment Variables

Variable Required Default Description
OPENAI_API_KEY Yes* - OpenAI API key for AI analysis
CELERY_BROKER_URL Yes - Redis URL for Celery broker
CELERY_RESULT_BACKEND Yes - Redis URL for Celery results
REDIS_URL Yes - Redis connection URL
GITHUB_TOKEN No - GitHub token for private repos
LLM_PROVIDER No openai openai or ollama
API_KEYS No - Comma-separated API keys for protection
RATELIMIT_PER_MINUTE No 2 Rate limit (requests per minute)
SECRET_KEY No Generated Secret key for security
ALLOWED_ORIGINS No * CORS allowed origins

*Required unless using Ollama

Example Configuration

See env.example for a complete configuration template.

Future Improvements

Short Term (Next 3 months)

  • Caching Layer: Redis-based caching for repeated PR analysis
  • Webhook Integration: Auto-trigger analysis on GitHub PR events
  • Language-Specific Linters: Integration with ESLint, Pylint, etc.
  • Streaming Results: Real-time progress updates via WebSockets
  • Enhanced Security: JWT authentication and RBAC

Medium Term (3-6 months)

  • Multi-Repository Support: Batch analysis across multiple repos
  • Custom Rules Engine: User-defined analysis rules and patterns
  • Metrics Dashboard: Usage analytics and performance monitoring
  • CI/CD Integration: GitHub Actions and GitLab CI plugins
  • Advanced AI Models: Support for Claude, Gemini, and local models

Long Term (6+ months)

  • Machine Learning Pipeline: Custom models trained on code patterns
  • Collaborative Features: Team-based review workflows
  • Enterprise Features: SSO, audit logs, and compliance reporting
  • Mobile App: Native mobile interface for code reviews
  • Plugin Ecosystem: Third-party integrations and extensions

Technical Debt

  • Database Migration: PostgreSQL for persistent storage
  • Microservices: Split into smaller, focused services
  • API Versioning: Semantic versioning for API compatibility
  • Performance Optimization: Async file processing and memory management
  • Testing Coverage: Comprehensive unit and integration tests

Example Response

{
  "task_id": "abc123",
  "status": "completed",
  "results": {
    "files": [
      {
        "name": "main.py",
        "issues": [
          {
            "type": "style",
            "line": 15,
            "description": "Line too long",
            "suggestion": "Break line into multiple lines",
            "severity": "low"
          }
        ]
      }
    ],
    "summary": {
      "total_files": 1,
      "total_issues": 1,
      "critical_issues": 0
    }
  }
}

Contributing

This project is currently in active development. For questions or suggestions, please open an issue on GitHub.

License

MIT License - see LICENSE file for details.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages