Skip to content

Commit c415a59

Browse files
authored
Merge pull request #37 from redhat-developer/feat/pr-review-consolidation
feat: add code review pipeline to rhdh-pr-review skill (v0.3.1)
2 parents 203465c + 56819b4 commit c415a59

13 files changed

Lines changed: 946 additions & 206 deletions

File tree

.claude-plugin/marketplace.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,14 +5,14 @@
55
},
66
"metadata": {
77
"description": "Orchestrator skill for RHDH plugin development - onboard, update, and maintain plugins in the Extensions Catalog",
8-
"version": "0.3.0"
8+
"version": "0.3.1"
99
},
1010
"plugins": [
1111
{
1212
"name": "rhdh",
1313
"source": "./",
1414
"description": "Skills for RHDH plugin lifecycle management",
15-
"version": "0.3.0",
15+
"version": "0.3.1",
1616
"strict": true
1717
}
1818
]

.claude-plugin/plugin.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"name": "rhdh",
33
"description": "All-in-one toolkit for Red Hat Developer Hub (RHDH). Covers plugin development, overlay management, environment setup, version compatibility, CI/CD, and RHDH ecosystem navigation.",
4-
"version": "0.3.0",
4+
"version": "0.3.1",
55
"author": {
66
"name": "RHDH Store Manager"
77
},

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,7 @@ Track work across the four RHDH Jira projects.
6161

6262
### PR Review
6363

64-
- **[rhdh-pr-review](./skills/rhdh-pr-review/SKILL.md)**Test PR changes on a live RHDH cluster. Swaps CI images, verifies code changes, and reports findings.
64+
- **[rhdh-pr-review](./skills/rhdh-pr-review/SKILL.md)** — PR code review with inline comments (GitHub, GitLab planned) and live cluster testing for rhdh-operator PRs. Layered architecture: fetch → analyze → post.
6565

6666
### Test Plan
6767

pyproject.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
[project]
22
name = "rhdh-skill"
3-
version = "0.3.0"
3+
version = "0.3.1"
44
description = "Claude Code skill for RHDH plugin development"
55
readme = "README.md"
66
license = "Apache-2.0"

skills/rhdh-pr-review/SKILL.md

Lines changed: 101 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,12 @@
11
---
22
name: rhdh-pr-review
3-
description: Test PR changes on a live RHDH cluster. Fetches CI-built images from PR comments, checks cluster status (deploying if needed), deploys the full PR operator bundle or manifests (not just image swap), actively verifies the code changes by exercising affected code paths on the cluster, and closes with findings including best-practice and security assessment. Use when asked to review an rhdh-operator PR, test PR changes on a cluster, deploy PR images for testing, or deploy PR bundle. Also use when user mentions "operator PR", "review PR", or "test this PR on my cluster". Currently supports rhdh-operator PRs.
3+
description: >
4+
Review pull requests: code-level analysis with inline comments, and live cluster testing for rhdh-operator PRs. Supports GitHub (GitLab planned). Use when asked to review a PR, review code, post review comments, test PR changes on a cluster, deploy PR images for testing, or do a full PR review. Also use when given a PR URL or number and asked for feedback, or when user mentions "review this PR", "PR review", "code review", or "test this PR on my cluster".
45
---
56

67
<cli_setup>
7-
This skill uses the orchestrator CLI for activity tracking. **Set up first:**
8+
9+
For cluster testing workflows, set up the orchestrator CLI:
810

911
```bash
1012
RHDH=../rhdh/scripts/rhdh
@@ -14,24 +16,20 @@ RHDH=../rhdh/scripts/rhdh
1416

1517
<essential_principles>
1618

17-
<principle name="ensure_cluster">
18-
Always verify the user has a running RHDH cluster with `oc` access before deploying PR bundles.
19-
If no cluster or no RHDH instance, provision one using `redhat-developer/rhdh-test-instance` — see `rhdh-repos.md` for details on that repo's capabilities.
20-
Don't just tell the user to set things up — do it.
19+
<principle name="layered_architecture">
20+
Reviews follow a three-layer pipeline: **fetch** (forge-specific) → **analyze** (agnostic) → **post** (forge-specific). Each layer produces a structured artifact for the next. The analyze layer never calls forge-specific CLIs.
21+
</principle>
22+
23+
<principle name="verify_findings">
24+
Reviewers will produce false positives. Verify every finding against actual code at HEAD before including it. Drop findings that reference non-existent code, duplicate existing comments, misread the code, or conflict with codebase conventions.
2125
</principle>
2226

23-
<principle name="use_pr_comment_images">
24-
Extract image URLs from PR comments posted by CI — never construct image URLs manually.
25-
The tag format includes PR number + commit SHA, which only CI knows.
26-
See `references/operator-pr-images.md` for extraction commands.
27+
<principle name="user_confirms_before_posting">
28+
Present the full review draft — summary, inline comments with file:line, and event type — to the user before posting. Proceed only after confirmation.
2729
</principle>
2830

2931
<principle name="deploy_full_bundle">
30-
Deploy the full PR bundle/manifests, not just the operator binary image.
31-
PR changes to CRDs, RBAC, default config, or bundle metadata are baked into the OLM bundle or install.yaml manifests — a binary-only image swap misses them and the operator may fail to reconcile.
32-
For OLM-managed installs, replace the CatalogSource with the PR's `operator-catalog` image so OLM reinstalls the full bundle (CRDs, RBAC, CSV, deployment).
33-
For non-OLM installs, fetch and apply the PR branch's `install.yaml` (CRDs, RBAC, ConfigMaps, Deployment) with the CI-built operator image substituted in.
34-
Both paths preserve existing Backstage CRs, config, and Keycloak state — only the operator-side resources are replaced.
32+
For cluster testing: deploy the full PR bundle/manifests, not just the operator binary image. PR changes to CRDs, RBAC, default config, or bundle metadata are baked into the OLM bundle or install.yaml — a binary-only image swap misses them.
3533
</principle>
3634

3735
</essential_principles>
@@ -40,35 +38,96 @@ Both paths preserve existing Backstage CRs, config, and Keycloak state — only
4038

4139
## What would you like to do?
4240

43-
### PR Review Tasks
41+
### Code Review
42+
43+
1. **Review PR code** — Analyze a PR diff, generate findings, and post inline comments
44+
2. **Review PR code (analysis only)** — Analyze without posting (e.g., to review locally or post later)
4445

45-
*For testing PR changes on a live RHDH cluster*
46+
### Cluster Testing (rhdh-operator PRs)
4647

47-
1. **Review rhdh-operator PR** — Deploy PR operator bundle on cluster and get review checklist
48+
3. **Test PR on cluster** — Deploy PR operator bundle on a live RHDH cluster and verify changes
49+
50+
### Combined
51+
52+
4. **Full review** — Code review + post to GitHub + cluster testing
4853

4954
**Wait for response before proceeding.**
5055

5156
</intake>
5257

5358
<routing>
5459

55-
### PR Review Routes
56-
5760
| Response | Workflow |
5861
|----------|----------|
59-
| 1, "operator", "rhdh-operator", a PR number, "review" | Route to `workflows/review-operator-pr.md` |
62+
| 1, "review", "review PR", "code review", a PR URL or number | `workflows/fetch-github.md``workflows/review-code.md``workflows/post-to-github.md` |
63+
| 2, "analyze", "analysis only", "review locally" | `workflows/fetch-github.md``workflows/review-code.md` (stop after findings) |
64+
| 3, "test", "cluster", "deploy", "operator PR", "test on cluster" | `workflows/fetch-github.md``workflows/review-operator-pr.md` |
65+
| 4, "full", "full review", "both" | `workflows/fetch-github.md``workflows/review-code.md``workflows/post-to-github.md``workflows/review-operator-pr.md` |
6066

61-
**To route:** Read `workflows/review-operator-pr.md` and follow its process.
67+
### Routing rules
68+
69+
1. **PR URL or number with no other context**: default to route 1 (code review + post).
70+
2. **rhdh-operator PR detected** (repo is `redhat-developer/rhdh-operator`): suggest route 4 (full review) but let the user choose.
71+
3. **"review" without "post" or "cluster"**: route 1.
72+
4. **All routes start with fetch.** The fetch workflow produces a context artifact consumed by all downstream workflows.
73+
74+
### Forge detection
75+
76+
Currently GitHub only. Detect from URL pattern or `gh` CLI availability.
77+
78+
When GitLab support is added: `fetch-gitlab.md` and `post-to-gitlab.md` will slot into the same pipeline. The analyze workflow (`review-code.md`) is forge-agnostic and needs no changes.
6279

6380
</routing>
6481

82+
<artifact_contracts>
83+
84+
## Context artifact (fetch → analyze / cluster test)
85+
86+
Produced by the fetch workflow, consumed by all downstream workflows:
87+
88+
```
89+
context artifact
90+
├── forge: "github"
91+
├── repo: "owner/repo"
92+
├── pr_number: 123
93+
├── head_sha: "abc123..."
94+
├── base_ref, head_ref, title, body, author, state, url
95+
├── labels: [...]
96+
├── files: [{path, additions, deletions}, ...]
97+
├── total_additions, total_deletions
98+
├── diff: "full unified diff"
99+
├── linked_issues: [{number, title, body, labels, state}, ...]
100+
├── jira_keys: ["RHIDP-1234", ...]
101+
├── existing_comments: [{user, path, line, body, created_at}, ...]
102+
├── existing_reviews: [{user, state, body}, ...]
103+
└── ci_status: "pass" | "fail" | "pending" | "unknown"
104+
```
105+
106+
## Findings artifact (analyze → post)
107+
108+
Produced by the analysis workflow, consumed by the posting workflow:
109+
110+
```
111+
findings artifact
112+
├── pr: {repo, number, head_sha}
113+
├── summary: "top-level review text"
114+
├── event: "COMMENT" | "APPROVE" | "REQUEST_CHANGES"
115+
└── findings[]
116+
├── path, line, start_line
117+
├── type: "suggestion" | "question" | "observation"
118+
└── body: "comment text"
119+
```
120+
121+
</artifact_contracts>
122+
65123
<reference_index>
66124

67-
| Reference | Purpose | Path |
68-
|-----------|---------|------|
69-
| operator-pr-images | CI image extraction and validation | `references/operator-pr-images.md` |
70-
| github-reference | gh CLI patterns, PR queries | `../rhdh/references/github-reference.md` (if unavailable, use standard `gh` CLI patterns) |
71-
| rhdh-repos | RHDH ecosystem repository map | `../rhdh/references/rhdh-repos.md` (if unavailable, see CONTEXT.md for repo list) |
125+
| Reference | Purpose | Load when... | Path |
126+
|-----------|---------|--------------|------|
127+
| review-perspectives | Review perspective examples and signal hints | Running `review-code.md` | `references/review-perspectives.md` |
128+
| operator-pr-images | CI image extraction and validation | Running `review-operator-pr.md` | `references/operator-pr-images.md` |
129+
| github-reference | gh CLI patterns, PR queries | Running any GitHub workflow | `../rhdh/references/github-reference.md` (if available) |
130+
| rhdh-repos | RHDH ecosystem repository map | Cluster testing | `../rhdh/references/rhdh-repos.md` (if available) |
72131

73132
</reference_index>
74133

@@ -82,6 +141,21 @@ Both paths preserve existing Backstage CRs, config, and Keycloak state — only
82141

83142
<success_criteria>
84143

144+
### Code review
145+
146+
- [ ] PR context fetched (metadata, diff, linked issues, existing comments)
147+
- [ ] Review perspectives chosen based on PR content
148+
- [ ] Findings verified against actual code at HEAD
149+
- [ ] False positives dropped with reasoning shown
150+
- [ ] Review draft presented to user with event type choice
151+
- [ ] Review posted to forge (if posting route selected)
152+
153+
### Cluster testing
154+
85155
See `workflows/review-operator-pr.md` `<success_criteria>` for the full checklist.
86156

157+
### Full review
158+
159+
All code review criteria + all cluster testing criteria.
160+
87161
</success_criteria>
Lines changed: 41 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,41 @@
1+
# Code Review Perspectives
2+
3+
Examples of review perspectives and the signals that suggest them. These are starting points, not a fixed roster — choose perspectives that fit the PR's actual content. Invent new ones when the PR calls for it (e.g., devil's advocate, agile coach, skill expert, domain specialist).
4+
5+
## Common perspectives
6+
7+
| Perspective | Focus | Prompt guidance |
8+
|-------------|-------|-----------------|
9+
| **Correctness** | Logic bugs, edge cases, error handling, off-by-ones, null/undefined paths | "Find bugs that would reach production. Ignore style." |
10+
| **Security** | Injection vectors, auth/authz gaps, secrets exposure, input validation | "Flag vulnerabilities with severity ratings." |
11+
| **Requirements** | Coverage of linked issues, test adequacy, scope gaps | "Check every linked requirement. Note what's addressed, tested, and missing." |
12+
| **Architecture** | Module boundaries, coupling, abstraction levels, extensibility | "Evaluate structural impact. Is this change in the right place?" |
13+
| **Performance** | Hot paths, query patterns, algorithmic complexity, caching | "Flag measurable performance risks." |
14+
| **Compatibility** | Public API surface, breaking changes, deprecations | "Determine if changed symbols are public-facing before flagging." |
15+
16+
## Signals that suggest a perspective
17+
18+
Use these as hints, not rules. A PR may need perspectives not listed here, or may not need ones that signal-match.
19+
20+
| Signal | Suggests | Example |
21+
|--------|----------|---------|
22+
| Changes span 2+ modules/packages | Architecture | `src/api/` + `src/worker/` |
23+
| New files created | Architecture | New module, new component |
24+
| Changed paths match DB/query patterns | Performance | `**/model*`, `**/migration*`, `**/schema*` |
25+
| Keywords in title/body | Performance | `optimization`, `latency`, `cache`, `slow` |
26+
| Changed paths match API surface | Compatibility | `**/api/**`, `**/proto/**`, `**/openapi*` |
27+
| Package version changes | Compatibility | `package.json`, `pyproject.toml` version bumps |
28+
| Labels | Varies | `refactor` → Architecture, `breaking` → Compatibility |
29+
| Linked issues exist | Requirements | Any `Fixes #N` or Jira key in the body |
30+
31+
## Choosing perspectives
32+
33+
Read the PR's diff, metadata, and linked issues. Create perspectives based on what matters most for this specific change — the examples above are a starting point, not a menu to pick from.
34+
35+
## Reviewer coordination
36+
37+
When using multiple reviewers:
38+
39+
- Each gets the diff, linked requirements, and their focus area
40+
- Instruct them to read source at HEAD, not just the diff
41+
- Encourage cross-checking — reviewers should challenge overlapping or contradictory findings

0 commit comments

Comments
 (0)