Install/run via webhooks service

The webhooks service is best suited for continuous, automated reviews.

Prerequisites

Minimum System Requirements

A machine with the following minimum specifications is recommended for Docker image deployment and for obtaining optimal performance of the AI Code Review Agent.

Requirement
Minimum Specification

CPU Cores

4

RAM

8 GB

Hard Disk Drive

80 GB


Supported Operating Systems

  • Windows

  • Linux

  • macOS


OS Prerequisites

Operating System
Installation Steps

Linux

You will need:

  1. Bash (minimum version 4.x)

    • For Debian and Ubuntu systems

      sudo apt-get install bash

    • For CentOS and other RPM-based systems

      sudo yum install bash

  1. Docker (minimum version 20.x)

macOS

You will need:

  1. Bash (minimum version 4.x)

    brew install bash

  1. Docker (minimum version 20.x)

Windows

You will need:

  1. PowerShell (minimum version 5.x)

    • Note: In PowerShell version 7.x, run Set-ExecutionPolicy Unrestricted command. It allows the execution of scripts without any constraints, which is essential for running scripts that are otherwise blocked by default security settings.

  1. Docker (minimum version 20.x)


Required Access Tokens

  • Bito Access Key: Obtain your Bito Access Key. View Guide

  • GitHub Personal Access Token (Classic): For GitHub PR code reviews, ensure you have a CLASSIC personal access token with repo access. We do not support fine-grained tokens currently. View Guide

  • GitLab Personal Access Token: For GitLab PR code reviews, a token with API access is required. View Guide

  • Snyk API Token (Auth Token): For Snyk vulnerability reports, obtain a Snyk API Token. View Guide


Installation and Configuration Steps

  1. Prerequisites: Before proceeding, ensure you've completed all necessary prerequisites for self-hosted AI Code Review Agent.

  2. Server Requirement: Ensure you have a server with a domain name or IP address.

  3. Start Docker: Initialize Docker on your server.

  4. Clone the repository: Clone the AI Code Review Agent GitHub repository to your server using the following command:

    • git clone https://github.com/gitbito/CodeReviewAgent.git

    • Note: It is recommended to clone the repository instead of downloading the .zip file. This approach allows you to easily update the Agent later using the git pull command.

  5. Open the repository folder:

    • Navigate to the repository folder and then to the “cra-scripts” subfolder.

  • Note the full path to the “cra-scripts” folder for later use.

  1. Open Command Line:

    • Use Bash for Linux and macOS.

    • Use PowerShell for Windows.

  2. Set Directory:

    • Change the current directory in Bash/PowerShell to the “cra-scripts” folder.

    • Example command: cd [Path to cra-scripts folder]

    • Note: Adjust the path based on where you cloned the repository on your system.

  1. Configure Properties:

    • Open the bito-cra.properties file in a text editor from the “cra-scripts” folder. Detailed information for each property is provided on Agent Configuration: bito-cra.properties File page.

    • Set mandatory properties:

      • mode = server

      • bito_cli.bito.access_key

      • git.access_token

    • Optional properties (can be skipped or set as needed):

      • git.provider

      • git.domain

      • code_feedback

      • static_analysis

      • dependency_check

      • dependency_check.snyk_auth_token

      • server_port

      • review_scope

      • exclude_branches

      • exclude_files

      • exclude_draft_pr

Note: Valid values for git.provider are GITHUB or GITLAB.

Note: Detailed information for each property is provided on Agent Configuration: bito-cra.properties File page.

Check the Required Access Tokens guide to learn more about creating the access tokens needed to configure the Agent.

  1. Run the Agent:

This step might take time initially as it pulls the Docker image and performs the code review.

  1. Provide Missing Property Values: The script may prompt for values of mandatory/optional properties if they are not preconfigured.

  2. Copy Webhook Secret: During the script execution, a webhook secret is generated and displayed in the shell. Copy the secret displayed under "Use below as Gitlab and Github Webhook secret:" for use in GitHub or GitLab when setting up the webhook.

Webhook Setup Guide

GitHub Webhook Setup Guide:

  • Login to your GitHub account.

  • Navigate to the main page of the repository. Under your repository name, click Settings.

  • In the left sidebar, click Webhooks.

  • Click Add webhook.

  • Under Payload URL, enter the URL of the webhook endpoint. This is the server's URL to receive webhook payloads.

    • Note: The GitHub Payload URL should follow this format: https://<domain name/ip-address>/api/v1/github_webhooks, where https://<domain name/ip-address> should be mapped to Bito's AI Code Review Agent container, which runs as a service on a configured TCP port such as 10051. Essentially, you need to append the string "/api/v1/github_webhooks" (without quotes) to the URL where the AI Code Review Agent is running.

    • For example, a typical webhook URL would be https://cra.example.com/api/v1/github_webhooks

  • Select the Content type “application/json” for JSON payloads.

  • In Secret token, enter the webhook secret token that you copied above. It is used to validate payloads.

  • Click on Let me select individual events to select the events that you want to trigger the webhook. For code review select these:

    • Issue comments - To enable Code Review on-demand by issuing a command in the PR comment.

    • Pull requests - To auto-trigger Code Review when a pull request is created.

    • Pull request review comments - So, you can share feedback on the review quality by answering the feedback question in the code review comment.

  • To make the webhook active immediately after adding the configuration, select Active.

  • Click Add webhook.

GitLab Webhook Setup Guide:

  • Login to your GitLab account.

  • Select the repository where the webhook needs to be configured.

  • On the left sidebar, select Settings > Webhooks.

  • Select Add new webhook.

  • In URL, enter the URL of the webhook endpoint. This is the server's URL to receive webhook payloads.

    • Note: The GitLab webhook URL should follow this format: https://<domain name/ip-address>/api/v1/gitlab_webhooks, where https://<domain name/ip-address> should be mapped to Bito's AI Code Review Agent container, which runs as a service on a configured TCP port such as 10051. Essentially, you need to append the string "/api/v1/gitlab_webhooks" (without quotes) to the URL where the AI Code Review Agent is running.

    • For example, a typical webhook URL would be https://cra.example.com/api/v1/gitlab_webhooks

  • In Secret token, enter the webhook secret token that you copied above. It is used to validate payloads.

  • In the Trigger section, select the events to trigger the webhook. For code review select these:

    • Comments - for on-demand code review.

    • Merge request events - for automatic code review when a merge request is created.

    • Emoji events - So, you can share feedback on the review quality using emoji reactions.

  • Select Add webhook.

BitBucket Webhook Setup Guide:

  • Login to your BitBucket account.

  • Navigate to the main page of the repository. Under your repository name, click Repository Settings.

  • In the left sidebar, click Webhooks.

  • Click Add webhook.

  • Under URL, enter the URL of the webhook endpoint. This is the server's URL to receive webhook payloads.

    • Note: The BitBucket Payload URL should follow this format: https://<domain name/ip-address>/api/v1/bitbucket_webhooks, where https://<domain name/ip-address> should be mapped to Bito's AI Code Review Agent container, which runs as a service on a configured TCP port such as 10051. Essentially, you need to append the string "/api/v1/bitbucket_webhooks" (without quotes) to the URL where the AI Code Review Agent is running.

    • For example, a typical webhook URL would be https://cra.example.com/api/v1/bitbucket_webhooks

  • In Secret token, enter the webhook secret token that you copied above. It is used to validate payloads.

  • In the Triggers section, select the events to trigger the webhook. For code review select these:

    • Pull Request > Comment created - for on-demand code review.

    • Pull Request > Created - for automatic code review when a merge request is created.

  • Select Save.


Using the AI Code Review Agent

After configuring the webhook, you can invoke the AI Code Review Agent in the following ways:

Note: To improve efficiency, the AI Code Review Agent is disabled by default for pull requests involving the "main" branch. This prevents unnecessary processing and token usage, as changes to the "main" branch are typically already reviewed in release or feature branches. To change this default behavior and include the "main" branch, please contact support.

  1. Automated Code Review: If the webhook is configured to be triggered on the Pull requests event (for GitHub) or Merge request event (for GitLab), the agent will automatically review new pull requests as soon as they are created and post the review feedback as a comment within your PR.

  2. Manually Trigger Code Review: To start the process, simply type /review in the comment box on the pull request and submit it. If the webhook is configured to be triggered on the Issue comments event (for GitHub) or Comments event (for GitLab), this action will initiate the code review process. The /review command prompts the agent to review the pull request and post its feedback directly in the PR as a comment.

    Bito also offers specialized commands that are designed to provide detailed insights into specific areas of your source code, including security, performance, scalability, code structure, and optimization.

    • /review security: Analyzes code to identify security vulnerabilities and ensure secure coding practices.

    • /review performance: Evaluates code for performance issues, identifying slow or resource-heavy areas.

    • /review scalability: Assesses the code's ability to handle increased usage and scale effectively.

    • /review codeorg: Scans for readability and maintainability, promoting clear and efficient code organization.

    • /review codeoptimize: Identifies optimization opportunities to enhance code efficiency and reduce resource usage.

    By default, the /review command generates inline comments, meaning that code suggestions are inserted directly beneath the code diffs in each file. This approach provides a clearer view of the exact lines requiring improvement. However, if you prefer a code review in a single post rather than separate inline comments under the diffs, you can include the optional parameter: /review #inline_comment=False

    For more details, refer to Available Commands.

It may take a few minutes to get the code review posted as a comment, depending on the size of the pull request.

Screenshots

Screenshot # 1

AI-generated pull request (PR) summary

Screenshot # 2

Changelist showing key changes and impacted files in a pull request.

Screenshot # 3

AI code review feedback posted as comments on the pull request.


How to update the self-hosted AI Code Review Agent

Please follow these steps:

  1. Update the Agent's repository:

  2. Restart the Docker container:

    • To restart the Docker container running as a service, use the below command.

    • On Linux/macOS in Bash: Run ./bito-cra.sh service restart bito-cra.properties

    • On Windows in PowerShell: Run ./bito-cra.ps1 service restart bito-cra.properties


Stop Docker Container

To stop the Docker container running as a service, use the below command.

  • On Linux/macOS in Bash: Run ./bito-cra.sh service stop

  • On Windows in PowerShell: Run ./bito-cra.ps1 service stop


Check Status

To check the status of Docker container running as a service, use the below command.

  • On Linux/macOS in Bash: Run ./bito-cra.sh service status

  • On Windows in PowerShell: Run ./bito-cra.ps1 service status

Last updated

Logo

Bito Inc. (c) 2024