Add Pyckle PR Review to Your CI Pipeline

Step 1 — Create the workflow file

Create .github/workflows/pyckle-review.yml in your repo with this content:

name: pyckle-review

on:
  pull_request:
    types: [opened, synchronize]

jobs:
  review:
    runs-on: ubuntu-latest
    permissions:
      pull-requests: write
      contents: read

    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Run pyckle diff review
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          PYCKLE_MCP_URL: ${{ secrets.PYCKLE_MCP_URL }}
        run: |
          pip install httpx --quiet
          python3 - <<'EOF'
          import httpx, os, json, subprocess, sys

          pyckle_url = os.environ.get("PYCKLE_MCP_URL", "")
          if not pyckle_url:
              print("PYCKLE_MCP_URL not set — skipping", file=sys.stderr)
              sys.exit(0)

          diff = subprocess.check_output(
              ["git", "diff", "origin/main...HEAD"],
              stderr=subprocess.DEVNULL,
          ).decode(errors="replace")

          if not diff.strip():
              sys.exit(0)

          try:
              resp = httpx.post(
                  f"{pyckle_url}/tools/review_diff",
                  json={"diff": diff},
                  timeout=60,
              )
              resp.raise_for_status()
              comment = resp.json().get("pr_comment", "pyckle review completed.")
          except Exception as e:
              print(f"pyckle review failed: {e}", file=sys.stderr)
              sys.exit(0)

          ref = os.environ.get("GITHUB_REF", "")
          pr_number = ref.split("/")[2] if ref.count("/") >= 2 else ""
          repo = os.environ.get("GITHUB_REPOSITORY", "")

          if pr_number and repo:
              httpx.post(
                  f"https://api.github.com/repos/{repo}/issues/{pr_number}/comments",
                  headers={"Authorization": f"Bearer {os.environ['GITHUB_TOKEN']}"},
                  json={"body": comment},
                  timeout=30,
              )
          EOF

Step 2 — Add the PYCKLE_MCP_URL secret

In your repo: Settings → Secrets and variables → Actions → New repository secret.

• Name: PYCKLE_MCP_URL
• Value: https://pyckle.co (or your self-hosted URL — no trailing slash)

Step 3 — Open a PR and verify

Open or push to an existing PR. Within ~60 seconds a review comment appears with severity-tagged findings:

• HIGH — potential production impact
• MEDIUM — improvement suggestions
• LOW — style and minor observations

What the review comment looks like

Pyckle Review — 3 findings

HIGH src/payments.py:142 — This change removes the idempotency key check. The existing process_payment() callers at src/webhooks.py:89 rely on this guard. Removing it risks duplicate charges on retries.

MEDIUM src/payments.py:156 — New timeout value (5s) is lower than the Stripe API's recommended minimum (10s). Transient network delays may cause false failures.

LOW tests/test_payments.py — No test added for the new code path at line 142.

Non-blocking design

The workflow always exits 0, even on errors. It will never block a merge. If PYCKLE_MCP_URL is unset, it skips silently. If the review endpoint is unreachable, it logs to stderr and exits cleanly.

Troubleshooting

• Review comment doesn't appear: Check Actions tab → pyckle-review job → step logs. Common cause: PYCKLE_MCP_URL secret not set.
• 403 on GitHub comment: Ensure pull-requests: write permission is in the workflow YAML.
• Empty diff: Verify fetch-depth: 0 is present in the checkout step. Shallow clones produce empty diffs.