Skip to content

Add Octopus AI code review workflow#23177

Open
redoh wants to merge 1 commit into
kubernetes:masterfrom
redoh:add-octopus-review
Open

Add Octopus AI code review workflow#23177
redoh wants to merge 1 commit into
kubernetes:masterfrom
redoh:add-octopus-review

Conversation

@redoh

@redoh redoh commented Jun 19, 2026

Copy link
Copy Markdown

Summary

Adds a GitHub Actions workflow that runs Octopus, a free, open-source AI code review tool, on pull requests. Octopus indexes the codebase and posts context-aware inline review comments with severity levels. It is free and unlimited for public OSI-licensed repositories, with no API key required.

This is a follow-up to #23143 (opened by @nirs, then closed because Octopus could not post reviews — GITHUB_TOKEN is read-only on pull requests from forks).

What changed since #23143

The earlier attempt used the pull_request event, where GitHub restricts GITHUB_TOKEN to read-only for fork PRs, so the action could not post comments and failed silently. This PR resolves that:

  • Uses pull_request_target, which gives the token the pull-requests: write access needed to post reviews on fork PRs.
  • This is safe here because the Octopus action only reads the PR diff through the GitHub API — it never checks out or runs PR code, so no untrusted fork code executes in the privileged context. (The action also now emits a clear log message instead of failing silently if it ever lacks write access.)
  • The action is pinned to a full commit SHA.
  • Guarded with if: github.repository == 'kubernetes/minikube' so it does not run on forks of this repo.

Notes

Happy to adjust the trigger, permissions, or scoping to match maintainer preferences.

Octopus is a free, open-source AI code review tool that indexes the
codebase and posts context-aware inline review comments with severity
levels on pull requests. It is free and unlimited for public OSI-licensed
repositories with no API key required.

This is a follow-up to kubernetes#23143 (closed because GITHUB_TOKEN is read-only on
fork PRs). The workflow now uses pull_request_target so the token has the
write access needed to post reviews on fork PRs. The Octopus action only
reads the PR diff via the GitHub API; it never checks out or runs PR code,
so no untrusted code executes in the privileged context.

- https://octopus-review.ai/open-source
- https://github.com/octopusreview/octopus
- Docs: https://octopus-review.ai/docs/github-action#fork-pull-requests

Signed-off-by: Ferit <ferit@weezboo.com>
@linux-foundation-easycla

linux-foundation-easycla Bot commented Jun 19, 2026

Copy link
Copy Markdown

CLA Signed
The committers listed above are authorized under a signed CLA.

  • ✅ login: redoh / name: Ferit (8ff6877)

@k8s-ci-robot

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: redoh
Once this PR has been reviewed and has the lgtm label, please assign nirs for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot requested review from nirs and prezha June 19, 2026 15:40
@k8s-ci-robot k8s-ci-robot added the cncf-cla: no Indicates the PR's author has not signed the CNCF CLA. label Jun 19, 2026
@k8s-ci-robot

Copy link
Copy Markdown
Contributor

Welcome @redoh!

It looks like this is your first PR to kubernetes/minikube 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes/minikube has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

@k8s-ci-robot

Copy link
Copy Markdown
Contributor

Hi @redoh. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-ci-robot k8s-ci-robot added needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Jun 19, 2026
@minikube-bot

Copy link
Copy Markdown
Collaborator

Can one of the admins verify this patch?

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. and removed cncf-cla: no Indicates the PR's author has not signed the CNCF CLA. labels Jun 19, 2026
@nirs

nirs commented Jun 19, 2026

Copy link
Copy Markdown
Collaborator

@redoh Thanks for following up. I know that this can work with pull_request_target, but I'm not happy to run 3rd party code with write access in the context of pull_request_target.

What I need is a way to review pull requests with fine grain permissions allowing the reviewer to add comments. Anything else should be blocked by the system so I don't need to trust the review provider.

Ideally the reviewer will have operate as a GitHub account - any GitHub user can review minikube PRs, no special permissions are needed.

types: [opened, synchronize]
permissions:
contents: read
pull-requests: write

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is allowed by this?

@redoh

redoh commented Jun 19, 2026

Copy link
Copy Markdown
Author

@nirs you were right, and thanks for pushing on this. Two things you pointed out can't be solved within the Actions model:

  1. GitHub Actions / GITHUB_TOKEN has no permission finer than pull-requests: write, so a workflow can't be restricted to "comment-only" — that scope also allows editing/closing PRs, labels, assignees, etc.
  2. pull_request_target would mean running our (third-party) action with a writable token, which requires trusting us. Refusing that is reasonable.

So we're building the model you actually described, the reviewer operating as a plain GitHub account:

  • The repo adds a zero-permission workflow (permissions: {}) that holds no token and only notifies our server which PR to review. No pull_request_target, no secrets, no third-party code running with write access in your CI.
  • Our server fetches the diff and posts the review as a dedicated GitHub user account (octopus-review-bot). Because that account is not a collaborator here, GitHub itself blocks everything except submitting review comments — system-enforced comment-only, exactly what you asked for. It cannot set checks/statuses, label, or merge.
  • Abuse/spam safeguards: a repo is reviewed only if we've manually approved it and it carries a maintainer-added .github/octopus.yml opt-in file (delete the file to stop, anytime).

It's actively in progress (not shipped yet):

Once it's live I'll update this PR to that model. Does this approach address your concerns? Happy to adjust before we finalize.

@nirs

nirs commented Jun 21, 2026

Copy link
Copy Markdown
Collaborator

So we're building the model you actually described, the reviewer operating as a plain GitHub account:

  • The repo adds a zero-permission workflow (permissions: {}) that holds no token and only notifies our server which PR to review. No pull_request_target, no secrets, no third-party code running with write access in your CI.
  • Our server fetches the diff and posts the review as a dedicated GitHub user account (octopus-review-bot). Because that account is not a collaborator here, GitHub itself blocks everything except submitting review comments — system-enforced comment-only, exactly what you asked for. It cannot set checks/statuses, label, or merge.

Sounds good for public projects.

  • Abuse/spam safeguards: a repo is reviewed only if we've manually approved it and it carries a maintainer-added .github/octopus.yml opt-in file (delete the file to stop, anytime).

You read .github/octopus.yml from a branch in the repo, not from the PR?

Minikube does not use release branches but many projects use them and reviewing backports to release branch is very useful.

If you run this in pull_request event, an attacker can trigger a review on octopus side by modifying a workflow or adding a new workflow. This should be fine if you check .github/octopus.yml` from the main branch so an attacker cannot control it.

Let's move this discussion to https://github.com/octopusreview/.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants