An automated code review bot that uses Sourcegraph's Amp AI to provide intelligent feedback on pull requests in your GitHub repository.
- π€ Automated code review on every PR
- π Inline comments with specific file and line references
- π― Intelligent analysis for security, performance, and code quality issues
- π Re-runs on PR updates
- π Structured feedback with priority levels (HIGH, MEDIUM, LOW)
Save the code-revie.yml file to your repository at:
.github/workflows/code-revie.yml
You need to configure one secret in your GitHub repository:
AMP_API_KEY: Your Sourcegraph Amp API key
- Go to your GitHub repository
- Click Settings β Secrets and variables β Actions
- Click New repository secret
- Add the following secret:
| Secret Name | Description | How to get it |
|---|---|---|
AMP_API_KEY |
Sourcegraph Amp API key | Visit ampcode.com to get your API key |
Note: The workflow automatically uses
GITHUB_TOKENwhich is provided by GitHub Actions - no setup required.
The workflow needs the following permissions (automatically configured in the YAML):
contents: read- to checkout code and read filespull-requests: write- to create review comments
- Trigger: Automatically runs when a PR is opened or updated
- Analysis:
- Fetches the PR diff
- Generates intelligent code review using Amp AI
- Analyzes for security, performance, and quality issues
- Feedback: Creates inline comments on specific lines with:
- Issue severity (π΄ HIGH, π‘ MEDIUM, π’ LOW)
- Detailed descriptions
- Actionable suggestions
-
Create a new branch:
git checkout -b test-amp-review
-
Add a simple file with intentional issues:
// test-file.js function badFunction() { var password = "hardcoded123"; // Security issue console.log(password); // Security issue // Performance issue - inefficient loop for(var i = 0; i < 1000000; i++) { document.getElementById("test"); // DOM query in loop } }
-
Commit and push:
git add test-file.js git commit -m "Add test file for code review" git push origin test-amp-review -
Create a pull request on GitHub
- Go to Actions tab in your repository
- Look for "Amp Review Bot" workflow
- Check that it runs successfully
- Verify review comments appear on your PR
β Success indicators:
- Workflow runs without errors
- PR gets review comments with specific line references
- Comments include severity levels and suggestions
β Common issues:
- Missing
AMP_API_KEY: Workflow fails at "Run AMP review" step - No comments: Check that the PR has actual code changes
- Workflow doesn't trigger: Verify file is at
.github/workflows/code-revie.yml
Edit the prompt in the "Run AMP review" step to focus on specific areas:
echo "Please analyze the following diff for:"
echo "- Missing or insufficient unit tests" # Testing focus
echo "- Security vulnerabilities" # Security focus
echo "- Performance issues" # Performance focus
echo "- Code quality problems" # Quality focus
echo "- Architecture concerns" # Architecture focus
echo "- Best practices violations" # Best practices focusModify the on section to change when reviews run:
on:
pull_request:
types: [opened, synchronize, ready_for_review] # Add ready_for_review
# Or add manual trigger:
workflow_dispatch:The bot categorizes issues into three levels:
- π΄ HIGH: Critical security/performance issues
- π‘ MEDIUM: Code quality and maintainability issues
- π’ LOW: Minor improvements and suggestions
- Check file location:
.github/workflows/code-revie.yml - Verify YAML syntax is valid
- Ensure you have write access to the repository
- Verify
AMP_API_KEYis set correctly - Check that PR has meaningful code changes
- Look at workflow logs in Actions tab
- Ensure
AMP_API_KEYsecret is set - Verify the API key is valid and active
- Check Amp account has sufficient quota
- This can happen with complex diffs
- The bot tries to find the closest relevant line
- Consider smaller, focused PRs for better accuracy
- Amp Documentation: ampcode.com/manual
- GitHub Actions: docs.github.com/actions
- Issues: Create an issue in this repository for bug reports
- Fork the repository
- Create a feature branch
- Test your changes with the workflow
- Submit a pull request
This workflow uses Sourcegraph's Amp AI for intelligent code analysis. Visit ampcode.com to learn more.