Implement multi-AI PR automation with auto-merge and cross-org deployment

[Copilot]

Adds comprehensive PR automation across 6 organizations with three AI review systems, intelligent auto-merge, and foundation governance integration.

Implementation

Workflows

• pr-automation.yml - Orchestrates labeling, AI review dispatch, merge readiness checks
• ai-review-claude.yml - Claude 3.5 Sonnet for code quality and best practices
• ai-review-codex.yml - GPT-4 Turbo for security vulnerability scanning
• auto-merge.yml - Merges when checks pass, no conflicts, no blocking labels
• auto-delete-branch.yml - Cleans up merged branches (respects protected/fork branches)
• canonical-checks.yml - Validates repo structure, workflow integrity, chittyfoundation/ops compliance
• reusable-pr-automation.yml - Parameterized workflow for cross-org deployment

Configuration

• labeler.yml - 10 label types via file patterns, branch naming, content analysis
• coderabbit.yml - Auto-review, incremental reviews, high-level summaries
• auto-merge.json - Required checks, blocked labels, merge method, retry logic

Cross-Org Deployment

./deploy-pr-automation.sh [org1] [org2] ...

Creates PRs in each repo with reusable workflow reference:

jobs:
  automation:
    uses: CHITTYOS/chittyops/.github/workflows/reusable-pr-automation.yml@main
    secrets:
      ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
      OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}

Security Considerations

• JSON construction uses jq to prevent shell variable injection in heredocs
• GraphQL mutations fetch node_id dynamically for non-PR triggers (check_suite, status events)
• Python YAML validation avoids command injection via isolated script files
• All credentials via secrets.* or ephemeral ChittyConnect tokens

Cost

~$0.023/PR (Claude: $0.003, OpenAI: $0.02, CodeRabbit: included)

Next Steps

1. Configure org-level secrets: ANTHROPIC_API_KEY, OPENAI_API_KEY
2. Install CodeRabbit GitHub App
3. Deploy: ./deploy-pr-automation.sh

Original prompt

Objective

Implement comprehensive CI/CD automation for pull requests across all organizations (Chittyfoundation, chittyos, chittyapps, chittycorp, furnished-condos, chicagoapps) with AI-powered reviews, auto-labeling, auto-merge, and auto-delete functionality.

Requirements

1. Multi-AI Review System

Create GitHub Actions workflows that integrate three AI review systems:

• CodeRabbit AI: Automatic PR reviews via GitHub App integration
• Claude (Anthropic): Deep code analysis and review comments
• OpenAI Codex: Code quality and security analysis

2. Auto-Labeling

Automatically label PRs based on content analysis:

• implementation - New feature implementations
• enhancement - Improvements to existing features
• bugfix - Bug fixes
• documentation - Documentation changes
• security - Security-related changes
• performance - Performance improvements

3. Auto-Merge Logic

PRs should automatically merge when ALL conditions are met:

• All CI/CD checks pass (including canonical checks from chittyfoundation/ops)
• All AI reviews are completed successfully
• No merge conflicts exist
• Branch is up to date with base branch
• Required approvals obtained

4. Auto-Delete Branches

Automatically delete source branches after successful merge

5. Integration with chittyfoundation/ops

• Reference and require canonical checks from chittyfoundation/ops repository
• These checks should be treated as governing/required checks
• Cannot merge without passing chittyfoundation/ops core validation

Implementation Details

GitHub Actions Workflows to Create:

.github/workflows/pr-automation.yml

Main automation workflow that:

• Triggers on PR open, synchronize, and labeled events
• Assigns CodeRabbit AI for review
• Runs Claude API for code analysis
• Runs OpenAI Codex for security/quality checks
• Auto-labels based on PR content and file changes
• Posts review comments with AI findings
• Enables auto-merge when conditions are met

.github/workflows/ai-review-claude.yml

Claude-specific review workflow:

• Analyzes PR diff and provides detailed review
• Comments on code quality, best practices, potential issues
• Uses ANTHROPIC_API_KEY secret

.github/workflows/ai-review-codex.yml

OpenAI Codex review workflow:

• Security vulnerability scanning
• Code quality analysis
• Performance recommendations
• Uses OPENAI_API_KEY secret

.github/workflows/auto-merge.yml

Auto-merge workflow:

• Checks all required status checks pass
• Verifies chittyfoundation/ops canonical checks pass
• Confirms no merge conflicts
• Enables auto-merge with squash or merge commit
• Triggers on successful check completion

.github/workflows/auto-delete-branch.yml

Branch cleanup workflow:

• Triggers on PR merge/close
• Deletes source branch automatically
• Preserves protected branches

.github/workflows/canonical-checks.yml

Integration with chittyfoundation/ops:

• Calls reusable workflows from chittyfoundation/ops
• Enforces core validation rules
• Reports status back to PR

Configuration Files:

.github/coderabbit.yml

CodeRabbit AI configuration:

language: en-US
early_access: true
reviews:
  auto_review:
    enabled: true
    auto_incremental_review: true
  request_changes_workflow: true
  high_level_summary: true
  poem: false
  review_status: true

.github/auto-merge.json

Auto-merge rules configuration

.github/labeler.yml

Auto-labeling rules based on file patterns

GitHub Secrets Required

The following secrets must be configured in repository settings or organization level:

• ANTHROPIC_API_KEY - For Claude API access
• OPENAI_API_KEY - For OpenAI Codex access
• GITHUB_TOKEN - Automatically provided, used for GitHub API operations

CodeRabbit AI Setup

CodeRabbit should be installed as a GitHub App with permissions:

• Pull requests: Read & Write
• Contents: Read
• Issues: Read & Write

Branch Protection Rules

Update branch protection to require:

• Status checks from all AI review workflows
• Status checks from chittyfoundation/ops canonical workflows
• Up-to-date branches before merging

Global Deployment

After testing in chittyos/chittyops, these workflows should be:

1. Committed to a central repository or GitHub organization .github repo
2. Referenced as reusable workflows across all organizations
3. Deployed to: Chittyfoundation, chittyos, chittyapps, chittycorp, furnished-condos, chicagoapps

Success Criteria

• ✅ PRs automatically get AI reviews from all three services
• ✅ PRs are automatically labeled based on content
• ✅ chittyfoundation/ops checks are required and enforced
• ✅ PRs auto-merge when all conditions met
• ✅ Branches auto-delete after successful merge
• ✅ Workflows are reusable across all organizations

Notes

• Ensure workflows handle API rate limits gracefully
• Add appropriate error handling and notifications
• Make workflows parameterizable for easy reuse
• Document setup process ...

This pull request was created from Copilot chat.

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.