GitHub PR Webhook with AI Analysis

A serverless GitHub webhook handler that uses AI (Groq's Llama 3.3 70B) to analyze pull requests with actual code diffs and posts analysis as PR comments.

Features

• ✅ GitHub webhook signature verification
• ✅ Fetches actual PR diffs using GitHub Compare API (GET /repos/{owner}/{repo}/compare/{base}...{head})
• ✅ AI-powered code review using Groq API (Llama 3.3 70B)
• ✅ Posts analysis as comments directly on GitHub PRs
• ✅ Deployed on AWS Lambda + API Gateway
• ✅ TypeScript support
• ✅ Comprehensive unit tests with 79%+ code coverage

Project Structure

github-pr-webhook/
├── src/                    # TypeScript source code
│   ├── WebhookService.ts   # Main webhook service with AI analysis
│   ├── app.ts              # Lambda handler wrapper
│   └── devServer.ts        # Local development server
├── spec/                   # Unit tests (Jasmine)
│   └── webhookService.spec.ts
├── events/                 # Test event payloads for local testing
├── scripts/                # Utility scripts
│   ├── test.sh            # Legacy test script
│   └── webhookService.js  # Old JS version (reference)
├── config/                 # Configuration files (gitignored)
│   └── gen-lang-client-*.json  # Service account credentials
├── dist/                   # Compiled JavaScript (gitignored)
├── coverage/               # Code coverage reports (gitignored)
├── template.yaml           # AWS SAM template
├── samconfig.toml          # SAM deployment configuration
├── env.json                # Local environment variables (gitignored)
├── env.json.example        # Environment template
└── tsconfig.json           # TypeScript configuration

Setup

1. Clone and Install Dependencies

git clone https://github.com/vivek-gaddipati/github-pr-webhook.git
cd github-pr-webhook
npm install

2. Configure Environment Variables

Copy the example file and update with your credentials:

cp env.json.example env.json

Required Variables

• GROQ_API_KEY - Your Groq API key for AI analysis (Get one here)
• GITHUB_WEBHOOK_SECRET - Secret for verifying GitHub webhook signatures
• GITHUB_TOKEN - GitHub personal access token with repo scope (Create token)

Update env.json with your actual credentials:

{
    "GitHubWebhookFunction": {
      "GITHUB_WEBHOOK_SECRET": "your-webhook-secret",
      "GITHUB_TOKEN": "your-github-token",
      "GROQ_API_KEY": "your-groq-api-key"
    }
}

3. Build the Project

npm run build

Testing

Run Unit Tests

npm test                  # Run tests
npm run coverage          # Run tests with code coverage report

The project has 19 comprehensive unit tests with 79%+ code coverage. Coverage reports are generated in coverage/index.html.

Local Lambda Testing

Test the Lambda function locally with SAM:

npm run test-local        # Quick test with sample payload
npm run sam:start         # Start local API Gateway at http://localhost:3000

Available Scripts

• npm run build - Compile TypeScript to JavaScript
• npm test - Run unit tests
• npm run coverage - Run tests with code coverage
• npm run test-local - Test Lambda locally with sample payload
• npm run sam:build - Build SAM application
• npm run sam:start - Start local API Gateway
• npm run dev - Run local development server

Deployment to AWS

1. Update template.yaml with your environment variables (GROQ_API_KEY, GITHUB_TOKEN, etc.)

2. Deploy:

npm run build
npm run sam:build
sam deploy

3. Configure GitHub webhook:
   • Go to your repo → Settings → Webhooks → Add webhook
   • Set Payload URL to your API Gateway endpoint
   • Set Content-type to application/json
   • Set Secret to match GITHUB_WEBHOOK_SECRET
   • Select "Pull requests" event

How It Works

1. GitHub sends a webhook when a PR is opened
2. Lambda function verifies the webhook signature
3. Fetches the PR diff using GitHub Compare API: GET /repos/{owner}/{repo}/compare/{base}...{head}
4. Sends the diff + PR metadata to Groq's Llama 3.3 70B model
5. AI provides:
   • Summary of changes
   • Potential risks/concerns
   • Code quality assessment
   • Suggested improvements
   • Testing recommendations

Tech Stack

• Runtime: Node.js 20.x (TypeScript)
• Infrastructure: AWS SAM (Lambda + API Gateway)
• AI Model: Groq Llama 3.3 70B
• GitHub API: Compare API for fetching diffs

## Security Notes

- ⚠️ **Never commit** `env.json` or service account credentials to version control
- Use `env.json.example` as a template
- For production, use AWS Secrets Manager or Parameter Store for credentials
- The `.gitignore` file is configured to exclude all sensitive files
- GitHub token needs `repo` scope for private repositories

## Development

### Adding New Tests

Tests are located in `spec/webhookService.spec.ts`. The project uses Jasmine for testing and c8 for coverage.

### Code Coverage

Coverage reports are generated in the `coverage/` directory:
- `coverage/index.html` - Interactive HTML report
- `coverage/lcov.info` - LCOV format for CI/CD integration

Current coverage: **79%+ statements, branches, and lines**

## License

MIT