Automated Code Review in CI/CD
What the Code Review Agent Does
Unlike static linters or rule-based scanners, CurieTech AI's Code Review Agent uses intent-driven analysis to:
- Catch subtle bugs and logic flaws
- Flag anti-patterns and inefficient design choices
- Recommend improvements aligned with your architecture
- Enforce security and performance best practices
- Explain rationale with context-specific suggestions
This agent functions like a senior reviewer embedded in your team — thorough, consistent, fast, and always aligned with your development patterns.
If you're using your own script, you can trigger the review using:
curl -X POST "https://platform.curietech.ai/api/code-review/run" \
-H "Authorization: Bearer $CURIE_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"conn_type": "One of: github/bitbucket/gitlab/azure_devops",
"org_name": "Name of the organization",
"repo_name": "Name of the repository without the .git suffix",
"branch_name": "Name of the feature branch",
"pr_number": [Integer] PR number,
"prompt": "[Optional] Any additional instructions for the code review agent"
}'
Or if you want to use it in CI/CD for dynamic values, you can use the below steps.
Note: For CI/CD steps, the
org_namein the JSON payload should beprojectname/orgname. The project name has to be hardcoded.
GitHub Actions
Steps
- Open your repository in GitHub.
- Go to Settings → Secrets and variables → Actions and click New repository secret.
- Name:
CURIE_API_KEY - Value: Your CurieTech API key.
- Name:
- Create
.github/workflows/curie-code-review.ymlin your repo. - Commit and push. This will run on every Pull Request.
# This is a basic workflow to help you get started with Actions
name: CI # you can provide any name
# Controls when the workflow will run
on:
# Triggers the workflow on push or pull request events but only for the "main" branch
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v4
# Runs a single command using the runners shell
- name: Curie-review
run: |
curl -X POST "https://platform.curietech.ai/api/code-review/run" \
-H "Authorization: Bearer ${{ secrets.CURIE_API_KEY }}" \
-H "Content-Type: application/json" \
-d '{
"conn_type": "github",
"org_name": "org_name", # provide your org name here
"repo_name": "'"${GITHUB_REPOSITORY#*/}"'",
"branch_name": "'"${{ github.head_ref || github.ref_name }}"'",
"pr_number": ${{ github.event.pull_request.number }},
"prompt": "CI-triggered code review" # you can change the prompt according to your wish
}'
Azure DevOps
Steps
- Create a pipeline for your selected repo.
- Paste the YAML below into your pipeline.
- Save, then go back to the same pipeline → Edit → Variables:
- Name:
CURIE_API_KEY(mark as secret) - Value: Your CurieTech API key.
- Name:
- Run the pipeline on a Pull Request.
# azure-pipelines.yml
trigger: none
pr: none
pool:
vmImage: 'ubuntu-latest' # or 'windows-latest'/'macos-latest'
steps:
- checkout: self
- task: PowerShell@2
displayName: 'Run Curie AI Code Review'
env:
CURIE_API_KEY: $(CURIE_API_KEY)
inputs:
targetType: 'inline'
script: |
if ("$(Build.Reason)" -eq "PullRequest") {
$prNumber = "$(System.PullRequest.PullRequestId)"
$sourceBranchName = "$(System.PullRequest.SourceBranch)" -replace 'refs/heads/', ''
$repoName = "$(Build.Repository.Name)"
$orgName = "$(System.CollectionUri)".Split('/')[3] # Format: projectname/orgname
Write-Host "PR Number: $prNumber"
Write-Host "Source Branch: $sourceBranchName"
Write-Host "Repository Name: $repoName"
Write-Host "Organization Name: $orgName"
$payload = @{
conn_type = "azure_devops"
org_name = $orgName
repo_name = $repoName
branch_name = $sourceBranchName
pr_number = [int]$prNumber
} | ConvertTo-Json -Compress
Write-Host "Sending payload: $payload"
Invoke-RestMethod -Uri "https://platform.curietech.ai/api/code-review/run" `
-Method POST `
-Headers @{
"Authorization" = "Bearer $env:CURIE_API_KEY"
"Content-Type" = "application/json"
} `
-Body $payload
} else {
Write-Host "This pipeline run is not a Pull Request. Skipping Curie AI Code Review."
}
GitLab
Steps
- Go to your project → Settings → CI/CD → Variables.
- Name:
CURIE_API_KEY(mark as masked and protected). - Value: Your CurieTech API key.
- Name:
- Commit
.gitlab-ci.ymlto your repository.
# .gitlab-ci.yml
stages:
- code_review
curie_ai_code_review:
stage: code_review
image: alpine/curl:latest # A lightweight image with curl installed, or use your preferred image
rules:
- if: $CI_MERGE_REQUEST_IID # This rule ensures the job only runs for merge requests
when: always # Run always if it's a merge request, otherwise skip
script:
- |
# Extract branch name, removing 'refs/heads/' prefix if present
BRANCH_NAME="${CI_MERGE_REQUEST_SOURCE_BRANCH_NAME}"
# CI_PROJECT_NAMESPACE gives the group path (e.g., 'my-group/my-subgroup')
# CI_PROJECT_NAME gives the project name
# For 'org_name', you typically want the top-level group
# If your project is 'my-group/my-subgroup/my-project', CI_PROJECT_NAMESPACE is 'my-group/my-subgroup'
# You might need to adjust 'org_name' based on how you define 'organization' in your GitLab structure.
# For a simple top-level group, CI_PROJECT_NAMESPACE should suffice.
# If you need just the root group name:
ORG_NAME=$(echo "$CI_PROJECT_NAMESPACE" | cut -d'/' -f1) # Format: projectname/orgname
echo "Merge Request ID: ${CI_MERGE_REQUEST_IID}"
echo "Source Branch Name: ${BRANCH_NAME}"
echo "Project Name: ${CI_PROJECT_NAME}"
echo "Organization/Group Name: ${ORG_NAME}"
PAYLOAD='{
"conn_type": "gitlab",
"org_name": "'"$ORG_NAME"'",
"repo_name": "'"${CI_PROJECT_NAME}"'",
"branch_name": "'"$BRANCH_NAME"'",
"pr_number": '"${CI_MERGE_REQUEST_IID}"'
}'
echo "Sending payload: $PAYLOAD"
curl -X POST "https://platform.curietech.ai/api/code-review/run" \
-H "Authorization: Bearer ${CURIE_API_KEY}" \
-H "Content-Type: application/json" \
-d "$PAYLOAD"
variables:
# Ensure this variable is masked and protected in GitLab CI/CD settings
CURIE_API_KEY: $CURIE_API_KEY
Bitbucket
Steps
- Go to Repository settings → Repository variables.
- Name:
CURIE_API_KEY - Value: Your CurieTech API key.
- Name:
- Commit
bitbucket-pipelines.ymlto your repository.
# bitbucket-pipelines.yml
image: atlassian/default-image:2 # You can use a different image if curl isn't available
pipelines:
pull-requests:
'**': # This pattern means the pipeline will run for all pull requests
- step:
name: Curie AI Code Review
script:
# Construct the JSON payload
- >
PAYLOAD='{
"conn_type": "bitbucket",
"org_name": "${BITBUCKET_REPO_OWNER}", # Format: projectname/orgname
"repo_name": "${BITBUCKET_REPO_SLUG}",
"branch_name": "${BITBUCKET_BRANCH}",
"pr_number": ${BITBUCKET_PR_ID}
}'
- echo "Sending payload: $PAYLOAD"
- >
curl -X POST "https://platform.curietech.ai/api/code-review/run" \
-H "Authorization: Bearer ${CURIE_API_KEY}" \
-H "Content-Type: application/json" \
-d "$PAYLOAD"
By following the setup instructions for your chosen CI/CD platform, you can seamlessly integrate CurieTech AI’s Code Review Agent into your development workflow. This ensures consistent, high-quality, and secure code reviews — automated directly within your pull request process — saving time and improving code quality across your team.
