feat: add some new changes

[afuhflynn]

Summary by CodeRabbit

• New Features

  • PR summaries now display with enhanced formatting, including a header and attribution notice indicating automatic generation.

• Refactor

  • Improved GitHub App integration by updating authentication to use installation-scoped credentials for better security and isolation across deployments.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

The PR threads installation ID through the PR summary posting flow by extracting it from event data and passing it to the postSummaryAsUser function. Octokit initialization is updated to use installation-scoped authentication via getOctokitForInstallation, and the environment variable for the private key is renamed from GITHUB_PRIVATE_KEY to GITHUB_APP_PRIVATE_KEY.

Changes

Cohort / File(s)

Summary

Installation-scoped PR Summary Posting config/octokit-instance.ts, inngest/functions/index.ts, lib/github-utils/actions/index.ts

Updated environment variable reference from GITHUB_PRIVATE_KEY to GITHUB_APP_PRIVATE_KEY. Added installationId parameter extraction in Inngest function and threading to postSummaryAsUser call. Expanded postSummaryAsUser signature to accept installationId: number. Changed Octokit initialization from token-based approach to getOctokitForInstallation(installationId). Enhanced comment formatting to include header, summary content, and generated-by notice.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• Chore/octokit app upgrade #41: Modifies config/octokit-instance.ts to handle GITHUB_* private key environment variables for Octokit GitHub App authentication initialization.
• fix: fix webhook pr body data access Error #45: Updates inngest/functions/index.ts to manage installationId parameter threading in the event-driven workflow.
• feat: update hooks and inngest functions #40: Implements installation-scoped PR summary posting by passing and utilizing installationId in the posting flow.

Poem

🐰 A key renamed, a parameter flows,
Through functions it hops and in patterns it glows,
Installation-scoped now, with credentials so tight,
Each summary posted shines bright in its right! ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.
Title check	❓ Inconclusive	The title 'feat: add some new changes' is vague and generic, using non-descriptive language that fails to convey the specific changes made in the pull request.	Use a more descriptive title that captures the main change, such as 'feat: use installation-scoped Octokit for PR summary posting' or similar to reflect the actual changes.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch chore/octokit-app-upgrade

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codereverb]

Summary by CodeReverb

• The postSummaryAsUser function in lib/github-utils/actions/index.ts now requires an installationId to create an Octokit instance specific to that GitHub App installation, replacing the previous method of fetching a generic GitHub token.
• The summarizePr Inngest function (inngest/functions/index.ts) has been updated to extract the installationId from event data and pass it to the postSummaryAsUser helper.
• The environment variable for the GitHub App's private key was renamed from GITHUB_PRIVATE_KEY to GITHUB_APP_PRIVATE_KEY in config/octokit-instance.ts.
• The summary comment posted by postSummaryAsUser now includes a "Summary by CodeReverb" header and a promotional footer.

---

Generated automatically by CodeReverb Try out CodeReverb

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 75b6eba and cf409a0.

📒 Files selected for processing (3)

• config/octokit-instance.ts
• inngest/functions/index.ts
• lib/github-utils/actions/index.ts

🧰 Additional context used

🧬 Code graph analysis (2)

lib/github-utils/actions/index.ts (1)

config/octokit-instance.ts (1)

• getOctokitForInstallation (9-25)

inngest/functions/index.ts (1)

lib/github-utils/actions/index.ts (1)

• postSummaryAsUser (269-284)

🔇 Additional comments (4)

inngest/functions/index.ts (1)

403-403: LGTM! Installation-scoped posting is correctly implemented.

The installationId is properly passed to postSummaryAsUser, enabling installation-scoped authentication for posting the PR summary. This aligns with the updated function signature in lib/github-utils/actions/index.ts.

lib/github-utils/actions/index.ts (2)

282-282: LGTM! Comment formatting is improved.

The structured comment body with a clear header ("Summary by CodeReverb"), the summary content, and a generated-by footer provides better context for users viewing the PR.

---

269-276: All callers have been properly updated for the new signature.

The single caller in inngest/functions/index.ts:403 correctly passes all 5 arguments (owner, repo, prNumber, summary, installationId) in the expected order. No instances of the old 4-argument signature remain.

config/octokit-instance.ts (1)

19-19: The environment variable change from GITHUB_PRIVATE_KEY to GITHUB_APP_PRIVATE_KEY is correctly implemented. The new variable name is used consistently on line 10 (validation check) and line 19 (usage), and the old variable name has been completely removed from the codebase. No references to the old environment variable exist in documentation, CI/CD configurations, or deployment files.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

# First, let's look at the actual code around line 337 in inngest/functions/index.ts
head -360 inngest/functions/index.ts | tail -30

Repository: afuhflynn/code-reverb

Length of output: 758

---

🏁 Script executed:

# Run the provided script to find where pr.summary.requested event is triggered
rg -nP "pr\.summary\.requested|['\"](pr\.summary\.requested)['\"]" --type=ts --type=js -A 10 -B 2

Repository: afuhflynn/code-reverb

Length of output: 1501

---

🏁 Script executed:

# Get more context around line 337 - show more lines to see how installationId is used
sed -n '320,400p' inngest/functions/index.ts

Repository: afuhflynn/code-reverb

Length of output: 2171

---

🏁 Script executed:

# Find the postSummaryAsUser function to check if it requires installationId
rg -n "postSummaryAsUser|function postSummaryAsUser" --type=ts --type=js -A 5

Repository: afuhflynn/code-reverb

Length of output: 1131

---

🏁 Script executed:

# Get context around line 403 where postSummaryAsUser is called
sed -n '395,410p' inngest/functions/index.ts

Repository: afuhflynn/code-reverb

Length of output: 363

---

🏁 Script executed:

# Check the full signature and implementation of postSummaryAsUser
sed -n '269,290p' lib/github-utils/actions/index.ts

Repository: afuhflynn/code-reverb

Length of output: 514

---

Add validation for installationId before using it.

The event data can send installationId as null (see lib/ai/actions/index.ts:186), but postSummaryAsUser expects it as a required number. Without validation, passing a null value will cause a runtime error when getOctokitForInstallation(installationId) is called.

Add this check after destructuring:

if (!installationId) {
  throw new Error("installationId is required in event.data");
}

🤖 Prompt for AI Agents

In inngest/functions/index.ts around line 337, installationId from event.data
can be null but is used as a required number later (causing runtime errors);
after the destructuring of event.data add a validation that installationId is
present and truthy and throw a clear Error like "installationId is required in
event.data" if missing so subsequent calls (e.g. getOctokitForInstallation)
receive a valid number.