feat: auto-trigger commands when bot is assigned as reviewer on GitLab MR

igoraj · igoraj · commit dfe13bf1fb96 · 2026-05-12T11:27:44.000+02:00
Add support for detecting when the PR-Agent bot is assigned as a
reviewer on a GitLab merge request via the webhook payload, and
automatically running configured commands (e.g. /review) in response.

- Add handle_reviewer_assignment toggle and reviewer_commands config
  under [gitlab] in configuration.toml (disabled by default)
- Add is_bot_assigned_as_reviewer() to parse changes.reviewers from
  the webhook payload and detect initial bot assignment
- Add _get_bot_user_id() to auto-resolve the bot's GitLab user ID via
  API, with caching keyed by (url, token) for multi-tenant safety
- Mirror GitLabProvider auth: respect GITLAB.AUTH_TYPE (oauth/private)
  and GITLAB.SSL_VERIFY when creating the client
- Add draft MR guard and defensive isinstance checks on payload fields
- Check handle_reviewer_assignment before API calls to avoid wasted
  work when the feature is disabled
- Call apply_repo_settings() before reading the toggle, enabling
  per-project configuration via .pr_agent.toml

Assisted-by: opencode:deepseek-v4-pro
diff --git a/pr_agent/servers/gitlab_webhook.py b/pr_agent/servers/gitlab_webhook.py
@@ -4,6 +4,8 @@
 import re
 from datetime import datetime
 
+import hashlib
+
 import uvicorn
 from fastapi import APIRouter, FastAPI, Request, status
 from fastapi.encoders import jsonable_encoder
@@ -108,6 +110,65 @@ def is_draft_ready(data) -> bool:
         get_logger().error(f"Failed 'is_draft_ready' logic: {e}")
     return False
 
+_bot_user_id_cache = {}
+
+def _get_bot_user_id():
+    gitlab_url = get_settings().get("GITLAB.URL", "https://gitlab.com")
+    gitlab_token = get_settings().get("GITLAB.PERSONAL_ACCESS_TOKEN", None)
+    if not gitlab_token:
+        get_logger().error("No GitLab token available for bot user ID resolution")
+        return None
+
+    cache_key = hashlib.sha256(f"{gitlab_url}:{gitlab_token}".encode()).hexdigest()
+
+    cached = _bot_user_id_cache.get(cache_key)
+    if cached is not None:
+        return cached if cached != -1 else None
+
+    try:
+        import gitlab
+
+        ssl_verify = get_settings().get("GITLAB.SSL_VERIFY", True)
+        auth_method = get_settings().get("GITLAB.AUTH_TYPE", "oauth_token")
+        kwargs = {"url": gitlab_url, "ssl_verify": ssl_verify}
+        if auth_method == "oauth_token":
+            kwargs["oauth_token"] = gitlab_token
+        else:
+            kwargs["private_token"] = gitlab_token
+
+        gl = gitlab.Gitlab(**kwargs)
+        gl.auth()
+        user_id = gl.user.id
+        _bot_user_id_cache[cache_key] = user_id
+        get_logger().info(f"Bot user ID resolved via API: {user_id}")
+        return user_id
+    except Exception as e:
+        _bot_user_id_cache[cache_key] = -1
+        get_logger().error(f"Failed to resolve bot user ID: {e}")
+        return None
+
+def is_bot_assigned_as_reviewer(data) -> bool:
+    try:
+        changes = data.get('changes')
+        if not isinstance(changes, dict):
+            return False
+        if 'reviewers' not in changes:
+            return False
+        reviewers_change = changes['reviewers']
+        if not isinstance(reviewers_change, dict):
+            return False
+        previous = reviewers_change.get('previous', [])
+        current = reviewers_change.get('current', [])
+        bot_user_id = _get_bot_user_id()
+        if bot_user_id is None:
+            return False
+        previous_ids = {r.get('id') for r in previous if isinstance(r, dict)}
+        current_ids = {r.get('id') for r in current if isinstance(r, dict)}
+        return bot_user_id in current_ids and bot_user_id not in previous_ids
+    except Exception as e:
+        get_logger().error(f"Failed 'is_bot_assigned_as_reviewer' logic: {e}")
+    return False
+
 def should_process_pr_logic(data) -> bool:
     try:
         if not data.get('object_attributes', {}):
@@ -256,6 +317,21 @@ async def inner(data: dict):
                 # same as open MR
                 await _perform_commands_gitlab("pr_commands", PRAgent(), url, log_context, data)
 
+            # for reviewer assignment triggered merge requests
+            elif object_attributes.get('action') == 'update' and not object_attributes.get('oldrev'):
+                url = object_attributes.get('url')
+                apply_repo_settings(url)
+                if not get_settings().gitlab.get('handle_reviewer_assignment', False):
+                    return JSONResponse(status_code=status.HTTP_200_OK,
+                                        content=jsonable_encoder({"message": "success"}))
+                if is_draft(data):
+                    get_logger().info(f"Skipping draft MR reviewer assignment: {url}")
+                    return JSONResponse(status_code=status.HTTP_200_OK,
+                                        content=jsonable_encoder({"message": "success"}))
+                if is_bot_assigned_as_reviewer(data):
+                    get_logger().info(f"Bot was assigned as reviewer on MR: {url}")
+                    await _perform_commands_gitlab("reviewer_commands", PRAgent(), url, log_context, data)
+
         elif data.get('object_kind') == 'note' and data.get('event_type') == 'note': # comment on MR
             if 'merge_request' in data:
                 mr = data['merge_request']
diff --git a/pr_agent/settings/configuration.toml b/pr_agent/settings/configuration.toml
@@ -269,6 +269,11 @@ push_commands = [
 ]
 # Configure SSL validation for GitLab. Can be either set to the path of a custom CA or disabled entirely.
 # ssl_verify = true
+# Auto-trigger commands when the bot is assigned as a reviewer on an MR
+handle_reviewer_assignment = false
+reviewer_commands = [
+    "/review",
+]
 
 [gitea]
 url = "https://gitea.com"
