You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/use-cases/ci-cd.mdx
+8-14Lines changed: 8 additions & 14 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -13,7 +13,7 @@ The AI-powered CI/CD workflow follows this pattern:
13
13
1.**A pull request is opened or updated** — GitHub Actions triggers a workflow
14
14
2.**The workflow creates an E2B sandbox** — a fresh Linux environment isolated from the CI runner
15
15
3.**The repository is cloned into the sandbox** — the PR branch is checked out using E2B's [git integration](/docs/sandbox/git-integration)
16
-
4.**An LLM analyzes the changes** — the diff is sent to a language model (e.g., OpenAI GPT-4o, Anthropic Claude) for review or test generation
16
+
4.**An LLM analyzes the changes** — the diff is sent to a language model (e.g., OpenAI ChatGPT 5.2 Mini, Anthropic Claude) for review or test generation
17
17
5.**Tests run inside the sandbox** — the project's test suite executes in isolation, with output streamed back to the workflow
18
18
6.**Results are reported** — the workflow posts findings as PR comments via the GitHub API
**Step 1 — Create a sandbox.**`Sandbox.create()` spins up a fresh Linux environment via the E2B API. The `timeoutMs` / `timeout` sets a 5-minute auto-destroy limit so forgotten sandboxes don't run up costs.
277
-
278
-
**Step 2 — Clone the PR branch.**`sandbox.git.clone()` clones the repository inside the sandbox, not on the CI runner. The `GITHUB_TOKEN` provided by GitHub Actions authenticates the clone when paired with `x-access-token` as the username — this is the standard [GitHub Apps authentication pattern](https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/authenticating-as-a-github-app-installation). `depth: 1` makes it a shallow clone for speed.
279
-
280
-
**Step 3 — AI code review.**`sandbox.commands.run()` executes `git diff` inside the sandbox and returns the output in `stdout`. The diff is then sent to an LLM (OpenAI GPT-4o in this example) with a system prompt asking for a code review. You can swap this for any model or provider — see [Connect LLMs](/docs/quickstart/connect-llms).
281
-
282
-
**Step 4 — Run tests.** The test suite runs inside the sandbox with `onStdout` / `on_stdout` callbacks that stream output in real time to the GitHub Actions logs. The `commands.run()` method throws when a command exits with a non-zero code — `CommandExitError` in JavaScript, `CommandExitException` in Python — so test failures are caught with try/catch and cause the workflow to fail.
283
-
284
-
**Step 5 — Post results.** The review is posted as a PR comment via the [GitHub REST API](https://docs.github.com/en/rest/issues/comments#create-an-issue-comment). The `GITHUB_TOKEN` has write access thanks to the `permissions` block in the workflow. Finally, `sandbox.kill()` destroys the sandbox immediately rather than waiting for the timeout.
274
+
1.**Create sandbox** — `Sandbox.create()` spins up an isolated Linux environment with a 5-minute timeout
275
+
2.**Clone the PR** — `sandbox.git.clone()` checks out the PR branch using `x-access-token` + `GITHUB_TOKEN` for [authentication](https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/authenticating-as-a-github-app-installation)
276
+
3.**AI review** — runs `git diff` inside the sandbox, sends the output to an LLM — swap the model for any provider via [Connect LLMs](/docs/quickstart/connect-llms)
277
+
4.**Run tests** — `commands.run()` streams output in real time and throws on failure (`CommandExitError` / `CommandExitException`)
278
+
5.**Post results** — comments the review on the PR via the GitHub REST API, then destroys the sandbox
0 commit comments