API endpoint for PR reviews


#1

The new PR Reviews feature is great. Are there plans to bring support to the API?

At Hound, we comment on pull requests to report style guide violations introduced by the changes. This can result in a lot of emails/notifications when there are many violations in a PR and can feel spammy. If we are able to submit all comments as a single review, this would help us alleviate some pain our users are feeling.


#2

We do plan to bring API support for this in the future, @thorncp.

If we are able to submit all comments as a single review, this would help us alleviate some pain our users are feeling.

This sounds like a perfect use case that we’d like to empower.

We’ll update this thread when this API support is added.


#3

Thanks, this would be awesome! Similar tools like pronto could also benefit, as well as external code review tools (eg. reviewable.io). It would certainly make my life much easier to have this support for those two tools.


#4

+1 really enjoying the Review features! Just to confirm, support for Review-related data in the Events API webhooks is also not currently available?


#5

That’s correct @jasonm


#6

+1 for this API endpoint (or endpoints) to be developed ASAP.

Our integration, Gitpup (https://gitpup.io), has basically been obviated by the PR Reviews feature, and now duplicates many of the features that are found in the Reviews. Would love to get the bot to be better integrated with this feature so we don’t have two overlapping systems. Webhooks regarding PR Reviews actions would also be necessary to ensure complete functionality.

Fingers crossed for a speedy delivery of this API!


#7

This API is now available: https://developer.github.com/changes/2016-12-14-reviews-api/

But it doesn’t appear to be enabled for Integrations: https://developer.github.com/v3/pulls/reviews/#list-reviews-on-a-pull-request (no “Integrations Enabled” comment).

Are there plans to enable this for Integrations?


#8

Thanks for following up now that this is live. We do plan to add support for the Pull Request Reviews API to Integrations :+1:. We don’t have a specific timeline at the moment, but we’ll update this thread once we’ve got something in place.


#9

@jmilas some time has passed since your last comment. Is there an eta when we can expect that the review api will be available for integrations? Thanks :slight_smile:


#10

Hi there!

At marmelab we have launched Sedy (in process of becoming a GitHub’s showcase), and we would love to use it as an Integration.

Sadly, we need to access to the Pull Request Review API and especially to Get comments for a single review.

I vote for this feature too.
Thanks for what you’re doing!


#11

We’re working on some review workflow integrations, and we’d love to be able to set an integration as a reviewer.

One integration we’re working on pings a Slack channel to get anyone who’s online to review a PR. Right now, users have to assign a magic label to trigger this ping, but we’d love to use the GitHub “request a review from…” feature with our integration instead. (e.g. “request a review from reviewbot”, which would trigger a webhook).

Likewise, being able to trigger merge tests when a PR is ready by requesting a review from a mergebot would be great. This can be worked around by testing every push, but it would save unnecessary load to only build when actually requested.

Integrations are looking great so far though, thanks to the GitHub team for building this. :heart:


#12

Hi there,

It’s great that the PR API is now available for Apps, it’s making our lives a whole lot better. Apps are fantastic and the Github team are making it easier for us to build our workflows!

However, one thing we’d really like to be able to achieve is letting an App add reviewer requests. Currently the following request with an App token:

curl -XPOST -H "Authorization: token <appToken>" -H "Accept: application/vnd.github.machine-man-preview+json" -H "Content-type: application/json" https://api.github.com/repos/owner/repo/pulls/123/requested_reviewers -d '{"reviewers": [ "sablekeech" ]}'

Gives the rather curious response:
{ "message": "Validation Failed", "errors": [ "Must have push access to this repository to add review requests." ], "documentation_url": "https://developer.github.com/v3/schema/pull-request-review-request" }

As our App does have push access permissions (well, it’s able to create trees, refs, blobs, do merges, etc.) it’s a confusing error! It would be absolutely awesome, though, to be able to automatically assign reviewers from an App, as it’s the only piece of functionality we’re really missing at the moment!

Is this a security issue, or is Github planning on bringing this functionality to Apps at some point?

Cheers!


#13

Thanks for the request, @hedss. I don’t think that endpoint has been enabled for GitHub Apps. I’ve opened an internal issue so that the team can consider your request and we’ll followup when there’s any news.

Also, if you don’t mind a request from our end: whenever you’re reporting problems or demonstrating some behavior – please include as many specific details as possible, preferably by providing the full output of a curl -v request which clearly demonstrates the behavior (just mask sensitive information in the output of curl -v, like authentication credentials). Sometimes providing just the body of the response and a URL with the name of repositories and owners masked prevents us from matching that request to our internal logs and collecting more information. The curl -v output includes some details that we can use to find the request in our logs and gather more details. Providing specific details like the app’s and installation’s IDs is also helpful in most situations.

Thanks again! :bow:


#14

Recently I noticed the PR review API was available so I set out to make some use of it. Our repositories are already using commit statuses to add insight to PR reviewers but some failures require “stepping out” of GitHub to see why. While for a reviewer this is broadly acceptable, PR submitters don’t always follow the commit status links. So the initial goal was to add a review about lint issues right on the PR lines that triggered them. Wasn’t an easy process since you have to calculate the offset of the line based of the diff github delivers but that part is done. In this process I used an oauth token form an account created to do a bot’s work.

When the PoC was done, I wanted to use this approach as an organization app(integration).
After finding out how to properly do it using a GitHub App(tokens must be requested and last only for an hour) it was “deployed”.

Everything just works, so thank you for exposing this API but I miss something that I had when using the oauth token from a real account. When requesting that changes should be made on a review, the PR status would become “blocked” because of that review which needed to be addressed, but, with the GitHub App, everything except the blocking part works. Ie, the application gets added to the PR timeline as requesting changes but(with the hover info in the UI) it can’t “block” the PR because it lacks write(push) permissions for the repository.

Well, on the GitHub application I’m adding the read/write permission to repository contents(this equals push permissions right?

So, what am I missing?


#15

There’s a separate “commit status” permission for GitHub Apps that I think you need to set to Read & Write to be able to access that endpoint.


#17

Oh, commit statuses work as supposed. I also set those perms to read/write.

But apparently a GiHub App cannot set a PR to blocked status, only real accounts.

Is this expected behavior?


#18

I’m not sure if that’s the expected behavior.

Which API endpoint are you using to make the endpoint blocked in your proof of concept?
(Would you link me to the documentation for it? That will make it easier to hunt this down).


#19

This https://developer.github.com/v3/pulls/reviews/#create-a-pull-request-review is what I’m following.

If I use an oath token from my account, I can block the PR merge because I require reviewers approval. If however I use a GitHub App generated token(those that last only one hour) and submit the same review requiring changes, the PR doesn’t get blocked but it does say that my github app requested changes.


#20

Hi,

I’d like to know whether this endpoint has been enable officially for GitHub Apps? Specifically https://developer.github.com/v3/pulls/reviews/#create-a-pull-request-review - others appear to suggest the API does work, but the documentation does not indicate it’s enabled for GitHub Apps.

Thanks


#21

@bradleyfalzon I took a quick look at this and it appears that the endpoint is enabled, and that we forgot to update the documentation on it. I’ll need to confirm properly.

Either way I’ll report back here.