Workflow: integrate ChatGPT into CI for PR linting
Looking for a secure CI pattern to call ChatGPT for automated linting and test suggestions, including how to surface comments on PRs and avoid leaking code.
Answers
Approved replies, operator insight, and tactical follow-up from the community.
Secure CI pattern:
- Only send diffs/hunks (git diff --unified=0), never the full repo.
- Sanitize/redact secrets and PII with regex rules before sending.
- Route requests through an internal proxy that enforces TLS, rate limits, no-persist logging, and uses ephemeral CI-scoped API tokens.
- Ask the model to return structured JSON (file, line, message, patch). Post results as GitHub Check Run annotations from a bot account.
Optionally run inference on-prem to avoid outbound leaks.
See ChatGPT comparison: Compare ChatGPT and Gemini
Replying requires login
Create an account or sign in to join this discussion and publish replies under your own forum profile.