t1382: Enforce wait-for-review-bots gate before PR merge

[alex-solovyev]

Summary

• Adds three-layer defense to prevent PRs from being merged before AI code review bots (CodeRabbit, Gemini Code Assist) post their findings
• CI workflow (.github/workflows/review-bot-gate.yml) as a required status check, re-triggers on review/comment events
• Helper script (review-bot-gate-helper.sh) for check/wait/list commands for agent and manual use
• Agent rules in full-loop.md, pr-loop.md, pr.md, and build.txt — mandatory wait gate before merge step

Process gap: PR #1 on aidevops-cloudron-app was merged before review bots posted, losing all security findings. Bots typically post within 2-5 minutes; the gate polls up to 10 minutes before timing out.

Closes #2735

Summary by CodeRabbit

• New Features

  • Introduces mandatory "Review Bot Gate" before PR merge, requiring at least one AI review bot to provide feedback before allowing merge.
  • Includes configurable wait/poll mechanism with timeout handling and configurable polling intervals.
  • Supports skip-review-gate label to bypass gate for documentation-only changes or bot-exempt repositories.

• Documentation

  • Added comprehensive guidance for Review Bot Gate workflow, including usage commands and integration details.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a robust mechanism to prevent premature merging of pull requests, thereby safeguarding against the oversight of valuable AI code review bot feedback, particularly security-related findings. By integrating a multi-layered 'Review Bot Gate' into the CI/CD pipeline and agent workflows, the system now ensures that automated code analysis has completed and been considered before a PR can be finalized. This enhancement directly addresses a past incident where critical security insights were missed due to early merges.

Highlights

• Introduced Review Bot Gate: A new 'Review Bot Gate' has been implemented to ensure that AI code review bots (e.g., CodeRabbit, Gemini Code Assist) have posted their findings before a Pull Request (PR) can be merged. This prevents the loss of critical feedback, especially security findings.
• Three-Layer Enforcement: The gate is enforced through a three-layer defense mechanism: a GitHub Actions CI workflow as a required status check, an agent-side helper script for manual or automated checks, and a recommendation for branch protection rules.
• New Helper Script: A new bash script, review-bot-gate-helper.sh, was added to facilitate checking for bot reviews, waiting for them to post (with a configurable timeout), and listing all bot comments on a PR. It returns PASS, WAITING, or SKIP.
• Agent Workflow Integration: The agent's full-loop.md and pr-loop.md workflows have been updated to include the mandatory 'Review Bot Gate' step before merging, ensuring agents adhere to the new policy. The build.txt prompt also includes new guidelines.
• Bypass Mechanism: A skip-review-gate label can be applied to a PR to bypass the bot review gate, intended for documentation-only PRs or repositories where AI review bots are not configured.

Changelog

• .agents/prompts/build.txt
  • Added new guidelines for agents to enforce waiting for AI review bots before merging PRs, detailing the three enforcement layers and usage of the helper script.
• .agents/scripts/commands/full-loop.md
  • Updated the full agent loop to include a mandatory 'Review Bot Gate' step before merging.
  • Added detailed instructions on the operation of the review bot gate, including polling and bypass conditions.
• .agents/scripts/commands/pr-loop.md
  • Modified the PR monitoring loop to incorporate the 'Review Bot Gate' check.
  • Ensured AI review bots have posted before proceeding with merge readiness.
• .agents/scripts/review-bot-gate-helper.sh
  • Added a new bash script to check, wait for, or list AI review bot comments on a pull request.
  • Implemented functionality to identify known bot patterns and handle a skip-review-gate label.
• .agents/workflows/pr.md
  • Documented the new 'Pre-Merge: Review Bot Gate' policy.
  • Outlined its three enforcement layers and provided examples of how to use the helper script.

Ignored Files

• Ignored by pattern: .github/workflows/** (1)
  • .github/workflows/review-bot-gate.yml

Activity

• The motivation for this change stems from a past incident (PR 🤖 CodeRabbit AI Integration - Comprehensive Code Review Setup #1 on aidevops-cloudron-app) where a PR was merged before review bots posted, leading to the loss of security findings. This PR aims to prevent similar occurrences.
• No other specific human activity (comments, reviews) was provided in the context for this pull request.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[coderabbitai]

Caution

Review failed

Pull request was closed or merged during review

Walkthrough

This PR introduces a comprehensive Review Bot Gate system to enforce waiting for AI review bots (CodeRabbit, Gemini Code Assist, Augment, Copilot) to comment on PRs before merging. It implements a three-layer gate via CI workflow, agent script helper, and branch protection guidance, with polling, skip-label bypass, and timeout handling.

Changes

Cohort / File(s)	Summary
Workflow Implementation .github/workflows/review-bot-gate.yml	New GitHub Actions workflow that gates PR merges by detecting AI bot comments, enforcing minimum PR age, handling skip-review-gate label bypass, and exporting gate status with found/missing bot summaries.
Agent Script Helper .agents/scripts/review-bot-gate-helper.sh	New Bash script with check/wait/list commands to verify bot comments via GitHub API, define KNOWN_BOTS roster, respect skip-label exceptions, poll with configurable timeout, and output standardized PASS/WAITING/SKIP statuses.
Policy & Workflow Documentation .agents/prompts/build.txt, .agents/workflows/pr.md	Add Review Bot Gate policy section detailing multi-layer enforcement, waiting behavior (10-minute timeout), skip-label semantics, headless mode handling, and mandatory bot-findings review before merge.
Process Flow Documentation .agents/scripts/commands/pr-loop.md, .agents/scripts/commands/full-loop.md	Restructure PR/full loop guidance to insert Review Bot Gate as mandatory pre-merge phase before Review Status checks; expand AI bot verification steps, completion promises, timing guidance, and state tracking examples.

Sequence Diagram(s)

sequenceDiagram
    participant Dev as Developer
    participant GH as GitHub API
    participant CI as CI: review-bot-gate.yml
    participant Agent as Agent Script
    participant Bots as Review Bots

    Dev->>GH: Create/update PR
    CI->>GH: Triggered: check for bot comments
    CI->>GH: Scan PR reviews, comments
    CI->>GH: Detect KNOWN_BOTS presence
    
    alt Skip Label Present
        CI->>GH: Return SKIP status
        CI-->>Dev: Gate bypassed (docs-only)
    else Bots Found
        CI->>GH: Export gate_passed=true
        CI-->>Dev: PASS - review findings
    else No Bots
        Agent->>GH: Begin polling (do_wait)
        loop Poll every 60s until timeout
            Agent->>GH: Check for bot comments
            Bots-->>GH: Post review comments
            Agent->>GH: Detect KNOWN_BOTS match
        end
        alt Timeout (10 min)
            Agent-->>Dev: WAITING - proceed with warning
        else Bot Posts Within Timeout
            Agent-->>Dev: PASS - mandatory review required
        end
    end
    
    Dev->>Dev: Review bot findings
    Dev->>GH: Merge PR

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• t1281: Deduplicate shared rules across context chain (pass 1) #2039: Both modify central prompts/build.txt with new Review Bot Gate policy directive, aligning this PR's enforcement with centralized build rules.
• feat: support multiple AI code reviewers in PR loop #295: Both introduce bot detection logic with KNOWN_BOTS roster patterns and AI reviewer comment scanning for multi-bot awareness.
• feat: add /pr-loop slash command for iterative PR monitoring #251: This PR extends pr-loop.md (initial introduction) by inserting the new Review Bot Gate phase into the mandatory pre-merge sequence and workflow lifecycle.

Suggested labels

needs-review, enhancement

Poem

🤖 The bots now stand as sentries at the gate,
✅ Ensuring wisdom flows before you integrate,
⏰ Poll, wait, or skip with grace,
🔒 Quality reviews hold the place,
🚀 Before your code finds its fate!

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 25.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and concisely summarizes the main change: enforcing a gate that blocks PR merges until review bots post their findings, which directly addresses the primary objective.
Linked Issues check	✅ Passed	All primary requirements from issue #2735 are met: CI workflow polling for bot reviews, helper script with check/wait/list commands, agent-level documentation updates, and skip-review-gate bypass mechanism.
Out of Scope Changes check	✅ Passed	All changes directly support the review-bot-gate implementation with no unrelated modifications detected; documentation, workflow, and script changes align with stated objectives.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature/t1382-review-bot-gate

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

🔍 Code Quality Report

�[0;35m[MONITOR]�[0m Code Review Monitoring Report

�[0;34m[INFO]�[0m Latest Quality Status:
SonarCloud: 0 bugs, 0 vulnerabilities, 111 code smells

�[0;34m[INFO]�[0m Recent monitoring activity:
Mon Mar 2 23:13:26 UTC 2026: Code review monitoring started
Mon Mar 2 23:13:26 UTC 2026: SonarCloud - Bugs: 0, Vulnerabilities: 0, Code Smells: 111

📈 Current Quality Metrics

• BUGS: 0
• CODE SMELLS: 111
• VULNERABILITIES: 0

Generated on: Mon Mar 2 23:13:29 UTC 2026

---

Generated by AI DevOps Framework Code Review Monitoring

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[alex-solovyev]

Adding skip-review-gate label: this PR implements the review bot gate — it cannot be gated by itself (bootstrap deadlock). The gate will re-run and pass with this label. Once Framework Validation completes, this PR is ready to merge.

[gemini-code-assist]

Code Review

This pull request introduces a crucial 'review bot gate' to prevent premature merging of pull requests before AI reviewers have posted their findings. However, a security audit identified a high-severity command injection vulnerability in review-bot-gate-helper.sh due to unsafe arithmetic expansion of user-controlled variables, and a medium-severity argument injection risk in the usage of the GitHub CLI. These issues could allow an attacker to execute arbitrary commands or bypass the intended security gate. Furthermore, the review-bot-gate-helper.sh script suppresses stderr on gh CLI calls, which can mask underlying issues and hinder debugging. Remediation for the security vulnerabilities involves strict input validation and the use of the -- separator for CLI commands, and the stderr suppression should be removed. The documentation updates are clear and comprehensive.

[gemini-code-assist]

This block contains a high-severity command injection vulnerability due to unsafe arithmetic expansion. Variables like max_wait or poll_interval, if derived from user-controlled input and containing command substitutions, could lead to arbitrary command execution within the [[ ... -lt ... ]] or $((...)) contexts. Additionally, on line 148, the stderr of the do_check function is being redirected to /dev/null. This suppresses diagnostic messages and potential gh command errors, making debugging difficult as the user only sees [Xs/Ys] Still waiting... without context. It is crucial to implement strict input validation for max_wait and poll_interval to prevent command injection, and to remove 2>/dev/null from the do_check call to improve error visibility.

References

1. Avoid using '2>/dev/null' for blanket suppression of command errors in shell scripts to ensure that authentication, syntax, or system issues remain visible for debugging.

[gemini-code-assist]

The gh api calls in this function use 2>/dev/null to suppress stderr. This is problematic as it can hide important errors like authentication failures, invalid repository or PR numbers, or network issues. If such an error occurs, the command will silently produce no output, and the script will incorrectly assume no comments or reviews exist.

This violates a general rule for this repository. Please remove 2>/dev/null from all three gh api calls in this function. The existing || echo "" is sufficient to handle cases where the API returns no items, preventing the script from exiting due to set -e.

Suggested change

	reviews=$(gh api "repos/${repo}/pulls/${pr_number}/reviews" \
	--paginate --jq '.[].user.login' 2>/dev/null || echo "")
	# 2. Issue comments (some bots post as comments, not reviews)
	local comments
	comments=$(gh api "repos/${repo}/issues/${pr_number}/comments" \
	--paginate --jq '.[].user.login' 2>/dev/null || echo "")
	# 3. Review comments (inline code comments)
	local review_comments
	review_comments=$(gh api "repos/${repo}/pulls/${pr_number}/comments" \
	--paginate --jq '.[].user.login' 2>/dev/null || echo "")
	reviews=$(gh api "repos/${repo}/pulls/${pr_number}/reviews" \
	--paginate --jq '.[].user.login' || echo "")
	# 2. Issue comments (some bots post as comments, not reviews)
	local comments
	comments=$(gh api "repos/${repo}/issues/${pr_number}/comments" \
	--paginate --jq '.[].user.login' || echo "")
	# 3. Review comments (inline code comments)
	local review_comments
	review_comments=$(gh api "repos/${repo}/pulls/${pr_number}/comments" \
	--paginate --jq '.[].user.login' || echo "")

References

1. Avoid using '2>/dev/null' for blanket suppression of command errors in shell scripts to ensure that authentication, syntax, or system issues remain visible for debugging.

[gemini-code-assist]

This gh pr view command is potentially vulnerable to argument injection. If the pr_number or repo variables start with a hyphen (e.g., -Rattacker/repo), they might be interpreted as flags by the gh command, allowing an attacker to manipulate its behavior, such as redirecting the check to a different repository to bypass the review gate. Additionally, using 2>/dev/null here hides potential errors from the gh pr view command. If the command fails (e.g., due to authentication issues or an invalid PR number), this function will silently fail to retrieve labels and incorrectly determine that the skip-review-gate label is not present, potentially causing the script to wait unnecessarily. It is recommended to use the -- separator before user-controlled arguments to prevent argument injection and to remove the stderr redirection to allow errors to be visible for debugging.

Suggested change

	labels=$(gh pr view "$pr_number" --repo "$repo" \
	--json labels -q '.labels[].name' 2>/dev/null || echo "")
	labels=$(gh pr view "$pr_number" --repo "$repo" \
	--json labels -q '.labels[].name' || echo "")

References

1. Avoid using '2>/dev/null' for blanket suppression of command errors in shell scripts to ensure that authentication, syntax, or system issues remain visible for debugging.

[gemini-code-assist]

The gh repo view command suppresses stderr with 2>/dev/null. While there is an error check immediately following this line, it's better to let gh print its own specific error message (e.g., 'not a git repository', 'no remote configured'). This provides more context to the user than the generic 'Could not determine repo' message.

Please remove 2>/dev/null to align with the project's general rules on error visibility.

Suggested change

	repo=$(gh repo view --json nameWithOwner -q .nameWithOwner 2>/dev/null || echo "")
	repo=$(gh repo view --json nameWithOwner -q .nameWithOwner || echo "")

References

1. Avoid using '2>/dev/null' for blanket suppression of command errors in shell scripts to ensure that authentication, syntax, or system issues remain visible for debugging.