Add AI code review tools evaluation policy#8910
Add AI code review tools evaluation policy#8910cblecker wants to merge 1 commit intokubernetes:mainfrom
Conversation
k8s-ci-robot
added
sig/contributor-experience
k8s-ci-robot
added
approved
|
should we create a gh issue template in k/org specifically for these requests? we can add a checkbox for folks requesting (sig leads / subproject leads) to acknowledge the Kubernetes AI usage policy - https://github.com/kubernetes/community/blob/main/contributors/guide/pull-requests.md#ai-guidance Also, i am thinking should we ask the requesting folks as well to upfront provide a list of permissions that the integration would require. (gh admins will still do the verification) |
|
|
||
| ## Evaluation and Decision | ||
|
|
||
| At the end of the pilot period, the sponsoring subproject provides a summary |
There was a problem hiding this comment.
how is this summary provided? is this going to be an artifact somewhere? is providing some structure to the summary a good idea so we can have consistency on the reports?
There was a problem hiding this comment.
A github issue for tracking, perhaps?
| This policy covers AI tools that automatically review pull requests, such as | ||
| CodeRabbit or GitHub Copilot code review. It does not cover other AI-powered | ||
| tooling such as CI/CD, security scanning, or code generation assistants. | ||
|
|
There was a problem hiding this comment.
what about open source tools leveraging AI ? we could have something built in the open just for issue triage for example.
There was a problem hiding this comment.
The CNCF provides https://dosu.dev/ for this purpose already. ref: https://contribute.cncf.io/resources/services/hosted-tools/#tools
But imo I'm not sure this policy should be in scope for your question.
There was a problem hiding this comment.
I don't think this matters if it's open source or not -- it's more about the role in the software development lifecycle.. specifically code review.
jasonbraganza
left a comment
jasonbraganza
left a comment
There was a problem hiding this comment.
/lgtm
Fairly comprehensive beginning. Cannot think of anything better.
k8s-ci-robot
added
the
lgtm
|
/hold |
k8s-ci-robot
added
the
do-not-merge/hold
|
|
||
| - Identify the tool and link to its documentation | ||
| - Describe the use cases and what the subproject is trying to accomplish | ||
| - Explain why existing approved tools do not meet their needs |
There was a problem hiding this comment.
Is there a list of already-approved tools somewhere?
There was a problem hiding this comment.
IIRC k8s repo admins can enable Copilot auto code reviews, but as @kannon92 mentioned in kubernetes/org#5930 (comment), it requires PR authors to have Copilot subscription first, or the maintainers need to manually request reviews from Copilot
There was a problem hiding this comment.
OK. I'm just saying that if we have existing tools, we should link to a list somewhere, so that it'll save a lot of duplicate requests.
There was a problem hiding this comment.
Speaking of this, if a tool is approved in one SIG repo/subproject, can we assume it's approved to use in other repos as well (may still need admin to configure it, but no additional approval is needed)?
There was a problem hiding this comment.
@janetkuo assuming there is not extra $$$'s involved perhaps?
There was a problem hiding this comment.
Added a blank section for approved tools
janetkuo
left a comment
janetkuo
left a comment
There was a problem hiding this comment.
This looks great. Would love to try out different AI code review tools!
|
|
||
| - Identify the tool and link to its documentation | ||
| - Describe the use cases and what the subproject is trying to accomplish | ||
| - Explain why existing approved tools do not meet their needs |
There was a problem hiding this comment.
IIRC k8s repo admins can enable Copilot auto code reviews, but as @kannon92 mentioned in kubernetes/org#5930 (comment), it requires PR authors to have Copilot subscription first, or the maintainers need to manually request reviews from Copilot
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: cblecker, janetkuo The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
@jasonbraganza is this ready to go? |
|
Apologies!
Please unhold at will.
I held it, because I wanted voices, wiser and more experienced than mine, to chime in.
…On Tue, 28 Apr 2026, at 23:25, Janet Kuo wrote:
*janetkuo* left a comment (kubernetes/community#8910) <#8910 (comment)>
@jasonbraganza <https://github.com/jasonbraganza> is this ready to go?
—
Reply to this email directly, view it on GitHub <#8910 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ABFJRTIQ7XQ6M36VI6EAT2D4YDWAPAVCNFSM6AAAAACW2YA6OCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHM2DGMZXHAZTSNZRGQ>.
Triage notifications on the go with GitHub Mobile for iOS <https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android <https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
You are receiving this because you were mentioned.Message ID: ***@***.***>
|
|
I think there are a bunch of inline comments we need to address before we merge it. |
Add a policy document for evaluating AI-powered code review tools (such as CodeRabbit) on a per-repo opt-in basis. The policy covers requesting new tools, privacy/security assessment, pilot structure, evaluation criteria, and removal process.
cblecker
force-pushed
the
ai-code-review-policy
branch
from
cecd6cd to
a635916
Compare
k8s-ci-robot
removed
the
lgtm
|
New changes are detected. LGTM label has been removed. |
k8s-ci-robot
removed
the
size/M
k8s-ci-robot
added
the
size/L
10 participants
Summary
github-management/ai-code-review-tools.mdestablishing a policy for evaluating AI-powered code review tools on a per-repo opt-in basisContext
There has been growing interest in AI code review tools across Kubernetes orgs (kubernetes/org#5930). This policy provides a consistent framework for evaluating these requests.
fixes kubernetes/org#6234
/sig contributor-experience
/area github-management