Skip to content

SentinelEngine/bot

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
app.yml
app.yml
 
 
demo.js
demo.js
 
 
index.js
index.js
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation

🤖 SentinelEngine PR Bot

SentinelEngine PR Bot is a serverless GitHub App that intercepts Pull Request webhooks, analyzes the abstract syntax tree (AST) of the code changes, and calculates the projected Cloud Billing impact (Cost Delta) before the code is merged.

This bot is fully integrated with the core CloudGauge Backend which performs the heavy-lifting AST logic.

https://github.com/apps/sentinelengine-bot

https://github.com/apps/cloudgauge-bot

🚀 Architecture Overview

  1. GitHub App Trigger: A developer opens or modifies a Pull Request.
  2. Webhook Tunneling: GitHub sends a pull_request event payload to our webhook proxy (smee.io).
  3. Bot Orchestration: The local Probot instance receives the payload, extracts the repository details, and generates a list of changed files.
  4. Backend Processing: The Bot forwards the PR metadata to the CloudGauge Server (http://localhost:3001/api/bot/analyze-pr).
  5. AST Cost Engine: The server dynamically downloads the raw code via Octokit, parses the AST to detect expensive API calls (e.g., OpenAI gpt-4, AWS Lambda), and computes the estimated monthly cost difference.
  6. Dynamic Reporting: The server returns a dynamic Markdown report back to the Bot.
  7. PR Comment Injection: The Bot utilizes its GitHub Installation Token to instantly comment the cost report on the original Pull Request.

⚙️ Running Locally

1. Prerequisites

  • Node.js v20+
  • The core CloudGauge Server running on port 3001
  • A valid GitHub App registered with pull_requests: write permissions.

2. Environment Variables

Your .env file should look like this:

APP_ID=<your-github-app-id>
PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----\n..."
WEBHOOK_SECRET=<your-webhook-secret>
WEBHOOK_PROXY_URL=https://smee.io/<your-unique-hash>

(Note: We use smee.io as the proxy because it natively integrates with Probot and never drops connections, unlike localtunnel.)

3. Start the Bot

# Install dependencies
npm install

# Start the bot
npm start

You should see:

INFO (server): Connected to https://smee.io/...
INFO (server): Listening on http://localhost:3000

🧠 Dynamic Markdown Generation

The Markdown comment generated by the Bot is 100% dynamic. It relies on the CloudGauge AST engine to parse actual code.

For example, if a developer writes:

for (let i = 0; i < 1000; i++) {
  const completion = await openai.chat.completions.create({
    model: "gpt-4",
    messages: [{ role: "user", content: "Hello" }],
  });
}

The server AST engine will calculate that this gpt-4 call is inside a for-loop (Execution Context = Loop), drastically increasing its cost weight, and will dynamically return a +$750/mo delta in the resulting PR comment table.

If the developer removes an AWS Lambda function, the dynamic PR comment will correctly show a negative (savings) delta.

Powered by SentinelEngine.

About

cloudgaugebot.onrender.com/

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages