altimate-code-actions/action.yml at main · AltimateAI/altimate-code-actions · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
name: "Altimate Code Review"
description: "AI-powered SQL/dbt code review — quality gates for data teams"
branding:
  icon: "database"
  color: "blue"

inputs:
  model:
    description: "LLM model to use (e.g., anthropic/claude-sonnet-4-20250514). Required for 'ai' and 'full' modes."
    required: false
    default: ""

  sql_review:
    description: "Enable SQL quality analysis (anti-patterns, formatting)"
    default: "true"

  impact_analysis:
    description: "Enable dbt DAG impact analysis"
    default: "true"

  cost_estimation:
    description: "Enable query cost estimation"
    default: "false"

  pii_check:
    description: "Enable PII detection in SQL outputs"
    default: "true"

  mode:
    description: "Review mode: 'full' (AI + static), 'static' (deterministic only, no LLM), 'ai' (LLM review only)"
    default: "full"

  interactive:
    description: "Enable @altimate mentions for interactive review. Supported commands: review, impact, cost, help"
    default: "true"

  mentions:
    description: "Comma-separated trigger phrases"
    default: "/altimate,/oc"

  dbt_project_dir:
    description: "Path to dbt project root (auto-detected if omitted)"

  dbt_version:
    description: "dbt version to use (auto-detected if omitted)"

  manifest_path:
    description: "Path to pre-built manifest.json"

  warehouse_type:
    description: "Warehouse type: snowflake, bigquery, postgres, databricks, redshift"

  warehouse_connection:
    description: "JSON warehouse connection config"

  use_github_token:
    description: "Use GITHUB_TOKEN instead of OIDC app token"
    default: "false"

  max_files:
    description: "Max files to analyze (0 = unlimited)"
    default: "50"

  severity_threshold:
    description: "Min severity: info, warning, error, critical"
    default: "warning"

  comment_mode:
    description: "single (summary comment), inline (per-file), both"
    default: "single"

  fail_on:
    description: "Fail the action on: none, error, critical"
    default: "none"

outputs:
  issues_found:
    description: "Total issues found"
    value: ${{ steps.analyze.outputs.issues_found }}
  impact_score:
    description: "Impact score 0-100"
    value: ${{ steps.analyze.outputs.impact_score }}
  estimated_cost_delta:
    description: "Monthly cost delta"
    value: ${{ steps.analyze.outputs.estimated_cost_delta }}
  comment_url:
    description: "URL of PR comment"
    value: ${{ steps.analyze.outputs.comment_url }}
  report_json:
    description: "Full JSON report"
    value: ${{ steps.analyze.outputs.report_json }}

runs:
  using: "composite"
  steps:
    - name: Install altimate-code
      shell: bash
      run: |
        echo "Installing altimate-code via npm..."
        npm install -g @altimateai/altimate-code@latest 2>&1

        # Verify and check if `check` command is available
        if command -v altimate-code >/dev/null 2>&1; then
          VERSION=$(altimate-code --version 2>/dev/null || echo "unknown")
          echo "altimate-code ${VERSION} installed"

          # Test if check command exists (added in v0.5.10+)
          if altimate-code check --help >/dev/null 2>&1; then
            echo "check command: available"
          else
            echo "check command: not available in v${VERSION} — will use regex rules"
            echo "::notice::altimate-code check requires v0.5.10+. Current: v${VERSION}. Publish to npm to enable AST-based analysis."
          fi
        else
          echo "::warning::altimate-code not found after npm install — regex rules only"
        fi

    - name: Setup Node.js
      uses: actions/setup-node@v4
      with:
        node-version: "22"

    - name: Validate model input
      shell: bash
      run: |
        MODE="${{ inputs.mode }}"
        MODEL="${{ inputs.model }}"
        if [ "$MODE" != "static" ] && [ -z "$MODEL" ]; then
          echo "::error::The 'model' input is required when mode is '$MODE'. Set model (e.g., anthropic/claude-sonnet-4-20250514) or use mode: static."
          exit 1
        fi

    - name: Run analysis
      id: analyze
      shell: bash
      run: node ${{ github.action_path }}/dist/index.js
      env:
        MODEL: ${{ inputs.model }}
        SQL_REVIEW: ${{ inputs.sql_review }}
        IMPACT_ANALYSIS: ${{ inputs.impact_analysis }}
        COST_ESTIMATION: ${{ inputs.cost_estimation }}
        PII_CHECK: ${{ inputs.pii_check }}
        MODE: ${{ inputs.mode }}
        INTERACTIVE: ${{ inputs.interactive }}
        MENTIONS: ${{ inputs.mentions }}
        DBT_PROJECT_DIR: ${{ inputs.dbt_project_dir }}
        DBT_VERSION: ${{ inputs.dbt_version }}
        MANIFEST_PATH: ${{ inputs.manifest_path }}
        WAREHOUSE_TYPE: ${{ inputs.warehouse_type }}
        WAREHOUSE_CONNECTION: ${{ inputs.warehouse_connection }}
        USE_GITHUB_TOKEN: ${{ inputs.use_github_token }}
        MAX_FILES: ${{ inputs.max_files }}
        SEVERITY_THRESHOLD: ${{ inputs.severity_threshold }}
        COMMENT_MODE: ${{ inputs.comment_mode }}
        FAIL_ON: ${{ inputs.fail_on }}
        GITHUB_TOKEN: ${{ github.token }}