From 954ffc7e36140046c5f2b16c212372af66d5d415 Mon Sep 17 00:00:00 2001 From: 0xlukem Date: Fri, 17 Apr 2026 21:40:12 -0300 Subject: [PATCH 1/2] review fix --- code-reviews/faq.md | 4 ++-- code-reviews/pr-reviews/azure-devops.md | 7 +++++-- code-reviews/pr-reviews/bitbucket.md | 4 ++-- code-reviews/pr-reviews/github.md | 4 ++-- code-reviews/pr-reviews/gitlab.md | 10 +++++----- code-reviews/pr-reviews/quickstart.md | 2 +- 6 files changed, 17 insertions(+), 14 deletions(-) diff --git a/code-reviews/faq.md b/code-reviews/faq.md index 4b0a830e..6f58172b 100644 --- a/code-reviews/faq.md +++ b/code-reviews/faq.md @@ -64,13 +64,13 @@ kluster.ai sources vulnerability data from public CVE databases that are continu You can provide feedback on code review results from your IDE or from the kluster.ai platform. -**From your IDE** +#### From your IDE In the kluster.ai extension sidebar, open **Recent Reviews** to see your latest review results. Click on a review to open its details, then use the thumbs up or thumbs down buttons on any issue to rate the finding. ![kluster.ai review details in IDE with feedback buttons on an issue](/images/code-reviews/faq/faq-feedback-01.webp) -**From the kluster.ai platform** +#### From the kluster.ai platform Open [Review History](https://platform.kluster.ai/dashboards/logs){target=\_blank} in the kluster.ai platform to see all past code reviews. Click on any review to open its details. In the **Your Feedback** section, select **Yes** (thumbs up) or **No** (thumbs down) to rate the review, and optionally add comments before clicking **Submit Feedback**. diff --git a/code-reviews/pr-reviews/azure-devops.md b/code-reviews/pr-reviews/azure-devops.md index 9ec79beb..12f4b0f7 100644 --- a/code-reviews/pr-reviews/azure-devops.md +++ b/code-reviews/pr-reviews/azure-devops.md @@ -21,9 +21,12 @@ Once connected, the bot reviews every new pull request and every new commit push Before getting started, ensure you have: - A [kluster.ai](https://platform.kluster.ai/signup){target=\_blank} account. -- An Azure DevOps account that is a member of **Project Collection Administrators** in your organization. This role is required to install webhooks. If the account has insufficient permissions, webhook installation will fail silently and pull request reviews will not appear. To fix this, navigate to **Organization Settings** > **Security** > **Permissions**, find the user, and add them to **Project Collection Administrators**. After updating permissions, click **Re-install** on the PR Reviews page in the kluster.ai platform. +- An Azure DevOps account that is a member of **Project Collection Administrators** in your organization. - A personal access token with the required scopes. See [Create a personal access token](#create-a-personal-access-token) for instructions. +!!! warning "Verify account permissions" + The account used for setup must have sufficient organization-level permissions to install webhooks. If the account has insufficient permissions, webhook installation will fail silently and pull request reviews will not appear. To fix this, navigate to **Organization Settings** > **Security** > **Permissions**, find the user, and add them to **Project Collection Administrators**. After updating permissions, click **Re-install** on the PR Reviews page in the kluster.ai platform. + ## Admin consent Before anyone in your organization can connect kluster to Azure DevOps, an administrator or organization owner must grant consent. This is a one-time step per organization that applies to both PR reviews and repo reviews. @@ -67,7 +70,7 @@ With a [personal access token](#create-a-personal-access-token) ready, you can s ![PR Bot Installation page showing Azure DevOps setup with Save & Install button](/images/code-reviews/pr-reviews/pr-reviews-azure-devops-01.webp) -4. After the credentials are validated, a message confirms that the Azure DevOps integration is **Installed** and is ready to review your pull requests automatically. +4. After the credentials are validated, a confirmation banner shows the Azure DevOps integration with the **Installed** status and confirms that it is ready to review your pull requests automatically. ![Azure DevOps integration showing Installed status on kluster.ai](/images/code-reviews/pr-reviews/pr-reviews-azure-devops-02.webp) diff --git a/code-reviews/pr-reviews/bitbucket.md b/code-reviews/pr-reviews/bitbucket.md index 9de6ccf5..915f5e89 100644 --- a/code-reviews/pr-reviews/bitbucket.md +++ b/code-reviews/pr-reviews/bitbucket.md @@ -85,9 +85,9 @@ With an [API token](#create-an-api-token) created, you can set up the Bitbucket ![Dialog prompting for Bitbucket API credentials](/images/code-reviews/pr-reviews/pr-reviews-bitbucket-01.webp) -3. After the credentials are validated, a message confirms the Bitbucket integration as **Installed** and lists the registered workspaces. By default, kluster has access to all workspaces associated with the API token owner. +3. After the credentials are validated, a confirmation banner shows the Bitbucket integration with the **Installed** status and lists the registered workspaces. By default, kluster has access to all workspaces associated with the API token owner. - ![Bitbucket integration showing Connected status on kluster.ai](/images/code-reviews/pr-reviews/pr-reviews-bitbucket-02.webp) + ![Bitbucket integration showing Installed status on kluster.ai](/images/code-reviews/pr-reviews/pr-reviews-bitbucket-02.webp) ## What happens after setup diff --git a/code-reviews/pr-reviews/github.md b/code-reviews/pr-reviews/github.md index ce11d9bc..ec7c0865 100644 --- a/code-reviews/pr-reviews/github.md +++ b/code-reviews/pr-reviews/github.md @@ -25,7 +25,7 @@ Before getting started, ensure you have: You can set up the GitHub integration from the [PR Reviews](https://platform.kluster.ai/pr-bot-installation){target=\_blank} page on the kluster.ai platform. -1. Navigate to [PR Reviews](https://platform.kluster.ai/pr-bot-installation){target=\_blank} in the kluster.ai platform. The PR Bot Installation page displays the GitHub integration with two setup steps: **Authorize** and **Install**. First, click on **Authorize**. +1. Navigate to [PR Reviews](https://platform.kluster.ai/pr-bot-installation){target=\_blank} in the kluster.ai platform. The PR Bot Installation page displays the GitHub integration with two setup steps: **Authorize** and **Install**. First, click **Authorize**. ![PR Bot Installation page showing GitHub setup steps](/images/code-reviews/pr-reviews/pr-reviews-github-01.webp) @@ -44,7 +44,7 @@ You can set up the GitHub integration from the [PR Reviews](https://platform.klu !!! note "Trouble installing the GitHub App?" If you run into issues while installing the kluster.ai GitHub App, refer to GitHub's guide on [reviewing and modifying installed GitHub Apps](https://docs.github.com/en/apps/using-github-apps/reviewing-and-modifying-installed-github-apps){target=\_blank} to check permissions and resolve common setup problems. -5. You are redirected back to the kluster.ai platform. The GitHub integration shows as **Installed** and is ready to review your pull requests automatically. +5. You are redirected back to the kluster.ai platform. A confirmation banner shows the GitHub integration with the **Installed** status and confirms that it is ready to review your pull requests automatically. ![GitHub integration showing Installed status on kluster.ai](/images/code-reviews/pr-reviews/pr-reviews-github-05.webp) diff --git a/code-reviews/pr-reviews/gitlab.md b/code-reviews/pr-reviews/gitlab.md index bf32e38c..f47e87ef 100644 --- a/code-reviews/pr-reviews/gitlab.md +++ b/code-reviews/pr-reviews/gitlab.md @@ -1,6 +1,6 @@ --- title: GitLab PR Reviews Setup -description: Connect the kluster.ai bot to GitLab to automatically review every merge request. Set up the integration with a personal access token. +description: Connect the kluster.ai bot to GitLab to automatically review merge requests. Set up a personal access token, configure permissions, and install the integration. categories: PR Reviews --- @@ -35,7 +35,7 @@ The kluster.ai bot requires a GitLab personal access token with the `api`, `read !!! tip "Use a dedicated service account" Reviews posted by the bot are attributed to the token owner. To avoid reviews appearing under a personal account, create a dedicated GitLab service account for kluster and generate the token from that account. -The kluster.ai bot uses a **Legacy** personal access token. GitLab now shows two options when you create a token: **Legacy token** and **Fine-grained token (Beta)**. Select **Legacy token** to follow the recommended setup below; it includes all the permissions kluster needs by default. +The kluster.ai bot uses a **Legacy** personal access token. GitLab provides two options when you create a token: **Legacy token** and **Fine-grained token (Beta)**. Select **Legacy token** to follow the recommended setup below; it includes all the permissions kluster needs by default. 1. Sign in to the GitLab account that will be associated with the kluster.ai bot reviews. 2. Open the [Personal access tokens](https://gitlab.com/-/user_settings/personal_access_tokens){target=\_blank} page and click **Generate token**. @@ -92,11 +92,11 @@ You can set up the GitLab integration from the [PR Reviews](https://platform.klu 1. Navigate to [PR Reviews](https://platform.kluster.ai/pr-bot-installation){target=\_blank} in the kluster.ai platform. The PR Bot Installation page displays the available integrations, including GitLab. Click **Connect GitLab**. -2. A dialog appears prompting you to enter your GitLab API token. Enter your credentials and click **Save & Install**. +2. A dialog appears prompting you to enter your GitLab personal access token. Enter your credentials and click **Save & Install**. - ![Dialog prompting for GitLab API token](/images/code-reviews/pr-reviews/pr-reviews-gitlab-01.webp) + ![Dialog prompting for GitLab personal access token](/images/code-reviews/pr-reviews/pr-reviews-gitlab-01.webp) -3. After the credentials are validated, a message confirms the GitLab integration as **Installed** and lists the registered workspaces. By default, kluster has access to all groups associated with the API token owner. +3. After the credentials are validated, a confirmation banner shows the GitLab integration with the **Installed** status and lists the registered workspaces. By default, kluster has access to all groups associated with the API token owner. ![GitLab integration showing Installed status on kluster.ai](/images/code-reviews/pr-reviews/pr-reviews-gitlab-02.webp) diff --git a/code-reviews/pr-reviews/quickstart.md b/code-reviews/pr-reviews/quickstart.md index b1fbef66..3cbad52e 100644 --- a/code-reviews/pr-reviews/quickstart.md +++ b/code-reviews/pr-reviews/quickstart.md @@ -73,7 +73,7 @@ Every PR review runs at the **ultra-deep** analysis level automatically. This is --- - Connect using a GitLab personal access token with the `api` scope. Select the groups or projects to monitor. + Connect using a GitLab personal access token with the `api`, `read_api`, and `read_user` scopes. Select the groups or projects to monitor. [:octicons-arrow-right-24: Set up GitLab](/code-reviews/pr-reviews/gitlab/) From fc68b77acec4fc19d4e0baa2cbf43120f99f6c37 Mon Sep 17 00:00:00 2001 From: Lucas Malizia <131050418+0xlukem@users.noreply.github.com> Date: Mon, 20 Apr 2026 09:58:51 -0300 Subject: [PATCH 2/2] Update code-reviews/pr-reviews/gitlab.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- code-reviews/pr-reviews/gitlab.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-reviews/pr-reviews/gitlab.md b/code-reviews/pr-reviews/gitlab.md index f47e87ef..a0e1be1d 100644 --- a/code-reviews/pr-reviews/gitlab.md +++ b/code-reviews/pr-reviews/gitlab.md @@ -96,7 +96,7 @@ You can set up the GitLab integration from the [PR Reviews](https://platform.klu ![Dialog prompting for GitLab personal access token](/images/code-reviews/pr-reviews/pr-reviews-gitlab-01.webp) -3. After the credentials are validated, a confirmation banner shows the GitLab integration with the **Installed** status and lists the registered workspaces. By default, kluster has access to all groups associated with the API token owner. +3. After the credentials are validated, a confirmation banner shows the GitLab integration with the **Installed** status and lists the available groups and projects. By default, kluster has access to all groups associated with the personal access token owner. ![GitLab integration showing Installed status on kluster.ai](/images/code-reviews/pr-reviews/pr-reviews-gitlab-02.webp)