fix: run: sanitize branch name when generating volume name

[dbarrosop]

PR Type

Enhancement, Bug fix

---

Description

• Fixed a bug in dockercompose/run.go by sanitizing the branch name when generating volume names
• Added a new GitHub Actions workflow for AI-powered PR reviews using Codium AI's pr-agent
• The new workflow is configured to run on pull request events and respond to user comments
• Specified environment variables and configuration settings for the pr-agent, including model selection and file ignore patterns

---

Changes walkthrough 📝

	Relevant files
Bug fix	run.go Sanitize branch name in volume name generation                      dockercompose/run.go Modified runVolumeName function to use sanitizeBranch(branchName) instead of raw branchName +1/-1
Enhancement	gen_ai_review.yaml Add AI-powered PR review workflow                                                .github/workflows/gen_ai_review.yaml Added new GitHub Actions workflow for AI-powered PR review Configured to run on pull request events and issue comments Uses Codium AI's pr-agent action with specific settings +28/-0

---

💡 PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

[github-actions]

PR Reviewer Guide 🔍

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪

🧪 No relevant tests

🔒 Security concerns Sensitive information exposure: The workflow file contains references to API keys (OPENAI_KEY and ANTHROPIC_API_KEY) as GitHub secrets. While using secrets is a good practice, ensure these keys have appropriate access restrictions and are rotated regularly to minimize potential security risks.

⚡ Key issues to review Potential Bug The sanitizeBranch function is called but not defined in the visible code. Ensure it's properly implemented and imported. Configuration Concern The workflow uses both OpenAI and Anthropic API keys, but only Anthropic's model is specified. Verify if both are needed.

[github-actions]

PR Code Suggestions ✨

Category	Suggestion	Score
Enhancement	Add a step to checkout the repository before running external actions Consider adding a step to checkout the repository before running the PR Agent action, as it might need access to the repository files. .github/workflows/gen_ai_review.yaml [17-20] steps: + - name: Checkout repository + uses: actions/checkout@v3 - name: PR Agent action step id: pragent uses: Codium-ai/[email protected] Suggestion importance[1-10]: 9 Why: Adding a checkout step is crucial for most GitHub Actions workflows, especially when subsequent steps need access to repository files. This suggestion addresses a potential oversight in the workflow.	9
Best practice	Use a specific version tag for external actions to ensure reproducibility Consider using a specific version tag for the PR Agent action instead of a major version tag to ensure reproducibility and avoid unexpected changes. .github/workflows/gen_ai_review.yaml [20] -uses: Codium-ai/[email protected] +uses: Codium-ai/[email protected] Suggestion importance[1-10]: 8 Why: Using a specific version tag (v0.24.0 instead of v0.24) is a best practice for GitHub Actions, as it ensures reproducibility and prevents unexpected changes from minor updates.	8
Error handling	Handle potential errors from the sanitization function Consider handling potential errors from the sanitizeBranch function. If it can return an error, it's important to handle it appropriately to prevent unexpected behavior. dockercompose/run.go [15] -return fmt.Sprintf("%s-run-%s-%s", sanitizeBranch(branchName), runName, volumeName) +sanitizedBranch, err := sanitizeBranch(branchName) +if err != nil { + // Handle the error appropriately, e.g., log it or return a default value + return fmt.Sprintf("default-run-%s-%s", runName, volumeName) +} +return fmt.Sprintf("%s-run-%s-%s", sanitizedBranch, runName, volumeName) Suggestion importance[1-10]: 3 Why: While error handling is generally good practice, the suggestion assumes that sanitizeBranch returns an error, which is not evident from the provided code. The suggestion might be overly cautious.	3