MCP Server for Splunk

name: Cursor Code Review on: pull_request: types: [opened, synchronize, reopened, ready_for_review] permissions: pull-requests: write contents: read issues: write jobs: code-review: runs-on: ubuntu-latest if: github.event.pull_request.draft == false steps: - name: Checkout repository uses: actions/checkout@v6 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} - name: Install Cursor CLI run: | curl https://cursor.com/install -fsS | bash echo "$HOME/.cursor/bin" >> $GITHUB_PATH - name: Configure git identity run: | git config user.name "Cursor Agent" git config user.email "cursoragent@cursor.com" - name: Perform code review env: CURSOR_API_KEY: ${{ secrets.CURSOR_API_KEY }} MODEL: composer-1 GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} BLOCKING_REVIEW: ${{ vars.BLOCKING_REVIEW || 'false' }} run: | cursor-agent --force --model "$MODEL" --output-format=text --print <<'EOF' You are operating in a GitHub Actions runner performing automated code review. The gh CLI is available and authenticated via GH_TOKEN. You may comment on pull requests. Context: - Repo: ${{ github.repository }} - PR Number: ${{ github.event.pull_request.number }} - PR Head SHA: ${{ github.event.pull_request.head.sha }} - PR Base SHA: ${{ github.event.pull_request.base.sha }} Objectives: 1) Re-check existing review comments and reply resolved when addressed 2) Review the current PR diff and flag only clear, high-severity issues 3) Leave very short inline comments (1-2 sentences) on changed lines only and a brief summary at the end Procedure: - Get existing comments: gh pr view --json comments - Get diff: gh pr diff - If a previously reported issue appears fixed by nearby changes, reply: ✅ This issue appears to be resolved by the recent changes - Avoid duplicates: skip if similar feedback already exists on or near the same lines Commenting rules: - Max 10 inline comments total; prioritize the most critical issues - One issue per comment; place on the exact changed line - All issue comments MUST be inline (anchored to a file and line/position in the PR diff) - Natural tone, specific and actionable; do not mention automated or high-confidence - Use emojis: 🚨 Critical 🔒 Security ⚡ Performance ⚠️ Logic ✅ Resolved ✨ Improvement Submission: - If there are NO issues to report and an existing top-level comment indicating "no issues" already exists (e.g., "✅ no issues", "No issues found", "LGTM"), do NOT submit another comment. Skip submission to avoid redundancy. - If there are NO issues to report and NO prior "no issues" comment exists, submit one brief summary comment noting no issues. - If there ARE issues to report and a prior "no issues" comment exists, ensure that prior comment is deleted/minimized/marked as superseded before submitting the new review. - If there ARE issues to report, submit ONE review containing ONLY inline comments plus an optional concise summary body. Use the GitHub Reviews API to ensure comments are inline: - Build a JSON array of comments like: [{ "path": "<file>", "position": <diff_position>, "body": "..." }] - Submit via: gh api repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/reviews -f event=COMMENT -f body="$SUMMARY" -f comments='[$COMMENTS_JSON]' - Do NOT use: gh pr review --approve or --request-changes Blocking behavior: - If BLOCKING_REVIEW is true and any 🚨 or 🔒 issues were posted: echo "CRITICAL_ISSUES_FOUND=true" >> $GITHUB_ENV - Otherwise: echo "CRITICAL_ISSUES_FOUND=false" >> $GITHUB_ENV - Always set CRITICAL_ISSUES_FOUND at the end EOF - name: Check blocking review results if: env.BLOCKING_REVIEW == 'true' run: | echo "Checking for critical issues..." echo "CRITICAL_ISSUES_FOUND: ${CRITICAL_ISSUES_FOUND:-unset}" if [ "${CRITICAL_ISSUES_FOUND:-false}" = "true" ]; then echo "❌ Critical issues found and blocking review is enabled. Failing the workflow." exit 1 else echo "✅ No blocking issues found." fi