DEV Community

SANKET PATIL
SANKET PATIL

Posted on

๐Ÿš€ Building an AI-Powered Code Reviewer for Bitbucket Using Groq & Pipelines

Modern development teams rely heavily on pull requests for code quality-but manual reviews are slow, inconsistent, and expensive. Recently, Bitbucket introduced Rovo Dev, and GitHub has Ask Copilot, both offering AI-assisted PR reviews.

But there was one major problem for me:

โŒ I wasnโ€™t ready to pay $20 per developer per month just to get AI reviews.

โœ… I already had a Groq API key.

โœ… I wanted a fully automated, pipeline-driven solution.

So I built my own AI-powered PR review system for Bitbucket using:

  • โœ… Bitbucket Pipelines
  • โœ… Groq LLM (llama-3.3-70b-versatile)
  • โœ… Git-based diff extraction (no REST API auth headaches)

This system reviews every PR automatically and outputs a structured, checklist-driven AI review-with zero dependency on Bitbucketโ€™s unreliable token ecosystem and zero per-developer licensing cost.

In this post, Iโ€™ll cover:

  • How this compares to Rovo Dev & GitHub Copilot
  • Why I avoided Bitbucketโ€™s REST APIs
  • The final production architecture
  • How the AI review works
  • Key engineering lessons from building this

๐Ÿค– Rovo Dev vs Ask Copilot vs This Approach

Feature Rovo Dev (Bitbucket) Ask Copilot (GitHub) This Groq-Based System
AI PR Reviews โœ… โœ… โœ…
Fully Automated in CI โŒ (mostly UI based) โŒ (manual prompts) โœ…
Per-Developer Cost โŒ $20/month/dev โŒ Bundled with Copilot โœ… $0 per dev
Works in Pipelines โŒ โŒ โœ…
Custom Review Rules โŒ Limited โŒ Limited โœ… Full control
Vendor Lock-in โœ… โœ… โŒ None (Groq + Git)

I didnโ€™t want:

  • Another per-seat SaaS subscription
  • A manual โ€œAsk AIโ€ workflow
  • Or a system that breaks when pricing changes

I wanted:
โœ… Fully automated

โœ… CI-level enforcement

โœ… Custom review rules

โœ… Lowest possible cost

Thatโ€™s why I chose Groq + Pipelines.


โŒ The Problem with Traditional Bitbucket PR Automation

Initially, I tried the standard approach:

  • Fetch PR diffs using the Bitbucket REST API
  • Post PR comments using:
    • Atlassian API tokens
    • Workspace tokens
    • Repository access tokens

Despite correct scopes, PR comment posting repeatedly failed with 401 Unauthorized errors due to:

  • Inconsistent token behaviors
  • Bitbucketโ€™s evolving security model
  • Poor documentation around 2025 token behavior

After continous debugging, I realized:

โœ… The smartest move was to eliminate Bitbucketโ€™s REST API entirely for diff collection.


โœ… The Final Working Architecture

Hereโ€™s the production setup that actually works:

Pull Request Created
โ†“
Bitbucket Pipeline Triggered
โ†“
Git diff extracted using: git diff origin/main...HEAD
โ†“
Diff sent to Groq LLM
โ†“
AI generates structured checklist-based review
โ†“
Review shown in Pipeline logs + downloadable artifact

Why this works so well:

  • โœ… No REST API calls for diffs
  • โœ… No authentication failures
  • โœ… No permission issues
  • โœ… No flakiness
  • โœ… Fully deterministic

๐Ÿค– The AI Review Rules (Enterprise-Grade)

The AI review is driven by a strict TypeScript + Angular + security checklist:

  • โŒ No any types
  • โœ… Strong typing with interfaces & generics
  • โœ… Modern Angular syntax (@if, @for, standalone components)
  • โœ… Authentication guards
  • โœ… No hardcoded secrets
  • โœ… Error handling
  • โœ… Tests present
  • โœ… Performance checks
  • โœ… Accessibility (WCAG)
  • โœ… Final verdict: MERGE READY / NEEDS WORK

This ensures:

  • Consistent reviews
  • Enforced standards
  • Zero reviewer bias

๐Ÿง  Git-Based Diff Instead of REST API

Instead of calling Bitbucketโ€™s REST endpoints, the pipeline simply runs:

git fetch origin main
git diff origin/main...HEAD
Enter fullscreen mode Exit fullscreen mode

This gives:

โœ… The exact PR diff

โœ… No API authentication

โœ… Works in every CI environment

This single decision eliminated 90% of the systemโ€™s complexity.

โšก Groq LLM Integration
The diff is sent to Groq using:
llama-3.3-70b-versatile

Why Groq?
โšก Extremely fast inference

๐Ÿง  Excellent reasoning on large diffs

๐Ÿ’ธ Much cheaper than many alternatives

โœ… OpenAI-compatible API

๐ŸŒฑ More eco-friendly due to lower compute time per request

The AI responds with:

๐Ÿšจ Critical Issues

๐Ÿ”’ Security Analysis

โšก Performance Review

๐Ÿ—๏ธ Architecture Feedback

๐Ÿ“ Maintainability

โœ… Final Verdict: MERGE READY / NEEDS WORK

๐Ÿ“„ Where the AI Review Appears Instead of battling PR comment permissions:

โœ… The full AI review appears in the Pipelines logs

โœ… Optionally saved as a downloadable ai-review.md artifact

โœ… No PR write permissions required

โœ… No security risks

This turned out to be far more enterprise-compliant than auto-commenting.

๐Ÿงช Production Impact After enabling this system:

โœ… Every PR is reviewed automatically

โœ… Developers get feedback in minutes

โœ… Review standards are enforced consistently

โœ… Human reviewers focus only on business logic

โœ… No failed pipelines due to auth issues

โœ… No wasted build minutes on retries

โœ… Zero per-developer licensing cost

๐Ÿ”‘ Key Engineering Lessons
Avoid brittle platform APIs when Git can do the job

AI reviewers should assist, not block developers

PR comments are optional-reviews must be reliable

Pipelines + Git + LLM = extremely powerful combination

Groq is ideal for CI/CD AI workloads

Not every AI solution needs a $20/month/dev license

๐Ÿ“Œ Whatโ€™s Next?
Planned upgrades:

โœ… Auto-block merge when verdict = NEEDS WORK

โœ… Language-specific reviewers (.NET, SQL)

โœ… Security-only review mode

โœ… Architectural drift detection

โœ… Final Thoughts
If you're using Bitbucket and want reliable AI-powered PR reviews without paying enterprise per-seat pricing, my recommendation is:

๐Ÿ’ก Use Git for diff extraction + Groq for AI analysis + Pipelines for automation. Avoid REST API auth wherever possible.

Itโ€™s simpler. Itโ€™s faster. Itโ€™s cheaper. And it actually works in production.

Top comments (0)