Project Name
Code Reviews Automation for 50+ Daily PRs Using OCI GenAI
Our client is a mid-to-large fintech company operating a high-velocity engineering organisation of 80-plus engineers across product and platform teams. Their development workflow processes 50-plus pull requests daily across a microservices platform on OCI Kubernetes Engine, with continuous delivery requirements demanding rapid, high-quality code review at scale.
As engineering headcount grew, code review had become the single largest bottleneck in the delivery chain, with senior engineers spending nearly half their working hours on reviews rather than building features.
Leadership sought an AI-native solution that could automate the review baseline and free senior engineers to focus exclusively on the highest-risk changes, solving a structural problem that adding more reviewers to the queue could never fix.
A review bottleneck that scaled linearly with every new engineer hired, and a senior engineering team spending 40% of its capacity managing the queue.
- Code Review Cycle Averaging 2 to 3 Days: With 50-plus PRs submitted daily, the review backlog grew faster than senior engineers could address it, creating a release bottleneck that delayed every sprint cycle by multiple working days regardless of how much the team tried to prioritise the queue.
- Senior Engineers Trapped in Review Work: 40% of senior engineering capacity was consumed by code review, diverting the organisation's highest-value contributors away from architecture, feature delivery, and technical leadership into repetitive queue management that should never have required their level of expertise.
- Security Anti-Patterns Reaching Production: Manual reviewers under time pressure were missing security vulnerabilities, insecure dependencies, and architectural anti-patterns in high-volume PR queues, creating compounding risk and technical debt in production code that surfaced as incidents rather than review flags.
- No Risk-Based Triage for Review Routing: All PRs entered the same review queue regardless of complexity or risk: a two-line config change and a new authentication module received identical reviewer attention, wasting senior engineering hours on low-risk work while high-risk changes waited in the same backlog.
- No Cross-Service Code Quality Visibility: Engineering leadership had no aggregated view of review durations, risk trends, or quality scores per service: technical debt accumulation was invisible to management until it surfaced in production incidents that could have been caught earlier with any systematic visibility.
- Review Bottleneck Scales Linearly With Headcount: The review burden grew proportionally with every new engineer hired: the bottleneck was structural, not a staffing problem, and could not be solved by adding more reviewers to the queue or asking senior engineers to work faster.
Ksolves, an AI-first DevOps consulting services company, integrated OCI Generative AI into the Dagger CI/CD pipeline to automate first-pass code reviews, detecting security issues, code quality gaps, anti-patterns, and test coverage problems before human review. This AI-first triage approach ensures developers focus only on high-risk PRs, turning reviews into a risk-based workflow. A Backstage plugin was also added to display PR risk scores, AI-generated summaries, and cross-service quality insights for engineering teams.
- OCI Generative AI Review Agent: Built a GenAI-powered code review agent using OCI Generative AI Service, integrated into the Dagger pipeline to automatically analyse every PR for security vulnerabilities, code quality violations, architectural anti-patterns, and test coverage gaps, producing a structured review summary and risk score from 0 to 10 before any human reviewer is assigned.
- Dagger TypeScript SDK Pipeline Integration: The AI review agent was wired into Dagger TypeScript pipeline modules triggered automatically on every PR commit via GitLab webhooks, ensuring 100% PR coverage with zero manual invocation required across all 50-plus daily pull requests, with no changes to developer workflow needed.
- Risk-Based Human Review Routing: Human reviewers are routed exclusively to AI-flagged high-risk PRs, eliminating manual triage of low-risk changes and concentrating senior engineering attention where architectural or security judgment is genuinely required, not where queue position happened to place it.
- OCI DevOps Auto-Deploy Gate for Low-Risk PRs: The AI risk score was connected to OCI DevOps deployment gates: PRs scoring below the risk threshold progress automatically through the pipeline to OCIR without waiting for human review queues, significantly increasing daily release throughput without compromising quality governance.
- Backstage Custom AI Review Plugin: A custom Backstage plugin was built to surface AI review summaries, per-PR risk scores, and review trend metrics per service, giving engineering leadership a unified real-time view of code quality health and technical debt accumulation across the platform from a single portal.
Technology Stack
| Category | Technology |
|---|---|
| AI/ML | OCI Generative AI Service |
| CI/CD Portability | Dagger (TypeScript SDK) |
| Developer Portal | Backstage (AI Review Plugin) |
| Source Control | GitLab |
| Container Platform | OCI Kubernetes Engine (OKE) |
| Deployment | OCI DevOps + OCIR |
From a three-day review backlog and 40% of senior engineering capacity lost to queue management to AI-first triage, four-hour cycles, and every PR security-scanned before a human sees it.
- Code Review Cycle Reduced From 3 Days to Under 4 Hours: AI pre-review completes in minutes for every PR and human reviewers focus only on AI-flagged high-risk changes, reducing the average review cycle from 2 to 3 days to under 4 hours and eliminating the sprint-cycle delays the backlog had been causing.
- Senior Engineer Review Burden Cut by 60%: AI handles the review baseline for all 50-plus daily PRs; senior engineers review only AI-flagged high-risk changes, targeting review time below 15% of working hours and redirecting the remaining senior engineering capacity to architecture, feature delivery, and technical leadership.
- 100% of Daily PRs Receive Automated Security and Quality Analysis: Every one of the 50-plus daily PRs receives automated security vulnerability, code quality, architectural anti-pattern, and test coverage analysis before human review, replacing a model where time-pressured manual reviewers missed security issues in high-volume queues with a zero-escape-rate automated scan gate.
- Cross-Service Code Quality Visibility Delivered From Day One: Backstage AI review plugin surfaces real-time risk scores, review trends, and quality metrics per service across the entire platform, replacing invisible technical debt accumulation with a leadership dashboard that tracks code quality health before it surfaces as a production incident.
- Release Throughput Increased as Low-Risk PRs Bypass Human Queue: AI risk scoring routes low-risk PRs directly through OCI DevOps to OCIR without entering the human review queue, significantly increasing daily release throughput and breaking the structural coupling between PR volume and review bottleneck that had made the problem unsolvable by adding headcount.
Code review bottlenecks are a structural issue, not a staffing one. Ksolves introduced an OCI GenAI review agent that automatically evaluates every PR for security, quality, architecture, and testing risks before human review. Only high-risk changes reach engineers, while low-risk PRs move forward automatically. This reduced review cycles from days to hours, freed senior engineers from queue management, and added consistent, scalable risk scoring to every PR.
Is Your Code Review Process a Bottleneck that Scales with Headcount Rather than Intelligence?
