Why This Matters

Traditional code review is a bottleneck. You push code, wait for reviewers, hope they’re available, and ping them when you’re stuck. What if you could have an AI reviewer available 24/7 that never gets tired, never says “I’ll review it later,” and actually understands your codebase?

That’s exactly what OpenCode brings to your GitHub organization. It’s an agentic coding CLI that integrates directly into your GitHub workflow — comment /oc on an issue or PR, and it gets to work.

My Actual Setup

Here’s how I run OpenCode in my GitHub organization:

  graph TB
    subgraph "GitHub Events"
        I[Issue Comment]
        PR[PR Review Comment]
    end
    
    subgraph "GitHub App"
        APP[GitHub App<br/>your-github-app]
    end
    
    subgraph "OpenCode Action"
        OC[anomalyco/opencode/github]
    end
    
    subgraph "GitHub Actions"
        GT[Generate Token]
        C[Create PRs]
    end
    
    I --> APP
    PR --> APP
    
    APP --> GT
    GT --> OC
    OC --> C

I use a GitHub App for authentication instead of API keys:

1. GitHub App — your-github-app handles all authentication
2. Workflow — Reusable _opencode.yml template managed via Terraform
3. Model — opencode/minimax-m2.5-free for all tasks

The workflow file (.github/workflows/_opencode.yml) is managed as Terraform code:

# In modules/repository/opencode.tf
resource "github_repository_file" "opencode_ci" {
  repository          = github_repository.this.name
  file                = ".github/workflows/_opencode.yml"
  content             = file("${path.module}/templates/_opencode.yml")
  commit_message      = "chore: update _opencode.yml file"
  overwrite_on_create = true
}

The GitHub App is configured with environment variables:

Required secrets are centrally stored in GitHub’s Secrets Manager (referenced via bws_id) and made accessible to all repositories within the organization. Through the GitHub management plane, workflows across the entire organization are centrally controlled—so updates only need to be made once, rather than manually applied to each repository.

Architecture

The integration works through GitHub Actions triggered by various events:

  graph TB
    subgraph "GitHub Events"
        I[Issue Comment]
        PR[PR Review Comment]
        P[Pull Request]
        S[Schedule]
    end
    
    subgraph "OpenCode Action"
        OC[anomalyco/opencode/github]
    end
    
    subgraph "Actions"
        C[Create Comments]
        B[Create Branches]
        PRS[Open PRs]
        R[Review PRs]
    end
    
    I --> OC
    PR --> OC
    P --> OC
    S --> OC
    
    OC --> C
    OC --> B
    OC --> PRS
    OC --> R

Installation

The quickest way to set up OpenCode in your repository:

opencode github install

This walks you through:

1. Installing the OpenCode GitHub App
2. Creating the workflow file
3. Setting up required secrets

Manual Setup

If you prefer manual configuration:

1. Install the GitHub App — Go to github.com/apps/opencode-agent and install it on your repository

2. Add the workflow — Create .github/workflows/_opencode.yml:

# .github/workflows/_opencode.yml
name: OpenCode Private Agent

on:
  issue_comment:
    types: [created]
  pull_request_review_comment:
    types: [created]

permissions: {}

jobs:
  opencode:
    if: |
      contains(github.event.comment.body, '/oc') ||
      contains(github.event.comment.body, '/opencode')
    runs-on: ${{ vars.RUNNER || 'ubuntu-latest' }}
    permissions:
      contents: read
    steps:
      - name: Generate GitHub App Token
        id: generate-token
        uses: actions/create-github-app-token@v1.10c78c7865c340bc4f6099eb2f838309f1e8c3
        with:
          client-id: ${{ vars.CI_AI_APP_CLIENT_ID }}
          private-key: ${{ secrets.CI_AI_APP_PRIVATE_KEY }}
          owner: ${{ github.repository_owner }}

      - name: Checkout repository
        uses: actions/checkout@v6
        with:
          fetch-depth: 1
          persist-credentials: true
          token: ${{ steps.generate-token.outputs.token }}

      - name: Run OpenCode
        uses: anomalyco/opencode/github@v1.14.25
        env:
          GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }}
        with:
          model: ${{ vars.CI_AI_MODEL_NAME || 'opencode/minimax-m2.5-free' }}
          use_github_token: true
          share: false

3. Set up the GitHub App — Create a GitHub App with:

   • Repository contents (read/write)
   • Issues (read/write)
   • Pull requests (read/write)

4. Add secrets — Store CI_AI_APP_PRIVATE_KEY in repository secrets

What OpenCode Can Do

Explain Issues

Comment on any issue:

/opencode explain this issue

OpenCode reads the entire issue thread and provides a clear explanation. This is invaluable for catching up on old issues or understanding complex bug reports.

Fix Issues

Want OpenCode to implement a fix? Just ask:

/opencode fix this

OpenCode will:

1. Create a new branch
2. Implement the changes
3. Open a PR with the fix

Review Specific Code

Comment directly on lines in the PR’s “Files” tab:

/oc add error handling here

OpenCode receives the exact file, line numbers, and diff context to make precise changes.

Automated PR Reviews

Run OpenCode automatically on every PR:

# .github/workflows/opencode-review.yml
name: opencode-review
on:
  pull_request:
    types: [opened, synchronize, reopened, ready_for_review]

jobs:
  review:
    runs-on: ${{ vars.RUNNER || 'ubuntu-latest' }}
    permissions:
      contents: read
      pull-requests: write
    steps:
      - name: Generate GitHub App Token
        id: generate-token
        uses: actions/create-github-app-token@v1.10.78
        with:
          client-id: ${{ vars.CI_AI_APP_CLIENT_ID }}
          private-key: ${{ secrets.CI_AI_APP_PRIVATE_KEY }}
          owner: ${{ github.repository_owner }}

      - uses: actions/checkout@v6
        with:
          fetch-depth: 1
          persist-credentials: true
          token: ${{ steps.generate-token.outputs.token }}

      - uses: anomalyco/opencode/github@v1.14.25
        env:
          GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }}
        with:
          model: ${{ vars.CI_AI_MODEL_NAME || 'opencode/minimax-m2.5-free' }}
          use_github_token: true
          prompt: |
            Review this pull request:
            - Check for code quality issues
            - Look for potential bugs
            - Suggest improvements

Without a custom prompt, OpenCode defaults to reviewing the PR.

Issue Triage

Automatically triage new issues:

# .github/workflows/opencode-triage.yml
name: Issue Triage
on:
  issues:
    types: [opened]

jobs:
  triage:
    runs-on: ${{ vars.RUNNER || 'ubuntu-latest' }}
    permissions:
      contents: write
      issues: write
    steps:
      - name: Generate GitHub App Token
        id: generate-token
        uses: actions/create-github-app-token@v1.10.78
        with:
          client-id: ${{ vars.CI_AI_APP_CLIENT_ID }}
          private-key: ${{ secrets.CI_AI_APP_PRIVATE_KEY }}
          owner: ${{ github.repository_owner }}

      - uses: actions/checkout@v6
        with:
          fetch-depth: 1
          persist-credentials: true
          token: ${{ steps.generate-token.outputs.token }}

      - name: Generate GitHub App Token
        id: generate-token
        uses: actions/create-github-app-token@v1.10.78
        with:
          client-id: ${{ vars.CI_AI_APP_CLIENT_ID }}
          private-key: ${{ secrets.CI_AI_APP_PRIVATE_KEY }}
          owner: ${{ github.repository_owner }}

      - name: Checkout repository
        uses: actions/checkout@v6
        with:
          fetch-depth: 1
          persist-credentials: true
          token: ${{ steps.generate-token.outputs.token }}

      - name: Run OpenCode
        uses: anomalyco/opencode/github@v1.14.25
        env:
          GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }}
        with:
          model: ${{ vars.CI_AI_MODEL_NAME || 'opencode/minimax-m2.5-free' }}
          use_github_token: true
          prompt: |
            Review this issue. If there's a clear fix or relevant docs:
            - Provide documentation links
            - Add error handling guidance for code examples
            Otherwise, do not comment.

Scheduled Automation

Run OpenCode on a schedule — perhaps weekly dependency updates or codebase housekeeping:

# .github/workflows/opencode-scheduled.yml
name: Scheduled OpenCode Task
on:
  schedule:
    - cron: "0 9 * * 1" # Every Monday at 9am UTC

jobs:
  opencode:
    runs-on: ${{ vars.RUNNER || 'ubuntu-latest' }}
    permissions:
      contents: write
      issues: write
    steps:
      - name: Generate GitHub App Token
        id: generate-token
        uses: actions/create-github-app-token@v1.10.78
        with:
          client-id: ${{ vars.CI_AI_APP_CLIENT_ID }}
          private-key: ${{ secrets.CI_AI_APP_PRIVATE_KEY }}
          owner: ${{ github.repository_owner }}

      - name: Checkout repository
        uses: actions/checkout@v6
        with:
          fetch-depth: 1
          persist-credentials: true
          token: ${{ steps.generate-token.outputs.token }}

      - name: Run OpenCode
        uses: anomalyco/opencode/github@v1.14.25
        env:
          GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }}
        with:
          model: ${{ vars.CI_AI_MODEL_NAME || 'opencode/minimax-m2.5-free' }}
          use_github_token: true
          prompt: |
            Review the codebase for any TODO comments and create a summary.
            If you find issues worth addressing, open an issue to track them.

Configuration Options

Environment Variables

When using a GitHub App, configure these variables:

GitHub App Token Generation

Instead of API keys, use the actions/create-github-app-token action:

- name: Generate GitHub App Token
  id: generate-token
  uses: actions/create-github-app-token@v1.10.78
  with:
    client-id: ${{ vars.CI_AI_APP_CLIENT_ID }}
    private-key: ${{ secrets.CI_AI_APP_PRIVATE_KEY }}
    owner: ${{ github.repository_owner }}

This gives the workflow a temporary token with the GitHub App’s permissions, so PRs appear to come from your bot user (your-bot[bot]).

Real-World Usage

Here’s how I use OpenCode in my organization:

1. Issue triage — New issues get an initial response with relevant docs
2. PR reviews — Every PR gets an automated review before human review
3. Quick fixes — /oc fix this for obvious bugs
4. Code explanations — Understanding complex code in PRs

The key insight: OpenCode isn’t replacing human review — it’s augmenting it. It catches obvious issues, provides initial feedback, and handles tedious tasks so humans can focus on architecture and design decisions.

What Most People Get Wrong

1. “You need API keys” — Use a GitHub App instead. No external API providers needed, and PRs appear from your bot user.

2. “It’s a replacement for human review” — No, it’s a force multiplier. Humans still review architecture and complex logic.

3. “It’s only for simple fixes” — It can handle complex multi-file changes. The limit is your prompt clarity.

When to Use / When NOT to Use

Getting Started

1. Create a GitHub App — Go to your repository settings → Developer settings → GitHub Apps → New GitHub App
2. Configure permissions — Give it contents, issues, and pull-requests read/write
3. Install the app — Install it on your repository
4. Add variables — Set CI_AI_APP_CLIENT_ID and CI_AI_MODEL_NAME in repository variables
5. Add secrets — Add CI_AI_APP_PRIVATE_KEY from your GitHub App’s PEM file
6. Create the workflow — Add .github/workflows/_opencode.yml with the workflow above
7. Try it — Comment /oc explain this issue on any issue

That’s it. Your organization now has an AI coding assistant available 24/7.