PReQual transforms how development teams manage pull requests by combining GitHub workflow analytics with infrastructure-as-code automation. Built for the Pulumi "Get Creative with GitHub" Hackathon, this project demonstrates how Pulumi's GitHub provider and Automation API can create powerful DevOps solutions that go beyond traditional infrastructure management.
At the heart of PReQual is a contributor recognition system that identifies and rewards team members based on their PR activities. By tracking who creates the most valuable PRs, who actively reviews code, and who provides constructive feedback, PReQual helps teams:
- Recognize top contributors with data-driven insights
- Balance review responsibilities across team members
- Identify mentorship opportunities between experienced and newer developers
- Create a culture of quality through gamified contribution metrics
PReQual addresses the common challenges teams face with PR workflows:
- PR reviews that fall through the cracks
- Uneven distribution of review responsibilities
- Lack of visibility into contribution patterns
- Inconsistent repository configurations
By leveraging Pulumi to programmatically manage GitHub repositories and analyze PR workflows, PReQual provides real-time dashboards, automated notifications, standardized repository configurations, and meaningful contribution metrics—all deployed through infrastructure as code.
See the live demo (Note: Due to cloud costs, this demo operates without Azure resources, but fully demonstrates the UI and workflow). The screenshots below showcase actual GitHub data collected from test repositories in my organization.
- Contributor Rewards Insights: Track who's creating PRs, providing reviews, and leaving comments to recognize top contributors
- PR Analytics Dashboard: Visualize contribution patterns and PR metrics across your organization
- Stale PR Detection & Alerts: Automatically identify and notify about inactive PRs that need attention
- Repository Management: Create repositories with standardized branch protection rules
- Slack Notifications: Receive real-time alerts for all PR events (new PRs, reviews, and stale PRs)
- Branch Protection Enforcement: Ensure code quality by requiring:
- Minimum number of approving reviews before merging
- Prevention of direct pushes to protected branches
- Required conversation resolution
PReQual integrates several components into a cohesive system:
- Next.js Frontend: Dashboard, repository management, and configuration interfaces
- Flask Backend: Processes GitHub webhooks and provides analytics APIs
- Azure SQL Database: Stores all PR-related data and contributor metrics
- Pulumi Infrastructure: Manages GitHub repositories and Azure resources as code
- GitHub Integration: Webhook-based event processing for PR activities
- Slack Integration: Timely notifications for PR events
-
GitHub Enterprise Required: To use branch protection on private repositories, you need GitHub Enterprise or a public repository. GitHub Pro does not support all branch protection features for private repos.
-
Token Permission Enabled: while creating the github token ensure the token have repo full access admin:hook & admin:org enabled if not system get permission denied issue from github and didnt proceeed the setup
-
Deployment Options:
- Azure VM Deployment: Full infrastructure with VM acting as webhook receiver
- Local-only Mode: Run without Azure infrastructure for testing/personal use
-
Azure VM as Webhook Endpoint: I deploy an Azure VM to serve as the webhook endpoint for GitHub events because:
- It provides a stable, always-on service to receive webhook events
- It can be secured and scaled according to organizational needs
- It allows centralized processing of webhook events across repositories
- It maintains a persistent database connection for analytics
-
Configuration Management: The system automatically updates environment configurations, so you don't need to manually modify files if tokens expire. If you want to update, go to the settings page and provide the token and URL.
- Python 3.8+
- Node.js 16+
- Pulumi CLI
- GitHub account with organization admin permissions
- GitHub token with repo and admin:org permissions
- Slack workspace with webhook URL (for notifications)
- For Azure deployment: Azure subscription and service principal
-
Clone the repository
git clone https://github.com/yourusername/prequel.git cd prequel -
Set up the backend
cd backend pip install -r requirements.txt -
Set up the frontend
cd ../frontend npm install -
Set up the infrastructure
cd ../infrastructure npm install pulumi login
If you're running the backend locally without Azure deployment, create a .env file in the backend directory with:
# GitHub Configuration
GITHUB_TOKEN=your_github_personal_access_token
GITHUB_WEBHOOK_SECRET=your_webhook_secret
ORGANIZATION_NAME=your_github_organization
# Slack Configuration
SLACK_WEBHOOK_URL=your_slack_webhook_url
# PR Settings
STALE_PR_DAYS=7
# SQL Server configuration (optional for local testing)
SQL_SERVER=your-server.database.windows.net
SQL_DATABASE=your_database_name
SQL_USERNAME=your_sql_username
SQL_PASSWORD=your_sql_password
For complete end-to-end deployment with Azure infrastructure, you'll need these additional environment variables:
# Pulumi Configuration
PULUMI_CONFIG_PASSPHRASE=your_passphrase(Any random string)
# Azure Service Principal
AZURE_CLIENT_ID=your_service_principal_client_id
AZURE_CLIENT_SECRET=your_service_principal_secret
AZURE_TENANT_ID=your_azure_tenant_id
AZURE_SUBSCRIPTION_ID=your_subscription_id
Important: Before running the full Azure deployment, you must authenticate with Azure:
az login --service-principal -u $AZURE_CLIENT_ID -p $AZURE_CLIENT_SECRET --tenant $AZURE_TENANT_ID
az account set --subscription $AZURE_SUBSCRIPTION_ID-
Start the backend
cd backend source venv/bin/activate python -m prequel_app.app
-
Start the frontend
cd frontend export NEXT_PUBLIC_API_URL=http://localhost:5000 npm run dev
-
Access the application
- Open your browser and navigate to
http://localhost:3000 - Complete the setup wizard with your GitHub and Slack details
- The system will automatically configure everything
- Open your browser and navigate to
When using the setup wizard in the UI:
- Enter your GitHub token, organization name, and Slack webhook URL
- The system automatically deploys the required infrastructure using Pulumi
- The Azure VM will be configured as your GitHub webhook endpoint
- For production deployment, deploy the frontend to Vercel or Azure Web App and set
NEXT_PUBLIC_API_URLto your VM's public IP
If you need to create a service principal for Azure deployment:
# Login to Azure
az login
# Create service principal with Contributor role
az ad sp create-for-rbac --name "PReQual-ServicePrincipal" --role Contributor \
--scopes /subscriptions/your-subscription-id
# This will output the credentials needed for environment variables:
# {
# "appId": "your-client-id",
# "displayName": "PReQual-ServicePrincipal",
# "password": "your-client-secret",
# "tenant": "your-tenant-id"
# }When PR activity occurs on GitHub:
- GitHub sends a webhook event to your PReQual instance (Azure VM or local server)
- The Flask backend validates the webhook signature and processes the event
- Event data is stored in the database with repository, user, and PR details
- Activity timestamps are updated to track PR freshness
- Slack notifications are sent for relevant events
The system tracks:
- Who creates the most PRs
- Who actively reviews others' code
- Comment frequency and distribution
This information helps recognize team members' contributions and identify areas for improvement in the review process.
A background task runs daily to:
- Identify PRs with no activity for the configured period (default: 7 days)
- Mark these PRs as stale in the database
- Send Slack notifications to bring attention to forgotten PRs
- Update the dashboard with stale PR information
When creating repositories, PReQual automatically configures branch protection rules:
- Requires a minimum number of approving reviews for now its 1
- Prevents force pushes to the main branch
- Requires conversation resolution before merging
Note: Full branch protection on private repositories requires GitHub Enterprise.
The system uses Pulumi in two key ways:
-
GitHub Repository Management:
- Creates repositories with standardized settings
- Configures branch protection rules
- Sets up webhooks for event monitoring
-
Azure Infrastructure (for full deployment):
- Provisions Azure VM to serve as webhook endpoint
- Creates SQL Database for data storage
- Configures networking and security
The PulumiExecutor class serves as the bridge between your Python backend and the Pulumi infrastructure code, allowing your application to manage infrastructure programmatically.
prequel/
├── backend/ # Flask backend
│ ├── config/ # Configuration files
│ ├── prequel_app/ # Application code
│ │ ├── app.py # Main application entry point
│ │ ├── github_handler.py # GitHub webhook processing
│ │ ├── slack_notifier.py # Slack notification handling
│ │ ├── pulumi_executor.py # Pulumi infrastructure management
│ │ └── ... # Other handlers
│ ├── prequel_db/ # Database layer
│ │ ├── db_connection.py # Database connection management
│ │ ├── db_models.py # Database models
│ │ ├── db_analytics.py # Analytics queries
│ │ └── db_handler.py # Main database interface
│ └── requirements.txt # Python dependencies
├── frontend/ # Next.js frontend
│ ├── src/ # Source code
│ │ ├── app/ # Next.js pages
│ │ ├── components/ # React components
│ │ └── lib/ # Utilities and API clients
│ └── package.json # Node.js dependencies
└── infrastructure/ # Pulumi IaC code
├── scripts/ # Setup scripts
│ ├── setup_config.sh # Configuration script
│ └── setup-vm.sh # VM initialization script
├── src/ # Infrastructure modules
│ ├── automation/ # Pulumi Automation API
│ ├── azure/ # Azure resources
│ ├── config/ # Configuration templates
│ ├── pulumi/ # GitHub provider resources
│ └── utils/ # Utility functions
└── index.ts # Main Pulumi program
This project was developed for the Pulumi "Get Creative with Pulumi and GitHub" Hackathon. It demonstrates:
- Pulumi GitHub Provider: Creating and configuring repositories programmatically
- Pulumi Automation API: Managing infrastructure via Python using the Automation API
- Creative Integration: Combining GitHub workflows with infrastructure as code
- Practical Application: Solving real team collaboration challenges
This project is licensed under the MIT License - see the LICENSE file for details.
- Built with Pulumi for infrastructure as code
- Uses GitHub API for repository management
- Powered by Next.js and Flask
- Styled with Tailwind CSS