ci(codium): Add Codium PR agent to comment on PRs

[tonywu1999]

User description

Motivation and Context

Inspired from OpenMS's CI workflow, we can add a chatbot to provide suggestions on code reviews first. This requires an OpenAI api key, which I'm using my personal one for now, but in the future, we may want to have a separate one for VitekLab.

Changes

• Followed these instructions to make codium review code upon every PR opened.

Testing

• See below that it works
• It looks like this one PR cost $0.04 to process GPT comments.

Checklist Before Requesting a Review

• I have read the MSstats contributing guidelines
• My changes generate no new warnings
• Any dependent changes have been merged and published in downstream modules
• Ran styler::style_pkg(transformers = styler::tidyverse_style(indent_by = 4))
• Ran devtools::document()

---

PR Type

enhancement, configuration changes

---

Description

• Introduced a new GitHub Actions workflow to integrate Codium PR agent for automated code review suggestions.
• Configured the workflow to activate when a pull request is opened, excluding actions triggered by bots.
• Set necessary permissions for the workflow to read repository contents and write to pull requests.
• Integrated the Codium-ai/pr-agent using OpenAI API and GitHub tokens for authentication.

---

Changes walkthrough 📝

	Relevant files
Configuration changes	codium-pr-agent.yml Add Codium PR agent GitHub Actions workflow                            .github/workflows/codium-pr-agent.yml Added a new GitHub Actions workflow for Codium PR agent. Configured the workflow to trigger on pull request openings. Set permissions to read repository contents and write pull requests. Utilized Codium-ai/pr-agent with OpenAI and GitHub tokens. +18/-0

---

💡 PR-Agent usage: Comment /help "your question" on any pull request to receive relevant information

[github-actions]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪

🧪 No relevant tests

🔒 Security concerns Sensitive information exposure: The PR introduces usage of sensitive OpenAI and GitHub tokens which could be exposed if not handled securely. Ensure that the GitHub secrets are configured with minimal permissions and are accessed securely in the workflow.

⚡ Recommended focus areas for review Sensitive Information The workflow uses secrets for OpenAI and GitHub tokens directly in the workflow file. Ensure these secrets are properly secured and have limited permissions to minimize security risks.

[github-actions]

PR Code Suggestions ✨

No code suggestions found for the PR.

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 87.85%. Comparing base (b5ea6b1) to head (893bd88).

Additional details and impacted files

@@           Coverage Diff           @@
##            devel      #18   +/-   ##
=======================================
  Coverage   87.85%   87.85%           
=======================================
  Files           3        3           
  Lines         107      107           
=======================================
  Hits           94       94           
  Misses         13       13           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[tonywu1999]

/help "How can I make sure GitHub secrets are configured with minimal permissions and are accessed securely in the workflow"

[tonywu1999]

^Previous comment was a test to make sure codium doesn't respond to my request for help.