Skip to content
Claude Code

Claude: PR #1544 comment #320

Sign in to view logs

Claude: PR #1544 comment

Claude: PR #1544 comment #320

Workflow file for this run

.github/workflows/claude.yml at 84a8473
---
name: Claude Code
run-name: >-
Claude:
${{
github.event_name == 'pull_request'
&& format('Review PR #{0}',
github.event.pull_request.number)
|| github.event_name == 'issues'
&& format('Issue #{0}',
github.event.issue.number)
|| format('PR #{0} comment',
github.event.issue.number
|| github.event.pull_request.number)
}}
permissions: {}
on:
pull_request:
types:
- opened
issue_comment:
types:
- created
pull_request_review_comment:
types:
- created
pull_request_review:
types:
- submitted
issues:
types:
- opened
- assigned
jobs:
claude:
# Only trusted authors can trigger @claude interactions.
# Auto-review on pull_request events is unrestricted.
if: >-
(github.event_name == 'pull_request') ||
(github.event_name == 'issue_comment' &&
contains(github.event.comment.body, '@claude') &&
contains(fromJSON('["MEMBER","OWNER","COLLABORATOR"]'),
github.event.comment.author_association)) ||
(github.event_name == 'pull_request_review_comment' &&
contains(github.event.comment.body, '@claude') &&
contains(fromJSON('["MEMBER","OWNER","COLLABORATOR"]'),
github.event.comment.author_association)) ||
(github.event_name == 'pull_request_review' &&
contains(github.event.review.body, '@claude') &&
contains(fromJSON('["MEMBER","OWNER","COLLABORATOR"]'),
github.event.review.author_association)) ||
(github.event_name == 'issues' &&
(contains(github.event.issue.body, '@claude') ||
contains(github.event.issue.title, '@claude')) &&
contains(fromJSON('["MEMBER","OWNER","COLLABORATOR"]'),
github.event.issue.author_association))
runs-on: ubuntu-latest
timeout-minutes: 30
continue-on-error: true
environment: claude
permissions:
contents: write
pull-requests: write
issues: write
id-token: write
actions: read
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
with:
fetch-depth: 1
persist-credentials: false
- name: Set up git credentials
run: gh auth setup-git
env:
GH_TOKEN: ${{ github.token }}
- name: Set up uv + Python
# yamllint disable-line rule:line-length
uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7.6.0
with:
python-version: '3.12'
enable-cache: auto
- name: Install dependencies
run: uv sync
- name: Read prompt
id: prompt
env:
REPO: ${{ github.repository }}
NUMBER: ${{ github.event.pull_request.number || github.event.issue.number }}
EVENT_NAME: ${{ github.event_name }}
# yamllint disable-line rule:line-length
IS_PR: ${{ github.event.pull_request != null || github.event.issue.pull_request != null }}
run: |
# Substitute env vars into prompt
prompt=$(envsubst < .github/claude-review-prompt.md)
{
echo 'PROMPT<<PROMPT_EOF'
echo "$prompt"
echo 'PROMPT_EOF'
} >> "$GITHUB_OUTPUT"
# yamllint disable-line rule:line-length
- uses: anthropics/claude-code-action@c26cb6427d5454acb93eabb468855e0e1c4fabc0 # v1.0.92
id: claude
with:
anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
use_commit_signing: true
display_report: true
show_full_output: true
allowed_bots: "claude[bot]"
prompt: ${{ steps.prompt.outputs.PROMPT }}
claude_args: |
--dangerously-skip-permissions
# yamllint disable rule:line-length
settings: |
{
"hooks": {
"PreToolUse": [{
"matcher": "Bash",
"command": "if echo \"$TOOL_INPUT\" | grep -qE '\\bgit push\\b.*\\bmain\\b|\\bgit push\\b.*\\bmaster\\b'; then echo 'BLOCKED: Never push directly to main/master.' >&2; exit 2; fi"
}]
}
}
# yamllint enable rule:line-length
- name: Usage summary
if: always()
continue-on-error: true
env:
EXEC_FILE: >-
${{ steps.claude.outputs.execution_file }}
run: python3 .github/usage-summary.py