这是indexloc提供的服务,不要输入任何密码
Skip to content

Add Claude Code GitHub Workflow #122

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Add Claude Code GitHub Workflow #122

wants to merge 2 commits into from

Conversation

@allisoneer
Copy link
Contributor

@allisoneer allisoneer commented Jun 23, 2025
edited by ellipsis-dev bot
Loading

🤖 Installing Claude Code GitHub App

This PR adds a GitHub Actions workflow that enables Claude Code integration in our repository.

What is Claude Code?

Claude Code is an AI coding agent that can help with:

  • Bug fixes and improvements
  • Documentation updates
  • Implementing new features
  • Code reviews and suggestions
  • Writing tests
  • And more!

How it works

Once this PR is merged, we'll be able to interact with Claude by mentioning @claude in a pull request or issue comment.
Once the workflow is triggered, Claude will analyze the comment and surrounding context, and execute on the request in a GitHub action.

Important Notes

  • This workflow won't take effect until this PR is merged
  • @claude mentions won't work until after the merge is complete
  • The workflow runs automatically whenever Claude is mentioned in PR or issue comments
  • Claude gets access to the entire PR or issue context including files, diffs, and previous comments

Security

  • Our Anthropic API key is securely stored as a GitHub Actions secret
  • Only users with write access to the repository can trigger the workflow
  • All Claude runs are stored in the GitHub Actions run history
  • Claude's default tools are limited to reading/writing files and interacting with our repo by creating comments, branches, and commits.
  • We can add more allowed tools by adding them to the workflow file like:
allowed_tools: Bash(npm install),Bash(npm run build),Bash(npm run lint),Bash(npm run test)

There's more information in the Claude Code documentation.

After merging this PR, let's try mentioning @claude in a comment on any PR to get started!

Important

Adds GitHub Actions workflows for Claude Code integration to automate code reviews and respond to '@claude' mentions in comments and issues.

  • Workflows:
    • Adds .github/workflows/claude-code-review.yml to automate code reviews on PRs when opened or synchronized.
    • Adds .github/workflows/claude.yml to trigger Claude on issue comments, PR review comments, and issue events when '@claude' is mentioned.
  • Permissions:
    • Both workflows run on ubuntu-latest and require read permissions for contents, pull-requests, and issues, and write for id-token.
  • Security:
    • Uses ANTHROPIC_API_KEY stored as a GitHub Actions secret.
    • Only users with write access can trigger workflows.
  • Customization:
    • Supports optional model specification, trigger phrases, and allowed tools for running commands.
    • Provides direct prompts for automated reviews and allows customization based on file types or author.

This description was created by Ellipsis for 78a0118. You can customize this summary. It will automatically update as commits are pushed.

@allisoneer allisoneer requested a review from dexhorthy as a code owner June 23, 2025 22:36
@claude
Copy link

claude bot commented Jun 23, 2025
edited
Loading

Claude finished @AdjectiveAllison's task —— View job

Code Review for Claude Code GitHub Workflows

I've reviewed both workflow files completely. Here's my analysis following the Developer Agent approach:

Todo List:

  • Read CLAUDE.md for repository-specific instructions
  • Adopt Developer Agent persona (Dan Abramov approach)
  • Read and analyze .github/workflows/claude-code-review.yml (complete file)
  • Read and analyze .github/workflows/claude.yml (complete file)
  • Evaluate security considerations
  • Check for best practices and potential issues
  • Provide comprehensive review feedback

Overall Assessment: GOOD FOUNDATION

The workflows are well-structured and follow GitHub Actions best practices. However, following Dan Abramov's principle of "delete more than you add," I found several areas for improvement.

🔍 Detailed Review

.github/workflows/claude-code-review.yml (75 lines)

✅ Strengths:

  • Clear trigger conditions (pull_request: [opened, synchronize])
  • Appropriate permissions structure
  • Good use of direct_prompt for automated reviews
  • Excellent commented examples for customization
  • Uses specific action version (@v4)

⚠️ Issues Found:

  1. Line 32: Potentially limiting fetch depth

    fetch-depth: 1
    • This might limit Claude's ability to understand full context for complex PRs
    • Consider removing or increasing for better code analysis

  2. Missing write permissions

    permissions:
  contents: read
  pull-requests: read  # Should be 'write' for Claude to comment
  issues: read

  3. Redundant commented code (Lines 6-11, 15-19, 54-75)

    • 30+ lines of commented examples that could be in documentation
    • Following "delete more than you add" principle: move to docs

.github/workflows/claude.yml (59 lines)

✅ Strengths:

  • Comprehensive trigger coverage
  • Logical conditional structure
  • Good security with API key handling
  • Flexible customization options

⚠️ Issues Found:

  1. Lines 15-19: Overly complex conditional logic

    if: |
  (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) ||
  (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) ||
  (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) ||
  (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude')))
    • Simplification opportunity: Extract common pattern contains(..., '@claude')
    • Could be more readable with a helper function or cleaner logic

  2. Same permission issue as above

  3. Lines 40-59: Excessive commented examples

    • 20 lines of commented configuration examples
    • Should be documentation, not code

🔒 Security Analysis

✅ Secure practices:

  • API key properly stored in secrets
  • Appropriate permission scoping
  • No hardcoded credentials

⚠️ Security concerns:

  • Missing pull-requests: write permission might cause failures
  • No explicit branch protection or user restrictions
  • id-token: write might be unnecessarily broad

🚀 Performance Considerations

✅ Good performance:

  • fetch-depth: 1 for faster checkouts
  • Efficient trigger conditions
  • No unnecessary resource usage

⚠️ Potential optimizations:

  • Consider caching for repeated runs
  • Fetch depth might need adjustment for context

📋 Recommendations (Following Dan Abramov's "Delete More Than You Add")

  1. DELETE: 50+ lines of commented examples

    • Move to documentation or README
    • Keep workflows clean and focused

  2. FIX: Permissions

    permissions:
  contents: read
  pull-requests: write  # Changed from read
  issues: write         # Changed from read
  id-token: write

  3. SIMPLIFY: Conditional logic in claude.yml

    • Extract common patterns
    • Make more readable

  4. CONSIDER: Fetch depth

    • Test if fetch-depth: 1 limits Claude's context
    • May need fetch-depth: 0 for full history

🏗️ Integration with Agent Control Plane

Given this is a Kubernetes operator project:

  • ✅ Workflows align with the project's automation needs
  • ✅ Will help with code review for complex Kubernetes controllers
  • ⚠️ Consider adding allowed_tools for Go/Kubernetes commands: 
    allowed_tools: "Bash(make -C acp fmt vet lint test),Bash(kubectl get pods)"

📈 Test Coverage

While these are workflow files, consider:

  • Testing different trigger scenarios
  • Validating permissions work correctly
  • Ensuring Claude can actually comment on PRs

🎯 Final Recommendation: APPROVE with suggested improvements

The workflows provide solid Claude Code integration. The main issues are:

  1. Too much commented code (delete 50+ lines)
  2. Incorrect permissions (need write access)
  3. Overly complex conditionals (simplify)

These are well-architected workflows that follow GitHub Actions best practices. The foundation is solid for enabling AI-assisted code reviews and development.

ellipsis-dev[bot]
ellipsis-dev bot reviewed Jun 23, 2025
View reviewed changes
Copy link
Contributor

@ellipsis-dev ellipsis-dev bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Important

Looks good to me! 👍

Reviewed everything up to 78a0118 in 50 seconds. Click for details.
  • Reviewed 146 lines of code in 2 files
  • Skipped 0 files when reviewing.
  • Skipped posting 3 draft comments. View those below.
  • Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.
1. .github/workflows/claude-code-review.yml:36
  • Draft comment:
    Consider pinning the 'anthropics/claude-code-action' version to a stable release or specific commit (instead of using '@beta') to avoid unexpected issues from beta changes.
  • Reason this comment was not posted:
    Confidence changes required: 33% <= threshold 50% None
2. .github/workflows/claude.yml:34
  • Draft comment:
    Consider pinning the 'anthropics/claude-code-action' version to a stable release or commit hash rather than the '@beta' tag for improved reliability.
  • Reason this comment was not posted:
    Confidence changes required: 33% <= threshold 50% None
3. .github/workflows/claude.yml:15
  • Draft comment:
    The complex 'if' condition relies on event payload fields. Consider adding safeguards or splitting complex conditions to ensure robustness in case expected properties are missing.
  • Reason this comment was not posted:
    Confidence changes required: 33% <= threshold 50% None

Workflow ID: wflow_Y29YvmO22Qj3mvpc

You can customize Ellipsis by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ellipsis-dev ellipsis-dev[bot] ellipsis-dev[bot] left review comments

@dexhorthy dexhorthy Awaiting requested review from dexhorthy dexhorthy is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@allisoneer