From f15a426a0b06e750a68ddb5cfa883704d3c3efa9 Mon Sep 17 00:00:00 2001 From: Ian Clarke Date: Sun, 28 Sep 2025 02:22:45 +0200 Subject: [PATCH 1/3] Add Claude Code workflows for CI integration MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adds three Claude workflows: - claude.yml: Responds to @claude mentions in issues/PRs - claude-code-review.yml: Automated PR code reviews - claude-ci-analysis job in ci.yml: Analyzes CI failures when 'claude-debug' label is present Features: - Opt-in debugging with 'claude-debug' label - Automatic code review on PR creation - Interactive @claude support for questions and debugging - Reads CI logs and provides root cause analysis 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- .github/workflows/ci.yml | 40 ++++++++++++++++++ .github/workflows/claude-code-review.yml | 54 ++++++++++++++++++++++++ .github/workflows/claude.yml | 49 +++++++++++++++++++++ 3 files changed, 143 insertions(+) create mode 100644 .github/workflows/claude-code-review.yml create mode 100644 .github/workflows/claude.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7baef7b..63c4561 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -113,3 +113,43 @@ jobs: - name: Check code formatting run: cargo fmt -- --check + + claude-ci-analysis: + name: Claude CI Analysis + + runs-on: ubuntu-latest + needs: [test_all, build_targets, clippy_check, fmt_check] + if: failure() && contains(github.event.pull_request.labels.*.name, 'claude-debug') + + permissions: + contents: read + pull-requests: write + issues: read + id-token: write + actions: read + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 1 + + - name: Run Claude CI Analysis + uses: anthropics/claude-code-action@v1 + with: + claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} + prompt: | + REPO: ${{ github.repository }} + PR NUMBER: ${{ github.event.pull_request.number }} + + The CI workflow has failed. Please analyze the failure and provide: + 1. Root cause of the failure + 2. Specific steps to fix the issue + 3. Whether this appears to be a flaky test or genuine bug + 4. Any relevant context from the codebase + + Use the repository's CLAUDE.md for guidance on testing and debugging. + + After your analysis, use `gh pr comment` with your Bash tool to post your findings as a comment on the PR. + + claude_args: '--allowed-tools "Bash(gh issue view:*),Bash(gh search:*),Bash(gh issue list:*),Bash(gh pr comment:*),Bash(gh pr view:*),Bash(gh pr list:*),Bash(gh api:*),Bash(gh run view:*)"' diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml new file mode 100644 index 0000000..460155d --- /dev/null +++ b/.github/workflows/claude-code-review.yml @@ -0,0 +1,54 @@ +name: Claude Code Review + +on: + pull_request: + types: [opened, synchronize] + # Optional: Only run on specific file changes + # paths: + # - "rust/**/*.rs" + # - "**/Cargo.toml" + +jobs: + claude-review: + # Optional: Filter by PR author + # if: | + # github.event.pull_request.user.login == 'external-contributor' || + # github.event.pull_request.user.login == 'new-developer' || + # github.event.pull_request.author_association == 'FIRST_TIME_CONTRIBUTOR' + + runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: read + issues: read + id-token: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 1 + + - name: Run Claude Code Review + id: claude-review + uses: anthropics/claude-code-action@v1 + with: + claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} + prompt: | + REPO: ${{ github.repository }} + PR NUMBER: ${{ github.event.pull_request.number }} + + Please review this pull request and provide feedback on: + - Code quality and best practices + - Potential bugs or issues + - Performance considerations + - Security concerns + - Test coverage + + Use the repository's CLAUDE.md for guidance on style and conventions. Be constructive and helpful in your feedback. + + Use `gh pr comment` with your Bash tool to leave your review as a comment on the PR. + + # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md + # or https://docs.claude.com/en/docs/claude-code/sdk#command-line for available options + claude_args: '--allowed-tools "Bash(gh issue view:*),Bash(gh search:*),Bash(gh issue list:*),Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr list:*)"' \ No newline at end of file diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml new file mode 100644 index 0000000..2a8e83f --- /dev/null +++ b/.github/workflows/claude.yml @@ -0,0 +1,49 @@ +name: Claude Code + +on: + issue_comment: + types: [created] + pull_request_review_comment: + types: [created] + issues: + types: [opened, assigned] + pull_request_review: + types: [submitted] + +jobs: + claude: + if: | + (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) || + (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) || + (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) || + (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude'))) + runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: read + issues: read + id-token: write + actions: read # Required for Claude to read CI results on PRs + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 1 + + - name: Run Claude Code + id: claude + uses: anthropics/claude-code-action@v1 + with: + claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} + + # This is an optional setting that allows Claude to read CI results on PRs + additional_permissions: | + actions: read + + # Optional: Give a custom prompt to Claude. If this is not specified, Claude will perform the instructions specified in the comment that tagged it. + # prompt: 'Update the pull request description to include a summary of changes.' + + # Optional: Add claude_args to customize behavior and configuration + # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md + # or https://docs.claude.com/en/docs/claude-code/sdk#command-line for available options + # claude_args: '--model claude-opus-4-1-20250805 --allowed-tools Bash(gh pr:*)' \ No newline at end of file From fdb22125d6a22cc1fe8e595ec43023212cfec733 Mon Sep 17 00:00:00 2001 From: Ian Clarke Date: Sun, 28 Sep 2025 16:42:12 +0200 Subject: [PATCH 2/3] Use ANTHROPIC_API_KEY instead of CLAUDE_CODE_OAUTH_TOKEN MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Changed all Claude workflows to use ANTHROPIC_API_KEY environment variable instead of claude_code_oauth_token parameter. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- .github/workflows/ci.yml | 3 ++- .github/workflows/claude-code-review.yml | 3 ++- .github/workflows/claude.yml | 3 ++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 63c4561..e0960c3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -136,8 +136,9 @@ jobs: - name: Run Claude CI Analysis uses: anthropics/claude-code-action@v1 + env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} with: - claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} prompt: | REPO: ${{ github.repository }} PR NUMBER: ${{ github.event.pull_request.number }} diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml index 460155d..2cbd3be 100644 --- a/.github/workflows/claude-code-review.yml +++ b/.github/workflows/claude-code-review.yml @@ -32,8 +32,9 @@ jobs: - name: Run Claude Code Review id: claude-review uses: anthropics/claude-code-action@v1 + env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} with: - claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} prompt: | REPO: ${{ github.repository }} PR NUMBER: ${{ github.event.pull_request.number }} diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml index 2a8e83f..ec60943 100644 --- a/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -33,8 +33,9 @@ jobs: - name: Run Claude Code id: claude uses: anthropics/claude-code-action@v1 + env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} with: - claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} # This is an optional setting that allows Claude to read CI results on PRs additional_permissions: | From 2733d38365b810b091c1845c198b3b84b95bc292 Mon Sep 17 00:00:00 2001 From: Ian Clarke Date: Sun, 28 Sep 2025 16:54:24 +0200 Subject: [PATCH 3/3] Move ANTHROPIC_API_KEY to job-level env MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Composite actions need environment variables at job level, not step level, to properly access them during validation. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- .github/workflows/ci.yml | 5 +++-- .github/workflows/claude-code-review.yml | 5 +++-- .github/workflows/claude.yml | 6 ++++-- 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e0960c3..3e06f9e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -128,6 +128,9 @@ jobs: id-token: write actions: read + env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + steps: - name: Checkout repository uses: actions/checkout@v4 @@ -136,8 +139,6 @@ jobs: - name: Run Claude CI Analysis uses: anthropics/claude-code-action@v1 - env: - ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} with: prompt: | REPO: ${{ github.repository }} diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml index 2cbd3be..feeb3f0 100644 --- a/.github/workflows/claude-code-review.yml +++ b/.github/workflows/claude-code-review.yml @@ -23,6 +23,9 @@ jobs: issues: read id-token: write + env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + steps: - name: Checkout repository uses: actions/checkout@v4 @@ -32,8 +35,6 @@ jobs: - name: Run Claude Code Review id: claude-review uses: anthropics/claude-code-action@v1 - env: - ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} with: prompt: | REPO: ${{ github.repository }} diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml index ec60943..ba3a63a 100644 --- a/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -24,6 +24,10 @@ jobs: issues: read id-token: write actions: read # Required for Claude to read CI results on PRs + + env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + steps: - name: Checkout repository uses: actions/checkout@v4 @@ -33,8 +37,6 @@ jobs: - name: Run Claude Code id: claude uses: anthropics/claude-code-action@v1 - env: - ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} with: # This is an optional setting that allows Claude to read CI results on PRs