From f15a426a0b06e750a68ddb5cfa883704d3c3efa9 Mon Sep 17 00:00:00 2001 From: Ian Clarke Date: Sun, 28 Sep 2025 02:22:45 +0200 Subject: [PATCH 1/4] Add Claude Code workflows for CI integration MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adds three Claude workflows: - claude.yml: Responds to @claude mentions in issues/PRs - claude-code-review.yml: Automated PR code reviews - claude-ci-analysis job in ci.yml: Analyzes CI failures when 'claude-debug' label is present Features: - Opt-in debugging with 'claude-debug' label - Automatic code review on PR creation - Interactive @claude support for questions and debugging - Reads CI logs and provides root cause analysis 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- .github/workflows/ci.yml | 40 ++++++++++++++++++ .github/workflows/claude-code-review.yml | 54 ++++++++++++++++++++++++ .github/workflows/claude.yml | 49 +++++++++++++++++++++ 3 files changed, 143 insertions(+) create mode 100644 .github/workflows/claude-code-review.yml create mode 100644 .github/workflows/claude.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7baef7b..63c4561 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -113,3 +113,43 @@ jobs: - name: Check code formatting run: cargo fmt -- --check + + claude-ci-analysis: + name: Claude CI Analysis + + runs-on: ubuntu-latest + needs: [test_all, build_targets, clippy_check, fmt_check] + if: failure() && contains(github.event.pull_request.labels.*.name, 'claude-debug') + + permissions: + contents: read + pull-requests: write + issues: read + id-token: write + actions: read + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 1 + + - name: Run Claude CI Analysis + uses: anthropics/claude-code-action@v1 + with: + claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} + prompt: | + REPO: ${{ github.repository }} + PR NUMBER: ${{ github.event.pull_request.number }} + + The CI workflow has failed. Please analyze the failure and provide: + 1. Root cause of the failure + 2. Specific steps to fix the issue + 3. Whether this appears to be a flaky test or genuine bug + 4. Any relevant context from the codebase + + Use the repository's CLAUDE.md for guidance on testing and debugging. + + After your analysis, use `gh pr comment` with your Bash tool to post your findings as a comment on the PR. + + claude_args: '--allowed-tools "Bash(gh issue view:*),Bash(gh search:*),Bash(gh issue list:*),Bash(gh pr comment:*),Bash(gh pr view:*),Bash(gh pr list:*),Bash(gh api:*),Bash(gh run view:*)"' diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml new file mode 100644 index 0000000..460155d --- /dev/null +++ b/.github/workflows/claude-code-review.yml @@ -0,0 +1,54 @@ +name: Claude Code Review + +on: + pull_request: + types: [opened, synchronize] + # Optional: Only run on specific file changes + # paths: + # - "rust/**/*.rs" + # - "**/Cargo.toml" + +jobs: + claude-review: + # Optional: Filter by PR author + # if: | + # github.event.pull_request.user.login == 'external-contributor' || + # github.event.pull_request.user.login == 'new-developer' || + # github.event.pull_request.author_association == 'FIRST_TIME_CONTRIBUTOR' + + runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: read + issues: read + id-token: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 1 + + - name: Run Claude Code Review + id: claude-review + uses: anthropics/claude-code-action@v1 + with: + claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} + prompt: | + REPO: ${{ github.repository }} + PR NUMBER: ${{ github.event.pull_request.number }} + + Please review this pull request and provide feedback on: + - Code quality and best practices + - Potential bugs or issues + - Performance considerations + - Security concerns + - Test coverage + + Use the repository's CLAUDE.md for guidance on style and conventions. Be constructive and helpful in your feedback. + + Use `gh pr comment` with your Bash tool to leave your review as a comment on the PR. + + # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md + # or https://docs.claude.com/en/docs/claude-code/sdk#command-line for available options + claude_args: '--allowed-tools "Bash(gh issue view:*),Bash(gh search:*),Bash(gh issue list:*),Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr list:*)"' \ No newline at end of file diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml new file mode 100644 index 0000000..2a8e83f --- /dev/null +++ b/.github/workflows/claude.yml @@ -0,0 +1,49 @@ +name: Claude Code + +on: + issue_comment: + types: [created] + pull_request_review_comment: + types: [created] + issues: + types: [opened, assigned] + pull_request_review: + types: [submitted] + +jobs: + claude: + if: | + (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) || + (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) || + (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) || + (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude'))) + runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: read + issues: read + id-token: write + actions: read # Required for Claude to read CI results on PRs + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 1 + + - name: Run Claude Code + id: claude + uses: anthropics/claude-code-action@v1 + with: + claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} + + # This is an optional setting that allows Claude to read CI results on PRs + additional_permissions: | + actions: read + + # Optional: Give a custom prompt to Claude. If this is not specified, Claude will perform the instructions specified in the comment that tagged it. + # prompt: 'Update the pull request description to include a summary of changes.' + + # Optional: Add claude_args to customize behavior and configuration + # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md + # or https://docs.claude.com/en/docs/claude-code/sdk#command-line for available options + # claude_args: '--model claude-opus-4-1-20250805 --allowed-tools Bash(gh pr:*)' \ No newline at end of file From fdb22125d6a22cc1fe8e595ec43023212cfec733 Mon Sep 17 00:00:00 2001 From: Ian Clarke Date: Sun, 28 Sep 2025 16:42:12 +0200 Subject: [PATCH 2/4] Use ANTHROPIC_API_KEY instead of CLAUDE_CODE_OAUTH_TOKEN MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Changed all Claude workflows to use ANTHROPIC_API_KEY environment variable instead of claude_code_oauth_token parameter. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- .github/workflows/ci.yml | 3 ++- .github/workflows/claude-code-review.yml | 3 ++- .github/workflows/claude.yml | 3 ++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 63c4561..e0960c3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -136,8 +136,9 @@ jobs: - name: Run Claude CI Analysis uses: anthropics/claude-code-action@v1 + env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} with: - claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} prompt: | REPO: ${{ github.repository }} PR NUMBER: ${{ github.event.pull_request.number }} diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml index 460155d..2cbd3be 100644 --- a/.github/workflows/claude-code-review.yml +++ b/.github/workflows/claude-code-review.yml @@ -32,8 +32,9 @@ jobs: - name: Run Claude Code Review id: claude-review uses: anthropics/claude-code-action@v1 + env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} with: - claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} prompt: | REPO: ${{ github.repository }} PR NUMBER: ${{ github.event.pull_request.number }} diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml index 2a8e83f..ec60943 100644 --- a/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -33,8 +33,9 @@ jobs: - name: Run Claude Code id: claude uses: anthropics/claude-code-action@v1 + env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} with: - claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} # This is an optional setting that allows Claude to read CI results on PRs additional_permissions: | From 2733d38365b810b091c1845c198b3b84b95bc292 Mon Sep 17 00:00:00 2001 From: Ian Clarke Date: Sun, 28 Sep 2025 16:54:24 +0200 Subject: [PATCH 3/4] Move ANTHROPIC_API_KEY to job-level env MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Composite actions need environment variables at job level, not step level, to properly access them during validation. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- .github/workflows/ci.yml | 5 +++-- .github/workflows/claude-code-review.yml | 5 +++-- .github/workflows/claude.yml | 6 ++++-- 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e0960c3..3e06f9e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -128,6 +128,9 @@ jobs: id-token: write actions: read + env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + steps: - name: Checkout repository uses: actions/checkout@v4 @@ -136,8 +139,6 @@ jobs: - name: Run Claude CI Analysis uses: anthropics/claude-code-action@v1 - env: - ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} with: prompt: | REPO: ${{ github.repository }} diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml index 2cbd3be..feeb3f0 100644 --- a/.github/workflows/claude-code-review.yml +++ b/.github/workflows/claude-code-review.yml @@ -23,6 +23,9 @@ jobs: issues: read id-token: write + env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + steps: - name: Checkout repository uses: actions/checkout@v4 @@ -32,8 +35,6 @@ jobs: - name: Run Claude Code Review id: claude-review uses: anthropics/claude-code-action@v1 - env: - ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} with: prompt: | REPO: ${{ github.repository }} diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml index ec60943..ba3a63a 100644 --- a/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -24,6 +24,10 @@ jobs: issues: read id-token: write actions: read # Required for Claude to read CI results on PRs + + env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + steps: - name: Checkout repository uses: actions/checkout@v4 @@ -33,8 +37,6 @@ jobs: - name: Run Claude Code id: claude uses: anthropics/claude-code-action@v1 - env: - ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} with: # This is an optional setting that allows Claude to read CI results on PRs From ef925fca5f7ea3b7f978fd647d6fe03373f70339 Mon Sep 17 00:00:00 2001 From: Ian Clarke Date: Mon, 20 Oct 2025 14:42:18 +0200 Subject: [PATCH 4/4] fix: Add platform guards for WASM import symbols to fix Windows linking MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes freenet/river#39 Windows MSVC linker requires all external symbols to be resolved, even for cdylib crates. The WASM import symbols (__frnt__logger__info, __frnt__rand__rand_bytes, __frnt__time__utc_now) are only valid when compiling to wasm32-unknown-unknown target. This change: - Guards WASM imports with #[cfg(target_family = "wasm")] - Provides stub implementations for non-WASM targets - Allows contracts to compile on Windows native target The stub implementations are never used at runtime since contracts only execute in the Freenet WASM runtime. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude --- rust/src/log.rs | 8 ++++++++ rust/src/rand.rs | 8 ++++++++ rust/src/time.rs | 8 ++++++++ 3 files changed, 24 insertions(+) diff --git a/rust/src/log.rs b/rust/src/log.rs index 8fc87d4..a92c2a2 100644 --- a/rust/src/log.rs +++ b/rust/src/log.rs @@ -5,8 +5,16 @@ pub fn info(msg: &str) { } } +#[cfg(target_family = "wasm")] #[link(wasm_import_module = "freenet_log")] extern "C" { #[doc(hidden)] fn __frnt__logger__info(id: i64, ptr: i64, len: i32); } + +#[cfg(not(target_family = "wasm"))] +#[allow(non_snake_case)] +unsafe fn __frnt__logger__info(_id: i64, _ptr: i64, _len: i32) { + // Stub implementation for non-WASM targets (e.g., Windows native compilation) + // These contracts are meant to run only in WASM runtime +} diff --git a/rust/src/rand.rs b/rust/src/rand.rs index 81bef47..bf19269 100644 --- a/rust/src/rand.rs +++ b/rust/src/rand.rs @@ -33,8 +33,16 @@ pub fn rand_bytes(number: u32) -> Vec { } } +#[cfg(target_family = "wasm")] #[link(wasm_import_module = "freenet_rand")] extern "C" { #[doc(hidden)] fn __frnt__rand__rand_bytes(id: i64, ptr: i64, len: u32); } + +#[cfg(not(target_family = "wasm"))] +#[allow(non_snake_case)] +unsafe fn __frnt__rand__rand_bytes(_id: i64, _ptr: i64, _len: u32) { + // Stub implementation for non-WASM targets (e.g., Windows native compilation) + // These contracts are meant to run only in WASM runtime +} diff --git a/rust/src/time.rs b/rust/src/time.rs index c844533..84ffed1 100644 --- a/rust/src/time.rs +++ b/rust/src/time.rs @@ -14,8 +14,16 @@ pub fn now() -> DateTime { } } +#[cfg(target_family = "wasm")] #[link(wasm_import_module = "freenet_time")] extern "C" { #[doc(hidden)] fn __frnt__time__utc_now(id: i64, ptr: i64); } + +#[cfg(not(target_family = "wasm"))] +#[allow(non_snake_case)] +unsafe fn __frnt__time__utc_now(_id: i64, _ptr: i64) { + // Stub implementation for non-WASM targets (e.g., Windows native compilation) + // These contracts are meant to run only in WASM runtime +}