Use shared claude-review reusable workflow

[leighmcculloch]

Description

Replace the inlined claude-review.yml workflow with a call to the shared reusable workflow at stellar/actions/.github/workflows/claude-review.yml@main. The new reusable workflow preserves the same pull_request_target flow, author-association gate, pr-head/ isolated checkout, and permissions: posture that this repo already used. This repo stays on pull_request_target (rather than the safer pull_request default that the other stellar callers use) because contributions arrive via forks from org members and Claude needs to be able to review them. The trigger types are narrowed to [ready_for_review, synchronize] so Claude only reviews PRs that are marked ready and re-reviews on new commits.

The same claude-review workflow is now centralized in stellar/actions so all stellar repos using it share one hardened implementation. The previous version here was the source-of-truth for the security model; that model now lives in the reusable workflow's inline security note. The caller workflow shrinks to ~15 lines:

name: Claude Review

on:
  pull_request_target:
    types: [ready_for_review, synchronize]

concurrency:
  group: claude-review-${{ github.event.pull_request.number }}
  cancel-in-progress: true

permissions: {}

jobs:
  review:
    uses: stellar/actions/.github/workflows/claude-review.yml@main
    secrets:
      anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}

The default prompt in the reusable workflow keeps the pr-head/ note this repo's prompt had and adds the GitHub CLI usage guidance from the other repos.

Requires the corresponding PR in stellar/actions to be merged first so that stellar/actions/.github/workflows/claude-review.yml@main resolves:

• Add claude-review reusable workflow actions#103

Checklist

• Reviewed the contributing document
• Rebased on top of master (no merge commits)
• Ran clang-format v8.0.0 (via make format or the Visual Studio extension)
• Compiles
• Ran all tests
• If change impacts performance, include supporting evidence per the performance document

[Copilot]

Pull request overview

Replaces the inlined claude-review.yml workflow with a call to the shared reusable workflow at stellar/actions/.github/workflows/claude-review.yml@main, centralizing the Claude PR review configuration across stellar repos while preserving the pull_request_target flow and author-association gating in the reusable workflow.

Changes:

• Removes ~120 lines of inlined workflow logic, security comments, and Claude action configuration.
• Delegates to the shared reusable workflow, passing ANTHROPIC_API_KEY as a secret.
• Narrows trigger types to [ready_for_review, synchronize] (drops opened and reopened).

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 5a83e2cab9

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Include opened/reopened pull_request_target triggers

Limiting pull_request_target to ready_for_review and synchronize stops Claude from running on the first review cycle for PRs that are opened as non-draft (and on PRs that are reopened without new commits). ready_for_review only fires when converting a draft PR, so many normal PR openings will get no review until another push happens.

Useful? React with 👍 / 👎.