Skip to content

Add Claude Code GitHub Workflow#2

Merged
Kamilbenkirane merged 2 commits intomainfrom
add-claude-github-actions-1762249075668
Nov 4, 2025
Merged

Add Claude Code GitHub Workflow#2
Kamilbenkirane merged 2 commits intomainfrom
add-claude-github-actions-1762249075668

Conversation

@Kamilbenkirane
Copy link
Copy Markdown
Member

@Kamilbenkirane Kamilbenkirane commented Nov 4, 2025

🤖 Installing Claude Code GitHub App

This PR adds a GitHub Actions workflow that enables Claude Code integration in our repository.

What is Claude Code?

Claude Code is an AI coding agent that can help with:

  • Bug fixes and improvements
  • Documentation updates
  • Implementing new features
  • Code reviews and suggestions
  • Writing tests
  • And more!

How it works

Once this PR is merged, we'll be able to interact with Claude by mentioning @claude in a pull request or issue comment.
Once the workflow is triggered, Claude will analyze the comment and surrounding context, and execute on the request in a GitHub action.

Important Notes

  • This workflow won't take effect until this PR is merged
  • @claude mentions won't work until after the merge is complete
  • The workflow runs automatically whenever Claude is mentioned in PR or issue comments
  • Claude gets access to the entire PR or issue context including files, diffs, and previous comments

Security

  • Our Anthropic API key is securely stored as a GitHub Actions secret
  • Only users with write access to the repository can trigger the workflow
  • All Claude runs are stored in the GitHub Actions run history
  • Claude's default tools are limited to reading/writing files and interacting with our repo by creating comments, branches, and commits.
  • We can add more allowed tools by adding them to the workflow file like:
allowed_tools: Bash(npm install),Bash(npm run build),Bash(npm run lint),Bash(npm run test)

There's more information in the Claude Code action repo.

After merging this PR, let's try mentioning @claude in a comment on any PR to get started!

@Kamilbenkirane Kamilbenkirane merged commit 109e9d8 into main Nov 4, 2025
1 check passed
@claude
Copy link
Copy Markdown

claude Bot commented Nov 4, 2025

Claude Code Review

Thank you for adding Claude Code integration! This is a well-structured PR that sets up both automated code review and interactive Claude assistance.

✅ Strengths

Good Workflow Design

  • Two complementary workflows: claude.yml (interactive) and claude-code-review.yml (automated)
  • Clear documentation in PR description
  • Minimal permissions following least privilege principle

Security

  • OAuth token properly stored as GitHub secret
  • fetch-depth: 1 to minimize data exposure
  • Appropriately scoped read-only gh commands
  • Latest stable action versions

🔍 Critical Issues

1. Missing Write Permissions for claude-code-review.yml

Issue: Line 52 instructs Claude to use gh pr comment, but workflow only has pull-requests: read permission (line 24).

Impact: Claude cannot post review comments - workflow will fail.

Fix: Change line 24 from pull-requests: read to pull-requests: write

Location: .github/workflows/claude-code-review.yml:24

2. Missing Write Permissions for claude.yml

Issue: Interactive workflow has only read permissions but needs to create commits, branches, and comments.

Impact: Claude cannot perform most useful actions.

Fix: Update permissions at lines 21-26:

  • contents: write (not read)
  • pull-requests: write (not read)
  • issues: write (not read)

Location: .github/workflows/claude.yml:21-26

3. Reference to Non-Existent CLAUDE.md

Issue: Line 50 of claude-code-review.yml references CLAUDE.md which does not exist.

Fix Options:

  • Create CLAUDE.md with project conventions
  • Remove this instruction from prompt
  • Reference existing file if available

Location: .github/workflows/claude-code-review.yml:50

🎯 Recommendations

4. Add actions: read to claude-code-review.yml

Allows Claude to access CI results during reviews (line 26 of claude.yml has this).

5. Add Concurrency Control

Prevents duplicate runs when PRs updated rapidly.

6. Add Timeout

Consider timeout-minutes: 15 to prevent runaway workflows.

7. Enable Path Filtering

For Python project, only review .py files to save costs.

📊 Summary

Category Rating Notes
Code Quality ⭐⭐⭐⭐ Well-structured YAML
Security ⭐⭐⭐⭐⭐ Excellent use of secrets
Functionality ⭐⭐⭐ Needs permission fixes
Documentation ⭐⭐⭐⭐ Good PR description

✏️ Action Items

Critical:

  1. Add pull-requests: write to claude-code-review.yml
  2. Add write permissions to claude.yml (contents, pull-requests, issues)
  3. Remove or fix CLAUDE.md reference

Recommended:
4. Add actions: read to claude-code-review.yml
5. Add concurrency control
6. Add timeouts
7. Enable path filtering for Python files

Great job! Just needs permission fixes to work properly. 🚀

This was referenced Nov 4, 2025
Merged
Merged
This was referenced Dec 1, 2025
Merged
Merged
This was referenced Dec 19, 2025
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Kamilbenkirane