diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml deleted file mode 100644 index fc1b4bc3..00000000 --- a/.github/workflows/claude-code-review.yml +++ /dev/null @@ -1,80 +0,0 @@ -name: Claude Code Review - -on: - # Same-repo branches: full access to secrets and write permissions - pull_request: - types: [opened, synchronize, ready_for_review, reopened] - # Fork PRs: runs in base repo context with secrets access - pull_request_target: - types: [opened, synchronize, ready_for_review, reopened] - -jobs: - claude-review: - # Avoid duplicate runs: use pull_request for same-repo, pull_request_target for forks - # Skip bot PRs (dependabot, renovate, etc.) and draft PRs - if: | - !github.event.pull_request.draft && - github.event.pull_request.user.type != 'Bot' && - !(github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork) && - !(github.event_name == 'pull_request_target' && !github.event.pull_request.head.repo.fork) - runs-on: ubuntu-latest - permissions: - contents: read - pull-requests: write - issues: read - id-token: write - actions: read - env: - CLAUDE_TOKEN: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} - - steps: - - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - with: - # Use base.sha, not head.sha: checking out fork code under - # pull_request_target would give untrusted code access to secrets. - # Claude reads changes via gh pr diff (API), not the local checkout. - ref: ${{ github.event.pull_request.base.sha }} - fetch-depth: 1 - - - name: Run Claude Code Review - id: claude-review - if: env.CLAUDE_TOKEN != '' - continue-on-error: true - uses: anthropics/claude-code-action@787c5a0ce96a9a6cfb050ea0c8f4c05f2447c251 # v1 (v1.0.96) - with: - claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} - github_token: ${{ secrets.GITHUB_TOKEN }} - additional_permissions: | - actions: read - prompt: | - REPO: ${{ github.repository }} - PR NUMBER: ${{ github.event.pull_request.number }} - - Review this pull request thoroughly. For each issue found: - - 1. Classify severity: critical, important, or suggestion - 2. For critical and important issues: describe exactly what needs to change - 3. For suggestions: only mention if they clearly improve code quality - - Follow the project's code style: ruff formatting, Google-style docstrings, - 120-char line length, PEP 8. Check for correctness, test coverage, and - backward compatibility. - - Do not flag stylistic preferences or false positives. - - Use `gh pr comment` for top-level feedback summary. - Use `mcp__github_inline_comment__create_inline_comment` to highlight specific code issues. - Only post GitHub comments; do not submit review text as messages. - - claude_args: | - --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Read,Glob,Grep" - - - name: Notify if Claude review failed - if: steps.claude-review.outcome == 'failure' - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - gh pr comment ${{ github.event.pull_request.number }} \ - --repo ${{ github.repository }} \ - --body "**Claude code review could not run.** The request to the Claude API failed (possible causes: billing limit reached, token expired, or service unavailable). Review this PR manually." diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml deleted file mode 100644 index 42c72bcd..00000000 --- a/.github/workflows/claude.yml +++ /dev/null @@ -1,51 +0,0 @@ -name: Claude Code - -on: - issue_comment: - types: [created] - pull_request_review_comment: - types: [created] - issues: - types: [opened, assigned] - pull_request_review: - types: [submitted] - -jobs: - claude: - if: | - (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) || - (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) || - (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) || - (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude'))) - runs-on: ubuntu-latest - permissions: - contents: read - pull-requests: write - issues: write - id-token: write - actions: read # Required for Claude to read CI results on PRs - steps: - - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - with: - fetch-depth: 1 - - - name: Run Claude Code - id: claude - uses: anthropics/claude-code-action@787c5a0ce96a9a6cfb050ea0c8f4c05f2447c251 # v1 (v1.0.96) - with: - claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} - github_token: ${{ secrets.GITHUB_TOKEN }} - - # This is an optional setting that allows Claude to read CI results on PRs - additional_permissions: | - actions: read - - # Optional: Give a custom prompt to Claude. If this is not specified, Claude will perform the instructions specified in the comment that tagged it. - # prompt: 'Update the pull request description to include a summary of changes.' - - # Optional: Add claude_args to customize behavior and configuration - # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md - # or https://code.claude.com/docs/en/cli-reference for available options - # claude_args: '--allowed-tools Bash(gh pr:*)' -