chore: Change lint allows to expects
#508
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Claude PR Review | |
| # Scenario 2: Automated reviews on PR open/update | |
| # See: https://github.com/anthropics/claude-code-action/pull/614 | |
| on: | |
| pull_request_target: | |
| types: [opened, ready_for_review, reopened, labeled, unlabeled] | |
| concurrency: | |
| group: claude-review-${{ github.event.pull_request.number }} | |
| cancel-in-progress: true | |
| permissions: | |
| id-token: write | |
| contents: write | |
| pull-requests: write | |
| issues: write | |
| jobs: | |
| claude-pr-review: | |
| if: | | |
| !contains(github.event.pull_request.labels.*.name, 'no-claude-review') && | |
| ((github.event.action != 'labeled' && github.event.action != 'unlabeled') || | |
| (github.event.action == 'labeled' && github.event.label.name == 'claude-recheck') || | |
| (github.event.action == 'unlabeled' && github.event.label.name == 'no-claude-review' && contains(github.event.pull_request.labels.*.name, 'claude-recheck'))) | |
| name: claude-pr-review | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| id-token: write | |
| contents: write | |
| pull-requests: write | |
| issues: write | |
| actions: read | |
| steps: | |
| - name: Check if PR has no-claude-review label | |
| id: check-label | |
| run: | | |
| LABELS=$(gh api repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }} --jq '.labels[].name') | |
| if echo "$LABELS" | grep -q "no-claude-review"; then | |
| echo "has_no_review_label=true" >> $GITHUB_OUTPUT | |
| echo "⚠️ PR has 'no-claude-review' label. Skipping automated review." | |
| exit 0 | |
| else | |
| echo "has_no_review_label=false" >> $GITHUB_OUTPUT | |
| fi | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| - name: Check if PR author is org member | |
| id: check | |
| run: | | |
| PR_AUTHOR="${{ github.event.pull_request.author_association }}" | |
| # Check if user is org member or owner | |
| if [[ "$PR_AUTHOR" == "MEMBER" || "$PR_AUTHOR" == "OWNER" ]]; then | |
| echo "is_member=true" >> $GITHUB_OUTPUT | |
| else | |
| echo "is_member=false" >> $GITHUB_OUTPUT | |
| echo "⚠️ PR author is not a member of sigp organization. Skipping automated review." | |
| exit 0 | |
| fi | |
| # Generate the app token before checkout so it can be used for | |
| # git operations. claude-code-action calls setupBranch() (which | |
| # fetches PR refs via `git fetch origin pull/N/head:...`) before | |
| # configureGitAuth(), so the token embedded in origin by | |
| # actions/checkout must already have permission to fetch fork | |
| # PR refs. | |
| - name: Generate GitHub App token | |
| if: steps.check.outputs.is_member == 'true' | |
| id: app-token | |
| uses: actions/create-github-app-token@v2 | |
| with: | |
| app-id: ${{ vars.APP_ID }} | |
| private-key: ${{ secrets.APP_PRIVATE_KEY }} | |
| - name: Checkout repository | |
| if: steps.check.outputs.is_member == 'true' | |
| uses: actions/checkout@v4 | |
| with: | |
| token: ${{ steps.app-token.outputs.token }} | |
| - name: Configure AWS Credentials (OIDC) | |
| if: steps.check.outputs.is_member == 'true' | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| aws-region: us-west-2 | |
| - name: Run Claude Code Action | |
| if: steps.check.outputs.is_member == 'true' | |
| timeout-minutes: 15 | |
| env: | |
| ACTIONS_STEP_DEBUG: true | |
| uses: anthropics/claude-code-action@v1 | |
| with: | |
| github_token: ${{ steps.app-token.outputs.token }} | |
| use_bedrock: "true" | |
| track_progress: true | |
| prompt: | | |
| REPO: ${{ github.repository }} | |
| PR NUMBER: ${{ github.event.pull_request.number }} | |
| Be precise and concise in your language. Avoid overly praising the PR. | |
| Focus on actionable feedback and specific issues. | |
| Perform a comprehensive code review with the following focus areas: | |
| 1. **Code Quality** | |
| - Clean code principles and best practices | |
| - Proper error handling and edge cases | |
| - Code readability and maintainability | |
| 2. **Security** | |
| - Check for potential security vulnerabilities | |
| - Validate input sanitization | |
| - Review authentication/authorization logic | |
| 3. **Performance** | |
| - Identify potential performance bottlenecks | |
| - Review for efficiency issues | |
| - Check for memory leaks or resource issues | |
| 4. **Testing** | |
| - Verify adequate test coverage | |
| - Review test quality and edge cases | |
| - Check for missing test scenarios | |
| 5. **Documentation** | |
| - Ensure code is properly documented | |
| - Verify README updates for new features | |
| - Check for clear comments on complex logic | |
| Provide detailed feedback using inline comments for specific issues. | |
| Use top-level comments for general observations or praise. | |
| claude_args: | | |
| --model us.anthropic.claude-sonnet-4-5-20250929-v1:0 | |
| --max-turns 50 | |
| --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Read,Grep" | |
| - name: Remove claude-recheck label if present | |
| if: steps.check.outputs.is_member == 'true' && github.event.action == 'labeled' && github.event.label.name == 'claude-recheck' | |
| run: | | |
| gh api repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels/claude-recheck -X DELETE || true | |
| env: | |
| GH_TOKEN: ${{ github.token }} |