Add Claude Code GitHub Workflow

[yamadashy]

🤖 Installing Claude Code GitHub App

This PR adds a GitHub Actions workflow that enables Claude Code integration in our repository.

What is Claude Code?

Claude Code is an AI coding agent that can help with:

• Bug fixes and improvements
• Documentation updates
• Implementing new features
• Code reviews and suggestions
• Writing tests
• And more!

How it works

Once this PR is merged, we'll be able to interact with Claude by mentioning @claude in a pull request or issue comment.
Once the workflow is triggered, Claude will analyze the comment and surrounding context, and execute on the request in a GitHub action.

Important Notes

• This workflow won't take effect until this PR is merged
• @claude mentions won't work until after the merge is complete
• The workflow runs automatically whenever Claude is mentioned in PR or issue comments
• Claude gets access to the entire PR or issue context including files, diffs, and previous comments

Security

• Our Anthropic API key is securely stored as a GitHub Actions secret
• Only users with write access to the repository can trigger the workflow
• All Claude runs are stored in the GitHub Actions run history
• Claude's default tools are limited to reading/writing files and interacting with our repo by creating comments, branches, and commits.
• We can add more allowed tools by adding them to the workflow file like:

allowed_tools: Bash(npm install),Bash(npm run build),Bash(npm run lint),Bash(npm run test)

There's more information in the Claude Code action repo.

After merging this PR, let's try mentioning @claude in a comment on any PR to get started!

[gemini-code-assist]

Note

Gemini is unable to generate a summary for this pull request due to the file types involved not being currently supported.

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Walkthrough

Introduces a new GitHub Actions workflow for automated PR reviews using anthropics/claude-code-action and updates an existing Claude workflow to newer action versions, adjusted permissions, and token input mapping.

Changes

Cohort / File(s)	Summary
New Claude PR Review workflow .github/workflows/claude-code-review.yml	Adds a workflow "Claude Code Review" triggered on pull_request opened/synchronize; sets minimal read perms plus id-token write; checks out repo; runs anthropics/claude-code-action@v1 with GitHub token, custom prompt referencing repo and PR, claude_args restricting tools, and posts review comments via gh pr comment; references CLAUDE.md for style.
Updates to existing Claude workflow .github/workflows/claude.yml	Sets actions: read permission to allow reading CI results; bumps checkout to v4; updates claude action to v1; replaces anthropic_api_key with claude_code_oauth_token; adds optional additional_permissions with actions: read; retains commented prompt/claude_args guidance.

Sequence Diagram(s)

sequenceDiagram
    autonumber
    participant Dev as Developer
    participant GH as GitHub (PR Event)
    participant GA as GitHub Actions
    participant Job as Workflow Job
    participant Act as anthropics/claude-code-action@v1
    participant GHCLI as gh CLI
    participant PR as Pull Request

    Dev->>GH: Open/Synchronize PR
    GH->>GA: Trigger workflow "Claude Code Review"
    GA->>Job: Start job with permissions
    Job->>Job: actions/checkout@v4
    Job->>Act: Run action with token, prompt, claude_args
    Act->>GHCLI: Execute gh pr comment (post review)
    GHCLI->>PR: Add comment on PR

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• chore(ci): Add Claude Auto Review workflow for PR feedback #681 — Adds a similar GitHub Actions workflow using anthropics/claude-code-action and modifies .github/workflows/claude.yml, indicating closely related configuration changes.

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description Check	⚠️ Warning	The current pull request description does not adhere to the repository’s description template because it omits the required “## Checklist” section with the test and lint items and does not include the HTML summary comment placeholder at the top of the description.	Please update the description to include the HTML comment summary placeholder followed by a concise summary of the changes and add the “## Checklist” section with the items to run npm run test and npm run lint as specified in the template.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The title “Add Claude Code GitHub Workflow” succinctly captures the main purpose of the changeset by indicating that a new GitHub Actions workflow for Claude Code is being introduced. It is a short, single sentence that focuses on the primary change without including extraneous details or file paths. The phrasing is clear and unambiguous, allowing reviewers to understand the essence of the pull request at a glance.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🧪 Early access (Sonnet 4.5): enabled

We are currently testing the Sonnet 4.5 model, which is expected to improve code review quality. However, this model may lead to increased noise levels in the review comments. Please disable the early access features if the noise level causes any inconvenience.

Note:

• Public repositories are always opted into early access features.
• You can enable or disable early access features from the CodeRabbit UI or by updating the CodeRabbit configuration file.

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull Request Overview

This PR adds GitHub Actions workflows to integrate Claude Code AI assistant into the repository. Claude Code can help with bug fixes, documentation updates, feature implementation, code reviews, and test writing by responding to @claude mentions in PR or issue comments.

• Updates the existing Claude workflow configuration with new authentication and permissions
• Adds a new automated code review workflow that runs on PR creation and updates
• Switches from API key authentication to OAuth token authentication for Claude Code integration

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File	Description
.github/workflows/claude.yml	Updates Claude Code workflow with OAuth authentication, adds CI read permissions, and includes configuration examples
.github/workflows/claude-code-review.yml	Adds new automated code review workflow that triggers Claude analysis on PR events with specific review prompts

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 88.85%. Comparing base (7928e61) to head (50072f7).
⚠️ Report is 6 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #876   +/-   ##
=======================================
  Coverage   88.85%   88.85%           
=======================================
  Files         109      109           
  Lines        7575     7575           
  Branches     1423     1423           
=======================================
  Hits         6731     6731           
  Misses        844      844           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[cloudflare-workers-and-pages]

Deploying repomix with    Cloudflare Pages

Latest commit:	50072f7
Status:	✅  Deploy successful!
Preview URL:	https://341ba203.repomix.pages.dev
Branch Preview URL:	https://add-claude-github-actions-17-irkb.repomix.pages.dev

View logs

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (4)

.github/workflows/claude.yml (1)

50-50: Minor: Remove trailing blank line.

Static analysis flagged an extra blank line at the end of the file.

Apply this diff:

 
-

.github/workflows/claude-code-review.yml (3)

4-11: Consider adding review_requested trigger for better coverage.

The workflow only triggers on PR opens and synchronizes. Consider adding review_requested to also trigger when reviewers are explicitly assigned.

Apply this diff to add the trigger:

 on:
   pull_request:
-    types: [opened, synchronize]
+    types: [opened, synchronize, review_requested]
     # Optional: Only run on specific file changes

---

57-57: Minor: Remove trailing blank line.

Static analysis flagged an extra blank line at the end of the file.

Apply this diff:

 
-

---

56-56: Simplify GH patterns and extend file-ops

• Verified wildcard syntax: prefix match with :* only at end (e.g. Bash(gh issue view:*)) is supported by Claude Code Action (anthropic.mintlify.app)
• Collapse GitHub CLI restrictions into broader patterns:
  Bash(gh issue:*), Bash(gh search:*), Bash(gh pr:*), Bash(gh repo view:*)
• Add read-only file commands for deeper code inspection:
  Bash(cat *), Bash(grep *), Bash(find *)

Suggested update at line 56:

claude_args: '--allowed-tools "Bash(gh issue:*),Bash(gh search:*),Bash(gh pr:*),Bash(gh repo view:*),Bash(cat *),Bash(grep *),Bash(find *)"'

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7928e61 and 0971d58.

📒 Files selected for processing (2)

• .github/workflows/claude-code-review.yml (1 hunks)
• .github/workflows/claude.yml (1 hunks)

🧰 Additional context used

🪛 YAMLlint (1.37.1)

.github/workflows/claude-code-review.yml

[warning] 57-57: too many blank lines (1 > 0)

(empty-lines)

.github/workflows/claude.yml

[warning] 50-50: too many blank lines (1 > 0)

(empty-lines)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Build and run with Bun (windows-latest, latest)
• GitHub Check: Cloudflare Pages

🔇 Additional comments (5)

.github/workflows/claude.yml (5)

26-26: LGTM! Clear permission addition for CI results.

The addition of actions: read permission with an explanatory comment is well-documented and appropriate for Claude to access CI workflow results.

---

29-29: Good practice: using semantic versioning for actions.

Updating from a commit hash to v4 improves maintainability and makes it easier to track updates.

---

35-35: LGTM! Action version updated to stable release.

Moving from a specific commit hash to v1 is a good practice for production workflows.

---

37-41: Verify new secret and remove legacy one
ANTHROPIC_API_KEY is no longer referenced; ensure CLAUDE_CODE_OAUTH_TOKEN is added to your repo’s secrets and delete any existing ANTHROPIC_API_KEY secret.

---

40-41: Ignore the duplication concern: additional_permissions is an action-specific input to grant Claude Code Action extra GitHub API scopes beyond the workflow defaults, so it’s not redundant with workflow-level permissions.

Likely an incorrect or invalid review comment.