vrr/vpnhide
2
0
Fork 0
mirror of https://github.com/okhsunrog/vpnhide.git synced 2026-05-22 02:38:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
vpnhide/.github/workflows/claude-code-review.yml
okhsunrog b8682882c2 ci(claude-review): pass --comment so the plugin actually posts the review 
The `code-review` plugin is dry-run by default — it formats the review
into the Job Summary but does NOT publish a PR comment unless `--comment`
is passed in the slash invocation. That's why every auto-review run so
far finished green with permission_denials_count > 0 and zero comments
on the PR: the action ran, Claude reviewed, but the plugin's last
sentence was "No --comment argument was provided, so no GitHub comment
will be posted."

Adding `--comment` to the prompt. Permissions were never the blocker —
the `claude[bot]` GitHub App already has write on issues + PRs at
install time, and the on-demand workflow (`@claude` mentions) has been
posting fine without any of our workflow-level changes.
2026-04-27 02:57:31 +03:00

59 lines
2.3 KiB
YAML
Raw Permalink Blame History

name: Claude Code Review
on:
pull_request:
types: [opened, synchronize, ready_for_review, reopened]
# Optional: Only run on specific file changes
# paths:
# - "src/**/*.ts"
# - "src/**/*.tsx"
# - "src/**/*.js"
# - "src/**/*.jsx"
jobs:
claude-review:
# Optional: Filter by PR author
# if: |
# github.event.pull_request.user.login == 'external-contributor' ||
# github.event.pull_request.user.login == 'new-developer' ||
# github.event.pull_request.author_association == 'FIRST_TIME_CONTRIBUTOR'
runs-on: ubuntu-latest
# Workflow-level permissions don't actually drive Claude's GitHub
# API access here — the action uses an OIDC-issued installation
# token from the `claude[bot]` GitHub App, whose own permissions
# (configured at App-install time) take effect. These read scopes
# cover the rest of the workflow (checkout, etc.).
permissions:
contents: read
pull-requests: read
issues: read
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 1
- name: Run Claude Code Review
id: claude-review
uses: anthropics/claude-code-action@v1
with:
claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
plugin_marketplaces: 'https://github.com/anthropics/claude-code.git'
plugins: 'code-review@claude-code-plugins'
# `--comment` makes the plugin actually publish the review on
# the PR instead of running it as a silent dry-run that only
# writes to the Job Summary. (default plugin behaviour without
# the flag is "render report, don't post".)
prompt: '/code-review:code-review ${{ github.repository }}/pull/${{ github.event.pull_request.number }} --comment'
# Echo Claude's full review report into the job log (visible in
# the Actions UI). Useful when Claude classifies its inline
# findings as low-confidence and skips posting — without this
# you can't tell whether it had nothing to flag or whether
# something filtered out.
display_report: 'true'
# See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md
# or https://code.claude.com/docs/en/cli-reference for available options
Reference in a new issue View git blame Copy permalink