Skip to content

Add roadtrip_planner managed agents cookbook #586

Add roadtrip_planner managed agents cookbook

Add roadtrip_planner managed agents cookbook #586

name: Claude Model Check
on:
pull_request:
types: [opened, synchronize]
paths:
- '**/*.ipynb'
- '**.py'
- '**.md'
workflow_dispatch:
inputs:
pr_number:
description: 'PR number to review'
required: true
type: number
permissions:
contents: read
pull-requests: write
id-token: write # Anthropic Workload Identity Federation
jobs:
model-check:
# Only run for internal contributors (not forks) unless manually triggered
if: github.event_name == 'workflow_dispatch' || github.event.pull_request.head.repo.full_name == github.repository
runs-on: ubuntu-latest
steps:
- name: Set PR number
id: pr-number
run: |
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
echo "number=${{ inputs.pr_number }}" >> $GITHUB_OUTPUT
else
echo "number=${{ github.event.pull_request.number }}" >> $GITHUB_OUTPUT
fi
- name: Checkout PR
uses: actions/checkout@v6
with:
fetch-depth: 0
ref: ${{ github.event_name == 'workflow_dispatch' && format('refs/pull/{0}/head', inputs.pr_number) || '' }}
- name: Get changed files
id: changed-files
run: |
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
# For manual dispatch, get base ref from PR
BASE_REF=$(gh pr view ${{ steps.pr-number.outputs.number }} --json baseRefName -q .baseRefName)
git fetch origin $BASE_REF
CHANGED_FILES=$(git diff --name-only origin/$BASE_REF...HEAD | grep -E '\.(ipynb|py|md)$' || echo "")
else
git fetch origin ${{ github.base_ref }}
CHANGED_FILES=$(git diff --name-only origin/${{ github.base_ref }}...HEAD | grep -E '\.(ipynb|py|md)$' || echo "")
fi
if [ -z "$CHANGED_FILES" ]; then
echo "No relevant files changed"
echo "has_files=false" >> $GITHUB_OUTPUT
else
echo "Changed files:"
echo "$CHANGED_FILES"
echo "$CHANGED_FILES" > changed_files.txt
echo "has_files=true" >> $GITHUB_OUTPUT
fi
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Claude Model Validation
if: steps.changed-files.outputs.has_files == 'true'
uses: anthropics/claude-code-action@bbfaf8e1ffe3e688f7ab65ceee78de241e24a238 # v1.0.132 (>=v1.0.130 for WIF inputs)
with:
# Anthropic auth via Workload Identity Federation — the action
# exchanges this job's GitHub OIDC token (id-token: write above)
# for a short-lived access token instead of a static API key.
anthropic_federation_rule_id: fdrl_01SqmTwzmEE547mtaYN1mqHL
anthropic_organization_id: 1ec12c5c-6542-4da8-bf2f-c15919aef01c
anthropic_service_account_id: svac_01BHcCBa1UWFvNrHMqJjuaUZ
github_token: ${{ secrets.GITHUB_TOKEN }}
prompt: |
/model-check
Changed files to review:
$(cat changed_files.txt)
claude_args: |
--allowedTools "Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(echo:*),Read,Glob,Grep,WebFetch"
env:
PR_NUMBER: ${{ steps.pr-number.outputs.number }}