Skip to content

Add Claude Code GitHub Workflow#4988

Merged
leaanthony merged 2 commits into
masterfrom
add-claude-github-actions-1770990763715
Feb 13, 2026
Merged

Add Claude Code GitHub Workflow#4988
leaanthony merged 2 commits into
masterfrom
add-claude-github-actions-1770990763715

Conversation

@leaanthony

@leaanthony leaanthony commented Feb 13, 2026

Copy link
Copy Markdown
Member

🤖 Installing Claude Code GitHub App

This PR adds a GitHub Actions workflow that enables Claude Code integration in our repository.

What is Claude Code?

Claude Code is an AI coding agent that can help with:

  • Bug fixes and improvements
  • Documentation updates
  • Implementing new features
  • Code reviews and suggestions
  • Writing tests
  • And more!

How it works

Once this PR is merged, we'll be able to interact with Claude by mentioning @claude in a pull request or issue comment.
Once the workflow is triggered, Claude will analyze the comment and surrounding context, and execute on the request in a GitHub action.

Important Notes

  • This workflow won't take effect until this PR is merged
  • @claude mentions won't work until after the merge is complete
  • The workflow runs automatically whenever Claude is mentioned in PR or issue comments
  • Claude gets access to the entire PR or issue context including files, diffs, and previous comments

Security

  • Our Anthropic API key is securely stored as a GitHub Actions secret
  • Only users with write access to the repository can trigger the workflow
  • All Claude runs are stored in the GitHub Actions run history
  • Claude's default tools are limited to reading/writing files and interacting with our repo by creating comments, branches, and commits.
  • We can add more allowed tools by adding them to the workflow file like:
allowed_tools: Bash(npm install),Bash(npm run build),Bash(npm run lint),Bash(npm run test)

There's more information in the Claude Code action repo.

After merging this PR, let's try mentioning @claude in a comment on any PR to get started!

Summary by CodeRabbit

  • Chores
    • Added automated code review workflows triggered on pull request events.
    • Added Claude-assisted code analysis capabilities activated by mentions in pull request comments and reviews.

Copilot AI review requested due to automatic review settings February 13, 2026 13:55
@leaanthony leaanthony merged commit bbd1b33 into master Feb 13, 2026
15 of 17 checks passed
@leaanthony leaanthony deleted the add-claude-github-actions-1770990763715 branch February 13, 2026 13:55
@coderabbitai

coderabbitai Bot commented Feb 13, 2026

Copy link
Copy Markdown
Contributor

Caution

Review failed

The pull request is closed.

📝 Walkthrough

Walkthrough

Two new GitHub Actions workflows are introduced to integrate Claude AI-assisted code analysis into the repository. The workflows trigger on pull request and issue events, executing the Claude Code action with OAuth authentication and configurable permissions for repository access.

Changes

Cohort / File(s) Summary
GitHub Actions Workflows
.github/workflows/claude-code-review.yml, .github/workflows/claude.yml
Two new workflow configurations added. The first triggers on PR events to perform automated code review using Claude. The second activates on issue/PR comments containing @claude mentions, executing Claude Code action with token authentication and optional configuration parameters.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

🐰 A rabbit hops through workflows new,
Claude joins to review and code review too,
With OAuth tokens and permissions tight,
PR reviews happen with AI's might! ✨

✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch add-claude-github-actions-1770990763715

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

leaanthony added a commit that referenced this pull request Feb 13, 2026
* "Claude PR Assistant workflow"

* "Claude Code Review workflow"

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds GitHub Actions workflows to enable Claude Code integration in the Wails repository. Claude Code is an AI coding agent that can assist with various development tasks through @claude mentions in PRs and issues. The PR adds two workflows: one for interactive Claude mentions and another for automated code reviews on pull requests.

Changes:

  • Added .github/workflows/claude.yml for interactive Claude mentions in issues, PRs, and comments
  • Added .github/workflows/claude-code-review.yml for automated code reviews on all pull requests
  • Configured workflows to use the CLAUDE_CODE_OAUTH_TOKEN secret for authentication

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 10 comments.

File Description
.github/workflows/claude.yml Interactive workflow triggered by @claude mentions in comments, reviews, or issue creation/assignment
.github/workflows/claude-code-review.yml Automated code review workflow triggered on PR open/sync/reopen events using Claude's code-review plugin

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.


on:
pull_request:
types: [opened, synchronize, ready_for_review, reopened]

Copilot AI Feb 13, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This workflow will trigger for every PR including this one, which could cause it to run immediately after merging. Since the PR description states "@claude mentions won't work until after the merge is complete," it would be better to either:

  1. Add a condition to skip running on PRs that modify workflow files
  2. Add an if condition to exclude the initial PR (e.g., checking labels or PR title)
  3. Keep the workflow commented out initially and enable it in a follow-up PR

This prevents the automated review from running on its own setup PR and consuming unnecessary CI resources.

Suggested change
types: [opened, synchronize, ready_for_review, reopened]
types: [opened, synchronize, ready_for_review, reopened]
paths-ignore:
- ".github/workflows/**"

Copilot uses AI. Check for mistakes.
Comment on lines +8 to +11
# - "src/**/*.ts"
# - "src/**/*.tsx"
# - "src/**/*.js"
# - "src/**/*.jsx"

Copilot AI Feb 13, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The commented path filters reference "src//*.ts", "src//.tsx", "src/**/.js", and "src//*.jsx", but this repository doesn't have a "src/" directory at the root level. The repository structure uses "v2/" and "v3/" directories for different versions. If path filtering is needed, update these to match the actual repository structure, such as "v2//.go", "v3/**/.go", etc.

Suggested change
# - "src/**/*.ts"
# - "src/**/*.tsx"
# - "src/**/*.js"
# - "src/**/*.jsx"
# - "v2/**/*.go"
# - "v3/**/*.go"
# - "v2/**"
# - "v3/**"

Copilot uses AI. Check for mistakes.
Comment on lines +8 to +9
issues:
types: [opened, assigned]

Copilot AI Feb 13, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The workflow triggers on issues: [opened, assigned] which means it will run when an issue is opened or assigned, even if no @claude mention is present. The condition check on line 19 filters for @claude mentions, but the workflow will still be queued and consume resources before being skipped. Consider removing the issues trigger types from line 8-9 to only trigger on actual comments where @claude is mentioned, or ensure this behavior is intentional.

Copilot uses AI. Check for mistakes.
# See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md
# or https://code.claude.com/docs/en/cli-reference for available options
# claude_args: '--allowed-tools Bash(gh pr:*)'

Copilot AI Feb 13, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's an extra blank line at the end of the file. While this doesn't affect functionality, it's inconsistent with typical YAML formatting conventions.

Suggested change

Copilot uses AI. Check for mistakes.
prompt: '/code-review:code-review ${{ github.repository }}/pull/${{ github.event.pull_request.number }}'
# See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md
# or https://code.claude.com/docs/en/cli-reference for available options

Copilot AI Feb 13, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's an extra blank line at the end of the file. While this doesn't affect functionality, it's inconsistent with typical YAML formatting conventions.

Suggested change

Copilot uses AI. Check for mistakes.
Comment on lines +22 to +24
contents: read
pull-requests: read
issues: read

Copilot AI Feb 13, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The permissions are set to read-only, but according to the PR description, Claude should be able to "create comments, branches, and commits." To enable Claude to perform these actions, the workflow needs write permissions. Consider adding:

  • pull-requests: write (for creating PR comments)
  • issues: write (for creating issue comments)
  • contents: write (for creating branches and commits)

Without these write permissions, Claude will only be able to read the repository but won't be able to execute actions or respond with comments.

Suggested change
contents: read
pull-requests: read
issues: read
contents: write
pull-requests: write
issues: write

Copilot uses AI. Check for mistakes.
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: read

Copilot AI Feb 13, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The permissions are set to read-only, but the claude-code-review workflow needs to post review comments on pull requests. Add pull-requests: write permission to enable Claude to create review comments with its findings.

Suggested change
pull-requests: read
pull-requests: write

Copilot uses AI. Check for mistakes.
Comment on lines +39 to +42
# This is an optional setting that allows Claude to read CI results on PRs
additional_permissions: |
actions: read

Copilot AI Feb 13, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The additional_permissions parameter duplicates the actions: read permission that's already declared at the job level (line 26). This duplication is unnecessary and could lead to confusion. Remove either the job-level permission or the additional_permissions configuration.

Suggested change
# This is an optional setting that allows Claude to read CI results on PRs
additional_permissions: |
actions: read

Copilot uses AI. Check for mistakes.
Comment on lines +16 to +19
(github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) ||
(github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) ||
(github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) ||
(github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude')))

Copilot AI Feb 13, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The workflow can be triggered by any user who can create comments on issues or PRs, including external contributors on public repositories. The PR description claims "Only users with write access to the repository can trigger the workflow," but there's no access control check in the workflow. While GitHub Actions provides some protection through permission scoping, consider adding an explicit check to verify the user has write access before executing Claude:

if: |
  github.event_name != 'issue_comment' || 
  github.event.comment.author_association == 'OWNER' || 
  github.event.comment.author_association == 'MEMBER' || 
  github.event.comment.author_association == 'COLLABORATOR'

This prevents unauthorized users from consuming API quota or triggering potentially expensive operations.

Suggested change
(github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) ||
(github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) ||
(github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) ||
(github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude')))
(
(github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) ||
(github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) ||
(github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) ||
(github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude')))
) && (
github.event_name != 'issue_comment' ||
github.event.comment.author_association == 'OWNER' ||
github.event.comment.author_association == 'MEMBER' ||
github.event.comment.author_association == 'COLLABORATOR'
) && (
github.event_name != 'pull_request_review_comment' ||
github.event.comment.author_association == 'OWNER' ||
github.event.comment.author_association == 'MEMBER' ||
github.event.comment.author_association == 'COLLABORATOR'
) && (
github.event_name != 'pull_request_review' ||
github.event.review.author_association == 'OWNER' ||
github.event.review.author_association == 'MEMBER' ||
github.event.review.author_association == 'COLLABORATOR'
) && (
github.event_name != 'issues' ||
github.event.issue.author_association == 'OWNER' ||
github.event.issue.author_association == 'MEMBER' ||
github.event.issue.author_association == 'COLLABORATOR'
)

Copilot uses AI. Check for mistakes.
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:

Copilot AI Feb 13, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When the workflow is triggered by an issue_comment event on a regular issue (not a PR), the checkout will fetch the default branch code, not the PR code. This could lead to Claude operating on the wrong codebase context when mentioned in issue comments that reference PRs. Consider adding logic to detect if the comment is on a PR and checkout the PR branch accordingly, or document that @claude mentions on issues will work with the default branch context.

Suggested change
with:
with:
# Note: For `issue_comment` events on regular issues (not PRs), this will check out the default branch.
# @claude mentions in such issues therefore operate on the default branch codebase, even if the comment references a PR.

Copilot uses AI. Check for mistakes.
Grantmartin2002 pushed a commit to Grantmartin2002/wails that referenced this pull request Apr 29, 2026
* "Claude PR Assistant workflow"

* "Claude Code Review workflow"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants