Add Claude Code GitHub Workflow

[rustatian]

🤖 Installing Claude Code GitHub App

This PR adds a GitHub Actions workflow that enables Claude Code integration in our repository.

What is Claude Code?

Claude Code is an AI coding agent that can help with:

• Bug fixes and improvements
• Documentation updates
• Implementing new features
• Code reviews and suggestions
• Writing tests
• And more!

How it works

Once this PR is merged, we'll be able to interact with Claude by mentioning @claude in a pull request or issue comment.
Once the workflow is triggered, Claude will analyze the comment and surrounding context, and execute on the request in a GitHub action.

Important Notes

• This workflow won't take effect until this PR is merged
• @claude mentions won't work until after the merge is complete
• The workflow runs automatically whenever Claude is mentioned in PR or issue comments
• Claude gets access to the entire PR or issue context including files, diffs, and previous comments

Security

• Our Anthropic API key is securely stored as a GitHub Actions secret
• Only users with write access to the repository can trigger the workflow
• All Claude runs are stored in the GitHub Actions run history
• Claude's default tools are limited to reading/writing files and interacting with our repo by creating comments, branches, and commits.
• We can add more allowed tools by adding them to the workflow file like:

allowed_tools: Bash(npm install),Bash(npm run build),Bash(npm run lint),Bash(npm run test)

There's more information in the Claude Code action repo.

After merging this PR, let's try mentioning @claude in a comment on any PR to get started!

Summary by CodeRabbit

• Chores
  • Added automated Claude-based code review workflows that trigger on pull request events and issue mentions, enabling AI-powered code analysis and feedback on contributions.

[coderabbitai]

📝 Walkthrough

Walkthrough

Two new GitHub Actions workflows are introduced to integrate Claude AI for automated code analysis. Both workflows trigger on PR and issue events, configure repository permissions, check out the repository, and execute the Claude Code action with authentication tokens.

Changes

Cohort / File(s)

Summary

GitHub Actions Workflows .github/workflows/claude-code-review.yml, .github/workflows/claude.yml

Two new Claude AI workflow configurations for automated code review and analysis. Both define event triggers (PR/issue events), repository permissions, repository checkout, and Claude Code action execution with token-based authentication. claude-code-review.yml focuses on PR review events with optional filtering. claude.yml triggers on @claude mentions in issues and PRs with additional permissions for actions.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 Through GitHub gates, a Claude now hops,
Reviewing code, the workflow never stops,
Two new paths of automation shine so bright,
AI-powered insights into the night! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description is missing required sections from the template: 'Reason for This PR', 'License Acceptance' statement, and unchecked PR Checklist items that must be completed.	Complete the missing template sections: add a 'Reason for This PR' section citing issue #1772635465677, include the MIT license acceptance statement, and mark completed checklist items.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Add Claude Code GitHub Workflow' clearly and concisely summarizes the main change: introducing GitHub Actions workflows for Claude Code integration.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch add-claude-github-actions-1772635465677

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 35.37%. Comparing base (cced026) to head (7efd408).

Additional details and impacted files

@@           Coverage Diff           @@
##           master    #2304   +/-   ##
=======================================
  Coverage   35.37%   35.37%           
=======================================
  Files          18       18           
  Lines         851      851           
=======================================
  Hits          301      301           
  Misses        511      511           
  Partials       39       39           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Copilot]

Pull request overview

Adds GitHub Actions workflows to integrate Anthropic Claude Code into the repository for interactive “@claude” requests and automated PR code review runs.

Changes:

• Add an on-demand Claude workflow triggered by @claude in issue/PR comments and reviews.
• Add an automatic “Claude Code Review” workflow that runs on PR open/sync events using the code-review plugin.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 5 comments.

File	Description
.github/workflows/claude.yml	New workflow to run Claude Code when @claude is mentioned in supported event payloads.
.github/workflows/claude-code-review.yml	New workflow to run automated Claude-based code review on PR lifecycle events.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

actions/checkout@v4 is inconsistent with the rest of the repo’s workflows, which use actions/checkout@v6 (e.g. .github/workflows/tests.yml, release.yml, codeql-analysis.yml). Aligning versions reduces maintenance overhead and avoids missing newer security/feature updates.

Suggested change

	uses: actions/checkout@v4
	uses: actions/checkout@v6

[coderabbitai]

Actionable comments posted: 4

🧹 Nitpick comments (1)

.github/workflows/claude.yml (1)

8-9: issues: assigned triggers on every reassignment if issue contains @claude

When an issue is reassigned, the assigned type fires this workflow. If the issue title or body contains @claude, the condition on line 19 passes and the workflow runs again. This means reassigning the same issue multiple times creates multiple workflow executions.

Suggested change

  issues:
-    types: [opened, assigned]
+    types: [opened]

If assigned events are intentional, no change is needed. Otherwise, removing it confines issue-based triggers to newly opened issues only.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/claude.yml around lines 8 - 9, The workflow triggers
include "issues: types: [opened, assigned]" which causes reruns on reassignment;
to fix, change the trigger to only "issues: types: [opened]" or keep "assigned"
but add a guard that checks the event action (e.g., require github.event.action
== 'opened') or tighten the condition that looks for "@claude" so it only runs
for newly opened issues; update the "issues: types" array or the workflow
if-condition accordingly to prevent repeats.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/claude-code-review.yml:
- Around line 29-30: Replace floating action tags with immutable commit SHAs:
locate all "uses:" entries such as "uses: actions/checkout@v4" and the "uses:
anthropics/claude-code-action@..." reference in the workflow and replace the tag
form with the corresponding pinned full commit SHA for each action (obtain SHAs
from the action repositories' releases/tags). Ensure every third-party action
used in the file is updated to its full commit SHA so the workflow no longer
references floating tags.
- Around line 22-25: Update the workflow permissions block so the
anthropics/claude-code-action can post PR review comments: change the three
permission entries "contents", "pull-requests", and "issues" from "read" to
"write" in the permissions section (symbol names: permissions, contents,
pull-requests, issues) and ensure the action invocation referencing
anthropics/claude-code-action will run with those elevated scopes; remember that
PRs from forks still require a GitHub App installation token rather than
GITHUB_TOKEN if you need cross-repo write access.

In @.github/workflows/claude.yml:
- Around line 21-26: The workflow's permissions block grants read-only access
for contents, pull-requests, and issues which prevents the
anthropics/claude-code-action from posting comments or updating PRs; update the
permissions keys (contents, pull-requests, issues) to include write access so
the Claude action can perform interactive operations, and remove the redundant
actions: read entry in additional_permissions to avoid duplication (ensure
actions remains the intended value once consolidated).

---

Nitpick comments:
In @.github/workflows/claude.yml:
- Around line 8-9: The workflow triggers include "issues: types: [opened,
assigned]" which causes reruns on reassignment; to fix, change the trigger to
only "issues: types: [opened]" or keep "assigned" but add a guard that checks
the event action (e.g., require github.event.action == 'opened') or tighten the
condition that looks for "@claude" so it only runs for newly opened issues;
update the "issues: types" array or the workflow if-condition accordingly to
prevent repeats.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: fe2e6a27-c9e5-4c68-a4e5-1fd56fd5dbca

📥 Commits

Reviewing files that changed from the base of the PR and between cced026 and 7efd408.

📒 Files selected for processing (2)

• .github/workflows/claude-code-review.yml
• .github/workflows/claude.yml