firefrost-gaming/claude-skills-reference
3
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Merge pull request #499 from alirezarezvani/claude/audit-pr-498-workflow-Pa5Ku

Browse Source
This commit is contained in:
Alireza Rezvani
2026-04-09 00:15:15 +02:00
committed by GitHub
parent fdb0c12cba ed2419b8e1
commit 44654d21e6
3 changed files with 23 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.github/workflows/ci-quality-gate.yml vendored
View File

@@ -31,6 +31,9 @@ jobs:
echo "target_ref=${{ github.event.inputs.ref }}" >> "$GITHUB_OUTPUT" echo "target_ref=${{ github.event.inputs.ref }}" >> "$GITHUB_OUTPUT"
elif [[ "${{ github.event_name }}" == "repository_dispatch" && -n "${{ github.event.client_payload.ref }}" ]]; then elif [[ "${{ github.event_name }}" == "repository_dispatch" && -n "${{ github.event.client_payload.ref }}" ]]; then
echo "target_ref=${{ github.event.client_payload.ref }}" >> "$GITHUB_OUTPUT" echo "target_ref=${{ github.event.client_payload.ref }}" >> "$GITHUB_OUTPUT"
elif [[ "${{ github.event_name }}" == "pull_request" ]]; then
# Use commit SHA for PRs — branch names from forks don't exist in the base repo
echo "target_ref=${{ github.event.pull_request.head.sha }}" >> "$GITHUB_OUTPUT"
else else
echo "target_ref=${{ github.head_ref || github.ref_name }}" >> "$GITHUB_OUTPUT" echo "target_ref=${{ github.head_ref || github.ref_name }}" >> "$GITHUB_OUTPUT"
fi fi

11
.github/workflows/claude-code-review.yml vendored
View File

@@ -114,6 +114,7 @@ jobs:
- name: Post fallback review note (quota/timeout) - name: Post fallback review note (quota/timeout)
if: steps.claude-review.outcome != 'success' if: steps.claude-review.outcome != 'success'
continue-on-error: true # Fork PRs have read-only GITHUB_TOKEN
uses: actions/github-script@v7 uses: actions/github-script@v7
with: with:
script: | script: |
@@ -129,3 +130,13 @@ jobs:
- Proceed with manual review to unblock - Proceed with manual review to unblock
` `
}) })
- name: Write review status to job summary
if: steps.claude-review.outcome != 'success'
run: |
echo "## ⚠️ Automated Review Skipped" >> "$GITHUB_STEP_SUMMARY"
echo "" >> "$GITHUB_STEP_SUMMARY"
echo "The Claude review could not complete." >> "$GITHUB_STEP_SUMMARY"
echo "For fork PRs this is expected — OIDC tokens are unavailable." >> "$GITHUB_STEP_SUMMARY"
echo "" >> "$GITHUB_STEP_SUMMARY"
echo "- Retry from the Actions tab, or proceed with manual review." >> "$GITHUB_STEP_SUMMARY"

9
.github/workflows/skill-security-audit.yml vendored
View File

@@ -191,8 +191,17 @@ jobs:
echo "report_file=$REPORT_FILE" >> "$GITHUB_OUTPUT" echo "report_file=$REPORT_FILE" >> "$GITHUB_OUTPUT"
echo "exit_code=$OVERALL_EXIT" >> "$GITHUB_OUTPUT" echo "exit_code=$OVERALL_EXIT" >> "$GITHUB_OUTPUT"
- name: Post audit results to job summary
if: always()
run: |
REPORT_FILE="${{ steps.audit.outputs.report_file }}"
if [ -f "$REPORT_FILE" ]; then
cat "$REPORT_FILE" >> "$GITHUB_STEP_SUMMARY"
fi
- name: Post audit results as PR comment - name: Post audit results as PR comment
if: always() if: always()
continue-on-error: true # Fork PRs have read-only GITHUB_TOKEN
uses: actions/github-script@v7 uses: actions/github-script@v7
with: with:
script: | script: |