6fbe6cdb27
Implemented full GitHub automation system from claude-code-skills-factory with project-specific configuration for claude-skills repository. ## New Workflows - **ci-quality-gate.yml**: Automated linting, testing, and security checks - **claude-code-review.yml**: Enhanced with kill switch and bypass mechanisms - **pr-issue-auto-close.yml**: Auto-close linked issues when PRs merge - **smart-sync.yml**: Bidirectional sync between issues and project board ## Configuration Files - **WORKFLOW_KILLSWITCH**: Emergency workflow disable capability - **branch-protection-config.json**: Branch protection settings - **commit-template.txt**: Standardized commit message template - **AUTOMATION_SETUP.md**: Complete setup and configuration guide ## Templates - **pull_request_template.md**: Enhanced with security and quality checklists ## Key Features ✅ AI-powered code reviews with Claude ✅ Automatic issue closure on PR merge ✅ Bidirectional issue ↔ project board sync ✅ Quality gates (YAML lint, Python syntax, security audit) ✅ Kill switch for emergency workflow disable ✅ Rate limit protection with circuit breakers ✅ 10-second debouncing to prevent sync loops ## Project Configuration - Repository: alirezarezvani/claude-skills - Project Number: 9 - Status: Ready for PROJECTS_TOKEN configuration ## Testing Workflows validated with yamllint and ready for deployment. See .github/AUTOMATION_SETUP.md for complete setup instructions.
132 lines
4.7 KiB
YAML
132 lines
4.7 KiB
YAML
---
|
|
name: Claude Code Review
|
|
|
|
'on':
|
|
pull_request:
|
|
types: [opened, synchronize]
|
|
|
|
# Prevent multiple review runs on rapid PR updates
|
|
concurrency:
|
|
group: claude-review-${{ github.event.pull_request.number }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
claude-review:
|
|
# Auto-review ALL pull requests with Claude
|
|
# BYPASS: Add [EMERGENCY], [SKIP REVIEW], or [HOTFIX] to PR title
|
|
# BYPASS: Or add 'emergency' or 'skip-review' label to PR
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
pull-requests: read
|
|
issues: read
|
|
id-token: write # Required by Claude Code action for OIDC authentication
|
|
|
|
steps:
|
|
- name: Check Workflow Kill Switch
|
|
run: |
|
|
if [ -f ".github/WORKFLOW_KILLSWITCH" ]; then
|
|
STATUS=$(grep "STATUS:" .github/WORKFLOW_KILLSWITCH | awk '{print $2}')
|
|
if [ "$STATUS" = "DISABLED" ]; then
|
|
echo "🛑 Workflows disabled by kill switch"
|
|
exit 0
|
|
fi
|
|
fi
|
|
- name: Check for Review Bypass
|
|
id: bypass
|
|
run: |
|
|
PR_TITLE="${{ github.event.pull_request.title }}"
|
|
PR_LABELS="${{ toJSON(github.event.pull_request.labels.*.name) }}"
|
|
|
|
# Check for bypass markers in PR title
|
|
if echo "$PR_TITLE" | grep -qE '\[EMERGENCY\]|\[SKIP REVIEW\]|\[HOTFIX\]'; then
|
|
echo "bypass=true" >> $GITHUB_OUTPUT
|
|
echo "reason=PR title contains bypass marker" >> $GITHUB_OUTPUT
|
|
echo "⏭️ BYPASS: PR title contains bypass marker"
|
|
exit 0
|
|
fi
|
|
|
|
# Check for bypass labels
|
|
if echo "$PR_LABELS" | grep -qE 'emergency|skip-review|hotfix'; then
|
|
echo "bypass=true" >> $GITHUB_OUTPUT
|
|
echo "reason=PR has bypass label" >> $GITHUB_OUTPUT
|
|
echo "⏭️ BYPASS: PR has bypass label"
|
|
exit 0
|
|
fi
|
|
|
|
echo "bypass=false" >> $GITHUB_OUTPUT
|
|
echo "✅ No bypass detected - review will proceed"
|
|
|
|
- name: Post Bypass Notice
|
|
if: steps.bypass.outputs.bypass == 'true'
|
|
uses: actions/github-script@v7
|
|
with:
|
|
script: |
|
|
github.rest.issues.createComment({
|
|
issue_number: context.issue.number,
|
|
owner: context.repo.owner,
|
|
repo: context.repo.repo,
|
|
body: `## ⏭️ Code Review Bypassed
|
|
|
|
**Reason**: ${{ steps.bypass.outputs.reason }}
|
|
|
|
⚠️ **Manual review recommended** - This PR was merged without automated code review.
|
|
|
|
---
|
|
*Bypass triggered by emergency procedures protocol*`
|
|
})
|
|
|
|
- name: Checkout repository
|
|
if: steps.bypass.outputs.bypass != 'true'
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 1
|
|
|
|
- name: Run Claude Code Review
|
|
if: steps.bypass.outputs.bypass != 'true'
|
|
id: claude-review
|
|
uses: anthropics/claude-code-action@v1
|
|
continue-on-error: true
|
|
with:
|
|
claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
|
|
prompt: |
|
|
REPO: ${{ github.repository }}
|
|
PR NUMBER: ${{ github.event.pull_request.number }}
|
|
|
|
Please review this pull request and provide feedback on:
|
|
- Code quality and best practices
|
|
- Potential bugs or issues
|
|
- Performance considerations
|
|
- Security concerns
|
|
- Test coverage
|
|
- Skill quality (if applicable)
|
|
|
|
Use the repository's CLAUDE.md for guidance on style and conventions. Be constructive and helpful in your feedback.
|
|
|
|
Use `gh pr comment` with your Bash tool to leave your review as a comment on the PR.
|
|
|
|
# See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md
|
|
# or https://docs.claude.com/en/docs/claude-code/cli-reference
|
|
claude_args: >-
|
|
--allowed-tools
|
|
"Bash(gh issue view:*),Bash(gh search:*),Bash(gh issue list:*),
|
|
Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr list:*)"
|
|
|
|
- name: Post fallback review note (quota/timeout)
|
|
if: steps.claude-review.outcome != 'success'
|
|
uses: actions/github-script@v7
|
|
with:
|
|
script: |
|
|
github.rest.issues.createComment({
|
|
issue_number: context.issue.number,
|
|
owner: context.repo.owner,
|
|
repo: context.repo.repo,
|
|
body: `## ⚠️ Automated Review Skipped
|
|
|
|
The automated Claude review could not complete (likely quota or a transient error).
|
|
|
|
- You can retry this workflow from the Actions tab
|
|
- Proceed with manual review to unblock
|
|
`
|
|
})
|