diff --git a/.github/workflows/claude-review.yml b/.github/workflows/claude-review.yml new file mode 100644 index 00000000..0c3d2f2f --- /dev/null +++ b/.github/workflows/claude-review.yml @@ -0,0 +1,94 @@ +name: Claude PR Review + +on: + pull_request: + types: [opened, reopened, ready_for_review] + issue_comment: + types: [created] + pull_request_review_comment: + types: [created] + +permissions: + contents: read + pull-requests: write + issues: write + actions: read + +jobs: + claude-review: + runs-on: ubuntu-latest + timeout-minutes: 15 + if: > + (github.event_name == 'pull_request' && + github.event.pull_request.draft == false) || + (github.event_name == 'issue_comment' && + github.event.issue.pull_request && + contains(github.event.comment.body, '@claude') && + contains(fromJSON('["MEMBER", "OWNER", "COLLABORATOR"]'), github.event.comment.author_association)) || + (github.event_name == 'pull_request_review_comment' && + contains(github.event.comment.body, '@claude') && + contains(fromJSON('["MEMBER", "OWNER", "COLLABORATOR"]'), github.event.comment.author_association)) + steps: + - name: Checkout repository + uses: actions/checkout@v6 + with: + fetch-depth: 0 + + - name: Generate GitHub App Token + id: generate-token + uses: actions/create-github-app-token@v1 + with: + app-id: ${{ secrets.CLAUDE_APP_ID }} + private-key: ${{ secrets.CLAUDE_APP_PRIVATE_KEY }} + + - name: Run Claude review + uses: anthropics/claude-code-action@v1 + with: + anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} + github_token: ${{ steps.generate-token.outputs.token }} + prompt: | + REPO: ${{ github.repository }} + PR NUMBER: ${{ github.event.pull_request.number || github.event.issue.number }} + You are reviewing a pull request for the Ably CLI (@ably/cli), an oclif-based TypeScript CLI. + + ## Philosophy + + You are a helpful second pair of eyes, NOT a gatekeeper. Focus on things that + actually matter — bugs, security issues, architectural problems, and correctness. + Do NOT nitpick style, formatting, naming, or minor convention deviations that don't + affect correctness. Developers read every comment you post, so make each one count. + + ## Setup + + 1. Read .claude/CLAUDE.md for project standards. + 2. Read .claude/skills/ably-review/SKILL.md for the review checklist (use as a reference, not a line-by-line audit). + 3. Read .claude/skills/ably-new-command/SKILL.md for command conventions (only if command files changed). + 4. Check which files were changed in this PR. + + ## What to flag (significant concerns only) + + - **Bugs**: Logic errors, race conditions, missing error handling that would crash + - **Security**: Secrets in code, injection vulnerabilities, unsafe input handling + - **Architectural mistakes**: Wrong base class, missing cleanup/teardown, broken JSON output contract + - **Correctness**: this.error() instead of this.fail() (breaks JSON mode), unguarded human output in JSON path, missing test coverage for new commands + - **Breaking changes**: Behavioral changes the PR author may not have intended + + ## What NOT to flag + + - Style issues (eslint handles this) + - Minor naming preferences + - Missing optional improvements (extra tests, additional error messages, docs) + - Convention deviations that don't affect correctness (e.g., describe block naming) + - Anything in unchanged code + - Suggestions beyond the PR's scope + + ## Tone + + Be direct and constructive. When flagging an issue, explain WHY it matters — what + breaks, what's the risk, what's the user impact. Don't just cite a rule. + + Always post a summary comment when the review is complete, even if you have no issues to raise. + claude_args: | + --max-turns 50 + --model claude-sonnet-4-6 + --allowedTools "Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Read,Glob,Grep" diff --git a/.github/workflows/pr-overview.yml b/.github/workflows/pr-overview.yml new file mode 100644 index 00000000..02a7d393 --- /dev/null +++ b/.github/workflows/pr-overview.yml @@ -0,0 +1,67 @@ +name: PR Overview Generator + +on: + pull_request: + types: [opened, reopened, ready_for_review] + +permissions: + contents: read + pull-requests: write + +jobs: + generate-overview: + name: Generate PR Overview + if: github.event.pull_request.draft == false + runs-on: ubuntu-latest + timeout-minutes: 10 + steps: + - name: Checkout PR branch + uses: actions/checkout@v6 + with: + fetch-depth: 0 + + - name: Generate GitHub App Token + id: generate-token + uses: actions/create-github-app-token@v1 + with: + app-id: ${{ secrets.CLAUDE_APP_ID }} + private-key: ${{ secrets.CLAUDE_APP_PRIVATE_KEY }} + + - name: Generate PR Overview + uses: anthropics/claude-code-action@v1 + with: + anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} + github_token: ${{ steps.generate-token.outputs.token }} + bot_name: "Claude" + track_progress: false + prompt: | + REPO: ${{ github.repository }} + PR NUMBER: ${{ github.event.pull_request.number }} + + Generate a structured PR overview for this Ably CLI pull request. + + Analyze all changes and create a comment with: + + ## Walkthrough + A brief 2-3 sentence summary of what this PR does and why. + + ## Changes + | Area | Files | Summary | + |------|-------|---------| + Group files by area: Commands, Tests, Services, Utils, Config, Docs, Other. + Each row should have a one-line summary of what changed in those files. + + ## Review Notes + Flag anything that reviewers should pay special attention to: + - Breaking changes or behavioral changes + - New dependencies + - Files that need test coverage + - Migration or deployment considerations + + Keep it concise — this is a summary, not a review. + + Post this as a comment on the PR. + claude_args: | + --max-turns 20 + --model claude-sonnet-4-6 + --allowedTools "Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr comment:*),Read,Glob,Grep"