From 609cb510eb771973e9bc6c8d60fa6c3f50842285 Mon Sep 17 00:00:00 2001 From: james-haytko_nwx Date: Mon, 23 Feb 2026 16:18:23 -0600 Subject: [PATCH] split review and fix workflows --- .../workflows/claude-documentation-fixer.yml | 44 +++++++++++++++++++ .../claude-documentation-reviewer.yml | 42 +++--------------- 2 files changed, 49 insertions(+), 37 deletions(-) create mode 100644 .github/workflows/claude-documentation-fixer.yml diff --git a/.github/workflows/claude-documentation-fixer.yml b/.github/workflows/claude-documentation-fixer.yml new file mode 100644 index 0000000000..415d43fdef --- /dev/null +++ b/.github/workflows/claude-documentation-fixer.yml @@ -0,0 +1,44 @@ +name: Documentation Fixer + +on: + issue_comment: + types: [created] + +jobs: + claude-response: + runs-on: ubuntu-latest + # Only run on PR comments that mention @claude + if: | + github.event.issue.pull_request && + contains(github.event.comment.body, '@claude') + permissions: + contents: write + pull-requests: write + issues: write + id-token: write + actions: read + steps: + - name: Get PR branch + id: pr-info + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + PR_DATA=$(gh pr view ${{ github.event.issue.number }} --repo ${{ github.repository }} --json headRefName,headRefOid) + echo "branch=$(echo "$PR_DATA" | jq -r '.headRefName')" >> "$GITHUB_OUTPUT" + + - name: Checkout repository + uses: actions/checkout@v4 + with: + # Check out the branch by name so git push works. + ref: ${{ steps.pr-info.outputs.branch }} + fetch-depth: 0 + + - name: Apply fixes + uses: anthropics/claude-code-action@v1 + with: + anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} + github_token: ${{ secrets.GITHUB_TOKEN }} + show_full_output: true + claude_args: | + --model claude-sonnet-4-5-20250929 + --allowedTools "Read,Write,Edit,Bash(gh pr view:*),Bash(gh pr diff:*),Bash(gh pr comment:*),Bash(git config:*),Bash(git add:*),Bash(git commit:*),Bash(git push:*),Bash(git status:*),Bash(git diff:*)" diff --git a/.github/workflows/claude-documentation-reviewer.yml b/.github/workflows/claude-documentation-reviewer.yml index 834b91d051..7fe1ba572f 100644 --- a/.github/workflows/claude-documentation-reviewer.yml +++ b/.github/workflows/claude-documentation-reviewer.yml @@ -5,45 +5,26 @@ on: types: [opened, edited, reopened, synchronize] paths: - '**.md' - issue_comment: - types: [created] jobs: claude-response: runs-on: ubuntu-latest - # For issue_comment events, only run on PR comments that mention @claude - if: | - github.event_name == 'pull_request_target' || - (github.event_name == 'issue_comment' && - github.event.issue.pull_request && - contains(github.event.comment.body, '@claude')) permissions: - contents: write + contents: read pull-requests: write issues: write id-token: write actions: read steps: - - name: Get PR branch for issue_comment events - id: pr-info - if: github.event_name == 'issue_comment' - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - PR_DATA=$(gh pr view ${{ github.event.issue.number }} --repo ${{ github.repository }} --json headRefName,headRefOid) - echo "branch=$(echo "$PR_DATA" | jq -r '.headRefName')" >> "$GITHUB_OUTPUT" - - name: Checkout repository uses: actions/checkout@v4 with: - # For fix mode, check out the branch by name so git push works. - # For review mode, check out by SHA to prevent TOCTOU attacks from forks. - ref: ${{ github.event_name == 'issue_comment' && steps.pr-info.outputs.branch || github.event.pull_request.head.sha || github.sha }} + # Check out by SHA to prevent TOCTOU attacks from forks. + ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 0 - name: Get changed markdown files id: changed-files - if: github.event_name == 'pull_request_target' run: | BASE_SHA="${{ github.event.pull_request.base.sha }}" HEAD_SHA="${{ github.event.pull_request.head.sha }}" @@ -61,7 +42,7 @@ jobs: fi - name: Delete existing review comment - if: github.event_name == 'pull_request_target' && steps.changed-files.outputs.count > 0 + if: steps.changed-files.outputs.count > 0 env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | @@ -93,10 +74,9 @@ jobs: echo "EOF" } >> "$GITHUB_OUTPUT" - # Review mode: auto-triggered when markdown files change in a PR - name: Run documentation review + if: steps.changed-files.outputs.count > 0 uses: anthropics/claude-code-action@v1 - if: github.event_name == 'pull_request_target' && steps.changed-files.outputs.count > 0 with: anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} github_token: ${{ secrets.GITHUB_TOKEN }} @@ -118,15 +98,3 @@ jobs: --model claude-sonnet-4-5-20250929 --allowedTools "Write,Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr comment:*)" --append-system-prompt "${{ steps.read-prompt.outputs.prompt }}" - - # Fix mode: triggered when someone comments @claude on a PR - - name: Apply fixes on @claude request - uses: anthropics/claude-code-action@v1 - if: github.event_name == 'issue_comment' - with: - anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} - github_token: ${{ secrets.GITHUB_TOKEN }} - show_full_output: true - claude_args: | - --model claude-sonnet-4-5-20250929 - --allowedTools "Read,Write,Edit,Bash(gh pr view:*),Bash(gh pr diff:*),Bash(gh pr comment:*),Bash(git config:*),Bash(git add:*),Bash(git commit:*),Bash(git push:*),Bash(git status:*),Bash(git diff:*)"