Skip to content

Add Claude Code GitHub Workflow #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
IvanMurzak merged 2 commits into from
Feb 27, 2026
Merged

Add Claude Code GitHub Workflow #4

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
04a013f
"Claude PR Assistant workflow"
IvanMurzak Feb 27, 2026
84aec64
Configure .NET setup and allowed tools in workflow
IvanMurzak Feb 27, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
64 changes: 64 additions & 0 deletions .github/workflows/claude.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
name: Claude Code

on:
issue_comment:
types: [created]
pull_request_review_comment:
types: [created]
issues:
types: [opened, assigned]
pull_request_review:
types: [submitted]

jobs:
claude:
if: |
(github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) ||
(github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) ||
(github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) ||
(github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude')))
Comment on lines +16 to +19
Copy link

Copilot AI Feb 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The workflow is triggered on issue_comment and pull_request_review_comment events without checking the actor's permissions. According to the PR description, only users with write access should be able to trigger Claude. Consider adding a permission check at the beginning of the job to ensure the comment author has write or admin access to the repository. This can be done using github.event.comment.author_association or by checking repository permissions explicitly.

Suggested change
(github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) ||
(github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) ||
(github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) ||
(github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude')))
(github.event_name == 'issue_comment' &&
contains(github.event.comment.body, '@claude') &&
(github.event.comment.author_association == 'OWNER' ||
github.event.comment.author_association == 'MEMBER' ||
github.event.comment.author_association == 'COLLABORATOR')) ||
(github.event_name == 'pull_request_review_comment' &&
contains(github.event.comment.body, '@claude') &&
(github.event.comment.author_association == 'OWNER' ||
github.event.comment.author_association == 'MEMBER' ||
github.event.comment.author_association == 'COLLABORATOR')) ||
(github.event_name == 'pull_request_review' &&
contains(github.event.review.body, '@claude') &&
(github.event.review.author_association == 'OWNER' ||
github.event.review.author_association == 'MEMBER' ||
github.event.review.author_association == 'COLLABORATOR')) ||
(github.event_name == 'issues' &&
(contains(github.event.issue.body, '@claude') ||
contains(github.event.issue.title, '@claude')) &&
(github.event.issue.author_association == 'OWNER' ||
github.event.issue.author_association == 'MEMBER' ||
github.event.issue.author_association == 'COLLABORATOR'))

Copilot uses AI. Check for mistakes.
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: read
issues: read
Comment on lines +22 to +24
Copy link

Copilot AI Feb 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The permissions listed only include read permissions for contents, pull-requests, issues, and actions. However, according to the PR description, Claude should be able to create comments, branches, and commits. The workflow needs write permissions for: contents (to create branches and commits), pull-requests (to create comments on PRs), and issues (to create comments on issues). Without these permissions, Claude will not be able to perform its intended functions.

Suggested change
contents: read
pull-requests: read
issues: read
contents: write
pull-requests: write
issues: write

Copilot uses AI. Check for mistakes.
id-token: write
actions: read # Required for Claude to read CI results on PRs
steps:
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: |
8.0.x
9.0.x

Comment on lines +28 to +34
Copy link

Copilot AI Feb 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The .NET setup is not needed for this Unity project. The existing workflows in this repository (release.yml, test_unity_plugin.yml) use Unity-specific actions like game-ci/unity-test-runner and game-ci/unity-builder, not .NET tooling. Unity has its own runtime and doesn't require the .NET SDK to be installed separately. This setup step should be removed.

Suggested change
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: |
8.0.x
9.0.x

Copilot uses AI. Check for mistakes.
- name: Checkout repository
uses: actions/checkout@v4
Copy link

Copilot AI Feb 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This workflow uses actions/checkout@v4 while other workflows in the repository (release.yml, test_unity_plugin.yml) use actions/checkout@v6. For consistency with the rest of the codebase, this should be updated to v6.

Suggested change
uses: actions/checkout@v4
uses: actions/checkout@v6

Copilot uses AI. Check for mistakes.
with:
fetch-depth: 1
Copy link

Copilot AI Feb 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The fetch-depth is set to 1, which performs a shallow clone. This could limit Claude's ability to understand the full context and history of the repository when analyzing code. Consider using a larger fetch-depth or fetch-depth: 0 (full history) to give Claude better context, similar to how the release.yml workflow uses fetch-depth: 0.

Suggested change
fetch-depth: 1
fetch-depth: 0

Copilot uses AI. Check for mistakes.

- name: Run Claude Code
id: claude
uses: anthropics/claude-code-action@v1
with:
claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}

# This is an optional setting that allows Claude to read CI results on PRs
additional_permissions: |
actions: read

# Optional: Give a custom prompt to Claude. If this is not specified, Claude will perform the instructions specified in the comment that tagged it.
# prompt: 'Update the pull request description to include a summary of changes.'

# Optional: Add claude_args to customize behavior and configuration
# See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md
# or https://code.claude.com/docs/en/cli-reference for available options
claude_args: >-
--allowedTools Bash
--allowedTools Edit
--allowedTools Write
--allowedTools Glob
--allowedTools Grep
--allowedTools Read
--allowedTools WebFetch
--allowedTools WebSearch
Loading