Skip to content

Add Claude Code GitHub Workflow #1745

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Add Claude Code GitHub Workflow #1745

wants to merge 2 commits into from

Conversation

Titus-von-Koeller
Copy link
Collaborator

🤖 Installing Claude Code GitHub App

This PR adds a GitHub Actions workflow that enables Claude Code integration in our repository.

What is Claude Code?

Claude Code is an AI coding agent that can help with:

  • Bug fixes and improvements
  • Documentation updates
  • Implementing new features
  • Code reviews and suggestions
  • Writing tests
  • And more!

How it works

Once this PR is merged, we'll be able to interact with Claude by mentioning @claude in a pull request or issue comment.
Once the workflow is triggered, Claude will analyze the comment and surrounding context, and execute on the request in a GitHub action.

Important Notes

  • This workflow won't take effect until this PR is merged
  • @claude mentions won't work until after the merge is complete
  • The workflow runs automatically whenever Claude is mentioned in PR or issue comments
  • Claude gets access to the entire PR or issue context including files, diffs, and previous comments

Security

  • Our Anthropic API key is securely stored as a GitHub Actions secret
  • Only users with write access to the repository can trigger the workflow
  • All Claude runs are stored in the GitHub Actions run history
  • Claude's default tools are limited to reading/writing files and interacting with our repo by creating comments, branches, and commits.
  • We can add more allowed tools by adding them to the workflow file like:
allowed_tools: Bash(npm install),Bash(npm run build),Bash(npm run lint),Bash(npm run test)

There's more information in the Claude Code action repo.

After merging this PR, let's try mentioning @claude in a comment on any PR to get started!

@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 3, 2025

The docs for this PR live here. All of your documentation changes will be reflected on that endpoint. The docs are available until 30 days after the last update.

@Titus-von-Koeller
Copy link
Collaborator Author

Titus-von-Koeller commented Sep 3, 2025
edited
Loading

@matthewdouglas What do you think about this?

There's a bunch of other useful stuff we can use Claude Code for, like issue triage and other stuff, see the official docs on the topic: https://github.com/anthropics/claude-code-action/blob/main/examples/claude.yml

Seems only people with write perm to the repo have permissions. I wonder about security implications, but my first impression is that things should be fine.

Only users with write access to the repository can trigger the workflow.

@matthewdouglas
Copy link
Member

Hey @Titus-von-Koeller I'm all for trying this out! The main thing is to just make sure an agent can't do some things, e.g.

  • commit to main or merge PRs
  • create, delete, or modify tags or releases
  • access secrets that it does not need

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Titus-von-Koeller @matthewdouglas