Skip to content
Claude Code Review

[CRAFTING] Add AI code review with Claude Code Action and AWS Bedrock #17

Sign in to view logs

[CRAFTING] Add AI code review with Claude Code Action and AWS Bedrock

[CRAFTING] Add AI code review with Claude Code Action and AWS Bedrock #17

Workflow file for this run

.github/workflows/ClaudeReview.yml at 57a5560
name: Claude Code Review
on:
pull_request:
types: [opened, synchronize, ready_for_review]
issue_comment:
types: [created]
pull_request_review_comment:
types: [created]
env:
CLAUDE_MODEL: eu.anthropic.claude-sonnet-4-6
jobs:
auto-review:
name: AI Code Review
if: |
github.event_name == 'pull_request' &&
github.event.pull_request.head.repo.full_name == 'mendix/web-widgets' &&
github.event.pull_request.user.login != 'uicontent' &&
github.event.pull_request.user.login != 'uicontent[bot]' &&
github.event.pull_request.user.login != 'renovate[bot]' &&
github.event.pull_request.draft == false
runs-on: ubuntu-latest
timeout-minutes: 15
concurrency:
group: claude-auto-review-${{ github.event.pull_request.number }}
cancel-in-progress: true
permissions:
contents: read
pull-requests: write
issues: write
id-token: write
actions: read
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 1
- name: Configure AWS Credentials (OIDC)
uses: aws-actions/configure-aws-credentials@3bb878b6ab43ba8717918141cd07a0ea68cfe7ea # v4
with:
role-to-assume: ${{ secrets.AWS_BEDROCK_ROLE_ARN }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Run Claude Code Review
uses: anthropics/claude-code-action@fefa07e9c665b7320f08c3b525980457f22f58aa # v1
with:
use_bedrock: "true"
github_token: ${{ secrets.GITHUB_TOKEN }}
prompt: |
You are reviewing PR #${{ github.event.pull_request.number }} in the mendix/web-widgets monorepo.
Read these files for full context and review guidelines:
- `AGENTS.md` — repo conventions, commands, and constraints
- `.claude/skills/code-review/SKILL.md` — complete review checklist and heuristics
Follow the skill guidelines precisely. Focus only on changed files in the diff; ignore dist/, lockfiles, and generated files.
claude_args: >-
--model ${{ env.CLAUDE_MODEL }} --allowedTools "Bash(gh pr view:*),Bash(gh pr diff:*),Bash(gh pr comment:*),Bash(gh api:*),mcp__github_inline_comment__create_inline_comment,Read,Grep,Glob"
interactive:
name: Claude Interactive
if: |
github.repository == 'mendix/web-widgets' &&
((github.event_name == 'issue_comment' &&
contains(github.event.comment.body, '@claude') &&
github.event.issue.pull_request &&
contains(fromJSON('["MEMBER","COLLABORATOR","OWNER"]'), github.event.comment.author_association)) ||
(github.event_name == 'pull_request_review_comment' &&
contains(github.event.comment.body, '@claude') &&
contains(fromJSON('["MEMBER","COLLABORATOR","OWNER"]'), github.event.comment.author_association)))
runs-on: ubuntu-latest
timeout-minutes: 15
concurrency:
group: claude-interactive-${{ github.event.issue.number || github.event.pull_request.number }}
cancel-in-progress: false
permissions:
contents: read
pull-requests: write
issues: write
id-token: write
actions: read
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 1
- name: Configure AWS Credentials (OIDC)
uses: aws-actions/configure-aws-credentials@3bb878b6ab43ba8717918141cd07a0ea68cfe7ea # v4
with:
role-to-assume: ${{ secrets.AWS_BEDROCK_ROLE_ARN }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Run Claude Code
uses: anthropics/claude-code-action@fefa07e9c665b7320f08c3b525980457f22f58aa # v1
with:
use_bedrock: "true"
github_token: ${{ secrets.GITHUB_TOKEN }}
trigger_phrase: "@claude"
claude_args: >-
--model ${{ env.CLAUDE_MODEL }} --allowedTools "Bash(gh pr view:*),Bash(gh pr diff:*),Bash(gh pr comment:*),Bash(gh api:*),mcp__github_inline_comment__create_inline_comment,Read,Grep,Glob"