[CRAFTING] Add AI code review with Claude Code Action and AWS Bedrock #27
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Claude Code Review | |
| on: | |
| pull_request: | |
| types: [opened, synchronize, ready_for_review] | |
| issue_comment: | |
| types: [created] | |
| pull_request_review_comment: | |
| types: [created] | |
| env: | |
| # EU cross-region inference profile — must match the region prefix in AWS_REGION secret (eu-*) | |
| CLAUDE_MODEL: eu.anthropic.claude-sonnet-4-6 | |
| jobs: | |
| auto-review: | |
| name: AI Code Review | |
| if: | | |
| github.event_name == 'pull_request' && | |
| github.event.pull_request.head.repo.full_name == 'mendix/web-widgets' && | |
| github.event.pull_request.user.login != 'uicontent' && | |
| github.event.pull_request.user.login != 'uicontent[bot]' && | |
| github.event.pull_request.user.login != 'renovate[bot]' && | |
| github.event.pull_request.draft == false | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| concurrency: | |
| group: claude-auto-review-${{ github.event.pull_request.number }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| issues: write | |
| id-token: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 1 | |
| - name: Configure AWS Credentials (OIDC) | |
| uses: aws-actions/configure-aws-credentials@3bb878b6ab43ba8717918141cd07a0ea68cfe7ea # v4 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_BEDROCK_ROLE_ARN }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Run Claude Code Review | |
| uses: anthropics/claude-code-action@fefa07e9c665b7320f08c3b525980457f22f58aa # v1 | |
| with: | |
| use_bedrock: "true" | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| prompt: | | |
| You are reviewing PR #${{ github.event.pull_request.number }} in the mendix/web-widgets monorepo. | |
| Read these files for full context and review guidelines: | |
| - `AGENTS.md` — repo conventions, commands, and constraints | |
| - `.claude/skills/code-review/SKILL.md` — complete review checklist and heuristics | |
| Follow the skill guidelines precisely. Focus only on changed files in the diff; ignore dist/, lockfiles, and generated files. | |
| claude_args: >- | |
| --model ${{ env.CLAUDE_MODEL }} --allowedTools "Bash(gh pr view:*),Bash(gh pr diff:*),Bash(gh pr comment:*),Bash(gh api:*),Bash(git log:*),Bash(git diff:*),Bash(ls:*),Bash(find:*),mcp__github_inline_comment__create_inline_comment,Read,Grep,Glob" | |
| interactive: | |
| name: Claude Interactive | |
| if: | | |
| github.repository == 'mendix/web-widgets' && | |
| ((github.event_name == 'issue_comment' && | |
| contains(github.event.comment.body, '@claude') && | |
| github.event.issue.pull_request && | |
| contains(fromJSON('["MEMBER","COLLABORATOR","OWNER"]'), github.event.comment.author_association)) || | |
| (github.event_name == 'pull_request_review_comment' && | |
| contains(github.event.comment.body, '@claude') && | |
| contains(fromJSON('["MEMBER","COLLABORATOR","OWNER"]'), github.event.comment.author_association))) | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| concurrency: | |
| group: claude-interactive-${{ github.event.issue.number || github.event.pull_request.number }} | |
| cancel-in-progress: false | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| issues: write | |
| id-token: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 1 | |
| - name: Configure AWS Credentials (OIDC) | |
| uses: aws-actions/configure-aws-credentials@3bb878b6ab43ba8717918141cd07a0ea68cfe7ea # v4 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_BEDROCK_ROLE_ARN }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Run Claude Code | |
| uses: anthropics/claude-code-action@fefa07e9c665b7320f08c3b525980457f22f58aa # v1 | |
| with: | |
| use_bedrock: "true" | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| trigger_phrase: "@claude" | |
| system_prompt: | | |
| You are assisting with a PR in the mendix/web-widgets monorepo. | |
| Read these files for repo context and conventions: | |
| - `AGENTS.md` — repo conventions, commands, and constraints | |
| - `.claude/skills/code-review/SKILL.md` — review checklist and heuristics | |
| claude_args: >- | |
| --model ${{ env.CLAUDE_MODEL }} --allowedTools "Bash(gh pr view:*),Bash(gh pr diff:*),Bash(gh pr comment:*),Bash(gh api:*),Bash(git log:*),Bash(git diff:*),Bash(ls:*),Bash(find:*),mcp__github_inline_comment__create_inline_comment,Read,Grep,Glob" |