|
|
name: Review code |
|
|
|
|
|
on: |
|
|
pull_request: |
|
|
types: [opened, synchronize, reopened] |
|
|
|
|
|
permissions: {} |
|
|
|
|
|
jobs: |
|
|
review: |
|
|
name: Review |
|
|
runs-on: ubuntu-24.04 |
|
|
permissions: |
|
|
contents: read |
|
|
id-token: write |
|
|
pull-requests: write |
|
|
|
|
|
steps: |
|
|
- name: Check out repo |
|
|
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 |
|
|
with: |
|
|
fetch-depth: 0 |
|
|
persist-credentials: false |
|
|
|
|
|
- name: Check for Vault team changes |
|
|
id: check_changes |
|
|
run: | |
|
|
# Ensure we have the base branch |
|
|
git fetch origin ${{ github.base_ref }} |
|
|
|
|
|
echo "Comparing changes between origin/${{ github.base_ref }} and HEAD" |
|
|
CHANGED_FILES=$(git diff --name-only origin/${{ github.base_ref }}...HEAD) |
|
|
|
|
|
if [ -z "$CHANGED_FILES" ]; then |
|
|
echo "Zero files changed" |
|
|
echo "vault_team_changes=false" >> $GITHUB_OUTPUT |
|
|
exit 0 |
|
|
fi |
|
|
|
|
|
# Handle variations in spacing and multiple teams |
|
|
VAULT_PATTERNS=$(grep -E "@bitwarden/team-vault-dev(\s|$)" .github/CODEOWNERS 2>/dev/null | awk '{print $1}') |
|
|
|
|
|
if [ -z "$VAULT_PATTERNS" ]; then |
|
|
echo "⚠️ No patterns found for @bitwarden/team-vault-dev in CODEOWNERS" |
|
|
echo "vault_team_changes=false" >> $GITHUB_OUTPUT |
|
|
exit 0 |
|
|
fi |
|
|
|
|
|
vault_team_changes=false |
|
|
for pattern in $VAULT_PATTERNS; do |
|
|
echo "Checking pattern: $pattern" |
|
|
|
|
|
# Handle **/directory patterns |
|
|
if [[ "$pattern" == "**/"* ]]; then |
|
|
# Remove the **/ prefix |
|
|
dir_pattern="${pattern#\*\*/}" |
|
|
# Check if any file contains this directory in its path |
|
|
if echo "$CHANGED_FILES" | grep -qE "(^|/)${dir_pattern}(/|$)"; then |
|
|
vault_team_changes=true |
|
|
echo "✅ Found files matching pattern: $pattern" |
|
|
echo "$CHANGED_FILES" | grep -E "(^|/)${dir_pattern}(/|$)" | sed 's/^/ - /' |
|
|
break |
|
|
fi |
|
|
else |
|
|
# Handle other patterns (shouldn't happen based on your CODEOWNERS) |
|
|
if echo "$CHANGED_FILES" | grep -q "$pattern"; then |
|
|
vault_team_changes=true |
|
|
echo "✅ Found files matching pattern: $pattern" |
|
|
echo "$CHANGED_FILES" | grep "$pattern" | sed 's/^/ - /' |
|
|
break |
|
|
fi |
|
|
fi |
|
|
done |
|
|
|
|
|
echo "vault_team_changes=$vault_team_changes" >> $GITHUB_OUTPUT |
|
|
|
|
|
if [ "$vault_team_changes" = "true" ]; then |
|
|
echo "" |
|
|
echo "✅ Vault team changes detected - proceeding with review" |
|
|
else |
|
|
echo "" |
|
|
echo "❌ No Vault team changes detected - skipping review" |
|
|
fi |
|
|
|
|
|
- name: Review with Claude Code |
|
|
if: steps.check_changes.outputs.vault_team_changes == 'true' |
|
|
uses: anthropics/claude-code-action@ac1a3207f3f00b4a37e2f3a6f0935733c7c64651 # v1.0.11 |
|
|
with: |
|
|
anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} |
|
|
track_progress: true |
|
|
use_sticky_comment: true |
|
|
prompt: | |
|
|
REPO: ${{ github.repository }} |
|
|
PR NUMBER: ${{ github.event.pull_request.number }} |
|
|
TITLE: ${{ github.event.pull_request.title }} |
|
|
BODY: ${{ github.event.pull_request.body }} |
|
|
AUTHOR: ${{ github.event.pull_request.user.login }} |
|
|
COMMIT: ${{ github.event.pull_request.head.sha }} |
|
|
|
|
|
Please review this pull request with a focus on: |
|
|
- Code quality and best practices |
|
|
- Potential bugs or issues |
|
|
- Security implications |
|
|
- Performance considerations |
|
|
|
|
|
Note: The PR branch is already checked out in the current working directory. |
|
|
|
|
|
Provide a comprehensive review including: |
|
|
- Summary of changes since last review |
|
|
- Critical issues found (be thorough) |
|
|
- Suggested improvements (be thorough) |
|
|
- Good practices observed (be concise - list only the most notable items without elaboration) |
|
|
- Action items for the author |
|
|
- Leverage collapsible <details> sections where appropriate for lengthy explanations or code snippets to enhance human readability |
|
|
|
|
|
When reviewing subsequent commits: |
|
|
- Track status of previously identified issues (fixed/unfixed/reopened) |
|
|
- Identify NEW problems introduced since last review |
|
|
- Note if fixes introduced new issues |
|
|
|
|
|
IMPORTANT: Be comprehensive about issues and improvements. For good practices, be brief - just note what was done well without explaining why or praising excessively. |
|
|
|
|
|
claude_args: | |
|
|
--allowedTools "mcp__github_comment__update_claude_comment,mcp__github_inline_comment__create_inline_comment,Bash(gh pr diff:*),Bash(gh pr view:*)"
|
|
|
|
