bf9b0bc0bb
The claude-code-base-action doesn't support OAuth authentication. This change bypasses the base action entirely and runs Claude Code directly. Changes: - Add Node.js setup step - Add Claude Code installation step - Replace uses: claude-code-base-action with direct shell script execution - Handle OAuth by not setting ANTHROPIC_API_KEY when using OAuth - Set up MCP configuration manually - Simplify environment variables to only what's needed This allows OAuth credentials to be used properly since Claude Code will check the credentials file when ANTHROPIC_API_KEY is empty.
218 lines
8.8 KiB
YAML
218 lines
8.8 KiB
YAML
name: "Claude Code Action Official"
|
|
description: "General-purpose Claude agent for GitHub PRs and issues. Can answer questions and implement code changes."
|
|
branding:
|
|
icon: "at-sign"
|
|
color: "orange"
|
|
|
|
inputs:
|
|
trigger_phrase:
|
|
description: "The trigger phrase to look for in comments or issue body"
|
|
required: false
|
|
default: "@claude"
|
|
assignee_trigger:
|
|
description: "The assignee username that triggers the action (e.g. @claude)"
|
|
required: false
|
|
base_branch:
|
|
description: "The branch to use as the base/source when creating new branches (defaults to repository default branch)"
|
|
required: false
|
|
|
|
# Claude Code configuration
|
|
model:
|
|
description: "Model to use (provider-specific format required for Bedrock/Vertex)"
|
|
required: false
|
|
anthropic_model:
|
|
description: "DEPRECATED: Use 'model' instead. Model to use (provider-specific format required for Bedrock/Vertex)"
|
|
required: false
|
|
allowed_tools:
|
|
description: "Additional tools for Claude to use (the base GitHub tools will always be included)"
|
|
required: false
|
|
default: ""
|
|
disallowed_tools:
|
|
description: "Tools that Claude should never use"
|
|
required: false
|
|
default: ""
|
|
custom_instructions:
|
|
description: "Additional custom instructions to include in the prompt for Claude"
|
|
required: false
|
|
default: ""
|
|
direct_prompt:
|
|
description: "Direct instruction for Claude (bypasses normal trigger detection)"
|
|
required: false
|
|
default: ""
|
|
|
|
# Auth configuration
|
|
anthropic_api_key:
|
|
description: "Anthropic API key (required for direct API, not needed for Bedrock/Vertex). Set to 'use-oauth' when using claude_credentials"
|
|
required: false
|
|
claude_credentials:
|
|
description: "Claude OAuth credentials JSON for Claude AI Max subscription authentication"
|
|
required: false
|
|
gitea_token:
|
|
description: "Gitea token with repo and pull request permissions (defaults to GITHUB_TOKEN)"
|
|
required: false
|
|
use_bedrock:
|
|
description: "Use Amazon Bedrock with OIDC authentication instead of direct Anthropic API"
|
|
required: false
|
|
default: "false"
|
|
use_vertex:
|
|
description: "Use Google Vertex AI with OIDC authentication instead of direct Anthropic API"
|
|
required: false
|
|
default: "false"
|
|
|
|
timeout_minutes:
|
|
description: "Timeout in minutes for execution"
|
|
required: false
|
|
default: "30"
|
|
claude_git_name:
|
|
description: "Git user.name for commits made by Claude"
|
|
required: false
|
|
default: "Claude"
|
|
claude_git_email:
|
|
description: "Git user.email for commits made by Claude"
|
|
required: false
|
|
default: "claude@anthropic.com"
|
|
|
|
outputs:
|
|
execution_file:
|
|
description: "Path to the Claude Code execution output file"
|
|
value: ${{ steps.claude-code.outputs.execution_file }}
|
|
|
|
runs:
|
|
using: "composite"
|
|
steps:
|
|
- name: Install Bun
|
|
uses: oven-sh/setup-bun@735343b667d3e6f658f44d0eca948eb6282f2b76 # https://github.com/oven-sh/setup-bun/releases/tag/v2.0.2
|
|
with:
|
|
bun-version: 1.2.11
|
|
|
|
- name: Install Dependencies
|
|
shell: bash
|
|
run: |
|
|
cd ${{ github.action_path }}
|
|
bun install
|
|
|
|
- name: Prepare action
|
|
id: prepare
|
|
shell: bash
|
|
run: |
|
|
bun run ${{ github.action_path }}/src/entrypoints/prepare.ts
|
|
env:
|
|
TRIGGER_PHRASE: ${{ inputs.trigger_phrase }}
|
|
ASSIGNEE_TRIGGER: ${{ inputs.assignee_trigger }}
|
|
BASE_BRANCH: ${{ inputs.base_branch }}
|
|
ALLOWED_TOOLS: ${{ inputs.allowed_tools }}
|
|
CUSTOM_INSTRUCTIONS: ${{ inputs.custom_instructions }}
|
|
DIRECT_PROMPT: ${{ inputs.direct_prompt }}
|
|
OVERRIDE_GITHUB_TOKEN: ${{ inputs.gitea_token }}
|
|
GITHUB_TOKEN: ${{ github.token }}
|
|
GITHUB_RUN_ID: ${{ github.run_id }}
|
|
GITEA_API_URL: ${{ env.GITHUB_SERVER_URL }}
|
|
# Don't set ANTHROPIC_API_KEY when using OAuth
|
|
ANTHROPIC_API_KEY: ${{ inputs.anthropic_api_key != 'use-oauth' && inputs.anthropic_api_key || '' }}
|
|
CLAUDE_CREDENTIALS: ${{ inputs.claude_credentials }}
|
|
|
|
- name: Setup Node.js
|
|
if: steps.prepare.outputs.contains_trigger == 'true'
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '18'
|
|
|
|
- name: Install Claude Code
|
|
if: steps.prepare.outputs.contains_trigger == 'true'
|
|
shell: bash
|
|
run: |
|
|
echo "Installing Claude Code..."
|
|
npm install -g @anthropic-ai/claude-code@latest
|
|
|
|
- name: Run Claude Code
|
|
id: claude-code
|
|
if: steps.prepare.outputs.contains_trigger == 'true'
|
|
shell: bash
|
|
run: |
|
|
# Run Claude Code directly when using OAuth
|
|
if [ "${{ inputs.anthropic_api_key }}" = "use-oauth" ]; then
|
|
echo "Running Claude Code with OAuth authentication"
|
|
# Export empty ANTHROPIC_API_KEY to ensure OAuth credentials are used
|
|
export ANTHROPIC_API_KEY=""
|
|
else
|
|
echo "Running Claude Code with API key authentication"
|
|
export ANTHROPIC_API_KEY="${{ inputs.anthropic_api_key }}"
|
|
fi
|
|
|
|
# Set up other environment variables
|
|
export ALLOWED_TOOLS="${{ env.ALLOWED_TOOLS }}"
|
|
export DISALLOWED_TOOLS="${{ env.DISALLOWED_TOOLS }}"
|
|
export MCP_CONFIG='${{ steps.prepare.outputs.mcp_config }}'
|
|
export MODEL="${{ inputs.model || inputs.anthropic_model }}"
|
|
export ANTHROPIC_MODEL="${{ inputs.model || inputs.anthropic_model }}"
|
|
export TIMEOUT_MINUTES="${{ inputs.timeout_minutes }}"
|
|
export PROMPT_FILE="/tmp/claude-prompts/claude-prompt.txt"
|
|
|
|
# Set up MCP configuration
|
|
mkdir -p ~/.config/claude-code
|
|
echo "$MCP_CONFIG" > ~/.config/claude-code/mcp-config.json
|
|
|
|
# Run Claude Code
|
|
OUTPUT_FILE="/tmp/claude-code-output-$(date +%s).json"
|
|
if claude-code --prompt-file "$PROMPT_FILE" \
|
|
--output-file "$OUTPUT_FILE" \
|
|
--allowed-tools "$ALLOWED_TOOLS" \
|
|
--disallowed-tools "$DISALLOWED_TOOLS" \
|
|
--model "$MODEL" \
|
|
--timeout "${TIMEOUT_MINUTES}m" \
|
|
--mcp-config ~/.config/claude-code/mcp-config.json; then
|
|
echo "Claude Code execution succeeded"
|
|
echo "execution_file=$OUTPUT_FILE" >> $GITHUB_OUTPUT
|
|
echo "conclusion=success" >> $GITHUB_OUTPUT
|
|
else
|
|
echo "Claude Code execution failed"
|
|
echo "conclusion=failure" >> $GITHUB_OUTPUT
|
|
exit 1
|
|
fi
|
|
env:
|
|
# GitHub token for repository access
|
|
GITHUB_TOKEN: ${{ steps.prepare.outputs.GITHUB_TOKEN }}
|
|
GITEA_API_URL: ${{ env.GITHUB_SERVER_URL }}
|
|
|
|
# Git configuration for Claude Code
|
|
GIT_AUTHOR_NAME: ${{ inputs.claude_git_name }}
|
|
GIT_AUTHOR_EMAIL: ${{ inputs.claude_git_email }}
|
|
GIT_COMMITTER_NAME: ${{ inputs.claude_git_name }}
|
|
GIT_COMMITTER_EMAIL: ${{ inputs.claude_git_email }}
|
|
|
|
- name: Update comment with job link
|
|
if: steps.prepare.outputs.contains_trigger == 'true' && steps.prepare.outputs.claude_comment_id && always()
|
|
shell: bash
|
|
run: |
|
|
bun run ${{ github.action_path }}/src/entrypoints/update-comment-link.ts
|
|
env:
|
|
REPOSITORY: ${{ github.repository }}
|
|
PR_NUMBER: ${{ github.event.issue.number || github.event.pull_request.number }}
|
|
CLAUDE_COMMENT_ID: ${{ steps.prepare.outputs.claude_comment_id }}
|
|
GITHUB_RUN_ID: ${{ github.run_id }}
|
|
GITHUB_TOKEN: ${{ steps.prepare.outputs.GITHUB_TOKEN }}
|
|
GITHUB_EVENT_NAME: ${{ github.event_name }}
|
|
TRIGGER_COMMENT_ID: ${{ github.event.comment.id }}
|
|
CLAUDE_BRANCH: ${{ steps.prepare.outputs.CLAUDE_BRANCH }}
|
|
IS_PR: ${{ github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' }}
|
|
BASE_BRANCH: ${{ steps.prepare.outputs.BASE_BRANCH }}
|
|
CLAUDE_SUCCESS: ${{ steps.claude-code.outputs.conclusion == 'success' }}
|
|
OUTPUT_FILE: ${{ steps.claude-code.outputs.execution_file || '' }}
|
|
TRIGGER_USERNAME: ${{ github.event.comment.user.login || github.event.issue.user.login || github.event.pull_request.user.login || github.event.sender.login || github.triggering_actor || github.actor || '' }}
|
|
PREPARE_SUCCESS: ${{ steps.prepare.outcome == 'success' }}
|
|
PREPARE_ERROR: ${{ steps.prepare.outputs.prepare_error || '' }}
|
|
GITEA_API_URL: ${{ env.GITHUB_SERVER_URL }}
|
|
|
|
- name: Display Claude Code Report
|
|
if: steps.prepare.outputs.contains_trigger == 'true' && steps.claude-code.outputs.execution_file != ''
|
|
shell: bash
|
|
run: |
|
|
if [ -f "${{ steps.claude-code.outputs.execution_file }}" ]; then
|
|
echo "## Claude Code Report" >> $GITHUB_STEP_SUMMARY
|
|
echo '```json' >> $GITHUB_STEP_SUMMARY
|
|
cat "${{ steps.claude-code.outputs.execution_file }}" >> $GITHUB_STEP_SUMMARY
|
|
echo '```' >> $GITHUB_STEP_SUMMARY
|
|
else
|
|
echo "⚠️ Claude Code execution completed but no report file was generated" >> $GITHUB_STEP_SUMMARY
|
|
fi
|