react-native-sdk/.github/workflows/claude.yml at master · Usercentrics/react-native-sdk · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
name: Claude Code

on:
  issue_comment:
    types: [created]
  pull_request_review_comment:
    types: [created]
  pull_request_review:
    types: [submitted]

jobs:
  claude:
    # Restrict to repo members/collaborators only — critical for public repos to prevent
    # arbitrary users from triggering Claude and consuming API credits or injecting prompts.
    if: |
      (github.event_name == 'issue_comment' && github.event.issue.pull_request != null &&
        contains(github.event.comment.body, '@claude') &&
        (github.event.comment.author_association == 'OWNER' ||
         github.event.comment.author_association == 'MEMBER' ||
         github.event.comment.author_association == 'COLLABORATOR')) ||
      (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude') &&
        (github.event.comment.author_association == 'OWNER' ||
         github.event.comment.author_association == 'MEMBER' ||
         github.event.comment.author_association == 'COLLABORATOR')) ||
      (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude') &&
        (github.event.review.author_association == 'OWNER' ||
         github.event.review.author_association == 'MEMBER' ||
         github.event.review.author_association == 'COLLABORATOR'))
    runs-on: ubuntu-latest
    timeout-minutes: 10
    concurrency:
      group: claude-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}
      cancel-in-progress: false
    permissions:
      contents: write
      pull-requests: write
      id-token: write
      actions: read # Required for Claude to read CI results on PRs
    steps:
      - name: Checkout repository
        uses: actions/checkout@v6
        with:
          fetch-depth: 1

      - name: Run Claude Code
        id: claude
        uses: anthropics/claude-code-action@v1
        with:
          anthropic_api_key: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
          claude_args: |
            --model claude-sonnet-4-6
            --max-turns 10
            --system-prompt "This is the Usercentrics React Native SDK. Follow existing patterns. Do not modify package.json without explicit instruction."