feat: Add Claude Code GH Action for PR Reviews

.github/workflows/claude-review.yml

@@ -0,0 +1,79 @@
+name: Claude Code Review
+
+on:
+  pull_request:
+    types: [opened, synchronize, ready_for_review, reopened]
+
+permissions:
+  contents: read
+  # This allows posting comments and reviews
+  # It does not allow pushing any commits or modifying any files in the repo
+  pull-requests: write
+
+jobs:
+  review:
+    name: Review PR
+    # Note: This job runs on the custom Runner to be able to access LLM Gateway
+    # It will not work on other runners
+    runs-on: BaseRunner
+    steps:
+      - name: Harden the runner (Audit all outbound calls)
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
+        with:
+          egress-policy: audit
+
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - name: Run Claude Code
+        id: claude-review
+        uses: anthropics/claude-code-action@1b8ee3b94104046d71fde52ec3557651ad8c0d71 # v1.0.29
+        env:
+          ANTHROPIC_BASE_URL: ${{ vars.LLM_GATEWAY_BASE_URL }}
+          LLM_GATEWAY_API_KEY: ${{ secrets.LLM_GATEWAY_API_KEY }}
+        with:
+          anthropic_api_key: ${{ secrets.LLM_GATEWAY_API_KEY }}
+
+          # When track_progress is enabled:
+          # - Creates a tracking comment with progress checkboxes
+          # - Includes all PR context (comments, attachments, images)
+          # - Updates progress as the review proceeds
+          # - Marks as completed when done
+          track_progress: true
+
+          # review instructions
+          prompt: |
+            REPO: ${{ github.repository }}
+            PR NUMBER: ${{ github.event.pull_request.number }}
+
+            Perform a comprehensive code review with the following focus areas:
+
+            1. **Code Quality**
+                - Clean code principles and best practices
+                - Proper error handling and edge cases
+                - Code readability and maintainability
+
+            2. **Security**
+                - Check for potential security vulnerabilities
+                - Validate input sanitization
+                - Review authentication/authorization logic
+
+            3. **Performance**
+                - Identify potential performance bottlenecks
+                - Review database queries for efficiency
+                - Check for memory leaks or resource issues
+
+            4. **Testing**
+                - Verify adequate test coverage
+                - Review test quality and edge cases
+                - Check for missing test scenarios
+
+            5. **Documentation**
+                - Ensure code is properly documented
+                - Verify README updates for new features
+                - Check API documentation accuracy
+
+            Provide detailed feedback using inline comments for specific issues.
+            Use top-level comments for general observations or praise.
+
+          # Tools for comprehensive PR review
+          claude_args: |
+            --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*)"