feat: integrate claude-code-base-action as local subaction (#285)

* feat: integrate claude-code-base-action as local subaction - Copy claude-code-base-action into base-action/ directory - Update action.yml to reference ./base-action instead of external repo - Preserve complete base action structure for future refactoring This eliminates the external dependency while maintaining modularity. * feat: consolidate CI workflows and add version bump workflow - Move base-action test workflows to main .github/workflows/ - Update workflow references to use ./base-action - Add CI jobs for base-action (test, typecheck, prettier) - Add bump-claude-code-version workflow for base-action - Remove redundant .github directory from base-action This consolidates all CI workflows in one place while maintaining full test coverage for both the main action and base-action. * tsc * copy again * fix tests * fix: use absolute path for base-action reference Replace relative path ./base-action with ${{ github.action_path }}/base-action to ensure the action works correctly when used in other repositories. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * fix: inline base-action execution to support usage in other repos Replace uses: ./base-action with direct shell execution since GitHub Actions doesn't support dynamic paths in composite actions. This ensures the action works correctly when used in other repositories. Changes: - Install Claude Code globally before execution - Run base-action's index.ts directly with bun - Pass all required INPUT_* environment variables - Maintain base-action for future separate publishing 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com>
2026-01-22 22:44:13 +08:00 · 2025-07-18 13:52:56 -07:00
parent 00b4a23551
commit 8335bda243
38 changed files with 3586 additions and 17 deletions
--- a/.github/workflows/test-settings.yml
+++ b/.github/workflows/test-settings.yml
@@ -0,0 +1,185 @@
+name: Test Settings Feature
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+  workflow_dispatch:
+
+jobs:
+  test-settings-inline-allow:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+
+      - name: Test with inline settings JSON (echo allowed)
+        id: inline-settings-test
+        uses: ./base-action
+        with:
+          prompt: |
+            Use Bash to echo "Hello from settings test"
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          settings: |
+            {
+              "permissions": {
+                "allow": ["Bash(echo:*)"]
+              }
+            }
+          timeout_minutes: "2"
+
+      - name: Verify echo worked
+        run: |
+          OUTPUT_FILE="${{ steps.inline-settings-test.outputs.execution_file }}"
+          CONCLUSION="${{ steps.inline-settings-test.outputs.conclusion }}"
+
+          echo "Conclusion: $CONCLUSION"
+
+          if [ "$CONCLUSION" = "success" ]; then
+            echo "✅ Action completed successfully"
+          else
+            echo "❌ Action failed"
+            exit 1
+          fi
+
+          # Check that permission was NOT denied
+          if grep -q "Permission to use Bash with command echo.*has been denied" "$OUTPUT_FILE"; then
+            echo "❌ Echo command was denied when it should have been allowed"
+            cat "$OUTPUT_FILE"
+            exit 1
+          fi
+
+          # Check if the echo command worked
+          if grep -q "Hello from settings test" "$OUTPUT_FILE"; then
+            echo "✅ Bash echo command worked (allowed by permissions)"
+          else
+            echo "❌ Bash echo command didn't work"
+            cat "$OUTPUT_FILE"
+            exit 1
+          fi
+
+  test-settings-inline-deny:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+
+      - name: Test with inline settings JSON (echo denied)
+        id: inline-settings-test
+        uses: ./base-action
+        with:
+          prompt: |
+            Use Bash to echo "This should not work"
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          settings: |
+            {
+              "permissions": {
+                "deny": ["Bash(echo:*)"]
+              }
+            }
+          timeout_minutes: "2"
+
+      - name: Verify echo was denied
+        run: |
+          OUTPUT_FILE="${{ steps.inline-settings-test.outputs.execution_file }}"
+
+          # Check that permission was denied in the tool_result
+          if grep -q "Permission to use Bash with command echo.*has been denied" "$OUTPUT_FILE"; then
+            echo "✅ Echo command was correctly denied by permissions"
+          else
+            echo "❌ Expected permission denied message not found"
+            cat "$OUTPUT_FILE"
+            exit 1
+          fi
+
+  test-settings-file-allow:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+
+      - name: Create settings file (echo allowed)
+        run: |
+          cat > test-settings.json << EOF
+          {
+            "permissions": {
+              "allow": ["Bash(echo:*)"]
+            }
+          }
+          EOF
+
+      - name: Test with settings file
+        id: file-settings-test
+        uses: ./base-action
+        with:
+          prompt: |
+            Use Bash to echo "Hello from settings file test"
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          settings: "test-settings.json"
+          timeout_minutes: "2"
+
+      - name: Verify echo worked
+        run: |
+          OUTPUT_FILE="${{ steps.file-settings-test.outputs.execution_file }}"
+          CONCLUSION="${{ steps.file-settings-test.outputs.conclusion }}"
+
+          echo "Conclusion: $CONCLUSION"
+
+          if [ "$CONCLUSION" = "success" ]; then
+            echo "✅ Action completed successfully"
+          else
+            echo "❌ Action failed"
+            exit 1
+          fi
+
+          # Check that permission was NOT denied
+          if grep -q "Permission to use Bash with command echo.*has been denied" "$OUTPUT_FILE"; then
+            echo "❌ Echo command was denied when it should have been allowed"
+            cat "$OUTPUT_FILE"
+            exit 1
+          fi
+
+          # Check if the echo command worked
+          if grep -q "Hello from settings file test" "$OUTPUT_FILE"; then
+            echo "✅ Bash echo command worked (allowed by permissions)"
+          else
+            echo "❌ Bash echo command didn't work"
+            cat "$OUTPUT_FILE"
+            exit 1
+          fi
+
+  test-settings-file-deny:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+
+      - name: Create settings file (echo denied)
+        run: |
+          cat > test-settings.json << EOF
+          {
+            "permissions": {
+              "deny": ["Bash(echo:*)"]
+            }
+          }
+          EOF
+
+      - name: Test with settings file
+        id: file-settings-test
+        uses: ./base-action
+        with:
+          prompt: |
+            Use Bash to echo "This should not work from file"
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          settings: "test-settings.json"
+          timeout_minutes: "2"
+
+      - name: Verify echo was denied
+        run: |
+          OUTPUT_FILE="${{ steps.file-settings-test.outputs.execution_file }}"
+
+          # Check that permission was denied in the tool_result
+          if grep -q "Permission to use Bash with command echo.*has been denied" "$OUTPUT_FILE"; then
+            echo "✅ Echo command was correctly denied by permissions"
+          else
+            echo "❌ Expected permission denied message not found"
+            cat "$OUTPUT_FILE"
+            exit 1
+          fi