name: Auto Fix CI Failures on: workflow_run: workflows: ["CI"] types: - completed permissions: contents: write pull-requests: write actions: read issues: write id-token: write # Required for OIDC token exchange jobs: auto-fix: if: | github.event.workflow_run.conclusion == 'failure' && github.event.workflow_run.pull_requests[0] && !startsWith(github.event.workflow_run.head_branch, 'claude-auto-fix-ci-') runs-on: ubuntu-latest steps: - name: Check for clawd-stop label id: check_label uses: actions/github-script@v7 with: script: | const prNumber = ${{ github.event.workflow_run.pull_requests[0].number }}; const { data: pr } = await github.rest.pulls.get({ owner: context.repo.owner, repo: context.repo.repo, pull_number: prNumber }); const hasClawdStop = pr.labels.some(label => label.name === 'clawd-stop'); if (hasClawdStop) { console.log('PR has clawd-stop label, skipping auto-fix'); } return hasClawdStop; result-encoding: string - name: Checkout code if: steps.check_label.outputs.result != 'true' uses: actions/checkout@v5 with: ref: ${{ github.event.workflow_run.head_branch }} fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} - name: Setup git identity if: steps.check_label.outputs.result != 'true' run: | git config --global user.email "claude[bot]@users.noreply.github.com" git config --global user.name "claude[bot]" - name: Create fix branch if: steps.check_label.outputs.result != 'true' id: branch run: | BRANCH_NAME="claude-auto-fix-ci-${{ github.event.workflow_run.head_branch }}-${{ github.run_id }}" git checkout -b "$BRANCH_NAME" echo "branch_name=$BRANCH_NAME" >> $GITHUB_OUTPUT - name: Get CI failure details if: steps.check_label.outputs.result != 'true' id: failure_details uses: actions/github-script@v7 with: script: | const run = await github.rest.actions.getWorkflowRun({ owner: context.repo.owner, repo: context.repo.repo, run_id: ${{ github.event.workflow_run.id }} }); const jobs = await github.rest.actions.listJobsForWorkflowRun({ owner: context.repo.owner, repo: context.repo.repo, run_id: ${{ github.event.workflow_run.id }} }); const failedJobs = jobs.data.jobs.filter(job => job.conclusion === 'failure'); let errorLogs = []; for (const job of failedJobs) { const logs = await github.rest.actions.downloadJobLogsForWorkflowRun({ owner: context.repo.owner, repo: context.repo.repo, job_id: job.id }); errorLogs.push({ jobName: job.name, logs: logs.data }); } return { runUrl: run.data.html_url, failedJobs: failedJobs.map(j => j.name), errorLogs: errorLogs }; - name: Fix CI failures with Claude if: steps.check_label.outputs.result != 'true' id: claude uses: anthropics/claude-code-action@v1 with: prompt: | /fix-ci Failed CI Run: ${{ fromJSON(steps.failure_details.outputs.result).runUrl }} Failed Jobs: ${{ join(fromJSON(steps.failure_details.outputs.result).failedJobs, ', ') }} PR Number: ${{ github.event.workflow_run.pull_requests[0].number }} Branch Name: ${{ steps.branch.outputs.branch_name }} Base Branch: ${{ github.event.workflow_run.head_branch }} Repository: ${{ github.repository }} Error logs: ${{ toJSON(fromJSON(steps.failure_details.outputs.result).errorLogs) }} anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} claude_args: "--allowedTools 'Edit,MultiEdit,Write,Read,Glob,Grep,LS,Bash(git:*),Bash(bun:*),Bash(npm:*),Bash(npx:*),Bash(gh:*)'"