mirror of
https://github.com/anthropics/claude-code-action.git
synced 2026-01-22 22:44:13 +08:00
23fae74fdb
* actions server * tmp * Replace view_actions_results with additional_permissions input - Changed input from boolean view_actions_results to a more flexible additional_permissions format - Uses newline-separated colon format similar to claude_env (e.g., "actions: read") - Maintains permission checking to warn users when their token lacks required permissions - Updated all tests to use the new format This allows for future extensibility while currently supporting only "actions: read" permission. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * Update GitHub Actions MCP server with RUNNER_TEMP and status filtering - Use RUNNER_TEMP environment variable for log storage directory (defaults to /tmp) - Add status parameter to get_ci_status tool to filter workflow runs - Supported statuses: completed, action_required, cancelled, failure, neutral, skipped, stale, success, timed_out, in_progress, queued, requested, waiting, pending - Pass RUNNER_TEMP from install-mcp-server.ts to the MCP server environment 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * Add GitHub Actions MCP tools to allowed tools when actions:read is granted - Automatically include github_ci MCP server tools in allowed tools list when actions:read permission is granted - Added mcp__github_ci__get_ci_status, mcp__github_ci__get_workflow_run_details, mcp__github_ci__download_job_log - Simplified permission checking to avoid duplicate parsing logic - Added tests for the new functionality This ensures Claude can use the Actions tools when the server is enabled. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * Refactor additional permissions parsing to parseGitHubContext - Moved additional permissions parsing from individual functions to centralized parseGitHubContext - Added parseAdditionalPermissions function to handle newline-separated colon format - Removed redundant additionalPermissions parameter from prepareMcpConfig - Updated tests to use permissions from context instead of passing as parameter - Added comprehensive tests for parseAdditionalPermissions function This centralizes all input parsing logic in one place for better maintainability. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * Remove unnecessary hasActionsReadPermission parameter from createPrompt - Removed hasActionsReadPermission parameter since createPrompt has access to context - Calculate hasActionsReadPermission directly from context.inputs.additionalPermissions inside createPrompt - Simplified prepare.ts by removing intermediate permission check This completes the refactoring to centralize all permission handling through the context object. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * docs: Add documentation for additional_permissions feature - Document the new additional_permissions input that replaces view_actions_results - Add dedicated section explaining CI/CD integration with actions:read permission - Include example workflow showing how to grant GitHub token permissions - Update main workflow example to show optional additional_permissions usage 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * roadmap --------- Co-authored-by: Claude <noreply@anthropic.com>
112 lines
3.6 KiB
TypeScript
112 lines
3.6 KiB
TypeScript
#!/usr/bin/env bun
|
|
|
|
/**
|
|
* Prepare the Claude action by checking trigger conditions, verifying human actor,
|
|
* and creating the initial tracking comment
|
|
*/
|
|
|
|
import * as core from "@actions/core";
|
|
import { setupGitHubToken } from "../github/token";
|
|
import { checkTriggerAction } from "../github/validation/trigger";
|
|
import { checkHumanActor } from "../github/validation/actor";
|
|
import { checkWritePermissions } from "../github/validation/permissions";
|
|
import { createInitialComment } from "../github/operations/comments/create-initial";
|
|
import { setupBranch } from "../github/operations/branch";
|
|
import { updateTrackingComment } from "../github/operations/comments/update-with-branch";
|
|
import { prepareMcpConfig } from "../mcp/install-mcp-server";
|
|
import { createPrompt } from "../create-prompt";
|
|
import { createOctokit } from "../github/api/client";
|
|
import { fetchGitHubData } from "../github/data/fetcher";
|
|
import { parseGitHubContext } from "../github/context";
|
|
|
|
async function run() {
|
|
try {
|
|
// Step 1: Setup GitHub token
|
|
const githubToken = await setupGitHubToken();
|
|
const octokit = createOctokit(githubToken);
|
|
|
|
// Step 2: Parse GitHub context (once for all operations)
|
|
const context = parseGitHubContext();
|
|
|
|
// Step 3: Check write permissions
|
|
const hasWritePermissions = await checkWritePermissions(
|
|
octokit.rest,
|
|
context,
|
|
);
|
|
if (!hasWritePermissions) {
|
|
throw new Error(
|
|
"Actor does not have write permissions to the repository",
|
|
);
|
|
}
|
|
|
|
// Step 4: Check trigger conditions
|
|
const containsTrigger = await checkTriggerAction(context);
|
|
|
|
if (!containsTrigger) {
|
|
console.log("No trigger found, skipping remaining steps");
|
|
return;
|
|
}
|
|
|
|
// Step 5: Check if actor is human
|
|
await checkHumanActor(octokit.rest, context);
|
|
|
|
// Step 6: Create initial tracking comment
|
|
const commentId = await createInitialComment(octokit.rest, context);
|
|
|
|
// Step 7: Fetch GitHub data (once for both branch setup and prompt creation)
|
|
const githubData = await fetchGitHubData({
|
|
octokits: octokit,
|
|
repository: `${context.repository.owner}/${context.repository.repo}`,
|
|
prNumber: context.entityNumber.toString(),
|
|
isPR: context.isPR,
|
|
triggerUsername: context.actor,
|
|
});
|
|
|
|
// Step 8: Setup branch
|
|
const branchInfo = await setupBranch(octokit, githubData, context);
|
|
|
|
// Step 9: Update initial comment with branch link (only for issues that created a new branch)
|
|
if (branchInfo.claudeBranch) {
|
|
await updateTrackingComment(
|
|
octokit,
|
|
context,
|
|
commentId,
|
|
branchInfo.claudeBranch,
|
|
);
|
|
}
|
|
|
|
// Step 10: Create prompt file
|
|
await createPrompt(
|
|
commentId,
|
|
branchInfo.baseBranch,
|
|
branchInfo.claudeBranch,
|
|
githubData,
|
|
context,
|
|
);
|
|
|
|
// Step 11: Get MCP configuration
|
|
const additionalMcpConfig = process.env.MCP_CONFIG || "";
|
|
const mcpConfig = await prepareMcpConfig({
|
|
githubToken,
|
|
owner: context.repository.owner,
|
|
repo: context.repository.repo,
|
|
branch: branchInfo.currentBranch,
|
|
additionalMcpConfig,
|
|
claudeCommentId: commentId.toString(),
|
|
allowedTools: context.inputs.allowedTools,
|
|
context,
|
|
});
|
|
core.setOutput("mcp_config", mcpConfig);
|
|
} catch (error) {
|
|
const errorMessage = error instanceof Error ? error.message : String(error);
|
|
core.setFailed(`Prepare step failed with error: ${errorMessage}`);
|
|
// Also output the clean error message for the action to capture
|
|
core.setOutput("prepare_error", errorMessage);
|
|
process.exit(1);
|
|
}
|
|
}
|
|
|
|
if (import.meta.main) {
|
|
run();
|
|
}
|