Create a Claude comment workflow (#457)

* Create a Claude comment workflow to allow teammates to interact with Claude via comments and issues.

Author: theMickster

.github/workflows/respond.yml

@@ -0,0 +1,119 @@
+name: Claude Review
+
+on:
+  issue_comment:
+    types: [created]
+  pull_request_review_comment:
+    types: [created]
+  issues:
+    types: [opened, assigned]
+  pull_request_review:
+    types: [submitted]
+
+jobs:
+  validation:
+    name: Validation
+    runs-on: ubuntu-24.04
+    permissions:
+      contents: read
+    outputs:
+      should_comment: ${{ steps.validate.outputs.should_comment }}
+
+    steps:
+      - name: Check GitHub event
+        id: check-github-event
+        env:
+          _EVENT_NAME: ${{ github.event_name }}
+          _COMMENT_BODY: ${{ github.event.comment.body }}
+          _REVIEW_BODY: ${{ github.event.review.body }}
+          _ISSUE_BODY: ${{ github.event.issue.body }}
+        run: |
+          # Check if @claude is mentioned in the event
+          MENTIONED=false
+
+          if [ "$_EVENT_NAME" == "issue_comment" ] && echo "$_COMMENT_BODY" | grep -qF "@claude"; then
+            MENTIONED=true
+          elif [ "$_EVENT_NAME" == "pull_request_review_comment" ] && echo "$_COMMENT_BODY" | grep -qF "@claude"; then
+            MENTIONED=true
+          elif [ "$_EVENT_NAME" == "pull_request_review" ] && echo "$_REVIEW_BODY" | grep -qF "@claude"; then
+            MENTIONED=true
+          elif [ "$_EVENT_NAME" == "issues" ] && echo "$_ISSUE_BODY" | grep -qF "@claude"; then
+            MENTIONED=true
+          fi
+
+          if [ "$MENTIONED" = "true" ]; then
+            echo "claude_mentioned=true" >> $GITHUB_OUTPUT
+            echo "✅ Validation: @claude mentioned in event"
+          else
+            echo "claude_mentioned=false" >> $GITHUB_OUTPUT
+            echo "⏭️  Validation: @claude not mentioned - skipping"
+          fi
+
+      - name: Check for Azure credentials
+        id: check-azure-secret
+        env:
+          _AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          _AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
+          _AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
+        run: |
+          if [ -n "$_AZURE_SUBSCRIPTION_ID" ] && [ -n "$_AZURE_TENANT_ID" ] && [ -n "$_AZURE_CLIENT_ID" ]; then
+            echo "credentials_valid=true" >> $GITHUB_OUTPUT
+            echo "✅ Validation: Azure credentials available"
+          else
+            echo "credentials_valid=false" >> $GITHUB_OUTPUT
+            echo "⚠️  Validation: Azure credentials not available"
+            echo "This is expected for external contributors or forks"
+          fi
+
+      - name: Set validation result
+        id: validate
+        run: |
+          if [ "${{ steps.check-github-event.outputs.claude_mentioned }}" == "true" ] && \
+             [ "${{ steps.check-azure-secret.outputs.credentials_valid }}" == "true" ]; then
+            echo "should_comment=true" >> $GITHUB_OUTPUT
+            echo "✅ Validation passed - comment will proceed"
+          else
+            echo "should_comment=false" >> $GITHUB_OUTPUT
+            echo "⚠️  Validation failed - comment will be skipped"
+          fi
+
+  comment:
+    name: Claude comment
+    runs-on: ubuntu-24.04
+    needs: validation
+    if: needs.validation.outputs.should_comment == 'true'
+    permissions:
+      contents: write
+      pull-requests: write
+      issues: write
+      id-token: write
+      actions: read
+
+    steps:
+      - name: Check out repo
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          fetch-depth: 1
+
+      - name: Log in to Azure
+        uses: bitwarden/gh-actions/azure-login@main
+        with:
+          subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          tenant_id: ${{ secrets.AZURE_TENANT_ID }}
+          client_id: ${{ secrets.AZURE_CLIENT_ID }}
+
+      - name: Get Azure Key Vault secrets
+        id: get-kv-secrets
+        uses: bitwarden/gh-actions/get-keyvault-secrets@main
+        with:
+          keyvault: gh-org-bitwarden
+          secrets: "ANTHROPIC-API-KEY"
+
+      - name: Log out from Azure
+        uses: bitwarden/gh-actions/azure-logout@main
+
+      - name: Run Claude Code
+        id: claude
+        uses: anthropics/claude-code-action@e8bad572273ce919ba15fec95aef0ce974464753 # v1.0.13
+        with:
+          anthropic_api_key: ${{ steps.get-kv-secrets.outputs.ANTHROPIC-API-KEY }}