nebari-dev · Adam-D-Lewis · Oct 29, 2025 · Oct 29, 2025 · Copilot · Oct 30, 2025
@@ -0,0 +1,71 @@
+# GitHub Automation Tools
+
+This directory contains GitHub Actions workflows that use Claude to automate various development tasks.
+
+## Available Actions
+
+### Claude PR Review (`/claude review`)
+
+Triggers an AI-powered code review on a pull request. Reviews code quality, potential bugs, security implications, and performance considerations.
+
+**Usage:** Comment `/claude review` on any pull request
+
+**Workflow file:** [workflows/claude-pr-review.yml](workflows/claude-pr-review.yml)
+
+---
+
+### Claude Issue Actions
+
+Automates bug fixes, feature implementations, and issue investigations directly from GitHub issues.
+
+**Workflow file:** `.github-issue-actions.yml` (in root directory)
-**Workflow file:** `.github-issue-actions.yml` (in root directory)
+**Workflow file:** [`.github/claude-issue-actions.yml`](claude-issue-actions.yml) (in the `.github` directory)
-**Workflow file:** `.github-issue-actions.yml` (in root directory)
+**Workflow file:** [`.github/claude-issue-actions.yml`](claude-issue-actions.yml) (in the `.github` directory)
+
+**Available commands:**
+
+#### `/claude fix`
+Creates a PR to fix a bug. Analyzes the issue, creates a fix branch, implements the fix with tests, and opens a PR.
+
+#### `/claude implement`
+Creates a PR to implement a feature. Creates a feature branch, implements following project patterns, adds tests and documentation, and opens a PR.
+
+#### `/claude investigate`
+Investigates an issue and posts detailed analysis including root cause, recommended solution, and affected files. Does not create a PR.
+
+---
+
+### Adding Custom Instructions
+
+All commands support optional custom instructions that get passed directly to Claude's prompt:
+
+```
+/claude fix
+
+Ensure backwards compatibility with Python 3.8 and add comprehensive unit tests
+```
+
+```
+/claude implement
+
+Follow the pattern used in src/services/auth.py
+```
+
+```
+/claude investigate
+
+Check for interactions with the new caching layer added in PR #123
+```
+
+Use custom instructions to specify implementation details, highlight constraints, or provide additional context.
+
+---
+
+## Requirements
+
+### Permissions
+- **Team membership**: Must be a member of the authorized team to trigger actions
+- **GitHub token permissions**: Workflows require:
+  - PR Review: `contents: read`, `pull-requests: write`, `id-token: write`
+  - Issue Actions: `contents: write`, `issues: write`, `pull-requests: write`, `id-token: write`
+
+### Secrets
+- `ANTHROPIC_API_KEY`: Required secret configured in repository settings (managed by repository administrators)
@@ -0,0 +1,44 @@
+name: 'Check Team Membership'
+description: 'Verify that the user is a member of the authorized team'
+inputs:
+  org:
+    description: 'GitHub organization name'
+    required: true
+  team:
+    description: 'Team name (slug)'
+    required: true
+  username:
+    description: 'GitHub username to check'
+    required: true
+  issue_number:
+    description: 'Issue or PR number for posting error message'
+    required: true
+  comment_type:
+    description: 'Type of comment (issue or pr)'
+    required: true
+    default: 'issue'
+  github_token:
+    description: 'GitHub token for API access'
+    required: true
+runs:
+  using: 'composite'
+  steps:
+    - name: Check team membership
+      shell: bash
+      run: |
+        TEAM_CHECK=$(gh api \
+          /orgs/${{ inputs.org }}/teams/${{ inputs.team }}/memberships/${{ inputs.username }} \
+          --silent 2>&1 || echo "not_member")
+
+        if [[ "$TEAM_CHECK" == *"not_member"* ]] || [[ "$TEAM_CHECK" == *"404"* ]]; then
+          if [[ "${{ inputs.comment_type }}" == "pr" ]]; then
+            gh pr comment ${{ inputs.issue_number }} --repo ${{ github.repository }} \
+              --body "⚠️ Only members of @${{ inputs.org }}/${{ inputs.team }} can trigger Claude actions."
+          else
+            gh issue comment ${{ inputs.issue_number }} --repo ${{ github.repository }} \
+              --body "⚠️ Only members of @${{ inputs.org }}/${{ inputs.team }} can trigger Claude actions."
+          fi
+          exit 1
+        fi
+      env:
+        GH_TOKEN: ${{ inputs.github_token }}
@@ -0,0 +1,148 @@
+name: Claude Issue Actions
+on:
+  issue_comment:
+    types: [created]
+
+jobs:
+  handle-issue:
+    if: |
+      !github.event.issue.pull_request && (
+        contains(github.event.comment.body, '/claude fix') ||
+        contains(github.event.comment.body, '/claude implement') ||
+        contains(github.event.comment.body, '/claude investigate')
+      )
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      issues: write
+      pull-requests: write
+      id-token: write
+    steps:
+      - uses: actions/checkout@v5
+
+      - name: Check team membership
+        uses: ./.github/actions/check-team-membership
+        with:
+          org: nebari-dev
+          team: Contributors
+          username: ${{ github.event.comment.user.login }}
+          issue_number: ${{ github.event.issue.number }}
+          comment_type: issue
+          github_token: ${{ github.token }}
+
+      - name: Determine action type
+        id: action_type
+        run: |
+          COMMENT="${{ github.event.comment.body }}"
+          if echo "$COMMENT" | grep -q "/claude implement"; then
+            echo "type=implement" >> $GITHUB_OUTPUT
+            echo "branch_prefix=feature" >> $GITHUB_OUTPUT
+          elif echo "$COMMENT" | grep -q "/claude investigate"; then
+            echo "type=investigate" >> $GITHUB_OUTPUT
+            echo "branch_prefix=none" >> $GITHUB_OUTPUT
+          else
+            echo "type=fix" >> $GITHUB_OUTPUT
+            echo "branch_prefix=fix" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Extract custom instructions
+        id: instructions
+        run: |
+          COMMENT="${{ github.event.comment.body }}"
+          # Extract everything after the command
+          CUSTOM_INSTRUCTIONS=$(echo "$COMMENT" | sed -n 's/.*\/claude \(fix\|implement\|investigate\)\s*//p')
+
+          if [ -z "$CUSTOM_INSTRUCTIONS" ]; then
+            echo "instructions=No additional instructions provided." >> $GITHUB_OUTPUT
+          else
+            echo "instructions<<EOF" >> $GITHUB_OUTPUT
+            echo "$CUSTOM_INSTRUCTIONS" >> $GITHUB_OUTPUT
+            echo "EOF" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Fix Bug
+        if: steps.action_type.outputs.type == 'fix'
+        uses: anthropics/claude-code-action@v1
+        with:
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          track_progress: true
+          prompt: |
+            REPO: ${{ github.repository }}
+            ISSUE: #${{ github.event.issue.number }} - ${{ github.event.issue.title }}
+            REQUESTED BY: @${{ github.event.comment.user.login }}
+
+            ISSUE DESCRIPTION:
+            ${{ github.event.issue.body }}
+
+            ADDITIONAL INSTRUCTIONS:
+            ${{ steps.instructions.outputs.instructions }}
+
+            Create a PR to fix this bug:
+
+            1. Analyze the issue and additional instructions
+            2. Create branch: "fix/issue-${{ github.event.issue.number }}-<short-desc>"
+            3. Implement the fix
+            4. Add/update tests to prevent regression
+            5. Commit: "fix: <description> (fixes #${{ github.event.issue.number }})"
+            6. Push and create PR with "Fixes #${{ github.event.issue.number }}"
+            7. Comment on the original issue with PR link
+
+          claude_args: |
+            --allowedTools "Read,Write,Edit,Bash(git:*),Bash(gh pr:*),Bash(gh issue:*),Bash(npm:*),Bash(pytest:*)"
+
+      - name: Implement Feature
+        if: steps.action_type.outputs.type == 'implement'
+        uses: anthropics/claude-code-action@v1
+        with:
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          track_progress: true
+          prompt: |
+            REPO: ${{ github.repository }}
+            ISSUE: #${{ github.event.issue.number }} - ${{ github.event.issue.title }}
+            REQUESTED BY: @${{ github.event.comment.user.login }}
+
+            FEATURE REQUEST:
+            ${{ github.event.issue.body }}
+
+            ADDITIONAL INSTRUCTIONS:
+            ${{ steps.instructions.outputs.instructions }}
+
+            Create a PR to implement this feature:
+
+            1. Analyze requirements and additional instructions
+            2. Create branch: "feature/issue-${{ github.event.issue.number }}-<short-desc>"
+            3. Implement the feature following project patterns
+            4. Add comprehensive tests
+            5. Update relevant documentation
+            6. Commit: "feat: <description> (implements #${{ github.event.issue.number }})"
+            7. Push and create PR with "Closes #${{ github.event.issue.number }}"
+            8. Comment on the original issue with PR link
+
+          claude_args: |
+            --allowedTools "Read,Write,Edit,Bash(git:*),Bash(gh pr:*),Bash(gh issue:*),Bash(npm:*),Bash(pytest:*)"
+
+      - name: Investigate Issue
+        if: steps.action_type.outputs.type == 'investigate'
+        uses: anthropics/claude-code-action@v1
+        with:
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          track_progress: true
+          prompt: |
+            REPO: ${{ github.repository }}
+            ISSUE: #${{ github.event.issue.number }} - ${{ github.event.issue.title }}
+            REQUESTED BY: @${{ github.event.comment.user.login }}
+
+            ISSUE TO INVESTIGATE:
+            ${{ github.event.issue.body }}
+
+            INVESTIGATION FOCUS:
+            ${{ steps.instructions.outputs.instructions }}
+
+            Investigate this issue and provide analysis:
+
+            1. Review the codebase to understand the issue
+            2. Consider the investigation focus provided above
+            3. Identify root cause and contributing factors
+            4. Search for similar issues or patterns in the codebase
+            5. Post a detailed comment with:
+               - **Root Cause**: What's causing this issue
-               - **Root Cause**: What's causing this issue
+               - **Root Cause**: What's causing this issue
+               - **Steps to Reproduce**: How can this issue be reliably triggered? Include any relevant commands, files, or actions.
+               - **Relevant Code References**: Point to specific files, functions, or lines of code related to the issue.
+               - **Contributing Factors**: Are there any related bugs, patterns, or technical debt that contribute to this issue?
+               - **Potential Solutions or Next Steps**: Suggest possible fixes, further areas to investigate, or questions for the team.
+               - **Additional Context**: Any other information that would help the team understand or resolve the issue.
-               - **Root Cause**: What's causing this issue
+               - **Root Cause**: What's causing this issue
+               - **Steps to Reproduce**: How can this issue be reliably triggered? Include any relevant commands, files, or actions.
+               - **Relevant Code References**: Point to specific files, functions, or lines of code related to the issue.
+               - **Contributing Factors**: Are there any related bugs, patterns, or technical debt that contribute to this issue?
+               - **Potential Solutions or Next Steps**: Suggest possible fixes, further areas to investigate, or questions for the team.
+               - **Additional Context**: Any other information that would help the team understand or resolve the issue.
@@ -0,0 +1,79 @@
+name: Claude PR Review
+on:
+  issue_comment:
+    types: [created]
+
+jobs:
+  review:
+    if: |
+      github.event.issue.pull_request &&
+      contains(github.event.comment.body, '/claude review')
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
+      id-token: write
+    steps:
+      - uses: actions/checkout@v5
+
+      - name: Check team membership
+        uses: ./.github/actions/check-team-membership
+        with:
+          org: nebari-dev
+          team: Contributors
+          username: ${{ github.event.comment.user.login }}
+          issue_number: ${{ github.event.issue.number }}
+          comment_type: pr
+          github_token: ${{ github.token }}
+
+      - name: Get PR branch
+        id: pr
+        run: |
+          PR_DATA=$(gh pr view ${{ github.event.issue.number }} --repo ${{ github.repository }} --json headRefName)
+          echo "branch=$(echo $PR_DATA | jq -r '.headRefName')" >> $GITHUB_OUTPUT
+        env:
+          GH_TOKEN: ${{ github.token }}
+
+      - name: Extract custom instructions
+        id: instructions
+        run: |
+          COMMENT="${{ github.event.comment.body }}"
+          # Extract everything after "/claude review"
+          CUSTOM_INSTRUCTIONS=$(echo "$COMMENT" | sed -n 's/.*\/claude review\s*//p')
+
+          if [ -z "$CUSTOM_INSTRUCTIONS" ]; then
+            echo "instructions=No additional instructions provided." >> $GITHUB_OUTPUT
+          else
+            echo "instructions<<EOF" >> $GITHUB_OUTPUT
+            echo "$CUSTOM_INSTRUCTIONS" >> $GITHUB_OUTPUT
+            echo "EOF" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Checkout PR branch
+        run: |
+          git fetch origin ${{ steps.pr.outputs.branch }}
+          git checkout ${{ steps.pr.outputs.branch }}
+
+      - uses: anthropics/claude-code-action@v1
+        with:
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          track_progress: true
+          prompt: |
+            REPO: ${{ github.repository }}
+            PR NUMBER: ${{ github.event.issue.number }}
+            REQUESTED BY: @${{ github.event.comment.user.login }}
+
+            ADDITIONAL INSTRUCTIONS:
+            ${{ steps.instructions.outputs.instructions }}
+
+            Review this pull request focusing on:
+            - Code quality and best practices
+            - Potential bugs or issues
+            - Security implications
+            - Performance considerations
+
+            Use inline comments for specific issues.
+            Post a summary when complete.
+
+          claude_args: |
+            --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*)"