Skip to content

[codex] Enable Claude auto review for fork PRs#251

Merged
karmachoi merged 1 commit into
Open-Quantum-Platform:mainfrom
karmachoi:codex/claude-all-pr-review
Jun 29, 2026
Merged

[codex] Enable Claude auto review for fork PRs#251
karmachoi merged 1 commit into
Open-Quantum-Platform:mainfrom
karmachoi:codex/claude-all-pr-review

Conversation

@karmachoi

@karmachoi karmachoi commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Summary

  • run the Claude automatic PR review from pull_request_target so fork PRs are reviewed too
  • keep the job advisory/non-blocking so review-token problems do not block normal CI
  • check out the trusted base commit with credentials disabled before invoking Claude

Notes

The upstream repository already has CLAUDE_CODE_OAUTH_TOKEN configured. This PR does not require adding a new secret.

Codex automatic review is separate from this workflow. Native Codex reviews are configured in Codex settings and can run automatically without adding an OPENAI_API_KEY GitHub Actions secret. @codex review remains the manual trigger for a one-off Codex review.

Validation

  • Parsed .github/workflows/claude.yml with Ruby YAML.load_file
  • Ran git diff --check
  • Confirmed the upstream repo already lists CLAUDE_CODE_OAUTH_TOKEN in GitHub Actions secrets

@karmachoi karmachoi force-pushed the codex/claude-all-pr-review branch from 91d40fc to 70a663f Compare June 29, 2026 10:11
@karmachoi karmachoi changed the title [codex] Add automatic Claude and Codex PR reviews [codex] Enable Claude auto review for fork PRs Jun 29, 2026
@karmachoi karmachoi marked this pull request as ready for review June 29, 2026 12:03
@karmachoi karmachoi merged commit f2a24c1 into Open-Quantum-Platform:main Jun 29, 2026
5 checks passed

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 70a663f0fe

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".


- name: Claude PR Review
id: claude_review
continue-on-error: true

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Add non-write-user opt-in for fork PR reviews

When this new pull_request_target path is triggered by an external fork author who lacks write access, anthropics/claude-code-action rejects the run by default unless non-write users are explicitly allowed (with the appropriate token input). Because the fork guard was removed but no allowed_non_write_users/token configuration was added, those fork PRs will just hit this now-advisory failure path and no automatic review will be posted, which defeats the stated fork-review behavior.

Useful? React with 👍 / 👎.

- name: Checkout repository
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.base.sha }}

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Check out or fetch the PR diff before review

For same-repo or otherwise allowed PRs, this now pins the workspace to the trusted base commit, but the action is running in direct-prompt agent mode and this workflow does not provide a PR-head checkout or gh pr diff/view tools for Claude to inspect the proposed changes. In that context Claude can only read the pre-PR base tree, so automatic reviews will miss or misreport issues in the actual diff.

Useful? React with 👍 / 👎.

uses: anthropics/claude-code-action@v1
with:
claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
prompt: |

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Configure PR comment posting for agent-mode reviews

On pull_request_target runs that make it past authorization, supplying a direct prompt makes anthropics/claude-code-action handle the PR in agent mode, which does not create the normal PR review/tracking comment unless commenting tools or another posting workaround are explicitly configured. As written, a successful automatic review can finish only in the workflow output instead of leaving the non-blocking PR comment requested here, so authors and reviewers will not see the review on the PR.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant