-
-
Notifications
You must be signed in to change notification settings - Fork 11
Expand file tree
/
Copy pathaction.yml
More file actions
97 lines (92 loc) · 3.42 KB
/
action.yml
File metadata and controls
97 lines (92 loc) · 3.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
name: 'Warden'
description: 'Event-driven agent that analyzes GitHub PRs using Claude Code SDK'
author: 'Functional Software, Inc.'
branding:
icon: 'shield'
color: 'purple'
inputs:
anthropic-api-key:
description: 'Anthropic API key (sk-ant-...) or OAuth token. Can also be set via ANTHROPIC_API_KEY or CLAUDE_CODE_OAUTH_TOKEN env vars.'
required: false
github-token:
description: 'GitHub token for API access (defaults to GITHUB_TOKEN)'
required: false
default: ${{ github.token }}
config-path:
description: 'Path to warden.toml config file (relative to repo root)'
required: false
default: 'warden.toml'
fail-on:
description: 'Minimum severity level to fail the action (off, critical, high, medium, low, info). Use "off" to never fail.'
required: false
default: 'high'
report-on:
description: 'Minimum severity level to show annotations in code review (off, critical, high, medium, low, info). Use "off" to disable reporting.'
required: false
default: 'medium'
max-findings:
description: 'Maximum number of findings to report (0 for unlimited)'
required: false
default: '50'
request-changes:
description: 'Whether to use REQUEST_CHANGES review event when findings exceed fail-on threshold'
required: false
default: 'false'
fail-check:
description: 'Whether to fail the check run when findings exceed fail-on threshold'
required: false
default: 'false'
parallel:
description: 'Maximum number of concurrent trigger executions'
required: false
default: '5'
outputs:
findings-count:
description: 'Total number of findings'
value: ${{ steps.warden.outputs.findings-count }}
high-count:
description: 'Number of high severity findings'
value: ${{ steps.warden.outputs.high-count }}
summary:
description: 'Summary of the analysis'
value: ${{ steps.warden.outputs.summary }}
findings-file:
description: 'Path to structured JSON findings file (always written, use for upload to GCS/S3/etc.)'
value: ${{ steps.warden.outputs.findings-file }}
runs:
using: 'composite'
steps:
- name: Install Claude Code CLI
shell: bash
run: |
CLAUDE_CODE_VERSION="2.1.32"
echo "Installing Claude Code v${CLAUDE_CODE_VERSION}..."
for attempt in 1 2 3; do
echo "Installation attempt $attempt..."
if curl -fsSL https://claude.ai/install.sh | bash -s -- "$CLAUDE_CODE_VERSION"; then
break
fi
if [ $attempt -eq 3 ]; then
echo "Failed to install Claude Code after 3 attempts"
exit 1
fi
echo "Installation failed, retrying..."
sleep 5
done
echo "Claude Code installed successfully"
echo "$HOME/.local/bin" >> "$GITHUB_PATH"
- name: Run Warden
id: warden
shell: bash
env:
INPUT_ANTHROPIC_API_KEY: ${{ inputs.anthropic-api-key }}
INPUT_GITHUB_TOKEN: ${{ inputs.github-token }}
INPUT_CONFIG_PATH: ${{ inputs.config-path }}
INPUT_FAIL_ON: ${{ inputs.fail-on }}
INPUT_REPORT_ON: ${{ inputs.report-on }}
INPUT_MAX_FINDINGS: ${{ inputs.max-findings }}
INPUT_REQUEST_CHANGES: ${{ inputs.request-changes }}
INPUT_FAIL_CHECK: ${{ inputs.fail-check }}
INPUT_PARALLEL: ${{ inputs.parallel }}
CLAUDE_CODE_PATH: ${{ env.HOME }}/.local/bin/claude
run: node ${{ github.action_path }}/dist/action/index.js