Skip to content

[DEVEX-1523] Add shared Claude AI code review reusable workflow#121

Merged
ronneseth merged 1 commit into
mainfrom
DEVEX-1523-ai-code-reviewer-setup
May 19, 2026
Merged

[DEVEX-1523] Add shared Claude AI code review reusable workflow#121
ronneseth merged 1 commit into
mainfrom
DEVEX-1523-ai-code-reviewer-setup

Conversation

@ronneseth
Copy link
Copy Markdown
Contributor

@ronneseth ronneseth commented May 19, 2026

Summary

  • Adds claude-review.yaml reusable workflow wrapping anthropics/claude-code-action@v1
  • Reviews PRs for correctness, security vulnerabilities, data integrity risks, race conditions, and breaking API changes
  • Supports configurable model, max turns, and repo-specific review rules via inputs
  • Auto-approves low-risk changes; posts inline comments (never REQUEST_CHANGES) for concerns

JIRA: DEVEX-1523

Dependency: Merge the terraform PR first (creates the ai-reviewer team and machine user).

Made with Cursor

@cursoragent
feat(workflows): add shared Claude AI code review reusable workflow
7c1901d 
Reusable workflow wrapping anthropics/claude-code-action that reviews
PRs for correctness, security, and data integrity concerns. Supports
configurable model, max turns, and repo-specific review rules.

Co-authored-by: Cursor <cursoragent@cursor.com>
@ronneseth ronneseth requested a review from a team as a code owner May 19, 2026 18:31
@ronneseth ronneseth requested a review from aspencer May 19, 2026 18:31
@cursor
Copy link
Copy Markdown

cursor Bot commented May 19, 2026
edited
Loading

PR Summary

Medium Risk
Introduces a new GitHub Actions workflow that runs with pull-requests: write and uses external AI tooling plus injected secrets, so misconfiguration could affect PR metadata or leak tokens. No application/runtime code changes.

Overview
Adds a new reusable workflow (.github/workflows/claude-review.yaml) to run anthropics/claude-code-action@v1 on demand via workflow_call.

The workflow is configurable (model, max turns, and repo-specific appended review rules), checks out full git history, and runs with pull-requests: write so it can post reviews/comments using provided anthropic_api_key and ai_reviewer_github_token secrets.

Reviewed by Cursor Bugbot for commit 7c1901d. Bugbot is set up for automated code reviews on this repo. Configure here.

@ronneseth ronneseth merged commit ac062d1 into main May 19, 2026
2 checks passed
@ronneseth ronneseth deleted the DEVEX-1523-ai-code-reviewer-setup branch May 19, 2026 18:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aspencer aspencer Awaiting requested review from aspencer aspencer is a code owner automatically assigned from encodium/developer-experience

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ronneseth