From 96d41ae8f6266dc41cc4dbee22c5e7be2ef95934 Mon Sep 17 00:00:00 2001 From: LiuVaayne <10231735+vaayne@users.noreply.github.com> Date: Fri, 5 Sep 2025 13:12:15 +0800 Subject: [PATCH] workflows: restrict Claude triggers to collaborators/members/owners and fix fork PR reviews (#9924) * workflows: restrict Claude triggers to collaborators/members/owners and fix fork PR reviews - claude.yml: gate by author_association in [COLLABORATOR, MEMBER, OWNER] - claude-code-review.yml: use pull_request_target, add pull-requests: write and id-token: write to enable OIDC + commenting on forks * fix(workflows): remove 'reopened' and 'assigned' types from triggers --- .github/workflows/claude-code-review.yml | 8 +++++--- .github/workflows/claude.yml | 22 ++++++++++++++++------ 2 files changed, 21 insertions(+), 9 deletions(-) diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml index 6e2dd2a7a7..9ff142b0df 100644 --- a/.github/workflows/claude-code-review.yml +++ b/.github/workflows/claude-code-review.yml @@ -1,7 +1,9 @@ name: Claude Code Review on: - pull_request: + # Use pull_request_target so the workflow runs in the context of the base repository. + # This allows OIDC and the ability to comment on PRs from forks safely. + pull_request_target: types: [opened, synchronize] # Optional: Only run on specific file changes # paths: @@ -21,9 +23,10 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - pull-requests: read + pull-requests: write issues: read id-token: write + actions: read steps: - name: Checkout repository @@ -51,4 +54,3 @@ jobs: # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md # or https://docs.anthropic.com/en/docs/claude-code/sdk#command-line for available options claude_args: '--allowed-tools "Bash(gh issue view:*),Bash(gh search:*),Bash(gh issue list:*),Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr list:*)"' - diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml index bdfd7fb637..ba1fcb97aa 100644 --- a/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -6,17 +6,28 @@ on: pull_request_review_comment: types: [created] issues: - types: [opened, assigned] + types: [opened] pull_request_review: types: [submitted] jobs: claude: if: | - (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) || - (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) || - (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) || - (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude'))) + (github.event_name == 'issue_comment' + && contains(github.event.comment.body, '@claude') + && contains(fromJSON('["COLLABORATOR","MEMBER","OWNER"]'), github.event.comment.author_association)) + || + (github.event_name == 'pull_request_review_comment' + && contains(github.event.comment.body, '@claude') + && contains(fromJSON('["COLLABORATOR","MEMBER","OWNER"]'), github.event.comment.author_association)) + || + (github.event_name == 'pull_request_review' + && contains(github.event.review.body, '@claude') + && contains(fromJSON('["COLLABORATOR","MEMBER","OWNER"]'), github.event.review.author_association)) + || + (github.event_name == 'issues' + && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude')) + && contains(fromJSON('["COLLABORATOR","MEMBER","OWNER"]'), github.event.issue.author_association)) runs-on: ubuntu-latest permissions: contents: read @@ -47,4 +58,3 @@ jobs: # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md # or https://docs.anthropic.com/en/docs/claude-code/sdk#command-line for available options # claude_args: '--model claude-opus-4-1-20250805 --allowed-tools Bash(gh pr:*)' -