# Claude Code Action Claude Code Action is a GitHub Action that integrates Claude AI into your GitHub workflows for automated code assistance on pull requests and issues. It enables Claude to answer questions about code, perform code reviews, implement changes, and automate various repository tasks. The action intelligently detects execution modes based on workflow context—responding to @claude mentions in interactive mode or executing automation tasks when a prompt is provided. The action supports multiple authentication methods including direct Anthropic API, Amazon Bedrock, Google Vertex AI, and Microsoft Foundry. It provides features like progress tracking with visual checkboxes, structured JSON outputs for complex automations, inline code comments, MCP (Model Context Protocol) server integration, and commit signing. All execution happens on your GitHub runner infrastructure with API calls routed to your chosen provider. ## Basic Workflow Setup Set up a workflow file to enable Claude to respond to @claude mentions in PRs and issues. ```yaml # .github/workflows/claude.yml name: Claude Code on: issue_comment: types: [created] pull_request_review_comment: types: [created] issues: types: [opened, assigned] pull_request_review: types: [submitted] jobs: claude: if: | (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) || (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) || (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) || (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude'))) runs-on: ubuntu-latest permissions: contents: write pull-requests: write issues: write id-token: write actions: read steps: - name: Checkout repository uses: actions/checkout@v6 with: fetch-depth: 1 - name: Run Claude Code uses: anthropics/claude-code-action@v1 with: anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} ``` ## Automated PR Code Review Configure Claude to automatically review every pull request when opened or updated. ```yaml name: Claude Auto Review on: pull_request: types: [opened, synchronize] jobs: review: runs-on: ubuntu-latest permissions: contents: read pull-requests: write id-token: write steps: - uses: actions/checkout@v6 with: fetch-depth: 1 - uses: anthropics/claude-code-action@v1 with: anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} prompt: | REPO: ${{ github.repository }} PR NUMBER: ${{ github.event.pull_request.number }} Please review this pull request with a focus on: - Code quality and best practices - Potential bugs or issues - Security implications - Performance considerations Use `gh pr comment` for top-level feedback. Use `mcp__github_inline_comment__create_inline_comment` to highlight specific code issues. claude_args: | --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*)" ``` ## PR Review with Progress Tracking Enable visual progress tracking with checkboxes during PR reviews using the track_progress option. ```yaml name: Claude Auto Review with Tracking on: pull_request: types: [opened, synchronize, ready_for_review, reopened] jobs: review: runs-on: ubuntu-latest permissions: contents: read pull-requests: write id-token: write steps: - uses: actions/checkout@v6 with: fetch-depth: 1 - uses: anthropics/claude-code-action@v1 with: anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} track_progress: true prompt: | REPO: ${{ github.repository }} PR NUMBER: ${{ github.event.pull_request.number }} Please review this pull request with a focus on: - Code quality and best practices - Potential bugs or issues - Security implications - Performance considerations claude_args: | --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*)" ``` ## Path-Specific Security Review Trigger Claude reviews only when critical files like authentication or API code are modified. ```yaml name: Review Critical Files on: pull_request: types: [opened, synchronize] paths: - "src/auth/**" - "src/api/**" - "config/security.yml" jobs: security-review: runs-on: ubuntu-latest permissions: contents: read pull-requests: write id-token: write steps: - uses: actions/checkout@v6 with: fetch-depth: 1 - uses: anthropics/claude-code-action@v1 with: anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} prompt: | REPO: ${{ github.repository }} PR NUMBER: ${{ github.event.pull_request.number }} This PR modifies critical authentication or API files. Please provide a security-focused review with emphasis on: - Authentication and authorization flows - Input validation and sanitization - SQL injection or XSS vulnerabilities - API security best practices claude_args: | --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*)" ``` ## Structured Outputs for Automation Use JSON schema validation to get structured outputs from Claude that can drive subsequent workflow steps. ```yaml name: Auto-Retry Flaky Tests on: workflow_run: workflows: ["CI"] types: [completed] permissions: contents: read actions: write jobs: detect-flaky: runs-on: ubuntu-latest if: ${{ github.event.workflow_run.conclusion == 'failure' }} steps: - uses: actions/checkout@v4 - name: Detect flaky test failures id: detect uses: anthropics/claude-code-action@v1 with: anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} prompt: | The CI workflow failed: ${{ github.event.workflow_run.html_url }} Check the logs: gh run view ${{ github.event.workflow_run.id }} --log-failed Determine if this looks like a flaky test failure by checking for: - Timeout errors - Race conditions - Network errors - Tests that passed in previous commits Return: - is_flaky: true if likely flaky, false if real bug - confidence: number 0-1 indicating confidence level - summary: brief one-sentence explanation claude_args: | --json-schema '{"type":"object","properties":{"is_flaky":{"type":"boolean"},"confidence":{"type":"number","minimum":0,"maximum":1},"summary":{"type":"string"}},"required":["is_flaky","confidence","summary"]}' - name: Retry flaky tests if: | fromJSON(steps.detect.outputs.structured_output).is_flaky == true && fromJSON(steps.detect.outputs.structured_output).confidence >= 0.7 env: GH_TOKEN: ${{ github.token }} run: | echo "Flaky test detected, triggering retry..." gh workflow run "${{ github.event.workflow_run.name }}" \ --ref "${{ github.event.workflow_run.head_branch }}" ``` ## Issue Auto-Triage and Labeling Automatically categorize and label new issues when they are opened. ```yaml name: Issue Triage on: issues: types: [opened] jobs: triage: runs-on: ubuntu-latest permissions: issues: write id-token: write steps: - uses: actions/checkout@v4 - uses: anthropics/claude-code-action@v1 with: anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} prompt: | REPO: ${{ github.repository }} ISSUE NUMBER: ${{ github.event.issue.number }} TITLE: ${{ github.event.issue.title }} BODY: ${{ github.event.issue.body }} Analyze this new issue and: 1. Determine if it's a bug report, feature request, or question 2. Assess priority (critical, high, medium, low) 3. Suggest appropriate labels 4. Check if it duplicates existing issues Use gh commands to search for similar issues and add labels. claude_args: | --allowedTools "Bash(gh issue:*),Bash(gh search:*),Bash(gh label:*)" ``` ## AWS Bedrock Integration Configure Claude Code Action to use Amazon Bedrock with OIDC authentication. ```yaml name: Claude with Bedrock on: issue_comment: types: [created] permissions: contents: write pull-requests: write issues: write id-token: write jobs: claude: runs-on: ubuntu-latest steps: - name: Configure AWS Credentials (OIDC) uses: aws-actions/configure-aws-credentials@v4 with: role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} aws-region: us-west-2 - name: Generate GitHub App token id: app-token uses: actions/create-github-app-token@v2 with: app-id: ${{ secrets.APP_ID }} private-key: ${{ secrets.APP_PRIVATE_KEY }} - uses: anthropics/claude-code-action@v1 with: use_bedrock: "true" github_token: ${{ steps.app-token.outputs.token }} claude_args: | --model anthropic.claude-4-0-sonnet-20250805-v1:0 ``` ## Google Vertex AI Integration Configure Claude Code Action to use Google Vertex AI with OIDC authentication. ```yaml name: Claude with Vertex AI on: issue_comment: types: [created] permissions: contents: write pull-requests: write issues: write id-token: write jobs: claude: runs-on: ubuntu-latest steps: - name: Authenticate to Google Cloud uses: google-github-actions/auth@v2 with: workload_identity_provider: ${{ secrets.GCP_WORKLOAD_IDENTITY_PROVIDER }} service_account: ${{ secrets.GCP_SERVICE_ACCOUNT }} - name: Generate GitHub App token id: app-token uses: actions/create-github-app-token@v2 with: app-id: ${{ secrets.APP_ID }} private-key: ${{ secrets.APP_PRIVATE_KEY }} - uses: anthropics/claude-code-action@v1 with: use_vertex: "true" github_token: ${{ steps.app-token.outputs.token }} claude_args: | --model claude-4-0-sonnet@20250805 ``` ## Custom MCP Server Configuration Add custom MCP servers to extend Claude's capabilities with external tools and APIs. ```yaml name: Claude with MCP Servers on: issue_comment: types: [created] jobs: claude: runs-on: ubuntu-latest permissions: contents: write pull-requests: write issues: write steps: - name: Create MCP Config run: | cat > /tmp/mcp-config.json << 'EOF' { "mcpServers": { "custom-api-server": { "command": "npx", "args": ["-y", "@example/api-server"], "env": { "API_KEY": "${{ secrets.CUSTOM_API_KEY }}", "BASE_URL": "https://api.example.com" } } } } EOF - uses: anthropics/claude-code-action@v1 with: anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} claude_args: | --mcp-config /tmp/mcp-config.json --allowedTools "mcp__custom-api-server__*" ``` ## Advanced Claude Configuration with Settings Use the settings input for complex configurations including environment variables, permissions, and hooks. ```yaml name: Claude with Advanced Settings on: pull_request: types: [opened, synchronize] jobs: review: runs-on: ubuntu-latest permissions: contents: write pull-requests: write steps: - uses: actions/checkout@v6 - uses: anthropics/claude-code-action@v1 with: anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} prompt: "Review this PR for code quality" settings: | { "model": "claude-opus-4-1-20250805", "env": { "DEBUG": "true", "NODE_ENV": "test" }, "permissions": { "allow": ["Bash", "Read", "Edit"], "deny": ["WebFetch"] }, "hooks": { "PreToolUse": [{ "matcher": "Bash", "hooks": [{ "type": "command", "command": "echo Running bash command..." }] }] } } ``` ## Commit Signing with SSH Key Enable signed commits using an SSH key for full git CLI support including rebasing and cherry-picking. ```yaml name: Claude with Signed Commits on: issue_comment: types: [created] jobs: claude: runs-on: ubuntu-latest permissions: contents: write pull-requests: write issues: write steps: - uses: actions/checkout@v6 - uses: anthropics/claude-code-action@v1 with: anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} ssh_signing_key: ${{ secrets.SSH_SIGNING_KEY }} bot_id: "12345678" bot_name: "my-bot" ``` ## Custom GitHub App Authentication Use a custom GitHub App instead of the official Claude app for complete control over permissions. ```yaml name: Claude with Custom App on: issue_comment: types: [created] jobs: claude: runs-on: ubuntu-latest permissions: contents: write pull-requests: write issues: write steps: - name: Generate GitHub App token id: app-token uses: actions/create-github-app-token@v1 with: app-id: ${{ secrets.APP_ID }} private-key: ${{ secrets.APP_PRIVATE_KEY }} - uses: anthropics/claude-code-action@v1 with: anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} github_token: ${{ steps.app-token.outputs.token }} ``` ## CI/CD Integration with Actions Access Enable Claude to access GitHub Actions workflow information for debugging CI failures. ```yaml name: Claude CI Helper on: issue_comment: types: [created] permissions: contents: write pull-requests: write issues: write actions: read jobs: claude-ci-helper: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 - uses: anthropics/claude-code-action@v1 with: anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} additional_permissions: | actions: read # Claude can now respond to "@claude why did the CI fail?" # with access to workflow runs, job logs, and test results ``` ## Action Inputs Reference Complete reference for all available action inputs with descriptions and defaults. | Input | Description | Default | |-------|-------------|---------| | `anthropic_api_key` | Anthropic API key for direct API authentication | - | | `claude_code_oauth_token` | OAuth token (alternative to API key) | - | | `prompt` | Instructions for Claude in automation mode | - | | `claude_args` | CLI arguments (--max-turns, --model, --allowedTools) | "" | | `settings` | JSON settings or path to settings file | "" | | `trigger_phrase` | Phrase to trigger Claude in comments | "@claude" | | `assignee_trigger` | Username that triggers on issue assignment | - | | `label_trigger` | Label that triggers the action | "claude" | | `track_progress` | Enable progress tracking comments | "false" | | `use_bedrock` | Use Amazon Bedrock provider | "false" | | `use_vertex` | Use Google Vertex AI provider | "false" | | `use_foundry` | Use Microsoft Foundry provider | "false" | | `github_token` | Custom GitHub token (for custom apps) | - | | `use_commit_signing` | Enable GitHub API commit signing | "false" | | `ssh_signing_key` | SSH key for git commit signing | "" | | `additional_permissions` | Extra GitHub permissions (e.g., "actions: read") | "" | | `allowed_bots` | Comma-separated bot usernames or "*" for all | "" | ## Action Outputs Reference Outputs available for use in subsequent workflow steps. ```yaml - name: Run Claude id: claude uses: anthropics/claude-code-action@v1 with: anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} - name: Use outputs run: | echo "Execution file: ${{ steps.claude.outputs.execution_file }}" echo "Branch name: ${{ steps.claude.outputs.branch_name }}" echo "Session ID: ${{ steps.claude.outputs.session_id }}" echo "Structured output: ${{ steps.claude.outputs.structured_output }}" ``` Claude Code Action is primarily designed for two main use cases: interactive code assistance where developers mention @claude in PR comments or issues to get help with code questions, reviews, and implementations; and automated workflows where Claude performs tasks like automatic PR reviews, issue triage, documentation updates, and CI failure analysis without requiring manual triggers. The action's automatic mode detection simplifies configuration—providing a prompt input activates automation mode, while omitting it enables interactive mode. Integration patterns include combining with path-specific triggers for focused reviews on critical code, using structured outputs with JSON schemas to drive conditional workflow logic, connecting to external services through MCP servers, and leveraging cloud provider authentication (Bedrock, Vertex, Foundry) for enterprise deployments. The action supports customization through the claude_args input for CLI flags and the settings input for complex configurations including environment variables, permission controls, and execution hooks.