Add Claude Code action workflows for PR reviews and documentation sync (#2034)

bcotrim · web-flow · commit 1940e1847718 · 2025-11-07T16:25:11.000Z
* Add Claude Code action workflows for PR reviews and documentation sync

* Add id-token: write permission to all Claude workflows
diff --git a/.github/workflows/claude-docs-api-sync.yml b/.github/workflows/claude-docs-api-sync.yml
@@ -0,0 +1,55 @@
+name: API Documentation Sync
+
+on:
+  pull_request:
+    types: [opened, synchronize]
+    paths:
+      - 'src/ipc-handlers.ts'
+      - 'src/preload.ts'
+      - 'common/types/**/*.ts'
+
+jobs:
+  sync-api-docs:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+      id-token: write
+
+    steps:
+      - name: Checkout PR branch
+        uses: actions/checkout@v5
+        with:
+          ref: ${{ github.event.pull_request.head.ref }}
+          fetch-depth: 0
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Update API Documentation
+        uses: anthropics/claude-code-action@v1
+        with:
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          track_progress: true
+          prompt: |
+            The IPC API or type definitions have changed in this PR. Please:
+
+            1. Review the changes in:
+               - src/ipc-handlers.ts (IPC handler implementations)
+               - src/preload.ts (IPC API surface exposed to renderer)
+               - common/types/**/*.ts (TypeScript type definitions)
+
+            2. Update docs/ai-instructions.md to document:
+               - New IPC handlers or changes to existing handler signatures
+               - New type definitions or breaking changes to types
+               - Changes to the IPC communication pattern or architecture
+               - Examples of how to use new or changed APIs
+               - Any security implications of the changes
+
+            3. Ensure documentation follows the existing format in docs/ai-instructions.md's "IPC Communication Pattern" section
+
+            4. If significant changes are made, commit with message:
+               "docs: Update API documentation for IPC changes"
+
+            Only commit if documentation updates are actually needed. If changes are minor or already documented, explain why no update is needed.
+
+          claude_args: |
+            --allowedTools "Read,Write,Edit,Grep,Glob,Bash(git add:*),Bash(git commit:*),Bash(git push:*),Bash(git status:*),Bash(git diff:*)"
diff --git a/.github/workflows/claude-docs-architecture-sync.yml b/.github/workflows/claude-docs-architecture-sync.yml
@@ -0,0 +1,68 @@
+name: Architecture Documentation Sync
+
+on:
+  pull_request:
+    types: [opened, synchronize]
+    paths:
+      - 'src/lib/wordpress-provider/**/*.ts'
+      - 'src/site-server.ts'
+      - 'src/stores/**/*.ts'
+      - 'vite.*.config.ts'
+      - 'electron-forge.config.ts'
+      - 'src/index.ts'
+
+jobs:
+  sync-architecture-docs:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+      id-token: write
+
+    steps:
+      - name: Checkout PR branch
+        uses: actions/checkout@v5
+        with:
+          ref: ${{ github.event.pull_request.head.ref }}
+          fetch-depth: 0
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Update Architecture Documentation
+        uses: anthropics/claude-code-action@v1
+        with:
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          track_progress: true
+          prompt: |
+            Core architecture files have changed in this PR. Please:
+
+            1. Review changes to:
+               - WordPress providers (src/lib/wordpress-provider/**/*.ts)
+               - Site server management (src/site-server.ts)
+               - Redux stores (src/stores/**/*.ts)
+               - Build configuration (vite.*.config.ts, electron-forge.config.ts)
+               - Main process entry point (src/index.ts)
+
+            2. Update docs/ai-instructions.md if any of the following changed:
+               - New architectural patterns introduced
+               - WordPress Provider interface or implementation changes
+               - Redux store structure modifications
+               - Build configuration changes affecting development workflow
+               - New critical dependencies affecting architecture
+               - Process architecture changes (Main/Renderer/Preload)
+               - Site management patterns
+
+            3. Ensure these sections in docs/ai-instructions.md are accurate:
+               - "High-Level Architecture" diagram and description
+               - "Key Architecture Patterns" section
+               - "WordPress Provider Pattern" if providers changed
+               - "Redux Store Architecture" if stores changed
+               - "Site Management" if SiteServer changed
+               - "Build & Distribution" if build configs changed
+
+            4. If significant changes are made, commit with message:
+               "docs: Update architecture documentation"
+
+            Only commit if documentation updates are actually needed. If changes don't affect architecture documentation, explain why.
+
+          claude_args: |
+            --allowedTools "Read,Write,Edit,Grep,Glob,Bash(git add:*),Bash(git commit:*),Bash(git push:*),Bash(git status:*),Bash(git diff:*)"
diff --git a/.github/workflows/claude-docs-cli-sync.yml b/.github/workflows/claude-docs-cli-sync.yml
@@ -0,0 +1,59 @@
+name: CLI Documentation Sync
+
+on:
+  pull_request:
+    types: [opened, synchronize]
+    paths:
+      - 'cli/**/*.ts'
+
+jobs:
+  sync-cli-docs:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+      id-token: write
+
+    steps:
+      - name: Checkout PR branch
+        uses: actions/checkout@v5
+        with:
+          ref: ${{ github.event.pull_request.head.ref }}
+          fetch-depth: 0
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Update CLI Documentation
+        uses: anthropics/claude-code-action@v1
+        with:
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          track_progress: true
+          prompt: |
+            CLI commands or implementation have changed in this PR. Please:
+
+            1. Review changes in the cli/ directory:
+               - New commands added (cli/commands/**/*.ts)
+               - Changes to existing command implementations
+               - New CLI options or flags
+               - Changes to CLI entry point (cli/index.ts)
+
+            2. Update docs/ai-instructions.md to reflect:
+               - New CLI commands with syntax and examples
+               - Changes to existing command options or behavior
+               - Updated usage examples in "Common Development Commands" section
+               - New command categories if applicable
+
+            3. Ensure the CLI documentation in docs/ai-instructions.md includes:
+               - Command syntax: `npm run cli:build && node dist/cli/main.js <command>`
+               - Description of what the command does
+               - Available options and flags
+               - Usage examples
+
+            4. Verify the "Running a Single Test" or other CLI-related sections are current
+
+            5. If significant changes are made, commit with message:
+               "docs: Update CLI documentation"
+
+            Only commit if documentation updates are actually needed. If changes are internal refactoring with no user-facing impact, explain why.
+
+          claude_args: |
+            --allowedTools "Read,Write,Edit,Grep,Glob,Bash(git add:*),Bash(git commit:*),Bash(git push:*),Bash(git status:*),Bash(git diff:*)"
diff --git a/.github/workflows/claude-interactive.yml b/.github/workflows/claude-interactive.yml
@@ -0,0 +1,45 @@
+name: Claude Interactive Assistant
+
+on:
+  issue_comment:
+    types: [created]
+  pull_request_review_comment:
+    types: [created]
+  issues:
+    types: [opened, labeled]
+  pull_request:
+    types: [opened]
+  pull_request_review:
+    types: [submitted]
+
+jobs:
+  claude-assistant:
+    runs-on: ubuntu-latest
+    # Only run if @claude is mentioned or specific labels are applied
+    if: |
+      contains(github.event.comment.body, '@claude') ||
+      contains(github.event.issue.body, '@claude') ||
+      contains(github.event.pull_request.body, '@claude') ||
+      contains(github.event.review.body, '@claude') ||
+      contains(github.event.label.name, 'claude-help')
+
+    permissions:
+      contents: write
+      issues: write
+      pull-requests: write
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v5
+        with:
+          fetch-depth: 0
+
+      - name: Respond to Claude mention
+        uses: anthropics/claude-code-action@v1
+        with:
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          # No prompt = interactive mode - Claude responds to the comment/issue
+          claude_args: |
+            --allowedTools "Read,Write,Edit,Grep,Glob,Bash(npm:*),Bash(node:*),Bash(git:*),Bash(gh:*)"
+            --system-prompt "You are helping with WordPress Studio development. This is an Electron desktop app for creating and managing WordPress sites locally. Follow the coding standards and architecture patterns documented in docs/ai-instructions.md. For npm commands, use the scripts defined in package.json (npm start, npm test, npm run cli:build, etc.). Remember that the app must be compatible with both macOS and Windows environments - always consider cross-platform implications when suggesting code changes or solutions."
diff --git a/.github/workflows/claude-pr-review.yml b/.github/workflows/claude-pr-review.yml
@@ -0,0 +1,77 @@
+name: Claude PR Code Review
+
+on:
+  pull_request:
+    types: [opened, synchronize, ready_for_review, reopened]
+
+jobs:
+  code-review:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v5
+        with:
+          fetch-depth: 1
+
+      - name: Comprehensive PR Review
+        uses: anthropics/claude-code-action@v1
+        with:
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          track_progress: true
+          prompt: |
+            REPO: ${{ github.repository }}
+            PR NUMBER: ${{ github.event.pull_request.number }}
+
+            Perform a comprehensive code review for WordPress Studio, focusing on:
+
+            1. **Cross-Platform Compatibility (macOS & Windows)**
+               - Path separators: Use `path.join()` or `path.resolve()` instead of hardcoded `/` or `\`
+               - File system differences: Case sensitivity, path length limits, reserved filenames
+               - Platform-specific APIs: Check `process.platform` usage and platform guards
+               - Environment variables: HOME vs USERPROFILE, temp directories
+               - Line endings: Ensure .gitattributes handles CRLF/LF correctly
+               - Electron platform code: Verify macOS and Windows-specific implementations work correctly
+               - Testing: Flag code that needs testing on both platforms
+
+            2. **Code Quality**
+               - Clean code principles and TypeScript best practices
+               - Proper error handling and edge cases
+               - Code readability and maintainability
+               - Following patterns in docs/ai-instructions.md
+
+            3. **Security (OWASP Top 10)**
+               - SQL injection, XSS, authentication/authorization flaws
+               - Sensitive data exposure, hardcoded secrets
+               - Input validation and sanitization
+               - Electron-specific: Node integration disabled, context isolation, IPC validation, CSP
+               - External content handling security
+
+            4. **Performance**
+               - Identify potential bottlenecks
+               - Database query efficiency
+               - Memory leaks or resource issues
+               - Bundle size impact for Electron app
+
+            5. **Testing**
+               - Adequate test coverage (Jest unit tests)
+               - Test quality and edge cases
+               - Missing test scenarios
+               - E2E test considerations (Playwright)
+
+            6. **Documentation**
+               - Code properly documented
+               - docs/ai-instructions.md updates for new features or architectural changes
+               - API documentation accuracy
+               - README updates if needed
+
+            Provide detailed feedback using inline comments for specific issues.
+            Use top-level comments for general observations or praise.
+            Be thorough but constructive in your feedback.
+
+          claude_args: |
+            --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*)"
