Skip to content

feat: integrate ACL file with Claude Code Action allowed_users #261

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
kami619 wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

feat: integrate ACL file with Claude Code Action allowed_users #261

kami619 wants to merge 1 commit into from

Conversation

@kami619
Copy link
Contributor

@kami619 kami619 commented Jan 15, 2026

  • Add 'Read ACL configuration' step to parse .github/agentready-acl.yml
  • Pass allowed_users to all 6 Claude Code Action invocations
  • Users in ACL can trigger agent without write permissions
  • Users with write permissions still work (additive, not restrictive)
  • Graceful fallback if ACL file is missing or unreadable

Fixes permission errors for external contributors listed in ACL.

Description

Type of Change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation update
  • Refactoring (no functional changes)
  • Performance improvement
  • Test coverage improvement

Related Issues

NA

Changes Made

Branch: feat/acl-integration-claude-code-action

File modified: .github/workflows/agentready-dev-issue-pr.yml (+33 lines)

1. Added "Read ACL configuration" step

Reads .github/agentready-acl.yml and extracts the list of authorized users. This step fetches the ACL file via GitHub API, extracts usernames, and outputs a comma-separated list.

2. Updated all 6 Claude Code Action invocations

Added allowed_users: ${{ steps.read-acl.outputs.allowed_users }} to:

  • Analyze issue and determine action
  • Self-review issue analysis
  • Review draft PR code
  • Self-review the PR code
  • Handle ad-hoc analysis request
  • Self-review ad-hoc analysis

Authorization Model

User Type Write Permission In ACL Can Trigger
Maintainer Yes No Yes
Maintainer Yes Yes Yes
External contributor No Yes Yes
Random user No No No

Testing

  • Unit tests pass (pytest)
  • Integration tests pass
  • Manual testing performed
  • No new warnings or errors

Checklist

  • My code follows the project's code style
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • Any dependent changes have been merged and published

Screenshots (if applicable)

Additional Notes

Still testing this on my fork.

@kami619
feat: integrate ACL file with Claude Code Action allowed_users
e99b634 
- Add 'Read ACL configuration' step to parse .github/agentready-acl.yml
- Pass allowed_users to all 6 Claude Code Action invocations
- Users in ACL can trigger agent without write permissions
- Users with write permissions still work (additive, not restrictive)
- Graceful fallback if ACL file is missing or unreadable

Fixes permission errors for external contributors listed in ACL.
@github-actions
Copy link
Contributor

github-actions bot commented Jan 15, 2026

📈 Test Coverage Report

Branch Coverage
This PR 62.3%
Main 62.3%
Diff ✅ +0%

Coverage calculated from unit tests only

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kami619