Skip to content

fix(ci): checkout pr code instead of base branch in claude review#3545

Merged
FabianKramm merged 1 commit intomainfrom
devops-501/fix-pr-checkout
Jan 30, 2026
Merged

fix(ci): checkout pr code instead of base branch in claude review#3545
FabianKramm merged 1 commit intomainfrom
devops-501/fix-pr-checkout

Conversation

@Piotr1215
Copy link
Contributor

@Piotr1215 Piotr1215 commented Jan 30, 2026

Summary

  • Fix checkout to use PR commit SHA instead of base branch HEAD
  • Add full git history fetch for diff/blame operations
  • Handle fork PRs by reconfiguring git remotes

Why

pull_request_target defaults to checking out base branch, causing Claude to review main instead of PR changes. This led to false positives where Claude flagged code that the PR itself modified.

Related PRs

  • loft-sh/vcluster-pro - same fix
  • loft-sh/loft-enterprise - same fix

Closes DEVOPS-501

github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 30, 2026
View reviewed changes
@Piotr1215 Piotr1215 force-pushed the devops-501/fix-pr-checkout branch from 513dc6a to e81bdb4 Compare January 30, 2026 08:43
@github-actions
Copy link

github-actions bot commented Jan 30, 2026

Code review

No issues found. Checked for bugs and CLAUDE.md compliance.

chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Jan 30, 2026
View reviewed changes
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 513dc6a48c

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

.github/workflows/claude-code-review.yml Outdated
Comment on lines 39 to 40
git fetch origin ${{ github.event.pull_request.head.ref }}
git checkout -B ${{ github.event.pull_request.head.ref }} origin/${{ github.event.pull_request.head.ref }}
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot Jan 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Keep checkout pinned to the event SHA

In fork PRs, this step fetches and checks out the branch ref (origin/${{ github.event.pull_request.head.ref }}) instead of the event’s head.sha, which means if the branch is updated after the event is emitted (e.g., a force‑push or new commit while the job is queued), the workflow can end up reviewing a newer commit than the one that triggered the run. That can lead to comments that don’t match the PR diff for this run; consider fetching and checking out the exact head.sha to keep the review consistent with the event payload.

Useful? React with 👍 / 👎.

@Piotr1215
fix(ci): checkout pr code instead of base branch in claude review
3091a7a 
pull_request_target defaults to checking out the base branch HEAD,
not the PR's actual code. Claude was reviewing main branch content
and flagging "missing" changes that the PR itself introduced.

Using ref: head.sha ensures we checkout the PR commit. fetch-depth: 0
provides full history for diff/blame operations. Fork handling step
configures origin correctly for external contributor PRs.

Pattern adopted from vcluster-docs/.github/workflows/claude-review.yml
Closes DEVOPS-501
@Piotr1215 Piotr1215 force-pushed the devops-501/fix-pr-checkout branch from e81bdb4 to 3091a7a Compare January 30, 2026 09:28
@Piotr1215 Piotr1215 requested a review from FabianKramm January 30, 2026 09:41
@FabianKramm FabianKramm merged commit 9501fe4 into main Jan 30, 2026
37 checks passed
@FabianKramm FabianKramm deleted the devops-501/fix-pr-checkout branch January 30, 2026 09:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

@FabianKramm FabianKramm FabianKramm approved these changes

@sydorovdmytro sydorovdmytro Awaiting requested review from sydorovdmytro sydorovdmytro is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Piotr1215 @FabianKramm