Pin dependencies #169
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Triage Issue | |
| on: | |
| issues: | |
| types: [opened] | |
| workflow_dispatch: | |
| inputs: | |
| issue_number: | |
| description: 'Issue number (e.g., 1234)' | |
| required: true | |
| type: number | |
| # Per-issue concurrency to prevent duplicate analysis | |
| concurrency: | |
| group: triage-issue-${{ github.event.issue.number || github.event.inputs.issue_number }} | |
| cancel-in-progress: false | |
| jobs: | |
| triage-issue: | |
| runs-on: ubuntu-latest | |
| environment: ci-triage | |
| permissions: | |
| contents: read | |
| issues: read | |
| pull-requests: read | |
| id-token: write | |
| # Only run for Bug or Feature issues (automatic mode) | |
| if: | | |
| github.event_name == 'workflow_dispatch' || | |
| contains(github.event.issue.labels.*.name, 'Bug') || | |
| contains(github.event.issue.labels.*.name, 'Feature') | |
| steps: | |
| - name: Parse issue number | |
| id: parse-issue | |
| env: | |
| EVENT_NAME: ${{ github.event_name }} | |
| EVENT_ISSUE_NUMBER: ${{ github.event.issue.number }} | |
| INPUT_ISSUE_NUMBER: ${{ github.event.inputs.issue_number }} | |
| run: | | |
| if [ "$EVENT_NAME" = "issues" ]; then | |
| ISSUE_NUM="$EVENT_ISSUE_NUMBER" | |
| else | |
| ISSUE_NUM="$INPUT_ISSUE_NUMBER" | |
| fi | |
| echo "issue_number=$ISSUE_NUM" >> "$GITHUB_OUTPUT" | |
| echo "Processing issue #$ISSUE_NUM in CI mode" | |
| - name: Checkout repository | |
| uses: actions/checkout@v6 | |
| with: | |
| ref: develop | |
| - name: Run Claude triage | |
| id: triage | |
| uses: anthropics/claude-code-action@v1 | |
| with: | |
| anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| allowed_non_write_users: '*' | |
| settings: | | |
| { | |
| "env": { | |
| "LINEAR_CLIENT_ID": "${{ secrets.LINEAR_CLIENT_ID }}", | |
| "LINEAR_CLIENT_SECRET": "${{ secrets.LINEAR_CLIENT_SECRET }}" | |
| } | |
| } | |
| prompt: | | |
| /triage-issue ${{ steps.parse-issue.outputs.issue_number }} --ci | |
| IMPORTANT: Do NOT wait for approval. | |
| Do NOT write to `/tmp/` or any other directory. Only write files (e.g. triage_report.md) inside the workspace (repo root). | |
| Do NOT use Bash redirection (> file)—it is blocked. | |
| Do NOT use `python3 -c` or other inline Python in Bash, only the provided scripts are allowed. | |
| Do NOT attempt to delete (`rm`) temporary files you create. | |
| claude_args: | | |
| --max-turns 50 --allowedTools "Write,Bash(gh api *),Bash(gh pr list *),Bash(npm info *),Bash(npm ls *),Bash(python3 .claude/skills/triage-issue/scripts/post_linear_comment.py *),Bash(python3 .claude/skills/triage-issue/scripts/parse_gh_issues.py *),Bash(python3 .claude/skills/triage-issue/scripts/detect_prompt_injection.py *),Bash(python3 .claude/skills/triage-issue/scripts/write_job_summary.py *)" | |
| - name: Post triage job summary | |
| if: always() | |
| run: | | |
| EXEC_FILE="${{ steps.triage.outputs.execution_file }}" | |
| if [ -z "$EXEC_FILE" ] || [ ! -f "$EXEC_FILE" ]; then | |
| EXEC_FILE="${RUNNER_TEMP}/claude-execution-output.json" | |
| fi | |
| if [ ! -f "$EXEC_FILE" ]; then | |
| EXEC_FILE="${GITHUB_WORKSPACE}/../../_temp/claude-execution-output.json" | |
| fi | |
| if [ -f "$EXEC_FILE" ]; then | |
| python3 .claude/skills/triage-issue/scripts/write_job_summary.py "$EXEC_FILE" >> "$GITHUB_STEP_SUMMARY" | |
| else | |
| echo "## Claude Triage Run" >> "$GITHUB_STEP_SUMMARY" | |
| echo "" >> "$GITHUB_STEP_SUMMARY" | |
| echo "No execution output file found. Run may have been skipped or failed before writing output." >> "$GITHUB_STEP_SUMMARY" | |
| fi |