diff options
| author | Harsh Aggarwal (NVIDIA) <haaggarwal@nvidia.com> | 2025-08-05 19:28:55 +0530 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-08-05 13:58:55 +0000 |
| commit | 2d775b54d2ab7772785c2196075d4c7c174407ab (patch) | |
| tree | a1204b30debeabe30e61a1cc7533d94eda95b904 /.github/workflows | |
| parent | 9a16700e858fc0379e551ab72188eb63a54ad3f1 (diff) | |
Bring back hooks for auto formatting and ensure build works (#7811)
* Claude code : refactor and improve stability by using hooks
* format code (#27)
Co-authored-by: slangbot <186143334+slangbot@users.noreply.github.com>
---------
Co-authored-by: szihs <675653+szihs@users.noreply.github.com>
Co-authored-by: slangbot <ellieh+slangbot@nvidia.com>
Co-authored-by: slangbot <186143334+slangbot@users.noreply.github.com>
Diffstat (limited to '.github/workflows')
| -rw-r--r-- | .github/workflows/claude.yml | 288 |
1 files changed, 46 insertions, 242 deletions
diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml index c2e0fb68e..f4bb58610 100644 --- a/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -44,173 +44,60 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 with: - submodules: "recursive" - fetch-depth: 2 # fetch minimal history for git context + fetch-depth: 0 + submodules: false + + - name: Checkout of submodules + run: git submodule update --init --recursive --depth=1 - name: Format Setup and Environment Preparation uses: ./.github/actions/format-setup - - name: Setup Environment Dependencies - run: | - set -euo pipefail - echo "๐๏ธ Setting up environment dependencies..." - - sudo apt-get update - sudo apt-get install -y libx11-dev - - # Configure and build the project - cmake --preset default --fresh - cmake --workflow --preset debug - - echo "โ
Environment setup completed" - - # Validate environment and dependencies - - name: Validate Environment - run: | - set -euo pipefail - - # Check required secrets - if [ -z "${{ secrets.LLMGW_ID }}" ] || [ -z "${{ secrets.LLMGW_SECRET }}" ] || [ -z "${{ secrets.LLMGW_TOKEN_URL }}" ]; then - echo "::error::Missing required secrets: LLMGW_ID or LLMGW_SECRET or LLMGW_TOKEN_URL" - exit 1 - fi - - # Install required tools - command -v jq >/dev/null 2>&1 || { echo "::error::jq is required but not installed"; exit 1; } - command -v curl >/dev/null 2>&1 || { echo "::error::curl is required but not installed"; exit 1; } - - echo "โ
Environment validation passed" - - # Generate custom auth token and set as environment variable - - name: Generate Custom Auth Token - id: auth-token - env: - LLMGW_TOKEN_URL: ${{ secrets.LLMGW_TOKEN_URL }} - run: | - set -euo pipefail - - echo "๐ Generating authentication token..." - - # Set up error handling - cleanup() { - local exit_code=$? - echo "๐งน Cleaning up temporary files..." - rm -f /tmp/token_response.json 2>/dev/null || true - if [ $exit_code -ne 0 ]; then - echo "::error::Authentication failed - check your credentials and endpoint" - fi - exit $exit_code - } - trap cleanup EXIT - - # Generate token with comprehensive error handling - HTTP_CODE=$(curl -s -w "%{http_code}" -o /tmp/token_response.json --fail-with-body \ - --max-time 30 \ - --retry 3 \ - --retry-delay 2 \ - --location "${{ env.LLMGW_TOKEN_URL }}" \ - --header 'Content-Type: application/x-www-form-urlencoded' \ - --header "Authorization: Basic $(echo -n ${{ secrets.LLMGW_ID }}:${{ secrets.LLMGW_SECRET }} | base64 -w0)" \ - --data-urlencode 'grant_type=client_credentials' \ - --data-urlencode 'scope=awsanthropic-readwrite azureopenai-readwrite' \ - 2>/dev/null) - - # Check HTTP response code - if [ "$HTTP_CODE" -ne 200 ]; then - echo "::error::Authentication failed with HTTP code: $HTTP_CODE" - if [ -f /tmp/token_response.json ]; then - echo "::error::Response: $(cat /tmp/token_response.json | head -c 200)" - fi - exit 1 - fi - - # Extract and validate token - if [ ! -f /tmp/token_response.json ]; then - echo "::error::No response file generated" - exit 1 - fi - - ANTHROPIC_AUTH_TOKEN=$(jq -r '.access_token // empty' /tmp/token_response.json 2>/dev/null) - - # Validate token format and length - if [ -z "$ANTHROPIC_AUTH_TOKEN" ] || [ "$ANTHROPIC_AUTH_TOKEN" = "null" ]; then - echo "::error::Failed to extract access token from response" - exit 1 - fi - - # Basic token validation - if [ ${#ANTHROPIC_AUTH_TOKEN} -lt 10 ]; then - echo "::error::Token appears to be too short (${#ANTHROPIC_AUTH_TOKEN} characters)" - exit 1 - fi - - # CRITICAL: Mask the token BEFORE any output - echo "::add-mask::$ANTHROPIC_AUTH_TOKEN" - - # Set as environment variable for subsequent steps - echo "ANTHROPIC_AUTH_TOKEN=$ANTHROPIC_AUTH_TOKEN" >> $GITHUB_ENV - - # Set token expiry if available - TOKEN_EXPIRES=$(jq -r '.expires_in // empty' /tmp/token_response.json 2>/dev/null) - if [ -n "$TOKEN_EXPIRES" ]; then - echo "::add-mask::$TOKEN_EXPIRES" - echo "token-expires=$TOKEN_EXPIRES" >> $GITHUB_OUTPUT - fi - - echo "โ
Authentication token generated and masked successfully" + # Complete Claude execution with authentication, setup, and execution + - name: Run Claude Code + id: claude + uses: ./.github/actions/claude-code-runner + with: + # Authentication (these secrets must be configured in your repository) + llmgw-id: ${{ secrets.LLMGW_ID }} + llmgw-secret: ${{ secrets.LLMGW_SECRET }} + llmgw-token-url: ${{ secrets.LLMGW_TOKEN_URL }} + github-token-fallback: ${{ secrets.GITHUB_TOKEN }} - # Clean up response file - rm -f /tmp/token_response.json + # Repository-specific setup + setup-commands: | + set -euo pipefail + echo "๐๏ธ Setting up environment dependencies..." - # Generate GitHub App token for better GitHub API access - - name: Generate GitHub App Token - id: github-token - uses: actions/create-github-app-token@v1 - with: - app-id: ${{ secrets.APP_ID }} - private-key: ${{ secrets.APP_PRIVATE_KEY }} - continue-on-error: true + sudo apt-get update + sudo apt-get install -y libx11-dev - # Set up fallback authentication - - name: Configure Authentication - id: auth-config - run: | - set -euo pipefail + # Configure and build the project + cmake --preset default --fresh + cmake --workflow --preset debug - # Use GitHub App token if available, otherwise use GITHUB_TOKEN - if [ -n "${{ steps.github-token.outputs.token }}" ]; then - echo "github-token=${{ steps.github-token.outputs.token }}" >> $GITHUB_OUTPUT - echo "โ
Using GitHub App authentication" - else - echo "github-token=${{ secrets.GITHUB_TOKEN }}" >> $GITHUB_OUTPUT - echo "โ ๏ธ Using fallback GITHUB_TOKEN authentication" - fi + echo "โ
Environment setup completed" - # Run Claude Code Action with optimized environment variables - - name: Execute Claude Code Action # Right now direct prompt to automatic PR Review - id: claude-action - uses: anthropics/claude-code-action@v0.0.38 - with: - # Direct Prompt is for testing. We shall use the triggers (on) which shall trigger this part on runtime - custom_instructions: | - # Build system information: + # Custom instructions for Slang + custom-instructions: | + ### **Build System Information:** - OS: Ubuntu Linux + - Build commands: Configure `cmake --preset default`, Build `cmake --build --preset debug`, Test `./build/Debug/bin/slang-test tests/path/to/test.slang` - Project is pre-built and ready for development tasks - - See CLAUDE.md for detailed build, test, and formatting instructions - # CRITICAL: You have access to the mcp__deepwiki__ask_question tool for deep repository knowledge. + ### **IMPORTANT: Deep Repository Knowledge & Debugging** + **Repository Knowledge Tool**: Use `mcp__deepwiki__ask_question` with repoName "shader-slang/slang" for architectural insights and implementation patterns. - **How to use this tool effectively:** - - Use repoName: "shader-slang/slang" for all queries - - Ask specific technical questions about architecture, patterns, or implementation approaches - - Examples: "What does the type legalization pass do?" or "What's the pattern for adding new code generation targets?" - - Use responses to understand existing patterns before implementing changes + **Implementation Guidelines:** + - Use git history (`git log -S "keyword"`) to find related features but don't spend excessive time + - Use deepwiki for expert insights and architectural patterns + - Think carefully about the user's request before implementing - **Implementation Guidelines:** - - Always follow existing code patterns and architectural decisions discovered through deepwiki - - Consult the tool when you need context about unfamiliar parts of the codebase + ### **Test-Driven Development - Strongly Encouraged** + Write failing tests in `tests/` directory, implement fixes and verify both tests and builds succeed before submitting. - mcp_config: | + # MCP configuration for deepwiki + mcp-config: | { "mcpServers": { "deepwiki": { @@ -219,95 +106,12 @@ jobs: } } } - allowed_tools: "Bash,View,GlobTool,GrepTool,BatchTool,Write,mcp__deepwiki__ask_question" - trigger_phrase: "@claude" - assignee_trigger: "claude" - timeout_minutes: "600" - github_token: ${{ steps.auth-config.outputs.github-token }} - use_bedrock: "true" - model: ${{ vars.ANTHROPIC_MODEL }} - max_turns: "50000" - # Use claude_env for custom environment variables - claude_env: | - ANTHROPIC_BEDROCK_BASE_URL: ${{ vars.ANTHROPIC_BEDROCK_BASE_URL }} - ANTHROPIC_SMALL_FAST_MODEL: ${{ vars.ANTHROPIC_SMALL_FAST_MODEL }} - AWS_REGION: ${{ vars.AWS_REGION }} - GITHUB_REPOSITORY: ${{ github.repository }} - GITHUB_EVENT_NAME: ${{ github.event_name }} - GITHUB_ACTOR: ${{ github.actor }} - ANTHROPIC_AUTH_TOKEN: ${{ env.ANTHROPIC_AUTH_TOKEN }} - DISABLE_TELEMETRY: 1 - - # The ANTHROPIC_API_KEY environment variable is automatically picked up - continue-on-error: true - - # Handle action results and errors - - name: Handle Action Results - if: always() - run: | - set -euo pipefail - - # Check if Claude action succeeded - if [ "${{ steps.claude-action.outcome }}" = "success" ]; then - echo "โ
Claude Code action completed successfully" - - # Optional: Add success comment to PR/issue - if [ -n "${{ github.event.issue.number || github.event.pull_request.number }}" ]; then - echo "Claude has successfully processed your request! ๐" >> /tmp/comment.md - echo "<!-- Claude-success -->" >> /tmp/comment.md - fi - - elif [ "${{ steps.claude-action.outcome }}" = "failure" ]; then - echo "โ Claude Code action failed" - # Create error comment for debugging - cat > /tmp/error_comment.md << 'EOF' - ## Claude Code Action Failed โ - - The Claude Code action encountered an error. This could be due to: - - Network connectivity issues - - Authentication problems - - Model availability issues - - Rate limiting - - Please check the workflow logs for more details and try again. - - <!-- Claude-error --> - EOF - - else - echo "โ ๏ธ Claude Code action was cancelled or skipped" - fi - - # Security cleanup - - name: Security Cleanup - if: always() - run: | - set -euo pipefail - - echo "๐งน Performing security cleanup..." - - # Clear any temporary files that might contain sensitive data - find /tmp -name "*token*" -type f -delete 2>/dev/null || true - find /tmp -name "*auth*" -type f -delete 2>/dev/null || true - find /tmp -name "*response*" -type f -delete 2>/dev/null || true - - # Clear environment variables (belt and suspenders approach) - unset ANTHROPIC_API_KEY 2>/dev/null || true - unset ANTHROPIC_AUTH_TOKEN 2>/dev/null || true - - echo "โ
Security cleanup completed" + # Advanced configuration (using repository variables) + model: ${{ vars.ANTHROPIC_MODEL }} + aws-region: ${{ vars.AWS_REGION }} + bedrock-base-url: ${{ vars.ANTHROPIC_BEDROCK_BASE_URL }} + small-fast-model: ${{ vars.ANTHROPIC_SMALL_FAST_MODEL }} - # Workflow summary - - name: Workflow Summary - if: always() - run: | - echo "## Claude Code Workflow Summary" >> $GITHUB_STEP_SUMMARY - echo "- **Trigger**: ${{ github.event_name }}" >> $GITHUB_STEP_SUMMARY - echo "- **Repository**: ${{ github.repository }}" >> $GITHUB_STEP_SUMMARY - echo "- **Actor**: ${{ github.actor }}" >> $GITHUB_STEP_SUMMARY - echo "- **Auth Token**: โ
Generated" >> $GITHUB_STEP_SUMMARY - echo "- **GitHub Token**: ${{ steps.github-token.outcome == 'success' && 'โ
GitHub App' || 'โ ๏ธ Fallback' }}" >> $GITHUB_STEP_SUMMARY - echo "- **Claude Action**: ${{ steps.claude-action.outcome == 'success' && 'โ
Success' || 'โ Failed' }}" >> $GITHUB_STEP_SUMMARY - echo "- **Model Used**: ${{ vars.ANTHROPIC_MODEL || 'default' }}" >> $GITHUB_STEP_SUMMARY - echo "- **Workflow Status**: ${{ job.status }}" >> $GITHUB_STEP_SUMMARY + # Additional tools for deepwiki + allowed-tools: "Bash,View,GlobTool,GrepTool,BatchTool,Write,mcp__deepwiki__ask_question" |
