A GitHub Actions workflow that provides AI-powered code reviews using Claude via Amazon Bedrock. Automatically analyze pull requests and provide intelligent feedback when triggered by mentioning @claude in PR comments or descriptions.
- AI-Powered Code Reviews: Leverages Claude AI through Amazon Bedrock for intelligent code analysis
- Inline Comments: Provides line-specific feedback directly in GitHub pull requests
- Customizable Instructions: Support for custom review instructions tailored to your project
- File Filtering: Ability to exclude specific files or directories from review
- Clean PR Experience: Automatically hides outdated bot reviews to keep PRs focused
- OIDC Authentication: Secure AWS authentication without long-lived credentials
- Trigger-Based: Only runs when explicitly requested via
@claudementions
Add this reusable workflow to your repository by creating a new workflow file (e.g., .github/workflows/claude-code-review.yml):
name: Claude Code PR Review
on:
issue_comment:
types: [ created ]
pull_request_review_comment:
types: [ created ]
pull_request_review:
types: [ submitted ]
jobs:
claude-review:
uses: auth0/auth0-ai-pr-analyzer-gh-action/.github/workflows/claude-code-review.yml@mainOnce the workflow is set up, simply mention @claude in:
- Pull request descriptions
- PR comments
- Review comments
The AI will analyze the code changes and provide intelligent feedback.
jobs:
claude-review:
uses: auth0/auth0-ai-pr-analyzer-gh-action/.github/workflows/claude-code-review.yml@main
with:
custom_review_instructions: |
When reviewing code changes, please:
- Focus on Go best practices and idioms
- Check for proper error handling patterns
- Verify context usage in long-running operations
- Review goroutine and channel usage for race conditions
- Check for proper resource cleanup (defer statements)For comprehensive project context and review instructions, we recommend creating a CLAUDE.md file in your repository root instead of using custom_review_instructions. This approach provides better organization and maintainability of your AI assistant context.
For a basic setup without any custom parameters:
jobs:
claude-review:
uses: auth0/auth0-ai-pr-analyzer-gh-action/.github/workflows/claude-code-review.yml@mainBy default, vendor and dist directories, and package-lock.json files are ignored from the review.
You can prevent the reviewer from reading specific files and directories by using the disallowed_tools parameter with the Read() syntax:
jobs:
claude-review:
uses: auth0/auth0-ai-pr-analyzer-gh-action/.github/workflows/claude-code-review.yml@main
with:
disallowed_tools: |
Read(build)
Read(__pycache__)Allow additional tools:
jobs:
claude-review:
uses: auth0/auth0-ai-pr-analyzer-gh-action/.github/workflows/claude-code-review.yml@main
with:
allowed_tools: "Bash(npm:*),Bash(yarn:*)"You can also use wildcards with the star symbol:
jobs:
claude-review:
uses: auth0/auth0-ai-pr-analyzer-gh-action/.github/workflows/claude-code-review.yml@main
with:
disallowed_tools: |
Read(*_mock.go)
Read(*.pb.go)
Read(*.generated.ts)For more information on using the disallowed_tools parameter, check the Claude Code documentation.
We appreciate feedback and contribution to this repo! Before you get started, please read the following:
- Auth0's general contribution guidelines
- Auth0's code of conduct guidelines
- This repo's contribution guide
To provide feedback or report a bug, please raise an issue on our issue tracker.
Auth0 is an easy to implement, adaptable authentication and authorization platform. To learn more checkout Why Auth0?
This project is licensed under the Apache 2.0 license. See the LICENSE file for more info.