Skip to content

Fix Claude Code Review workflow permissions#111

Merged
justin808 merged 1 commit intomainfrom
jg/fix-claude-review-perms
Feb 11, 2026
Merged

Fix Claude Code Review workflow permissions#111
justin808 merged 1 commit intomainfrom
jg/fix-claude-review-perms

Conversation

@justin808
Copy link
Member

@justin808 justin808 commented Feb 9, 2026

Summary

  • Add permissions block to the Claude Code Review caller workflow
  • The reusable workflow in shakacode/.github needs issues: write, pull-requests: write, and id-token: write, but callers must explicitly grant these permissions
  • Without this, the workflow fails with: "The nested job is requesting permissions but is only allowed none"

Test plan

  • Verify the Claude Code Review workflow runs successfully on a new PR

🤖 Generated with Claude Code

Copilot AI review requested due to automatic review settings February 9, 2026 09:13
@coderabbitai
Copy link

coderabbitai bot commented Feb 9, 2026

Warning

Rate limit exceeded

@justin808 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 26 minutes and 6 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch jg/fix-claude-review-perms

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Copilot AI reviewed Feb 9, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the Claude Code Review GitHub Actions caller workflow to explicitly grant the permissions required by the reusable workflow in shakacode/.github, avoiding failures due to default “none” permissions on nested jobs.

Changes:

  • Add a job-level permissions block (contents read, pull-requests write, issues write, id-token write) to the reusable workflow caller.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

.github/workflows/claude-code-review.yml
Comment on lines 9 to +13
uses: shakacode/.github/.github/workflows/claude-code-review.yml@main
permissions:
contents: read
pull-requests: write
issues: write
Copy link

Copilot AI Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With the added pull-requests: write / issues: write permissions, referencing the reusable workflow via @main increases supply-chain risk (the called workflow can change without review). Consider pinning uses: to an immutable ref (tag or commit SHA) and updating intentionally when needed.

Copilot uses AI. Check for mistakes.
@justin808 justin808 merged commit 7a7eca6 into main Feb 11, 2026
7 of 8 checks passed
@justin808 justin808 deleted the jg/fix-claude-review-perms branch February 11, 2026 02:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@justin808