name: Claude Code

on:
  issue_comment:
    types: [created]
  pull_request_review_comment:
    types: [created]
  issues:
    types: [opened, assigned]
  pull_request_review:
    types: [submitted]
  pull_request:
    types: [opened, synchronize]

jobs:
  claude:
    if: |
      (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) ||
      (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) ||
      (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) ||
      (github.event_name == 'issues' && contains(github.event.issue.body, '@claude'))
    runs-on: ubuntu-latest
    permissions:
      contents: write
      pull-requests: write
      issues: write
      id-token: write
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
          aws-region: us-east-1

      - name: Run Claude Code
        uses: anthropics/claude-code-action@v1
        with:
          use_bedrock: "true"
          github_token: ${{ secrets.GITHUB_TOKEN }}

  pr-review:
    if: github.event_name == 'pull_request' && github.event.action == 'opened'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      pull-requests: write
      id-token: write
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
          aws-region: us-east-1

      - name: Run Claude Code PR Review
        uses: anthropics/claude-code-action@v1
        with:
          use_bedrock: "true"
          github_token: ${{ secrets.GITHUB_TOKEN }}
          prompt: |
            REPO: ${{ github.repository }}
            PR NUMBER: ${{ github.event.pull_request.number }}

            This is a personal project - an AI-powered draw.io diagram generator built with:
            - Next.js 15 with React 19
            - Vercel AI SDK (streamText, useChat, tool calling)
            - Multiple AI providers: Bedrock, Anthropic, OpenAI, Google, Azure, OpenRouter, Ollama

            Review this PR for ONLY these issues:
            1. Bugs that would cause runtime errors or broken functionality
            2. Security issues (exposed secrets, API key leaks)
            3. AI SDK misuse (wrong patterns for streamText, tool definitions, message handling)

            DO NOT comment on:
            - Performance optimizations
            - Code style or formatting
            - "Best practices" suggestions
            - Type safety improvements
            - Error handling additions

            Use `mcp__github_inline_comment__create_inline_comment` for inline comments.
            Be very selective - if there are no real bugs, just say "LGTM" in a PR comment.
          claude_args: |
            --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*)"