-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathinfrastructure-consumer-workflow.yml
More file actions
89 lines (83 loc) · 3.77 KB
/
infrastructure-consumer-workflow.yml
File metadata and controls
89 lines (83 loc) · 3.77 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
---
# Infrastructure-as-Code Consumer Workflow Example
# This example shows how to configure Claude workflows for infrastructure repositories
# with Terraform, Terragrunt, and Kubernetes-specific tooling.
name: Infrastructure AI Checks
# Concurrency control to prevent multiple jobs running for the same PR/issue
concurrency:
group: claude-${{ github.event.pull_request.number || github.event.issue.number || 'manual' }}
cancel-in-progress: false
on:
workflow_dispatch:
inputs:
test_mode:
description: 'Test mode for debugging'
required: false
type: boolean
default: false
issue_comment:
types: [created]
pull_request_review_comment:
types: [created]
issues:
types: [opened, assigned]
pull_request_review:
types: [submitted]
pull_request:
types: [opened, synchronize]
# Ignore changes to customer-specific configurations
paths-ignore:
- "kubernetes/customers/**/*.yml"
- "kubernetes/customers/**/*.yaml"
- "kubernetes/customers/**/*.json"
- "kubernetes/customers/**/*.md"
jobs:
# Interactive Claude mentions (guarded to avoid PR opened/synchronize noise)
claude-interactive:
if: |
github.event_name != 'pull_request' || (
contains(github.event.pull_request.title, '@claude') ||
contains(github.event.pull_request.title, '@Claude') ||
contains(github.event.pull_request.title, '@CLAUDE') ||
contains(github.event.pull_request.body, '@claude') ||
contains(github.event.pull_request.body, '@Claude') ||
contains(github.event.pull_request.body, '@CLAUDE')
)
uses: dotCMS/ai-workflows/.github/workflows/[email protected]
with:
trigger_mode: interactive
claude_args: '--allowedTools "Bash(terraform validate),Bash(terraform plan),Bash(terraform fmt),Bash(terragrunt validate),Bash(terragrunt plan),Bash(terragrunt hclfmt),Bash(git status),Bash(git diff)"'
timeout_minutes: 15
runner: ubuntu-latest
enable_mention_detection: true # Uses built-in @claude mention detection
# custom_trigger_condition: | # Optional: Custom trigger logic
# github.event_name == 'issues' && contains(github.event.issue.labels.*.name, 'infrastructure')
secrets:
ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
# Automatic PR reviews (orchestrator skips when @claude mention is present by default)
claude-automatic-review:
if: github.event_name == 'pull_request'
uses: dotCMS/ai-workflows/.github/workflows/[email protected]
with:
trigger_mode: automatic
prompt: |
Please review this infrastructure-as-code pull request and provide feedback on:
- Code quality and best practices
- Potential bugs or issues
- Performance considerations
- Security concerns
- Test coverage
- Estimated cost spend or savings of the changes
- Terraform/Terragrunt best practices
- Resource naming conventions
- Infrastructure security implications
Be constructive and helpful in your feedback.
claude_args: '--allowedTools "Bash(terraform validate),Bash(terraform plan),Bash(terraform fmt),Bash(terragrunt validate),Bash(terragrunt plan),Bash(terragrunt hclfmt),Bash(git status),Bash(git diff)"'
timeout_minutes: 15
runner: ubuntu-latest
enable_mention_detection: false # No mention detection for automatic reviews
# skip_automatic_when_mentioned: false # Optional: allow automatic mode even with @claude mention
# custom_trigger_condition: | # Optional: Custom logic for infrastructure changes
# github.event_name == 'pull_request' && contains(github.event.pull_request.body, 'terraform')
secrets:
ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}