marketing-shibata50/claude-code-ultimate-guide
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

docs: external orchestration frameworks, pr-triage skill, GitHub Actions templates

Browse source 
Added:
- guide/third-party-tools.md: External Orchestration Frameworks section
  (Ruflo + Athena Flow) with architectural distinction from multi-instance tools
- examples/skills/pr-triage/: 3-phase PR backlog management skill
  (audit, deep review via parallel agents, validated comment posting)
- examples/github-actions/: claude-code-review.yml + .coderabbit.yaml +
  prompts/code-review.md — AI-powered PR review GitHub Actions workflow
- docs/resource-evaluations/073-athena-flow-workflow-runtime.md (2/5 Watch)
- docs/resource-evaluations/074-ruflo-multi-agent-orchestration.md (3/5 Pertinent)

Updated:
- examples/README.md + examples/github-actions/README.md: new templates indexed
- machine-readable/reference.yaml: new entries for github-actions + pr-triage

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Florian BRUNIAUX 2026-03-05 09:47:16 +01:00
parent 18a6e0ce5c
commit 0bdb34b2a4
12 changed files with 1079 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

51
examples/github-actions/.coderabbit.yaml Normal file
View file

@ -0,0 +1,51 @@
# CodeRabbit configuration — copy to your repo root as .coderabbit.yaml
# Docs: https://docs.coderabbit.ai/guides/configure-coderabbit
#
# CodeRabbit Pro: $15/dev/month — adds Q&A, sequence diagrams, interactive walkthrough
# Free tier: unlimited public repos
reviews:
# Language for review comments (default: en)
request_changes_workflow: false
high_level_summary: true
poem: false
review_status: true
collapse_walkthrough: false
# Severity labels used in CodeRabbit comments
# Maps to: Nitpick, Minor, Major, Critical
path_filters:
# Ignore generated files and lockfiles
- "!**/node_modules/**"
- "!**/*.lock"
- "!**/dist/**"
- "!**/build/**"
- "!**/__generated__/**"
- "!**/migrations/**" # Remove this if you want DB migration reviews
path_instructions:
# Focus deeper on security-sensitive paths
- path: "src/server/api/**"
instructions: |
Focus on: authentication/authorization checks, input validation,
SQL injection risks, rate limiting, and sensitive data exposure.
- path: "src/components/**"
instructions: |
Focus on: React best practices, accessibility (ARIA, keyboard nav),
performance (memo, useMemo, unnecessary re-renders), and XSS risks.
- path: "prisma/**"
instructions: |
Focus on: migration safety, index coverage for queried fields,
cascade delete risks, and data integrity constraints.
# Auto-approve low-risk PRs (docs, tests only)
auto_review:
enabled: true
drafts: false
base_branches:
- main
- develop
chat:
# Allow @coderabbitai commands in PR comments
auto_reply: true

90
examples/github-actions/README.md
View file

@ -149,6 +149,91 @@ cp examples/github-actions/claude-issue-triage.yml .github/workflows/
---
---
## Multi-Model Review Setup
Running Claude alongside other automated reviewers (Gemini, Greptile, CodeRabbit) surfaces issues that any single model misses. The pattern: each service reviews independently, then Claude synthesizes the consensus.
**Why multi-model?**
Each model has blind spots. Points raised by 2+ independent reviewers are high-signal; unique catches from each model add coverage you'd otherwise miss.
### Recommended stack ($30/month flat)
| Service | Cost | Strength |
|---------|------|----------|
| **Claude Code Review** (this workflow) | Included in Anthropic plan | Deep reasoning, codebase-aware |
| **Gemini Code Assist** | $0 (included in Google Workspace) | Independent LLM, different training data |
| **Greptile** | ~$30/month flat | Cross-file context, dependency graphs |
**Alternative**: CodeRabbit Pro ($15/dev/month) adds interactive Q&A and sequence diagrams.
### Setup
**Step 1: Install Gemini Code Assist**
1. GitHub Marketplace → search "Gemini Code Assist"
2. Install and authorize on your repo
3. Gemini will automatically review new PRs (posts as `gemini-code-assist[bot]`)
4. Optional config via `.gemini/config.yaml`:
```yaml
code_review:
comment_severity_threshold: MEDIUM
max_comments_per_review: 20
```
**Step 2: Install Greptile**
1. [greptile.com](https://greptile.com) → connect GitHub account
2. Select your repo — Greptile indexes the codebase (~5 min)
3. Configure in dashboard: target branches, focus paths
4. Reviews post as `greptile[bot]` comments on PRs
**Step 3: Enable synthesis job**
In `claude-code-review.yml`, remove `false &&` from the synthesis job condition:
```yaml
# Before (disabled):
if: |
false &&
(github.event_name == 'pull_request' ...
# After (enabled):
if: |
(github.event_name == 'pull_request' ...
```
**Step 4: Configure CodeRabbit (optional)**
Copy `.coderabbit.yaml` from this directory to your repo root. Edit `path_instructions` to match your stack.
### How the synthesis works
The `multi-reviewer-synthesis` job in `claude-code-review.yml`:
1. Waits 5 minutes after the Claude review (external bots post within 2-3 min)
2. Collects all reviews and comments via GitHub API
3. Skips silently if fewer than 2 reviewers have posted
4. Claude identifies consensus (same finding flagged by 2+ reviewers) vs. unique catches
5. Posts a structured synthesis comment on the PR
### Files in this directory
```
examples/github-actions/
├── README.md # This file
├── claude-code-review.yml # Main review + optional synthesis job
├── .coderabbit.yaml # CodeRabbit config (copy to repo root)
├── claude-pr-auto-review.yml # Inline prompt auto-review (alternative)
├── claude-security-review.yml # Security-focused scan
├── claude-issue-triage.yml # Issue triage workflow
└── prompts/
└── code-review.md # Externalized review prompt (copy to .github/prompts/)
```
---
## Customization
### Model Selection
@ -247,8 +332,9 @@ These workflows consume Anthropic API credits:
```
examples/github-actions/
├── README.md # This file
├── claude-code-review.yml # Prompt-based review (recommended)
├── claude-pr-auto-review.yml # Inline prompt auto-review
├── claude-code-review.yml # Prompt-based review + optional synthesis job
├── .coderabbit.yaml # CodeRabbit config (copy to repo root)
├── claude-pr-auto-review.yml # Inline prompt auto-review (alternative)
├── claude-security-review.yml # Security scanning workflow
├── claude-issue-triage.yml # Issue triage workflow
└── prompts/

131
examples/github-actions/claude-code-review.yml
View file

@ -74,3 +74,134 @@ jobs:
body: '⚠️ **Claude review failed** — Check the Actions log for details. A human reviewer should cover this PR.'
});
}
# ─────────────────────────────────────────────────────────────────────────────
# OPTIONAL: Multi-Reviewer Synthesis
#
# Enable this job when you have external reviewers posting on PRs:
# - Gemini Code Assist (free via Google Workspace)
# - Greptile (~$30/month flat, cross-file analysis)
# - CodeRabbit Pro ($15/dev/month)
#
# How it works:
# 1. Waits 5 minutes for external reviewers to post their feedback
# 2. Collects all reviews and comments via GitHub API
# 3. Claude synthesizes: identifies consensus (2+ reviewers) vs. unique catches
#
# To enable: remove the `if: false` condition below.
# To install external reviewers: see examples/github-actions/README.md#multi-model-review
# ─────────────────────────────────────────────────────────────────────────────
multi-reviewer-synthesis:
needs: claude-review
if: |
false &&
(
(github.event_name == 'pull_request' && github.event.pull_request.draft == false) ||
(github.event_name == 'issue_comment' &&
github.event.issue.pull_request != null &&
contains(github.event.comment.body, '/claude-review'))
)
runs-on: ubuntu-latest
timeout-minutes: 20
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Wait for external reviewers
run: |
echo "Waiting 5 minutes for external reviewers to post..."
sleep 300
- name: Collect all PR reviews and comments
id: collect
uses: actions/github-script@v7
with:
script: |
const prNumber = context.payload.pull_request?.number ?? context.payload.issue?.number;
// Fetch structured reviews (from Greptile, CodeRabbit, Gemini bots)
const { data: reviews } = await github.rest.pulls.listReviews({
owner: context.repo.owner,
repo: context.repo.repo,
pull_number: prNumber,
});
// Fetch issue comments (bot summaries posted as comments)
const { data: comments } = await github.rest.issues.listComments({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: prNumber,
});
const reviewData = reviews
.filter(r => r.body && r.body.length > 20)
.map(r => ({ reviewer: r.user.login, state: r.state, body: r.body.slice(0, 1500) }));
const commentData = comments
.filter(c => c.body && c.body.length > 50)
.map(c => ({ author: c.user.login, body: c.body.slice(0, 1500) }));
const uniqueReviewers = new Set([
...reviewData.map(r => r.reviewer),
...commentData.map(c => c.author),
]);
// Skip synthesis if only 1 reviewer posted (no consensus to surface)
if (uniqueReviewers.size < 2) {
core.setOutput('skip', 'true');
core.setOutput('reason', `Only ${uniqueReviewers.size} reviewer found — need 2+ for synthesis`);
return;
}
core.setOutput('skip', 'false');
core.setOutput('pr_number', prNumber.toString());
core.setOutput('data', JSON.stringify({ reviews: reviewData, comments: commentData }));
- name: Skip notice
if: steps.collect.outputs.skip == 'true'
run: echo "Synthesis skipped — ${{ steps.collect.outputs.reason }}"
- name: Claude synthesis
if: steps.collect.outputs.skip == 'false'
uses: anthropics/claude-code-action@v1
with:
claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
model: claude-sonnet-4-6
# mcp__github__create_issue_comment posts a plain comment (not a review)
allowed_tools: >-
mcp__github__create_issue_comment
direct_prompt: |
You are synthesizing automated code review feedback for PR #${{ steps.collect.outputs.pr_number }}.
All reviews and comments collected:
${{ steps.collect.outputs.data }}
Your task:
1. Group findings by theme (security, performance, correctness, architecture)
2. Identify consensus: any finding raised by 2+ reviewers is high-signal
3. Surface unique catches — important issues only one reviewer flagged
4. Post a synthesis using `mcp__github__create_issue_comment` with this structure:
---
## Multi-Reviewer Synthesis
> Reviewed by: [comma-separated reviewer names]
### Consensus (raised by 2+ reviewers)
| Finding | Reviewers | Severity |
|---------|-----------|----------|
| [finding] | [name1], [name2] | Must Fix / Should Fix |
### Unique catches
**[Reviewer]:** [what they caught that others missed — critical items only]
### Recommendation
[Overall: approve / request changes / needs discussion]
---
Rules:
- Only include consensus findings that are actionable (skip style/nitpick consensus)
- For unique catches, only surface items of 🔴 Must Fix or 🟡 Should Fix severity
- If all reviewers agree the PR is clean: state that directly and skip the tables

16
examples/github-actions/prompts/code-review.md
View file

@ -39,6 +39,22 @@ For any file that looks non-trivial, use `Read` to see the full implementation c
---
## Step 1b — Load Stack-Specific Skills (Optional)
If your project has skill guides in `.claude/skills/`, load the relevant ones based on what the diff touches. Run `Read` on matching paths if they exist:
| If the diff contains... | Load this guide |
|------------------------|-----------------|
| `auth`, `session`, `token`, `password` | `.claude/skills/security-guardian/authentication/` |
| `sql`, `query`, `prisma`, `db` | `.claude/skills/postgres-*/SKILL.md` or your DB guide |
| `input`, `form`, `upload`, `file` | `.claude/skills/security-guardian/input-validation/` |
| `api`, `endpoint`, `route`, `middleware` | Your API conventions doc |
| `payment`, `stripe`, `billing` | Your payment integration guide |
Skip this step entirely if no matching skills exist or the diff is small.
---
## Step 2 — Analyze Changes
Review each changed file through these lenses: