This file provides guidance to AI coding agents when working with code in this repository.
WalletConnect's shared GitHub Actions and reusable workflows for infrastructure, deployments, and AI-powered code review.
cd claude/auto-review
pnpm install # Install dependencies
pnpm test # Run tests
pnpm test:watch # Watch mode
pnpm test:coverage # With coverage reportpre-commit install # Install hooks
pre-commit run --all-files # Run all checks- actions/ - High-level composite actions (deploy-terraform, deploy-ecs, plan-terraform)
- terraform/ - Terraform primitives (init, plan, apply, validate, select-workspace, check-fmt)
- aws/ - AWS-specific actions (ECS deploy/task-image, Grafana key management)
- github/ - GitHub utilities (paths-filter, branch-name, release versioning, CTA assistant)
- claude/ - AI review actions
- auto-review/ - PR code review with inline findings comments
- terraform-plan-review/ - Terraform plan analysis
- deploy-window/ - Deploy timing controls
Wraps anthropics/claude-code-action to provide automated PR reviews. Key components:
action.yml- Main composite action with dynamic prompt generationscripts/extract-findings-from-comment.js- Parses AI agent's comment to extract structured findingsscripts/comment-pr-findings.js- Posts inline PR review comments from findings.jsonscripts/lib/github-utils.js- Shared utilities (gh CLI wrapper, context loading)
Flow: AI agent reviews PR → posts comment → extract-findings parses issues → comment-pr-findings posts inline comments
Specialized review tasks run as conditional subagents to keep the main review context focused:
- License Compliance (
agents/review-license-compliance.md) — spawned when dependency manifest/lockfiles change. Heuristic:scripts/should-spawn-license-compliance.js. Findings uselic-prefixed IDs. - Data Classification (
agents/review-data-classification.md) — spawned when infrastructure, secret/env files, DB schemas, or API routes change, or when patches contain sensitive data keywords. Heuristic:scripts/should-spawn-data-classification.js. Findings usedcl-prefixed IDs.
.github/workflows/claude.yml- General AI agent invocation (@claude mentions, excluding @claude review).github/workflows/claude-review.yml- Auto-review on PR open or @claude review comment.github/workflows/test-claude-auto-review.yml- CI for auto-review scripts
- All actions use
using: compositewith bash steps - Inputs: kebab-case naming
- Outputs: written via
>> $GITHUB_OUTPUT - Use
working-directoryfield overcdin scripts $GITHUB_ENV/$GITHUB_OUTPUTmultiline syntax ({name}<<{delimiter}) is GitHub Actions-specific, NOT bash heredoc. Quoted delimiters like<<'EOF'are invalid — always use plain<<EOF
- Set environment via
TF_WORKSPACEenv var - Run non-interactively with
-no-colorandTF_INPUT=0 - Apply with
-auto-approve - Var files located at
vars/{environment}.tfvars
- Configure credentials with
aws-actions/configure-aws-credentials@v4 - Always require explicit region input
- Grafana: temporary keys with short TTL, cleanup via
always()condition
- Mask sensitive values with
::add-mask:: - External domains limited to: reown.com, walletconnect.com, walletconnect.org
- Cleanup temporary credentials/keys in
always()steps
- Consumers should pin to full 40-char commit SHA, not branch names
- Internal action refs use
@masterfor this repo
For claude/auto-review/ scripts:
- Tests use Vitest with v8 coverage
- Node.js 20+ required
- Test files:
scripts/__tests__/*.test.js - Fixtures:
scripts/__tests__/fixtures/ - Scripts are ES modules with execution guards for testability