ci: post Claude reviews from execution_file; fix general_review filter

[loothero]

Summary

Two CI workflow fixes uncovered while testing PR #144 (run 25278577961).

Fix 1 — Claude jobs ran but never posted comments

In claude-code-action v1, prompt: (automation) mode does not auto-post a PR comment the way the beta direct_prompt: did. Each of our four Claude review jobs ran cleanly (is_error: false, --model claude-opus-4-7 confirmed), produced a review, then the polling step timed out for 60s and failed the job because no comment ever appeared.

Replace the comment-polling pattern (gh api … | jq with 6×10s retries and 2–4 fallback queries) with the capture-extract-post-check sequence already used by the Codex jobs:

1. id: claude on the action step exposes execution_file (Claude Code stream-JSON).
2. New Extract review output step pulls the final result.result text (or falls back to assistant text) into /tmp/review.txt.
3. New Post review comment step writes ## Claude Review - … + body to the PR via gh pr comment.
4. Check for blocking findings greps the local file for [CRITICAL]/[HIGH].

Net: review comments appear immediately, blocking-check is deterministic, and the 4 Claude jobs now mirror the 4 Codex jobs structurally.

Fix 2 — general_review triggered on scoped-only changes

PR #144 changed only api/README.md, client/README.md, contracts/README.md — all inside excluded scopes — yet claude-review-general and codex-review-general ran. dorny/paths-filter v3's OR-list semantics don't reliably honor ! negations against a leading ** glob.

Replace:

general_review:
  - "**"
  - "!contracts/**"
  - "!client/**"
  - "!indexer/**"
  - "!api/**"

with a shell step that computes general_review from gh pr diff --name-only — true iff the PR touches a file outside contracts/, client/, indexer/, or api/. The four scoped filters (contracts_review, client_review, indexer_api_review) continue to use paths-filter (no negations there).

Test plan

• CI green on this PR (modifies pr-ci.yml, so AI reviews are gated off via review_automation_modified — only the deterministic jobs run)
• After merge, retest by re-running PR test: trigger Claude reviews across api/client/contracts scopes #144 (or push a synchronize commit). Expected: 4 Claude comments + 4 Codex comments, no *-general jobs run, pr-ci passes.

🤖 Generated with Claude Code

Summary by CodeRabbit

• Chores
  • Updated code review workflow automation to improve review extraction and processing efficiency.

Note: This is an internal infrastructure change with no direct impact on end-user functionality.

[gemini-code-assist]

Note

Gemini is unable to generate a review for this pull request due to the file types involved not being currently supported.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
summit	Ready	Preview, Comment	May 3, 2026 0:26am

[coderabbitai]

Caution

Review failed

Pull request was closed or merged during review

📝 Walkthrough

Walkthrough

GitHub Actions workflow for AI-based code reviews is refactored. The general_review detection switches from exclude-pattern paths-filter to gh pr diff command. All Claude review jobs now extract review text directly from the action's execution_file via jq into /tmp/review.txt, post that comment, and check for critical findings in the file instead of polling prior PR comments.

Changes

AI Review Workflow Refactor

Layer / File(s)	Summary
Review Detection Logic .github/workflows/pr-ci.yml (lines 41–82)	general_review output changed from paths-filter exclude patterns (!contracts/**, !client/**, !indexer/**, !api/**) to gh pr diff --name-only | grep check that sets general_review=true when files exist outside those four directories.
Claude Output Extraction .github/workflows/pr-ci.yml (lines 487–547, 731–791, 975–1035, 1223–1283)	All four Claude review jobs (claude-review-contracts, claude-review-client, claude-review-indexer-api, claude-review-general) now extract review text from the anthropics/claude-code-action execution_file using jq and write to /tmp/review.txt, replacing prior ad-hoc output handling.
Review Comment Posting .github/workflows/pr-ci.yml (lines 487–547, 731–791, 975–1035, 1223–1283)	Each Claude job posts a comment from /tmp/review.txt (or displays "No review output…" if the file is empty), simplifying prior comment-creation logic.
Blocking Findings Detection .github/workflows/pr-ci.yml (lines 487–547, 731–791, 975–1035, 1223–1283)	All four review jobs replace the prior API-based PR comment fetching/pagination/marker logic with a direct grep check: job fails if /tmp/review.txt is missing or contains [(CRITICAL|HIGH)] patterns.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~22 minutes

Possibly related PRs

• fix(ci): prevent AI review comments from overwriting each other #104: Simplifies AI review comment handling in the same workflow by removing prior-comment-fetching logic and consolidating comment posting.
• chore(github): update CI workflows, prompts, and PR template #113: Modifies the same .github/workflows/pr-ci.yml file to refactor how Claude review outputs are detected and handled.
• Add unified CI pipeline, review prompts, and PR template #102: Introduces the Claude review jobs and logic that this PR refactors, directly related through shared workflow modifications.

Poem

🐰 Hops through the CI with glee,
jq extracts the review from /tmp so free,
No more comment-chasing through the API night,
Direct posting and grep checks—clean and tight! ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Description check	❓ Inconclusive	The description provides comprehensive details (Fix 1 and Fix 2) with technical implementation steps and a test plan, but omits the required template structure including Scope, Change Type, Validation commands, Risk level, and other sections.	Complete the missing template sections: mark Scope (Other/chore/infra), Change Type (fix + chore), provide validation commands, specify Risk level (Low), and fill in Assumptions and Exceptions as applicable.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately and concisely summarizes the main changes: fixing Claude review posting from execution_file and correcting the general_review filter logic.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch ci/fix-claude-comment-posting

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Review rate limit: 0/1 reviews remaining, refill in 60 minutes.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[railway-app]

🚅 Deployed to the summit-pr-145 environment in Summit

3 services not affected by this PR

• summit-db
• summit-indexer
• summit-api

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 310433e28e

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Fail when Claude execution output is unavailable

If steps.claude.outputs.execution_file is missing or unreadable, this step writes a placeholder message to /tmp/review.txt and exits successfully, and the later gate only checks that the file is non-empty. In that scenario the Claude review job can pass without any real model output, so PRs may merge with review enforcement silently bypassed across all claude-review-* jobs that use this pattern.

Useful? React with 👍 / 👎.

[loothero]

Accepted — real bug. The placeholder strings made /tmp/review.txt non-empty, so the [ ! -s … ] blocking-check passed and the job could merge with no real review.

Fixed in c3a2acb: both fallback branches (missing/unreadable execution_file, empty extracted text) now emit ::error::, leave /tmp/review.txt empty, and exit 1. The Post review comment step (if: always()) still runs so reviewers see the "No review output was produced." fallback comment on the PR, and the blocking-check then fails on the empty file.

[Copilot]

Pull request overview

Updates the PR CI workflow to (1) reliably post Claude review comments by extracting text from the Claude action execution_file, and (2) fix general_review detection so “general” AI review jobs don’t run on scoped-only changes.

Changes:

• Replace Claude review “poll for comment” logic with an extract → post-comment → local blocking-grep flow.
• Compute general_review explicitly via gh pr diff --name-only instead of paths-filter negations.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[loothero]

Going to pass on this one — the comment Copilot is paraphrasing isn't actually in the file. The block comment didn't say result.result, and it was removed in f09ca84 anyway.

On the substance: Claude Code stream-JSON's terminal message is {"type":"result","is_error":false,"result":"<final assistant text>",...} where .result is a string holding the model's final output. Verified empirically against PR #144 run 25278577961. result.result would resolve to null. The fallback over type:"assistant" text content already covers any future envelope-shape change, and the silent-pass fix in c3a2acb ensures unparseable output now fails the job rather than passing it.

[loothero]

Accepted — real bug. The placeholder strings made /tmp/review.txt non-empty, so the [ ! -s … ] blocking-check passed and the job could merge with no real review.

Fixed in c3a2acb: both fallback branches (missing/unreadable execution_file, empty extracted text) now emit ::error::, leave /tmp/review.txt empty, and exit 1. The Post review comment step (if: always()) still runs so reviewers see the "No review output was produced." fallback comment on the PR, and the blocking-check then fails on the empty file.

[loothero]

Going to pass on this one — the comment Copilot is paraphrasing isn't actually in the file. The block comment didn't say result.result, and it was removed in f09ca84 anyway.

On the substance: Claude Code stream-JSON's terminal message is {"type":"result","is_error":false,"result":"<final assistant text>",...} where .result is a string holding the model's final output. Verified empirically against PR #144 run 25278577961. result.result would resolve to null. The fallback over type:"assistant" text content already covers any future envelope-shape change, and the silent-pass fix in c3a2acb ensures unparseable output now fails the job rather than passing it.

[loothero]

Accepted — real bug. The placeholder strings made /tmp/review.txt non-empty, so the [ ! -s … ] blocking-check passed and the job could merge with no real review.

Fixed in c3a2acb: both fallback branches (missing/unreadable execution_file, empty extracted text) now emit ::error::, leave /tmp/review.txt empty, and exit 1. The Post review comment step (if: always()) still runs so reviewers see the "No review output was produced." fallback comment on the PR, and the blocking-check then fails on the empty file.

[loothero]

Going to pass on this one — the comment Copilot is paraphrasing isn't actually in the file. The block comment didn't say result.result, and it was removed in f09ca84 anyway.

On the substance: Claude Code stream-JSON's terminal message is {"type":"result","is_error":false,"result":"<final assistant text>",...} where .result is a string holding the model's final output. Verified empirically against PR #144 run 25278577961. result.result would resolve to null. The fallback over type:"assistant" text content already covers any future envelope-shape change, and the silent-pass fix in c3a2acb ensures unparseable output now fails the job rather than passing it.

[loothero]

Accepted — real bug. The placeholder strings made /tmp/review.txt non-empty, so the [ ! -s … ] blocking-check passed and the job could merge with no real review.

Fixed in c3a2acb: both fallback branches (missing/unreadable execution_file, empty extracted text) now emit ::error::, leave /tmp/review.txt empty, and exit 1. The Post review comment step (if: always()) still runs so reviewers see the "No review output was produced." fallback comment on the PR, and the blocking-check then fails on the empty file.

[loothero]

Going to pass on this one — the comment Copilot is paraphrasing isn't actually in the file. The block comment didn't say result.result, and it was removed in f09ca84 anyway.

On the substance: Claude Code stream-JSON's terminal message is {"type":"result","is_error":false,"result":"<final assistant text>",...} where .result is a string holding the model's final output. Verified empirically against PR #144 run 25278577961. result.result would resolve to null. The fallback over type:"assistant" text content already covers any future envelope-shape change, and the silent-pass fix in c3a2acb ensures unparseable output now fails the job rather than passing it.

[loothero]

Accepted — real bug. The placeholder strings made /tmp/review.txt non-empty, so the [ ! -s … ] blocking-check passed and the job could merge with no real review.

Fixed in c3a2acb: both fallback branches (missing/unreadable execution_file, empty extracted text) now emit ::error::, leave /tmp/review.txt empty, and exit 1. The Post review comment step (if: always()) still runs so reviewers see the "No review output was produced." fallback comment on the PR, and the blocking-check then fails on the empty file.