xinyin025/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2026-06-28 00:24:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(ci): let mention bot push commits to fork PR branches

Browse Source 
claude-code-action checks out the PR head branch and pushes Claude's
commits with `git push origin ...`. For PRs opened from a fork the head
branch lives on the contributor's repo, and the workflow GITHUB_TOKEN
cannot push there, so commits ended up as a stray branch on this repo
and never landed on the PR.

Redirect origin's push URL to the PR head repository (the fork for fork
PRs, this repo otherwise) using a PAT secret (CLAUDE_BOT_PAT) that has
push access; fetches still come from origin. persist-credentials is
disabled so the PAT in the push URL is used instead of the GITHUB_TOKEN
auth header. Requires the fork PR to have "Allow edits by maintainers"
enabled.
This commit is contained in:
MHSanaei
2026-06-20 23:41:45 +02:00
parent 4ab2dffa61
commit 29b14dac59
1 changed files with 21 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/claude-bot.yml
+21 -3
View File
@@ -419,11 +419,29 @@ jobs:
- uses: actions/checkout@v7
with:
fetch-depth: 0
- name: Check out the PR branch when the comment is on a pull request
if: github.event.issue.pull_request
# Don't persist the GITHUB_TOKEN auth header; pushes are authenticated
# below with a PAT so they can reach a contributor's fork branch.
persist-credentials: false
# claude-code-action checks out the PR head branch and lets Claude push
# with `git push origin ...`. For fork PRs the head branch lives on the
# contributor's repo, not origin, and GITHUB_TOKEN cannot push there.
# Point origin's PUSH url at the PR head repository (the fork for fork
# PRs, this repo otherwise) using a PAT that has push access; fetches
# still come from origin (this repo).
- name: Route commit pushes to the PR head repository
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: gh pr checkout ${{ github.event.issue.number }}
BOT_PAT: ${{ secrets.CLAUDE_BOT_PAT }}
run: |
set -euo pipefail
if [ -n "${{ github.event.issue.pull_request.url }}" ]; then
head_repo=$(gh pr view "${{ github.event.issue.number }}" \
--json headRepositoryOwner,headRepository \
--jq '"\(.headRepositoryOwner.login)/\(.headRepository.name)"')
else
head_repo="${{ github.repository }}"
fi
git remote set-url --push origin "https://x-access-token:${BOT_PAT}@github.com/${head_repo}.git"
- uses: anthropics/claude-code-action@v1
with:
github_token: ${{ secrets.GITHUB_TOKEN }}