Skip to content

Enhance Claude Code action by adding environment variable verificatio… #652

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
MervinPraison merged 1 commit into from
Jun 15, 2025
Merged

Enhance Claude Code action by adding environment variable verificatio… #652

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .github/actions/claude-code-action/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,9 @@ inputs:
runs:
using: "docker"
image: "ghcr.io/mervinpraison/praisonai-claudecode:latest"
env:
ANTHROPIC_API_KEY: ${{ inputs.anthropic_api_key }}
GITHUB_TOKEN: ${{ inputs.github_token }}
Comment on lines +15 to +17
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist bot Jun 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The addition of the env block (lines 15-17) is a good practice for passing secrets like API keys to the Docker container. With ANTHROPIC_API_KEY and GITHUB_TOKEN now being set as environment variables for the Docker container, you might consider removing them from the args section (currently on lines 19-20).

Benefits of this change would be:

  • Simplicity: Environment variables become the single source of truth for these secrets.
  • Security: Avoids passing secrets as command-line arguments, which can sometimes be logged or exposed in process lists.

If these arguments are removed, the entrypoint.sh script should be updated to directly use these environment variables rather than parsing them from script arguments.

args:
- "--anthropic-api-key=${{ inputs.anthropic_api_key }}"
- "--github-token=${{ inputs.github_token }}"
12 changes: 9 additions & 3 deletions .github/actions/claude-code-action/entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,15 @@ echo "Running Claude Code in CI mode..."
# Extract GitHub context and create a smart prompt
PROMPT="Analyse the GitHub issue or PR context and generate a smart response based on the repository context."

# Set environment variables
export ANTHROPIC_API_KEY="$1"
export GITHUB_TOKEN="$2"
# Set environment variables from arguments
export ANTHROPIC_API_KEY="${1#--anthropic-api-key=}"
export GITHUB_TOKEN="${2#--github-token=}"
Comment on lines +11 to +12
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist bot Jun 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

If ANTHROPIC_API_KEY and GITHUB_TOKEN are passed as environment variables directly by Docker (as configured in action.yml's env block), these lines that parse them from command-line arguments ($1, $2) and re-export them become unnecessary.

The script could directly use $ANTHROPIC_API_KEY and $GITHUB_TOKEN as they would already be available in the environment. This would simplify the script.

This change is contingent on removing these secrets from the args in action.yml and relying solely on the env block there.


# Verify environment variables
if [ -z "$ANTHROPIC_API_KEY" ] || [ -z "$GITHUB_TOKEN" ]; then
echo "Error: Required environment variables are not set"
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist bot Jun 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The error message here is a bit generic. To improve debuggability, consider making it more specific about which environment variables are missing.

Suggested change
echo "Error: Required environment variables are not set"
echo "Error: ANTHROPIC_API_KEY and/or GITHUB_TOKEN are not set. Please ensure they are configured for the action."

exit 1
fi

# Run Claude with the prompt
claude -p "$PROMPT"
5 changes: 4 additions & 1 deletion .github/workflows/claude.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,11 +30,14 @@ jobs:
with:
fetch-depth: 1

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
username: MervinPraison
password: ${{ secrets.GH_TOKEN }}

- name: Run Claude Code
Expand Down
Loading