CI/CD Integration Patterns Integrate Claude Code into CI/CD pipelines for automated PR reviews, code generation, test validation, security scanning, and documentation updates. This skill covers GitHub Actions, GitLab CI, pre-commit hooks, and headless execution modes. GitHub Actions Integration Use the official action for turnkey GitHub integration. Supported Features - Trigger on pull requests, push, schedule, or workflow dispatch - Environment variable support: , - Pipe mode ( ) with JSON output - Tool access filtering via - Multiple model routing (Opus for reviews, Haiku for checks) - Cost…

)\n\nif [ -z \"$STAGED_FILES\" ]; then\n exit 0\nfi\n\necho \"Running Claude Code check on staged files...\"\n\nif ! claude -p \"Security check: $STAGED_FILES\" \\\n --allowedTools Read,Grep,Glob \\\n --max-turns 2; then\n echo \"Claude Code check failed. Use 'git commit --no-verify' to bypass.\"\n exit 1\nfi\n```\n\n## Automated PR Reviews with Structured Output\n\nUse JSON formatting to post structured reviews to PRs.\n\n### Review Configuration\n\n```bash\n#!/bin/bash\n# scripts/claude-pr-review.sh\n\nset -euo pipefail\n\nREPO=$1\nPR_NUMBER=$2\nGITHUB_TOKEN=$3\n\n# Clone PR branch\ngit clone \"https://github.com/$REPO.git\" /tmp/pr-check\ncd /tmp/pr-check\ngit fetch origin pull/$PR_NUMBER/head\ngit checkout FETCH_HEAD\n\n# Run Claude review\nREVIEW_JSON=$(claude -p \\\n \"Analyze this PR for: security issues, code quality, test coverage, performance\" \\\n --allowedTools Read,Grep,Glob \\\n --max-turns 3 \\\n --output-format json)\n\n# Parse results and post\nSECURITY=$(echo \"$REVIEW_JSON\" | jq -r '.security // \"None found\"')\nQUALITY=$(echo \"$REVIEW_JSON\" | jq -r '.quality // \"Pass\"')\nTESTS=$(echo \"$REVIEW_JSON\" | jq -r '.test_coverage // \"Adequate\"')\n\ncurl -X POST \\\n -H \"Accept: application/vnd.github+json\" \\\n -H \"Authorization: token $GITHUB_TOKEN\" \\\n \"https://api.github.com/repos/$REPO/issues/$PR_NUMBER/comments\" \\\n -d @- \u003c\u003c EOF\n{\n \"body\": \"## Claude Code Review\\n\\n**Security:** $SECURITY\\n\\n**Quality:** $QUALITY\\n\\n**Tests:** $TESTS\"\n}\nEOF\n\nrm -rf /tmp/pr-check\n```\n\n## Headless Mode Patterns\n\nExecute Claude Code in fully automated environments without interaction.\n\n### Read-Only Checks\n\n```bash\n# Security scan (no write access)\nclaude -p \"Security audit\" \\\n --allowedTools Read,Grep,Glob \\\n --output-format json \\\n --max-turns 2\n```\n\n### Constrained Sessions\n\n```bash\n# Limit turn count to prevent runaway costs\nclaude -p \"Generate test stubs\" \\\n --allowedTools Read,Glob,Bash \\\n --max-turns 5 \\\n --output-format json\n```\n\n### Model Selection for CI\n\n```bash\n# Haiku for fast checks (cheaper)\nCLAUDE_MODEL=claude-haiku-4-5-20251001 claude -p \"Style check\"\n\n# Opus for complex analysis (more capable)\nCLAUDE_MODEL=claude-opus-4-1-20250805 claude -p \"Architecture review\"\n```\n\n### Exit Code Handling\n\n```bash\n#!/bin/bash\n# scripts/claude-ci-validator.sh\n\nif claude -p \"Validate build output\" \\\n --allowedTools Read,Glob \\\n --output-format json; then\n echo \"Validation passed\"\n exit 0\nelse\n echo \"Validation failed\"\n exit 1\nfi\n```\n\n## SDK-Based CI Integration\n\nUse the `@anthropic-ai/claude-code` npm package for programmatic control.\n\n### Installation\n\n```bash\nnpm install @anthropic-ai/claude-code\n```\n\n### Basic Usage\n\n```javascript\n// scripts/ci-validator.mjs\nimport { claudeCode } from '@anthropic-ai/claude-code';\n\nconst result = await claudeCode.executeHeadless({\n task: 'Analyze test coverage and report gaps',\n allowedTools: ['Read', 'Grep', 'Glob'],\n outputFormat: 'json',\n maxTurns: 3,\n model: 'claude-haiku-4-5-20251001'\n});\n\nconsole.log(JSON.stringify(result, null, 2));\nprocess.exit(result.success ? 0 : 1);\n```\n\n### Streaming Output\n\n```javascript\n// scripts/ci-streaming.mjs\nimport { claudeCode } from '@anthropic-ai/claude-code';\n\nconst stream = await claudeCode.streamHeadless({\n task: 'Generate missing test files',\n allowedTools: ['Read', 'Glob'],\n model: 'claude-opus-4-1-20250805'\n});\n\nfor await (const chunk of stream) {\n process.stdout.write(chunk.text || '');\n if (chunk.status === 'complete') {\n process.exit(chunk.exitCode);\n }\n}\n```\n\n## Cost Control in CI\n\nManage Claude API costs in automated environments.\n\n### Budget Estimation\n\n```bash\n# Haiku: ~$0.80 per million input tokens, $2.40 per million output\n# Estimated cost per CI run with Haiku: $0.01-0.05\n\n# Opus: ~$15 per million input tokens, $45 per million output\n# Estimated cost per CI run with Opus: $0.10-0.30\n\n# Strategy: Use Haiku for checks, Opus for analysis on schedule\n```\n\n### Cost-Optimized Workflow\n\n```yaml\n# .github/workflows/claude-optimized.yml\non:\n pull_request:\n types: [opened, synchronize]\n schedule:\n - cron: '0 2 * * *' # Deep analysis daily\n\njobs:\n fast-check:\n if: github.event_name == 'pull_request'\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v4\n - uses: anthropics/claude-code-action@v1\n with:\n task: Quick lint check\n model: claude-haiku-4-5-20251001\n allowed-tools: Grep,Glob\n env:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}\n\n deep-analysis:\n if: github.event_name == 'schedule'\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v4\n - uses: anthropics/claude-code-action@v1\n with:\n task: Full architecture review\n model: claude-opus-4-1-20250805\n allowed-tools: Read,Grep,Glob,Bash\n env:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}\n```\n\n## Secrets Management\n\nSafely handle API keys and credentials in CI/CD.\n\n### GitHub Secrets\n\n```yaml\nenv:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}\n\njobs:\n review:\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v4\n - uses: anthropics/claude-code-action@v1\n with:\n task: Review changes\n env:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}\n```\n\n### GitLab CI Secrets\n\n```yaml\nclaude_review:\n variables:\n ANTHROPIC_API_KEY: $ANTHROPIC_API_KEY # Set in GitLab UI\n script:\n - claude -p \"Run analysis\" --output-format json\n```\n\n### Never Log Sensitive Data\n\n```bash\n#!/bin/bash\n# Safe logging in CI\n\n# DON'T do this:\n# echo \"API Key: $ANTHROPIC_API_KEY\"\n\n# DO this:\necho \"Starting Claude review (API key configured)\"\n\n# Output result without exposing key\nclaude -p \"Review files\" 2>&1 | grep -v \"Authorization\" > output.log\n```\n\n## Example Workflows (Copy-Paste Ready)\n\n### 1. PR Review Bot (GitHub Actions)\n\n```yaml\n# .github/workflows/claude-review-pr.yml\nname: Claude PR Review Bot\n\non:\n pull_request:\n types: [opened, synchronize]\n paths-ignore:\n - '**.md'\n - 'docs/**'\n\njobs:\n review:\n runs-on: ubuntu-latest\n permissions:\n pull-requests: write\n contents: read\n if: github.event.action != 'closed'\n steps:\n - uses: actions/checkout@v4\n with:\n fetch-depth: 0\n\n - uses: anthropics/claude-code-action@v1\n id: review\n with:\n task: |\n Review this PR and provide assessment in JSON:\n {\n \"overall_score\": 1-10,\n \"security_issues\": [],\n \"code_quality\": \"pass|warning|fail\",\n \"test_coverage\": \"adequate|needs_improvement\",\n \"suggestions\": []\n }\n model: claude-opus-4-1-20250805\n allowed-tools: Read,Grep,Glob\n output-format: json\n max-turns: 3\n env:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}\n\n - name: Post Review Comment\n uses: actions/github-script@v7\n if: always()\n with:\n script: |\n const review = JSON.parse(`${{ steps.review.outputs.result }}`);\n const comment = `\n## Claude Code Review\n\n**Overall Score:** ${review.overall_score}/10\n**Code Quality:** ${review.code_quality}\n**Test Coverage:** ${review.test_coverage}\n\n${review.suggestions.length > 0 ? '**Suggestions:**\\n' + review.suggestions.map(s => `- ${s}`).join('\\n') : 'No suggestions'}\n `;\n github.rest.issues.createComment({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: comment\n });\n```\n\n### 2. Test Gap Detector (GitHub Actions)\n\n```yaml\n# .github/workflows/claude-test-gaps.yml\nname: Detect Test Gaps\n\non:\n pull_request:\n paths:\n - 'src/**'\n\njobs:\n detect:\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v4\n\n - uses: anthropics/claude-code-action@v1\n with:\n task: |\n Identify test coverage gaps in changed files:\n 1. List files without tests\n 2. Find untested functions\n 3. Suggest test cases\n Output as JSON array.\n model: claude-haiku-4-5-20251001\n allowed-tools: Read,Grep,Glob\n output-format: json\n max-turns: 2\n env:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}\n\n - name: Fail if critical gaps\n run: |\n gaps=$(cat ${{ steps.claude.outputs.result }} | jq '.critical_gaps | length')\n if [ \"$gaps\" -gt 0 ]; then\n echo \"Critical test gaps found!\"\n exit 1\n fi\n```\n\n### 3. Security Scanner (GitHub Actions)\n\n```yaml\n# .github/workflows/claude-security-scan.yml\nname: Security Scan\n\non:\n pull_request:\n schedule:\n - cron: '0 3 * * 1' # Monday 3 AM\n\njobs:\n scan:\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v4\n\n - uses: anthropics/claude-code-action@v1\n with:\n task: |\n Security audit:\n - Check for hardcoded secrets\n - Identify SQL injection risks\n - Review authentication logic\n - Check dependency vulnerabilities\n Format: { \"vulnerabilities\": [], \"risk_level\": \"low|medium|high\" }\n model: claude-opus-4-1-20250805\n allowed-tools: Read,Grep,Glob\n output-format: json\n env:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}\n\n - name: Block on high risk\n run: |\n risk=$(jq -r '.risk_level' ${{ steps.claude.outputs.result }})\n if [ \"$risk\" = \"high\" ]; then\n echo \"High security risk detected!\"\n exit 1\n fi\n```\n\n### 4. Documentation Updater (GitHub Actions)\n\n```yaml\n# .github/workflows/claude-docs-update.yml\nname: Auto-Update Docs\n\non:\n push:\n branches: [main]\n paths:\n - 'src/**'\n\njobs:\n update:\n runs-on: ubuntu-latest\n permissions:\n contents: write\n pull-requests: write\n steps:\n - uses: actions/checkout@v4\n\n - uses: anthropics/claude-code-action@v1\n id: docs\n with:\n task: |\n Update API documentation based on code changes:\n 1. Regenerate parameter descriptions\n 2. Update return type docs\n 3. Add code examples where missing\n Output updated markdown files.\n model: claude-opus-4-1-20250805\n allowed-tools: Read,Glob,Write\n max-turns: 5\n env:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}\n\n - name: Create Documentation PR\n uses: peter-evans/create-pull-request@v5\n with:\n commit-message: 'docs: auto-update from code changes'\n title: 'docs: regenerated from source'\n body: 'Auto-generated documentation updates'\n branch: auto-docs-update\n```\n\n---\n\n## /autofix-pr — CLI PR Auto-Fix (v2.1.92)\n\nEnable Claude's PR auto-fix loop without leaving the terminal. Claude watches CI results and review comments, pushes fixes, and repeats until the PR is green.\n\n```text\n> /autofix-pr\n```\n\nClaude infers the open PR for your current branch and enables auto-fix for it on Claude Code web in one step. Walk away; Claude handles the CI/review iteration loop.\n\n**When to use:**\n- After pushing a branch with expected CI failures (lint, types, test)\n- When addressing PR review nits — Claude applies suggestions and pushes\n- During overnight runs — PR auto-fix is fully unattended\n\n**Prerequisites:**\n- Branch must have an open PR\n- Must be authenticated to Claude Code web (same account)\n\n**Workflow:**\n```bash\ngit push origin my-feature\n/autofix-pr\n# Claude enables auto-fix on the web PR — CI loop runs unattended\n```\n---","attachment_filenames":[],"attachments":[],"content_json":{"type":"doc","content":[{"type":"heading","attrs":{"level":1},"content":[{"text":"CI/CD Integration Patterns","type":"text"}]},{"type":"paragraph","content":[{"text":"Integrate Claude Code into CI/CD pipelines for automated PR reviews, code generation, test validation, security scanning, and documentation updates. This skill covers GitHub Actions, GitLab CI, pre-commit hooks, and headless execution modes.","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"GitHub Actions Integration","type":"text"}]},{"type":"paragraph","content":[{"text":"Use the official ","type":"text"},{"text":"anthropics/claude-code-action@v1","type":"text","marks":[{"type":"code_inline"}]},{"text":" action for turnkey GitHub integration.","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Supported Features","type":"text"}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Trigger on pull requests, push, schedule, or workflow dispatch","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Environment variable support: ","type":"text"},{"text":"ANTHROPIC_API_KEY","type":"text","marks":[{"type":"code_inline"}]},{"text":", ","type":"text"},{"text":"CLAUDE_MODEL","type":"text","marks":[{"type":"code_inline"}]}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Pipe mode (","type":"text"},{"text":"claude -p","type":"text","marks":[{"type":"code_inline"}]},{"text":") with JSON output","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Tool access filtering via ","type":"text"},{"text":"--allowedTools","type":"text","marks":[{"type":"code_inline"}]}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Multiple model routing (Opus for reviews, Haiku for checks)","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Cost tracking and budget enforcement","type":"text"}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Setup","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"# .github/workflows/claude-pr-review.yml\nname: Claude PR Review\n\non:\n pull_request:\n types: [opened, synchronize]\n workflow_dispatch:\n\njobs:\n review:\n runs-on: ubuntu-latest\n permissions:\n pull-requests: write\n contents: read\n steps:\n - uses: actions/checkout@v4\n with:\n fetch-depth: 0\n\n - uses: anthropics/claude-code-action@v1\n with:\n task: |\n Review the changes in this PR and provide:\n 1. Security issues found (if any)\n 2. Code style or complexity concerns\n 3. Test coverage gaps\n 4. Performance suggestions\n Format as JSON for PR comment automation.\n model: claude-opus-4-1-20250805\n allowed-tools: Read,Grep,Glob\n output-format: json\n env:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Usage in PR Comments","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"# .github/workflows/claude-pr-analysis.yml\nname: Claude PR Analysis with Comments\n\non:\n pull_request:\n types: [opened, synchronize]\n\njobs:\n analyze:\n runs-on: ubuntu-latest\n permissions:\n pull-requests: write\n contents: read\n steps:\n - uses: actions/checkout@v4\n\n - uses: anthropics/claude-code-action@v1\n id: claude\n with:\n task: |\n {\n \"goal\": \"Review files in this PR\",\n \"files\": \"${{ github.event.pull_request.title }}\",\n \"output\": \"json\"\n }\n output-format: json\n env:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}\n\n - name: Comment Review on PR\n if: always()\n uses: actions/github-script@v7\n with:\n script: |\n const result = JSON.parse('${{ steps.claude.outputs.result }}');\n github.rest.issues.createComment({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: `## Claude Code Review\\n\\n${result.summary}`\n });","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Code Generation Workflow","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"# .github/workflows/claude-codegen.yml\nname: Generate Code on Dispatch\n\non:\n workflow_dispatch:\n inputs:\n feature:\n description: Feature to generate\n required: true\n model:\n description: Model to use\n default: claude-opus-4-1-20250805\n required: false\n\njobs:\n generate:\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v4\n\n - uses: anthropics/claude-code-action@v1\n with:\n task: Generate ${{ github.event.inputs.feature }}\n model: ${{ github.event.inputs.model }}\n output-format: json\n env:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}\n\n - name: Create PR with Generated Code\n uses: peter-evans/create-pull-request@v5\n with:\n commit-message: \"feat: ${{ github.event.inputs.feature }}\"\n title: \"Generate: ${{ github.event.inputs.feature }}\"\n body: \"Auto-generated code from Claude Code Expert\"","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"GitLab CI Integration","type":"text"}]},{"type":"paragraph","content":[{"text":"Configure Claude Code in GitLab CI pipelines using Docker containers and the CLI.","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Setup","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"# .gitlab-ci.yml\nstages:\n - review\n - test\n - generate\n\nvariables:\n CLAUDE_MODEL: claude-haiku-4-5-20251001\n CLAUDE_MAX_TURNS: \"5\"\n\nclaude_review:\n stage: review\n image: node:20-alpine\n before_script:\n - npm install -g @anthropic-ai/claude-code\n script:\n - |\n claude \\\n -p \"Review the MR changes and identify issues\" \\\n --allowedTools Read,Grep,Glob \\\n --output-format json > review_output.json\n artifacts:\n paths:\n - review_output.json\n expire_in: 1 day\n only:\n - merge_requests\n\nclaude_test_gap:\n stage: test\n image: node:20-alpine\n before_script:\n - npm install -g @anthropic-ai/claude-code\n script:\n - |\n claude \\\n -p \"Find test coverage gaps in changed files\" \\\n --allowedTools Read,Grep,Glob \\\n --max-turns 3\n allow_failure: true","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"With Caching","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"claude_cached_analysis:\n stage: review\n image: node:20-alpine\n cache:\n key: claude-analysis-${CI_COMMIT_SHA}\n paths:\n - .claude/cache/\n - .claude/memory/\n before_script:\n - npm install -g @anthropic-ai/claude-code\n script:\n - claude -p \"Cached analysis of repo structure\"","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Pre-Commit Hook Integration","type":"text"}]},{"type":"paragraph","content":[{"text":"Validate code locally before pushing using Claude Code as a pre-commit hook.","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Husky Setup","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"# Install dependencies\nnpm install husky lint-staged -D\n\n# Initialize husky\nnpx husky install\n\n# Create Claude hook\ncat > .husky/pre-commit \u003c\u003c 'EOF'\n#!/bin/sh\n. \"$(dirname \"$0\")/_/husky.sh\"\n\n# Run lint-staged (including Claude)\nnpx lint-staged\nEOF\n\nchmod +x .husky/pre-commit","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Lint-Staged Configuration","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"json"},"content":[{"text":"{\n \"lint-staged\": {\n \"*.{ts,tsx,js,jsx}\": [\n \"eslint --fix\",\n \"claude -p 'Quick style check' --allowedTools Read,Grep\"\n ],\n \"*.{md,mdx}\": [\n \"markdown-lint\",\n \"claude -p 'Check documentation clarity' --allowedTools Read\"\n ]\n }\n}","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Direct Pre-Commit Hook","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"#!/bin/bash\n# .git/hooks/pre-commit\n# Check staged files with Claude Code\n\nSTAGED_FILES=$(git diff --cached --name-only --diff-filter=ACM | grep -E '\\.(ts|tsx|js|jsx)

CI/CD Integration Patterns Integrate Claude Code into CI/CD pipelines for automated PR reviews, code generation, test validation, security scanning, and documentation updates. This skill covers GitHub Actions, GitLab CI, pre-commit hooks, and headless execution modes. GitHub Actions Integration Use the official action for turnkey GitHub integration. Supported Features - Trigger on pull requests, push, schedule, or workflow dispatch - Environment variable support: , - Pipe mode ( ) with JSON output - Tool access filtering via - Multiple model routing (Opus for reviews, Haiku for checks) - Cost…

)\n\nif [ -z \"$STAGED_FILES\" ]; then\n exit 0\nfi\n\necho \"Running Claude Code check on staged files...\"\n\nif ! claude -p \"Security check: $STAGED_FILES\" \\\n --allowedTools Read,Grep,Glob \\\n --max-turns 2; then\n echo \"Claude Code check failed. Use 'git commit --no-verify' to bypass.\"\n exit 1\nfi","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Automated PR Reviews with Structured Output","type":"text"}]},{"type":"paragraph","content":[{"text":"Use JSON formatting to post structured reviews to PRs.","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Review Configuration","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"#!/bin/bash\n# scripts/claude-pr-review.sh\n\nset -euo pipefail\n\nREPO=$1\nPR_NUMBER=$2\nGITHUB_TOKEN=$3\n\n# Clone PR branch\ngit clone \"https://github.com/$REPO.git\" /tmp/pr-check\ncd /tmp/pr-check\ngit fetch origin pull/$PR_NUMBER/head\ngit checkout FETCH_HEAD\n\n# Run Claude review\nREVIEW_JSON=$(claude -p \\\n \"Analyze this PR for: security issues, code quality, test coverage, performance\" \\\n --allowedTools Read,Grep,Glob \\\n --max-turns 3 \\\n --output-format json)\n\n# Parse results and post\nSECURITY=$(echo \"$REVIEW_JSON\" | jq -r '.security // \"None found\"')\nQUALITY=$(echo \"$REVIEW_JSON\" | jq -r '.quality // \"Pass\"')\nTESTS=$(echo \"$REVIEW_JSON\" | jq -r '.test_coverage // \"Adequate\"')\n\ncurl -X POST \\\n -H \"Accept: application/vnd.github+json\" \\\n -H \"Authorization: token $GITHUB_TOKEN\" \\\n \"https://api.github.com/repos/$REPO/issues/$PR_NUMBER/comments\" \\\n -d @- \u003c\u003c EOF\n{\n \"body\": \"## Claude Code Review\\n\\n**Security:** $SECURITY\\n\\n**Quality:** $QUALITY\\n\\n**Tests:** $TESTS\"\n}\nEOF\n\nrm -rf /tmp/pr-check","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Headless Mode Patterns","type":"text"}]},{"type":"paragraph","content":[{"text":"Execute Claude Code in fully automated environments without interaction.","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Read-Only Checks","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"# Security scan (no write access)\nclaude -p \"Security audit\" \\\n --allowedTools Read,Grep,Glob \\\n --output-format json \\\n --max-turns 2","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Constrained Sessions","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"# Limit turn count to prevent runaway costs\nclaude -p \"Generate test stubs\" \\\n --allowedTools Read,Glob,Bash \\\n --max-turns 5 \\\n --output-format json","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Model Selection for CI","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"# Haiku for fast checks (cheaper)\nCLAUDE_MODEL=claude-haiku-4-5-20251001 claude -p \"Style check\"\n\n# Opus for complex analysis (more capable)\nCLAUDE_MODEL=claude-opus-4-1-20250805 claude -p \"Architecture review\"","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Exit Code Handling","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"#!/bin/bash\n# scripts/claude-ci-validator.sh\n\nif claude -p \"Validate build output\" \\\n --allowedTools Read,Glob \\\n --output-format json; then\n echo \"Validation passed\"\n exit 0\nelse\n echo \"Validation failed\"\n exit 1\nfi","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"SDK-Based CI Integration","type":"text"}]},{"type":"paragraph","content":[{"text":"Use the ","type":"text"},{"text":"@anthropic-ai/claude-code","type":"text","marks":[{"type":"code_inline"}]},{"text":" npm package for programmatic control.","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Installation","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"npm install @anthropic-ai/claude-code","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Basic Usage","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"javascript"},"content":[{"text":"// scripts/ci-validator.mjs\nimport { claudeCode } from '@anthropic-ai/claude-code';\n\nconst result = await claudeCode.executeHeadless({\n task: 'Analyze test coverage and report gaps',\n allowedTools: ['Read', 'Grep', 'Glob'],\n outputFormat: 'json',\n maxTurns: 3,\n model: 'claude-haiku-4-5-20251001'\n});\n\nconsole.log(JSON.stringify(result, null, 2));\nprocess.exit(result.success ? 0 : 1);","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Streaming Output","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"javascript"},"content":[{"text":"// scripts/ci-streaming.mjs\nimport { claudeCode } from '@anthropic-ai/claude-code';\n\nconst stream = await claudeCode.streamHeadless({\n task: 'Generate missing test files',\n allowedTools: ['Read', 'Glob'],\n model: 'claude-opus-4-1-20250805'\n});\n\nfor await (const chunk of stream) {\n process.stdout.write(chunk.text || '');\n if (chunk.status === 'complete') {\n process.exit(chunk.exitCode);\n }\n}","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Cost Control in CI","type":"text"}]},{"type":"paragraph","content":[{"text":"Manage Claude API costs in automated environments.","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Budget Estimation","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"# Haiku: ~$0.80 per million input tokens, $2.40 per million output\n# Estimated cost per CI run with Haiku: $0.01-0.05\n\n# Opus: ~$15 per million input tokens, $45 per million output\n# Estimated cost per CI run with Opus: $0.10-0.30\n\n# Strategy: Use Haiku for checks, Opus for analysis on schedule","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Cost-Optimized Workflow","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"# .github/workflows/claude-optimized.yml\non:\n pull_request:\n types: [opened, synchronize]\n schedule:\n - cron: '0 2 * * *' # Deep analysis daily\n\njobs:\n fast-check:\n if: github.event_name == 'pull_request'\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v4\n - uses: anthropics/claude-code-action@v1\n with:\n task: Quick lint check\n model: claude-haiku-4-5-20251001\n allowed-tools: Grep,Glob\n env:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}\n\n deep-analysis:\n if: github.event_name == 'schedule'\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v4\n - uses: anthropics/claude-code-action@v1\n with:\n task: Full architecture review\n model: claude-opus-4-1-20250805\n allowed-tools: Read,Grep,Glob,Bash\n env:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Secrets Management","type":"text"}]},{"type":"paragraph","content":[{"text":"Safely handle API keys and credentials in CI/CD.","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"GitHub Secrets","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"env:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}\n\njobs:\n review:\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v4\n - uses: anthropics/claude-code-action@v1\n with:\n task: Review changes\n env:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"GitLab CI Secrets","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"claude_review:\n variables:\n ANTHROPIC_API_KEY: $ANTHROPIC_API_KEY # Set in GitLab UI\n script:\n - claude -p \"Run analysis\" --output-format json","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Never Log Sensitive Data","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"#!/bin/bash\n# Safe logging in CI\n\n# DON'T do this:\n# echo \"API Key: $ANTHROPIC_API_KEY\"\n\n# DO this:\necho \"Starting Claude review (API key configured)\"\n\n# Output result without exposing key\nclaude -p \"Review files\" 2>&1 | grep -v \"Authorization\" > output.log","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Example Workflows (Copy-Paste Ready)","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"1. PR Review Bot (GitHub Actions)","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"# .github/workflows/claude-review-pr.yml\nname: Claude PR Review Bot\n\non:\n pull_request:\n types: [opened, synchronize]\n paths-ignore:\n - '**.md'\n - 'docs/**'\n\njobs:\n review:\n runs-on: ubuntu-latest\n permissions:\n pull-requests: write\n contents: read\n if: github.event.action != 'closed'\n steps:\n - uses: actions/checkout@v4\n with:\n fetch-depth: 0\n\n - uses: anthropics/claude-code-action@v1\n id: review\n with:\n task: |\n Review this PR and provide assessment in JSON:\n {\n \"overall_score\": 1-10,\n \"security_issues\": [],\n \"code_quality\": \"pass|warning|fail\",\n \"test_coverage\": \"adequate|needs_improvement\",\n \"suggestions\": []\n }\n model: claude-opus-4-1-20250805\n allowed-tools: Read,Grep,Glob\n output-format: json\n max-turns: 3\n env:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}\n\n - name: Post Review Comment\n uses: actions/github-script@v7\n if: always()\n with:\n script: |\n const review = JSON.parse(`${{ steps.review.outputs.result }}`);\n const comment = `\n## Claude Code Review\n\n**Overall Score:** ${review.overall_score}/10\n**Code Quality:** ${review.code_quality}\n**Test Coverage:** ${review.test_coverage}\n\n${review.suggestions.length > 0 ? '**Suggestions:**\\n' + review.suggestions.map(s => `- ${s}`).join('\\n') : 'No suggestions'}\n `;\n github.rest.issues.createComment({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: comment\n });","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"2. Test Gap Detector (GitHub Actions)","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"# .github/workflows/claude-test-gaps.yml\nname: Detect Test Gaps\n\non:\n pull_request:\n paths:\n - 'src/**'\n\njobs:\n detect:\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v4\n\n - uses: anthropics/claude-code-action@v1\n with:\n task: |\n Identify test coverage gaps in changed files:\n 1. List files without tests\n 2. Find untested functions\n 3. Suggest test cases\n Output as JSON array.\n model: claude-haiku-4-5-20251001\n allowed-tools: Read,Grep,Glob\n output-format: json\n max-turns: 2\n env:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}\n\n - name: Fail if critical gaps\n run: |\n gaps=$(cat ${{ steps.claude.outputs.result }} | jq '.critical_gaps | length')\n if [ \"$gaps\" -gt 0 ]; then\n echo \"Critical test gaps found!\"\n exit 1\n fi","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"3. Security Scanner (GitHub Actions)","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"# .github/workflows/claude-security-scan.yml\nname: Security Scan\n\non:\n pull_request:\n schedule:\n - cron: '0 3 * * 1' # Monday 3 AM\n\njobs:\n scan:\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v4\n\n - uses: anthropics/claude-code-action@v1\n with:\n task: |\n Security audit:\n - Check for hardcoded secrets\n - Identify SQL injection risks\n - Review authentication logic\n - Check dependency vulnerabilities\n Format: { \"vulnerabilities\": [], \"risk_level\": \"low|medium|high\" }\n model: claude-opus-4-1-20250805\n allowed-tools: Read,Grep,Glob\n output-format: json\n env:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}\n\n - name: Block on high risk\n run: |\n risk=$(jq -r '.risk_level' ${{ steps.claude.outputs.result }})\n if [ \"$risk\" = \"high\" ]; then\n echo \"High security risk detected!\"\n exit 1\n fi","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"4. Documentation Updater (GitHub Actions)","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"# .github/workflows/claude-docs-update.yml\nname: Auto-Update Docs\n\non:\n push:\n branches: [main]\n paths:\n - 'src/**'\n\njobs:\n update:\n runs-on: ubuntu-latest\n permissions:\n contents: write\n pull-requests: write\n steps:\n - uses: actions/checkout@v4\n\n - uses: anthropics/claude-code-action@v1\n id: docs\n with:\n task: |\n Update API documentation based on code changes:\n 1. Regenerate parameter descriptions\n 2. Update return type docs\n 3. Add code examples where missing\n Output updated markdown files.\n model: claude-opus-4-1-20250805\n allowed-tools: Read,Glob,Write\n max-turns: 5\n env:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}\n\n - name: Create Documentation PR\n uses: peter-evans/create-pull-request@v5\n with:\n commit-message: 'docs: auto-update from code changes'\n title: 'docs: regenerated from source'\n body: 'Auto-generated documentation updates'\n branch: auto-docs-update","type":"text"}]},{"type":"hr","attrs":{"markup":"---"}},{"type":"heading","attrs":{"level":2},"content":[{"text":"/autofix-pr — CLI PR Auto-Fix (v2.1.92)","type":"text"}]},{"type":"paragraph","content":[{"text":"Enable Claude's PR auto-fix loop without leaving the terminal. Claude watches CI results and review comments, pushes fixes, and repeats until the PR is green.","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"text"},"content":[{"text":"> /autofix-pr","type":"text"}]},{"type":"paragraph","content":[{"text":"Claude infers the open PR for your current branch and enables auto-fix for it on Claude Code web in one step. Walk away; Claude handles the CI/review iteration loop.","type":"text"}]},{"type":"paragraph","content":[{"text":"When to use:","type":"text","marks":[{"type":"strong"}]}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"After pushing a branch with expected CI failures (lint, types, test)","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"When addressing PR review nits — Claude applies suggestions and pushes","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"During overnight runs — PR auto-fix is fully unattended","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"Prerequisites:","type":"text","marks":[{"type":"strong"}]}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Branch must have an open PR","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Must be authenticated to Claude Code web (same account)","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"Workflow:","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"git push origin my-feature\n/autofix-pr\n# Claude enables auto-fix on the web PR — CI loop runs unattended","type":"text"}]},{"type":"hr","attrs":{"markup":"---"}}]},"metadata":{"date":"2026-06-05","name":"cicd-integration","author":"@skillopedia","source":{"stars":12,"repo_name":"claude","origin_url":"https://github.com/lobbi-docs/claude/blob/HEAD/plugins/claude-code-expert/skills-old/cicd-integration/SKILL.md","repo_owner":"lobbi-docs","body_sha256":"a2585c169853c276e6ec159fab7ef9d143c0833552d9c60f390c705bb3c1dc59","cluster_key":"0a90734a85f0c8d41c794e783ec1c2c451f22942b8a79d228c6b7f85ac875de2","clean_bundle":{"format":"clean-skill-bundle-v1","source":"lobbi-docs/claude/plugins/claude-code-expert/skills-old/cicd-integration/SKILL.md","bundle_sha256":"fe02dc7b6dc073c0b59e6f2b42275758a06d270dc9e0d3e4a4768bac95faccea","attachment_count":0,"text_attachments":0,"binary_attachments":0},"cluster_size":1,"skill_md_path":"plugins/claude-code-expert/skills-old/cicd-integration/SKILL.md","import_metadata":{"date":"2026-06-05","author":"@skillopedia","version":"v1","category":"browser-automation-scraping","category_label":"Browser"},"exact_dupes_collapsed_into_this":0},"version":"v1","category":"browser-automation-scraping","triggers":["ci cd","github actions","gitlab ci","pre-commit","automated review","headless mode","pipeline","continuous integration"],"import_tag":"clean-skills-v1","description":"Patterns for integrating Claude Code into CI/CD pipelines — GitHub Actions, GitLab CI, pre-commit hooks, automated PR reviews, headless mode, and cost control","allowed-tools":["Read","Glob","Grep","Bash"]}},"renderedAt":1782980300186}

CI/CD Integration Patterns Integrate Claude Code into CI/CD pipelines for automated PR reviews, code generation, test validation, security scanning, and documentation updates. This skill covers GitHub Actions, GitLab CI, pre-commit hooks, and headless execution modes. GitHub Actions Integration Use the official action for turnkey GitHub integration. Supported Features - Trigger on pull requests, push, schedule, or workflow dispatch - Environment variable support: , - Pipe mode ( ) with JSON output - Tool access filtering via - Multiple model routing (Opus for reviews, Haiku for checks) - Cost…