Claude Code CI/CD 集成:GitHub Actions 自动代码审查与测试生成
🩺 摘要
PR 提了,等着人工 review。reviewer 说"代码风格不对",改完 push,等着第二轮。一个简单的 PR ...
📝 详情
PR 提了,等着人工 review。reviewer 说"代码风格不对",改完 push,等着第二轮。一个简单的 PR 能在 review 循环里卡三天。Claude Code 写代码很快,但团队的 CI/CD 流程还是手工时代——这不是效率落差,这是流程断层。本文教你用 Claude Code + GitHub Actions 搭一条自动审查、自动测试、自动描述的 CI 流水线,让代码从编辑到合并全程自动化。
一、最快的 CI:把 Claude Code 嵌入 GitHub Actions
Claude Code 没有官方 GitHub Action,但 Anthropic 提供了 CLI 工具,用 npx @anthropic-ai/claude-code 一行命令就能跑。把它塞进 GitHub Actions 就是最轻量的 CI 集成。
### 1.1 最简单的开始:PR 自动摘要
每次 PR 提交,让 Claude Code 自动生成变更摘要,贴在 PR 评论里:
```yaml # .github/workflows/claude-pr-summary.yml name: Claude PR Summary on: pull_request: types: [opened, synchronize]
jobs:
summarize:
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Generate PR Summary
env:
ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
run: |
git diff origin/${{ github.base_ref }}...HEAD | \
npx @anthropic-ai/claude-code -p \
"Summarize this PR in 3 bullet points for a team lead:
- What changed
- Why it changed
- Risk level (low/medium/high)"
- uses: actions/github-script@v7
with:
script: |
const fs = require('fs');
const summary = fs.readFileSync('summary.md', 'utf8');
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: ## 🤖 Claude Code PR Summary\n\n${summary}
});
```
效果:每次 PR 提交,自动生成一段结构化的变更说明。reviewer 打开 PR 就看到摘要,不用从头读 diff。
### 1.2 自动 Code Review 流水线
真正省时间的是:让 Claude Code 先做一次完整的自动审查,把规范性问题全部干掉,人只看业务逻辑:
```yaml # .github/workflows/claude-code-review.yml name: Claude Code Review on: pull_request: types: [opened, synchronize]
jobs: review: runs-on: ubuntu-latest permissions: pull-requests: write contents: read steps: - uses: actions/checkout@v4 with: fetch-depth: 0
- name: Claude Auto Review
id: claude_review
env:
ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
run: |
git diff origin/${{ github.base_ref }}...HEAD | \
npx @anthropic-ai/claude-code review - \
--context CLAUDE.md \
--format markdown \
--output review.md 2>&1
echo "reviewed=true" >> $GITHUB_OUTPUT
- name: Post Review Comment
uses: actions/github-script@v7
with:
script: |
const fs = require('fs');
const review = fs.readFileSync('review.md', 'utf8');
if (review.includes('⚠️') || review.includes('CRITICAL')) {
// 有问题就要求修改
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: `## 🔍 Claude Code Review\n\n${review}\n\n---\n*请先处理以上问题后再请求人工 review*`
});
} else {
// 没问题就标记为已通过
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: `## ✅ Claude Code Review Passed\n\n${review}`
});
}
```
### 1.3 在 CLAUDE.md 里写好 Review 规则
CI 审查的质量取决于 CLAUDE.md 里写了什么规则。以下是一份通用的 Review checklist,写入项目根目录的 CLAUDE.md:
```markdown ## Auto Review Rules
### Blockers(阻止合并) - 硬编码的 API key、密码、Token - SQL 注入风险(未使用参数化查询) - 文件权限过于宽松(chmod 777) - 未处理的异常(裸 except 或没有 except)
### Warnings(需要修改) - 缺少类型注解 - 魔法数字未命名 - 函数超过 50 行 - import 顺序混乱 - 缺少日志或错误处理
### Suggestions(仅供参考) - 可以添加缓存 - 可以考虑使用枚举代替字符串常量 - 测试覆盖率可以提升 ```
关键:规则越具体,Claude 的审查越准。"代码风格不好"太模糊,不如规定"函数不超过50行"。
## 二、自动生成测试
### 2.1 PR 自动生成单元测试
Claude Code 写测试的能力被严重低估。在 CI 里自动生成 PR 对应功能的测试:
```yaml - name: Generate Tests env: ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} run: | # 列出被修改的文件 CHANGED_FILES=$(git diff --name-only origin/main...HEAD)
for file in $CHANGED_FILES; do
if [[ $file == *.py ]] || [[ $file == *.ts ]] || [[ $file == *.js ]]; then
echo "Generating tests for $file..."
cat $file | npx @anthropic-ai/claude-code -p \
"Write pytest unit tests for this module. Output only the test code.
Test file should be named test_$(basename $file)"
fi
done
```
⚠️ 注意:生成的测试要人工审核后再合并。Claude 可能写出功能上正确的测试,但遗漏边界情况。
### 2.2 覆盖率门槛自动检查
```yaml - name: Coverage Check env: ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} run: | # 先跑 pytest 收集覆盖率 pytest --cov=./ --cov-report=term --cov-report=xml
# 让 Claude 分析覆盖率报告,给出改进建议
cat coverage.xml | npx @anthropic-ai/claude-code -p \
"Review this coverage report. Which modules need more tests?
List top 3 files with lowest coverage and suggest what to test."
```
## 三、PR 描述自动补全
开发者最烦的事之一:写 PR 描述。让 Claude Code 自动完成:
```yaml - name: Auto PR Description if: github.event.action == 'opened' env: ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} run: | COMMIT_MSGS=$(git log --oneline origin/main...HEAD) FILES=$(git diff --name-only origin/main...HEAD)
echo "$COMMIT_MSGS" | npx @anthropic-ai/claude-code -p \
"Write a PR description based on these commit messages and changed files.
Format:
## What
(what this PR does)
## Why
(why it's needed)
## Testing
(how to test)
" > PR_DESCRIPTION.md
gh pr edit ${{ github.event.number }} --body "$(cat PR_DESCRIPTION.md)"
```
效果:开发者只要写好 commit message,PR 描述自动补全,reviewer 看到的就是完整规范的描述。
## 四、完整工作流:一整套 CI 流水线
把以上所有步骤组合成一个完整的 Workflow 文件:
```yaml name: Claude CI Pipeline on: pull_request: types: [opened, synchronize]
jobs: # Job 1: Claude 自动审查 review: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 with: { fetch-depth: 0 } - name: Code Review env: ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} run: | git diff origin/main...HEAD | \ npx @anthropic-ai/claude-code review - \ --context CLAUDE.md --output review.md - uses: actions/upload-artifact@v4 with: { name: review, path: review.md }
# Job 2: 自动生成测试
generate-tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with: { fetch-depth: 0 }
- name: Generate Tests
env:
ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
run: |
# ... 测试生成逻辑(见上方)
- uses: actions/upload-artifact@v4
with: { name: tests, path: tests/ }
# Job 3: 运行已有测试
run-tests:
needs: generate-tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup
run: npm ci || pip install -r requirements.txt
- name: Run Tests
run: npm test || pytest
- uses: actions/download-artifact@v4
with: { name: tests }
- name: Include new tests
run: |
cp -r tests/* ./ 2>/dev/null || true
npm test || pytest # rerun with new tests
# Job 4: PR 摘要
summarize:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with: { fetch-depth: 0 }
- name: Generate Summary
env:
ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
run: |
# ... 生成摘要逻辑(见上方)
```
## 五、注意事项与优化
### 5.1 API Key 安全
- 不要把 ANTHROPIC_API_KEY 硬编码在 YAML 里
- 在 GitHub 仓库 Settings → Secrets and variables → Actions 里添加
- 使用 ${{ secrets.ANTHROPIC_API_KEY }} 引用
### 5.2 费用控制 | 操作 | 每次调用 | 每月 100 次 PR 的费用 | |:----|:--------|:-------------------| | PR 摘要 | ~500 token | ~$0.01 | | Code Review | ~2000 token | ~$0.04 | | 测试生成 | ~3000 token | ~$0.06 | | 合计/PR | ~5500 token | ~$0.11/PR |
用 Claude Haiku 的话费用更低。100 个 PR 大约 11 美元,比一个中级工程师的半小时工资还便宜。
### 5.3 避坑点
- 不要让 Claude 自动合并 — AI review 只能检查规范性问题,业务逻辑需要人确认
- CLAUDE.md 规则要持续维护 — 项目规范变了,review 规则也要更新
- 首次运行可能较慢 — npx 需要下载 Claude Code CLI,建议预热(在 workflow 里先跑一次 npx @anthropic-ai/claude-code --version)
- GitHub Actions 的 6 小时超时 — 对于大 PR,diff 可能很长,建议给 review 步骤加 timeout-minutes: 10
### 5.4 Cache 优化
把 Claude Code CLI 缓存起来,每次 workflow 不用重新下载:
```yaml - uses: actions/cache@v4 with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} restore-keys: | ${{ runner.os }}-node-
- name: Pre-warm Claude run: npx @anthropic-ai/claude-code --version ```
系列其他文章: - 实战:10分钟用AI搭建网页应用 - 进阶技巧:CLAUDE.md与MCP配置 - 避坑指南:新手10个错误 - 2026 AI编程工具选购指南 - Claude Code 团队协作实战 - Claude Code 香港能用吗?
💬 评论 (0)