Pipeline Configuration
Continuous Integration and Continuous Deployment (CI/CD) amplify development velocity. When you add Claude Code to your pipelines, you unlock intelligent automation that can fix failing tests, update documentation, and even implement features - all while maintaining code quality standards.
CI/CD with AI: A New Paradigm
Section titled “CI/CD with AI: A New Paradigm”Scenario: Your team pushes 50+ commits daily across multiple repositories. Manual code reviews are bottlenecks, documentation falls behind, and fixing simple CI failures eats developer time. What if your pipeline could intelligently handle these tasks?
Claude Code transforms CI/CD from a validation gate into an active development participant. It can analyze failures, propose fixes, and even implement features based on issue descriptions.
GitHub Actions: The Native Integration
Section titled “GitHub Actions: The Native Integration”GitHub Actions provides the most seamless Claude Code integration through official actions and the GitHub App.
Setting Up Claude Code GitHub App
Section titled “Setting Up Claude Code GitHub App”-
Install via Claude CLI
Terminal window claude> /install-github-appThis guides you through:
- Creating a GitHub App
- Setting repository permissions
- Configuring secrets
-
Manual Setup Alternative
- Create a GitHub App with these permissions:
- Repository: Read/Write (contents, issues, pull requests)
- Webhooks: Issue comments, PR comments
- Generate and save the private key
- Note the App ID
- Create a GitHub App with these permissions:
-
Configure Repository Secrets
ANTHROPIC_API_KEY: Your Anthropic API keyAPP_ID: GitHub App IDAPP_PRIVATE_KEY: Private key content
Essential GitHub Actions Workflows
Section titled “Essential GitHub Actions Workflows”Automated Code Review
name: Claude Code Reviewon: pull_request: types: [opened, synchronize]
jobs: review: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 with: fetch-depth: 0 # Full history for better context
- uses: anthropics/claude-code-action@v1 with: api-key: ${{ secrets.ANTHROPIC_API_KEY }} prompt: | Review this PR focusing on: 1. Security vulnerabilities 2. Performance issues 3. Missing edge cases 4. Code quality problems
Be specific and actionable. Skip style issues. Reference line numbers when possible.Interactive PR Assistant
name: Claude PR Assistanton: issue_comment: types: [created] pull_request_review_comment: types: [created]
jobs: assist: if: contains(github.event.comment.body, '@claude') runs-on: ubuntu-latest steps: - uses: actions/checkout@v4
- name: Generate GitHub App Token id: app-token uses: actions/create-github-app-token@v2 with: app-id: ${{ secrets.APP_ID }} private-key: ${{ secrets.APP_PRIVATE_KEY }}
- uses: anthropics/claude-code-action@v1 with: github-token: ${{ steps.app-token.outputs.token }} trigger-phrase: "@claude" timeout-minutes: 30Now team members can comment “@claude fix the failing tests” and Claude will push fixes.
Advanced GitHub Actions Patterns
Section titled “Advanced GitHub Actions Patterns”name: Auto-Fix CI Failureson: workflow_run: workflows: ["Tests"] types: [completed]
jobs: auto-fix: if: ${{ github.event.workflow_run.conclusion == 'failure' }} runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 with: ref: ${{ github.event.workflow_run.head_branch }}
- name: Download failure logs uses: actions/download-artifact@v3 with: name: test-results run-id: ${{ github.event.workflow_run.id }}
- name: Claude fix attempt run: | claude -p "Analyze these test failures and fix them: $(cat test-results.log)
Only fix actual bugs, not test expectations. Ensure fixes don't break other tests." \ --allowedTools Edit,Bash \ --dangerously-skip-permissions
- name: Verify fixes run: npm test
- name: Create PR if fixed if: success() uses: peter-evans/create-pull-request@v5 with: title: "fix: resolve failing tests" body: "Automated fix for test failures in ${{ github.event.workflow_run.head_branch }}" branch: fix/auto-test-repairname: Sync Documentationon: push: branches: [main] paths: - 'src/**/*.ts' - 'src/**/*.tsx'
jobs: update-docs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4
- name: Generate documentation updates run: | claude -p "Update documentation based on these code changes: $(git diff HEAD~1 HEAD -- 'src/**/*.ts' 'src/**/*.tsx')
Update: - API documentation if endpoints changed - README if major features added - Migration guide if breaking changes
Keep existing doc structure." \ --allowedTools Edit,Write
- name: Create PR uses: peter-evans/create-pull-request@v5 with: title: "docs: sync with code changes" commit-message: "docs: automated documentation update" branch: docs/auto-updateGitLab CI Integration
Section titled “GitLab CI Integration”GitLab CI offers powerful pipeline features that work well with Claude Code’s capabilities.
Basic GitLab Configuration
Section titled “Basic GitLab Configuration”variables: ANTHROPIC_API_KEY: $ANTHROPIC_API_KEY
stages: - review - fix - deploy
claude-review: stage: review image: node:20 only: - merge_requests script: - npm install -g @anthropic-ai/claude-code - | claude -p "Review the changes in this MR: $(git diff origin/$CI_MERGE_REQUEST_TARGET_BRANCH_NAME...HEAD)
Focus on critical issues only. Output findings as GitLab-formatted comments." \ --output-format json > review.json - | # Post comments to MR jq -r '.comments[]' review.json | while read -r comment; do curl -X POST \ -H "PRIVATE-TOKEN: $CI_JOB_TOKEN" \ "$CI_API_V4_URL/projects/$CI_PROJECT_ID/merge_requests/$CI_MERGE_REQUEST_IID/notes" \ -d "body=$comment" done
auto-fix-lint: stage: fix image: node:20 rules: - if: '$CI_PIPELINE_SOURCE == "schedule"' script: - npm install -g @anthropic-ai/claude-code - npm ci - | if npm run lint 2>&1 | tee lint-output.txt | grep -q "error"; then claude -p "Fix these linting errors: $(cat lint-output.txt)
Make minimal changes to fix issues." \ --allowedTools Edit \ --dangerously-skip-permissions
git add -A git commit -m "fix: resolve linting issues [skip ci]" git push origin HEAD:fix/auto-lint-$CI_PIPELINE_ID
# Create MR via API curl -X POST \ -H "PRIVATE-TOKEN: $GITLAB_TOKEN" \ "$CI_API_V4_URL/projects/$CI_PROJECT_ID/merge_requests" \ -d "source_branch=fix/auto-lint-$CI_PIPELINE_ID" \ -d "target_branch=$CI_DEFAULT_BRANCH" \ -d "title=fix: automated lint fixes" fiGitLab Advanced Patterns
Section titled “GitLab Advanced Patterns”Dynamic Environment Provisioning
provision-review-app: stage: deploy environment: name: review/$CI_COMMIT_REF_NAME url: https://$CI_ENVIRONMENT_SLUG.example.com script: - | claude -p "Generate Kubernetes manifests for review environment: - App: $CI_PROJECT_NAME - Branch: $CI_COMMIT_REF_NAME - Image: $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
Include: - Deployment with 1 replica - Service - Ingress with branch-based subdomain - Resource limits suitable for testing" \ --output-format yaml > k8s-review.yaml
- kubectl apply -f k8s-review.yamlJenkins Integration
Section titled “Jenkins Integration”Jenkins pipelines can leverage Claude Code through shell steps or custom plugins.
Jenkinsfile with Claude Code
Section titled “Jenkinsfile with Claude Code”pipeline { agent any
environment { ANTHROPIC_API_KEY = credentials('anthropic-api-key') }
stages { stage('Code Analysis') { steps { script { def analysis = sh( script: ''' claude -p "Analyze this codebase for: - Security vulnerabilities - Performance bottlenecks - Architectural issues
Output as JSON with severity levels" \ --output-format json ''', returnStdout: true )
def issues = readJSON text: analysis if (issues.critical.size() > 0) { error "Critical issues found: ${issues.critical}" } } } }
stage('Generate Tests') { when { changeRequest() } steps { sh ''' # Find modified files CHANGED_FILES=$(git diff --name-only origin/main...HEAD | grep -E '\\.(js|ts)x?$' | grep -v test)
for file in $CHANGED_FILES; do claude -p "Generate comprehensive tests for $file Include edge cases and error scenarios Use our existing test patterns" \ --allowedTools Write done ''' } }
stage('Deploy Documentation') { when { branch 'main' } steps { sh ''' claude -p "Generate API documentation from our codebase Output OpenAPI 3.0 specification Include examples for each endpoint" > openapi.yaml
# Deploy to documentation site npm run deploy-docs ''' } } }
post { failure { script { // Auto-create fix PR for certain failures if (currentBuild.rawBuild.getLog(100).contains('TypeError')) { sh ''' claude -p "Fix the TypeError in this build: ${BUILD_URL}console
Create a minimal fix" \ --allowedTools Edit,Bash
git checkout -b fix/build-${BUILD_NUMBER} git add -A git commit -m "fix: resolve TypeError in build ${BUILD_NUMBER}" git push origin fix/build-${BUILD_NUMBER} ''' } } } }}Platform-Agnostic CI Patterns
Section titled “Platform-Agnostic CI Patterns”Universal CI Script
Section titled “Universal CI Script”Create a reusable script that works across CI platforms:
#!/bin/bash# ci-claude.sh - Universal Claude CI helper
set -e
# Detect CI environmentif [ -n "$GITHUB_ACTIONS" ]; then CI_PLATFORM="github" BRANCH=$GITHUB_REF_NAME COMMIT=$GITHUB_SHAelif [ -n "$GITLAB_CI" ]; then CI_PLATFORM="gitlab" BRANCH=$CI_COMMIT_REF_NAME COMMIT=$CI_COMMIT_SHAelif [ -n "$JENKINS_HOME" ]; then CI_PLATFORM="jenkins" BRANCH=$GIT_BRANCH COMMIT=$GIT_COMMITelse CI_PLATFORM="local" BRANCH=$(git branch --show-current) COMMIT=$(git rev-parse HEAD)fi
# Common Claude operationscase "$1" in "review") claude -p "Review code changes in $BRANCH Platform: $CI_PLATFORM Focus on substantial issues" \ --output-format json ;;
"fix-tests") claude -p "Fix failing tests based on CI output Ensure fixes are minimal and correct" \ --allowedTools Edit,Bash ;;
"update-deps") claude -p "Update dependencies and fix any breaking changes Create detailed update notes" \ --allowedTools Edit,Write,Bash ;;
*) echo "Usage: $0 {review|fix-tests|update-deps}" exit 1 ;;esacMulti-Platform Configuration
Section titled “Multi-Platform Configuration”version: 2.1
orbs: claude: anthropic/claude-code@1.0.0
jobs: smart-review: docker: - image: cimg/node:20.0 steps: - checkout - claude/install - run: name: Claude Review command: | claude -p "Review this commit: $CIRCLE_SHA1 Check for security issues and bugs Skip style comments" > review.md - store_artifacts: path: review.md
workflows: review-and-fix: jobs: - smart-review: context: anthropic-apitrigger: - main - develop
pool: vmImage: 'ubuntu-latest'
variables: - group: claude-credentials
stages: - stage: Analysis jobs: - job: CodeReview steps: - task: NodeTool@0 inputs: versionSpec: '20.x'
- script: | npm install -g @anthropic-ai/claude-code displayName: 'Install Claude Code'
- script: | claude -p "Analyze $(Build.SourceBranch) for: - Azure-specific patterns - Security concerns - Performance issues" \ --output-format json > analysis.json displayName: 'Run Analysis' env: ANTHROPIC_API_KEY: $(ANTHROPIC_API_KEY)
- task: PublishBuildArtifacts@1 inputs: pathToPublish: 'analysis.json' artifactName: 'code-analysis'Security and Best Practices
Section titled “Security and Best Practices”Secure Credential Management
Section titled “Secure Credential Management”Resource Optimization
Section titled “Resource Optimization”# Optimize Claude usage in CIclaude-efficient: script: | # Cache Claude responses for identical inputs CACHE_KEY=$(echo "$GIT_DIFF" | sha256sum | cut -d' ' -f1) CACHE_FILE="/tmp/claude-cache-$CACHE_KEY"
if [ -f "$CACHE_FILE" ]; then cat "$CACHE_FILE" else claude -p "Review these changes: $GIT_DIFF" | tee "$CACHE_FILE" fi
# Set reasonable timeouts timeout 300 claude -p "Complex analysis task" || echo "Analysis timed out"
# Limit parallel Claude instances sem -j 2 claude -p "Task 1" & sem -j 2 claude -p "Task 2" & waitMonitoring and Metrics
Section titled “Monitoring and Metrics”Track Claude’s impact on your CI/CD:
# Track metrics in your CIclaude -p "Analyze CI performance:- Success rate before/after Claude integration- Time saved on common tasks- Issues caught by Claude review- Developer satisfaction scores
Output as markdown report" > ci-metrics.md
# Send to monitoring systemcurl -X POST https://metrics.example.com/api/v1/claude \ -H "Content-Type: application/json" \ -d @<(jq -R -s '{ timestamp: now, pipeline: env.CI_PIPELINE_ID, claude_operations: 5, time_saved_minutes: 45, issues_caught: 3 }' < /dev/null)Real-World CI/CD Scenarios
Section titled “Real-World CI/CD Scenarios”Scenario: Intelligent Release Automation
Section titled “Scenario: Intelligent Release Automation”-
Create release workflow
name: Intelligent Releaseon:workflow_dispatch:inputs:version:description: 'Release version'required: truejobs:prepare-release:runs-on: ubuntu-lateststeps:- uses: actions/checkout@v4- name: Generate releaserun: |claude -p "Prepare release ${{ inputs.version }}:1. Update version in package.json2. Generate CHANGELOG from commits since last tag3. Update README with new version4. Create migration guide if breaking changes5. Generate release notesBe thorough but concise" \--allowedTools Edit,Write- name: Create PRuses: peter-evans/create-pull-request@v5with:title: "release: v${{ inputs.version }}"body: "Automated release preparation" -
Add post-release automation
- name: Post-release tasksif: github.event.pull_request.merged == truerun: |claude -p "Post-release tasks:1. Update documentation site2. Notify teams about breaking changes3. Create issue templates for migration help4. Generate social media announcements"
Scenario: Progressive Deployment Validation
Section titled “Scenario: Progressive Deployment Validation”validate-canary: runs-on: ubuntu-latest steps: - name: Deploy canary run: | kubectl set image deployment/app app=myapp:${{ github.sha }} -n canary
- name: Wait for stability run: sleep 300
- name: Analyze canary metrics run: | claude -p "Analyze canary deployment health: Metrics: $(curl -s http://prometheus/api/v1/query?query=up) Logs: $(kubectl logs -n canary -l app=myapp --tail=1000)
Determine if safe to promote to production. Consider: error rates, latency, resource usage" \ --output-format json > canary-analysis.json
- name: Auto-promote or rollback run: | if jq -e '.recommendation == "promote"' canary-analysis.json; then kubectl set image deployment/app app=myapp:${{ github.sha }} -n production else kubectl rollout undo deployment/app -n canary exit 1 fiNext Steps
Section titled “Next Steps”CI/CD integration with Claude Code is a journey from simple automation to intelligent pipelines. Start with basic code reviews, then gradually add more sophisticated workflows as your team gains confidence.
The key is identifying repetitive CI/CD tasks that consume developer time and systematically automating them with Claude’s intelligence. Each automation frees your team to focus on creative problem-solving rather than mechanical fixes.
Ready to scale your codebase with intelligent architecture decisions? Continue to Architecture to learn how Claude Code can help design and evolve system architectures.