AI-101

Lesson 27

CI/CD Integration

AI Confidence: 90%

AI-generated

CI/CD Integration

Learning Objectives

Run Claude Code in CI/CD pipelines

Configure GitHub Actions to use Claude Code

Set up authentication for headless environments

Use Claude Code for automated code review

Build pipelines that generate or modify code

Introduction

Claude Code works beyond the terminal. You can run it in continuous integration pipelines to automate code review, generate documentation, fix lint errors, or implement changes based on issues.

Headless mode lets Claude run without interactive input. Combined with CI/CD platforms, this creates powerful automation. A pull request can trigger Claude to review changes. A merged commit can trigger documentation updates. A new issue can trigger an implementation attempt.

This lesson teaches you how to integrate Claude Code with CI/CD systems.

Headless Mode

Headless mode runs Claude without an interactive terminal. You provide the prompt upfront and Claude executes to completion.

Basic headless command:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

The -p flag provides the prompt. The --yes flag auto-accepts all actions.

Print mode (no actions):

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

Claude analyzes and outputs results without making changes.

JSON output:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

Returns structured JSON output for further processing.

Authentication for CI

In CI environments, Claude Code needs API credentials. Use the Anthropic API key directly:

Environment variable:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

In GitHub Actions secrets:

Go to your repository Settings > Secrets

Add ANTHROPIC_API_KEY with your key

Reference in workflows as ${{ secrets.ANTHROPIC_API_KEY }}

No OAuth in CI:

Interactive OAuth does not work in CI. You must use an API key.

GitHub Actions Integration

GitHub Actions is the most common CI integration. Here is a basic workflow:

Review on pull request:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

This runs Claude on every PR to review the changes.

Common CI Use Cases

Automated code review:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

Claude reviews and posts a comment.

Fix lint errors:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

Claude fixes lint errors automatically.

Generate documentation:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

Claude updates documentation on main branch changes.

Implement from issues:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

Label an issue and Claude creates a PR.

Permission Modes in CI

In CI, you typically want full automation:

Auto-approve everything:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

The --yes flag accepts all actions. Use only when you trust the pipeline.

Plan mode only:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

Claude plans but cannot make changes. Safe for analysis tasks.

Custom permissions:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

Claude follows your permission rules from settings files.

Output Handling

Claude's output can feed into other steps:

Capture output:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

JSON processing:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

Post as PR comment:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop
Error Handling

Claude can fail. Handle errors gracefully:

Allow failures:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

Check exit code:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

Timeout:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop
Cost Considerations

CI runs can consume significant API tokens:

Limit scope:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

Focus Claude on specific files, not the entire codebase.

Use cheaper models:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

Haiku is faster and cheaper for simple tasks.

Cache when possible:

Do not re-run Claude on unchanged code. Use workflow conditions:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

Budget alerts:

Monitor your Anthropic API usage. Set spending limits in the Anthropic console.

Security Considerations

API key protection:

Never log or echo your API key. Use GitHub secrets.

Input sanitization:

If Claude's prompt includes user input (issue body, PR description), be careful:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

Review generated code:

Even in CI, someone should review Claude's changes before merge:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop
Key Takeaways

Claude Code runs in CI with -p for prompt and --yes for auto-approval

Set ANTHROPIC_API_KEY in CI environment secrets

Common uses: code review, lint fixes, documentation, implementation

Use --print for read-only analysis, --yes for modifications

Handle errors gracefully with timeouts and continue-on-error

Control costs with focused prompts and cheaper models

Protect API keys and sanitize user input

Create PRs for review rather than direct commits

Try It Yourself

Set up a simple GitHub Actions workflow:

Create .github/workflows/claude-review.yml:

[@portabletext/react] Unknown block type "codeBlock", specify a component for it in the `components.types` prop

Add your ANTHROPIC_API_KEY to repository secrets.

Create a test pull request.

Watch the Actions tab for Claude's analysis.

Iterate on the workflow as needed.

This exercise introduces Claude in CI.

Sources

https://code.claude.com/docs/en/ci-cd - CI/CD integration guide

https://code.claude.com/docs/en/github-actions - GitHub Actions specific documentation

https://code.claude.com/docs/en/headless - Headless mode reference