From b8285b5e8830cc0a6cc8df8fbc5f457e1a487133 Mon Sep 17 00:00:00 2001
From: admin <admin@localhost.local>
Date: Mon, 9 Mar 2026 18:29:47 +0000
Subject: [PATCH] Use non-root runner with bypassPermissions

---
 .gitea/workflows/claude.yml | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/.gitea/workflows/claude.yml b/.gitea/workflows/claude.yml
index 3c61009..dc89eee 100644
--- a/.gitea/workflows/claude.yml
+++ b/.gitea/workflows/claude.yml
@@ -58,6 +58,11 @@ jobs:
             -d "{\"body\": \"Claude is working on this issue...\"}"
 
           # Build the prompt
+          PROMPT=$(cat <<'PROMPT_EOF'
+          You are working on a code repository. A Gitea issue needs your attention.
+          PROMPT_EOF
+          )
+
           PROMPT="You are working on the repository ${REPO}.
           A Gitea issue needs your attention:
 
@@ -74,12 +79,12 @@ jobs:
 
           You are on branch ${BRANCH}. Work in the current directory."
 
-          # Run Claude Code
+          # Run Claude Code in non-interactive mode
           claude -p "${PROMPT}" \
             --allowedTools "Bash,Read,Edit,Write,Glob,Grep" \
-            --mcp-config /etc/claude/mcp-gitea.json \
+            --mcp-config /home/claude-runner/.claude/mcp-gitea.json \
             --max-turns 50 \
-            --dangerously-skip-permissions \
+            --permission-mode bypassPermissions \
             --output-format text > /tmp/claude-output.txt 2>&1 || true
 
           echo "=== Claude Output ==="