Commit Graph
132 Commits
Author SHA1 Message Date
Tam Nhu Tran b314cf353e fix(ci): keep release workflows on full test coverage 2026-04-22 15:12:07 -04:00
Tam Nhu Tran 051f78aee7 chore(ci): split dev quality checks from release automation 2026-04-22 15:05:44 -04:00
Tam Nhu Tran 08edf1eef4 fix(ci): isolate bun cache per job 2026-04-21 12:34:43 -04:00
Tam Nhu Tran 06fffd3025 fix(ci): use PAT token for dev release pushes
- align dev-release workflow with protected-branch bypass used by release.yml

- add a workflow regression test so checkout and release auth do not drift back to github.token
2026-04-20 14:56:25 -04:00
Tam Nhu Tran 1b3ca82a84 fix(ci): stop caching node_modules in GitHub Actions
- cache only Bun's package cache so CI stops restoring partial hard-linked node_modules trees

- bump the cache key to avoid reusing corrupt node_modules archives on self-hosted runners
2026-04-20 13:23:42 -04:00
Tam Nhu Tran 69da284104 test(proxy): gate proxy e2e coverage in checks 2026-04-20 12:44:53 -04:00
Wooseong Kim 02747edb72 fix(ci): validate cached ui dependencies 2026-04-20 14:15:00 +09:00
Tam Nhu Tran ad54e179b6 ci: add concurrency group and split build/test with artifact sharing
- Add concurrency group keyed on github.ref with cancel-in-progress to stop superseded runs on rapid pushes
- Split validate matrix into: validate (typecheck/lint/format), build, test
- Build uploads dist/ artifact; test downloads instead of rebuilding (removes inline build:all duplication)
- Net: faster feedback, less runner time, DRY build step
2026-04-19 15:40:21 -04:00
Tam Nhu Tran b014b5cb51 chore(ci): parallelize CI matrix + cache, tighten AI-facing quality gate
- ci.yml: 5-job matrix (typecheck/lint/format/build/test), fail-fast off,
  actions/cache on ~/.bun/install/cache + node_modules + ui/node_modules.
  Target wall time ~60-90s vs prior ~3-4min.
- .husky/pre-push: add bun run build:all to feature-branch fast gate so
  UI tsc -b errors are caught pre-push (~18s warm).
- CLAUDE.md (symlinked as AGENTS.md): fix validate drift (maintainability
  is NOT part of validate), add CI-First Protocol mandating gh pr checks
  --watch after every push, replace pre-commit checklist with two-tier
  model (iterative push vs pre-merge).

Branch protection on main/dev must be updated post-merge to require the
new matrix status checks instead of the single legacy "validate" check.
2026-04-19 14:47:18 -04:00
Tam Nhu Tran 4bd16b89ce fix(ci): restore PR-Agent reviewer bot identity 2026-04-14 17:22:50 -04:00
Tam Nhu Tran 9a91901a9b fix(ci): allow PR-Agent dispatch bot reruns 2026-04-14 14:19:28 -04:00
Tam Nhu Tran 0d2ce7d1b3 fix(ci): restore trusted PR review dispatch 2026-04-14 13:47:55 -04:00
Tam Nhu Tran d6ec5eeebd fix(ci): preserve AI review variable contract 2026-04-14 13:28:29 -04:00
Tam Nhu Tran e1271e2dbf fix(ci): restrict self-hosted PR-Agent comment triggers 2026-04-14 12:43:25 -04:00
Tam Nhu Tran 25216eaf33 feat(ci): migrate AI review to self-hosted PR-Agent 2026-04-14 12:39:52 -04:00
Tam Nhu Tran 026ff6cedd refactor(ci): make ai-review model/endpoint configurable via repository variables
- replace hardcoded GLM endpoint with vars.AI_REVIEW_BASE_URL
- replace hardcoded model with vars.AI_REVIEW_MODEL
- use secrets.AI_REVIEW_API_KEY for auth token
- add configuration reference in header comment
2026-04-13 11:27:15 -04:00
Tam Nhu Tran f954f0f8ab hotfix: update ai-review workflow model budget
- switch the reviewer workflow from glm-5-turbo to glm-5.1

- increase workflow timeout to 20 minutes and max turns to 45

- lock the workflow test to the full reviewer model configuration

Closes #922
2026-04-07 16:43:30 -04:00
Tam Nhu Tran 58a0fc43e6 hotfix(ci): restore default ai review output 2026-04-02 14:36:12 -04:00
Tam Nhu Tran 25dddf4707 hotfix(ci): compact ai review comments and switch to glm-5-turbo 2026-04-02 01:07:03 -04:00
Tam Nhu Tran f47e7ae5a7 hotfix(ci): clean up ai review reruns and logging 2026-04-02 00:31:51 -04:00
Tam Nhu Tran 5b9427f8a0 hotfix(ci): restore reliable structured ai review comments 2026-04-02 00:24:29 -04:00
Tam Nhu Tran 4e05488c19 hotfix(ci): keep ai review feedback fast and deterministic 2026-04-01 22:20:55 -04:00
Tam Nhu Tran 3935574494 fix(ci): degrade timed-out ai reviews gracefully 2026-04-01 20:38:14 -04:00
Tam Nhu Tran 44e2a49650 fix(ci): resolve self-hosted Claude path dynamically 2026-04-01 20:24:52 -04:00
Tam Nhu Tran 09276518a7 fix(ci): repair ai review fallback scope script 2026-04-01 20:18:28 -04:00
Tam Nhu Tran 0883b9a8fe fix(ci): use self-hosted Claude binary for ai review 2026-04-01 20:13:03 -04:00
Tam Nhu Tran 7396179c72 feat(ci): bound ai review runtime for large PRs
- add trusted scope generation for bounded ai-review runs
- restrict large PR reviews to a prepared read-only workspace
- render explicit mode, scope, and budget metadata in review comments

Closes #880
2026-04-01 19:54:11 -04:00
Tam Nhu Tran fa37f391c1 fix: harden ai review comment formatting 2026-03-30 16:08:21 -04:00
Tam Nhu Tran 4950be7fc0 fix(ci): harden ai review output
- replace raw assistant-text fallback with structured output normalization

- simplify the review prompt toward a tighter findings-only contract

- add tests for malformed output, safe fallback, and markdown escaping
2026-03-30 14:22:59 -04:00
Tam Nhu Tran bcbf8a236d fix(ai-review): increase max-turns to 40 and add hotfix commitlint type
- Bump --max-turns 30→40 for comprehensive single-reviewer prompt
- Add 'hotfix' to commitlint allowed types (already in .releaserc.cjs)
2026-03-29 13:01:55 -04:00
Tam Nhu Tran fb8b26c694 fix(ai-review): revert to single-job review with enhanced prompt
Multi-job parallel pipeline proved too fragile for CI:
- Agent tool unavailable in claude-code-action
- 6-job workflow: artifact passing failures, turn budget exhaustion
- GLM API errors cascade across jobs

Reverts to proven single-job architecture. Keeps enhanced prompt
combining security, quality, and CCS compliance scopes.
2026-03-29 13:00:09 -04:00
Tam Nhu Tran 106067fefb fix(ai-review): bump orchestrator max-turns 20→25 for large PR merges 2026-03-29 12:33:38 -04:00
Tam Nhu Tran 1c4fc96d33 fix(ai-review): increase turn budget and improve fallback extraction
- Increase per-reviewer max-turns 25→40 (security review hit limit on
  large PRs like codex runtime with ~5000 line diff)
- Increase orchestrator max-turns 15→20
- Improve fallback extraction: concatenate ALL assistant messages (not
  just last) when reviewer hits turn limit without writing output file
- Add descriptive prefix to fallback output explaining why extraction
  was needed (e.g., "hit turn limit", "no execution log")
- Ensures something meaningful is posted even when CI jobs fail
2026-03-29 12:21:28 -04:00
Tam Nhu Tran 97f07c2b12 refactor(ai-review): matrix strategy + orchestrator AI merge
- Replace 3 duplicate review jobs with 1 matrix job (-200 lines)
  Matrix entries: Security, Quality, CCS Compliance (run in parallel)
- Restore review-prompt.md as orchestrator merge prompt
  (dedup, severity rank, unified assessment, security+CCS tables)
- Aggregate job now runs claude-code-action with orchestrator prompt
  to produce polished unified review (not just stapled sections)
- Fallback to simple concat if orchestrator fails
- Dynamic prompt access via outputs[matrix.prompt_output] syntax
2026-03-28 21:02:57 -04:00
Tam Nhu Tran 8c371e73a3 feat(ai-review): workflow-level parallel review jobs
Replace single monolithic review job with 3 parallel GitHub Actions jobs
running simultaneously. Agent tool is unavailable in claude-code-action,
so parallelism is achieved at the workflow level instead.

Pipeline: prepare → load-prompts → 3 parallel reviews → aggregate

Jobs:
- prepare: resolve PR metadata and runner (unchanged)
- load-prompts: load focused prompts from base branch (security model)
- security-review: injection, auth, race conditions, supply chain
- quality-review: error handling, false assumptions, performance
- ccs-review: CCS-specific project compliance rules
- aggregate: merge 3 outputs into single PR comment

Each reviewer runs independently with 10min timeout, 25 max-turns.
Aggregate is pure bash (no API calls) — downloads artifacts, merges,
posts/updates single deduped comment.

Closes #843
2026-03-28 20:55:42 -04:00
Tam Nhu Tran d2510fc860 fix(ai-review): use printf for subagent prompt outputs, match existing pattern
Replace echo with printf '%s\n' for subagent prompt GITHUB_OUTPUT writes
to match the existing main prompt pattern (line 216). Prevents edge case
where echo misinterprets leading -n/-e as flags.
2026-03-28 20:24:46 -04:00
Tam Nhu Tran 53ad2836c4 refactor(ai-review): switch --allowedTools to --tools for actual restriction
--allowedTools is an approval list (skip permission prompts), redundant
with bypassPermissions. --tools is the actual availability whitelist.

Also simplified tool list: Bash sub-patterns (gh pr diff *, etc.) aren't
supported by --tools. The workflow token has contents:read only, so the
agent physically cannot push/delete/modify the repo even with full Bash.
2026-03-28 20:13:47 -04:00
Tam Nhu Tran 36e8cc47d9 fix(ai-review): address all review findings — restore allowedTools, add fallbacks
Fixes from ai-review bot feedback on PR #838:

- [HIGH] Restore --allowedTools with Agent added (was incorrectly removed,
  not redundant with bypassPermissions — it's a tool whitelist)
- [MED] Add inline fallback prompts when subagent files missing from base branch
- [MED] Add graceful degradation in orchestrator for Agent tool failures
  and empty subagent prompts
- [MED] Replace hardcoded PROMPT_EOF delimiters with random openssl-generated
  delimiters to prevent early heredoc termination
- [LOW] Add per-subagent turn budget guidance (8-10 turns each, 50 total)
- [LOW] Add "Do NOT fetch diff separately" instruction to all 4 subagent prompts
2026-03-28 19:59:35 -04:00
Tam Nhu Tran d67fa350b8 refactor(ai-review): remove redundant allowedTools, enforce subagent dispatch
- Remove --allowedTools from claude_args (redundant with bypassPermissions,
  was never actually restricting tools)
- Strengthen orchestrator prompt: MANDATORY/FORBIDDEN language for subagent
  dispatch, explicit "you MUST use Agent tool" enforcement
2026-03-28 19:50:13 -04:00
Tam Nhu Tran ce023aa8f4 feat(ai-review): parallel subagent review pipeline
Rewrite ai-review workflow to use parallel subagents for faster,
more thorough PR reviews. Splits monolithic single-agent review into
4-stage pipeline: triage → 3 parallel focused reviewers → adversarial
red-team → aggregated single comment.

Changes:
- Add Agent tool to allowedTools for subagent spawning
- Increase max-turns 30→50, timeout 15→18min for subagent overhead
- Rewrite review-prompt.md as orchestration prompt (198→93 lines)
- Create 4 focused subagent prompts in .github/review-prompts/:
  - security.md: injection, auth, race conditions, supply chain
  - quality.md: error handling, false assumptions, AI blind spots
  - ccs-compliance.md: all 12 CCS-specific project rules
  - adversarial.md: red-team gap hunter (runs after parallel phase)
- Load all subagent prompts from base branch (security model preserved)
- Scope-aware dispatch: trivial PRs skip subagents entirely

Target: reduce avg review time from ~7min to <5min.

Closes #837
2026-03-28 19:32:08 -04:00
Tam Nhu Tran cc55b9d794 Merge remote-tracking branch 'origin/dev' into kai/chore/ccs-backlog-project-automation-refresh 2026-03-28 10:17:56 -04:00
Tam Nhu Tran 3ebf17f170 fix(ci): require explicit /review command for AI review reruns 2026-03-28 10:10:31 -04:00
Tam Nhu Tran e6617726cb fix: harden CCS backlog sync pagination and recovery 2026-03-28 09:51:53 -04:00
Tam Nhu Tran b3b3853db0 chore: automate CCS backlog project sync 2026-03-27 17:52:34 -04:00
Tam Nhu Tran 179fa338b8 hotfix(ci): increase max-turns to 30 and enforce Write tool for review output
- Increase --max-turns from 20 to 30 (large PRs with 31 files need ~25 turns)
- Explicitly instruct Claude to use Write tool (not Edit/python3 fallback)
- Add READ-ONLY constraint to prevent source code modifications
- Previous run hit error_max_turns at turn 21 despite successfully writing review

Part of #818
2026-03-27 14:55:22 -04:00
Tam Nhu Tran 0a7fef0368 hotfix(ci): fix AI review performance — bypass permissions, cap turns, reduce thinking
- Add --permission-mode bypassPermissions to eliminate 16+ permission denials per review
- Add --max-turns 20 to prevent runaway 41+ turn sessions
- Replace ultrathink with think (32K→16K thinking tokens) — sufficient for read-only review
- Expand --allowedTools with commonly-tried tools (wc, head, tail, find, git show)
- Remove unnecessary tools (Edit, LS — review shouldn't edit files)
- Reduce timeout from 20 to 15 minutes for faster failure detection

Evidence from run #23659037151: 11.6 min, 41 turns, 16 permission denials, $1.95, failed to write review.

Closes #818
2026-03-27 14:26:21 -04:00
Tam Nhu Tran bb5862f0a0 ci(ai-review): upgrade model, add fallback extraction, preserve logs
- Upgrade review model from glm-5 to glm-5.1
- Add fallback step: if Claude doesn't write pr_review.md, extract
  last assistant message from execution output as review content
- Upload claude-execution-output.json as artifact (7-day retention)
  so review sessions can be inspected after the job completes
- Publish review comment runs on always() instead of only on success,
  so fallback-extracted reviews still get posted
2026-03-27 12:09:24 -04:00
Tam Nhu Tran 6dca069c7d ci(ai-review): enable show_full_output for review visibility
Allows seeing Claude's full output in CI logs instead of the
opaque "full output hidden for security" message. Helps debug
slow reviews and identify bottlenecks.
2026-03-27 12:02:11 -04:00
Tam Nhu Tran 0334f70991 ci(ai-review): remove custom Claude CLI path to prevent version drift
claude-code-action@v1 auto-updates its bundled Claude Code and Agent SDK.
The custom path_to_claude_code_executable forced the runner's stale CLI
(v2.1.39) to be used instead, causing validateHeaders auth failures when
the SDK updated to 0.2.85. Let the action manage its own installation.

Closes #810
2026-03-27 11:55:03 -04:00
Tam Nhu Tran 41a31c8a4f fix(ci): resolve flaky api-command module resolution and migrate to self-hosted runner
Root cause: Bun's test runner fails to resolve exports from directory
index.ts files during parallel test execution. The api-command/index.ts
imports 8 subcommand modules — if any fail to load during concurrent
test runs, the entire module fails with "Export not found."

Fix: extract createApiCommandHandler into handler.ts (lightweight, only
imports named-command-router). Test imports from handler.ts directly,
bypassing the heavy index.ts that loads all subcommand modules.

Also:
- Remove stale api-command.ts barrel file
- Use explicit /index import paths in source
- Migrate CI validate to self-hosted runner with clean artifact step
- Disable Bun cache (no-cache: true) on self-hosted runner
2026-03-26 18:12:32 -04:00