Runs on both PRs and pushes to main. Compiles all agentic workflow
markdown files and fails if the resulting lock files differ from what's
committed. This ensures contributors run `gh aw compile` before merging.
https://claude.ai/code/session_01JTYNSeJrGzdW6wfAUbdjjw
Triggers on pushes to main that touch .github/workflows/*.md files.
Installs gh-aw, compiles all agentic workflow markdown files, and
commits the resulting .lock.yml files back to the repo.
https://claude.ai/code/session_01JTYNSeJrGzdW6wfAUbdjjw
- Add engine: claude to all agentic workflows (uses ANTHROPIC_API_KEY)
- Fix dependency-update.md network field: use object format instead of
array to match the oneOf schema (string | object)
- Remove pr-fix.md since ci-doctor.md already handles CI failure
investigation and auto-fixing
https://claude.ai/code/session_01JTYNSeJrGzdW6wfAUbdjjw
Set up five workflows to automate repository maintenance:
- code-review.md: Automated PR review on open/sync, checks for bugs,
security issues, and Go/K8s anti-patterns. Auto-fixes formatting and
linting. Escalates to maintainer only for CRD/architecture changes.
- ci-doctor.md: Triggers on CI failure, investigates root cause from logs,
auto-fixes mechanical issues (mod tidy, fmt, simple compilation errors),
and creates detailed issues for complex failures.
- pr-fix.md: On-demand /pr-fix command to analyze and fix failing CI checks
on any PR.
- dependency-update.md: Weekly scheduled check for Go module updates.
Groups updates logically (k8s, knative, go-git), fixes breaking changes,
and creates per-batch PRs. Escalates only when fixes need design decisions.
- auto-merge.yaml: Standard GitHub Actions workflow that auto-merges PRs
labeled "automation" once all CI checks pass (squash merge).
All agentic workflows assign @imjasonh only when human judgment is needed,
with specific questions rather than generic notifications.
https://claude.ai/code/session_01JTYNSeJrGzdW6wfAUbdjjw
Tests cover the key behaviors of the repo-watcher:
- Branch discovery: auto-creates GitBranch CRDs from remote refs
- Owner references: created branches correctly reference GitRepository
- New branch detection: branches added on Gitea are picked up
- Commit update detection: new pushes to Gitea update headCommit
- Branch deletion: branches removed from Gitea trigger CRD deletion
- Multiple branches: all branches on a repo are discovered
- LastFetchTime: status is updated and advances on each poll
- Labels: repository label is set on created branches
- Slash branch names: feature/foo naming handled correctly
Also adds shared e2e helpers for Gitea branch/file operations and
updates CI workflow to deploy and monitor the repo-watcher-controller.
https://claude.ai/code/session_01P7xfBqARU5DFS8QJ4uDPVj
- Remove Setup Knative step: the project only uses knative.dev/pkg as a
Go library for the controller framework, not Knative Serving/Eventing.
This eliminates the slowest setup step entirely.
- Create config-logging and config-observability ConfigMaps directly,
which is all knative.dev/pkg/injection/sharedmain needs at runtime.
- Deploy Gitea in parallel with ko controller builds instead of
sequentially, so both can start at the same time.
- Combine the "wait for controllers" and "wait for Gitea" steps into one.
- Reduce Gitea readiness probe initialDelaySeconds from 10s to 3s and
periodSeconds from 5s to 3s.
- Reduce Gitea API wait loop sleep from 2s to 1s.
- Reduce e2e test poll interval from 2s to 1s for faster feedback.
https://claude.ai/code/session_018itccL4SXV3eD7iuPwLGYa
Add cache-dependency-path: go.mod to both setup-go steps so that
actions/setup-go caches ~/go/pkg/mod and ~/.cache/go-build across
runs. Since go.sum is not checked in, go.mod is used as the cache key.
https://claude.ai/code/session_011joWLHyHc8v7nDfpNoWkEY
Move all e2e test logic from bash steps in ci.yaml into Go test files
under test/e2e/. CI now sets up infrastructure (KinD, Knative, CRDs,
controllers, Gitea) then runs `go test -tags=e2e ./test/e2e/`.
Benefits:
- Tests run concurrently via t.Parallel()
- No more bash-in-YAML maintenance burden
- Each test creates its own isolated resources with cleanup
- Proper Go test output with -v
- Build-tagged so `go test ./...` skips them
Tests:
- TestPushTransaction: push main to a new branch, verify on git server
- TestPushTransactionMultipleRefSpecs: push to two branches at once
- TestRepoSync: create two repos, set up GitRepoSync, verify controller
https://claude.ai/code/session_01QfFzqKQUsxxBsiZUhuJ3pG
Add unit tests for all packages that previously had zero test coverage:
- pkg/apis/git/v1alpha1: defaults, deepcopy, scheme registration, constants
- pkg/client: toUnstructured/fromUnstructured round-trips, context injection
- pkg/reconciler/push: splitKey, nestedFieldNoCopy, unstructuredNestedStringMap, base64 decoding
- pkg/reconciler/sync: splitKey
- pkg/reconciler/resolver: splitKey, changeName
Add e2e test exercising the sync controller:
- Creates second Gitea repo and GitRepository CR
- Creates GitBranch CRs with headCommit set via status subresource patch
- Creates GitRepoSync CR and verifies the sync controller processes it
https://claude.ai/code/session_01QfFzqKQUsxxBsiZUhuJ3pG
Gitea 1.21 refuses to run as root. The non-rootless image's
entrypoint switches to the git user, but kubectl exec still runs
as root, causing `gitea admin user create` to fail with:
"Gitea is not supposed to be run as root"
Switch to gitea/gitea:1.21-rootless which runs as UID 1000,
and mount emptyDir volumes at /var/lib/gitea and /etc/gitea.
https://claude.ai/code/session_01QfFzqKQUsxxBsiZUhuJ3pG
- Add explicit API readiness check inside the pod before running
admin commands (readiness probe alone may pass before DB is ready)
- Split "Initialize Gitea" into separate steps for better failure
diagnostics: "Create Gitea admin user" and "Create test repository"
https://claude.ai/code/session_01QfFzqKQUsxxBsiZUhuJ3pG
The `---` between the Deployment and Service was indented inside
the heredoc, so kubectl didn't recognize it as a document separator.
Split into two separate kubectl apply calls.
https://claude.ai/code/session_01QfFzqKQUsxxBsiZUhuJ3pG
Replace the stub smoke test (which only verified CRD creation) with a
full end-to-end test that:
- Deploys Gitea as an in-cluster git server (emptyDir, auto-install)
- Initializes a test repository with an admin user and initial commit
- Creates GitRepository, GitBranch, and GitPushTransaction CRDs
- Verifies the push controller clones, pushes main to a new branch,
and transitions the transaction to Succeeded
- Verifies the controller updates the GitBranch CR's headCommit
- Verifies the new branch actually exists on the git server
Also fixes a bug in the push controller's resolveAuth: Secret data
values are base64-encoded when accessed via the dynamic client, but
were being used directly without decoding, causing authentication
failures.
https://claude.ai/code/session_01QfFzqKQUsxxBsiZUhuJ3pG
Two jobs:
- build: compiles all controller binaries and runs go vet
- e2e: spins up KinD cluster with Knative via chainguard-dev/actions,
deploys CRDs and controllers with ko, verifies rollout, runs
smoke test creating a GitRepository CR. On failure, collects
kind-diag diagnostics as artifacts.
https://claude.ai/code/session_01QfFzqKQUsxxBsiZUhuJ3pG