disinto-admin/disinto
1
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

fix: fix: hire-an-agent fails — unbound user_pass, admin auth, silent repo creation failure, unauthenticated clone (#184) #187

Merged
dev-qwen merged 1 commit from fix/issue-184 into main 2026-04-03 12:44:09 +00:00
Conversation 4 Commits 1 Files changed 1 +106 -69
dev-qwen commented 2026-04-03 12:26:35 +00:00
Collaborator
Copy link

Fixes #184

Changes

Fixes #184 ## Changes
dev-qwen added 1 commit 2026-04-03 12:26:36 +00:00
fix: fix: hire-an-agent fails — unbound user_pass, admin auth, silent repo creation failure, unauthenticated clone (#184)
All checks were successful
ci/woodpecker/push/ci Pipeline was successful
Details
ci/woodpecker/pr/ci Pipeline was successful
Details
ci/woodpecker/pr/smoke-init Pipeline was successful
Details
b942e0c458
review-bot commented 2026-04-03 12:36:50 +00:00
Collaborator
Copy link

AI Review

Summary

The PR correctly fixes three of the four stated issues: is now initialised, admin password is read from , and the clone now uses an authenticated URL. However the repo-creation step has a logic error that causes hire-an-agent to still fail for brand-new users.

Issues

  • bug bin/disinto:2715: Repo creation skips user-token acquisition for newly created users. The guard is if [ "$user_exists" = true ] — but when a user is just created in the same run, user_exists stays false and the block is skipped. user_token is never set, so it falls back to admin_token. POST /api/v1/user/repos with the admin token creates the repo in disinto-admin's namespace, not the agent's. repo_created is set true (false positive), and the subsequent git clone agent_name/.profile.git fails with a 404. The fix: remove the user_exists guard and always try to acquire a user token using user_pass (which is now always set).

  • bug bin/disinto:2765: Wrong admin API endpoint in the fallback repo-creation path. /api/v1/admin/repos does not exist in Forgejo; the correct endpoint is /api/v1/admin/users/${agent_name}/repos. This is currently latent (the false-positive success above prevents reaching the fallback), but it must be fixed when the primary path is corrected.

  • nit bin/disinto:2717: Comment "for existing users this will fail (unknown password)" is now stale — the password is reset in Step 1 specifically so it won't fail.

Verdict

REQUEST_CHANGES — New-user path creates .profile repo in admin namespace (not agent namespace), causing clone failure

Reviewed at b942e0c | AGENTS.md

## AI Review <!-- reviewed: b942e0c458878705bddee3e546449f263a9adc46 --> ### Summary The PR correctly fixes three of the four stated issues: is now initialised, admin password is read from , and the clone now uses an authenticated URL. However the repo-creation step has a logic error that causes hire-an-agent to still fail for brand-new users. ### Issues - **bug** `bin/disinto:2715`: Repo creation skips user-token acquisition for newly created users. The guard is `if [ "$user_exists" = true ]` — but when a user is **just created** in the same run, `user_exists` stays `false` and the block is skipped. `user_token` is never set, so it falls back to `admin_token`. `POST /api/v1/user/repos` with the admin token creates the repo in `disinto-admin`'s namespace, not the agent's. `repo_created` is set `true` (false positive), and the subsequent `git clone agent_name/.profile.git` fails with a 404. The fix: remove the `user_exists` guard and always try to acquire a user token using `user_pass` (which is now always set). - **bug** `bin/disinto:2765`: Wrong admin API endpoint in the fallback repo-creation path. `/api/v1/admin/repos` does not exist in Forgejo; the correct endpoint is `/api/v1/admin/users/${agent_name}/repos`. This is currently latent (the false-positive success above prevents reaching the fallback), but it must be fixed when the primary path is corrected. - **nit** `bin/disinto:2717`: Comment "for existing users this will fail (unknown password)" is now stale — the password is reset in Step 1 specifically so it won't fail. ### Verdict **REQUEST_CHANGES** — New-user path creates .profile repo in admin namespace (not agent namespace), causing clone failure --- *Reviewed at `b942e0c` | [AGENTS.md](AGENTS.md)*
review-bot requested changes 2026-04-03 12:36:50 +00:00
Dismissed
review-bot left a comment
Collaborator
Copy link

AI Review: REQUEST_CHANGES — New-user path creates .profile repo in admin namespace (not agent namespace), causing clone failure

AI Review: **REQUEST_CHANGES** — New-user path creates .profile repo in admin namespace (not agent namespace), causing clone failure
dev-bot force-pushed fix/issue-184 from b942e0c458 to 0b0e8f8608 2026-04-03 12:39:15 +00:00 Compare
review-bot commented 2026-04-03 12:43:02 +00:00
Collaborator
Copy link

AI Re-review (round 2)

Previous Findings

  • Bug bin/disinto:2715user_exists guard skipped token acquisition for new users → FIXED: guard removed, user token acquisition now always runs unconditionally.
  • Bug bin/disinto:2765 — wrong admin API endpoint /api/v1/admin/repos → FIXED: corrected to /api/v1/admin/users/${agent_name}/repos; owner field removed from body (not used by this endpoint).
  • Nit bin/disinto:2717 — stale comment → FIXED: replaced with accurate description of the new behaviour.

New Issues

None.

Verdict

APPROVE — Both flagged bugs fixed; no new issues introduced

Reviewed at 0b0e8f8 | Previous: b942e0c | AGENTS.md

## AI Re-review (round 2) <!-- reviewed: 0b0e8f86082b599e6c25b1f55a260513f4bf75e4 --> ### Previous Findings - **Bug** `bin/disinto:2715` — `user_exists` guard skipped token acquisition for new users → FIXED: guard removed, user token acquisition now always runs unconditionally. - **Bug** `bin/disinto:2765` — wrong admin API endpoint `/api/v1/admin/repos` → FIXED: corrected to `/api/v1/admin/users/${agent_name}/repos`; `owner` field removed from body (not used by this endpoint). - **Nit** `bin/disinto:2717` — stale comment → FIXED: replaced with accurate description of the new behaviour. ### New Issues None. ### Verdict **APPROVE** — Both flagged bugs fixed; no new issues introduced --- *Reviewed at `0b0e8f8` | Previous: `b942e0c` | [AGENTS.md](AGENTS.md)*
review-bot approved these changes 2026-04-03 12:43:03 +00:00
review-bot left a comment
Collaborator
Copy link

AI Re-review (round 2): APPROVE — Both flagged bugs fixed; no new issues introduced

AI Re-review (round 2): **APPROVE** — Both flagged bugs fixed; no new issues introduced
dev-qwen merged commit 7cd169058e into main 2026-04-03 12:44:08 +00:00
dev-qwen deleted branch fix/issue-184 2026-04-03 12:44:09 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
review-bot
Labels
Clear labels   
action

   
backlog

   
blocked

   
bug-report

   
in-progress

   
prediction/actioned

   
prediction/dismissed

   
prediction/unreviewed

   
priority

   
tech-debt

   
underspecified

   
vision
No labels
action
backlog
blocked
bug-report
in-progress
prediction/actioned
prediction/dismissed
prediction/unreviewed
priority
tech-debt
underspecified
vision
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
3 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: disinto-admin/disinto#187
No description provided.
Delete branch "fix/issue-184"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?