Split setup_woodpecker() into create_woodpecker_oauth() (pre-compose) and
activate_woodpecker_repo() (post-compose) so OAuth2 creds are in .env before
Woodpecker starts, and repo activation happens after the stack is up.
- Add ports: ["8000:8000"] to Woodpecker service in generate_compose()
- Fix .env var names: WP_FORGEJO_CLIENT/SECRET to match compose references
- Reorder disinto_init(): OAuth2 creation before compose up, repo activation after
- activate_woodpecker_repo() polls Woodpecker readiness with retry loop
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Skip sourcing .env/.env.enc when DISINTO_CONTAINER=1 since compose
already injects the correct env vars via env_file + environment
overrides. Re-sourcing .env was clobbering compose-level values
like FORGE_URL=http://forgejo:3000 with the localhost default.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add database readiness check (retry loop on `forgejo admin user list`) after
API becomes reachable to avoid the race where HTTP is up but SQLite isn't
accepting writes yet.
Remove `2>/dev/null || true` from user creation commands so failures are
logged with the actual error message. Verify each user exists via API after
creation. Fail init with a clear error if admin token, bot user creation,
or bot token creation fails — instead of silently writing an incomplete .env.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Detect which git remote matches FORGE_URL by comparing the host portion
of FORGE_URL against remote push URLs. Store the result in FORGE_REMOTE
(defaults to "origin" when no match — preserving existing behavior for
Codeberg-direct setups).
Replace every hardcoded "origin" in fetch, push, worktree-add, and
prompt-injection commands across:
- dev/dev-agent.sh (worktree setup, phase protocol prompt)
- dev/phase-handler.sh (CI retrigger, review feedback, rebase instructions)
- review/review-poll.sh (review feedback injection)
- action/action-agent.sh (worktree setup, push instructions)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace the claude-auth named Docker volume with bind mounts to the host
user's ~/.claude/ and ~/.claude.json. The named volume creates an empty
directory, so the agents container cannot authenticate with Claude CLI.
Bind-mounting from ${HOME} ensures the container picks up existing
credentials without manual intervention.
Closes codeberg.org/johba/disinto/issues/633
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Critical: setup_matrix now runs after docker compose up -d so Dendrite
is actually running when provisioning is attempted
- Minor: replace sed with Python for .env credential writes to avoid
delimiter collisions with opaque Matrix access tokens
- Info: update matrix_listener.sh header to mention container mode
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
In compose mode, skip host cron installation entirely since the agents
container runs cron internally via entrypoint.sh. In bare mode, check
for crontab before attempting to install entries and produce a clear
error with install instructions if missing.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Remove curl|sh Claude CLI download from Dockerfile (no internet needed)
- Mount host Claude CLI binary into container via docker-compose volume
- generate_compose() resolves host claude path at init time
- entrypoint.sh fails fast with clear error if claude CLI is missing
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add -u git to docker exec and docker compose exec calls in _forgejo_exec()
so Forgejo admin commands run as the git user instead of root.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add security_opt: [apparmor=unconfined] to all three compose services
(forgejo, woodpecker, agents) in generate_compose(). This prevents
su-exec from entering an infinite CPU loop when Docker runs inside an
LXD container whose default AppArmor profile blocks setuid/execve.
Harmless on bare-metal Docker hosts.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add FORGEJO__security__INSTALL_LOCK: "true" to the forgejo service
environment in generate_compose(). Without this, Forgejo starts in
install-wizard mode and the API returns 404 for all endpoints.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The directed graph has mixed edge directions along the path from
agent/formula to objective (agent→formula→label←issue→objective),
so descendants() never reaches objectives. Use undirected connected
components for reachability instead. Also fix closed-issues query
to use forge_get (bounded at 50) instead of forge_get_all (unbounded).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add lib/build-graph.py that builds a NetworkX DiGraph from project docs
and forge API, runs structural analyses (orphans, cycles, disconnected
clusters, thin objectives, bottlenecks), and outputs a JSON report.
Predictor and reviewer agents now call build-graph.py before launching
their Claude sessions and inject the report as context.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Clear phase file after reading it in recovery mode so new sessions
start clean instead of inheriting stale state
- When last phase was escalate, tell Claude "previous session escalated —
starting fresh" instead of "resume from escalate" to prevent re-escalation
- Add explicit "PR already exists — do NOT create a new PR" instructions
to recovery prompt to prevent Claude from calling forge API directly
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add stale-pr-recycle step to the gardener formula that detects open PRs
with failed CI older than 24 hours and no active tmux session. Stale PRs
are closed with a comment, and the linked issue is relabeled from
in-progress to backlog so dev-poll picks it up for a fresh attempt.
Also adds close_pr manifest action to the gardener executor.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add EXIT trap in disinto_up() so the plaintext .env is removed even if
docker compose up fails. Previously set -euo pipefail would abort
before the cleanup block, leaving secrets on disk.
Replace the silent || true in the Dockerfile with an explicit
claude --version check so the build fails visibly if the CLI cannot
be installed.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The entrypoint installed a crontab but never started a cron daemon,
leaving the container idle. Fix by running as root in the entrypoint
(cron requires it), installing the crontab for the agent user via
`crontab -u agent`, and starting cron in the foreground with `cron -f`.
Remove `USER agent` from the Dockerfile and `user: "1000:1000"` from
the compose template accordingly — cron jobs still execute as UID 1000.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add MATRIX_MENTION_USER config to project TOML and include a Matrix
mention pill in escalation notify_ctx calls so humans get notified
even in muted rooms.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add docker-compose.yml generation, agent Dockerfile, and new CLI
commands (up/down/logs/shell) so the full stack runs containerized.
The --bare flag preserves the current bare-metal setup.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add mirrors.sh to the LIB_FUNS scan and check_script list so the
agent-smoke function resolution test recognizes mirror_push.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
