New reusable library with clean function boundaries for the PR lifecycle:
- pr_create, pr_find_by_branch — PR creation and lookup
- pr_poll_ci — poll CI with infra vs code failure classification
- pr_poll_review — poll for review verdict (bot comments + formal reviews)
- pr_merge, pr_is_merged — merge with 405 handling and race detection
- pr_walk_to_merge — full orchestration loop (CI → review → merge)
- build_phase_protocol_prompt — git push instructions for agent prompts
The pr_walk_to_merge function uses agent_run() which callers must define
(guarded stub provided). This bridges to the synchronous SDK architecture
where the orchestrator bash loop IS the state machine — no phase files.
Extracted from: dev/phase-handler.sh, dev/dev-poll.sh, lib/ci-helpers.sh
Smoke test updated to include the new library.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Some BusyBox grep builds treat bare () as grouping operators even in BRE
mode, causing get_fns to miss function definitions like ci_commit_status.
Using [(][)] is unambiguous across all grep implementations.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Fixes#779
## Changes
Auto-generate WOODPECKER_TOKEN during disinto init by automating the Forgejo OAuth2 login flow after the compose stack starts. Adds generate_woodpecker_token() function that: logs into Forgejo web UI, drives the OAuth2 authorize/consent flow, completes the Woodpecker callback to get a session token, then creates a persistent personal access token via Woodpecker API. Saves to .env so activate_woodpecker_repo() can use it immediately. Failures are non-fatal (guarded with || true).
Co-authored-by: openhands <openhands@all-hands.dev>
Reviewed-on: https://codeberg.org/johba/disinto/pulls/790
Reviewed-by: Disinto_bot <disinto_bot@noreply.codeberg.org>
Push events test the raw branch which may be behind main.
PR events test the merge result, which is what matters.
This eliminates false CI failures that block the dev-agent.
Fixes#778
## Changes
Add git identity warning to preflight_check() (warns if user.name/user.email missing) and auto-configure repo-local identity in setup_ops_repo() before the seed commit. This prevents init from failing late when git identity is not configured globally.
Co-authored-by: openhands <openhands@all-hands.dev>
Reviewed-on: https://codeberg.org/johba/disinto/pulls/780
Reviewed-by: Disinto_bot <disinto_bot@noreply.codeberg.org>
Fixes#770
The dev agent was pushing fixes without rebasing. If main moved since the branch was created, the PR becomes unmergeable.
This adds a rebase step before every git push in the dev agent workflow:
- Initial push after implementing
- Push after CI fix
- Push after review feedback
Rebasing ensures PRs stay up-to-date with the target branch and avoids merge conflicts.
Co-authored-by: johba <johba@users.codeberg.org>
Reviewed-on: https://codeberg.org/johba/disinto/pulls/775
Reviewed-by: Disinto_bot <disinto_bot@noreply.codeberg.org>
Add "(" to the get_candidates skip list so that function definition
lines (e.g. memory_guard() {) are not extracted as call candidates.
Previously this was masked by get_fns also being broken on BusyBox
awk, but fixing get_fns exposed the get_candidates gap.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace the single-shot Forgejo API emptiness check in push_to_forge()
with a retry loop (up to 5 attempts, 2s apart). Forgejo needs a brief
delay to index pushed refs, so the immediate check could see stale
metadata reporting empty=true even though the push succeeded.
Also fix agent-smoke.sh get_fns() to use POSIX character classes and
bracket-escaped parens for BusyBox awk compatibility in Alpine CI.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Remove all Matrix/Dendrite infrastructure:
- Delete lib/matrix_listener.sh (long-poll daemon), lib/matrix_listener.service
(systemd unit), lib/hooks/on-stop-matrix.sh (response streaming hook)
- Remove matrix_send() and matrix_send_ctx() from lib/env.sh
- Remove MATRIX_HOMESERVER auto-detection, MATRIX_THREAD_MAP from lib/env.sh
- Remove [matrix] section parsing from lib/load-project.sh
- Remove Matrix hook installation from lib/agent-session.sh
- Remove notify/notify_ctx helpers and Matrix thread tracking from
dev/dev-agent.sh and action/action-agent.sh
- Remove all matrix_send calls from dev-poll.sh, phase-handler.sh,
action-poll.sh, vault-poll.sh, vault-fire.sh, vault-reject.sh,
review-poll.sh, review-pr.sh, supervisor-poll.sh, formula-session.sh
- Remove Matrix listener startup from docker/agents/entrypoint.sh
- Remove append_dendrite_compose() and setup_matrix() from bin/disinto
- Remove --matrix flag from disinto init
- Clean Matrix references from .env.example, projects/*.toml.example,
formulas/*.toml, AGENTS.md, BOOTSTRAP.md, README.md, RESOURCES.md,
PHASE-PROTOCOL.md, and all agent AGENTS.md/PROMPT.md files
Status visibility now via Codeberg PR/issue activity. Human interaction
via vault items through forge. Proactive alerts via OpenClaw heartbeats.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
## What
Removes the exec agent (PR #697). Its functionality is replaced by:
1. **OpenClaw skill** — teaches any OpenClaw instance to be the factory's face
2. **Vault API** — structured interface for proposals, approvals, rejections
The exec agent was rebuilding OpenClaw in bash. Every piece has a native OpenClaw equivalent:
- CHARACTER.md → SOUL.md
- exec/MEMORY.md → MEMORY.md
- exec-session.sh → session management
- exec-briefing.sh → heartbeats/cron
- Matrix dispatch → channel plugins
## Why
Prudence isn't a separate agent. She's what OpenClaw becomes when it has the disinto skill. One LLM, one vault API, no LLM-to-LLM.
## Related
- #721 — remove escalation, route through vault
- #709 — skill registry research
- #466 — example project (vault should have handled this, not escalation)
Co-authored-by: openhands <openhands@all-hands.dev>
Reviewed-on: https://codeberg.org/johba/disinto/pulls/722
Merge main into feat/exec-agent to pick up ba1ab6e which added
matrix_send_ctx to lib/env.sh and action/action-agent.sh. Without
this merge, CI smoke test fails on the PR merge commit.
Re-applied exec changes on top of main:
- .env.example, AGENTS.md, bin/disinto, lib/matrix_listener.sh
- .woodpecker/agent-smoke.sh: exec scripts added to checks
On Alpine/busybox, adding tea-helpers.sh to the LIB_FUNS for-loop
caused forge_api to go missing from the extracted function set.
Since no other script currently calls tea_* functions, tea-helpers.sh
is checked standalone via check_script instead.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add lib/tea-helpers.sh with tea_file_issue, tea_relabel, tea_comment,
tea_close — thin wrappers preserving secret scanning on write ops
- Add tea 0.9.2 binary to docker/agents/Dockerfile
- Configure tea login in docker/agents/entrypoint.sh from FORGE_TOKEN/FORGE_URL
- Derive TEA_LOGIN in lib/env.sh (codeberg vs local forgejo)
- Source tea-helpers.sh conditionally when tea binary is available
- Migrate predictor formula from inline curl to tea CLI commands
- Register tea-helpers.sh in smoke test function resolution
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Forgejo 11.0 refuses to run as root with a fatal error. Use su-exec
to run all forgejo commands as the 'git' user (pre-created in the
Forgejo Docker image). chown /data to git:git before starting.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The install endpoint POST returned 404 because FORGEJO__database__DB_TYPE
env var auto-configured Forgejo, bypassing install mode.
Fix: run the Forgejo image as the step container instead of a service.
This gives CLI access to `forgejo admin user create` for bootstrap
admin setup — no install endpoint needed.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add tests/smoke-init.sh — an end-to-end smoke test that runs
disinto init --bare --yes against a real Forgejo instance
(started as a Woodpecker service container).
The test validates:
- Forgejo API responds after init
- Admin and bot users created with tokens
- Repo created with labels on Forgejo
- Project TOML generated correctly
- .env written with FORGE_TOKEN and FORGE_REVIEW_TOKEN
- Cron entries installed (dev-poll, review-poll, gardener)
Uses mock binaries for docker (routes user creation to Forgejo
admin API), claude, tmux, and crontab to run in CI without
Docker-in-Docker.
Wired into CI via .woodpecker/smoke-init.yml (separate pipeline
with Forgejo service, runs on push and pull_request).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add mirrors.sh to the LIB_FUNS scan and check_script list so the
agent-smoke function resolution test recognizes mirror_push.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add check_script calls for all inline-sourced lib files (agent-session.sh,
ci-helpers.sh, file-action-issue.sh, formula-session.sh, load-project.sh)
so their internal function calls are verified
- Add check_script calls for standalone lib scripts (ci-debug.sh,
matrix_listener.sh, parse-deps.sh) and legacy prediction scripts
- Add documentation comment on LIB_FUNS listing included/excluded lib files
with rationale for each
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Fixes#388
## Changes
Action-agent now sources dev/phase-handler.sh and enters monitor_phase_loop after prompt injection. Two paths: (A) git output triggers the same PR/CI/review lifecycle as dev-agent, (B) no-git output writes PHASE:done for cleanup. Adds docker compose down on terminal phases, escalation to supervisor on idle timeout, and proper temp file cleanup.
Co-authored-by: openhands <openhands@all-hands.dev>
Reviewed-on: https://codeberg.org/johba/disinto/pulls/403
Reviewed-by: Disinto_bot <disinto_bot@noreply.codeberg.org>
CI duplicate-detection flagged shared action-issue filing pattern between
gardener-run.sh and planner-poll.sh. Extract into lib/file-action-issue.sh
and refactor both scripts to use it.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Busybox awk in Alpine CI has incomplete POSIX character class support;
[[:space:]] intermittently fails to match, causing function definitions
to be missed from LIB_FUNS. Replace with literal [ \t] patterns.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add lib/agent-session.sh as explicit extra definition source for the
gardener-agent.sh check in agent-smoke.sh. Alpine busybox awk in CI
intermittently fails to resolve monitor_phase_loop from LIB_FUNS;
listing it as a direct cross-source makes the check robust.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add baseline comparison to detect-duplicates.py: when DIFF_BASE is set
(via CI_COMMIT_TARGET_BRANCH for PRs), the script compares findings
against the base branch and only fails on new duplicates introduced by
the PR. Pre-existing duplicates are reported as informational.
For push events (no DIFF_BASE), the script reports all findings but
exits 0 (informational only). Removes failure:ignore from the CI step
so new duplicates properly block PRs.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
busybox grep on Alpine handles ERE character classes [(][)] differently
from GNU grep, causing get_fns to miss function definitions like
handle_ci_exhaustion(). awk is portable and works identically on all
platforms.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Fixes#261
## Changes
Fixed gardener hanging forever when Claude skips phase protocol. Three changes: (1) gardener-agent.sh: replaced 999999s timeout with 7200s (2h, matching dev-agent); (2) lib/agent-session.sh: added idle-prompt detection to monitor_phase_loop — if Claude returns to the ❯ prompt for 3 consecutive polls with no phase file written, exits immediately with _MONITOR_LOOP_EXIT=idle_prompt (only fires when phase file is empty, so awaiting_ci/review waits are unaffected); (3) gardener prompt: removed 'no time limit' wording, replaced with explicit phase-write requirement.
Co-authored-by: openhands <openhands@all-hands.dev>
Reviewed-on: https://codeberg.org/johba/disinto/pulls/263
Reviewed-by: Disinto_bot <disinto_bot@noreply.codeberg.org>
BusyBox grep (Alpine CI) does not treat \( as a literal paren in -E mode,
causing inject_formula to appear undefined even though it is defined in
lib/agent-session.sh. Using [(][)] is unambiguous in both GNU grep and
BusyBox grep.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Fix SC2164: add || exit 1 to bare cd in update-prompt.sh
- Fix SC2155: separate declare and assign in env.sh, supervisor-poll.sh, dev-agent.sh
- Fix SC2034: inline suppression for vars used by sourced helpers
- Remove unused `mergeable` declaration, rename unused loop var to `_w`
- Remove || true from shellcheck CI step — failures are now blocking
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
ShellCheck finds real issues in existing code. Making it blocking
means the CI pipeline PR can't pass its own CI (chicken-and-egg).
Report warnings but don't fail — fix them incrementally via backlog.
- Fix anti-pattern regex 2 to match quoted form '"$CI_STATE" != "success"'
(was r'\$CI_STATE\s*!=\s*"success"', now r'"?\$CI_STATE"?\s*!=\s*"success"')
- Update both anti-pattern messages to say 'extract ci_passed() to lib/'
instead of implying it already exists as a shared helper in dev-poll.sh
- Add explicit 'when: event: [push, pull_request]' trigger block to ci.yml
- Add '-r' to xargs in shellcheck step to handle zero .sh files gracefully
- Fix operator precedence bug in review-poll.sh:62: scope the OR clause
with braces so CI_STATE=pending bypass only applies when WOODPECKER_REPO_ID=0
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
