forked from darrenhinde/OpenAgentsControl
-
Notifications
You must be signed in to change notification settings - Fork 0
379 lines (335 loc) · 17.1 KB
/
validate-registry.yml
File metadata and controls
379 lines (335 loc) · 17.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
name: Validate Registry on PR
# This workflow validates the registry.json and prompt library structure on all PRs.
#
# For bot-created PRs (like automated version bumps), the workflow won't trigger automatically
# due to GitHub's security restrictions. In those cases, you can manually trigger this workflow:
#
# Option 1 - Run Validation:
# 1. Go to Actions > Validate Registry on PR > Run workflow
# 2. Enter the PR number (e.g., 106)
# 3. Leave "skip_validation" unchecked
# 4. Click "Run workflow"
#
# Option 2 - Admin Bypass (for trusted bot PRs):
# 1. Go to Actions > Validate Registry on PR > Run workflow
# 2. Enter the PR number (e.g., 106)
# 3. Check "skip_validation" checkbox
# 4. Click "Run workflow"
# 5. The check will pass immediately without running validation
on:
# Use pull_request_target to allow running on bot-created PRs
# This also allows the workflow to write to the PR branch
pull_request_target:
branches:
- main
- dev
# Removed paths filter - this check is required by repository ruleset
# so it must run on ALL PRs to prevent blocking merges
workflow_dispatch:
inputs:
pr_number:
description: 'PR number to validate (for manual runs on bot-created PRs)'
required: false
type: number
skip_validation:
description: 'Skip validation checks (maintainer override)'
required: false
type: boolean
default: false
permissions:
contents: write
pull-requests: write
jobs:
validate-and-update:
runs-on: ubuntu-latest
steps:
- name: Admin bypass check
if: github.event_name == 'workflow_dispatch' && github.event.inputs.skip_validation == 'true'
run: |
echo "## ✅ Validation Bypassed (Admin Override)" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "Validation checks skipped by maintainer." >> $GITHUB_STEP_SUMMARY
echo "PR: #${{ github.event.inputs.pr_number }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "The workflow will complete successfully without running validation steps." >> $GITHUB_STEP_SUMMARY
- name: Checkout repository (for manual runs)
if: github.event_name == 'workflow_dispatch' && github.event.inputs.skip_validation != 'true'
uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ secrets.GITHUB_TOKEN }}
- name: Get PR details (for manual runs)
if: github.event_name == 'workflow_dispatch' && github.event.inputs.pr_number != '' && github.event.inputs.skip_validation != 'true'
id: get_pr
run: |
PR_DATA=$(gh pr view ${{ github.event.inputs.pr_number }} --json headRefName,headRepository,headRepositoryOwner)
echo "head_ref=$(echo $PR_DATA | jq -r '.headRefName')" >> $GITHUB_OUTPUT
echo "head_repo=$(echo $PR_DATA | jq -r '.headRepositoryOwner.login + "/" + .headRepository.name')" >> $GITHUB_OUTPUT
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout PR branch
if: github.event.inputs.skip_validation != 'true'
uses: actions/checkout@v4
with:
# For manual runs: use PR details from get_pr step
# For PR events: use event data
repository: ${{ github.event_name == 'workflow_dispatch' && steps.get_pr.outputs.head_repo || github.event.pull_request.head.repo.full_name }}
ref: ${{ github.event_name == 'workflow_dispatch' && steps.get_pr.outputs.head_ref || github.event.pull_request.head.ref }}
fetch-depth: 0
token: ${{ secrets.GITHUB_TOKEN }}
- name: Detect fork PR
if: github.event.inputs.skip_validation != 'true'
id: fork_check
run: |
# For manual runs, use the fetched PR data
if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then
HEAD_REPO="${{ steps.get_pr.outputs.head_repo }}"
else
HEAD_REPO="${{ github.event.pull_request.head.repo.full_name }}"
fi
if [ "$HEAD_REPO" != "${{ github.repository }}" ]; then
echo "is_fork=true" >> $GITHUB_OUTPUT
echo "🔀 Fork PR detected from: $HEAD_REPO"
else
echo "is_fork=false" >> $GITHUB_OUTPUT
echo "📝 Internal PR detected"
fi
- name: Install dependencies
if: github.event.inputs.skip_validation != 'true'
run: |
sudo apt-get update
sudo apt-get install -y jq
- name: Install Bun
if: github.event.inputs.skip_validation != 'true'
uses: oven-sh/setup-bun@v2
with:
bun-version: latest
- name: Install dependencies
if: github.event.inputs.skip_validation != 'true'
run: |
# Install root dependencies (glob package needed for validation script)
bun install --frozen-lockfile
- name: Make scripts executable
if: github.event.inputs.skip_validation != 'true'
run: |
chmod +x scripts/registry/validate-registry.sh
chmod +x scripts/registry/auto-detect-components.sh
chmod +x scripts/registry/register-component.sh
chmod +x scripts/prompts/validate-pr.sh
- name: Auto-detect new components
if: github.event.inputs.skip_validation != 'true'
id: auto_detect
run: |
echo "## 🔍 Auto-Detection Results" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
# Run auto-detect in dry-run mode first to see what would be added
if ./scripts/registry/auto-detect-components.sh --dry-run > /tmp/detect-output.txt 2>&1; then
cat /tmp/detect-output.txt >> $GITHUB_STEP_SUMMARY
# Check if new components were found
if grep -q "Found.*new component" /tmp/detect-output.txt; then
echo "new_components=true" >> $GITHUB_OUTPUT
echo "" >> $GITHUB_STEP_SUMMARY
echo "⚠️ New components detected - will auto-add to registry" >> $GITHUB_STEP_SUMMARY
else
echo "new_components=false" >> $GITHUB_OUTPUT
echo "✅ No new components found" >> $GITHUB_STEP_SUMMARY
fi
else
echo "new_components=false" >> $GITHUB_OUTPUT
echo "❌ Auto-detection failed" >> $GITHUB_STEP_SUMMARY
fi
- name: Add new components to registry
if: steps.auto_detect.outputs.new_components == 'true' && github.event.inputs.skip_validation != 'true'
run: |
echo "## 📝 Adding New Components" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
./scripts/registry/auto-detect-components.sh --auto-add | tee -a $GITHUB_STEP_SUMMARY
- name: Validate prompt library structure
if: github.event.inputs.skip_validation != 'true'
id: validate_prompts
run: |
echo "## 🔍 Prompt Library Validation" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
if ./scripts/prompts/validate-pr.sh > /tmp/prompt-validation.txt 2>&1; then
echo "prompt_validation=passed" >> $GITHUB_OUTPUT
echo "✅ Prompt library structure is valid!" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
cat /tmp/prompt-validation.txt >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
else
echo "prompt_validation=failed" >> $GITHUB_OUTPUT
echo "❌ Prompt library validation failed!" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
cat /tmp/prompt-validation.txt >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**Architecture:**" >> $GITHUB_STEP_SUMMARY
echo "- Agent files (.opencode/agent/**/*.md) = Canonical defaults" >> $GITHUB_STEP_SUMMARY
echo "- Prompt variants (.opencode/prompts/<agent>/<model>.md) = Model-specific" >> $GITHUB_STEP_SUMMARY
echo "- default.md files should NOT exist" >> $GITHUB_STEP_SUMMARY
echo "- Agents organized in category subdirectories (core/, development/, content/, etc.)" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "See [CONTRIBUTING.md](docs/contributing/CONTRIBUTING.md) for details" >> $GITHUB_STEP_SUMMARY
exit 1
fi
- name: Validate markdown context links
if: github.event.inputs.skip_validation != 'true'
id: validate_context_links
run: |
echo "## 🔗 Context Link Validation" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
if bun run scripts/validation/validate-markdown-links.ts > /tmp/context-link-validation.txt 2>&1; then
echo "context_links=passed" >> $GITHUB_OUTPUT
echo "✅ Context markdown links are valid!" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
cat /tmp/context-link-validation.txt >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
else
echo "context_links=failed" >> $GITHUB_OUTPUT
echo "❌ Context markdown link validation failed!" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
cat /tmp/context-link-validation.txt >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
exit 1
fi
- name: Validate registry
if: github.event.inputs.skip_validation != 'true'
id: validate
run: |
echo "## ✅ Registry Validation" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
# Use TypeScript validator (fast and reliable)
# Run validation and capture output (show in logs AND save to file)
if bun run scripts/registry/validate-registry.ts 2>&1 | tee /tmp/validation-output.txt; then
echo "validation=passed" >> $GITHUB_OUTPUT
echo "✅ All registry paths are valid!" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
cat /tmp/validation-output.txt >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
else
echo "validation=failed" >> $GITHUB_OUTPUT
echo "❌ Registry validation failed!" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
cat /tmp/validation-output.txt >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**Check the logs above for detailed error output**" >> $GITHUB_STEP_SUMMARY
exit 1
fi
- name: Commit registry updates (Internal PRs only)
if: |
github.event.inputs.skip_validation != 'true' &&
steps.fork_check.outputs.is_fork == 'false' &&
steps.auto_detect.outputs.new_components == 'true' &&
steps.validate_prompts.outputs.prompt_validation == 'passed' &&
steps.validate.outputs.validation == 'passed'
run: |
git config --local user.email "github-actions[bot]@users.noreply.github.com"
git config --local user.name "github-actions[bot]"
if ! git diff --quiet registry.json; then
git add registry.json
git commit -m "chore: auto-update registry with new components [skip ci]"
# For manual runs, use the fetched branch name
BRANCH_NAME="${{ github.event_name == 'workflow_dispatch' && steps.get_pr.outputs.head_ref || github.event.pull_request.head.ref }}"
git push origin "$BRANCH_NAME"
echo "## 🚀 Registry Updated" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "Registry has been automatically updated with new components." >> $GITHUB_STEP_SUMMARY
echo "Changes have been pushed to this PR branch." >> $GITHUB_STEP_SUMMARY
else
echo "## ℹ️ No Changes to Commit" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "Registry is already up to date." >> $GITHUB_STEP_SUMMARY
fi
- name: Fork PR notice
if: |
github.event.inputs.skip_validation != 'true' &&
steps.fork_check.outputs.is_fork == 'true' &&
steps.auto_detect.outputs.new_components == 'true' &&
steps.validate_prompts.outputs.prompt_validation == 'passed' &&
steps.validate.outputs.validation == 'passed'
uses: actions/github-script@v7
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: `## 📝 Registry Update Needed
Hi @${{ github.event.pull_request.user.login }}! 👋
New components were detected in your PR. Since this is a fork PR, I can't auto-commit the registry updates for security reasons.
**Please run these commands locally:**
\`\`\`bash
./scripts/registry/auto-detect-components.sh --auto-add
git add registry.json
git commit -m "chore: update registry"
git push
\`\`\`
Once you push the updated registry, the checks will pass! ✅`
});
- name: Fork PR summary
if: steps.fork_check.outputs.is_fork == 'true' && github.event.inputs.skip_validation != 'true'
run: |
echo "## 🔀 Fork PR Detected" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "This is an external contribution - thank you! 🎉" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
if [ "${{ steps.auto_detect.outputs.new_components }}" == "true" ]; then
echo "⚠️ **Action Required:** New components detected" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "A comment has been posted with instructions to update the registry." >> $GITHUB_STEP_SUMMARY
else
echo "✅ No registry updates needed" >> $GITHUB_STEP_SUMMARY
fi
- name: Post validation summary
if: always()
run: |
echo "" >> $GITHUB_STEP_SUMMARY
echo "---" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
PROMPT_VALID="${{ steps.validate_prompts.outputs.prompt_validation }}"
CONTEXT_LINKS_VALID="${{ steps.validate_context_links.outputs.context_links }}"
REGISTRY_VALID="${{ steps.validate.outputs.validation }}"
if [ "$PROMPT_VALID" = "passed" ] && [ "$CONTEXT_LINKS_VALID" = "passed" ] && [ "$REGISTRY_VALID" = "passed" ]; then
echo "### ✅ All Validations Passed" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "- ✅ Prompt library structure is valid" >> $GITHUB_STEP_SUMMARY
echo "- ✅ Context markdown links are valid" >> $GITHUB_STEP_SUMMARY
echo "- ✅ Registry paths are valid" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "This PR is ready for review!" >> $GITHUB_STEP_SUMMARY
else
echo "### ❌ Validation Failed" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
if [ "$PROMPT_VALID" != "passed" ]; then
echo "- ❌ Prompt library validation failed" >> $GITHUB_STEP_SUMMARY
else
echo "- ✅ Prompt library validation passed" >> $GITHUB_STEP_SUMMARY
fi
if [ "$CONTEXT_LINKS_VALID" != "passed" ]; then
echo "- ❌ Context markdown link validation failed" >> $GITHUB_STEP_SUMMARY
else
echo "- ✅ Context markdown link validation passed" >> $GITHUB_STEP_SUMMARY
fi
if [ "$REGISTRY_VALID" != "passed" ]; then
echo "- ❌ Registry validation failed" >> $GITHUB_STEP_SUMMARY
else
echo "- ✅ Registry validation passed" >> $GITHUB_STEP_SUMMARY
fi
echo "" >> $GITHUB_STEP_SUMMARY
echo "Please fix the issues above before merging." >> $GITHUB_STEP_SUMMARY
fi
- name: Fail if validation failed
if: |
(steps.validate_prompts.outputs.prompt_validation == 'failed' || steps.validate_context_links.outputs.context_links == 'failed' || steps.validate.outputs.validation == 'failed') &&
github.event.inputs.skip_validation != 'true'
run: |
echo "❌ Validation failed - blocking PR merge"
echo "Maintainer can override by running workflow manually with 'skip_validation' enabled"
exit 1