chore: sync agent-process-issue.yml from eqdmc/.github

Author: eqdmc-admin

.github/workflows/agent-process-issue.yml

@@ -1,182 +1,14 @@
+# Managed by eqdmc/.github — do not edit. Changes overwritten on next sync.
 name: "Agent: Process Issue"
 
 on:
   issues:
     types: [labeled]
 
-concurrency:
-  group: agent-issue-${{ github.event.issue.number }}
-  cancel-in-progress: false
-
 jobs:
-  validate:
+  process:
     if: github.event.label.name == 'agent-work'
-    runs-on: ubuntu-latest
-    permissions:
-      issues: write
-    outputs:
-      proceed: ${{ steps.check.outputs.proceed }}
-      issue: ${{ steps.check.outputs.issue }}
-    steps:
-      - name: Check safety labels
-        id: check
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          ISSUE: ${{ github.event.issue.number }}
-        run: |
-          set -euo pipefail
-          labels=$(gh issue view "$ISSUE" \
-            -R "${{ github.repository }}" \
-            --json labels --jq '.labels[].name' | tr '\n' ',')
-
-          if echo "$labels" | grep -qE '(^|,)risk:high(,|$)'; then
-            gh issue comment "$ISSUE" -R "${{ github.repository }}" \
-              --body "Agent refused: \`risk:high\` requires human execution."
-            echo "proceed=false" >> "$GITHUB_OUTPUT"
-            exit 0
-          fi
-
-          if echo "$labels" | grep -qE '(^|,)role:founder-only(,|$)'; then
-            gh issue comment "$ISSUE" -R "${{ github.repository }}" \
-              --body "Agent refused: \`role:founder-only\` is author-inline work, not dispatchable."
-            echo "proceed=false" >> "$GITHUB_OUTPUT"
-            exit 0
-          fi
-
-          if echo "$labels" | grep -qE '(^|,)needs-human(,|$)'; then
-            echo "Issue has needs-human label, waiting for human response"
-            echo "proceed=false" >> "$GITHUB_OUTPUT"
-            exit 0
-          fi
-
-          echo "proceed=true" >> "$GITHUB_OUTPUT"
-          echo "issue=$ISSUE" >> "$GITHUB_OUTPUT"
-
-  implement:
-    needs: validate
-    if: needs.validate.outputs.proceed == 'true'
-    runs-on: ubuntu-latest
-    timeout-minutes: 30
-    permissions:
-      contents: write
-      pull-requests: write
-      issues: write
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
-        with:
-          fetch-depth: 0
-
-      - name: Derive branch name from issue
-        id: branch
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          ISSUE: ${{ needs.validate.outputs.issue }}
-          REPO: ${{ github.repository }}
-        run: |
-          set -euo pipefail
-          title=$(gh issue view "$ISSUE" --repo "$REPO" --json title --jq '.title')
-          slug=$(echo "$title" \
-            | sed -E 's/^(feat|fix|chore|docs|test|refactor|ci|style|perf|build|revert): *//' \
-            | tr '[:upper:]' '[:lower:]' \
-            | tr -cs 'a-z0-9' '-' \
-            | sed 's/^-//;s/-$//' \
-            | cut -c1-50)
-          branch="agent/${ISSUE}-${slug}"
-          echo "branch=$branch" >> "$GITHUB_OUTPUT"
-          echo "title=$title" >> "$GITHUB_OUTPUT"
-
-          if echo "$title" | grep -qE '^(feat|fix|chore|docs|test|refactor|ci|style|perf|build|revert):'; then
-            echo "pr_title=$title" >> "$GITHUB_OUTPUT"
-          else
-            echo "pr_title=feat: $title" >> "$GITHUB_OUTPUT"
-          fi
-
-      - name: Process issue with OpenCode
-        uses: anomalyco/opencode/github@77fc88c8ade8e5a620ebbe1197f3a572d29ae91a # latest
-        env:
-          ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
-          GITHUB_TOKEN: ${{ secrets.ORG_CONFIG_TOKEN }}
-          GH_TOKEN: ${{ secrets.ORG_CONFIG_TOKEN }}
-        with:
-          model: anthropic/claude-haiku-4-5-20251001
-          use_github_token: "true"
-          prompt: |
-            You are an autonomous agent processing issue #${{ needs.validate.outputs.issue }} on ${{ github.repository }}.
-
-            BRANCH NAME (use exactly): ${{ steps.branch.outputs.branch }}
-            PR TITLE (use exactly): ${{ steps.branch.outputs.pr_title }}
-
-            Step 1 — Read the issue (body AND all comments):
-              gh issue view ${{ needs.validate.outputs.issue }} -R ${{ github.repository }} --json title,body,comments
-
-            If a "## Human Response" comment exists, continue from where
-            the previous agent left off using that response.
-
-            Step 2 — Create your branch:
-              git checkout -b ${{ steps.branch.outputs.branch }}
-
-            Step 3 — Implement the task. Follow "## Task" and "## Acceptance
-            criteria" sections exactly. Do NOT expand scope.
-
-            Step 4 — Commit and push:
-              git add -A
-              git commit -m "${{ steps.branch.outputs.pr_title }} (#${{ needs.validate.outputs.issue }})"
-              git push -u origin ${{ steps.branch.outputs.branch }}
-
-            Step 5 — Create the PR. This is non-negotiable. Run exactly:
-              gh pr create \
-                --title "${{ steps.branch.outputs.pr_title }}" \
-                --body "Closes #${{ needs.validate.outputs.issue }}" \
-                --label "agent-work,risk:low,ready-to-merge" \
-                --head "${{ steps.branch.outputs.branch }}"
-
-            Constraints:
-              - Do NOT change the branch name, PR title, or labels above.
-              - Do NOT self-merge.
-              - Do NOT assume infrastructure creates the PR for you.
-              - Do NOT modify .github/workflows/ or settings.json.
-              - If stuck, comment "## Needs Human Input" on the issue,
-                add the needs-human label, and stop.
-
-      - name: Verify PR was created
-        id: verify-pr
-        env:
-          GH_TOKEN: ${{ secrets.ORG_CONFIG_TOKEN }}
-          ISSUE: ${{ needs.validate.outputs.issue }}
-          REPO: ${{ github.repository }}
-        run: |
-          set -euo pipefail
-          pr=$(gh pr list --repo "$REPO" --state open --json number,body \
-            --jq "[.[] | select(.body | test(\"(?i)(close[sd]?|fix(e[sd])?|resolve[sd]?) #$ISSUE\"))] | first | .number" 2>/dev/null)
-          if [ -z "$pr" ] || [ "$pr" = "null" ]; then
-            echo "::error::Agent did not create a PR for issue #$ISSUE"
-            gh issue comment "$ISSUE" --repo "$REPO" \
-              --body "Agent completed but did not create a PR. Marking for retry." || true
-            exit 1
-          fi
-          echo "pr=$pr" >> "$GITHUB_OUTPUT"
-          echo "Agent created PR #$pr for issue #$ISSUE"
-
-      - name: Apply org PR conventions
-        if: steps.verify-pr.outputs.pr != ''
-        env:
-          GH_TOKEN: ${{ secrets.ORG_CONFIG_TOKEN }}
-          ISSUE: ${{ needs.validate.outputs.issue }}
-          REPO: ${{ github.repository }}
-          PR: ${{ steps.verify-pr.outputs.pr }}
-        run: |
-          set -euo pipefail
-          gh pr edit "$PR" --repo "$REPO" \
-            --add-label "agent-work" --add-label "risk:low" --add-label "ready-to-merge" || true
-
-          title=$(gh issue view "$ISSUE" --repo "$REPO" --json title --jq '.title')
-          current=$(gh pr view "$PR" --repo "$REPO" --json title --jq '.title')
-          if ! echo "$current" | grep -qE '^(feat|fix|chore|docs|test|refactor|ci|style|perf|build|revert):'; then
-            if echo "$title" | grep -qE '^(feat|fix|chore|docs|test|refactor|ci|style|perf|build|revert):'; then
-              gh pr edit "$PR" --repo "$REPO" --title "$title" || true
-            else
-              gh pr edit "$PR" --repo "$REPO" --title "feat: $title" || true
-            fi
-          fi
+    uses: eqdmc/.github/.github/workflows/_agent-process-issue.yml@main
+    with:
+      issue-number: ${{ github.event.issue.number }}
+    secrets: inherit