diff --git a/pr-review/action.yml b/pr-review/action.yml index 85ce695..fa3330b 100644 --- a/pr-review/action.yml +++ b/pr-review/action.yml @@ -8,6 +8,10 @@ inputs: app_private_key: description: 'GitHub App private key for generating a short-lived token (required for App-identity comments)' required: false + spike_diagnostics: + description: 'Spike #261: enable empirical diagnostics for overlay reachability. Production callers MUST leave unset.' + required: false + default: 'false' authorized_users: description: 'Comma-separated list of GitHub usernames that bypass the association check. When set, any actor in this list is authorized regardless of org membership visibility. Takes precedence over the API-fallback collaborator check. See #253.' required: false @@ -243,8 +247,22 @@ runs: shell: bash run: echo "REVIEW_START_TIME=$(date -u +%Y-%m-%dT%H:%M:%SZ)" >> "$GITHUB_ENV" + - name: 'Spike #261: pre-cp diagnostics' + if: inputs.spike_diagnostics == 'true' + shell: bash + run: | + echo "===SPIKE-261 PRE-CP===" + echo "--- \$HOME/.claude/ state before cp ---" + ls -laR "$HOME/.claude/" 2>&1 | head -200 || echo "(directory does not exist)" + echo "--- /opt/claude/.claude dir tree (maxdepth 3) ---" + find /opt/claude/.claude -maxdepth 3 -type d 2>&1 | head -50 || echo "(not found)" + echo "===SPIKE-261 PRE-CP END===" + - name: Install overlay tree for claude-code-action CLI shell: bash + # shellcheck disable=SC2016 + env: + SPIKE_DIAG: ${{ inputs.spike_diagnostics }} run: | # GitHub Actions overrides HOME=/github/home in container jobs, discarding # the image's baked HOME=/opt/claude. The CLI discovers $HOME/.claude/ which @@ -255,15 +273,33 @@ runs: # Tracking: https://github.com/glitchwerks/github-actions/issues/259 if [ -d /opt/claude/.claude ]; then mkdir -p "$HOME/.claude" - cp -r /opt/claude/.claude/. "$HOME/.claude/" + if [ "$SPIKE_DIAG" = "true" ]; then + echo "===SPIKE-261 CP===" + echo "Running: cp -a /opt/claude/.claude/. \$HOME/.claude/" + fi + cp -a /opt/claude/.claude/. "$HOME/.claude/" agent_count=$(find "$HOME/.claude/agents" -name '*.md' 2>/dev/null | wc -l || echo 0) skill_count=$(find "$HOME/.claude/skills" -type f 2>/dev/null | wc -l || echo 0) plugin_count=$(find "$HOME/.claude/plugins" -type d -mindepth 1 -maxdepth 1 2>/dev/null | wc -l || echo 0) echo "Overlay installed: agents=${agent_count} skills=${skill_count} plugins=${plugin_count}" + if [ "$SPIKE_DIAG" = "true" ]; then + echo "===SPIKE-261 CP END===" + fi else echo "::warning::No baked overlay at /opt/claude/.claude — running without overlay tree" fi + - name: 'Spike #261: post-cp diagnostics' + if: inputs.spike_diagnostics == 'true' + shell: bash + run: | + echo "===SPIKE-261 POST-CP===" + echo "--- \$HOME/.claude/ state after cp ---" + ls -laR "$HOME/.claude/" 2>&1 | head -200 || echo "(directory does not exist)" + echo "--- agents/ and skills/ dir counts ---" + find "$HOME/.claude/agents" "$HOME/.claude/skills" -maxdepth 2 -type d 2>/dev/null | wc -l || echo "0" + echo "===SPIKE-261 POST-CP END===" + - name: Generate App token id: app-token if: inputs.app_id != '' && inputs.app_private_key != '' @@ -287,6 +323,19 @@ runs: exit 1 fi + - name: 'Spike #261: build prompt suffix' + if: inputs.spike_diagnostics == 'true' + shell: bash + run: | + # Write the spike prompt suffix to GITHUB_ENV so it is available + # to the claude-code-action prompt: block below. + { + printf 'SPIKE_261_PROMPT_SUFFIX<\n' + printf 'After your primary review, attempt to dispatch the `inquisitor` agent via the `Task` tool to deliver an adversarial second pass on this PR. Report the inquisitor'"'"'s findings in a separate section titled "## Inquisitor Second Pass". If the `Task` tool is unavailable or not recognized, state that explicitly (e.g. "Task tool not available") so we can confirm whether claude-code-action@v1 recognizes Task/Skill as allowedTools tokens.\n' + printf 'EOF\n' + } >> "$GITHUB_ENV" + - uses: anthropics/claude-code-action@v1 id: claude-review if: steps.authz.outputs.skip != 'true' && steps.size-check.outputs.skip != 'true' @@ -295,7 +344,7 @@ runs: github_token: ${{ steps.token.outputs.value }} use_sticky_comment: true track_progress: true - claude_args: --max-turns ${{ env.EFFECTIVE_MAX_TURNS }} --model ${{ inputs.model }} --allowedTools "Bash(gh pr diff:*),Bash(gh pr review:*),Bash(gh pr view:*),Task,Skill" + claude_args: --max-turns ${{ env.EFFECTIVE_MAX_TURNS }} --model ${{ inputs.model }} --allowedTools "Bash(gh pr diff:*),Bash(gh pr review:*),Bash(gh pr view:*),Task,Skill,Read,Grep,Glob" prompt: | Review the pull request in repository ${{ github.repository }} (#${{ github.event.pull_request.number }}). @@ -309,7 +358,18 @@ runs: 4. **Test coverage** — are new code paths tested? are edge cases and error paths covered? 5. **Documentation** — are public APIs, functions, and non-obvious logic commented or documented? - Post a summary comment on the PR. Where a specific line is problematic, post an inline review comment on that line using `gh pr review`. Be constructive and specific — cite the line and explain the concern and a suggested fix. + Post a summary comment on the PR. Where a specific line is problematic, post an inline review comment on that line using `gh pr review`. Be constructive and specific — cite the line and explain the concern and a suggested fix.${{ env.SPIKE_261_PROMPT_SUFFIX }} + + - name: 'Spike #261: post-action diagnostics' + if: always() && inputs.spike_diagnostics == 'true' + shell: bash + run: | + echo "===SPIKE-261 POST-ACTION===" + echo "--- \$HOME/.claude/ state after claude-code-action ---" + ls -laR "$HOME/.claude/" 2>&1 | head -200 || echo "(directory does not exist)" + echo "--- Files added/changed since post-cp (checking mtime within last 10 min) ---" + find "$HOME/.claude" -newer /tmp -type f 2>/dev/null | head -50 || echo "(none or /tmp not available as reference)" + echo "===SPIKE-261 POST-ACTION END===" - name: Record review checkpoint if: github.event.action == 'synchronize' && steps.claude-review.outcome == 'success'