chore(bots): per-role launcher scripts + bot pipeline on forgejo MCP #687
No reviewers
Labels
No labels
admin
analytics
auth
automation
bug
business
chore
ci
compliance
data
data-moat
docs
duplicate
dx
enhancement
Fable 5 ревью
feedback/max
generative
GG-форсайт
needs-discussion
needs-human
observability
pause-bots
performance
priority/p0
priority/p1
priority/p2
priority/p3
scope/backend
scope/db
scope/devops
scope/frontend
scope/qa
scrapers
security
site-finder
stage/1
stage/2
status/blocked
status/done
status/needs-analysis
status/needs-fix
status/qa
status/ready
status/review
status/wip
tech-debt
tradein
ux
week ревью 1
wontfix
вторичка
ИРД
No milestone
No project
No assignees
2 participants
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference: lekss361/gendesign#687
Loading…
Add table
Reference in a new issue
No description provided.
Delete branch "chore/bots-forgejo-mcp"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Summary
Закрывает два follow-up'а после установки goern/forgejo-mcp.
(a) Launcher-скрипты — не экспортировать токен руками:
scripts/start-bot.ps1 <role>— выставляет per-bot identity + токены (FORGEJO_ACCESS_TOKENдля forgejo MCP +FORGEJO_TOKENдля curl-fallback), git-identity,forgejo-botremote, verify → запускаетclaude.scripts/start-{analyst,backend,frontend,reviewer,qa}.ps1— тонкие врапперы.(b) Боты на forgejo MCP вместо curl:
_autonomous_pickup.md: новая секция «Forgejo операции —mcp__forgejo__*(PRIMARY)» с полным curl→MCP mapping (list_repo_issues / create_pull_request / merge_pull_request / get_pull_request_diff / create_pull_review / add+remove_issue_labels / update_issue / issue_state_change / create_issue_comment).curl_forgejo→ FALLBACK.auto-*.md+ 5work-as-*.md: директива «Forgejo API →mcp__forgejo__*; curl только fallback» + указатель наstart-bot.ps1.Gotcha задокументирован:
include_org_labels:falseна user-репо (lekss361 не org).Test plan
scripts/start-bot.ps1 reviewer→ выставляет env, verify OK, открывает claudemcp__forgejo__*tools доступны,token_configured:trueget_pull_request_diff→create_pull_review→merge_pull_requestна тестовом PRЗависит от
.mcp.json, уже сконфигурирован локально)NB: PR трогает
auto-code-reviewer.md+ (косвенно) pipeline-правила → self-extending guard: merge человеком, не авто.(a) Launcher scripts — больше не экспортировать токен руками: - scripts/start-bot.ps1 <role> — выставляет per-bot identity + токены (FORGEJO_ACCESS_TOKEN для forgejo MCP + FORGEJO_TOKEN для curl-fallback), git-identity, forgejo-bot remote, verify, затем запускает claude. - scripts/start-{analyst,backend,frontend,reviewer,qa}.ps1 — тонкие врапперы. (b) Bots on forgejo MCP (goern) вместо curl: - _autonomous_pickup.md: новая секция «Forgejo операции — mcp__forgejo__* (PRIMARY)» с полным curl→MCP mapping (list_repo_issues / create_pull_request / merge_pull_request / get_pull_request_diff / create_pull_review / add+remove_issue_labels / update_issue / issue_state_change / create_issue_comment). curl_forgejo помечен FALLBACK. - 5 auto-*.md + 5 work-as-*.md: директива «Forgejo API → mcp__forgejo__* tools (mapping в _autonomous_pickup); curl только fallback» + указатель на start-bot.ps1. Gotcha задокументирован: include_org_labels:false на user-репо (lekss361 не org). Требует: рестарт Claude Code (forgejo MCP eager из .mcp.json) + FORGEJO_ACCESS_TOKEN per-window (делает start-bot.ps1).Verdict: BLOCKED — self-extending change, requires human review/merge (auto-reviewer hard exception).
This PR modifies the autonomous-pipeline contract files that the review bot is forbidden from auto-merging, per the self-extending guard in
.claude/rules/git-pr.md(Auto-merge policy) and.claude/agents/auto-code-reviewer.md(Hard rules):.claude/agents/auto-code-reviewer.md— the review bot's own definition.claude/agents/_autonomous_pickup.md— the shared pickup/claim/merge contract.claude/commands/work-as-*.md(all five roles)The rule is independent of how benign the diff is: a bot must not be the actor that approves changes to its own operating rules / merge authority. A human must review and merge.
For the human reviewer — what this PR actually does (looks sound, just needs your eyes):
curltomcp__forgejo__*tools (PRIMARY), with curl kept as documented fallback. Adds an operation→MCP-tool mapping table in_autonomous_pickup.md.scripts/start-bot.ps1 <role>per-role launcher (+ thinstart-<role>.ps1wrappers) that sets git identity, resolvesFORGEJO_TOKEN_<ROLE>from User env, exportsFORGEJO_ACCESS_TOKENfor the forgejo MCP, configures the bot-remote, verifies identity, then launches claude.One thing to verify before merging: this makes
mcp__forgejo__*the PRIMARY path for all bot windows, but the forgejo MCP is NOT connected in at least some current bot windows (this reviewer window has been operating entirely on curl — the MCP is absent). Confirm thestart-bot.ps1flow (exportingFORGEJO_ACCESS_TOKENbefore launching claude) actually makes the goern forgejo MCP connect+eager in the bot windows, otherwise the bots will silently fall back to curl and the "PRIMARY" docs will be misleading.No code defect found. Re-label off
status/blocked/needs-humanand merge manually once you've reviewed.