logic855
/
OpenAgentsControl
mirror of https://github.com/darrenhinde/OpenAgentsControl.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259
							name: Validate Registry on PR

on:
  pull_request:
    branches:
      - main
      - dev
    # Removed paths filter - this check is required by repository ruleset
    # so it must run on ALL PRs to prevent blocking merges
  workflow_dispatch:
    inputs:
      skip_validation:
        description: 'Skip validation checks (maintainer override)'
        required: false
        type: boolean
        default: false

permissions:
  contents: write
  pull-requests: write

jobs:
  validate-and-update:
    runs-on: ubuntu-latest
    
    steps:
      - name: Checkout PR branch
        uses: actions/checkout@v4
        with:
          # For forks: fetch from fork repo, for internal: use head_ref
          repository: ${{ github.event.pull_request.head.repo.full_name }}
          ref: ${{ github.event.pull_request.head.ref }}
          fetch-depth: 0
          token: ${{ secrets.GITHUB_TOKEN }}
      
      - name: Detect fork PR
        id: fork_check
        run: |
          if [ "${{ github.event.pull_request.head.repo.full_name }}" != "${{ github.repository }}" ]; then
            echo "is_fork=true" >> $GITHUB_OUTPUT
            echo "🔀 Fork PR detected from: ${{ github.event.pull_request.head.repo.full_name }}"
          else
            echo "is_fork=false" >> $GITHUB_OUTPUT
            echo "📝 Internal PR detected"
          fi
      
      - name: Install dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y jq
      
      - name: Make scripts executable
        run: |
          chmod +x scripts/registry/validate-registry.sh
          chmod +x scripts/registry/auto-detect-components.sh
          chmod +x scripts/registry/register-component.sh
          chmod +x scripts/prompts/validate-pr.sh
      
      - name: Auto-detect new components
        id: auto_detect
        run: |
          echo "## 🔍 Auto-Detection Results" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          
          # Run auto-detect in dry-run mode first to see what would be added
          if ./scripts/registry/auto-detect-components.sh --dry-run > /tmp/detect-output.txt 2>&1; then
            cat /tmp/detect-output.txt >> $GITHUB_STEP_SUMMARY
            
            # Check if new components were found
            if grep -q "Found.*new component" /tmp/detect-output.txt; then
              echo "new_components=true" >> $GITHUB_OUTPUT
              echo "" >> $GITHUB_STEP_SUMMARY
              echo "⚠️ New components detected - will auto-add to registry" >> $GITHUB_STEP_SUMMARY
            else
              echo "new_components=false" >> $GITHUB_OUTPUT
              echo "✅ No new components found" >> $GITHUB_STEP_SUMMARY
            fi
          else
            echo "new_components=false" >> $GITHUB_OUTPUT
            echo "❌ Auto-detection failed" >> $GITHUB_STEP_SUMMARY
          fi
      
      - name: Add new components to registry
        if: steps.auto_detect.outputs.new_components == 'true'
        run: |
          echo "## 📝 Adding New Components" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          
          ./scripts/registry/auto-detect-components.sh --auto-add | tee -a $GITHUB_STEP_SUMMARY
      
      - name: Validate prompt library structure
        id: validate_prompts
        run: |
          echo "## 🔍 Prompt Library Validation" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          
          if ./scripts/prompts/validate-pr.sh > /tmp/prompt-validation.txt 2>&1; then
            echo "prompt_validation=passed" >> $GITHUB_OUTPUT
            echo "✅ Prompt library structure is valid!" >> $GITHUB_STEP_SUMMARY
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
            cat /tmp/prompt-validation.txt >> $GITHUB_STEP_SUMMARY
            echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
          else
            echo "prompt_validation=failed" >> $GITHUB_OUTPUT
            echo "❌ Prompt library validation failed!" >> $GITHUB_STEP_SUMMARY
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
            cat /tmp/prompt-validation.txt >> $GITHUB_STEP_SUMMARY
            echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "**Architecture:**" >> $GITHUB_STEP_SUMMARY
            echo "- Agent files (.opencode/agent/*.md) = Canonical defaults" >> $GITHUB_STEP_SUMMARY
            echo "- Prompt variants (.opencode/prompts/<agent>/<model>.md) = Model-specific" >> $GITHUB_STEP_SUMMARY
            echo "- default.md files should NOT exist" >> $GITHUB_STEP_SUMMARY
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "See [CONTRIBUTING.md](docs/contributing/CONTRIBUTING.md) for details" >> $GITHUB_STEP_SUMMARY
            exit 1
          fi
      
      - name: Validate registry
        id: validate
        run: |
          echo "## ✅ Registry Validation" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          
          if ./scripts/registry/validate-registry.sh -v > /tmp/validation-output.txt 2>&1; then
            echo "validation=passed" >> $GITHUB_OUTPUT
            echo "✅ All registry paths are valid!" >> $GITHUB_STEP_SUMMARY
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
            tail -20 /tmp/validation-output.txt >> $GITHUB_STEP_SUMMARY
            echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
          else
            echo "validation=failed" >> $GITHUB_OUTPUT
            echo "❌ Registry validation failed!" >> $GITHUB_STEP_SUMMARY
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
            cat /tmp/validation-output.txt >> $GITHUB_STEP_SUMMARY
            echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
            exit 1
          fi
      
      - name: Commit registry updates (Internal PRs only)
        if: |
          steps.fork_check.outputs.is_fork == 'false' &&
          steps.auto_detect.outputs.new_components == 'true' &&
          steps.validate_prompts.outputs.prompt_validation == 'passed' &&
          steps.validate.outputs.validation == 'passed'
        run: |
          git config --local user.email "github-actions[bot]@users.noreply.github.com"
          git config --local user.name "github-actions[bot]"
          
          if ! git diff --quiet registry.json; then
            git add registry.json
            git commit -m "chore: auto-update registry with new components [skip ci]"
            git push origin ${{ github.event.pull_request.head.ref }}
            
            echo "## 🚀 Registry Updated" >> $GITHUB_STEP_SUMMARY
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "Registry has been automatically updated with new components." >> $GITHUB_STEP_SUMMARY
            echo "Changes have been pushed to this PR branch." >> $GITHUB_STEP_SUMMARY
          else
            echo "## ℹ️ No Changes to Commit" >> $GITHUB_STEP_SUMMARY
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "Registry is already up to date." >> $GITHUB_STEP_SUMMARY
          fi
      
      - name: Fork PR notice
        if: |
          steps.fork_check.outputs.is_fork == 'true' &&
          steps.auto_detect.outputs.new_components == 'true' &&
          steps.validate_prompts.outputs.prompt_validation == 'passed' &&
          steps.validate.outputs.validation == 'passed'
        uses: actions/github-script@v7
        with:
          script: |
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: `## 📝 Registry Update Needed
            
            Hi @${{ github.event.pull_request.user.login }}! 👋
            
            New components were detected in your PR. Since this is a fork PR, I can't auto-commit the registry updates for security reasons.
            
            **Please run these commands locally:**
            \`\`\`bash
            ./scripts/registry/auto-detect-components.sh --auto-add
            git add registry.json
            git commit -m "chore: update registry"
            git push
            \`\`\`
            
            Once you push the updated registry, the checks will pass! ✅`
            });
      
      - name: Fork PR summary
        if: steps.fork_check.outputs.is_fork == 'true'
        run: |
          echo "## 🔀 Fork PR Detected" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          echo "This is an external contribution - thank you! 🎉" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          
          if [ "${{ steps.auto_detect.outputs.new_components }}" == "true" ]; then
            echo "⚠️ **Action Required:** New components detected" >> $GITHUB_STEP_SUMMARY
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "A comment has been posted with instructions to update the registry." >> $GITHUB_STEP_SUMMARY
          else
            echo "✅ No registry updates needed" >> $GITHUB_STEP_SUMMARY
          fi
      
      - name: Post validation summary
        if: always()
        run: |
          echo "" >> $GITHUB_STEP_SUMMARY
          echo "---" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          
          PROMPT_VALID="${{ steps.validate_prompts.outputs.prompt_validation }}"
          REGISTRY_VALID="${{ steps.validate.outputs.validation }}"
          
          if [ "$PROMPT_VALID" = "passed" ] && [ "$REGISTRY_VALID" = "passed" ]; then
            echo "### ✅ All Validations Passed" >> $GITHUB_STEP_SUMMARY
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "- ✅ Prompt library structure is valid" >> $GITHUB_STEP_SUMMARY
            echo "- ✅ Registry paths are valid" >> $GITHUB_STEP_SUMMARY
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "This PR is ready for review!" >> $GITHUB_STEP_SUMMARY
          else
            echo "### ❌ Validation Failed" >> $GITHUB_STEP_SUMMARY
            echo "" >> $GITHUB_STEP_SUMMARY
            
            if [ "$PROMPT_VALID" != "passed" ]; then
              echo "- ❌ Prompt library validation failed" >> $GITHUB_STEP_SUMMARY
            else
              echo "- ✅ Prompt library validation passed" >> $GITHUB_STEP_SUMMARY
            fi
            
            if [ "$REGISTRY_VALID" != "passed" ]; then
              echo "- ❌ Registry validation failed" >> $GITHUB_STEP_SUMMARY
            else
              echo "- ✅ Registry validation passed" >> $GITHUB_STEP_SUMMARY
            fi
            
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "Please fix the issues above before merging." >> $GITHUB_STEP_SUMMARY
          fi
      
      - name: Fail if validation failed
        if: |
          (steps.validate_prompts.outputs.prompt_validation == 'failed' || steps.validate.outputs.validation == 'failed') &&
          github.event.inputs.skip_validation != 'true'
        run: |
          echo "❌ Validation failed - blocking PR merge"
          echo "Maintainer can override by running workflow manually with 'skip_validation' enabled"
          exit 1