chore: add coordinated Claude Code tooling for this project#7
Conversation
This workflow installs Python dependencies, runs tests, and lints code with multiple Python versions.
Document the architecture, build/test workflow, toolset registration pattern, parameter helpers, error handling conventions, and contribution flow so AI assistants can act productively in this repo without re-discovering conventions. https://claude.ai/code/session_018psjWyFFcz83JXdxBQMUdd
Diseño modular del ERP basado en los conectores disponibles: - Stack por capas (datos, aplicacion, automatizacion, BI, colaboracion) - Modulos del ERP y hoja de ruta por fases - Plan de cuentas premium con prioridades de pago
Adds tests for the highest-risk untested code identified during a coverage analysis: - pkg/lockdown: IsSafeContent (the content-safety decision gate) and isTrustedBot were at 0%. New table-driven tests exercise every branch of the safety logic (trusted bot, private repo, viewer-authored, push-access tiers, and the deny-by-default path), plus cache reuse, query-error propagation, option setters, and cacheKey normalization. Package coverage rises from ~52% to ~83%. - pkg/utils: the tool-result constructors (used by every tool's output) were an entirely untested package at 0%; now fully covered.
The consolidated actions_* tools (ActionsGet, ActionsList, ActionsRunTrigger) dispatch to a set of unexported helpers that were at 0% coverage — the existing Test_* cases only validate the tool schemas, not these implementations. Adds direct white-box tests (success + API-error paths) for: getWorkflowJob, listWorkflowJobs, listWorkflowArtifacts, downloadWorkflowArtifact, getWorkflowRunLogsURL, getWorkflowRunUsage, rerunWorkflowRun, rerunFailedJobs, and deleteWorkflowRunLogs. Each helper now sits at ~78-90%, raising actions.go from ~60% to ~81%.
Adds a self-contained .claude/ setup that codifies the workflows in CLAUDE.md as reusable subagents, slash commands, an auto-loading skill, and conservative permission rules. Subagents (.claude/agents/): - tool-adder: adds an MCP tool following the canonical pattern - snapshot-keeper: refreshes pkg/github/__toolsnaps__ safely - lint-fixer: diagnoses and fixes golangci-lint failures - pr-babysitter: triages CI failures and review comments on a PR Slash commands (.claude/commands/): - /add-tool, /check-pr, /fix-lint, /refresh-snapshots Skill (.claude/skills/mcp-tool-pattern/): - Auto-activates when editing pkg/github/, surfaces the tool pattern, parameter helpers, and error-path conventions. Settings (.claude/settings.json): - allow: read-only ops, builds, tests, lints, doc gen, read-only MCP GitHub queries - ask: edits, commits, push, MCP write operations - deny: rm -rf, sudo, all force-push variants (including --force-with-lease), reset --hard, branch -D, git config, curl|sh, auto-merge No source code or workflows are touched. https://claude.ai/code/session_018psjWyFFcz83JXdxBQMUdd
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 6cf0586444
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
|
||
| ## Steps | ||
|
|
||
| 1. **Read CLAUDE.md** (`/home/user/github-mcp-server/CLAUDE.md`) — confirm the |
There was a problem hiding this comment.
Use a project-relative CLAUDE.md path
When this subagent runs from any checkout that is not exactly /home/user/github-mcp-server—including the current repo at /workspace/github-mcp-server—its first instruction points the agent at a nonexistent CLAUDE.md, so the add-tool workflow can fail before it reads the canonical pattern it is supposed to enforce. Since the file lives at the repository root and Claude Code discovers project CLAUDE.md there, make this CLAUDE.md or ./CLAUDE.md instead of an absolute machine-specific path.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
Good catch — fixed in 674d530. Replaced the absolute path with "(at the repository root)" so the agent works in any checkout. Claude Code's automatic CLAUDE.md discovery picks up the project file from there.
Generated by Claude Code
The tool-adder agent referenced /home/user/github-mcp-server/CLAUDE.md, which only resolves on the original author's checkout. Claude Code already discovers project CLAUDE.md at the repo root, so refer to it by location, not absolute path. Addresses Codex review feedback on PR #7. https://claude.ai/code/session_018psjWyFFcz83JXdxBQMUdd
Summary
Adds a self-contained
.claude/toolkit that codifies the workflows inCLAUDE.md(added in #1) as reusable subagents, slash commands, an auto-loading skill, and conservative permission rules. No source code, workflows, or CI configuration is touched.What's inside
Subagents (
.claude/agents/) — invoked viaAgent(subagent_type=...):tool-adder— adds an MCP tool following the canonicalNewTool(...)pattern, including snapshot refresh and doc regen.snapshot-keeper— safely refreshespkg/github/__toolsnaps__/and flags unintentional drift (e.g. aReadOnlyHintflip).lint-fixer— diagnoses golangci-lint failures; prefers fixing code over silencing the linter; documents known false positives.pr-babysitter— triages CI failures and review comments on a single PR; never force-pushes, never auto-merges, always rebases (not merges) on conflict.Slash commands (
.claude/commands/):/add-tool <name> <domain>→ orchestratestool-adder+ verification./check-pr <n>→ compact PR status (checks, threads, mergeability)./fix-lint→ orchestrateslint-fixer./refresh-snapshots→ orchestratessnapshot-keeper.Skill (
.claude/skills/mcp-tool-pattern/SKILL.md) — auto-activates when editingpkg/github/. Surfaces the canonical constructor, parameter helper cheat sheet, error-path table, and common mistakes.Permissions (
.claude/settings.json) — conservative defaults:allow: reads,go build/test/vet/fmt,script/test|lint|generate-docs,UPDATE_TOOLSNAPS=*, read-only git (status/diff/log/show/branch/add/fetch/restore/stash), read-onlymcp__github__*(PR/commit/file/issue reads, search, job logs).ask:Edit,Write,git commit/push/checkout/merge/rebase/reset/revert/tag/rm, all write-sidemcp__github__*(create PR, push files, comment, resolve thread, etc.).deny:rm -rf,sudo, all force-push variants (--force,-f,--force-with-lease),git reset --hard,git branch -D,git clean -fd,git config,curl … | sh,mcp__github__merge_pull_request.Rationale
CLAUDE.md (merged in #1) describes the canonical patterns for this repo, but contributors using AI assistants have to re-derive the workflow each session. This commits those workflows as executable assets so any Claude-Code-driven contributor gets:
pkg/github/, so the canonical constructor and snapshot/doc requirements aren't forgotten.Test plan
.claude/settings.jsonis valid JSON (lint via any host: VS Code shows no diagnostics)./add-tool,/check-pr,/fix-lint,/refresh-snapshotsappear in the slash command list.Agenttype completions.mcp-tool-patternskill activates when editing a file underpkg/github/.Out of scope
https://claude.ai/code/session_018psjWyFFcz83JXdxBQMUdd
Generated by Claude Code