mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases 2 Wiki Activity
879 Commits 78 Branches 4 Tags
55abe359f38841a4bc893b799179837701f93a1d
Commit Graph

5 Commits

Author SHA1 Message Date
Jason Woltje
111a41c7ca fix(#365): fix coordinator CI bandit config and pip upgrade 
Three fixes for the coordinator pipeline:

1. Use bandit.yaml config file (-c bandit.yaml) so global skips
   and exclude_dirs are respected in CI.
2. Upgrade pip to >=25.3 in the install step so pip-audit doesn't
   fail on the stale pip 24.0 bundled with python:3.11-slim.
3. Clean up nosec inline comments to bare "# nosec BXXX" format,
   moving explanations to a separate comment line above. This
   prevents bandit from misinterpreting trailing text as test IDs.

Fixes #365

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-12 16:05:07 -06:00
Jason Woltje
432dbd4d83 fix(#365): fix ruff, mypy, pip, and bandit issues in coordinator 
- Fix 20 ruff errors: UP035 (Callable import), UP042 (StrEnum), E501
  (line length), F401 (unused imports), UP045 (Optional -> X | None),
  I001 (import sorting)
- Fix mypy error: wrap slowapi rate limit handler with
  Exception-compatible signature for add_exception_handler
- Pin pip >= 25.3 in Dockerfile (CVE-2025-8869, CVE-2026-1703)
- Add nosec B104 to config.py (container-bound 0.0.0.0 is acceptable)
- Add nosec B101 to telemetry.py (assert for type narrowing)
- Create bandit.yaml to suppress B404/B607/B603 in gates/ tooling

Fixes #365

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-12 12:46:25 -06:00
Jason Woltje
88953fc998 feat(#160): Implement basic orchestration loop 
Implements the Coordinator class with main orchestration loop:
- Async loop architecture with configurable poll interval
- process_queue() method gets next ready issue and spawns agent (stub)
- Graceful shutdown handling with stop() method
- Error handling that allows loop to continue after failures
- Logging for all actions (start, stop, processing, errors)
- Integration with QueueManager from #159
- Active agent tracking for future agent management

Configuration settings added:
- COORDINATOR_POLL_INTERVAL (default: 5.0s)
- COORDINATOR_MAX_CONCURRENT_AGENTS (default: 10)
- COORDINATOR_ENABLED (default: true)

Tests: 27 new tests covering all acceptance criteria
Coverage: 92% overall (100% for coordinator.py)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-01 18:03:12 -06:00
Jason Woltje
dad4b68f66 feat(#158): Implement issue parser agent 
Add AI-powered issue metadata parser using Anthropic Sonnet model.
- Parse issue markdown to extract: estimated_context, difficulty,
  assigned_agent, blocks, blocked_by
- Implement in-memory caching to avoid duplicate API calls
- Graceful fallback to defaults on parse failures
- Add comprehensive test suite (9 test cases)
- 95% test coverage (exceeds 85% requirement)
- Add ANTHROPIC_API_KEY to config
- Update documentation and add .env.example

Fixes #158

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-01 17:50:35 -06:00
Jason Woltje
e23c09f1f2 feat(#157): Set up webhook receiver endpoint 
Implement FastAPI webhook receiver for Gitea issue assignment events
with HMAC SHA256 signature verification and event routing.

Implementation details:
- FastAPI application with /webhook/gitea POST endpoint
- HMAC SHA256 signature verification in security.py
- Event routing for assigned, unassigned, closed actions
- Comprehensive logging for all webhook events
- Health check endpoint at /health
- Docker containerization with health checks
- 91% test coverage (exceeds 85% requirement)

TDD workflow followed:
- Wrote 16 tests first (RED phase)
- Implemented features to pass tests (GREEN phase)
- All tests passing with 91% coverage
- Type checking with mypy: success
- Linting with ruff: success

Files created:
- apps/coordinator/src/main.py - FastAPI application
- apps/coordinator/src/webhook.py - Webhook handlers
- apps/coordinator/src/security.py - HMAC verification
- apps/coordinator/src/config.py - Configuration management
- apps/coordinator/tests/ - Comprehensive test suite
- apps/coordinator/Dockerfile - Production container
- apps/coordinator/pyproject.toml - Python project config

Configuration:
- Updated .env.example with GITEA_WEBHOOK_SECRET
- Updated docker-compose.yml with coordinator service

Testing:
- 16 unit and integration tests
- Security tests for signature verification
- Event handler tests for all supported actions
- Health check endpoint tests
- All tests passing with 91% coverage

This unblocks issue #158 (issue parser).

Fixes #157

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-01 17:41:46 -06:00