fix: simplify Claude workflows and TestPyPI publishing #8
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Claude Quality Gate | |
| on: | |
| pull_request: | |
| branches: [main, test] | |
| types: [opened, synchronize, reopened] | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| issues: write | |
| id-token: write | |
| jobs: | |
| # Agent 1 — verify tests exist for all changed code | |
| test-coverage-agent: | |
| name: Test Coverage Agent | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: anthropics/claude-code-action@v1 | |
| with: | |
| claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| prompt: | | |
| You are a test quality agent for the ptop3 project. | |
| Review the diff of this PR (compare HEAD to the base branch) and: | |
| 1. List every new or modified function/method in ptop3/ source files. | |
| 2. Check tests/ to confirm each one has a corresponding test. | |
| 3. For any function missing a test, post a PR comment that: | |
| - Identifies the untested function (module + name). | |
| - Provides a ready-to-use test snippet following the project rules: | |
| * Mock /proc/* files with tmp_path fixtures | |
| * Mock curses — never test TUI rendering directly | |
| * Patch os.geteuid for root-required paths | |
| * Tests must pass on Python 3.10–3.13 | |
| 4. If all functions are covered, post a short confirmation comment. | |
| Do NOT modify files or create commits. All feedback must be via PR comments. | |
| Project test style is in tests/conftest.py and existing test files. | |
| Quality rules are in .github/instructions/code-review.instructions.md. | |
| # Agent 2 — verify CHANGELOG and docs are updated | |
| docs-changelog-agent: | |
| name: Docs & Changelog Agent | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: anthropics/claude-code-action@v1 | |
| with: | |
| claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| prompt: | | |
| You are a documentation quality agent for the ptop3 project. | |
| Review the diff of this PR and: | |
| 1. CHANGELOG check: | |
| - If any user-facing behavior changed (new feature, bug fix, CLI flag, keybinding), | |
| verify CHANGELOG.md has an entry under ## [Unreleased]. | |
| - If missing, post a PR comment that states what is missing and proposes | |
| the exact text to add under the correct section | |
| (Added / Changed / Fixed / Security / Deprecated / Removed). | |
| - Do NOT bump version numbers. | |
| 2. README check: | |
| - If new keybindings, CLI flags, or entry points were added, verify README.md documents them. | |
| - If missing, post a PR comment explaining what is missing and proposing | |
| the exact wording or patch snippet to add. | |
| 3. Docstring check: | |
| - For any new public function in ptop3/ that lacks a docstring, post a PR comment | |
| identifying the function (module, name, signature) and proposing a one-line docstring. | |
| Do NOT modify files or create commits. All feedback must be via PR comments. | |
| If everything is already documented, post a short confirmation comment summarising what you checked. | |
| # Agent 3 — code quality and security review | |
| code-review-agent: | |
| name: Code Review Agent | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: anthropics/claude-code-action@v1 | |
| with: | |
| claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| prompt: | | |
| You are a code quality and security agent for the ptop3 project. | |
| Review the diff of this PR against the standards in | |
| .github/instructions/code-review.instructions.md and check for: | |
| 1. Style violations: bare except, print() in library code, typing.Dict/List/Optional, | |
| shell=True in subprocess, string path concatenation instead of pathlib. | |
| 2. Security issues: unsanitized input to subprocess, hardcoded secrets, | |
| missing root check before writing /proc/sys/vm/drop_caches or calling swapoff/swapon, | |
| missing visudo validation before sudoers writes. | |
| 3. GitHub Actions: missing permissions blocks, missing skip-existing on TestPyPI steps. | |
| 4. Module-specific rules from the instructions file. | |
| For each issue found, post an inline PR review comment at the exact file+line | |
| with a clear explanation and a concrete suggested fix. | |
| Do NOT modify files or create commits. All feedback must be via PR comments. | |
| If no issues are found, post a brief approval comment summarising what was checked. |