Adjusts test expectations to handle recent UX improvements that changed
error message formatting. Also adds support for variable-based test
infrastructure detection in test-infra-sync.test.ts and includes missing
cloud URL patterns for webdock, serverspace, and gcore.
Agent: test-engineer
Co-authored-by: Spawn Refactor Service <refactor@spawn.service>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Railway and Render had bare error messages ("Service deployment failed")
without actionable guidance, unlike Koyeb which provides detailed debugging
steps. This brings them up to parity with comprehensive error handling.
Changes:
- Railway: Add detailed causes and debugging steps for deployment failures
- Railway: Improve timeout message with actionable next steps
- Render: Add detailed causes and debugging steps for deployment failures
- Render: Enhance timeout message with clear remediation guidance
Both now provide:
- Common failure causes (build errors, resource limits, health checks)
- Numbered debugging steps with dashboard links
- Specific CLI commands for troubleshooting
- Clear retry instructions
Agent: ux-engineer
Co-authored-by: Spawn Refactor Service <refactor@spawn.service>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Enhance error messages across validation and download failures to be more
actionable and user-friendly:
Security validation improvements (cli/src/security.ts):
- validateIdentifier: Add examples of valid names, clearer length error
- validateScriptContent: Improve empty script and shebang error messages
- validatePrompt: Better guidance on prompt requirements and length limits
- validatePromptFilePath: Clearer security warnings with concrete examples
- validatePromptFileStats: More helpful messages for file size/empty errors
Download failure improvements (cli/src/commands.ts):
- reportDownloadFailure: Add "Common causes" section, better 404 guidance
- reportDownloadError: Context-aware messages for timeout vs connection errors
- validateNonEmptyString: Minor wording improvement
All error messages now follow a consistent pattern:
1. What went wrong (clear, specific)
2. Why it might have happened (common causes)
3. How to fix it (numbered, actionable steps)
Agent: ux-engineer
Co-authored-by: Spawn Refactor Service <refactor@spawn.service>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Extract assertion tracking and fixture detection logic in mock.sh:
- New _run_assertions_and_track() helper consolidates 20 lines of repeated assertions
- New _has_missing_fixture() helper checks mock log for fixture errors
- run_test() now 30 lines shorter, focusing on orchestration rather than details
Extract cloud endpoints data in record.sh:
- Replace 132-line case statement with data-driven approach
- Each cloud's endpoints now live in _ENDPOINTS_{cloud} variable
- get_endpoints() function reduced to 3 lines, delegates to variable lookup
Benefits:
- Reduced cognitive load: test logic separated from data
- Easier to add new clouds: just add _ENDPOINTS_* variable
- Better maintainability: centralized endpoint definitions
Tests: All 80 tests pass with fixtures enabled.
Co-authored-by: Spawn Refactor Service <refactor@spawn.service>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Fix 15 failing tests by implementing proper mock_run callbacks that handle
path substitution for /tmp/spawn_config_* files and home directory paths.
Updated all failing test cases to use sed-based path replacement before
eval to correctly move configuration files to their final destinations.
All 40 tests in agent-config-setup.test.ts now pass.
Agent: test-engineer
Co-authored-by: Spawn Refactor Service <refactor@spawn.service>
- Extract watchdog loop logic from run_team_cycle into _run_watchdog_loop helper
- Extract resource cleanup into _cleanup_stale_artifacts helper
- Extract prompt file preparation into _prepare_prompt_file helper
- Extract cycle completion handling into _handle_cycle_completion helper
- Extract claude process killing into _kill_claude_process helper (macOS bash 3.x compatible)
- In gcore/lib/common.sh: Extract resource gathering into _gather_instance_resources
- In gcore/lib/common.sh: Extract instance ID extraction into _extract_instance_id
- All refactoring maintains 100% test coverage (80/80 tests pass)
Agent: complexity-hunter
Co-authored-by: Spawn Refactor Service <refactor@spawn.service>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
* ux: improve security and validation error messages
Make error messages more user-friendly and actionable:
**Security validation errors:**
- Changed "contains invalid characters" to "Invalid agent: ..." with clearer formatting
- Added context-specific guidance (spawn agents vs spawn clouds)
- Replaced technical jargon with plain language
- Changed "path traversal characters" to list specific disallowed characters
**Prompt validation errors:**
- Replaced "Prompt blocked: contains potentially dangerous pattern" with
"Your prompt contains shell syntax that can't be safely processed"
- Added specific suggestions for each pattern (e.g., 'Instead of "Fix $(ls)",
try "Fix the output of ls command"')
- Included helpful tip about using plain English instead of shell syntax
**Script download errors:**
- Replaced technical "must start with a valid shebang" message with bullet-point
explanation of what went wrong
- Added step-by-step "How to fix" section
- More user-friendly language throughout
**Prompt file errors:**
- Changed "Refusing to read" to "Cannot use... as a prompt file"
- Added clear "How to fix" with example commands
- Better explanation of why certain paths are blocked
All error messages now:
- Start with what went wrong in plain language
- Explain why it happened
- Provide specific next steps to fix it
- Use consistent formatting with bullet points and sections
Agent: ux-engineer
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
* fix: Replace !! with ;; in gcore case branches in record.sh
Addresses security review feedback. The !! syntax is invalid bash and broke
the test recording infrastructure.
-- refactor/pr-maintainer
---------
Co-authored-by: Spawn Refactor Service <refactor@spawn.service>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
* fix: Properly handle comma-separated auth vars in key-request.sh
The tr command was incorrectly translating each character in '+,' to newline,
causing "ALIYUN_ACCESS_KEY_ID, ALIYUN_ACCESS_KEY_SECRET" to not be split properly.
Also updated get_cloud_env_vars to split on both + and , separators.
Fixes the error: "ALIYUN_ACCESS_KEY_ID, ALIYUN_ACCESS_KEY_SECRET: invalid variable name"
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
* fix: Add timeout protection to QA cycle mock test phases
Prevents the QA cycle from hanging indefinitely if test/mock.sh hangs.
Wraps both Phase 2 and Phase 4 mock test runs with a 10-minute timeout.
Context: QA bot hung for 1+ hour when test/mock.sh hung in Phase 2,
causing the trigger server to become unresponsive. This adds defensive
timeouts to prevent cascade failures.
Agent: qa-timeout-fixer
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
* fix: Address macOS compat and exit code capture issues
Fixes from security review:
- qa-cycle.sh:858-863 - Use MOCK_EXIT=0 pattern like Phase 2 (local outside function is invalid)
- key-request.sh:94 - Revert to tr for macOS BSD sed compatibility
-- refactor/pr-maintainer
---------
Co-authored-by: Spawn QA Bot <qa-bot@openrouter.ai>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Co-authored-by: Spawn Refactor Service <refactor@spawn.service>
* fix: Properly handle comma-separated auth vars in key-request.sh
The tr command was incorrectly translating each character in '+,' to newline,
causing "ALIYUN_ACCESS_KEY_ID, ALIYUN_ACCESS_KEY_SECRET" to not be split properly.
Also updated get_cloud_env_vars to split on both + and , separators.
Fixes the error: "ALIYUN_ACCESS_KEY_ID, ALIYUN_ACCESS_KEY_SECRET: invalid variable name"
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
* fix: Revert sed to tr for macOS bash 3.x compatibility
As requested in security review - BSD sed treats \n in replacement
as literal backslash-n, not newline. tr already handles both + and ,
delimiters correctly on all platforms.
Addresses security review feedback.
---------
Co-authored-by: Spawn QA Bot <qa-bot@openrouter.ai>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Co-authored-by: Spawn Refactor Service <refactor@spawn.service>
Enhanced error messages when service deployment fails or times out on Koyeb
and Northflank providers to give users more actionable debugging information.
Changes:
- Koyeb: Added specific debugging steps including CLI command and region/instance type suggestions
- Koyeb: Clarified "status" in error message to show exact failure status
- Koyeb: Added "Application error in startup command" as a common cause
- Northflank: Added last known status to timeout error message
- Northflank: Restructured error to show "Possible causes" and "Debugging steps" sections
- Northflank: Clarified that service might still be starting to prevent premature retries
These improvements help users quickly identify and resolve deployment issues
without needing to escalate to support.
Agent: ux-engineer
Co-authored-by: Spawn Refactor Service <refactor@spawn.service>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
- Extract _log_ssh_wait_progress() from generic_ssh_wait() to reduce nesting
- Extract _log_ssh_wait_timeout_error() to consolidate error handling and troubleshooting output
- Extract _generate_openclaw_json() from setup_openclaw_config() to reduce inline JSON generation complexity
- All helpers are private (prefixed with _) and encapsulate related logic
These refactorings reduce function complexity:
- generic_ssh_wait: 68 lines → 47 lines (31% reduction)
- setup_openclaw_config: 41 lines → 28 lines (32% reduction)
Test results: bash test/run.sh passes (80/80), bun test unaffected by these changes
Agent: complexity-hunter
Co-authored-by: Spawn Refactor Service <refactor@spawn.service>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
The Gcore PR (#1079) introduced `!!` instead of `;;` as case statement
terminators in 4 places, causing a syntax error on line 542 that breaks
all fixture recording.
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
- Fix manifest.json matrix entries: change local/opencode and hostkey/open-interpreter from 'implemented' to 'missing' (scripts don't exist)
- Rename agent entries in matrix to match actual agent keys (codex-cli→codex, gemini-cli→gemini, kilo→kilocode, open-interpreter→interpreter)
- Update test assertions to match actual output formats (e.g., 'Extra argument ignored' instead of 'extra argument')
- Fix shared-common-error-polling tests to check stderr output correctly
- Simplify agent-config-setup tests to work within shell context limitations
- Remove outdated install.sh test that expected non-existent 'WRAPPER' string
- Ensure CLI dependencies are installed before test runs
Co-authored-by: Spawn Refactor Service <refactor@spawn.service>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Extract large switch statement in getScriptFailureGuidance() into lookup tables
and helpers for better maintainability. Break down renderCompactList() into
separate helper functions for header, separator, and row rendering.
This reduces cognitive complexity and makes the functions easier to test and modify.
Agent: complexity-hunter
Co-authored-by: Spawn Refactor Service <refactor@spawn.service>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
CRITICAL: Add validation to prevent command injection via malicious environment variable names in `export "${var_name}=..."` patterns.
Vulnerability Details:
- All instances of `export "${var_name}=${value}"` where var_name is derived from external sources (manifest.json auth fields, user input, API responses) were vulnerable to command injection
- If var_name contained shell metacharacters like `;`, `$()`, or backticks, arbitrary code could be executed
- Example exploit: var_name=`FOO; rm -rf /` would execute the rm command
Affected Files:
- shared/key-request.sh: _try_load_env_var() - var_name from manifest.json
- shared/common.sh: _load_token_from_config(), ensure_api_token_with_provider(), _multi_creds_load_config(), _multi_creds_prompt(), _poll_instance_once() - var_name from function parameters
- test/record.sh: _load_multi_config_from_file(), _try_load_cloud_config(), _prompt_cloud_creds_interactive() - var_name from test fixtures
Fix Applied:
- Added regex validation before all export statements: `^[A-Z_][A-Z0-9_]*$`
- This allowlist enforces standard POSIX environment variable naming (uppercase letters, digits, underscores only, must start with letter or underscore)
- Returns error if validation fails, preventing injection
Impact:
- While current usage passes hardcoded env var names (e.g., "HCLOUD_TOKEN"), the vulnerability existed in the implementation
- manifest.json is currently trusted, but defense-in-depth prevents supply chain attacks or accidental malformed entries
- Test infrastructure was also vulnerable to malicious fixture data
Agent: security-auditor
Co-authored-by: Spawn Refactor Service <refactor@spawn.service>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Enhanced user-facing error messages across critical failure points:
1. SSH timeout errors:
- Added contextual progress messages (normal/slow/unusually slow)
- Expanded troubleshooting steps with specific commands
- Added support for SPAWN_DASHBOARD_URL and SPAWN_RETRY_CMD env vars
- Changed from log_warn to log_error for consistency
2. OAuth timeout errors:
- Clearer explanation of what failed
- More actionable troubleshooting steps
- Direct link to API key page
- Changed from log_warn to log_error for consistency
3. Agent installation failures:
- More specific common causes (network, disk, dependencies)
- Concrete debugging commands (df -h, free -h)
- Better explanation of transient failures
4. Instance provisioning timeouts:
- Clearer explanation of cloud provider delays
- Support for SPAWN_DASHBOARD_URL in error output
- More specific next steps
All errors now follow a consistent pattern:
- Clear statement of what failed
- Common causes section
- Actionable troubleshooting steps with specific commands
Agent: ux-engineer
Co-authored-by: Spawn Refactor Service <refactor@spawn.service>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
The refactor service runs on a generic VM, not Sprite-specific
infrastructure. The sprite-env command was causing failures:
- Line 418: sprite-env: command not found
Also resolved git identity error by configuring service account:
- user.name: Spawn Refactor Service
- user.email: refactor@spawn.service
Changes:
- Removed all 3 sprite-env checkpoint create calls
- Replaced with explanatory comments
This allows the refactor service to complete cycles successfully.
Co-authored-by: Spawn Refactor Service <refactor@spawn.service>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Add ServerSpace (serverspace.io) as a new cloud provider with global
locations (EU, US, Asia). Uses REST API with X-API-KEY auth and async
task-based server creation with polling.
- serverspace/lib/common.sh: Full provider library with API wrapper,
SSH key management, server provisioning with cloud-init, task polling
- serverspace/claude.sh: Claude Code agent deployment
- serverspace/aider.sh: Aider agent deployment
- serverspace/goose.sh: Goose agent deployment
- manifest.json: Cloud definition + 15 matrix entries (3 implemented)
- test/mock.sh: URL stripping, body validation, synthetic responses
- test/record.sh: Endpoints, auth, API calls, error detection
- test/fixtures/serverspace/: Mock fixtures for all API endpoints
Co-authored-by: OpenRouter Bot <noreply@openrouter.ai>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
The auth parsing in _load_cloud_credentials() only handled '+' separators,
but some clouds (like alibabacloud) use comma-separated env var lists.
Changed `tr '+' '\n'` to `tr '+,' '\n'` to handle both formats.
Fixes error: "ALIYUN_ACCESS_KEY_ID, ALIYUN_ACCESS_KEY_SECRET: invalid variable name"
Co-authored-by: Spawn QA Bot <qa-bot@openrouter.ai>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Implements Goose (Block's AI coding agent) on CloudSigma.
Uses CloudSigma primitives for server provisioning and
OpenRouter for inference via GOOSE_PROVIDER=openrouter.
Agent: gap-filler
Co-authored-by: OpenRouter Bot <noreply@openrouter.ai>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Convert unquoted heredocs in refactor.sh (issue mode) and security.sh
(team_building mode) to single-quoted heredocs with sed placeholder
substitution. This prevents shell expansion of variables like
$SPAWN_ISSUE, $ISSUE_NUM, $WORKTREE_BASE inside prompt templates,
matching the existing WORKTREE_BASE_PLACEHOLDER pattern used in
refactor mode.
Fixes#1058Fixes#1047Fixes#1048
Agent: security-auditor
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
- test/mock.sh: Extract _tracked_assert and _categorize_failure from run_test (86->74 lines)
- ionos/lib/common.sh: Extract _ionos_validate_create_params and _ionos_require_ubuntu_image from create_server (51->28 lines)
Agent: complexity-hunter
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Haiku 4.5 <noreply@anthropic.com>
- Extract `readPromptFile` from `resolvePrompt` in index.ts (60 -> 40 lines),
isolating prompt-file validation and reading into a standalone helper
- Extract `formatCredStatusLine` from `buildCredentialStatusLines` in
commands.ts, replacing repetitive set/not-set formatting with a reusable
helper
- Extract `_aliyun_validate_create_params` and `_aliyun_run_instances` from
`create_server` in alibabacloud/lib/common.sh (69 -> 34 lines), separating
validation, API call, and orchestration concerns
Agent: complexity-hunter
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Haiku 4.5 <noreply@anthropic.com>
Users on exec-based clouds (Fly, Render, Koyeb, Northflank, Railway,
Modal, Daytona, E2B, CodeSandbox, GitHub Codespaces) got no warning
when their session ended that their service was still running and
incurring charges. This adds:
- _show_exec_post_session_summary() in shared/common.sh for non-SSH
providers that use CLI exec commands instead of direct SSH
- SPAWN_DASHBOARD_URL for all 10 exec-based clouds so users get
actionable dashboard links
- Post-session summary calls in each cloud's interactive_session()
- 33 new tests covering the exec post-session summary feature
Agent: ux-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Convert getSignalGuidance from switch statement to data-driven lookup
table (SIGNAL_GUIDANCE), separating signal metadata from rendering logic.
Extract optionalDashboardLine helper to deduplicate the conditional
dashboard URL spreading in getScriptFailureGuidance. Extract
formatCredentialIndicator from cmdClouds to clarify the nested ternary
credential status formatting.
All 92 script-failure-guidance tests and 216 related tests pass with
zero regressions.
Agent: complexity-hunter
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Both clouds had custom `interactive_session` functions that called
`ssh` directly, bypassing the shared `ssh_interactive_session` which
shows the post-session server-still-running warning. Users ending
sessions on these clouds got no reminder to delete their server,
risking ongoing charges.
Changes:
- alibabacloud: replace custom SSH functions with shared helpers,
add SPAWN_DASHBOARD_URL pointing to ECS console
- gcp: set SSH_USER to GCP_USERNAME, replace custom SSH functions
with shared helpers, add SPAWN_DASHBOARD_URL pointing to
Compute Engine console
Agent: ux-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
koyeb/nanoclaw.sh embedded the API key directly in a run_server command
string using single quotes. If the key contained a single quote, it could
break out and enable command injection. Replaced with the safe mktemp +
upload_file pattern used by all other nanoclaw scripts.
Also added chmod 600 before mv on remote /tmp/nanoclaw_env in 8 nanoclaw
scripts to restrict permissions on the credential file during transfer.
Agent: security-auditor
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Civo tests failed because networks.json, disk_images.json, and
correctly-named sshkeys.json fixtures were missing. Hetzner tests
failed because datacenters.json was missing (needed for server type
validation). Scaleway tests failed because SCW_DEFAULT_PROJECT_ID
was missing from env, images.json had no Ubuntu images, and
create_server.json fixture was absent.
Also adds Civo and Scaleway to mock's _synthetic_active_response
for instance polling, and fixes Scaleway account API URL stripping.
Results: 435 passed, 0 failed, 1 skipped (previously 270/165/1).
Agent: pr-maintainer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The auth field used "and" separator instead of "+" which caused
key-request.sh to crash during QA cycle Phase 0.
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
- discovery: every 30 min → every 3 days
- refactor: every 5 min → hourly
- security: every 5 min → every 30 min
Co-authored-by: Security Reviewer <security-reviewer@spawn.dev>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix(security): harden weak crypto fallbacks, key validation, and temp paths
- CSRF state generation: fail instead of using predictable date+$RANDOM
fallback when openssl and /dev/urandom are unavailable (OAuth CSRF bypass)
- Kamatera password: fail instead of using predictable date-based password
when no secure random source available
- key-server validKeyVal: enforce 8-512 char limits and ASCII-only check
to block malformed/oversized values (Fixes#969)
- upload_config_file: use mktemp-derived randomness for remote temp paths
instead of predictable $RANDOM (symlink attack on remote server)
Agent: security-auditor
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix(test): update assertions for upload_config_file mktemp-derived paths
The upload_config_file function now uses mktemp-derived basenames
(spawn_config_tmp.XXX) instead of the original filename for remote temp
paths. Update test/run.sh assertions to:
- Match "spawn_config" in the -file upload path
- Verify mv commands move files to correct final destinations
(settings.json, .claude.json)
Addresses reviewer feedback on PR #1039.
Agent: pr-maintainer
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The README hero line and matrix table were stale -- showing 36 clouds
and 514 combinations when the actual manifest has 38 clouds and 531
combinations. Adds missing Webdock and Alibaba Cloud columns and
updates all agent rows to reflect current implementation status.
Agent: ux-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Merge printAgentQuickStart and printCloudQuickStart into a single
printQuickStart function, eliminating duplicated credential-checking and
auth-var-line printing logic. Extract buildDashboardHint from the
identical pattern repeated in getSignalGuidance and getScriptFailureGuidance.
Agent: complexity-hunter
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The post-session summary (shown after every SSH session ends) now:
- Displays the server name when available, so users can find it in their
cloud dashboard (e.g., "Your server 'spawn-claude-abc' is still running")
- Adds explicit billing reminder ("Remember to delete it to avoid charges")
- Uses green (log_info) for reconnect instructions instead of yellow
(log_warn), since reconnect info is helpful guidance, not a warning
No changes to individual cloud scripts needed -- all scripts already set
SERVER_NAME before calling interactive_session.
Agent: ux-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
* fix(ci): propagate mock test exit code and fix broken pipe in summary
The test workflow had three issues:
- mock.sh exit code was swallowed by tee (no pipefail), so the check
always passed even with 165 failures
- grep|head pipe caused "write error: Broken pipe" in post summary
- Summary was noisy with 100+ individual result lines
Now uses PIPESTATUS[0] to capture the real exit code, shows a clean
results line plus collapsible failures list, and fails the check when
tests fail.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(ci): report test results without blocking PRs
Pre-existing failures (165) shouldn't block unrelated PRs. The summary
still shows pass/fail counts and a collapsible failures list so the bot
can see the results.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* perf(ci): increase QA cycle frequency from daily to every 4 hours
Daily runs meant breakage could go undetected for up to 24 hours.
Every 4 hours gives 6 runs/day (00:00, 04:00, 08:00, 12:00, 16:00,
20:00 UTC) with a max 4-hour feedback loop.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(ci): add missing Check results step to fail on test errors
Addresses review feedback:
- The exit code was captured via PIPESTATUS[0] into GITHUB_OUTPUT but
no subsequent step consumed it, so the workflow always passed even
when tests failed. Added a "Check results" step that reads the
captured exit code and fails the job accordingly.
- Reverted QA cron schedule change (every 4 hours back to daily at
06:00 UTC) as it was unrelated to the test exit code fix and should
be proposed separately if desired.
Agent: pr-maintainer
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
