mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-05-03 02:11:48 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

chore: make workflow trigger content-idempotent

Browse source
This commit is contained in:
NplusM420 2026-04-23 21:18:03 -05:00
parent 95a2ca0329
commit 25d371dbe2
2 changed files with 23 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

2
starter-kits/delegation-readiness-doctor/README.md
View file

@ -31,7 +31,7 @@ This starter kit now packages the proof line, not just the kickoff gap, so the s
- `scripts/emit-ci-result-interpreter.sh` — fail-closed first-CI interpreter that maps the first real check-run result back to the clean local proof line
- `scripts/emit-workflow-approval-brief.sh` — blocker-specific brief for the current fork-workflow approval gate
- `scripts/emit-workflow-approval-state-change.sh` — state-change detector; surfaces blocker-clear transitions vs. persist states so automation knows when maintainer approval happened without manual snapshot comparison
- `scripts/emit-workflow-approval-trigger.sh` — posting-state-aware nudge/approval packet for the repeated fork-workflow approval stall; prints `WORKFLOW_APPROVAL_TRIGGER_ALREADY_POSTED` when the maintainer request is already live so automation does not mistake a reference-only packet for a fresh action
- `scripts/emit-workflow-approval-trigger.sh` — posting-state-aware nudge/approval packet for the repeated fork-workflow approval stall; prints `WORKFLOW_APPROVAL_TRIGGER_ALREADY_POSTED` when the maintainer request is already live so automation does not mistake a reference-only packet for a fresh action, and prints `WORKFLOW_APPROVAL_TRIGGER_CONTENT_STABLE` without writing a new timestamped artifact when the generated packet is materially identical to the current `latest-*` trigger
- `scripts/sync-reviewer-handoff-baseline.sh` — keeps `latest-reviewer-handoff.md` aligned to the live PR head/base before state-change detection; polls GitHub mergeability before writing so the handoff does not regress to first-response `mergeability unknown` noise
- `scripts/refresh-upstream-blocker-packet.sh` — one-command refresh that syncs the reviewer handoff, reruns the state-change detector, PR monitor, CI interpreter, and approval trigger together, then emits a consolidated blocker packet from the same live PR state; prints `UPSTREAM_BLOCKER_PACKET_UNCHANGED` when the blocker signature is materially identical to the previous latest packet so cron can distinguish revalidation from a real transition; unchanged runs restore prior `latest-*` files and delete just-created timestamped component artifacts so approval-wait cron passes do not dirty the workspace with no-movement files
- `scripts/verify-unchanged-refresh-hygiene.sh` — proof harness for the external-wait loop breaker; snapshots canonical `latest-*` hashes and timestamped artifact names, runs the one-command refresh, and proves an unchanged blocker refresh leaves no local artifact churn behind

25
starter-kits/delegation-readiness-doctor/scripts/emit-workflow-approval-trigger.sh Executable file → Normal file
View file

@ -9,8 +9,10 @@ mkdir -p "$ARTIFACT_DIR"
TIMESTAMP="$(date +%Y-%m-%dT%H-%M-%S%z)"
REPORT_PATH="$ARTIFACT_DIR/workflow-approval-trigger-$TIMESTAMP.md"
LATEST_PATH="$ARTIFACT_DIR/latest-workflow-approval-trigger.md"
TOKEN_PATH="$(mktemp)"
trap 'rm -f "$TOKEN_PATH"' EXIT
python - "$REPORT_PATH" "$LATEST_PATH" <<'PY'
python - "$REPORT_PATH" "$LATEST_PATH" "$TOKEN_PATH" <<'PY'
import json
import os
import re
@ -23,6 +25,7 @@ from pathlib import Path
report_path = Path(sys.argv[1])
latest_path = Path(sys.argv[2])
token_path = Path(sys.argv[3])
base = 'https://api.github.com/repos/NousResearch/hermes-agent'
headers = {
'Accept': 'application/vnd.github+json',
@ -147,12 +150,28 @@ GitHub has already created Actions suites for the fork PR head commit, but every
## Proof note
This trigger artifact exists so the recurring blocker can be attacked with one exact nudge packet and one exact verification step instead of another status-only monitor refresh, even when unauthenticated public API rate limits would otherwise stall the packet refresh.
"""
def stable_for_comparison(text: str) -> str:
return re.sub(r'^Generated: .*$','Generated: <content-stable>', text, flags=re.MULTILINE)
if latest_path.exists() and stable_for_comparison(latest_path.read_text(encoding='utf-8')) == stable_for_comparison(report):
token_path.write_text('WORKFLOW_APPROVAL_TRIGGER_CONTENT_STABLE\n', encoding='utf-8')
print(latest_path)
print('WORKFLOW_APPROVAL_TRIGGER_CONTENT_STABLE')
sys.exit(0)
report_path.write_text(report, encoding='utf-8')
shutil.copyfile(report_path, latest_path)
token_path.write_text(trigger_stdout_token + '\n', encoding='utf-8')
print(report_path)
print(trigger_stdout_token)
PY
chmod +x "$SCRIPT_DIR/emit-workflow-approval-trigger.sh"
printf 'Wrote report: %s\n' "$REPORT_PATH"
printf 'Latest report: %s\n' "$LATEST_PATH"
trigger_token="$(cat "$TOKEN_PATH" 2>/dev/null || true)"
if [[ "$trigger_token" == "WORKFLOW_APPROVAL_TRIGGER_CONTENT_STABLE" ]]; then
printf 'Skipped unchanged trigger write; latest report remains: %s\n' "$LATEST_PATH"
else
printf 'Wrote report: %s\n' "$REPORT_PATH"
printf 'Latest report: %s\n' "$LATEST_PATH"
fi