diff --git a/starter-kits/delegation-readiness-doctor/README.md b/starter-kits/delegation-readiness-doctor/README.md index 6d210bce97..34c9ea2d38 100644 --- a/starter-kits/delegation-readiness-doctor/README.md +++ b/starter-kits/delegation-readiness-doctor/README.md @@ -31,7 +31,7 @@ This starter kit now packages the proof line, not just the kickoff gap, so the s - `scripts/emit-ci-result-interpreter.sh` — fail-closed first-CI interpreter that maps the first real check-run result back to the clean local proof line - `scripts/emit-workflow-approval-brief.sh` — blocker-specific brief for the current fork-workflow approval gate - `scripts/emit-workflow-approval-state-change.sh` — state-change detector; surfaces blocker-clear transitions vs. persist states so automation knows when maintainer approval happened without manual snapshot comparison -- `scripts/emit-workflow-approval-trigger.sh` — posting-state-aware nudge/approval packet for the repeated fork-workflow approval stall; prints `WORKFLOW_APPROVAL_TRIGGER_ALREADY_POSTED` when the maintainer request is already live so automation does not mistake a reference-only packet for a fresh action +- `scripts/emit-workflow-approval-trigger.sh` — posting-state-aware nudge/approval packet for the repeated fork-workflow approval stall; prints `WORKFLOW_APPROVAL_TRIGGER_ALREADY_POSTED` when the maintainer request is already live so automation does not mistake a reference-only packet for a fresh action, and prints `WORKFLOW_APPROVAL_TRIGGER_CONTENT_STABLE` without writing a new timestamped artifact when the generated packet is materially identical to the current `latest-*` trigger - `scripts/sync-reviewer-handoff-baseline.sh` — keeps `latest-reviewer-handoff.md` aligned to the live PR head/base before state-change detection; polls GitHub mergeability before writing so the handoff does not regress to first-response `mergeability unknown` noise - `scripts/refresh-upstream-blocker-packet.sh` — one-command refresh that syncs the reviewer handoff, reruns the state-change detector, PR monitor, CI interpreter, and approval trigger together, then emits a consolidated blocker packet from the same live PR state; prints `UPSTREAM_BLOCKER_PACKET_UNCHANGED` when the blocker signature is materially identical to the previous latest packet so cron can distinguish revalidation from a real transition; unchanged runs restore prior `latest-*` files and delete just-created timestamped component artifacts so approval-wait cron passes do not dirty the workspace with no-movement files - `scripts/verify-unchanged-refresh-hygiene.sh` — proof harness for the external-wait loop breaker; snapshots canonical `latest-*` hashes and timestamped artifact names, runs the one-command refresh, and proves an unchanged blocker refresh leaves no local artifact churn behind diff --git a/starter-kits/delegation-readiness-doctor/scripts/emit-workflow-approval-trigger.sh b/starter-kits/delegation-readiness-doctor/scripts/emit-workflow-approval-trigger.sh old mode 100755 new mode 100644 index 812849c667..62bec6ef75 --- a/starter-kits/delegation-readiness-doctor/scripts/emit-workflow-approval-trigger.sh +++ b/starter-kits/delegation-readiness-doctor/scripts/emit-workflow-approval-trigger.sh @@ -9,8 +9,10 @@ mkdir -p "$ARTIFACT_DIR" TIMESTAMP="$(date +%Y-%m-%dT%H-%M-%S%z)" REPORT_PATH="$ARTIFACT_DIR/workflow-approval-trigger-$TIMESTAMP.md" LATEST_PATH="$ARTIFACT_DIR/latest-workflow-approval-trigger.md" +TOKEN_PATH="$(mktemp)" +trap 'rm -f "$TOKEN_PATH"' EXIT -python - "$REPORT_PATH" "$LATEST_PATH" <<'PY' +python - "$REPORT_PATH" "$LATEST_PATH" "$TOKEN_PATH" <<'PY' import json import os import re @@ -23,6 +25,7 @@ from pathlib import Path report_path = Path(sys.argv[1]) latest_path = Path(sys.argv[2]) +token_path = Path(sys.argv[3]) base = 'https://api.github.com/repos/NousResearch/hermes-agent' headers = { 'Accept': 'application/vnd.github+json', @@ -147,12 +150,28 @@ GitHub has already created Actions suites for the fork PR head commit, but every ## Proof note This trigger artifact exists so the recurring blocker can be attacked with one exact nudge packet and one exact verification step instead of another status-only monitor refresh, even when unauthenticated public API rate limits would otherwise stall the packet refresh. """ + +def stable_for_comparison(text: str) -> str: + return re.sub(r'^Generated: .*$','Generated: ', text, flags=re.MULTILINE) + +if latest_path.exists() and stable_for_comparison(latest_path.read_text(encoding='utf-8')) == stable_for_comparison(report): + token_path.write_text('WORKFLOW_APPROVAL_TRIGGER_CONTENT_STABLE\n', encoding='utf-8') + print(latest_path) + print('WORKFLOW_APPROVAL_TRIGGER_CONTENT_STABLE') + sys.exit(0) + report_path.write_text(report, encoding='utf-8') shutil.copyfile(report_path, latest_path) +token_path.write_text(trigger_stdout_token + '\n', encoding='utf-8') print(report_path) print(trigger_stdout_token) PY chmod +x "$SCRIPT_DIR/emit-workflow-approval-trigger.sh" -printf 'Wrote report: %s\n' "$REPORT_PATH" -printf 'Latest report: %s\n' "$LATEST_PATH" +trigger_token="$(cat "$TOKEN_PATH" 2>/dev/null || true)" +if [[ "$trigger_token" == "WORKFLOW_APPROVAL_TRIGGER_CONTENT_STABLE" ]]; then + printf 'Skipped unchanged trigger write; latest report remains: %s\n' "$LATEST_PATH" +else + printf 'Wrote report: %s\n' "$REPORT_PATH" + printf 'Latest report: %s\n' "$LATEST_PATH" +fi