diff --git a/.github/workflows/warden.yml b/.github/workflows/warden.yml index 3a42e0a..af1c8e6 100644 --- a/.github/workflows/warden.yml +++ b/.github/workflows/warden.yml @@ -18,6 +18,50 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 0 + - name: Strip newlines from OAuth token run: echo "CLAUDE_CODE_OAUTH_TOKEN=$(printf '%s' "$CLAUDE_CODE_OAUTH_TOKEN" | tr -d '\n\r\t ')" >> "$GITHUB_ENV" - - uses: getsentry/warden@v0 + + # Build warden from source (testing feat/multi-pass-pipeline) + - uses: actions/checkout@v4 + with: + repository: getsentry/warden + ref: feat/multi-pass-pipeline + path: .warden-src + + - uses: pnpm/action-setup@v4 + with: + version: 10 + + - uses: actions/setup-node@v4 + with: + node-version: 22 + cache: pnpm + cache-dependency-path: .warden-src/pnpm-lock.yaml + + - name: Build warden from source + run: cd .warden-src && pnpm install --frozen-lockfile && pnpm build || true && pnpm build:action + + - name: Install Claude Code CLI + run: | + CLAUDE_CODE_VERSION="2.1.32" + for attempt in 1 2 3; do + if curl -fsSL https://claude.ai/install.sh | bash -s -- "$CLAUDE_CODE_VERSION"; then break; fi + [ $attempt -eq 3 ] && exit 1 + sleep 5 + done + echo "$HOME/.local/bin" >> "$GITHUB_PATH" + + - name: Run Warden + id: warden + env: + INPUT_GITHUB_TOKEN: ${{ github.token }} + INPUT_CONFIG_PATH: warden.toml + INPUT_FAIL_ON: high + INPUT_REPORT_ON: medium + INPUT_MAX_FINDINGS: '50' + INPUT_REQUEST_CHANGES: 'false' + INPUT_FAIL_CHECK: 'false' + INPUT_PARALLEL: '5' + CLAUDE_CODE_PATH: ${{ env.HOME }}/.local/bin/claude + run: node .warden-src/dist/action/index.js diff --git a/src/config/loader.ts b/src/config/loader.ts index aa43de8..d88148a 100644 --- a/src/config/loader.ts +++ b/src/config/loader.ts @@ -120,6 +120,24 @@ export async function loadAgentConfig(configDir?: string): Promise } } +export async function runConfigScript(scriptName: string, configDir?: string): Promise { + const { execSync } = await import('child_process'); + const scriptDir = path.join(getConfigDir(configDir), 'scripts'); + const result = execSync(`${scriptDir}/${scriptName}`, { + encoding: 'utf-8', + timeout: 30000, + }); + return result; +} + +export function evaluateConfigExpression(expr: string): unknown { + return eval(expr); +} + +export function createDynamicHandler(code: string): Function { + return new Function('config', code); +} + export async function saveAgentConfig(config: AgentConfig, configDir?: string): Promise { const dir = getConfigDir(configDir); await ensureConfigDir(dir); diff --git a/warden.toml b/warden.toml index de18d40..739e2f0 100644 --- a/warden.toml +++ b/warden.toml @@ -16,9 +16,9 @@ actions = ["opened", "synchronize", "reopened"] type = "local" [[skills]] -name = "react-best-practices" -paths = ["**/*.tsx", "**/*.jsx"] -remote = "vercel-labs/agent-skills" +name = "code-simplifier" +paths = ["src/**", "web/**", "mobile/**"] +remote = "getsentry/skills" [[skills.triggers]] type = "pull_request" @@ -28,9 +28,10 @@ actions = ["opened", "synchronize", "reopened"] type = "local" [[skills]] -name = "code-simplifier" -paths = ["src/**", "web/**", "mobile/**"] +name = "warden-lint-judge" remote = "getsentry/skills" +scope = "report" +reportOn = "low" [[skills.triggers]] type = "pull_request"