feat: auto issue/PR creation with AI-enhanced reports#38
Merged
elky-bachtiar merged 21 commits intomainfrom Mar 18, 2026
Merged
feat: auto issue/PR creation with AI-enhanced reports#38elky-bachtiar merged 21 commits intomainfrom
elky-bachtiar merged 21 commits intomainfrom
Conversation
…models - Platform StrEnum: github / gitlab - PlatformInfo carries CLI command, body flag, term (PR vs MR) and remote metadata - FixApplied records per-check manifest patches with optional before/after snippets - ReportResponse wraps AnalyzeResponse with issue_url, pr_url, fixes and unfixed lists - 17 unit tests cover all models, required-field validation, defaults, and enum coercion
- Implements IntegrationError base with PlatformError, IssueCreationError, PRCreationError subclasses - get_timeout() reads VLAM_INTEGRATION_TIMEOUT env with fallback to 60s - run_cmd() wraps subprocess.run with capture, text mode, timeout, and check=True - 20 unit tests covering hierarchy, message preservation, env handling, and subprocess behaviour
- detect_platform() inspects git remote URL and maps to Platform.GITHUB/GITLAB - Supports HTTPS, standard SSH, and SSH config aliases (github-*, gitlab-*) - Validates gh/glab CLI is available before returning PlatformInfo - platform_override bypasses URL detection when caller knows the platform - 35 tests covering happy paths, SSH aliases, custom remotes, and all error branches
When using --chart flag, manifests is None so PR creation would fail. Now falls back to chart + /values.yaml path, matching the report command.
- GitHub Actions: matrix strategy runs VlamGuard on 6 demo charts - GitLab CI: 6 report jobs extending .vlamguard-report template - Both start vlam-proxy as background service for AI analysis - Proxy translates between OpenAI format and vlam.ai custom format - Include vlam-proxy source (proxy.py, requirements.txt) in repo
- Move VLAM_URL, VLAM_KEY, PROXY_PORT, SSL_VERIFY to workflow-level env so background proxy process inherits them across steps - Use secrets.VLAM_AI_MODEL instead of vars (user has it as secret) - Add proxy startup failure detection with log output - Add "Show proxy logs on failure" step for debugging - Remove fallback defaults for PROXY_PORT (secret is always set)
The old releases download URL no longer serves valid .deb files. Use the GitLab packages API URL which returns the actual package.
- Reorder CLI: run integrations (issue/PR) before writing output file,
so the report JSON doesn't make the working tree dirty for PR creation
- Remove self-referencing GitLab CI variables that resolved as literals
(e.g. PROXY_PORT="${PROXY_PORT}"); CI/CD settings vars are already
available without re-declaration
…l ruamel.yaml - Use --body-file instead of --body to avoid CLI argument length limits - Add --base/--target-branch to explicitly set PR target branch - Capture subprocess stderr in PR creation error messages for diagnostics - Install ruamel.yaml in CI so YAML comments are preserved during fixes
Upgraded AI client logging from debug to warning level so timeout, HTTP, and parse errors are visible in CI without --debug flag. Improved CLI error message to list common failure causes and point to --debug.
Add tests for pull_requests.py, main.py, ai/context.py, and cli.py to cover uncovered paths including error handling, GitLab flows, PyYAML fallback, and the improved AI failure error message. Fix ANSI escape issue in CLI flag tests with NO_COLOR env var.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
--create-issuesand--create-prCLI flags for automated GitHub/GitLab issue and PR/MR creation from VlamGuard findingsTest plan