GH#17829: Fix headless dispatch when opencode serve is running + triage failure visibility

[marcusquinn]

Summary

Resolves #17829

Three fixes for headless worker dispatch and triage visibility:

1. Bug 1 — Missing plugin dependency: Added @bufbuild/protobuf to opencode-aidevops plugin dependencies in package.json. Updated agent-deploy.sh to verify the dependency exists after symlinking OpenCode's node_modules, and falls back to npm install --omit=dev when it's missing.

2. Bug 2 — Headless dispatch conflict with running server: Added _detect_opencode_server() helper that checks OPENCODE_SERVER_PASSWORD + port liveness (via curl health check then lsof fallback). Both _build_run_cmd and _run_canary_test now append --attach <url> --password <password> when a server is detected. Does NOT rely on OPENCODE_PID (intentionally excluded from worker envs per GH#6668).

3. Workflow improvement — Triage failure visibility: When the triage review output is suppressed by the safety filter (infra markers, missing ## Review: header, or empty output), a triage-failed label is now added to the issue. This makes failed triage visible on the issue timeline instead of only appearing in pulse logs. The label is automatically removed when a successful triage review is posted.

Files Changed

• EDIT: .agents/plugins/opencode-aidevops/package.json — added dependencies.@bufbuild/protobuf
• EDIT: setup-modules/agent-deploy.sh — verify critical dep after symlink, npm install fallback
• EDIT: .agents/scripts/headless-runtime-helper.sh — _detect_opencode_server(), patched _build_run_cmd and _run_canary_test
• EDIT: .agents/scripts/pulse-wrapper.sh — triage-failed label on suppressed triage output

Runtime Testing

Risk	Assessment
Level	High — headless dispatch infrastructure
Verification	self-assessed — no opencode serve environment available locally to runtime-test. ShellCheck clean. JSON valid. Logic verified against issue reproduction steps.

Key Decisions

• Port detection strategy: Check OPENCODE_PORT env (default 4096), verify via curl health check on /api/session/list (returns 401 without auth but proves server is up), fallback to lsof port check. More robust than hardcoding port 4096.
• No OPENCODE_PID dependency: The detection uses OPENCODE_SERVER_PASSWORD + port liveness, not OPENCODE_PID. This works for both the pulse's own context (where PID is set) and isolated worker envs (where PID is stripped per GH#6668).
• triage-failed label vs comment: Label is preferable — it's filterable, visible in issue lists, and doesn't add noise to the timeline. Removed automatically on successful triage.

---

aidevops.sh v3.6.174 plugin for OpenCode v1.4.0 with claude-opus-4-6 spent 34m and 19,836 tokens on this with the user in an interactive session.

Summary by CodeRabbit

• New Features

  • Tasks now support attaching to existing running servers instead of creating new instances, improving resource efficiency and reducing redundancy.

• Improvements

  • GitHub issues with failed triage operations are now automatically labeled for improved visibility and error tracking.
  • Enhanced Node module dependency management during agent deployment ensures all required modules are properly installed.

[marcusquinn]

Completion Summary

• What: Fixed headless dispatch failures when opencode serve is running, added missing plugin dependency, and surfaced triage failures visibly via label
• Issue: bug: opencode-aidevops plugin missing @bufbuild/protobuf + headless-runtime-helper does not attach to running opencode server #17829
• Files changed: .agents/plugins/opencode-aidevops/package.json, setup-modules/agent-deploy.sh, .agents/scripts/headless-runtime-helper.sh, .agents/scripts/pulse-wrapper.sh
• Testing: ShellCheck clean, JSON validated, logic verified against reproduction steps. Self-assessed (no opencode serve env available locally).
• Key decisions: Detection via OPENCODE_SERVER_PASSWORD + port liveness (not OPENCODE_PID). triage-failed label (filterable, auto-removed on success) over comment (noisy).

[coderabbitai]

Caution

Review failed

Pull request was closed or merged during review

Walkthrough

These changes resolve critical bugs blocking headless worker dispatch when an opencode serve instance is running. The plugin now includes missing @bufbuild/protobuf dependency, the runtime helper detects and attaches to running servers instead of conflicting with them, deployment setup ensures dependencies are installed, and triage tracking adds visible failure labels to improve feedback visibility.

Changes

Cohort / File(s)	Summary
Plugin Dependency Addition \.agents/plugins/opencode-aidevops/package.json	Added @bufbuild/protobuf v2.0.0 to dependencies to resolve missing module error when plugin loads.
Server Detection & Attachment \.agents/scripts/headless-runtime-helper.sh	Introduced _detect_opencode_server() function that detects running opencode servers via HTTP endpoint verification and port checking. Updated _build_run_cmd() and _run_canary_test() to attach to detected servers by appending --attach and --password arguments instead of starting conflicting embedded servers.
Triage Failure Tracking \.agents/scripts/pulse-wrapper.sh	Added triage_posted flag and conditional GitHub label management: removes triage-failed on successful triage posting, otherwise adds label and logs warning to signal failed triage runs.
Plugin Dependency Installation setup-modules/agent-deploy.sh	Modified _deploy_agents_post_copy() to conditionally install missing Node modules via npm install when @bufbuild/protobuf is absent, replacing symlink-only behavior with intelligent fallback installation.

Sequence Diagram

sequenceDiagram
    participant Helper as headless-runtime-helper
    participant Detect as _detect_opencode_server()
    participant Curl as HTTP Endpoint
    participant Lsof as Port Listener Check
    participant Server as Running<br/>opencode serve
    participant Build as Command Builder
    participant Run as opencode run

    Helper->>Detect: Check OPENCODE_PID & OPENCODE_SERVER_PASSWORD
    Detect->>Curl: GET /api/session/list<br/>on localhost:4096
    alt Server responds (200 or 401)
        Curl-->>Detect: Success
    else Curl fails
        Detect->>Lsof: Check if port 4096<br/>is listening
        Lsof-->>Detect: Process found
    end
    Detect-->>Helper: Server detected + URL
    Helper->>Build: Append attach args<br/>--attach --password
    Build-->>Run: Execute with server connection
    Run->>Server: Connect & reuse session
    Server-->>Run: Session ready

Loading

Estimated Code Review Effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

🔌 Servers attach, no conflict in sight,
Missing protobuf? Installed just right,
Triage failures now wear their red badge,
Headless workers dispatch without hassle or smudge. ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 75.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	Title directly addresses the main changes: fixing headless dispatch server detection and adding triage failure visibility, matching the core objectives.
Linked Issues check	✅ Passed	All three coding objectives from #17829 are implemented: @bufbuild/protobuf added to package.json, server detection logic added to headless-runtime-helper.sh with --attach/--password patching, and triage-failed label workflow added to pulse-wrapper.sh.
Out of Scope Changes check	✅ Passed	All changes are within scope of #17829: plugin dependency fix, headless server detection, npm install fallback in deployment, and triage visibility workflow. No unrelated modifications detected.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch bugfix/GH-17829-headless-dispatch-fix

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

🔍 Code Quality Report

�[0;35m[MONITOR]�[0m Code Review Monitoring Report

SonarCloud: 0 bugs, 0 vulnerabilities, 649 code smells

Wed Apr 8 14:50:07 UTC 2026: Code review monitoring started
Wed Apr 8 14:50:08 UTC 2026: SonarCloud - Bugs: 0, Vulnerabilities: 0, Code Smells: 649

📈 Current Quality Metrics

• BUGS: 0
• CODE SMELLS: 649
• VULNERABILITIES: 0

Generated on: Wed Apr 8 14:50:10 UTC 2026

---

Generated by AI DevOps Framework Code Review Monitoring

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​@​bufbuild/​protobuf@​2.11.0

View full report

[marcusquinn]

Completion Summary

• What: Fixed headless dispatch failures when opencode serve is running, added missing plugin dependency, and surfaced triage failures visibly via label
• Issue: bug: opencode-aidevops plugin missing @bufbuild/protobuf + headless-runtime-helper does not attach to running opencode server #17829
• Files changed: .agents/plugins/opencode-aidevops/package.json, setup-modules/agent-deploy.sh, .agents/scripts/headless-runtime-helper.sh, .agents/scripts/pulse-wrapper.sh
• Testing: ShellCheck clean, JSON validated, logic verified against reproduction steps. Self-assessed (no opencode serve env available locally).
• Key decisions: Detection via OPENCODE_SERVER_PASSWORD + port liveness (not OPENCODE_PID). triage-failed label (filterable, auto-removed on success) over comment (noisy).

---

Merged via PR #17866 to main.
Merged by deterministic merge pass (pulse-wrapper.sh).

aidevops.sh v3.6.174 spent 5m on this as a headless bash routine.

[codacy-production]

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

🟢 Metrics 0 complexity

Metric	Results
Complexity	0

View in Codacy

_{TIP This summary will be updated as you push new changes. Give us feedback}

[sonarqubecloud]

Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[gemini-code-assist]

Code Review

This pull request introduces server detection to prevent session conflicts by allowing commands to attach to existing OpenCode servers, adds a new protobuf dependency, and implements a labeling system to surface triage failures on GitHub issues. Feedback focuses on optimizing the server detection logic to handle HTTP status codes more efficiently and improving the robustness of the plugin dependency installation process by avoiding error suppression and handling symlinks correctly.

[gemini-code-assist]

The logic for detecting the OpenCode server is inefficient and contains a bug. The second curl command uses the -f flag, which causes curl to exit with an error and produce no output when a 401 Unauthorized response is received. Additionally, performing two separate network calls is redundant. Please remove the blanket 2>/dev/null suppression to ensure authentication or system issues remain visible for debugging.

Suggested change

	if curl -sf --max-time 2 -o /dev/null "${url}/api/session/list" 2>/dev/null ||
	curl -sf --max-time 2 -o /dev/null -w '%{http_code}' "${url}/api/session/list" 2>/dev/null | grep -q '401'; then
	printf '%s\n%s\n' "$url" "$password"
	return 0
	fi
	local http_code
	http_code=$(curl -s --max-time 2 -o /dev/null -w '%{http_code}' "${url}/api/session/list")
	if [[ "$http_code" == "200" || "$http_code" == "401" ]]; then
	printf '%s\n%s\n' "$url" "$password"
	return 0
	fi

References

1. Avoid using 2>/dev/null for blanket suppression of command errors in shell scripts to ensure that authentication, syntax, or system issues remain visible for debugging.

[gemini-code-assist]

The dependency installation logic has potential issues. Avoid using 2>/dev/null to suppress errors on file operations if the file's existence has already been verified or if the operation is critical. Masking these errors can hide permission issues. Please remove the redundant redirection.

Suggested change

	if [[ -d "$oc_node_modules" ]]; then
	ln -sf "$oc_node_modules" "$plugin_dir/node_modules" 2>/dev/null || true
	fi
	# Verify critical dependency is available; npm install if not
	if [[ ! -d "$plugin_dir/node_modules/@bufbuild/protobuf" ]]; then
	if command -v npm &>/dev/null; then
	npm install --omit=dev --prefix "$plugin_dir" >/dev/null 2>&1 ||
	print_warning "Failed to install plugin dependencies (non-blocking)"
	fi
	fi
	if [[ -d "$oc_node_modules" ]]; then
	rm -rf "$plugin_dir/node_modules"
	ln -sf "$oc_node_modules" "$plugin_dir/node_modules"
	fi
	# Verify critical dependency is available; npm install if not
	if [[ ! -d "$plugin_dir/node_modules/@bufbuild/protobuf" ]]; then
	if command -v npm >/dev/null; then
	# Remove symlink to perform a clean local install if shared one is insufficient
	[[ -L "$plugin_dir/node_modules" ]] && rm "$plugin_dir/node_modules"
	npm install --omit=dev --prefix "$plugin_dir" >/dev/null 2>&1 ||
	print_warning "Failed to install plugin dependencies (non-blocking)"
	fi
	fi

References

1. Avoid using 2>/dev/null to suppress errors on file operations if the file's existence has already been verified by a preceding check. This practice is redundant and can mask other important issues like permissions problems.