feat: add OpenCode GitHub/GitLab integration support

[marcusquinn]

Summary

• Adds documentation and tooling for OpenCode's native GitHub/GitLab integrations
• Enables AI-powered issue fixing and PR review directly from GitHub/GitLab comments

Changes

File	Purpose
opencode-github.md	GitHub App setup, /oc trigger docs
opencode-gitlab.md	GitLab CI integration docs
opencode-github-setup-helper.sh	Auto-detect setup status
opencode-github-workflow.yml	GitHub Actions template
opencode-gitlab-ci.yml	GitLab CI template

Usage

# Check status
~/.aidevops/agents/scripts/opencode-github-setup-helper.sh check

# Setup
opencode github install

Then use /oc fix this in any issue or PR comment.

Summary by CodeRabbit

• New Features

  • Added OpenCode integration for GitHub with automated setup detection and configuration helpers.
  • Added OpenCode integration for GitLab with CI/CD setup guidance and automation templates.
  • Included ready-to-use workflow templates for both GitHub Actions and GitLab CI/CD pipelines.

• Documentation

  • Added comprehensive setup and usage guides for both GitHub and GitLab integrations, including troubleshooting and security considerations.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Note

.coderabbit.yaml has unrecognized properties

CodeRabbit is using all valid settings from your configuration. Unrecognized properties (listed below) have been ignored and may indicate typos or deprecated fields that can be removed.

⚠️ Parsing warnings (1)

Validation error: Unrecognized key(s) in object: 'path_instructions', 'path_filters'

⚙️ Configuration instructions

• Please see the configuration documentation for more information.
• You can also validate your configuration using the online YAML validator.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Walkthrough

Introduces OpenCode integration support for GitHub and GitLab platforms with documentation, setup automation, and workflow templates. Adds configuration files for GitHub Actions and GitLab CI, platform detection script, comprehensive documentation for both platforms, and updates existing agent/tool documentation.

Changes

Cohort / File(s)	Summary
Setup and Configuration Documentation \.agent/AGENTS\.md, \.agent/tools/git\.md	Updated agent and tool documentation to reference new OpenCode GitHub/GitLab integration sections with setup commands, usage examples, and links to detailed integration guides.
OpenCode Integration Documentation \.agent/tools/git/opencode-github\.md, \.agent/tools/git/opencode-gitlab\.md	Added comprehensive integration guides covering setup (automated/manual), workflow installation, usage examples, token/secret management, permissions, troubleshooting, security considerations, and integration with aidevops for both platforms.
Platform Detection and Setup Script \.agent/scripts/opencode-github-setup-helper\.sh	New Bash utility that detects Git remote type (GitHub, GitLab, Gitea, Bitbucket), inspects OpenCode integration status, validates AI provider secrets, and provides platform-specific setup workflows via check, setup, create-workflow, and help commands.
Workflow and CI Templates configs/mcp-templates/opencode-github-workflow\.yml, configs/mcp-templates/opencode-gitlab-ci\.yml	Added GitHub Actions workflow template triggered on issue/PR comments with /oc or /opencode guards, and GitLab CI pipeline template with multi-stage setup, dependency installation, OpenCode execution, and post-run git commit/push workflows.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~35 minutes

• Bash script logic: Platform detection, remote parsing, conditional checks for secrets and workflow files warrant careful validation
• GitHub workflow permissions and triggers: Verify correct scopes (id-token, contents, pull-requests, issues) and guard clause implementation (/oc or /opencode trigger)
• GitLab CI template complexity: Multi-stage setup, environment variable handling, conditional execution logic, and git push behavior need review
• Documentation accuracy: Cross-references between GitHub and GitLab docs, setup instructions, and security considerations should be verified for consistency and completeness

Poem

🐰 Hop, skip, and a script so fine,
GitHub and GitLab now intertwine!
OpenCode flows through workflows bright,
AI comments dancing left and right,
Setup helpers ease the way—let's code with might! ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 33.33% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately and concisely summarizes the main change: adding OpenCode GitHub/GitLab integration support. It directly matches the changeset's primary objective.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature/opencode-github-gitlab-integration

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello @marcusquinn, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly expands the OpenCode platform's capabilities by introducing native integrations for GitHub and GitLab. It allows developers to leverage AI for automated issue resolution and pull request reviews directly from their version control system's comment sections. The changes include new documentation, a setup helper script, and CI/CD templates, all designed to simplify the adoption and configuration of these powerful AI-driven workflows.

Highlights

• New OpenCode Integrations: Introduces comprehensive support for OpenCode's AI-powered features within GitHub and GitLab environments.
• AI-Powered Automation: Enables AI to fix issues and review pull requests directly through comments in GitHub and GitLab.
• Setup Helper Script: Adds a new shell script (opencode-github-setup-helper.sh) to assist users in checking and setting up their OpenCode GitHub integration.
• Dedicated Documentation: Provides detailed markdown documentation (opencode-github.md, opencode-gitlab.md) for both GitHub and GitLab integrations, covering installation, usage, and troubleshooting.
• CI/CD Templates: Includes new GitHub Actions (opencode-github-workflow.yml) and GitLab CI (opencode-gitlab-ci.yml) templates to streamline the deployment of OpenCode automation.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[sonarqubecloud]

Quality Gate passed

Issues
4 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[github-actions]

🔍 Code Quality Report

�[0;35m[MONITOR]�[0m Code Review Monitoring Report

�[0;34m[INFO]�[0m Latest Quality Status:
SonarCloud: 0 bugs, 0 vulnerabilities, 144 code smells

�[0;34m[INFO]�[0m Recent monitoring activity:
Mon Dec 22 01:18:46 UTC 2025: Code review monitoring started
Mon Dec 22 01:18:46 UTC 2025: SonarCloud - Bugs: 0, Vulnerabilities: 0, Code Smells: 144
Mon Dec 22 01:18:46 UTC 2025: Qlty - 0 issues found, auto-formatting applied
Mon Dec 22 01:18:48 UTC 2025: Codacy analysis completed with auto-fixes

📈 Current Quality Metrics

• BUGS: 0
• CODE SMELLS: 144
• VULNERABILITIES: 0

Generated on: Mon Dec 22 01:19:20 UTC 2025

---

Generated by AI DevOps Framework Code Review Monitoring

[gemini-code-assist]

Code Review

This pull request introduces OpenCode integration for GitHub and GitLab, adding documentation, helper scripts, and CI/CD templates. The changes are well-structured and comprehensive. My review focuses on improving the robustness and maintainability of the new scripts and CI/CD templates, particularly around dependency management and scripting best practices. I've suggested pinning dependency versions in CI configurations to ensure stable and reproducible builds, and made some recommendations for improving the shell script's clarity and adherence to best practices.

[gemini-code-assist]

In the .gitlab-ci.yml example, npm install --global opencode-ai and the script to install glab both fetch the latest versions. This can cause your pipeline to break unexpectedly if a new version with breaking changes is released. It's a best practice to pin dependencies to specific versions for more stable and reproducible builds.

For example:

- npm install --global opencode-ai@1.2.3
- |
  GLAB_VERSION="v1.39.1" # Or any other specific version
  curl -sL "https://github.com/profclems/glab/releases/download/${GLAB_VERSION}/glab_${GLAB_VERSION#v}_Linux_x86_64.tar.gz" | tar xz
  mv glab /usr/local/bin/

[gemini-code-assist]

Using @latest for GitHub Actions can lead to unexpected workflow failures if a new major version with breaking changes is released. It is a best practice to pin the action to a specific version (e.g., @v1) or a commit SHA to ensure workflow stability and reproducibility.

        uses: sst/opencode/github@v1 # Pin to a major version for stability

[gemini-code-assist]

The npm install command does not specify a version for opencode-ai. This can lead to non-reproducible builds and unexpected failures if a new version with breaking changes is released. It's a best practice in CI/CD to pin dependencies to specific versions.

    - npm install --global opencode-ai@1.0.0 # Pin to a specific version

[gemini-code-assist]

This script block to install glab has two issues:

1. It fetches the latest version, which can cause pipeline instability if breaking changes are introduced. It's better to pin to a specific version.
2. It parses the GitHub API's JSON response using grep and cut, which is fragile. A small change in the API output could break this script.

For a robust CI pipeline, you should use a fixed version and avoid fragile parsing.

    - |
      GLAB_VERSION="v1.39.1" # Pin to a specific version of glab
      curl -sL "https://github.com/profclems/glab/releases/download/${GLAB_VERSION}/glab_${GLAB_VERSION#v}_Linux_x86_64.tar.gz" | tar xz
      mv glab /usr/local/bin/

[gemini-code-assist]

The explicit return 0 is redundant in this shell function. By default, a function's return status is the exit status of the last command executed. Since echo will return 0 on success, the explicit return is not needed. Removing it makes the code more idiomatic. This advice applies to print_success, print_warning, and print_error as well.

Suggested change

	print_info() {
	local msg="$1"
	echo -e "${BLUE}[INFO]${NC} $msg"
	return 0
	}
	print_info() {
	local msg="$1"
	echo -e "${BLUE}[INFO]${NC} $msg"
	}

[gemini-code-assist]

The repo_path parameter is unused in this function, as gh secret list automatically targets the current repository. It's good practice to remove unused parameters for cleaner code. Also, using grep -E with single quotes for the pattern is slightly more robust and standard for alternations.

Don't forget to update the call to this function in check_github_status (line 247) by removing the $repo_path argument.

Suggested change

	check_github_secrets() {
	local repo_path="$1"
	if ! command -v gh &> /dev/null; then
	return 1
	fi
	# Check if ANTHROPIC_API_KEY secret exists
	local secrets
	secrets=$(gh secret list 2>/dev/null) || return 1
	if echo "$secrets" | grep -q "ANTHROPIC_API_KEY\|OPENAI_API_KEY\|GOOGLE_API_KEY"; then
	return 0
	fi
	return 1
	}
	check_github_secrets() {
	if ! command -v gh &> /dev/null; then
	return 1
	fi
	# Check if an AI provider API key secret exists
	local secrets
	secrets=$(gh secret list 2>/dev/null) || return 1
	if echo "$secrets" | grep -qE 'ANTHROPIC_API_KEY|OPENAI_API_KEY|GOOGLE_API_KEY'; then
	return 0
	fi
	return 1
	}

[augmentcode]

🤖 Augment PR Summary

Summary: Adds first-class documentation and templates for OpenCode’s GitHub/GitLab integrations so issues/PRs/MRs can trigger AI automation via comments.

Changes:

• Updated agent and tool docs to reference OpenCode GitHub/GitLab integrations
• Added .agent/scripts/opencode-github-setup-helper.sh to detect platform and check installation/workflow/secrets/CI status
• Added dedicated integration guides for GitHub (/oc, /opencode) and GitLab (@opencode)
• Added reusable CI templates: GitHub Actions workflow and GitLab CI job under configs/mcp-templates/

Technical Notes: Workflows run OpenCode on your CI runners and require configuring an AI provider API key (e.g., ANTHROPIC_API_KEY) plus platform-specific auth (GitHub App / GitLab token).

_{🤖 Was this summary useful? React with 👍 or 👎}

[augmentcode]

Review completed. 4 suggestions posted.

Comment augment review to trigger a new review at any time.

[augmentcode]

check_github_app() currently treats the presence of any GitHub App installation (via repos/$repo_path/installation) as “OpenCode App installed”, which can yield false positives if the repo has a different app installed.

_{🤖 Was this useful? React with 👍 or 👎}

[augmentcode]

This workflow triggers on any comment containing /oc or /opencode and runs with write permissions; consider ensuring only trusted commenters can trigger it (otherwise external commenters could potentially drive automated changes/cost).

_{🤖 Was this useful? React with 👍 or 👎}

[augmentcode]

Using sst/opencode/github@latest is a supply-chain/reproducibility risk for a workflow that can write to the repo; pinning to a specific version/SHA helps ensure runs are deterministic (also applies to other workflow snippets in this PR).

_{🤖 Was this useful? React with 👍 or 👎}

[augmentcode]

The glab tarball typically extracts to a nested path (commonly bin/glab), so mv glab /usr/local/bin/ may fail in CI unless the extracted binary path is referenced correctly (also applies to the GitLab doc snippet in this PR).

_{🤖 Was this useful? React with 👍 or 👎}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

.agent/tools/git/opencode-gitlab.md (1)

246-246: Minor: Fix capitalization in table.

The word "github" in the table should be capitalized as "GitHub" (official product name).

🔎 Proposed fix

-| Auto-setup | `opencode github install` | Manual |
+| Auto-setup | `opencode GitHub install` | Manual |

configs/mcp-templates/opencode-gitlab-ci.yml (1)

39-42: Add error handling for glab CLI installation.

The dynamic version fetching from GitHub API could fail due to network issues or API rate limits. Consider adding error handling or falling back to a known stable version.

🔎 Proposed enhancement

     # Install glab CLI for GitLab operations
     - |
-      GLAB_VERSION=$(curl -s https://api.github.com/repos/profclems/glab/releases/latest | grep tag_name | cut -d '"' -f 4)
+      GLAB_VERSION=$(curl -s https://api.github.com/repos/profclems/glab/releases/latest | grep tag_name | cut -d '"' -f 4 || echo "v1.36.0")
+      echo "Installing glab version: $GLAB_VERSION"
       curl -sL "https://github.com/profclems/glab/releases/download/${GLAB_VERSION}/glab_${GLAB_VERSION#v}_Linux_x86_64.tar.gz" | tar xz
       mv glab /usr/local/bin/
+      glab version || { echo "glab installation failed"; exit 1; }

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 595a060 and 918ac04.

📒 Files selected for processing (7)

• .agent/AGENTS.md
• .agent/scripts/opencode-github-setup-helper.sh
• .agent/tools/git.md
• .agent/tools/git/opencode-github.md
• .agent/tools/git/opencode-gitlab.md
• configs/mcp-templates/opencode-github-workflow.yml
• configs/mcp-templates/opencode-gitlab-ci.yml

🧰 Additional context used

📓 Path-based instructions (2)

.agent/scripts/*-helper.sh

📄 CodeRabbit inference engine (AGENTS.md)

.agent/scripts/*-helper.sh: Use consistent function naming patterns in Bash scripts following [service]-helper.sh model where service names are lowercase with hyphens
Document service-specific integration using the pattern: ./.agent/scripts/[service]-helper.sh [command] [account/instance] [target] [options]
Implement standard commands for all services: help, accounts|instances, monitor|audit|status using consistent parameter handling

Files:

• .agent/scripts/opencode-github-setup-helper.sh

.agent/**/*.md

📄 CodeRabbit inference engine (AGENTS.md)

.agent/**/*.md: Always include AI-CONTEXT-START and AI-CONTEXT-END comment markers in documentation files to separate condensed AI-friendly content from verbose human documentation
Use lowercase filenames with hyphens for all markdown documentation files in .agent/ directory (e.g., hostinger.md, api-integrations.md)

Files:

• .agent/tools/git/opencode-github.md
• .agent/tools/git.md
• .agent/tools/git/opencode-gitlab.md
• .agent/AGENTS.md

🧠 Learnings (17)

📓 Common learnings

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-29T04:35:16.725Z
Learning: Applies to .agent/scripts/{github,gitlab,gitea}-cli-helper.sh : Use helper scripts (github-cli-helper.sh, gitlab-cli-helper.sh, gitea-cli-helper.sh) for multi-account Git platform management with consistent CLI integration

📚 Learning: 2025-11-29T04:35:16.725Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-29T04:35:16.725Z
Learning: Applies to .agent/scripts/{github,gitlab,gitea}-cli-helper.sh : Use helper scripts (github-cli-helper.sh, gitlab-cli-helper.sh, gitea-cli-helper.sh) for multi-account Git platform management with consistent CLI integration

Applied to files:

• .agent/scripts/opencode-github-setup-helper.sh
• .agent/tools/git.md
• .agent/tools/git/opencode-gitlab.md
• .agent/AGENTS.md

📚 Learning: 2025-11-29T04:35:16.725Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-29T04:35:16.725Z
Learning: Applies to .agent/scripts/quality-*.sh : Organize code quality scripts into consistent categories: quality-check.sh for validation, quality-fix.sh for automated remediation, pre-commit-hook.sh for continuous assurance

Applied to files:

• .agent/scripts/opencode-github-setup-helper.sh

📚 Learning: 2025-11-29T04:35:16.725Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-29T04:35:16.725Z
Learning: Applies to .agent/scripts/*-helper.sh : Document service-specific integration using the pattern: ./.agent/scripts/[service]-helper.sh [command] [account/instance] [target] [options]

Applied to files:

• .agent/scripts/opencode-github-setup-helper.sh

📚 Learning: 2025-11-29T04:35:16.725Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-29T04:35:16.725Z
Learning: Applies to .agent/scripts/*-helper.sh : Implement standard commands for all services: help, accounts|instances, monitor|audit|status using consistent parameter handling

Applied to files:

• .agent/scripts/opencode-github-setup-helper.sh

📚 Learning: 2025-11-29T04:35:16.725Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-29T04:35:16.725Z
Learning: Applies to .agent/**/*.md : Always include AI-CONTEXT-START and AI-CONTEXT-END comment markers in documentation files to separate condensed AI-friendly content from verbose human documentation

Applied to files:

• .agent/tools/git/opencode-github.md
• .agent/tools/git/opencode-gitlab.md
• .agent/AGENTS.md

📚 Learning: 2025-11-29T04:34:27.147Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-29T04:34:27.147Z
Learning: All instructions, documentation, and operational guidance should be maintained in AGENTS.md as the single source of truth

Applied to files:

• .agent/tools/git/opencode-github.md
• .agent/AGENTS.md

📚 Learning: 2025-11-29T04:35:16.725Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-29T04:35:16.725Z
Learning: Never duplicate instructions across multiple documentation files; maintain single source of truth in ~/git/aidevops/AGENTS.md with minimal templates elsewhere

Applied to files:

• .agent/tools/git/opencode-github.md
• .agent/AGENTS.md

📚 Learning: 2025-11-29T04:35:25.058Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: templates/home/AGENTS.md:0-0
Timestamp: 2025-11-29T04:35:25.058Z
Learning: Reference ~/git/aidevops/AGENTS.md for all detailed AI assistant instructions and working directory specifications

Applied to files:

• .agent/tools/git/opencode-github.md

📚 Learning: 2025-11-29T04:34:24.044Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-29T04:34:24.044Z
Learning: This appears to be a reference to an AGENTS.md file

Applied to files:

• .agent/AGENTS.md

📚 Learning: 2025-11-29T04:34:30.730Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: GEMINI.md:0-0
Timestamp: 2025-11-29T04:34:30.730Z
Learning: Maintain all instructions, documentation, and operational guidance in AGENTS.md as the single source of truth

Applied to files:

• .agent/AGENTS.md

📚 Learning: 2025-11-29T04:34:42.024Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: AGENT.md:0-0
Timestamp: 2025-11-29T04:34:42.024Z
Learning: Reference AGENTS.md (authoritative) instead of AGENT.md for AI assistant guidance

Applied to files:

• .agent/AGENTS.md

📚 Learning: 2025-11-29T04:34:37.574Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: .windsurfrules:0-0
Timestamp: 2025-11-29T04:34:37.574Z
Learning: Applies to **/*agent*.md : Document agent capabilities, limitations, and decision-making processes

Applied to files:

• .agent/AGENTS.md

📚 Learning: 2025-11-29T04:35:16.725Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-29T04:35:16.725Z
Learning: Applies to .agent/**/*.md : Use lowercase filenames with hyphens for all markdown documentation files in .agent/ directory (e.g., hostinger.md, api-integrations.md)

Applied to files:

• .agent/AGENTS.md

📚 Learning: 2025-11-29T04:34:30.730Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: GEMINI.md:0-0
Timestamp: 2025-11-29T04:34:30.730Z
Learning: Reference AGENTS.md for authoritative AI assistant guidance instead of GEMINI.md

Applied to files:

• .agent/AGENTS.md

📚 Learning: 2025-11-29T04:35:16.725Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-29T04:35:16.725Z
Learning: Always reference ~/git/aidevops/AGENTS.md as the authoritative source for AI assistant instructions; never duplicate instructions in other AGENTS.md files

Applied to files:

• .agent/AGENTS.md

📚 Learning: 2025-11-29T04:35:16.725Z

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-29T04:35:16.725Z
Learning: Run quality checks before every commit: SonarCloud status verification, CodeFactor validation, ShellCheck compliance on modified files

Applied to files:

• .agent/AGENTS.md

🧬 Code graph analysis (1)

.agent/scripts/opencode-github-setup-helper.sh (5)

.agent/scripts/github-release-helper.sh (1)

• main (180-235)

setup.sh (1)

• setup_git_clis (58-133)

.agent/scripts/quality-feedback-helper.sh (3)

• cmd_codacy (169-213)
• main (379-444)
• cmd_status (56-91)

.agent/scripts/quality-check.sh (1)

• main (251-289)

.agent/scripts/pre-commit-hook.sh (1)

• main (145-212)

🪛 LanguageTool

.agent/tools/git/opencode-github.md

[uncategorized] ~21-~21: The official name of this software platform is spelled with a capital “H”.
Context: ...T --> ## Quick Reference - Setup: opencode github install (automated) - Trigger: `/o...

(GITHUB)

---

[uncategorized] ~76-~76: The official name of this software platform is spelled with a capital “H”.
Context: .... #### 2. Create Workflow File Create .github/workflows/opencode.yml: ```yaml name:...

(GITHUB)

.agent/tools/git/opencode-gitlab.md

[style] ~228-~228: Consider an alternative adverb to strengthen your wording.
Context: ...orrectly 2. Verify auth.json is created properly 3. Check pipeline logs for specific err...

(PROPERLY_THOROUGHLY)

---

[uncategorized] ~246-~246: The official name of this software platform is spelled with a capital “H”.
Context: ... (Files tab) | Limited | | Auto-setup | opencode github install | Manual | ## Related - **Gi...

(GITHUB)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Codacy Static Code Analysis

🔇 Additional comments (12)

.agent/AGENTS.md (2)

117-131: LGTM! OpenCode integration section is well-structured.

The documentation clearly explains the integration workflow with practical examples and proper cross-references to detailed documentation files.

---

198-198: LGTM! Table entry is consistent.

The tools/git table entry correctly references the new OpenCode integration documentation files.

.agent/tools/git/opencode-gitlab.md (1)

1-252: Excellent documentation structure and completeness.

The documentation provides comprehensive coverage of OpenCode GitLab integration including setup, usage, configuration, security, and troubleshooting. The AI-CONTEXT section follows coding guidelines and provides a clear quick reference.

configs/mcp-templates/opencode-github-workflow.yml (2)

1-68: Well-structured GitHub Actions workflow template.

The workflow correctly triggers on issue and PR comments, has appropriate permissions, and includes clear documentation for users.

---

44-44: Pin the OpenCode action to a commit SHA to comply with security requirements.

The workflow currently uses sst/opencode/github@latest, which violates GitHub Actions security compliance. All third-party actions must be pinned to a full-length commit SHA (never mutable tags like @latest or version tags).

To fix this, replace @latest with the commit SHA of the OpenCode release you intend to use, along with the human-readable tag as a comment for auditability. For example:

uses: sst/opencode/github@<full-commit-sha> # v<version>

Verify the SHA from the OpenCode GitHub Action repository and pin accordingly.

⛔ Skipped due to learnings

Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-29T04:35:16.743Z
Learning: Applies to .github/workflows/*.yml : All GitHub Actions workflows must pin to commit SHA, never use mutable tags, to maintain security compliance

configs/mcp-templates/opencode-gitlab-ci.yml (1)

1-114: Well-designed GitLab CI template with comprehensive setup.

The template provides both full and minimal configurations, includes necessary dependencies, and handles authentication properly. The caching strategy for npm packages is a nice optimization.

.agent/scripts/opencode-github-setup-helper.sh (3)

1-50: Excellent script structure and compliance with coding guidelines.

The script follows the *-helper.sh naming pattern, uses consistent color constants, and implements clear utility functions for user feedback. The use of set -euo pipefail and explicit return values demonstrates good Bash practices.

Based on learnings: Consistent with helper script patterns for Git platform management.

---

174-443: Well-implemented command structure following coding guidelines.

The script implements standard commands (check, setup, help) as required by coding guidelines for *-helper.sh scripts. The command routing is clear, and platform-specific logic is properly separated.

Based on learnings: Implements standard commands for services (help, status/check) with consistent parameter handling.

---

346-377: Workflow template generation is well-implemented.

The embedded template is consistent with the separate template file and includes all required permissions and triggers. The heredoc approach maintains good readability.

.agent/tools/git.md (1)

38-40: LGTM! OpenCode integration is well-integrated into git tools documentation.

The additions provide clear overview information and proper cross-references to the detailed OpenCode documentation files. The structure is consistent with the existing documentation style.

Also applies to: 169-197, 206-207

.agent/tools/git/opencode-github.md (2)

1-295: Excellent comprehensive documentation for OpenCode GitHub integration.

The documentation is thorough, well-organized, and covers all necessary topics including installation (automated and manual), usage examples, configuration options, permissions, troubleshooting, and security. The AI-CONTEXT section follows coding guidelines and provides an effective quick reference.

Note: The LanguageTool suggestions about "github" capitalization are false positives—these are actual command names that must be lowercase.

---

264-288: Strong security guidance and aidevops integration examples.

The security section appropriately emphasizes that code runs on user-controlled runners, and the aidevops integration examples show how to customize OpenCode behavior to match project conventions.