Skip to content

Commit 35d1606

Browse files
ggallenclaude
andcommitted
feat!: rename "coder" role to "code"
Rename the "coder" agent role to "code" across the entire codebase for consistency with stage naming (triage/triage, code/code, review/review, fix/fix, retro/retro, prioritize/prioritize, fullsend/fullsend). Updates all references in Go source, configs, tests, workflows, docs, scaffold templates, admin UI, and the mint-enroll skill. Adds a transitional "coder" alias in the mint's rolePermissions for backward compatibility during migration. Also fixes a pre-existing gap where the admin UI's VALID_ROLES only had 4 roles (fullsend, triage, coder, review) while Go's ValidRoles() had 7. Updated to match: fullsend, triage, code, review, fix, retro, prioritize. BREAKING CHANGE: The "coder" role is renamed to "code". Existing installations must update GitHub App slugs, Secret Manager secrets, and ROLE_APP_IDS env vars. See deployment sequence in PR description. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Greg Allen <gallen@redhat.com>
1 parent 1088f9b commit 35d1606

46 files changed

Lines changed: 403 additions & 401 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.github/actions/mint-token/action.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ description: >-
55
66
inputs:
77
role:
8-
description: Agent role name (e.g. triage, coder, review, fullsend)
8+
description: Agent role name (e.g. triage, code, review, fullsend)
99
required: true
1010
repos:
1111
description: Comma-separated repo names to scope the token to

.github/workflows/reusable-code.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -101,11 +101,11 @@ jobs:
101101
source_repo: ${{ inputs.source_repo }}
102102
install_mode: ${{ inputs.install_mode }}
103103

104-
- name: Mint coder token
104+
- name: Mint code token
105105
id: app-token
106106
uses: fullsend-ai/fullsend/.github/actions/mint-token@v0
107107
with:
108-
role: coder
108+
role: code
109109
repos: ${{ steps.repo-parts.outputs.name }}
110110
mint_url: ${{ inputs.mint_url }}
111111

.github/workflows/reusable-dispatch.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -264,7 +264,7 @@ jobs:
264264
fi
265265
STAGE_ROLE="$STAGE"
266266
case "$STAGE" in
267-
code|fix) STAGE_ROLE="coder" ;;
267+
code|fix) STAGE_ROLE="code" ;;
268268
retro|prioritize) STAGE_ROLE="fullsend" ;;
269269
esac
270270
ROLES=$(yq '.roles[]' .fullsend/config.yaml 2>/dev/null || echo "")

.github/workflows/reusable-fix.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -113,11 +113,11 @@ jobs:
113113
source_repo: ${{ inputs.source_repo }}
114114
install_mode: ${{ inputs.install_mode }}
115115

116-
- name: Mint coder token
116+
- name: Mint code token
117117
id: app-token
118118
uses: fullsend-ai/fullsend/.github/actions/mint-token@v0
119119
with:
120-
role: coder
120+
role: code
121121
repos: ${{ steps.repo-parts.outputs.name }}
122122
mint_url: ${{ inputs.mint_url }}
123123

docs/ADRs/0024-harness-definitions.md

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -186,9 +186,9 @@ harness/
186186
gather-triage-output.sh
187187
push-to-issue.sh
188188
code/
189-
coder/
190-
coder.yaml
191-
coder.md
189+
code/
190+
code.yaml
191+
code.md
192192
fetch-issue-for-code.sh
193193
linter.sh
194194
push-to-PR.sh
@@ -226,7 +226,7 @@ agents/ # Agent definitions (.md, following Claude standard)
226226
completeness-assessor.md
227227
priority-evaluator.md
228228
triage-summary.md
229-
coder.md
229+
code.md
230230
arch-reviewer.md
231231
docs-reviewer.md
232232
@@ -262,7 +262,7 @@ harness/ # Per-agent harness configs — the glue
262262
completeness-assessor.yaml
263263
priority-evaluator.yaml
264264
triage-summary.yaml
265-
coder.yaml
265+
code.yaml
266266
arch-reviewer.yaml
267267
docs-reviewer.yaml
268268
```

docs/ADRs/0031-reusable-workflows-for-action-installed-distribution.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -151,6 +151,6 @@ caller's perspective.
151151
- **Token generation uses OIDC:** Reusable workflows use the `mint-token`
152152
composite action for OIDC-based token minting
153153
([ADR 0029](https://github.com/fullsend-ai/fullsend/pull/655)). Each
154-
reusable workflow requests a scoped token for its role (triage, coder,
154+
reusable workflow requests a scoped token for its role (triage, code,
155155
review, fullsend) — no PEMs or App secrets in the calling repo. The fix
156-
workflow reuses the coder role.
156+
workflow reuses the code role.

docs/ADRs/0033-per-repo-installation-mode.md

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ Some users cannot or do not want to use the per-org model:
3535

3636
Three ADRs and the implementation in PR 792 create the building blocks that make per-repo possible:
3737

38-
- ADR 0029 replaces PEM secrets and dispatch PATs with OIDC-based credential issuance via a central token mint. The `mint-token` composite action takes a role name (triage, coder, review, fix) and returns a scoped GitHub App installation token — no PEMs or client IDs in the calling repo.
38+
- ADR 0029 replaces PEM secrets and dispatch PATs with OIDC-based credential issuance via a central token mint. The `mint-token` composite action takes a role name (triage, code, review, fix) and returns a scoped GitHub App installation token — no PEMs or client IDs in the calling repo.
3939
- [ADR 0031](0031-reusable-workflows-for-action-installed-distribution.md) publishes five reusable workflows (`reusable-triage.yml`, `reusable-code.yml`, `reusable-review.yml`, `reusable-fix.yml`, `reusable-retro.yml`) and four composite actions (`fullsend`, `mint-token`, `validate-enrollment`, `setup-gcp`) from `fullsend-ai/fullsend`, enabling any repo to call fullsend infrastructure via `workflow_call` without copying workflow files. Scaffold stage workflows in `.fullsend` are now thin callers (41–66 lines) that delegate to these reusable workflows.
4040
- [ADR 0034](0034-centralized-shim-routing-via-dispatch.md) centralizes event-to-stage routing in `dispatch.yml` within the `.fullsend` config repo. The enrolled-repo shim (~70 lines) forwards raw event context to `dispatch.yml` via `workflow_call`; `dispatch.yml` (~370 lines) determines the stage, mints an OIDC dispatch token, validates the stage, checks the kill switch, and dispatches to the matching thin caller via `workflow_call`. Adding a new stage requires only a case branch in `dispatch.yml` — zero changes to enrolled repos.
4141
- ADR 0035 introduces layered content resolution: upstream defaults (agents, skills, schemas, harness, policies, scripts) are sparse-checked from `fullsend-ai/fullsend` at runtime, then org overrides from `customized/` are copied on top. The scaffold installs only org-specific files (~23 files instead of ~68).
@@ -64,19 +64,19 @@ Run `fullsend admin install` targeting a single repo instead of an org. Copy all
6464

6565
Use one GitHub App for triage, code, review, and fix roles to simplify per-repo setup.
6666

67-
**Rejected**: GitHub suppresses events triggered by pushes made with any `GITHUB_TOKEN` or GitHub App installation token, to prevent infinite loops. Two separate Apps work because a push made with App-A's token _does_ generate events that trigger workflows authenticated as App-B. The fix→review loop requires the coder/fix agent to push commits that trigger review — if both roles share one App, the push token matches the workflow's App and the event is silently suppressed, breaking the feedback cycle. At minimum, coder and review must be separate Apps.
67+
**Rejected**: GitHub suppresses events triggered by pushes made with any `GITHUB_TOKEN` or GitHub App installation token, to prevent infinite loops. Two separate Apps work because a push made with App-A's token _does_ generate events that trigger workflows authenticated as App-B. The fix→review loop requires the code/fix agent to push commits that trigger review — if both roles share one App, the push token matches the workflow's App and the event is silently suppressed, breaking the feedback cycle. At minimum, code and review must be separate Apps.
6868

6969
### Alternative 3: Per-repo as a separate codebase
7070

7171
Build a standalone per-repo tool or action that does not share infrastructure with per-org fullsend.
7272

7373
**Rejected**: Duplicates agent logic, composite action, and security controls. Per-repo should reuse the same reusable workflows as per-org, with mode detection to adapt behavior.
7474

75-
### Alternative 4: Two-app minimum (coder + review)
75+
### Alternative 4: Two-app minimum (code + review)
7676

7777
Reduce per-repo to two Apps instead of matching the full per-org app set.
7878

79-
**Rejected**: Dropping the triage App forces triage to share one of the other App identities, which conflates permissions (triage only needs `issues:write`, while coder has `contents:write`). The full per-role model (ADR 0007) provides least-privilege isolation. CLI automation (`fullsend admin install`) makes creating the Apps straightforward.
79+
**Rejected**: Dropping the triage App forces triage to share one of the other App identities, which conflates permissions (triage only needs `issues:write`, while code has `contents:write`). The full per-role model (ADR 0007) provides least-privilege isolation. CLI automation (`fullsend admin install`) makes creating the Apps straightforward.
8080

8181
## Decision
8282

@@ -217,7 +217,7 @@ Per-repo maps to these profiles:
217217
| **Self-managed** | Per-repo user deploys own mint + own Apps | `fullsend admin install owner/repo --mint-project=my-proj` creates everything |
218218

219219
**SaaS profile (default)**: The simplest path. Shared public Apps
220-
(`fullsend-ai-triage`, `fullsend-ai-coder`, `fullsend-ai-review`) are pre-created
220+
(`fullsend-ai-triage`, `fullsend-ai-code`, `fullsend-ai-review`) are pre-created
221221
by the platform operator and installed on the per-repo user's repo (requires
222222
org admin approval). The `mint-token` composite action exchanges a GitHub
223223
OIDC token for a scoped installation token — no PEMs, client IDs, or App
@@ -255,7 +255,7 @@ Shared flags (valid for both per-org and per-repo):
255255
- `--mint-url` — token mint URL for OIDC token exchange (optional; auto-discovered from `--mint-project`/`--mint-region` if omitted)
256256
- `--mint-project` — GCP project containing the mint function (defaults to `--inference-project` in per-repo)
257257
- `--mint-region` — cloud region for the mint function (default: `us-central1`)
258-
- `--agents` — comma-separated agent roles (default: `fullsend,triage,coder,review,retro,prioritize`)
258+
- `--agents` — comma-separated agent roles (default: `fullsend,triage,code,review,retro,prioritize`)
259259
- `--dry-run` — preview changes without making them
260260
- `--skip-app-setup` — skip GitHub App creation (reuse existing apps)
261261
- `--skip-mint-deploy` — skip Cloud Function deployment, reuse existing mint URL
@@ -336,7 +336,7 @@ Ordered by the project's threat priority (external injection > insider > drift >
336336
- **Base-branch config reads**: Reusable workflows read `.fullsend/`, `AGENTS.md`, and workflow files from the base branch only (enforced by `pull_request_target`). PR authors cannot inject modified agent instructions or policies via their PR.
337337
- **Template validation**: `fullsend admin install` generates the workflow file with `pull_request_target`. Users who modify it are warned in documentation.
338338
- **Minimal payload**: Following per-org `dispatch.yml`, `reusable-dispatch.yml` reads event context from `github.event.*` expressions (available in `workflow_call` callee context) rather than passing the full payload as an input.
339-
- **Clear error messages**: Credential auto-detection reports why coder and review Apps must be separate, with a link to setup documentation.
339+
- **Clear error messages**: Credential auto-detection reports why code and review Apps must be separate, with a link to setup documentation.
340340
- **Migration path**: Per-repo users who outgrow the model can migrate to per-org without changing agent behavior — the same reusable workflows power both modes.
341341

342342
## Resolved Questions

docs/agents/code.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# Code Agent
22

3-
![Code agent icon](icons/coder.png)
3+
![Code agent icon](icons/code.png)
44

55
Implementation specialist that reads triaged GitHub issues, implements fixes or features following repository conventions, runs tests and linters, and commits to a local feature branch.
66

docs/agents/fix.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# Fix Agent
22

3-
<img src="icons/coder.png" alt="Fix agent icon" width="80">
3+
<img src="icons/code.png" alt="Fix agent icon" width="80">
44

55
Review-feedback specialist that reads review comments on open PRs, implements targeted fixes, runs tests and linters, and commits the result.
66

docs/agents/icons/COLORS.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ Original background circle color for each agent icon.
55
| Icon | Hex | RGB |
66
|------|-----|-----|
77
| bootstrap | `#1d4f5d` | 29, 79, 93 |
8-
| coder | `#8b687d` | 139, 104, 125 |
8+
| code | `#8b687d` | 139, 104, 125 |
99
| discovery | `#b7cc63` | 183, 204, 99 |
1010
| prioritize | `#f08175` | 240, 129, 117 |
1111
| refinement | `#916b7c` | 145, 107, 124 |

0 commit comments

Comments
 (0)