Skip to content

feat(git): write-boundary L1/L2 preconditions, WriteBoundaryRefused status, and go 1.26.5 refresh#216

Merged
sunib merged 5 commits into
mainfrom
feat/gitops-api-f2-write-boundary
Jul 9, 2026
Merged

feat(git): write-boundary L1/L2 preconditions, WriteBoundaryRefused status, and go 1.26.5 refresh#216
sunib merged 5 commits into
mainfrom
feat/gitops-api-f2-write-boundary

Conversation

@sunib

@sunib sunib commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

Summary

Track-1 write-boundary hardening for F2 — the two invariants become explicit,
tested preconditions and reach the user as GitTarget status — plus a
go 1.26.5 / dependency refresh that clears the Scorecard vulnerability findings.

Write-boundary hardening

Design:
gittarget-granularity-and-cross-environment-edits.md §1.

  • L1 (pathScopePrecondition) — every planned write stays inside
    spec.path; an escaping path refuses the flush (IssueWriteEscapesScope).
    Defense-in-depth: planned paths are base-relative by construction, but this is
    the invariant "base is read-only" rests on under layout A, so it is asserted
    rather than assumed.
  • L2 (fanInPrecondition) — the former ambiguous-override write-through is
    now a refusal (IssueWriteFanIn), firing only on an actual write into a file
    more than one render path reaches (the diamond hole); the legitimate
    base-sharing layout is left untouched for F2.

Both run before any byte is touched, so a violation aborts the whole flush and
commits nothing.

Refusals now reach GitTarget status

A refused write plan on a live-event path used to be logged and dropped. The
resync path carries its refusal back on a result channel the router inspects,
but a live commit window is finalized on a timer with no channel to return
anything on — so an ambiguous write was correctly prevented while the
GitTarget stayed healthy. That is the worse failure: the user's kubectl apply
appears to have taken effect and Git never moves. Both live paths were affected
(open window and atomic request).

  • New git.PathRefusalReporter hook on the branch worker, installed by the
    watch manager (SetPathRefusalReporter, wired in cmd/main.go). Both live
    paths call it when errors.As recovers an AcceptanceRefusedError; every
    other error keeps its existing write-fault handling.
  • The atomic path resolves its target from the request, falling back to
    event-level metadata (atomicRefusalTarget) — buildAtomicPendingWrite only
    stamps request-level metadata onto events when the request carries it.
  • An unattributable refusal (either half of the target reference empty) is
    logged loudly and deliberately not recorded: the acceptance map is keyed by
    namespace/name, so a half-empty reference would file under a key no
    GitTarget reads and every such refusal would collide there.
  • Recovery stays with the resync path — a live write that happens to avoid the
    offending file proves nothing about the rest of the subtree.

New reason: WriteBoundaryRefused

A refusal composed purely of write-escapes-scope and/or write-fan-in
issues now reports WriteBoundaryRefused instead of the umbrella
UnsupportedContent; any mix with content issues still falls back. Both are in
the controller's stalled-reason set, so either way the GitTarget surfaces as
GitPathAccepted=False / Stalled=True / kstatus Failed.

The distinction: UnsupportedContent means this folder holds content we cannot
manage
; WriteBoundaryRefused means the folder is fine, this edit had nowhere
safe to land
.

Tests

The gap was that nothing connected the preconditions to the user-visible
surface, so the coverage is end to end:

  • internal/git — a real diamond repo driven through the real event loop: the
    reporter fires with the right GitTarget, and the local branch tip is unmoved
    (the refused write commits nothing). Verified load-bearing by neutering the
    fix, where it fails. Plus unit coverage for target resolution, the
    unattributable guard, and non-refusal pass-through.
  • internal/watch — the refusal becomes GitPathAccepted=False with reason
    WriteBoundaryRefused, plus a compile-time check that the Manager method
    still satisfies the hook signature so the main.go wiring cannot drift.
  • internal/controller — the reason carries through to Stalled=True.

Docs

Corrected, and sharpened on one distinction the docs were blurring — the hard
refusal that ships here is not the per-edit accounting that does not exist yet

(FullyReflected and the unreflected set appear in zero Go files):

Status Granularity Surface
Write-boundary refusal (L1/L2) shipped aborts the whole flush GitPathAccepted=False, Stalled=True, WriteBoundaryRefused
Per-edit FullyReflected accounting designed, unbuilt records the individual dropped edit planned condition + unreflected set
  • The "safe only emergently" / "warns and writes through" claims in
    kustomize-support-boundary-and-product-model.md
    now describe the refusal that shipped; the pre-F2/F4 prerequisite is marked done.
  • The granularity doc's status header, its "L2 is not enforced at all" paragraph,
    the ⚠ "emergent/buggy" callouts, and the §1 diagram (which claimed an
    unreflected-set record and FullyReflected=False) are corrected. The diagram
    now states the true granularity: whole-flush abort, one target-level condition.
  • README.md gains the write boundary under
    "What already works", and its launch-path paragraph no longer implies per-edit
    reporting exists today.
  • The archived F1 doc
    is marked superseded where it documents the write-through fallback this
    branch removed.
  • New §6 — reflecting an edit as a local override: why an overlay-local
    images:/replicas: entry is the L2-safe destination for an edit that would
    otherwise want to write base/, that it silently shadows the base, and a
    proposal to notify on the override created transition (commit-message
    trailer preferred over a target-scoped condition). Deferred to its own F-item.
  • Records the granularity decision (A per-overlay for launch / C later / B
    rejected) and the who-renders split for floating sources.

Known blind spot (documented, not fixed)

fanInPrecondition keys off reasonAmbiguousOverrides, so it catches a shared
file reached by competing override chains. A file shared by two render roots
with no images:/replicas: contention is not flagged — harmless under layout
A (such a doc is NamespaceNone, never matches a live object, never dirty), but
it is what must close before layout B could be offered. Generalizing to "any
file reachable from more than one render root" is F2 render-root scoping (§5).

Security refresh

  • x/crypto v0.53 → v0.54 drops the unmaintained openpgp package, clearing
    GO-2026-5932 (never reachable — go-git uses the ProtonMail fork).
  • go 1.26.4 → 1.26.5 fixes the reachable crypto/tls ECH leak
    GO-2026-5856; base-image digests re-pinned. govulncheck: 0.

Validation

task lint (0 issues) / task vet / task test green under go1.26.5; full
local task test-e2e passed (55 passed, 0 failed, 8 skipped). Unit coverage
75.3%, matching the committed .coverage-baseline.

🤖 Generated with Claude Code

sunib and others added 3 commits July 9, 2026 13:03
…dits (Track 1)

Records the Track-1 design decisions: the two-layer write boundary (L1
write-scope jail + L2 fan-in=1), the GitTarget granularity fork (Option A for
launch, C kept open for shared-defaults editing, B rejected as the operator
write model), and cross-environment editing (product promotion now, base-as-
variant later and only for shared defaults). Includes the who-renders split for
floating/external sources and mermaid overviews + action-to-output examples.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…ditions

Make the two write-boundary invariants explicit and tested rather than emergent,
before any byte is written (Track 1 prerequisite for F2):

- L1 (pathScopePrecondition): every planned write stays inside the GitTarget
  write scope; an absolute or ".."-escaping path refuses the flush
  (IssueWriteEscapesScope). Reads may reach shared context (../../base); writes
  never leave the scope. Defense-in-depth alongside ignoreShadowPrecondition.
- L2 (fanInPrecondition): a planned in-place edit of a source file more than one
  kustomize render path reaches with override entries at stake (the diamond
  hole) is now refused (IssueWriteFanIn) instead of falling back to write-
  through. It fires only on an actual planned write, so the legitimate base-
  sharing layout (base doc is NamespaceNone, never dirty) is not refused; F2
  render-root scoping generalizes the check. Store-side signal via
  ManifestStore.OverridesAmbiguousAt, derived from build-time diagnostics.

Both surface as the umbrella UnsupportedContent GitTarget reason (message names
the path + cause). Unit + end-to-end tests; unit coverage 75.2% -> 75.3%.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…2/GO-2026-5856

- golang.org/x/crypto v0.53.0 -> v0.54.0 drops the unmaintained openpgp package
  from the module graph, clearing GO-2026-5932. govulncheck and `go mod why`
  confirm our code neither imports nor calls it (go-git already uses the
  ProtonMail/go-crypto fork).
- go 1.26.4 -> 1.26.5 (go.mod, Dockerfile, .devcontainer/Dockerfile,
  test/mutationlab/Dockerfile; base-image digests re-pinned to the 1.26.5
  index) fixes the reachable crypto/tls ECH privacy leak GO-2026-5856.
- k8s.io/utils and transitive golang.org/x/{mod,sync,sys,term,text,tools}
  refreshed by go mod tidy.

govulncheck: 0 vulnerabilities affecting our code. lint/vet/unit tests green
under go1.26.5.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@coderabbitai

coderabbitai Bot commented Jul 9, 2026

Copy link
Copy Markdown

Review Change Stack

📝 Walkthrough

Walkthrough

Adds write-boundary refusal kinds and enforcement, wires refusal reporting into GitTarget status updates, updates related design docs, and bumps the Go 1.26.5 toolchain and pinned images.

Changes

Write-boundary enforcement and refusal reporting

Layer / File(s) Summary
Acceptance kinds and ambiguity detection
internal/manifestanalyzer/acceptance.go, internal/manifestanalyzer/acceptance_refusal.go, internal/manifestanalyzer/overrides.go, internal/manifestanalyzer/overrides_test.go, internal/manifestanalyzer/analyzer_test.go
Adds write-boundary issue kinds, variadic refusal-kind matching, ambiguity detection for override diagnostics, and analyzer expectations for the new issue kinds.
Flush write-boundary preconditions
internal/git/plan_flush.go
Updates flush control flow to run write-scope and write-fan-in preconditions after ignore-shadow checks, refusing escaping writes and ambiguous override fan-in before any bytes are written.
Refusal status reporting wiring
cmd/main.go, internal/git/branch_worker.go, internal/git/git_path_refusal.go, internal/git/worker_manager.go, internal/watch/event_router.go, internal/watch/git_path_acceptance.go, internal/controller/gittarget_controller.go, internal/controller/stream_status.go
Adds GitTarget refusal handling through the branch worker, worker manager, watch manager, controller reason mapping, and entrypoint wiring so live write refusals surface as GitTarget status transitions.
Write-boundary and refusal tests
internal/git/write_boundary_precondition_test.go, internal/git/git_path_refusal_test.go, internal/watch/event_router_test.go, internal/watch/git_path_acceptance_test.go, internal/controller/gittarget_status_test.go
Adds unit and integration coverage for write-scope escape detection, fan-in refusal, live GitTarget refusal reporting, controller status derivation, and refusal reason classification.

GitTarget and write-boundary design docs

Layer / File(s) Summary
Design doc updates
docs/design/gitops-api/README.md, docs/design/gitops-api/finished/f1-images-replicas-edit-through.md, docs/design/gitops-api/gittarget-granularity-and-cross-environment-edits.md, docs/design/gitops-api/kustomize-support-boundary-and-product-model.md
Rewrites the GitOps API design docs to describe explicit write-boundary refusal behavior, GitTarget granularity options, cross-environment edit models, and the resulting feature-ladder consequences.

Go 1.26.5 toolchain bump

Layer / File(s) Summary
Toolchain and dependency updates
Dockerfile, .devcontainer/Dockerfile, test/mutationlab/Dockerfile, go.mod, .coverage-baseline
Bumps Go to 1.26.5 across Dockerfiles and go.mod, updates indirect module versions, and raises the coverage baseline threshold.

Estimated code review effort: 4 (Complex) | ~60 minutes

Sequence Diagram(s)

sequenceDiagram
  participant BranchWorker
  participant WatchManager
  participant GitTargetController
  BranchWorker->>WatchManager: ReportGitPathRefusal(...)
  WatchManager->>GitTargetController: MarkTargetGitPathRefused(...)
  GitTargetController-->>WatchManager: status reason updated
  WatchManager-->>BranchWorker: refusal recorded
Loading

Possibly related PRs

  • ConfigButler/gitops-reverser#198: Introduces the kustomize override-chain ambiguity diagnostics that this PR’s OverridesAmbiguousAt and IssueWriteFanIn precondition consume.
🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed Docstring coverage is 85.19% which is sufficient. The required threshold is 80.00%.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Title check ✅ Passed The title clearly captures the write-boundary hardening, new GitTarget refusal status, and Go refresh that dominate the change.
Description check ✅ Passed The PR description is detailed and covers summary, tests, docs, validation, and security refresh, though some template sections are not filled in.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feat/gitops-api-f2-write-boundary

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
internal/git/plan_flush.go (1)

935-940: 🗄️ Data Integrity & Integration | 🔵 Trivial | ⚡ Quick win

Normalize the planned path before the fan-in lookup.

writePathEscapesScope allows non-escaping paths like foo/../bar, but fanInPrecondition checks ambiguity using the raw rel while the later write path is normalized. If a non-canonical key can enter wb.buffers, the L2 refusal can miss an ambiguous target.

Suggested hardening
 func writePathEscapesScope(rel string) bool {
 	if rel == "" || path.IsAbs(rel) {
 		return true
 	}
 	clean := path.Clean(rel)
 	return clean == ".." || strings.HasPrefix(clean, "../")
 }
@@
-		if wb.store.OverridesAmbiguousAt(rel) {
+		if wb.store.OverridesAmbiguousAt(path.Clean(rel)) {

Please also verify that all writeBatch.buffers keys are clean/slash-normalized at construction time.

Also applies to: 959-967

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@internal/git/plan_flush.go` around lines 935 - 940, Normalize and validate
the planned relative path before it reaches the fan-in ambiguity check in
fanInPrecondition, since writePathEscapesScope and the later write path use a
cleaned value while the lookup still uses the raw rel. Update the writeBatch
construction path so wb.buffers keys are always clean and slash-normalized up
front, and make fanInPrecondition use the same normalized form when checking for
ambiguous targets. Keep the fix centered around writePathEscapesScope,
fanInPrecondition, and writeBatch.buffers.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@internal/git/plan_flush.go`:
- Around line 935-940: Normalize and validate the planned relative path before
it reaches the fan-in ambiguity check in fanInPrecondition, since
writePathEscapesScope and the later write path use a cleaned value while the
lookup still uses the raw rel. Update the writeBatch construction path so
wb.buffers keys are always clean and slash-normalized up front, and make
fanInPrecondition use the same normalized form when checking for ambiguous
targets. Keep the fix centered around writePathEscapesScope, fanInPrecondition,
and writeBatch.buffers.

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 484a1758-be0a-46d3-80c1-a789fbed5e05

📥 Commits

Reviewing files that changed from the base of the PR and between 22e9e92 and defc6e8.

⛔ Files ignored due to path filters (1)
  • go.sum is excluded by !**/*.sum
📒 Files selected for processing (12)
  • .coverage-baseline
  • .devcontainer/Dockerfile
  • Dockerfile
  • docs/design/gitops-api/gittarget-granularity-and-cross-environment-edits.md
  • go.mod
  • internal/git/plan_flush.go
  • internal/git/write_boundary_precondition_test.go
  • internal/manifestanalyzer/acceptance.go
  • internal/manifestanalyzer/analyzer_test.go
  • internal/manifestanalyzer/overrides.go
  • internal/manifestanalyzer/overrides_test.go
  • test/mutationlab/Dockerfile

@sunib sunib changed the title Write-boundary hardening (F2 Track 1) + go 1.26.5 / dependency refresh feat(git): write-boundary L1/L2 preconditions and go 1.26.5 dependency refresh Jul 9, 2026
@codecov

codecov Bot commented Jul 9, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 93.96552% with 7 lines in your changes missing coverage. Please review.

Files with missing lines Patch % Lines
internal/git/branch_worker.go 79.1% 3 Missing and 2 partials ⚠️
internal/git/plan_flush.go 95.6% 1 Missing and 1 partial ⚠️

📢 Thoughts on this report? Let us know!

…BoundaryRefused

A write-plan refusal on a live-event path was logged and dropped. The resync
path carries its refusal back on a result channel the router inspects, but a
live commit window is finalized on a timer with no channel to return anything
on, so an ambiguous write was correctly prevented while the GitTarget stayed
healthy — the user's apply appeared to take effect and Git never moved. Both
live paths were affected: the open window and the atomic request.

Give the branch worker a PathRefusalReporter hook, installed by the watch
manager, and call it from both paths when errors.As recovers an
AcceptanceRefusedError. Every other error keeps its existing write-fault
handling. Recovery stays with the resync path: a live write that happens to
avoid the offending file proves nothing about the rest of the subtree.

Name the two write-boundary refusals rather than hiding them behind the
umbrella UnsupportedContent: a refusal composed purely of write-escapes-scope
and/or write-fan-in issues now reports WriteBoundaryRefused, which is in the
controller's stalled-reason set. UnsupportedContent means the folder holds
content we cannot manage; WriteBoundaryRefused means the folder is fine and the
edit had nowhere safe to land. AllIssuesOfKind becomes variadic
AllIssuesOfKinds to express "all issues are among this set".

Tests cover the path end to end, since the gap was that nothing connected the
preconditions to the user-visible surface: a real diamond repo driven through
the real event loop (reporter fires, branch tip unmoved), the watch mapping to
GitPathAccepted=False, and the controller mapping to Stalled=True.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@sunib sunib changed the title feat(git): write-boundary L1/L2 preconditions and go 1.26.5 dependency refresh feat(git): write-boundary L1/L2 preconditions, WriteBoundaryRefused status, and go 1.26.5 refresh Jul 9, 2026
@sunib
sunib merged commit e9a2476 into main Jul 9, 2026
15 of 16 checks passed
@sunib
sunib deleted the feat/gitops-api-f2-write-boundary branch July 9, 2026 15:08

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@internal/git/write_boundary_precondition_test.go`:
- Around line 166-177: Update diamondGitTarget to use the production-valid
repository-root path convention instead of an empty string. The issue is in the
GitTargetSpec construction within diamondGitTarget, where Path is set to an
invalid empty value. Change the Path field to "." so the test matches the
documented GitTargetSpec.Path behavior and stays aligned with any future
validation in configv1alpha3.GitTargetSpec.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 41b17aaf-00c9-4445-a147-8802dc0ae7c7

📥 Commits

Reviewing files that changed from the base of the PR and between defc6e8 and 8e4afd6.

📒 Files selected for processing (19)
  • cmd/main.go
  • docs/design/gitops-api/README.md
  • docs/design/gitops-api/finished/f1-images-replicas-edit-through.md
  • docs/design/gitops-api/gittarget-granularity-and-cross-environment-edits.md
  • docs/design/gitops-api/kustomize-support-boundary-and-product-model.md
  • internal/controller/gittarget_controller.go
  • internal/controller/gittarget_status_test.go
  • internal/controller/stream_status.go
  • internal/git/branch_worker.go
  • internal/git/git_path_refusal.go
  • internal/git/git_path_refusal_test.go
  • internal/git/worker_manager.go
  • internal/git/write_boundary_precondition_test.go
  • internal/manifestanalyzer/acceptance.go
  • internal/manifestanalyzer/acceptance_refusal.go
  • internal/watch/event_router.go
  • internal/watch/event_router_test.go
  • internal/watch/git_path_acceptance.go
  • internal/watch/git_path_acceptance_test.go
✅ Files skipped from review due to trivial changes (3)
  • docs/design/gitops-api/finished/f1-images-replicas-edit-through.md
  • internal/controller/gittarget_controller.go
  • internal/controller/gittarget_status_test.go
🚧 Files skipped from review as they are similar to previous changes (1)
  • internal/manifestanalyzer/acceptance.go

Comment on lines +166 to +177
// diamondGitTarget is the GitTarget the live-path test's events name, rooted at the repo root
// so the whole diamond is inside its write scope.
func diamondGitTarget(providerName, branch string) *configv1alpha3.GitTarget {
return &configv1alpha3.GitTarget{
ObjectMeta: metav1.ObjectMeta{Name: "podinfo-test", Namespace: "default"},
Spec: configv1alpha3.GitTargetSpec{
ProviderRef: configv1alpha3.GitProviderReference{Name: providerName},
Branch: branch,
Path: "",
},
}
}

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win

Use Path: "." instead of Path: "" in diamondGitTarget.

The GitTargetSpec.Path field documentation states an empty string is rejected (+kubebuilder:validation:MinLength=1), and "." is the documented convention for deliberately targeting the repository root. While the test bypasses API validation by constructing the object directly, using the production-valid value improves test fidelity and prevents breakage if code-level path validation is added later.

🔧 Proposed fix
 func diamondGitTarget(providerName, branch string) *configv1alpha3.GitTarget {
 	return &configv1alpha3.GitTarget{
 		ObjectMeta: metav1.ObjectMeta{Name: "podinfo-test", Namespace: "default"},
 		Spec: configv1alpha3.GitTargetSpec{
 			ProviderRef: configv1alpha3.GitProviderReference{Name: providerName},
 			Branch:      branch,
-			Path:        "",
+			Path:        ".",
 		},
 	}
 }
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
// diamondGitTarget is the GitTarget the live-path test's events name, rooted at the repo root
// so the whole diamond is inside its write scope.
func diamondGitTarget(providerName, branch string) *configv1alpha3.GitTarget {
return &configv1alpha3.GitTarget{
ObjectMeta: metav1.ObjectMeta{Name: "podinfo-test", Namespace: "default"},
Spec: configv1alpha3.GitTargetSpec{
ProviderRef: configv1alpha3.GitProviderReference{Name: providerName},
Branch: branch,
Path: "",
},
}
}
// diamondGitTarget is the GitTarget the live-path test's events name, rooted at the repo root
// so the whole diamond is inside its write scope.
func diamondGitTarget(providerName, branch string) *configv1alpha3.GitTarget {
return &configv1alpha3.GitTarget{
ObjectMeta: metav1.ObjectMeta{Name: "podinfo-test", Namespace: "default"},
Spec: configv1alpha3.GitTargetSpec{
ProviderRef: configv1alpha3.GitProviderReference{Name: providerName},
Branch: branch,
Path: ".",
},
}
}
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@internal/git/write_boundary_precondition_test.go` around lines 166 - 177,
Update diamondGitTarget to use the production-valid repository-root path
convention instead of an empty string. The issue is in the GitTargetSpec
construction within diamondGitTarget, where Path is set to an invalid empty
value. Change the Path field to "." so the test matches the documented
GitTargetSpec.Path behavior and stays aligned with any future validation in
configv1alpha3.GitTargetSpec.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant