Skip to content

Audit configured labels at /setup time and offer to create any missing ones#185

Merged
sebastientaggart merged 1 commit into
devfrom
feature/183-setup-label-audit
Jun 11, 2026
Merged

Audit configured labels at /setup time and offer to create any missing ones#185
sebastientaggart merged 1 commit into
devfrom
feature/183-setup-label-audit

Conversation

@sebastientaggart

Copy link
Copy Markdown
Member

Add a configured-label audit step to /setup Phase 4 so missing labels are caught at setup time rather than at the first downstream skill that needs them.

What's new

  • skills/github-agile/scripts/label-audit.py — reads .codecannon.yaml, collects the labels configured skills will try to apply (TICKET_LABELS pool plus the three QA_*_LABEL values, skipping any that are unset), diffs against gh label list, and prints missing names one-per-line on stdout. A short diagnostic line goes to stderr. The calling skill can branch on "is stdout empty?" without ingesting the full 100-label JSON dump from gh.
  • skills/github-agile/scripts/label-create.py — wraps gh label create with a baked-in defaults table for well-known names (bug, enhancement, documentation, chore, ready-for-qa, qa-passed, qa-failed) plus a neutral gray fallback for renamed/unknown names. Warn-and-continue on individual failures (typically "already exists"), exits 0 as long as the loop completed — same posture as submit-for-review should apply a configurable ready-for-qa label to the closed issue after merge #182.
  • skills/github-agile/setup.md Phase 4 — adds a "Configured-label audit" sub-section that calls the audit script, branches on empty output, and on missing names asks the operator once before invoking label-create.py. The existing greenfield baseline block was also refactored to call label-create.py with the fixed list, eliminating the previous "use sensible colors and short descriptions" improvisation surface.

Scope decision

Original ticket was a skill-text-only audit. Expanded scope in conversation to extract the mechanical bits into two scripts, matching the recent direction of extracting mechanical sequences (#163, #166, #168). The audit script in particular avoids piping 100 labels' worth of JSON through the LLM's context. Interactive bits (yes/no parsing, summary prose) stay in the skill template — that's the right division.

Verification

  • make check passes (placeholder + permission validation).
  • Live label-audit.py run against this repo's config: 7 configured labels, 0 missing — silent-pass branch behaves correctly.
  • Live label-create.py ready-for-qa against an existing label: warns to stderr, exits 0.
  • python3 is already in permissions.yaml, so no permission entries needed for the new scripts.

Closes #183

@sebastientaggart

Copy link
Copy Markdown
Member Author

Review Summary

Verdict: APPROVE

Findings

  • [NOTE] Tooling change for /setup Phase 4 — adds label-audit.py and label-create.py plus a new "Configured-label audit" sub-section. No auth, payments, secrets, prod-config, or destructive operations touched; sensitive-area gate does not fire.
  • [NOTE] ./sync.py --dry-run reports all four adapter outputs (.claude/commands/setup.md, .cursor/rules/setup.mdc, .agents/skills/setup/SKILL.md, .gemini/skills/setup/SKILL.md) up to date with the regenerated hashes in the diff matching the source skill text.
  • [NOTE] Both scripts are exec-bitted (mode 755) and invoked via python3 <path> from the skill text; python3 is already an allowed prefix in permissions.yaml, so no new permission entries are required.
  • [NOTE] Neither script imports from sync.py — consistent with the existing self-contained-script convention in skills/github-agile/scripts/ (bump-and-tag.py, post-issue-comment.py, sync-base-branch.py).
  • [NOTE] Live exercise against this repo's .codecannon.yaml: label-audit.py reports audited 7 configured label(s); 0 missing exit 0 (silent-pass branch), and label-create.py with no args prints usage to stderr and exits 3 — matches the documented behavior in both module docstrings.
  • [NOTE] The minimal YAML reader in label-audit.py correctly handles the actual config shape — flat config: block at indent 2, quoted comma-list TICKET_LABELS, and the | block-scalar entries (e.g. SENSITIVE_AREAS_CATEGORIES) are explicitly skipped because the audit only needs string values.
  • [NOTE] Scope was expanded from a skill-text-only audit to extract the two scripts (per the PR description and submit-for-review should apply a configurable ready-for-qa label to the closed issue after merge #182's warn-and-continue posture). The audit script's stdout-is-the-signal contract keeps a potential 100-label JSON dump out of LLM context, and the create script eliminates the prior "use sensible colors" improvisation surface.

@sebastientaggart sebastientaggart merged commit d66bd0c into dev Jun 11, 2026
6 checks passed
@sebastientaggart sebastientaggart deleted the feature/183-setup-label-audit branch June 11, 2026 22:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant