Codex generated cli lifecycle config auth#10
Merged
disk0Dancer merged 6 commits intomainfrom Apr 23, 2026
Merged
Conversation
There was a problem hiding this comment.
Pull request overview
Adds lifecycle and event-driven OpenAPI support to climate and generated CLIs, including local config/auth/event commands, plus climate shell completion and uninstall flows.
Changes:
- Extend OpenAPI parsing/types to support
webhooks(OAS 3.1) andcallbacks, and generate event definitions from them. - Add generated-CLI runtime surfaces:
config,auth, andeventscommands + supporting internal packages/templates. - Add climate UX improvements: shell completion install/uninstall, interactive confirmation for
remove, and a newuninstallcommand (with--fullcleanup).
Reviewed changes
Copilot reviewed 40 out of 40 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| skills/climate.md | Updates the climate skill docs to include events/config/auth, completions, remove confirmation, and uninstall. |
| skills/climate-generator/SKILL.md | Updates generator skill guidance to include completions/uninstall and new generated CLI capabilities. |
| skills-lock.json | Adds a lockfile entry for the climate-generator skill source/hash. |
| internal/uninstall/uninstall.go | Introduces uninstall detection + self-uninstall logic (standalone/go-install/homebrew) with optional full cleanup. |
| internal/uninstall/uninstall_test.go | Tests uninstall method detection and full uninstall cleanup behavior. |
| internal/spec/types.go | Adds webhooks, callbacks, and x-climate event/signature extensions to the OpenAPI model. |
| internal/spec/loader.go | Extends validation and $ref resolution to account for webhooks and callback parameters. |
| internal/spec/spec_test.go | Adds test coverage for parsing/validating specs with webhooks and callbacks. |
| internal/mock/mock.go | Refactors payload generation to allow generating payloads directly from an operation (used for events). |
| internal/skill/skill.go | Expands generated CLI skill prompt to document config/auth/events commands. |
| internal/skill/skill_test.go | Adds coverage ensuring the CLI prompt includes events/config/auth content. |
| internal/generator/generator.go | Embeds templates and generates new cmd/internal packages for events/config/auth; extracts event/auth definitions. |
| internal/generator/generator_test.go | Adds extensive tests verifying new generated files/commands parse and basic runtime behaviors work. |
| internal/generator/templates/root.go.tmpl | New root command template wiring config-based base URL and auth header/query precedence. |
| internal/generator/templates/main.go.tmpl | New main template for generated CLIs. |
| internal/generator/templates/client.go.tmpl | New HTTP client template for generated CLIs. |
| internal/generator/templates/events.go.tmpl | New generated CLI events command group (list/listen/emit) with signature/tunnel flags. |
| internal/generator/templates/internal_events.go.tmpl | New internal events runtime (listener, HMAC verification, cloudflared tunneling). |
| internal/generator/templates/internal_config.go.tmpl | New internal config store with profiles + secrets masking. |
| internal/generator/templates/config.go.tmpl | New generated CLI config command group (list/set/get/unset + profiles). |
| internal/generator/templates/auth.go.tmpl | New generated CLI auth command group (login/status/logout) with interactive prompting and OAuth2 token fetch. |
| internal/confirm/confirm.go | Adds reusable y/N confirmation prompting helper. |
| internal/confirm/confirm_test.go | Tests confirmation prompt behavior and retries. |
| internal/completion/completion.go | Adds completion script install/uninstall logic with managed shell-config blocks. |
| internal/completion/completion_test.go | Tests shell detection, path resolution, idempotent install, and safe uninstall behavior. |
| cmd/climate/commands/completion.go | Adds climate completion (print/install/uninstall) commands. |
| cmd/climate/commands/completion_test.go | Tests completion printing and install/uninstall flows. |
| cmd/climate/commands/remove.go | Adds confirmation-by-default to climate remove plus --yes, reusing uninstall removal helpers. |
| cmd/climate/commands/remove_test.go | Tests removal cancellation and confirmed deletion (including source purge). |
| cmd/climate/commands/uninstall.go | Adds climate uninstall with install-method detection, confirmation, and --full cleanup. |
| cmd/climate/commands/uninstall_test.go | Tests full uninstall flow and cleanup wiring. |
| cmd/climate/commands/test_helpers_test.go | Adds helper to capture stdout for CLI command tests. |
| docs/openapi-3-support-matrix.md | Updates support matrix to mark callbacks/webhooks as implemented and outlines next steps. |
| docs/design-generated-events.md | Adds design doc for generated CLI events/config/auth surfaces and signature/tunnel behavior. |
| docs/design-shell-completions.md | Adds design doc for climate shell completion generation/install/uninstall. |
| docs/design-uninstall.md | Adds design doc for climate uninstall/remove confirmation UX and safety rules. |
| docs/llms.txt | Updates LLM-facing command index with completion/uninstall and generated CLI event/config/auth capabilities. |
| docs/index.md | Updates docs site index with completion instructions and new commands/features. |
| docs/index.html | Updates static HTML landing page with completion + generated events/config/auth messaging and new commands. |
| README.md | Updates README with completion/uninstall usage and generated events/config/auth overview. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
|
||
| import ( | ||
| "bufio" | ||
| "bytes" |
There was a problem hiding this comment.
auth.go template imports bytes but does not use it anywhere, which will make generated CLIs fail to compile with an unused import error. Please remove the unused import (or use it if intended).
Suggested change
| "bytes" |
Comment on lines
+74
to
+82
| // writeOutput prints v as indented JSON to stdout. | ||
| func writeOutput(v interface{}) { | ||
| enc := json.NewEncoder(os.Stdout) | ||
| enc.SetIndent("", " ") | ||
| if err := enc.Encode(v); err != nil { | ||
| fmt.Fprintln(os.Stderr, "error encoding output:", err) | ||
| os.Exit(1) | ||
| } | ||
| } |
There was a problem hiding this comment.
The generated cmd templates call writeJSON(...) (e.g. auth/config/events), but this root template only defines writeOutput(...). This will fail to compile with undefined: writeJSON unless another file defines it. Consider renaming writeOutput to writeJSON, or adding a small writeJSON wrapper that calls writeOutput, and keep all templates consistent.
Comment on lines
+113
to
+128
| for _, pi := range spec.Webhooks { | ||
| for _, op := range pi.Operations() { | ||
| for i, p := range op.Parameters { | ||
| if p.Ref == "" { | ||
| continue | ||
| } | ||
| if !strings.HasPrefix(p.Ref, prefix) { | ||
| continue | ||
| } | ||
| name := strings.TrimPrefix(p.Ref, prefix) | ||
| if resolved, ok := spec.Components.Parameters[name]; ok { | ||
| op.Parameters[i] = resolved | ||
| } | ||
| } | ||
| } | ||
| } |
There was a problem hiding this comment.
resolveParameterRefs resolves parameter $refs for spec.Webhooks, but it does not call resolveCallbackParameterRefs for webhook operations. Since webhook operations can also define callbacks, any callback operation parameters under webhooks will be left unresolved. Call resolveCallbackParameterRefs(spec, op) inside the spec.Webhooks loop as well.
This bundles the current CLI lifecycle and generated-CLI UX work into one feature commit. The generated CLIs now use embedded source templates, expose local config/auth/event surfaces, and support local webhook workflows with a simpler HMAC-plus-cloudflared model. The climate CLI also gains completion install/uninstall flows plus safer lifecycle removal commands. Constraint: Keep generated projects dependency-light and usable without vendor-specific webhook SDKs Constraint: Preserve a clear local workflow for generated CLIs while avoiding unrelated changes such as skills-lock.json Rejected: Keep provider-specific webhook presets | added too much policy and duplicated runtime logic Rejected: Keep 'config configurations' UX | redundant wording and poor command ergonomics Confidence: medium Scope-risk: broad Reversibility: clean Directive: Keep generator templates as the only source of truth for generated file structure; do not move runtime policy back into large inline strings Tested: gofmt on modified Go files; golangci-lint run; go vet ./...; go build ./...; go test ./... Not-tested: Live cloudflared account/network flow against external service Not-tested: Full browser/device-code OAuth login flows for generated CLIs
The repository now includes the current skills lockfile so the published branch matches the local working tree exactly. Constraint: The user requested that every remaining change be included without rewriting the previous commit Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep lockfile-only updates separate from code changes unless they are generated as part of the same reviewed workflow Tested: git status after staging the remaining file Not-tested: Consumer workflows that read skills-lock.json
The remaining local changes correct generated template references so the built climate binary can generate and compile large CLIs like the GitHub CLI successfully. Constraint: Keep the fix isolated from the broader feature commit so branch state stays easy to rebase if needed Confidence: high Scope-risk: narrow Reversibility: clean Directive: Generated templates must stay compile-valid as a set; re-run generator-focused checks after changing template field names Tested: go test ./internal/generator; go build ./cmd/climate; generated github CLI build via /tmp/climate-local generate Not-tested: Full branch rebase against a newly fetched main
disk0Dancer
force-pushed
the
codex-generated-cli-lifecycle-config-auth
branch
from
1ed7caf to
cdd0b97
Compare
The docs now show the current generated CLI flow more explicitly, including profile setup, interactive auth, and event listening. Constraint: Keep the landing page aligned with the current generated CLI UX after the recent config/auth/events changes Confidence: high Scope-risk: narrow Reversibility: clean Directive: Update docs/index.md and docs/index.html together when generated CLI UX changes so the landing copy does not drift from the README Tested: manual diff review of README, docs/index.md, and docs/index.html Not-tested: Site build or external publish pipeline
The root command now falls back from the ldflags version to Go build info so climate -v and --version do not collapse to plain dev for ordinary local builds. Constraint: Release builds must continue to honor the explicit ldflags version unchanged Rejected: Keep plain dev fallback only | loses commit-level traceability in local binaries Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep version resolution centralized in cmd/climate/commands/root.go so release and local build behavior stay aligned Tested: go test ./cmd/climate/commands; go build ./cmd/climate; local build with ldflags version override prints the expected version Not-tested: Packaged release artifacts from GitHub Actions after this change
climate publish can now reuse repository metadata from the manifest, clone an existing remote repository into a temp checkout, overlay the generated project roots, refresh lifecycle-managed files in that clone, and push the result back over SSH. This fixes the non-fast-forward publish failure for already-managed repositories such as disk0Dancer/github without requiring a fresh GitHub API token on repeat publish runs. Constraint: Preserve existing remote repository files like README and GitHub workflows unless climate already manages them Rejected: Require a GitHub token for every repeat publish | unnecessary blocker for repositories that already have SSH metadata recorded Rejected: Blindly rsync the whole generated source tree with delete semantics into the repo root | too destructive for non-generated repository files Confidence: high Scope-risk: moderate Reversibility: clean Directive: Keep repeat publish SSH-safe and preserve non-generated remote files; only sync generated project roots plus climate-managed lifecycle files Tested: go test ./internal/publish; go build ./cmd/climate; /tmp/climate-local publish github succeeded against disk0Dancer/github Not-tested: New repository creation path without token (still intentionally unsupported)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Describe the change and why it is needed.
Changes
Required workflow checklist
docs/) when applicableREADME.md,docs/index.md) when behavior/UX changedskills/climate.md,skills/climate-generator/SKILL.md) when commands/workflows changedgo build ./...passesgo test ./...passes