From c412e82b055fa3d13bccbc8b5152c708cfd20f59 Mon Sep 17 00:00:00 2001 From: JasonWildMe Date: Sat, 25 Apr 2026 08:49:12 -0700 Subject: [PATCH 1/2] docs: realign CI review loop to actual fork integrations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Drop Codecov / SonarCloud from the CLAUDE.md review loop — neither is installed on the WildMeOrg fork (the original CI Review Loop section inherited them aspirationally from upstream). Document what's actually in place now: - GitHub Actions CI (typecheck / test / lint / android-build) as the merge-blocking gate - Gemini Code Assist (installed today) as the auto-review bot, with /gemini review for re-triggering - Codex 5.5 as an on-demand second-opinion review tool, not part of the routine PR loop - Human review as the final gate Also update the push workflow to wait on GitHub Actions first before pulling Gemini comments, since Gemini posts independently of CI. Note that Codecov/SonarCloud can be reinstated later if needed; CodeQL is the lighter-weight free SAST alternative. Co-Authored-By: Claude Opus 4.7 (1M context) --- CLAUDE.md | 66 +++++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 49 insertions(+), 17 deletions(-) diff --git a/CLAUDE.md b/CLAUDE.md index 6ad95285..77a0d19e 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -23,26 +23,58 @@ When asked to push code, follow this full workflow: 0. ensure that you are on a branch that is specific to this change i.e feat/new-feature or fix/bug-fix or docs/update-readme or chore/update-dependencies, or test/new-test, etc 1. Push the branch to the remote (`git push -u origin `) 2. Create a PR using `gh pr create`. Ensure that you are adhering to the PR template. **Do NOT include "Generated with Claude Code" or any AI attribution in PR descriptions.** -3. Wait for Gemini to review the PR (poll with `gh pr checks` and `gh api repos/{owner}/{repo}/pulls/{number}/reviews` until a review appears) -4. Once a review exists, pull down the review comments: `gh api repos/{owner}/{repo}/pulls/{number}/comments` and `gh api repos/{owner}/{repo}/pulls/{number}/reviews` -5. Address every review comment — fix the code, re-run the quality gates (tests, lint, tsc). Resolve the comment appropriately and post that on the PR directly. -6. Push the fixes -7. Report what was changed in response to the review +3. Wait for GitHub Actions CI to start. Poll with `gh pr checks ` until all four jobs (`typecheck`, `test`, `lint`, `android-build`) report a status. If any fail, fix and re-push before reading reviewer comments. +4. Once CI is green, wait for Gemini to post (`gh api repos/{owner}/{repo}/pulls/{number}/comments` + `.../reviews`). +5. Address every Gemini review comment — fix the code, or reply on the thread explaining why it's fine. Resolve the conversation either way. +6. Push the fixes; pre-commit gates re-run. Comment `/gemini review` to re-trigger Gemini. +7. Loop until CI is green and Gemini has nothing blocking. +8. Report what was changed in response to the review. ## CI Review Loop -The repo has three automated reviewers on every PR. After pushing, loop until all are green: +After pushing, loop until everything below is green or addressed. -| Reviewer | What it checks | How to address | -|---|---|---| -| **Gemini Bot** | Code quality, style, logic issues | Read comments via `gh api`, fix code or reply explaining why it's fine, then comment `/gemini review` to trigger a fresh pass | -| **Codecov** | Test coverage thresholds | Add missing tests, ensure new code is covered. Check the Codecov report for uncovered lines | -| **SonarCloud** | Security hotspots, code smells, duplications, bugs | Fix flagged issues — especially security hotspots and duplications. Resolve quality gate failures before merging | +### GitHub Actions CI (merge-blocking) + +The `CI` workflow runs four jobs on every push and PR targeting `main` or `wildlife-reid`: + +| Job | What it checks | +|---|---| +| `typecheck` | `tsc --noEmit` | +| `test` | Jest unit + integration tests with coverage | +| `lint` | ESLint + `gradlew :app:lintDebug` + SwiftLint | +| `android-build` | Full debug Gradle build | + +If any job fails, fix locally (re-run `npx tsc --noEmit && npm test && npm run lint` to mirror CI), push, and wait for the next run. + +### Gemini Code Assist (advisory) + +Auto-reviews every PR on open and on `/gemini review`. Posts a summary comment plus line-level review comments tagged by severity. **Workflow:** -1. Push code → wait for all three reviewers to report -2. Pull down Gemini comments, Codecov report, and SonarCloud findings -3. Fix issues: code changes for Gemini/SonarCloud, add tests for Codecov -4. Re-run local quality gates (`npm run lint && npm test && npx tsc --noEmit`) -5. Push fixes, comment `/gemini review` on the PR to re-trigger Gemini -6. Repeat until all three reviewers pass with no blocking issues +1. Push → wait for the Gemini summary + comments to land (~1-2 min after PR open or `/gemini review`). +2. Pull down comments: `gh api repos/{owner}/{repo}/pulls/{number}/comments` and `.../reviews`. +3. Address every comment — fix the code, or reply on the comment thread explaining why it's a non-issue. Resolve the conversation. +4. Re-run pre-commit gates locally, push fixes. +5. Comment `/gemini review` on the PR to trigger a fresh pass. +6. Repeat until Gemini's findings are addressed. + +Gemini findings are advisory — they don't block merge themselves, but unaddressed legitimate findings should block merge in human review. + +### Codex 5.5 (on-demand second opinion) + +Use for scoped deep reviews when warranted (foundational PRs, risky refactors, pre-merge sanity passes). Not part of the routine PR loop. + +```bash +codex exec -s read-only --skip-git-repo-check "" +``` + +File substantive findings to `kb/wildlife-reid-mobile/outputs/reports/`. + +### Human review (final gate) + +Final approval required before merging into `wildlife-reid` or `main`. + +### Not currently installed + +Codecov and SonarCloud are referenced in some upstream docs but are **not** wired up on this fork. If reinstated later, document them here. CodeQL (free, one-click at `Settings → Code security`) is a reasonable alternative if SAST is desired. From 5819fc185af0551d8582cec9a06ea7d4956d3ee3 Mon Sep 17 00:00:00 2001 From: JasonWildMe Date: Sat, 25 Apr 2026 09:19:44 -0700 Subject: [PATCH 2/2] docs: address Gemini review on CI loop section MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Two medium-priority comments from Gemini: - Use {number} placeholder consistently in step 3 (was ); also note that gh pr checks works without args from the PR branch. - Replace the single 'mirror CI' command with a per-job table — `npm test` actually chains Android + iOS via package.json, which is slower than just `npx jest` and platform-locked. Also added android-build's local equivalent. Co-Authored-By: Claude Opus 4.7 (1M context) --- CLAUDE.md | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/CLAUDE.md b/CLAUDE.md index 77a0d19e..63e57416 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -23,7 +23,7 @@ When asked to push code, follow this full workflow: 0. ensure that you are on a branch that is specific to this change i.e feat/new-feature or fix/bug-fix or docs/update-readme or chore/update-dependencies, or test/new-test, etc 1. Push the branch to the remote (`git push -u origin `) 2. Create a PR using `gh pr create`. Ensure that you are adhering to the PR template. **Do NOT include "Generated with Claude Code" or any AI attribution in PR descriptions.** -3. Wait for GitHub Actions CI to start. Poll with `gh pr checks ` until all four jobs (`typecheck`, `test`, `lint`, `android-build`) report a status. If any fail, fix and re-push before reading reviewer comments. +3. Wait for GitHub Actions CI to start. Poll with `gh pr checks {number}` (or `gh pr checks` from the PR's branch) until all four jobs (`typecheck`, `test`, `lint`, `android-build`) report a status. If any fail, fix and re-push before reading reviewer comments. 4. Once CI is green, wait for Gemini to post (`gh api repos/{owner}/{repo}/pulls/{number}/comments` + `.../reviews`). 5. Address every Gemini review comment — fix the code, or reply on the thread explaining why it's fine. Resolve the conversation either way. 6. Push the fixes; pre-commit gates re-run. Comment `/gemini review` to re-trigger Gemini. @@ -45,7 +45,14 @@ The `CI` workflow runs four jobs on every push and PR targeting `main` or `wildl | `lint` | ESLint + `gradlew :app:lintDebug` + SwiftLint | | `android-build` | Full debug Gradle build | -If any job fails, fix locally (re-run `npx tsc --noEmit && npm test && npm run lint` to mirror CI), push, and wait for the next run. +If any job fails, fix locally and push. Per-job mirror commands: + +| CI job | Local equivalent | +|---|---| +| `typecheck` | `npx tsc --noEmit` | +| `test` | `npx jest --coverage --forceExit` (just the JS suite — `npm test` also chains Android + iOS, which is slower and platform-locked) | +| `lint` | `npm run lint` (ESLint + Android lint + SwiftLint) | +| `android-build` | `cd android && ./gradlew :app:assembleDebug` (heavy; usually fine to let CI catch it) | ### Gemini Code Assist (advisory)