Epic A: Workflow & CI Governance (Sprint 1) by arii · Pull Request #9708 · arii/hrm

arii · 2026-04-22T18:30:10Z

This PR implements the full set of requirements for Epic A — Workflow & CI Governance (Sprint 1).

Key changes:

Deterministic Gating: .github/workflows/pr-quality.yml now enforces ESLint, TypeScript, and Knip as a mandatory pass before any AI review. Failing checks post a diagnostic PR comment with truncated logs.
AI Gate Decision: Implemented logic to skip Gemini for low-risk PRs, drafts, and synchronize events. AI is only invoked for risk files (e.g., server.ts), explicit labels (ai:required), or manual force.
Jules Direct Mode: Updated jules_ops.py to support --mode direct which skips debt-issue creation. Safety gates block direct mode on deterministic failure or risk path touches.
Architectural Linting: Added no-restricted-imports to eslint.config.mjs to prevent leaking transport logic (ws) or server-only modules into the frontend component tree.
Workflow Governance: Removed 4 legacy/broken workflows and added ownership headers to all remaining files. Updated references in conflict-resolver.yml and comment-ops.yml.
Telemetry: Added telemetry fields to the AI gate summary.

Verified via local linting, type-checking, unit tests, and CLI dry-runs.

PR created automatically by Jules for task 6406265858478681059 started by @arii

- Consolidate CI orchestration into pr-quality.yml with deterministic gates. - Implement ai_gate_decision to reduce Gemini AI usage. - Add Jules --mode direct with safety gates for risk paths. - Enforce architectural boundary lint rules for transport and server-only modules. - Clean up legacy workflows (pr-orchestrator, auto-fix, etc.) and add ownership metadata. - Update PR template with new Sprint 1 checklist. Co-authored-by: arii <342438+arii@users.noreply.github.com>

google-labs-jules · 2026-04-22T18:30:11Z

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

For security, I will only act on instructions from the user who triggered this task.

github-actions · 2026-04-22T18:30:19Z

👋 Welcome to HRM!

Thanks for your contribution. This repository uses Gemini AI for automated triage, code review, and generation.

🤖 Gemini Manual Trigger Quick Reference

Command	Action
`@gemini-bot`	Run AI Code Review (PR only)

For more details, see the Manual Trigger Guide.

github-actions · 2026-04-22T18:31:35Z

AI Gate Decision

run_ai: false
reason: draft_skip

Telemetry

deterministic_fail: false
ai_skipped: true
ai_invoked: false
tokens_used: N/A

arii

update jules session manager to go through bot command orchestrator so we dont have duplicate sessions

also remove the gemini-coder workflow since it doesnt work

arii · 2026-04-22T18:33:49Z

@codex

chatgpt-codex-connector

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 8036e0acee

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

Open a pull request for review
Mark a draft as ready
Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

chatgpt-codex-connector · 2026-04-22T18:38:36Z

+    parser.add_argument("--deterministic-passed", default="true", help="Whether deterministic checks passed.")
+    parser.add_argument("--changed-files", help="Comma-separated list of changed files.")


Fail closed for direct-mode safety inputs

Direct mode safety checks currently fail open: --deterministic-passed defaults to "true", and risk-path blocking only runs when --changed-files is explicitly provided. In the new @jules-new --direct path, callers can omit both inputs, so direct mode is allowed even when deterministic checks failed or high-risk files changed, which bypasses the guardrails this change is meant to enforce.

Useful? React with 👍 / 👎.

chatgpt-codex-connector · 2026-04-22T18:38:36Z

+      pr_number: ${{ github.event.pull_request.number }}
+      last_non_empty_commit: ${{ github.event.pull_request.head.sha }}


Pass PR context when invoking reusable Gemini review

This workflow is now triggered by workflow_dispatch, but it always forwards github.event.pull_request.* to the reusable review job. On dispatch runs (including the new conflict-resolver trigger), those fields are empty, so downstream review logic cannot resolve PR/SHAs and forced AI review does not execute correctly. This needs dispatch-safe inputs (or PR lookup) before calling reusable-gemini-review.yml.

Useful? React with 👍 / 👎.

chatgpt-codex-connector · 2026-04-22T18:38:36Z

+          # Find the most recent successful run of 'PR Quality' (pr-quality.yml) for this branch.
          # This workflow produces the 'review-result' artifact.
-          RUN_ID=$(gh run list --workflow pr-orchestrator.yml --branch "$BRANCH" --status success --limit 1 --json databaseId -q '.[0].databaseId')
+          RUN_ID=$(gh run list --workflow pr-quality.yml --branch "$BRANCH" --status success --limit 1 --json databaseId -q '.[0].databaseId')


Choose a run with review artifacts for issue creation

Manual @create-review-issues now selects the latest successful pr-quality.yml run, but successful PR Quality runs can skip Gemini (run_ai=false) and therefore produce no review-result artifact. Because RUN_ID is already set, the fallback to Bot Command Orchestrator is skipped, so issue creation often targets a run that has nothing to convert into issues.

Useful? React with 👍 / 👎.

github-actions · 2026-04-22T18:49:00Z

AI Gate Decision

run_ai: false
reason: draft_skip

Telemetry

deterministic_fail: false
ai_skipped: true
ai_invoked: false
tokens_used: N/A

@arii

- Consolidate CI orchestration into pr-quality.yml with deterministic gates (ESLint, TSC, Knip). - Implement ai_gate_decision logic to reduce Gemini AI usage based on risk, labels, and event types. - Add invocation capping for Gemini (1 default, 2 with ai:required label). - Enhance Jules CLI (jules_ops.py) with --mode audit|direct and safety gates for sensitive paths. - Update jules-session-manager.yml to enforce safety gates and alignment with direct mode. - Implement architectural boundary lint rules to block forbidden transport and server-only imports. - Create docs/IMPORT_GUIDELINES.md for architectural compliance. - Cleanup legacy workflows and add mandatory ownership (@arii) and metrics metadata. - Update pull_request_template.md with Sprint 1 checklist. Co-authored-by: arii <342438+arii@users.noreply.github.com>

github-actions · 2026-04-22T20:09:50Z

AI Gate Decision

run_ai: true
reason: risk_file_changed

Telemetry

deterministic_fail: false
ai_skipped: false
ai_invoked: true
tokens_used: N/A

github-actions · 2026-04-22T20:10:09Z

🤖 Gemini Review Skipped

Review was skipped for the following reason: Gemini review is globally disabled

		parser.add_argument("--deterministic-passed", default="true", help="Whether deterministic checks passed.")
		parser.add_argument("--changed-files", help="Comma-separated list of changed files.")

		pr_number: ${{ github.event.pull_request.number }}
		last_non_empty_commit: ${{ github.event.pull_request.head.sha }}

Conversation

arii commented Apr 22, 2026

Uh oh!

google-labs-jules Bot commented Apr 22, 2026

Uh oh!

github-actions Bot commented Apr 22, 2026

👋 Welcome to HRM!

🤖 Gemini Manual Trigger Quick Reference

Uh oh!

github-actions Bot commented Apr 22, 2026

AI Gate Decision

Telemetry

Uh oh!

arii left a comment

Choose a reason for hiding this comment

Uh oh!

arii commented Apr 22, 2026

Uh oh!

chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

💡 Codex Review

Uh oh!

chatgpt-codex-connector Bot Apr 22, 2026

Choose a reason for hiding this comment

Uh oh!

chatgpt-codex-connector Bot Apr 22, 2026

Choose a reason for hiding this comment

Uh oh!

chatgpt-codex-connector Bot Apr 22, 2026

Choose a reason for hiding this comment

Uh oh!

github-actions Bot commented Apr 22, 2026

AI Gate Decision

Telemetry

Uh oh!

github-actions Bot commented Apr 22, 2026

AI Gate Decision

Telemetry

Uh oh!

github-actions Bot commented Apr 22, 2026

🤖 Gemini Review Skipped

🤖 Gemini Manual Trigger Guide

Uh oh!

github-actions Bot commented Apr 22, 2026

AI Gate Decision

Telemetry

Uh oh!

github-actions Bot commented Apr 22, 2026

🤖 Gemini Review Skipped

🤖 Gemini Manual Trigger Guide

Uh oh!

github-actions Bot commented Apr 22, 2026

AI Gate Decision

Telemetry

Uh oh!

github-actions Bot commented Apr 22, 2026

🤖 Gemini Review Skipped

🤖 Gemini Manual Trigger Guide

Uh oh!

github-actions Bot commented Apr 22, 2026

AI Gate Decision

Telemetry

Uh oh!

github-actions Bot commented Apr 22, 2026

🤖 Gemini Review Skipped

🤖 Gemini Manual Trigger Guide

Uh oh!

github-actions Bot commented Apr 22, 2026

AI Gate Decision

Telemetry

Uh oh!

github-actions Bot commented Apr 22, 2026

🤖 Gemini Review Skipped

🤖 Gemini Manual Trigger Guide

Uh oh!

github-actions Bot commented May 8, 2026

AI Gate Decision

Telemetry

Uh oh!

github-actions Bot commented May 8, 2026