Skip to content

Add contributor docs and CI #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Zavianx wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add contributor docs and CI #6

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 33 additions & 0 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
name: CI

on:
push:
branches:
- main
pull_request:

env:
CARGO_TERM_COLOR: always

jobs:
rust:
name: Rust
runs-on: ubuntu-latest

Comment on lines +3 to +16
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot May 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Set explicit workflow token permissions (least privilege).

Add top-level permissions so this job only gets read access it needs; this reduces CI token blast radius if an action/step is compromised.

Suggested change 
 name: CI
 
 on:
   push:
     branches:
       - main
   pull_request:
 
+permissions:
+  contents: read
+
 env:
   CARGO_TERM_COLOR: always
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
on:
push:
branches:
- main
pull_request:
env:
CARGO_TERM_COLOR: always
jobs:
rust:
name: Rust
runs-on: ubuntu-latest
on:
push:
branches:
- main
pull_request:
permissions:
contents: read
env:
CARGO_TERM_COLOR: always
jobs:
rust:
name: Rust
runs-on: ubuntu-latest
🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/ci.yml around lines 3 - 16, Add a top-level permissions
block to the workflow (at the same level as on, env, jobs) to restrict the token
to least privilege — e.g., add permissions: contents: read — so the job (jobs ->
rust) only receives read access; ensure no job-level overrides grant broader
rights.

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Install Rust
run: |
rustup toolchain install stable --profile minimal --component rustfmt,clippy
rustup default stable

- name: Check formatting
run: cargo fmt --all -- --check

- name: Run clippy
run: cargo clippy --all-targets -- -D warnings

- name: Run tests
run: cargo test
51 changes: 51 additions & 0 deletions CONTRIBUTING.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
# Contributing

Thanks for taking the time to improve `iii-code`.

`iii-code` is intentionally a thin Rust CLI over the installed `iii` binary and
the public worker stack. Contributions should preserve that boundary: prefer
terminal UX, payload construction, diagnostics, and documentation changes over
embedding another agent runtime in this repository.

## Development Setup

Install the Rust stable toolchain, then check the project locally:

```bash
cargo fmt --all -- --check
cargo clippy --all-targets -- -D warnings
cargo test
```

The default test suite does not require a running `iii` engine. The ignored
smoke test exercises the real engine and worker stack:

```bash
cp config.example.yaml config.yaml
iii worker add harness
iii
cargo test -- --ignored
```

Run `iii` from the repository root so the example shell filesystem settings are
jailed to the same directory as the checkout.

## Pull Requests

Keep pull requests focused and include:

- the user-facing behavior or documentation change
- the commands you ran, including skipped checks if any
- any required `iii` engine, worker, or provider credential assumptions

Good first changes include:

- README and troubleshooting improvements
- CLI formatting and diagnostics
- tests for argument parsing, payload construction, event rendering, and error
redaction
- small terminal UX improvements listed in
[docs/feature-parity-gaps.md](docs/feature-parity-gaps.md)

Before opening a larger feature, start with an issue or discussion so the
worker boundary and public `iii` contracts are clear.
50 changes: 49 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,32 @@ The boundary is the public `iii` CLI and worker functions:
cargo install --path .
```

## Quickstart

Use this path when you want to try the CLI against a local `iii` engine:

```bash
git clone https://github.com/rohitg00/iii-code
cd iii-code
cp config.example.yaml config.yaml
export ANTHROPIC_API_KEY=...
export OPENAI_API_KEY=...
iii worker add harness
iii
```

Then, in another terminal from the same repository:

```bash
cargo run -- setup
cargo run -- doctor
cargo run -- chat "inspect this repo and suggest the first cleanup"
```

At least one supported provider credential is required. Start `iii` from the
repository root so the example shell filesystem configuration points at the
same checkout.

## Prerequisites

- latest `iii` CLI on `PATH`
Expand Down Expand Up @@ -275,6 +301,24 @@ iii-code doctor
iii-code models
```

## Troubleshooting

If `iii worker list` shows workers as `stopped`, confirm the `iii` engine is
still running in another terminal. The list should change to `running` while
the engine process is active.

If `shell::fs::ls` reports `S215 path escapes host_root`, stop `iii`, restart
it from the `iii-code` repository root, and rerun `iii-code doctor`. The sample
configuration uses `.` for both `shell.fs.host_root` and `shell.working_dir`.

If setup reports a harness SHA256 failure, keep reading the output. The CLI
falls back to installing the core worker stack individually so local testing can
continue while the upstream harness artifact is fixed.

If `doctor` reports missing provider auth, export `OPENAI_API_KEY` or
`ANTHROPIC_API_KEY` and rerun `iii-code setup`. One provider is enough for
single-provider use.

## Development

Fresh upstream references were cloned from:
Expand All @@ -288,10 +332,14 @@ checkout paths.
Feature parity notes live in [docs/feature-parity-gaps.md](docs/feature-parity-gaps.md).

```bash
cargo fmt --all -- --check
cargo clippy --all-targets -- -D warnings
cargo test
cargo clippy -- -D warnings
cargo test -- --ignored
```

Ignored tests require a running iii engine, installed workers, and provider
credentials.

See [CONTRIBUTING.md](CONTRIBUTING.md) for pull request expectations and local
validation details.