feat: add OpenCode integration for decision-record pipeline#6
Conversation
- Add opencode.json with MCP server registration, agent definitions, and /plan command - Add .opencode/agents/dr-wizard.md (primary orchestrator agent) - Add .opencode/agents/dr-skeptic.md (subagent for decision review) - Add .opencode/agents/dr-decomposer.md (subagent for task decomposition) - Add .opencode/commands/plan.md (pipeline command adapted for opencode) All changes are additive and maintain compatibility with existing Claude Code configs.
Automates adding the decision-record pipeline to an existing project: 1. Validates prerequisites (node >= 20, npm, opencode) 2. Copies opencode.json and .opencode/ (agents + commands) 3. Copies MCP server source into target/server/ 4. Installs dependencies and builds the MCP server 5. Validates opencode configuration 6. Runs smoke test against MCP server (init + tool listing) Usage: ./setup-opencode.sh [target-dir] Idempotent: warns and confirms before overwriting existing files, skips server/ copy if already present.
|
Warning Rate limit exceeded
You’ve run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Run ID: ⛔ Files ignored due to path filters (2)
📒 Files selected for processing (3)
WalkthroughThis PR introduces a complete infrastructure for an OpenCode-based decision-record planning pipeline. It adds three orchestrated agents ( ChangesDecision-Record Planning Pipeline
🎯 3 (Moderate) | ⏱️ ~25 minutes 🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 4
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.opencode/agents/dr-skeptic.md:
- Line 2: The prompt contains a contradiction between the description saying
“one or more lenses” and the later rule that requires a single lens per
invocation; make them consistent by choosing the single‑lens model: update the
description text so it states that the agent evaluates a single specified lens
(operational, strategic, security, cost, or user‑impact) and revise any wording
that permits multiple lenses (e.g., the phrase “one or more lenses” and any
related sentence) to require exactly one lens per call so orchestration is
deterministic; ensure references to “verdict” and “concerns” remain tied to that
single lens.
In `@opencode.json`:
- Around line 19-29: The permission block in opencode.json grants overly-broad
rights (e.g., "bash", "edit", "glob", "grep", "task", "todowrite",
"decision-record_*")—restrict these to least privilege for the DR pipeline by
removing any tool scopes not required by the documented workflow and only
keeping minimal entries like "read" and the specific capability names the
pipeline actually needs; update every similar permission object (the other
blocks mentioned) to mirror the tightened set and validate that callers of the
permissioned features (check code referencing the "permission" object) still
function with the reduced rights.
In `@setup-opencode.sh`:
- Around line 134-136: The success message "opencode.json syntax validated
(JSON)" is misleading when opencode is missing; change the behavior in the block
that currently calls warn "opencode not installed — skipping config validation"
and ok "opencode.json syntax validated (JSON)" so that either (A) perform a real
JSON parse (e.g., run python3 -m json.tool or jq to validate opencode.json
before emitting ok) or (B) replace the ok message with a clear skip message like
"opencode.json validation skipped (opencode not installed)"; update the branch
that uses warn and ok to implement one of these fixes and ensure the strings
"opencode.json syntax validated (JSON)" and "opencode not installed — skipping
config validation" are adjusted accordingly.
- Around line 128-132: The script currently masks failures by appending "||
true" to the opencode models call; instead run opencode models capturing
stdout/stderr into VALIDATION_OUTPUT and capture its exit code ($?), then if the
exit code is non‑zero call fail with a message that includes VALIDATION_OUTPUT
(use the same fail function) and only if the exit code is zero proceed to
inspect VALIDATION_OUTPUT with grep for "error|invalid" and call fail or ok
accordingly; update references to VALIDATION_OUTPUT, the opencode models
invocation, and the fail/ok calls to implement this exit‑code first logic.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: 75a11a6a-0406-479b-b789-ac628ad9cdfe
📒 Files selected for processing (6)
.opencode/agents/dr-decomposer.md.opencode/agents/dr-skeptic.md.opencode/agents/dr-wizard.md.opencode/commands/plan.mdopencode.jsonsetup-opencode.sh
| @@ -0,0 +1,65 @@ | |||
| --- | |||
| description: Antagonistic reviewer for decision records. Given a DR with a selected position and argument, returns a verdict (pass/block) and concerns from one or more lenses (operational, strategic, security, cost, user-impact). | |||
There was a problem hiding this comment.
Resolve lens-scope contradiction in the prompt.
Line 2 allows “one or more lenses,” but Line 59 requires one lens per invocation. Please make these consistent so orchestration behavior is deterministic.
Also applies to: 59-59
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In @.opencode/agents/dr-skeptic.md at line 2, The prompt contains a
contradiction between the description saying “one or more lenses” and the later
rule that requires a single lens per invocation; make them consistent by
choosing the single‑lens model: update the description text so it states that
the agent evaluates a single specified lens (operational, strategic, security,
cost, or user‑impact) and revise any wording that permits multiple lenses (e.g.,
the phrase “one or more lenses” and any related sentence) to require exactly one
lens per call so orchestration is deterministic; ensure references to “verdict”
and “concerns” remain tied to that single lens.
| "permission": { | ||
| "read": "allow", | ||
| "edit": "allow", | ||
| "bash": "allow", | ||
| "glob": "allow", | ||
| "grep": "allow", | ||
| "list": "allow", | ||
| "task": "allow", | ||
| "todowrite": "allow", | ||
| "decision-record_*": "allow" | ||
| } |
There was a problem hiding this comment.
Tighten agent permissions to least privilege before release.
Current permissions grant broad capabilities (bash, edit, webfetch) that are not required by the documented pipeline flow. This increases blast radius if an agent is prompt-injected or misused. Restrict each agent to only the tools it must use for the DR workflow.
Also applies to: 36-44, 51-60
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@opencode.json` around lines 19 - 29, The permission block in opencode.json
grants overly-broad rights (e.g., "bash", "edit", "glob", "grep", "task",
"todowrite", "decision-record_*")—restrict these to least privilege for the DR
pipeline by removing any tool scopes not required by the documented workflow and
only keeping minimal entries like "read" and the specific capability names the
pipeline actually needs; update every similar permission object (the other
blocks mentioned) to mirror the tightened set and validate that callers of the
permissioned features (check code referencing the "permission" object) still
function with the reduced rights.
| VALIDATION_OUTPUT=$(opencode models 2>&1 || true) | ||
| if echo "$VALIDATION_OUTPUT" | grep -qi "error\|invalid"; then | ||
| fail "opencode config validation failed:\n$VALIDATION_OUTPUT" | ||
| fi | ||
| ok "opencode configuration is valid" |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/usr/bin/env bash
# Verify whether this repo currently ignores opencode validation exit codes.
# Expected: find the `|| true` usage in setup-opencode.sh at validation step.
rg -n -C2 'opencode models|\\|\\| true|VALIDATION_OUTPUT' setup-opencode.shRepository: protoLabsAI/protoLedger
Length of output: 639
Do not ignore opencode models exit status.
The || true on line 128 suppresses command failures, allowing validation to pass even when CLI validation fails without matching the grep pattern. Check the exit code first, then inspect output if needed.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@setup-opencode.sh` around lines 128 - 132, The script currently masks
failures by appending "|| true" to the opencode models call; instead run
opencode models capturing stdout/stderr into VALIDATION_OUTPUT and capture its
exit code ($?), then if the exit code is non‑zero call fail with a message that
includes VALIDATION_OUTPUT (use the same fail function) and only if the exit
code is zero proceed to inspect VALIDATION_OUTPUT with grep for "error|invalid"
and call fail or ok accordingly; update references to VALIDATION_OUTPUT, the
opencode models invocation, and the fail/ok calls to implement this exit‑code
first logic.
| warn "opencode not installed — skipping config validation" | ||
| ok "opencode.json syntax validated (JSON)" | ||
| fi |
There was a problem hiding this comment.
Remove the false “JSON validated” success message.
When opencode is missing, no JSON parse is performed, but Line 135 reports successful syntax validation. Either run an actual parser check (e.g., python3 -m json.tool) or change the message to “validation skipped.”
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@setup-opencode.sh` around lines 134 - 136, The success message "opencode.json
syntax validated (JSON)" is misleading when opencode is missing; change the
behavior in the block that currently calls warn "opencode not installed —
skipping config validation" and ok "opencode.json syntax validated (JSON)" so
that either (A) perform a real JSON parse (e.g., run python3 -m json.tool or jq
to validate opencode.json before emitting ok) or (B) replace the ok message with
a clear skip message like "opencode.json validation skipped (opencode not
installed)"; update the branch that uses warn and ok to implement one of these
fixes and ensure the strings "opencode.json syntax validated (JSON)" and
"opencode not installed — skipping config validation" are adjusted accordingly.
- README.md: Add OpenCode as third interface option, update directory structure - docs/how-to/install.md: Add full OpenCode installation section with quick install, script steps, after-install usage, and manual install instructions - docs/README.md: Add OpenCode install link to how-to index - CONTRIBUTING.md: Mention OpenCode in project description and add as contribution area - docs/tutorials/your-first-plan.md: Add OpenCode as alternative to CLI in prerequisites and next steps
2 participants
Summary
Adds full OpenCode support to the decision-record planning pipeline. All changes are additive — existing Claude Code configs remain untouched.
Files Added
opencode.json/plancommand, default agent.opencode/agents/dr-wizard.md.opencode/agents/dr-skeptic.md.opencode/agents/dr-decomposer.md.opencode/commands/plan.md/plancommand adapted for OpenCodesetup-opencode.shKey Adaptations from Claude Code
type: "local"withcommandarray instead of.mcpServerspermission:system with allow/deny instead oftools:listanthropic/claude-sonnet-4-20250514instead ofsonnet@dr-skepticsyntax instead ofTask(subagent_type: ...)Setup Script
setup-opencode.shautomates adding the pipeline to any existing project:Runs 6 steps: prerequisite check → copy configs → copy server → build → validate → smoke test.
Testing
opencode run --model opencode-go/kimi-k2.5— dr-wizard loads, MCP connects, intake startsSummary by CodeRabbit
New Features
/plancommand for idea-to-MVP workflows with five gated phases.Documentation
Chores