Test: gh CLI access in GitHub Actions

[R44VC0RP]

This PR tests the selective bash allowlist for gh CLI commands in the GitHub Action workflow.

What to test:

When the bot is triggered with /oc, it should be able to:

• ✅ Run gh issue list
• ✅ Run gh pr list
• ✅ Run gh search issues <query>
• ✅ Run gh search prs <query>
• ❌ NOT run other bash commands (should be denied)

Expected workflow permissions:

OPENCODE_PERMISSION: '{"bash": {"gh issue *": "allow", "gh pr *": "allow", "gh search *": "allow", "*": "deny"}}'

Reply with /oc to trigger the test!

Summary by CodeRabbit

• Documentation
  • Added GitHub CLI testing documentation.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[github-actions]

Hey! Your PR title Test: gh CLI access in GitHub Actions doesn't follow conventional commit format.

Please update it to start with one of:

• feat: or feat(scope): new feature
• fix: or fix(scope): bug fix
• docs: or docs(scope): documentation changes
• chore: or chore(scope): maintenance tasks
• refactor: or refactor(scope): code refactoring
• test: or test(scope): adding or updating tests

Where scope is the package name (e.g., app, desktop, opencode).

See CONTRIBUTING.md for details.

[R44VC0RP]

/oc Please test the gh CLI functionality:

1. Run gh pr list --limit 5 to list the most recent PRs
2. Run gh search issues "test" --limit 3 to search for issues containing 'test'
3. Try to run ls (this should fail/be denied)

Show me the results of each command.

[coderabbitai]

📝 Walkthrough

Walkthrough

A new documentation file has been added to provide information about testing the GitHub CLI (gh) with selective bash allowlist commands in GitHub Actions workflows.

Changes

Cohort / File(s)	Summary
Documentation TEST_GH_CLI.md	New file documenting gh CLI testing for selective bash allowlist commands in GitHub Actions

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐰 A new doc hops into sight,
Testing gh CLI with all its might,
Allowlist rules so carefully drawn,
Actions flow from dusk to dawn! 🌙✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Description check	❓ Inconclusive	The description provides detailed testing scenarios and expected permissions, but does not follow the required template structure with explicit 'What does this PR do?' and 'How did you verify your code works?' sections.	Restructure the description to follow the template format with proper section headings: 'What does this PR do?' and 'How did you verify your code works?'

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change - adding a test file for GitHub CLI access in GitHub Actions.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}