feat: add gitlab

[kasin-it]

Summary by CodeRabbit

• New Features

  • Added GitLab as a supported VCS provider alongside GitHub
  • Support for custom commit messages when pushing changes

• Documentation

  • Updated environment example with GitLab configuration and provider selection instructions

• Refactor

  • VCS configuration and adapter selection made provider-agnostic; sandbox/workflow now use unified VCS URLs and auth
  • Improved sandbox logging with structured warnings and info

• Tests

  • Added/expanded tests covering GitLab flows and multi-provider validation

[chatgpt-codex-connector]

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR adds multi-provider VCS support by introducing a GitLab adapter and wiring a provider-agnostic VCS abstraction across env validation, adapter construction, sandbox operations, and workflows. It includes new runtime dependency, tests for GitLab flows, and URL/credential normalization utilities.

Changes

Cohort / File(s)	Summary
Configuration & Validation \.env.example, env.ts, env.test.ts	Added commented GitLab env vars and VCS_KIND docs; VCS_KIND can be `"github"
VCS Adapter Types & GitHub src/adapters/vcs/types.ts, src/adapters/vcs/github.ts	Extended VCSAdapter.push(..., options?) to accept optional message?: string; GitHub adapter uses provided message when present.
GitLab Adapter & Tests src/adapters/vcs/gitlab.ts, src/adapters/vcs/gitlab.test.ts	Added GitLabAdapter (implements branch creation, push, PRs, comments, check-run mapping, conflict detection) using @gitbeaker/rest; comprehensive tests including error-path normalization and log fetching.
VCS Factory & Wiring src/lib/create-vcs.ts, src/lib/adapters.ts, src/lib/step-adapters.ts	Added createVCS() factory that calls getVcsConfig() and returns either GitLabAdapter or GitHubAdapter; replaced direct GitHub instantiations with factory usage.
Sandbox config & URL helpers src/sandbox/manager.ts, src/sandbox/manager.test.ts	Refactored SandboxConfig to provider-agnostic { kind, token, repoPath, host }; added buildVcsUrls() to derive clone/auth URLs and updated tests to new shape.
Sandbox Git operations src/sandbox/poll-agent.ts, src/sandbox/poll-agent.test.ts	Switched remote/clone URL construction to use getVcsConfig() + buildVcsUrls(); token injection/strip flows retained but generalized; tests updated to assert GitLab OAuth2 URL format.
Agent workflow usage src/workflows/agent.ts	Now uses getVcsConfig() and baseBranch from VCS config; added numeric-repoPath validation for GitLab in provisioning.
Dependency package.json	Added runtime dependency @gitbeaker/rest.

Sequence Diagram(s)

sequenceDiagram
  participant App as App (startup)
  participant Env as getVcsConfig()
  participant Factory as createVCS()
  participant Adapter as VCS Adapter
  participant RemoteAPI as GitHub/GitLab API

  App->>Env: read VCS_KIND + provider envs
  Env-->>App: validated VcsConfig
  App->>Factory: createVCS(vcsConfig)
  Factory-->>Adapter: instantiate GitHubAdapter or GitLabAdapter
  App->>Adapter: push/createPR/getChecks...
  Adapter->>RemoteAPI: call REST API (commits/branches/MRs/pipelines)
  RemoteAPI-->>Adapter: responses / errors
  Adapter-->>App: domain-shaped results or FatalError

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• feat: implement new agent flow #43 — Overlaps sandbox/agent orchestration and VCS abstraction usage in workflows.
• feat: push inside the sandbox #40 — Related refactor of sandbox push/push-retry flows that this PR generalizes for multi-provider support.
• Aiw 16 cicd info #38 — Related work adding check-run/result mapping on adapters; this PR implements GitLab mapping.

Poem

🐰 I hopped through env and adapter lands,

GitHub and GitLab now hold hands,
Branches, PRs, and URLs aligned,
Tokens tucked where they belong—refined,
A carrot-shaped commit: hooray, designs! 🥕

🚥 Pre-merge checks | ✅ 2

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'feat: add gitlab' clearly summarizes the main change in the changeset: adding GitLab support as a VCS provider alongside the existing GitHub implementation.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch AIW-13-gitlab-integration

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 5

🧹 Nitpick comments (1)

src/sandbox/poll-agent.test.ts (1)

34-40: Add a GitLab-mode test case for URL/auth behavior.

This mock only exercises GitHub. Since this PR introduces multi-provider VCS, add one test variant with kind: "gitlab" to verify push flow uses GitLab auth semantics (especially oauth2 auth user and custom host handling).

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/sandbox/poll-agent.test.ts` around lines 34 - 40, Add a second test
variant in poll-agent.test.ts that exercises GitLab semantics by modifying the
existing getVcsConfig mock to include a case where kind: "gitlab", host is a
GitLab URL, and token/auth fields reflect OAuth2 (e.g., auth user "oauth2" or
equivalent) so the push flow uses GitLab auth handling; update the test that
exercises the push flow (the test invoking getVcsConfig) to run against both the
GitHub mock and the new GitLab mock and assert that the push step uses the
GitLab-specific auth user and host behavior.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.env.example:
- Around line 19-24: Update the .env.example to avoid duplicate VCS_KIND entries
by removing or commenting out the existing VCS_KIND=github line (the existing
VCS_KIND variable) before presenting the GitLab block (GITLAB_TOKEN,
GITLAB_PROJECT_ID, GITLAB_BASE_BRANCH, GITLAB_HOST) so the example never
contains two active VCS_KIND keys; alternatively present the GitLab block as a
clear replacement snippet that instructs the user to swap the VCS_KIND value
rather than uncommenting a second VCS_KIND.

In `@src/adapters/vcs/gitlab.ts`:
- Around line 18-20: The GitLab diff note position currently only models
new_path/new_line; update the GitLabNotePosition interface to also include
optional old_path?: string and old_line?: number, and then change the code that
computes comment anchors (the logic that reads new_path/new_line — the
note-to-anchor mapping where you previously used new_path/new_line) to fall back
to old_path/old_line when new_* are undefined (i.e., use new_path || old_path
and new_line ?? old_line) so comments on deleted lines get proper anchors.

In `@src/lib/create-vcs.ts`:
- Around line 16-19: The current destructuring of vcs.repoPath into const
[owner, repo] = vcs.repoPath.split("/") allows extra segments like
"owner/repo/extra"; update the parsing in create-vcs.ts to first split
vcs.repoPath and assert that the result has exactly two parts before assigning
owner and repo (rejecting or throwing a clear error otherwise), referencing the
existing vcs.repoPath, owner, and repo identifiers when implementing the
stricter validation and error message.

In `@src/sandbox/manager.ts`:
- Around line 29-43: The authUrl currently hardcodes "https://" which can
mismatch cloneUrl when config.host includes a different scheme; update
buildVcsUrls to preserve the original scheme: derive the scheme from the
normalized host (e.g. const scheme = host.match(/^https?:\/\//)?.[0] ??
"https://") and use that scheme when constructing authUrl (instead of the fixed
"https://"), keeping the existing hostNoScheme, authUser, and repoPath
interpolation so cloneUrl and authUrl use the same scheme and host.

In `@src/workflows/agent.ts`:
- Around line 52-55: The code passes vcs.repoPath straight into SandboxManager
URL construction which can be a numeric GitLab project ID and produce invalid
clone/push URLs; in the function that builds/initializes SandboxManager
(referencing SandboxManager and the vcs object, specifically vcs.repoPath), add
a validation/resolution step: if vcs.host is a GitLab instance and vcs.repoPath
is purely numeric, either resolve the numeric project ID to its
namespace/project path via the GitLab API before using it, or fail-fast by
throwing/logging a clear error asking for a URL-safe namespace/project path;
ensure the constructed URL logic uses the validated path and surface a helpful
error if resolution fails.

---

Nitpick comments:
In `@src/sandbox/poll-agent.test.ts`:
- Around line 34-40: Add a second test variant in poll-agent.test.ts that
exercises GitLab semantics by modifying the existing getVcsConfig mock to
include a case where kind: "gitlab", host is a GitLab URL, and token/auth fields
reflect OAuth2 (e.g., auth user "oauth2" or equivalent) so the push flow uses
GitLab auth handling; update the test that exercises the push flow (the test
invoking getVcsConfig) to run against both the GitHub mock and the new GitLab
mock and assert that the push step uses the GitLab-specific auth user and host
behavior.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: a319a4c1-6eaf-4edb-baa9-cbb6a1b79714

📥 Commits

Reviewing files that changed from the base of the PR and between a8faccc and 6fd1b48.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (16)

• .env.example
• env.test.ts
• env.ts
• package.json
• src/adapters/vcs/github.ts
• src/adapters/vcs/gitlab.test.ts
• src/adapters/vcs/gitlab.ts
• src/adapters/vcs/types.ts
• src/lib/adapters.ts
• src/lib/create-vcs.ts
• src/lib/step-adapters.ts
• src/sandbox/manager.test.ts
• src/sandbox/manager.ts
• src/sandbox/poll-agent.test.ts
• src/sandbox/poll-agent.ts
• src/workflows/agent.ts

[coderabbitai]

🧹 Nitpick comments (1)

src/sandbox/manager.ts (1)

29-50: Scheme preservation fix looks correct, but consider validating host format.

The scheme extraction at lines 38-41 properly addresses the previous review concern about hardcoding https://. However, if host lacks a scheme (e.g., "github.com" instead of "https://github.com"), the function produces inconsistent URLs:

• cloneUrl → "github.com/owner/repo.git" (no scheme)
• authUrl → "https://oauth2:token@github.com/owner/repo.git" (with scheme)

Based on the test and .env.example, hosts are expected to include schemes, but this isn't enforced.

💡 Optional: Add validation for scheme presence

 export function buildVcsUrls(config: {
   kind: "github" | "gitlab";
   token: string;
   repoPath: string;
   host: string;
 }) {
   // Strip trailing slash for consistent URL joining.
   const host = config.host.replace(/\/+$/, "");
+  if (!/^https?:\/\//.test(host)) {
+    throw new Error(`VCS host must include scheme (http:// or https://), got: ${host}`);
+  }
   // Preserve the scheme from the configured host so cloneUrl and authUrl agree

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/sandbox/manager.ts` around lines 29 - 50, The buildVcsUrls function can
produce a cloneUrl without a scheme when config.host lacks one, causing cloneUrl
and authUrl to disagree; update buildVcsUrls to validate/normalize the host by
ensuring a scheme is present (e.g., if host has no /^https?:\/\//, prepend the
default scheme before computing host, scheme, hostNoScheme) so that cloneUrl and
authUrl are constructed consistently; specifically adjust the logic around the
host, scheme, and hostNoScheme variables used to form cloneUrl and authUrl (and
surface a clear error or throw if config.host is malformed) so callers of
buildVcsUrls always get URLs with matching schemes.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@src/sandbox/manager.ts`:
- Around line 29-50: The buildVcsUrls function can produce a cloneUrl without a
scheme when config.host lacks one, causing cloneUrl and authUrl to disagree;
update buildVcsUrls to validate/normalize the host by ensuring a scheme is
present (e.g., if host has no /^https?:\/\//, prepend the default scheme before
computing host, scheme, hostNoScheme) so that cloneUrl and authUrl are
constructed consistently; specifically adjust the logic around the host, scheme,
and hostNoScheme variables used to form cloneUrl and authUrl (and surface a
clear error or throw if config.host is malformed) so callers of buildVcsUrls
always get URLs with matching schemes.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 0b23c9e2-520f-44a6-9064-45c6ee34da7b

📥 Commits

Reviewing files that changed from the base of the PR and between 6fd1b48 and e7fb6c4.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (6)

• .env.example
• src/adapters/vcs/gitlab.ts
• src/lib/create-vcs.ts
• src/sandbox/manager.ts
• src/sandbox/poll-agent.test.ts
• src/workflows/agent.ts

✅ Files skipped from review due to trivial changes (2)

• src/workflows/agent.ts
• src/adapters/vcs/gitlab.ts

🚧 Files skipped from review as they are similar to previous changes (2)

• src/sandbox/poll-agent.test.ts
• src/lib/create-vcs.ts