Org Weekly Report: 2026-06-29 -- 2026-07-06
Generated for kagenti
⚙️ Dry-run — generated 2026-07-06 via the github-weekly-report skill (agent-skills #21) to validate a scheduled weekly job. Active-epics section produced in sub-issue fallback mode (--skip-projects). Please sanity-check the output.
Org-Wide Summary
Cross-Repo Highlights
Where the work concentrated. 72 PRs merged org-wide, but the distribution is lopsided: serverless-harness alone accounts for 32. @pdettori drove 28 of those — a sustained push on the FS-free harness and shared durable sandbox pool: inline /runs + Redis leaf-results (#50), an N:M lease-based sandbox pool (#53), pulling the OCP sandbox image from GHCR (#52), and OpenShift deployment of the two-tier architecture. This is the most active corner of the org by a wide margin.
Multi-repo contributors.
- @rubambiza — 6 PRs across agent-skills, automation, ecosystem-guide, kagenti, almost all CI/tooling: rolling out the PR-title-verifier workflow and PR-review-impact metrics to the health dashboard, plus an openshell doc fix.
- @esnible — 4 PRs across agent-examples, kagenti, kagenti-extensions: a2a-sdk dependency upgrade, an AuthBridge decision-sequence diagram, extra container build flags, and hardening how the operator handles failed/progressing agent builds.
- @app/dependabot — 18 merged across 5 repos; still the single largest source of PR volume.
Org-wide CI: ~72% pass rate (340/472 runs). Three repos are green at 100% — serverless-harness, agentic-control-plane, openshell-credentials-keycloak. The average is dragged down by two repos stuck at 0%: pi (npm audit) and adk-starter (Weekly Docker Build and Test). Also weak: workload-harness 40%, OpenShell 50% (Kagenti CI, 7 failures), .github 57%, adk 63% (npm_and_yarn + CI).
Security review debt. Multiple SECURITY-flagged PRs have sat unreviewed well past a week — worst in adk: #228 (74d), #238 (56d), #243 (55d), #255 (34d). Also aging: kagenti-operator #449 (17d), OpenShell #15 (24d), kagenti-extensions #497 (24d), agentic-control-plane #46/#44 (30d). kagenti #1856 (Keycloak chart removal) has been in CHANGES_REQUESTED for 28 days.
Dependabot backlog. ~49 dependabot PRs open across the org — heaviest in agent-examples (~17), kagenti-extensions (6), adk (5), agentic-control-plane (4). Batchable, and inflating "needs review" counts everywhere.
Themes this week.
Active Epics
Sub-issue-based detection (fallback mode — no read:project scope); ranked by most-recent sub-issue closure. Note: #1789 (OPA) now surfaces correctly — it was the epic missing from last week's report (agent-skills #18).
Action Items
| # |
Action |
Repo |
Owner |
Priority |
| 1 |
Clear 0% CI: npm audit failing on main |
pi |
— |
P0 |
| 2 |
Clear 0% CI: Weekly Docker Build and Test |
adk-starter |
— |
P0 |
| 3 |
Review/close SECURITY dep PRs stale 55–74d (#228, #238, #243) |
adk |
@app/dependabot |
P0 |
| 4 |
Resolve SECURITY PR #1856 (Keycloak chart), CHANGES_REQUESTED 28d |
kagenti |
@ChristianZaccaria |
P1 |
| 5 |
Review SPIFFE JWT-SVID auth PRs #2141 / operator #473 |
kagenti / kagenti-operator |
@Alan-Cha |
P1 |
| 6 |
Review SECURITY token-broker PR #449 (stale 17d) |
kagenti-operator |
@davidhadas |
P1 |
| 7 |
Batch-review the ~49 open dependabot PRs (start with agent-examples ~17) |
org-wide |
— |
P2 |
| 8 |
Fix CI (40% pass) |
workload-harness |
— |
P2 |
| 9 |
Fix Kagenti CI (7 failures, 50%) |
OpenShell |
@Ladas |
P2 |
| 10 |
Review stale SECURITY dep PRs #46/#44 (30d) |
agentic-control-plane |
@app/dependabot |
P2 |
| 11 |
Unblock CHANGES_REQUESTED AuthBridge OTel PR #497 (24d) |
kagenti-extensions |
@husky-parul |
P2 |
| 12 |
Merge the weekly-report epic fix (source of this report) |
agent-skills #21 |
@rubambiza |
P2 |
| 13 |
Close out 69-day "PR title verifier" PRs |
adk #232, agentic-control-plane #34, capture-the-flag #3 |
@rubambiza |
P3 |
serverless-harness
Merged PRs (32)
Top contributors: @pdettori (28), @app/dependabot (4)
| # |
Title |
Author |
Merged |
| #68 |
fix: Converge fetches per-leaf repoUrl and self-heals (#67) |
@pdettori |
2026-07-06 |
| #65 |
docs: E6 authoritative OCP result (closes #64) |
@pdettori |
2026-07-04 |
| #63 |
P3.1: E6 workload-parameterized sandbox-load (#62) |
@pdettori |
2026-07-04 |
| #61 |
Docs: Record authoritative P3 E6/E7 results on OCP 4.20.8 |
@pdettori |
2026-07-04 |
| #60 |
Fix: Add git to the pre-baked OCP sandbox image for the c... |
@pdettori |
2026-07-04 |
| #58 |
P3: Sandbox sharing-ratio experiments — E6/E7 on runc + g... |
@pdettori |
2026-07-03 |
| #53 |
Feat: P2 shared sandbox pool with N:M lease-based routing |
@pdettori |
2026-07-03 |
| #52 |
Pull OCP sandbox image from GHCR instead of in-cluster build |
@pdettori |
2026-07-03 |
| #51 |
Deploy the FS-free harness on OpenShift with a durable sa... |
@pdettori |
2026-07-03 |
| #50 |
P1: FS-free harness — inline /runs + Redis leaf-result + ... |
@pdettori |
2026-07-02 |
| #44 |
Docs: Add model selection guide to Kind and OCP READMEs |
@pdettori |
2026-07-01 |
| #43 |
feat(deploy): add OpenShift setup script (setup-ocp.sh) |
@pdettori |
2026-07-01 |
| #42 |
fix(docker): link work-queue workspace deps in harness image |
@pdettori |
2026-07-01 |
| #40 |
Fix: leaf smokes seed world-writable /work dirs for the n... |
@pdettori |
2026-07-01 |
| #38 |
feat(knative-server): rename /run-leaf execution route to... |
@pdettori |
2026-07-01 |
| ... |
+17 more |
|
|
CI Health
New Issues (11)
| # |
Title |
Created |
| #66 |
Harden the harness: confine egress to the model + the san... |
2026-07-04 |
| #62 |
E6 knee detector is noise-sensitive: use multi-sample run... |
2026-07-04 |
| #59 |
converge.ts not self-healing against a partial/non-git /w... |
2026-07-03 |
| #57 |
P4: Kata/VM isolation + intra-pod hardening (infra-gated) |
2026-07-03 |
| #56 |
Add unit test for selectPoolSandbox empty-pod-list branch |
2026-07-03 |
| #55 |
Sync-path saturation: bounded wait + 503 Retry-After per ... |
2026-07-03 |
| #54 |
Point setup-kind.sh at the sandbox pool manifest |
2026-07-03 |
| #49 |
Epic: Two-tier FS-free harness + shared durable sandbox pool |
2026-07-02 |
| #48 |
P3: Sandbox sharing-ratio experiments (CAP/N tuning) |
2026-07-02 |
| #47 |
P0′: OpenShift deployment of the two-tier architecture |
2026-07-02 |
| #46 |
P2: Shared sandbox pool + harness→sandbox routing |
2026-07-02 |
kagenti
Merged PRs (20)
Top contributors: @moonlight16 (3), @app/dependabot (2), @esnible (2), @cwiklik (2), @clawgenti (2)
| # |
Title |
Author |
Merged |
| #2137 |
Feat: 💬 chat falls back to message/send for non-streaming... |
@moonlight16 |
2026-07-02 |
| #2136 |
chore(deps): Bump the minor-and-patch group across 1 dire... |
@app/dependabot |
2026-07-02 |
| #2128 |
feat(backend): auto-inject MCP_URL and LLM env on agent i... |
@amit-chaubey |
2026-07-01 |
| #2127 |
Fix: Allow user to supply additional container build flag... |
@esnible |
2026-07-02 |
| #2126 |
Fix: reuse platform Keycloak for token-exchange E2E on Kind |
@cwiklik |
2026-07-01 |
| #2122 |
fix(v0.6.1, ocp): make weather-agent CLI deploy work on O... |
@webchang |
2026-07-01 |
| #2121 |
Docs: Access Control Documentation |
@davidhadas |
2026-07-01 |
| #2114 |
Feat: 🖥️ Add options for persistent storage to Kagenti CLI |
@moonlight16 |
2026-07-01 |
| #2112 |
Chore: bump operator chart to 0.3.0-alpha.6 and authbridg... |
@cwiklik |
2026-06-30 |
| #2111 |
Fix: Don't forget about failed and progressing Agent builds |
@esnible |
2026-07-01 |
| #2109 |
fix: Correct dtach repo URL in openshell doc |
@rubambiza |
2026-06-29 |
| #2107 |
docs: Link health dashboard (auto-updated) |
@clawgenti |
2026-07-01 |
| #2099 |
docs: Automation health dashboard (auto-updated) |
@clawgenti |
2026-07-01 |
| #2096 |
chore(deps): Bump the minor-and-patch group across 1 dire... |
@app/dependabot |
2026-07-02 |
| #2005 |
docs: correct feature flag endpoint path in CLAUDE.md |
@YuuGR1337 |
2026-07-01 |
| ... |
+5 more |
|
|
Open PRs (19)
Changes Requested (1)
| # |
Title |
Author |
Days |
Notes |
| #1856 |
Refactor: remove Keycloak operand/realm from chart... |
@ChristianZaccaria |
28 |
SECURITY, stale (28d) |
Needs Review (6)
| # |
Title |
Author |
Days |
Notes |
| #2144 |
chore(deps): Bump DavidAnson/markdownlint-cli2-act... |
@app/dependabot |
1 |
|
| #2143 |
chore(deps): Bump the minor-and-patch group with 7... |
@app/dependabot |
1 |
SECURITY |
| #2142 |
chore(deps): Bump the minor-and-patch group in /ka... |
@app/dependabot |
1 |
|
| #2141 |
feat(operator): add SPIFFE authentication bootstra... |
@Alan-Cha |
3 |
SECURITY |
| #2140 |
docs: Automation health dashboard (auto-updated) |
@clawgenti |
3 |
|
| #2139 |
Docs: Describing how to get OPA to work pre-relase... |
@davidhadas |
4 |
|
Draft PRs (12)
12 drafts from @mrsabath, @pdettori, @Ladas, @Alan-Cha, @yoavkatz, @aslom
CI Health
New Issues (21)
| # |
Title |
Created |
| #2147 |
feature: implement event bridge and event mesh for poc demo |
2026-07-06 |
| #2146 |
feature: measure serverless harness performance against o... |
2026-07-06 |
| #2145 |
feature: compelling local use case for RossoCortex |
2026-07-06 |
| #2138 |
Doc: Document the OPA feature |
2026-07-02 |
| #2132 |
feature: update observability UI and deployment scripts f... |
2026-07-01 |
| #2131 |
feature: update observability UI and deployment scripts f... |
2026-07-01 |
| #2130 |
feature: Add token-exchange step before sending a token f... |
2026-07-01 |
| #2129 |
token-exchange E2E: tx-e2e-agent pod not Ready at test ti... |
2026-06-30 |
| #2124 |
feature: Validate required agent env at startup — no sile... |
2026-06-30 |
| #2123 |
feature: UI import should auto-inject MCP_URL from select... |
2026-06-30 |
| #2119 |
[openshell] gateway OIDC discovery fails on HyperShift — ... |
2026-06-30 |
| #2118 |
Design the rossoctl landing page |
2026-06-30 |
| #2117 |
Propose docs IA and content strategy for the v0.7 release |
2026-06-30 |
| #2116 |
Draft positioning.md for the landing page and README |
2026-06-30 |
| #2115 |
Set up the website folder structure in the rossoctl repo ... |
2026-06-30 |
| #2113 |
connect rossoctl.dev domain CNAME to the website |
2026-06-29 |
| #2110 |
🐛 MountVolume.SetUp failed for volume "spire-agent-so... |
2026-06-29 |
| #2108 |
Upgrade agent-sandbox v0.4.6 → v0.5.0 (v1beta1) — track b... |
2026-06-29 |
| #2106 |
epic: Centralized Policy Decision for Agent Platform Pipe... |
2026-06-29 |
| #2105 |
feature: Authbridge HTTP to HTTPs support |
2026-06-29 |
| #2104 |
Weekly Report 2026-06-29 |
2026-06-29 |
kagenti-extensions
Merged PRs (8)
Top contributors: @app/dependabot (6), @esnible (1), @evaline-ju (1)
| # |
Title |
Author |
Merged |
| #629 |
Docs: Diagram of AuthBridge plugin decision sequence |
@esnible |
2026-07-01 |
| #627 |
chore: 🔧 Update PR review workflow for title case ... |
@evaline-ju |
2026-06-30 |
| #536 |
build(deps): Bump rojopolis/spellcheck-github-actions fro... |
@app/dependabot |
2026-06-30 |
| #535 |
build(deps): Bump actions/checkout from 6.0.3 to 7.0.0 |
@app/dependabot |
2026-06-30 |
| #517 |
build(deps): Bump library/alpine from 3.23 to 3.24 in /au... |
@app/dependabot |
2026-07-02 |
| #487 |
build(deps): Bump github/codeql-action from 4.36.1 to 4.36.2 |
@app/dependabot |
2026-06-30 |
| #474 |
build(deps): Bump docker/setup-qemu-action from 4.0.0 to ... |
@app/dependabot |
2026-06-30 |
| #472 |
build(deps): Bump docker/metadata-action from 6.0.0 to 6.1.0 |
@app/dependabot |
2026-06-30 |
Open PRs (13)
Changes Requested (1)
| # |
Title |
Author |
Days |
Notes |
| #497 |
Feat: Add OTel trace context propagation to AuthBr... |
@husky-parul |
24 |
SECURITY, stale (24d) |
Needs Review (6)
| # |
Title |
Author |
Days |
Notes |
| #628 |
build(deps): Bump github.com/open-policy-agent/opa... |
@app/dependabot |
6 |
SECURITY |
| #541 |
build(deps): Bump github.com/spiffe/go-spiffe/v2 f... |
@app/dependabot |
13 |
|
| #540 |
build(deps): Update python-dotenv requirement from... |
@app/dependabot |
13 |
|
| #539 |
build(deps): Bump langgraph from 1.2.5 to 1.2.7 |
@app/dependabot |
13 |
|
| #538 |
build(deps): Bump langchain-openai from 1.3.2 to 1... |
@app/dependabot |
13 |
|
| #537 |
build(deps): Bump langchain-core from 1.4.7 to 1.4.8 |
@app/dependabot |
13 |
SECURITY |
Draft PRs (6)
6 drafts from @Alan-Cha, @araujof, @huang195
CI Health
New Issues (1)
| # |
Title |
Created |
| #630 |
[dep-bump] Stale routine bump: library/alpine in kagenti-... |
2026-07-02 |
plugins-adapter
Merged PRs (4)
Top contributors: @app/dependabot (4)
| # |
Title |
Author |
Merged |
| #153 |
chore(deps): bump docker/metadata-action from 6.1.0 to 6.2.0 |
@app/dependabot |
2026-07-06 |
| #151 |
chore(deps): bump astral-sh/setup-uv from 8.2.0 to 8.3.0 |
@app/dependabot |
2026-07-06 |
| #150 |
chore(deps): bump actions/setup-python from 6.2.0 to 6.3.0 |
@app/dependabot |
2026-06-29 |
| #149 |
chore(deps): bump actions/cache from 5.0.5 to 6.1.0 |
@app/dependabot |
2026-06-29 |
Open PRs (3)
Needs Review (3)
| # |
Title |
Author |
Days |
Notes |
| #155 |
chore(deps): bump github/codeql-action/init from 4... |
@app/dependabot |
0 |
|
| #154 |
chore(deps): bump docker/setup-buildx-action from ... |
@app/dependabot |
0 |
|
| #152 |
chore(deps): bump github/codeql-action/analyze fro... |
@app/dependabot |
0 |
|
CI Health
- 23/30 (77%) passed
- Failing: "Security Scans" — 2 failure(s)
agent-examples
Merged PRs (3)
Top contributors: @app/dependabot (2), @esnible (1)
| # |
Title |
Author |
Merged |
| #649 |
chore: Upgrade a2a-sdk dependencies |
@esnible |
2026-07-01 |
| #630 |
chore(deps): Bump pytest from 9.1.0 to 9.1.1 in /mcp/rese... |
@app/dependabot |
2026-06-29 |
| #627 |
chore(deps): Bump actions/setup-python from 6.2.0 to 6.3.... |
@app/dependabot |
2026-06-29 |
Open PRs (26)
Needs Review (25)
| # |
Title |
Author |
Days |
Notes |
| #661 |
fix mcp never failing till timeout bug |
@davidhadas |
1 |
|
| #659 |
chore(deps): Bump the minor-and-patch group across... |
@app/dependabot |
3 |
SECURITY |
| #658 |
chore(deps): Bump the minor-and-patch group across... |
@app/dependabot |
3 |
|
| #657 |
chore(deps): Bump the minor-and-patch group across... |
@app/dependabot |
3 |
SECURITY |
| #656 |
chore(deps): Bump the minor-and-patch group across... |
@app/dependabot |
3 |
SECURITY |
| #655 |
chore(deps): Bump the minor-and-patch group across... |
@app/dependabot |
3 |
SECURITY |
| #654 |
chore(deps): Bump the minor-and-patch group across... |
@app/dependabot |
3 |
SECURITY |
| #653 |
chore(deps): Bump the minor-and-patch group with 8... |
@app/dependabot |
3 |
|
| ... |
+17 more |
|
|
|
Draft PRs (1)
- #126 — feat: add sandbox_agent with per-context workspace isolation
CI Health
- 20/30 (67%) passed
- Failing: "CI" — 1 failure(s)
New Issues (5)
| # |
Title |
Created |
| #660 |
🐛 git issue always wait for timeout to drop an mcp call |
2026-07-05 |
| #648 |
[dep-bump] Stale high bump: minor-and-patch group in agen... |
2026-06-30 |
| #647 |
[dep-bump] Stale high bump: minor-and-patch group in agen... |
2026-06-30 |
| #646 |
[dep-bump] Stale major bump: protobuf in agent-examples |
2026-06-30 |
| #645 |
[dep-bump] Stale major bump: protobuf in agent-examples |
2026-06-30 |
agent-skills
Merged PRs (2)
Top contributors: @rubambiza (2)
| # |
Title |
Author |
Merged |
| #20 |
ci: Update pr-verifier reusable workflow reference |
@rubambiza |
2026-06-30 |
| #17 |
feat: Add PR review metrics to health dashboard |
@rubambiza |
2026-07-06 |
Open PRs (1)
Needs Review (1)
| # |
Title |
Author |
Days |
Notes |
| #21 |
fix: Detect active epics via sub-issue activity |
@rubambiza |
3 |
SECURITY |
CI Health
- 17/18 (94%) passed
- Failing: "PR Verifier" — 1 failure(s)
New Issues (2)
| # |
Title |
Created |
| #22 |
Normalize db_repos to use short names in coverage dashb... |
2026-07-02 |
| #18 |
🐛 Missing Active Epics from Weekly Report |
2026-06-30 |
automation
Merged PRs (2)
Top contributors: @rubambiza (2)
| # |
Title |
Author |
Merged |
| #22 |
ci: Update pr-verifier reusable workflow reference |
@rubambiza |
2026-06-30 |
| #20 |
Feat: Add PR review impact metrics producer |
@rubambiza |
2026-06-29 |
CI Health
- 18/20 (90%) passed
- Failing: "PR Verifier" — 2 failure(s)
ecosystem-guide
Merged PRs (1)
Top contributors: @rubambiza (1)
| # |
Title |
Author |
Merged |
| #6 |
CI: Add PR title verifier workflow |
@rubambiza |
2026-06-30 |
Open PRs (1)
Needs Review (1)
| # |
Title |
Author |
Days |
Notes |
| #12 |
build(deps): bump the minor-and-patch group across... |
@app/dependabot |
5 |
|
CI Health
adk
Open PRs (7)
Needs Review (7)
| # |
Title |
Author |
Days |
Notes |
| #261 |
chore(deps): bump the github-actions group across ... |
@app/dependabot |
3 |
SECURITY |
| #255 |
chore(deps-dev): bump vitest from 4.0.18 to 4.1.0 ... |
@app/dependabot |
34 |
SECURITY, stale (34d) |
| #243 |
test: Resolve MemoryHub E2E URL from discovery end... |
@rdwj |
55 |
SECURITY, stale (55d) |
| #238 |
chore(deps): bump the uv-security group across 3 d... |
@app/dependabot |
56 |
SECURITY, stale (56d) |
| #232 |
CI: Add PR title verifier workflow |
@rubambiza |
69 |
stale (69d) |
| #228 |
chore(deps): bump the uv group across 28 directori... |
@app/dependabot |
74 |
SECURITY, stale (74d) |
| #226 |
chore(deps): bump uuid from 13.0.0 to 14.0.0 in /a... |
@app/dependabot |
74 |
stale (74d) |
CI Health
- 19/30 (63%) passed
- Failing: "npm_and_yarn in /. for @babel/core, @babel/plugin-transform-modules-systemjs, axios, axios, axios, axios, axios, axios, axios, axios, axios, axios, axios, axios, axios, axios, axios, axios, axios, axios, axios, axios, axios, axios, axios, basic-ftp, basic-ftp, basic-ftp, basic-ftp, brace-expansion, brace-expansion, brace-expansion, brace-expansion, dompurify, dompurify, dompurify, dompurify, dompurify, dompurify, dompurify, dompurify, dompurify, dompurify, dompurify, dompurify, esbuild, fast-uri, fast-ur..." — 2 failure(s)
- Failing: "CI" — 1 failure(s)
kagenti-operator
Open PRs (5)
Changes Requested (1)
| # |
Title |
Author |
Days |
Notes |
| #449 |
Feat: Add token-broker service for OAuth session a... |
@davidhadas |
17 |
SECURITY, stale (17d) |
Needs Review (4)
| # |
Title |
Author |
Days |
Notes |
| #473 |
Feat(operator): implement SPIFFE JWT-SVID authenti... |
@Alan-Cha |
3 |
SECURITY |
| #472 |
build(deps): bump actions/cache from 5.0.5 to 6.1.... |
@app/dependabot |
6 |
SECURITY |
| #471 |
build(deps): bump the minor-and-patch group with 4... |
@app/dependabot |
6 |
|
| #470 |
build(deps): bump the minor-and-patch group in /ka... |
@app/dependabot |
6 |
SECURITY |
CI Health
- 25/30 (83%) passed
- Failing: "PR Verifier" — 4 failure(s)
- Failing: "CI" — 1 failure(s)
OpenShell
Open PRs (2)
Needs Review (2)
| # |
Title |
Author |
Days |
Notes |
| #16 |
feat(sandbox): Landlock TCP port restriction for m... |
@Ladas |
24 |
stale (24d) |
| #15 |
feat(sandbox): add Platform network mode for restr... |
@Ladas |
24 |
SECURITY, stale (24d) |
CI Health
- 15/30 (50%) passed
- Failing: "Kagenti CI" — 7 failure(s)
agentic-control-plane
Open PRs (5)
Needs Review (5)
| # |
Title |
Author |
Days |
Notes |
| #54 |
build(deps): Bump the minor-and-patch group across... |
@app/dependabot |
9 |
|
| #49 |
build(deps): Update fastmcp requirement from >=0.2... |
@app/dependabot |
23 |
SECURITY, stale (23d) |
| #46 |
build(deps): Update uvicorn requirement from >=0.2... |
@app/dependabot |
30 |
SECURITY, stale (30d) |
| #44 |
build(deps): Update kubernetes requirement from >=... |
@app/dependabot |
30 |
SECURITY, stale (30d) |
| #34 |
CI: Add PR title verifier workflow |
@rubambiza |
69 |
stale (69d) |
CI Health
workload-harness
Open PRs (2)
Needs Review (2)
| # |
Title |
Author |
Days |
Notes |
| #27 |
feat(exgentic-runner): in-cluster execution support |
@yoavkatz |
4 |
SECURITY |
| #26 |
docs: Fix broken internal link in workload-harness |
@clawgenti |
6 |
|
CI Health
New Issues (1)
| # |
Title |
Created |
| #28 |
feat: add e2e test script for tool_calling agent across a... |
2026-07-05 |
capture-the-flag
Open PRs (1)
Needs Review (1)
| # |
Title |
Author |
Days |
Notes |
| #3 |
CI: Add PR title verifier workflow |
@rubambiza |
69 |
stale (69d) |
CI Health
- 5/8 (62%) passed
- Failing: "PR Verifier" — 2 failure(s)
Org Weekly Report: 2026-06-29 -- 2026-07-06
Generated for kagenti
Org-Wide Summary
Cross-Repo Highlights
Where the work concentrated. 72 PRs merged org-wide, but the distribution is lopsided: serverless-harness alone accounts for 32. @pdettori drove 28 of those — a sustained push on the FS-free harness and shared durable sandbox pool: inline
/runs+ Redis leaf-results (#50), an N:M lease-based sandbox pool (#53), pulling the OCP sandbox image from GHCR (#52), and OpenShift deployment of the two-tier architecture. This is the most active corner of the org by a wide margin.Multi-repo contributors.
Org-wide CI: ~72% pass rate (340/472 runs). Three repos are green at 100% — serverless-harness, agentic-control-plane, openshell-credentials-keycloak. The average is dragged down by two repos stuck at 0%: pi (
npm audit) and adk-starter (Weekly Docker Build and Test). Also weak: workload-harness 40%, OpenShell 50% (Kagenti CI, 7 failures), .github 57%, adk 63% (npm_and_yarn + CI).Security review debt. Multiple SECURITY-flagged PRs have sat unreviewed well past a week — worst in adk: #228 (74d), #238 (56d), #243 (55d), #255 (34d). Also aging: kagenti-operator #449 (17d), OpenShell #15 (24d), kagenti-extensions #497 (24d), agentic-control-plane #46/#44 (30d). kagenti #1856 (Keycloak chart removal) has been in CHANGES_REQUESTED for 28 days.
Dependabot backlog. ~49 dependabot PRs open across the org — heaviest in agent-examples (~17), kagenti-extensions (6), adk (5), agentic-control-plane (4). Batchable, and inflating "needs review" counts everywhere.
Themes this week.
rossoctl.devdomain, and positioning docs.Active Epics
Sub-issue-based detection (fallback mode — no
read:projectscope); ranked by most-recent sub-issue closure. Note: #1789 (OPA) now surfaces correctly — it was the epic missing from last week's report (agent-skills #18).Action Items
npm auditfailing on mainWeekly Docker Build and TestKagenti CI(7 failures, 50%)serverless-harness
Merged PRs (32)
Top contributors: @pdettori (28), @app/dependabot (4)
CI Health
New Issues (11)
kagenti
Merged PRs (20)
Top contributors: @moonlight16 (3), @app/dependabot (2), @esnible (2), @cwiklik (2), @clawgenti (2)
Open PRs (19)
Changes Requested (1)
Needs Review (6)
Draft PRs (12)
12 drafts from @mrsabath, @pdettori, @Ladas, @Alan-Cha, @yoavkatz, @aslom
CI Health
New Issues (21)
kagenti-extensions
Merged PRs (8)
Top contributors: @app/dependabot (6), @esnible (1), @evaline-ju (1)
Open PRs (13)
Changes Requested (1)
Needs Review (6)
Draft PRs (6)
6 drafts from @Alan-Cha, @araujof, @huang195
CI Health
New Issues (1)
plugins-adapter
Merged PRs (4)
Top contributors: @app/dependabot (4)
Open PRs (3)
Needs Review (3)
CI Health
agent-examples
Merged PRs (3)
Top contributors: @app/dependabot (2), @esnible (1)
Open PRs (26)
Needs Review (25)
Draft PRs (1)
CI Health
New Issues (5)
agent-skills
Merged PRs (2)
Top contributors: @rubambiza (2)
Open PRs (1)
Needs Review (1)
CI Health
New Issues (2)
db_reposto use short names in coverage dashb...automation
Merged PRs (2)
Top contributors: @rubambiza (2)
CI Health
ecosystem-guide
Merged PRs (1)
Top contributors: @rubambiza (1)
Open PRs (1)
Needs Review (1)
CI Health
adk
Open PRs (7)
Needs Review (7)
CI Health
kagenti-operator
Open PRs (5)
Changes Requested (1)
Needs Review (4)
CI Health
OpenShell
Open PRs (2)
Needs Review (2)
CI Health
agentic-control-plane
Open PRs (5)
Needs Review (5)
CI Health
workload-harness
Open PRs (2)
Needs Review (2)
CI Health
New Issues (1)
capture-the-flag
Open PRs (1)
Needs Review (1)
CI Health