From e37afd3ddd794500f664c27d4dd2a01a72bc80e9 Mon Sep 17 00:00:00 2001
From: Jeremy Eder <jeder@redhat.com>
Date: Thu, 26 Mar 2026 16:06:24 -0400
Subject: [PATCH 1/2] Add ambient-action workflow for issue comment automation

Triggers an ACP session when org members comment @ambient on issues.
Restricted to OWNER and MEMBER author associations for security.
Workflow token scoped to contents: read per least-privilege principle.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .github/workflows/ambient.yml | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 .github/workflows/ambient.yml

diff --git a/.github/workflows/ambient.yml b/.github/workflows/ambient.yml
new file mode 100644
index 0000000..22525c1
--- /dev/null
+++ b/.github/workflows/ambient.yml
@@ -0,0 +1,25 @@
+name: Ambient
+
+on:
+  issue_comment:
+    types: [created]
+
+permissions:
+  contents: read
+
+jobs:
+  ambient:
+    if: >-
+      startsWith(github.event.comment.body, '@ambient') &&
+      contains(fromJSON('["OWNER","MEMBER"]'), github.event.comment.author_association)
+    runs-on: ubuntu-latest
+    steps:
+      - uses: ambient-code/ambient-action@v2
+        with:
+          api-url: ${{ secrets.AMBIENT_API_URL }}
+          api-token: ${{ secrets.AMBIENT_BOT_TOKEN }}
+          project: gps-ambient-action
+          prompt: ${{ github.event.comment.body }}
+          display-name: "Issue #${{ github.event.issue.number }}"
+          repos: '[{"url": "https://github.com/${{ github.repository }}", "branch": "main", "autoPush": true}]'
+          labels: '{"source": "github-issue", "issue": "${{ github.event.issue.number }}"}'

From a29a5baec6a470c894d17c695fa0767625ead944 Mon Sep 17 00:00:00 2001
From: Jeremy Eder <jeder@redhat.com>
Date: Thu, 26 Mar 2026 16:07:59 -0400
Subject: [PATCH 2/2] Fix: target feature branch instead of main for autoPush

ACP sessions now push to ambient/issue-<number> branches instead of
main, ensuring changes go through PR review before merging.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .github/workflows/ambient.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ambient.yml b/.github/workflows/ambient.yml
index 22525c1..7751787 100644
--- a/.github/workflows/ambient.yml
+++ b/.github/workflows/ambient.yml
@@ -21,5 +21,5 @@ jobs:
           project: gps-ambient-action
           prompt: ${{ github.event.comment.body }}
           display-name: "Issue #${{ github.event.issue.number }}"
-          repos: '[{"url": "https://github.com/${{ github.repository }}", "branch": "main", "autoPush": true}]'
+          repos: '[{"url": "https://github.com/${{ github.repository }}", "branch": "ambient/issue-${{ github.event.issue.number }}", "autoPush": true}]'
           labels: '{"source": "github-issue", "issue": "${{ github.event.issue.number }}"}'