Trigger a postsubmit gangway job with repository refs
Triggers postsubmit CI jobs via gangway API with repository refs and optional environment overrides.
/plugin marketplace add openshift-eng/ai-helpers/plugin install ci@ai-helpers<job-name> <org> <repo> <base-ref> <base-sha> [ENV_VAR=value ...]ci:trigger-postsubmit
/trigger-postsubmit <job-name> <org> <repo> <base-ref> <base-sha> [ENV_VAR=value ...]
The trigger-postsubmit command triggers a postsubmit gangway job via the REST API. Postsubmit jobs run after code is merged and require repository reference information.
The command accepts:
It constructs the necessary JSON payload with refs structure and executes the curl command to trigger the job via the gangway REST API.
IMPORTANT SECURITY REQUIREMENTS:
Claude is granted LIMITED and SPECIFIC access to the app.ci cluster token for the following AUTHORIZED operations ONLY:
oc whoami)Claude is EXPLICITLY PROHIBITED from:
MANDATORY USER CONFIRMATION: Before executing ANY POST operation (job trigger), Claude MUST:
Token Usage:
The app.ci cluster token is used solely for authentication with the gangway REST API. This token grants the same permissions as the authenticated user and must be handled with appropriate care. The curl_with_token.sh wrapper handles all authentication automatically.
The command performs the following steps:
Parse Arguments:
Construct JSON Payload: Build the payload with refs structure:
Without overrides:
{
"job_name": "<JOB_NAME>",
"job_execution_type": "2",
"refs": {
"org": "<ORG>",
"repo": "<REPO>",
"base_ref": "<BASE_REF>",
"base_sha": "<BASE_SHA>",
"repo_link": "https://github.com/<ORG>/<REPO>"
}
}
With overrides:
{
"job_name": "<JOB_NAME>",
"job_execution_type": "2",
"refs": {
"org": "<ORG>",
"repo": "<REPO>",
"base_ref": "<BASE_REF>",
"base_sha": "<BASE_SHA>",
"repo_link": "https://github.com/<ORG>/<REPO>"
},
"pod_spec_options": {
"envs": {"ENV_VAR": "value"}
}
}
Save JSON to Temporary File: Write the payload to a temp file (e.g., /tmp/postsubmit-spec.json)
Request User Confirmation: Display the complete JSON payload and curl command to the user, then explicitly ask for confirmation before proceeding. Wait for affirmative user response.
Execute Request: Only after receiving user confirmation, run the curl command using the oc-auth skill's curl wrapper:
# Use curl_with_token.sh from oc-auth skill - it automatically adds the OAuth token
# app.ci cluster API: https://api.ci.l2s4.p1.openshiftapps.com:6443
curl_with_token.sh https://api.ci.l2s4.p1.openshiftapps.com:6443 -v -X POST \
-d @/tmp/postsubmit-spec.json \
https://gangway-ci.apps.ci.l2s4.p1.openshiftapps.com/v1/executions
The curl_with_token.sh wrapper retrieves the OAuth token from the app.ci cluster and adds it as an Authorization header automatically, without exposing the token.
Clean Up: Remove the temporary JSON file
Display Results: Show the API response including the execution ID
Offer Follow-up: Optionally offer to query the job status using /query-job-status
Important for Claude:
ci:oc-auth skill is loaded by invoking it with the Skill tool. The curl_with_token.sh script depends on this skill being active./query-job-statusTrigger a postsubmit job without overrides:
/trigger-postsubmit branch-ci-openshift-assisted-installer-release-4.12-images openshift assisted-installer release-4.12 7336f38f75f91a876313daacbfw97f25dfe21bbf
Trigger a postsubmit job with environment override:
/trigger-postsubmit branch-ci-openshift-origin-master-images openshift origin master abc123def456 RELEASE_IMAGE_LATEST=quay.io/image:latest
Trigger with multiple environment overrides:
/trigger-postsubmit my-postsubmit-job openshift cluster-api-provider-aws master def789ghi012 MULTISTAGE_PARAM_OVERRIDE_TIMEOUT=7200 BUILD_ID=custom-123
"2"https://github.com/<org>/<repo>