tenseleyflow/shithub / 06ca804

+- `GET /{owner}/{repo}/actions.atom`

+  Returns the last 50 workflow runs as an Atom feed. Auth and visibility

+  match the Actions tab (`repo:read`). Entries link to

+  `/{owner}/{repo}/actions/runs/{run_index}` and include the workflow

+  name/path, event, branch, short SHA, status, and conclusion.

+

+### Webhook events (S41h)

+

+Actions emits webhook-facing domain events through `notif.EmitTx` on

+state transitions:

+

+- `workflow_run`, with `payload.action` set to `queued`, `running`, or

+  `completed` (`completed` may carry `conclusion:"cancelled"`).

+- `workflow_job`, with `payload.action` set to `queued`, `running`,

+  `completed`, or `cancelled`.

+

+Payloads are structural snapshots only. They include ids, run index,

+workflow path/name, head SHA/ref, event kind, status, conclusion,

+timestamps, job key/name/runner id, needs, timeout, and cancellation

+state. They deliberately exclude `workflow_runs.event_payload`, env,

+permissions, logs, runner JWTs, and secret values. This keeps the

+webhook surface stable without turning arbitrary workflow input into

+subscriber-facing data.

+- [Actions workflow API](./api/actions.md)

+- [Actions runner API](./api/actions-runner.md)

+## Runs Atom feed

+

+```text

+GET /{owner}/{repo}/actions.atom

+```

+

+Returns the last 50 workflow runs as `application/atom+xml`. Visibility

+matches the Actions tab: public repositories are public; private

+repositories require repository read access.

+

+Each entry links to the run page and summarizes workflow name, event,

+branch, commit, status, and conclusion.

+

+// SPDX-License-Identifier: AGPL-3.0-or-later

+

+package repo

+

+import (

+	"encoding/xml"

+	"fmt"

+	"io"

+	"net/http"

+	"strconv"

+	"strings"

+	"time"

+

+	actionsdb "github.com/tenseleyFlow/shithub/internal/actions/sqlc"

+	"github.com/tenseleyFlow/shithub/internal/auth/policy"

+)

+

+const actionsAtomRunLimit = int32(50)

+

+func (h *Handlers) repoActionsAtom(w http.ResponseWriter, r *http.Request) {

+	row, owner, ok := h.loadRepoAndAuthorize(w, r, policy.ActionRepoRead)

+	if !ok {

+		return

+	}

+	runs, err := actionsdb.New().ListWorkflowRunsForRepo(r.Context(), h.d.Pool, actionsdb.ListWorkflowRunsForRepoParams{

+		RepoID:     row.ID,

+		PageLimit:  actionsAtomRunLimit,

+		PageOffset: 0,

+	})

+	if err != nil {

+		h.d.Logger.WarnContext(r.Context(), "repo actions atom: list workflow runs", "repo_id", row.ID, "error", err)

+		h.d.Render.HTTPError(w, r, http.StatusInternalServerError, "")

+		return

+	}

+	w.Header().Set("Content-Type", "application/atom+xml; charset=utf-8")

+	writeActionsAtom(w, owner.Username, row.Name, runs, time.Now())

+}

+

+func writeActionsAtom(w io.Writer, owner, repoName string, runs []actionsdb.ListWorkflowRunsForRepoRow, now time.Time) {

+	type atomAuthor struct {

+		Name string `xml:"name"`

+	}

+	type atomEntry struct {

+		ID      string     `xml:"id"`

+		Title   string     `xml:"title"`

+		Updated string     `xml:"updated"`

+		Author  atomAuthor `xml:"author"`

+		Summary string     `xml:"summary"`

+		Link    struct {

+			Href string `xml:"href,attr"`

+			Rel  string `xml:"rel,attr,omitempty"`

+		} `xml:"link"`

+	}

+	type atomFeed struct {

+		XMLName xml.Name `xml:"http://www.w3.org/2005/Atom feed"`

+		Title   string   `xml:"title"`

+		ID      string   `xml:"id"`

+		Updated string   `xml:"updated"`

+		Link    struct {

+			Href string `xml:"href,attr"`

+			Rel  string `xml:"rel,attr,omitempty"`

+		} `xml:"link"`

+		Entries []atomEntry `xml:"entry"`

+	}

+

+	feedUpdated := now.UTC()

+	if len(runs) > 0 {

+		feedUpdated = pgTime(runs[0].UpdatedAt, runs[0].CreatedAt.Time).UTC()

+	}

+	feed := atomFeed{

+		Title:   fmt.Sprintf("%s/%s Actions runs", owner, repoName),

+		ID:      fmt.Sprintf("urn:shithub:actions:%s:%s", owner, repoName),

+		Updated: feedUpdated.Format(time.RFC3339),

+	}

+	feed.Link.Href = fmt.Sprintf("/%s/%s/actions.atom", owner, repoName)

+	feed.Link.Rel = "self"

+

+	for _, run := range runs {

+		var e atomEntry

+		e.ID = fmt.Sprintf("urn:shithub:workflow_run:%d", run.ID)

+		e.Title = actionsAtomRunTitle(run)

+		e.Updated = pgTime(run.UpdatedAt, run.CreatedAt.Time).UTC().Format(time.RFC3339)

+		e.Author.Name = actionsAtomActor(run.ActorUsername)

+		e.Summary = actionsAtomRunSummary(run)

+		e.Link.Href = fmt.Sprintf("/%s/%s/actions/runs/%d", owner, repoName, run.RunIndex)

+		feed.Entries = append(feed.Entries, e)

+	}

+

+	enc := xml.NewEncoder(w)

+	enc.Indent("", "  ")

+	_, _ = io.WriteString(w, xml.Header)

+	_ = enc.Encode(feed)

+	_ = enc.Flush()

+}

+

+func actionsAtomRunTitle(run actionsdb.ListWorkflowRunsForRepoRow) string {

+	title := workflowDisplayName(run.WorkflowName, run.WorkflowFile)

+	state, _, _ := workflowRunState(run.Status, run.Conclusion)

+	return fmt.Sprintf("%s #%d %s", title, run.RunIndex, strings.ToLower(state))

+}

+

+func actionsAtomRunSummary(run actionsdb.ListWorkflowRunsForRepoRow) string {

+	parts := []string{

+		"Workflow: " + workflowDisplayName(run.WorkflowName, run.WorkflowFile),

+		"Event: " + workflowRunEventLabel(string(run.Event)),

+		"Status: " + string(run.Status),

+		"Branch: " + run.HeadRef,

+		"Commit: " + shortSHA(run.HeadSha),

+	}

+	if run.Conclusion.Valid {

+		parts = append(parts, "Conclusion: "+string(run.Conclusion.CheckConclusion))

+	}

+	parts = append(parts, "Run: #"+strconv.FormatInt(run.RunIndex, 10))

+	return strings.Join(parts, "\n")

+}

+

+func actionsAtomActor(username string) string {

+	username = strings.TrimSpace(username)

+	if username == "" {

+		return "shithub"

+	}

+	return username

+}

+// SPDX-License-Identifier: AGPL-3.0-or-later

+

+package repo

+

+import (

+	"bytes"

+	"encoding/xml"

+	"strings"

+	"testing"

+	"time"

+

+	"github.com/jackc/pgx/v5/pgtype"

+

+	actionsdb "github.com/tenseleyFlow/shithub/internal/actions/sqlc"

+)

+

+func TestWriteActionsAtomEscapesRunsAndUsesLatestUpdate(t *testing.T) {

+	ts1 := pgtype.Timestamptz{Time: time.Date(2026, 5, 12, 10, 0, 0, 0, time.UTC), Valid: true}

+	ts2 := pgtype.Timestamptz{Time: time.Date(2026, 5, 12, 9, 0, 0, 0, time.UTC), Valid: true}

+	var buf bytes.Buffer

+	writeActionsAtom(&buf, "alice", "demo", []actionsdb.ListWorkflowRunsForRepoRow{

+		{

+			ID:            12,

+			RunIndex:      7,

+			WorkflowFile:  ".shithub/workflows/ci.yml",

+			WorkflowName:  "CI <release>",

+			HeadSha:       strings.Repeat("a", 40),

+			HeadRef:       "refs/heads/trunk",

+			Event:         actionsdb.WorkflowRunEventPush,

+			Status:        actionsdb.WorkflowRunStatusCompleted,

+			Conclusion:    actionsdb.NullCheckConclusion{CheckConclusion: actionsdb.CheckConclusionSuccess, Valid: true},

+			ActorUsername: "dev<one>",

+			CreatedAt:     ts2,

+			UpdatedAt:     ts1,

+		},

+	}, time.Date(2026, 5, 12, 8, 0, 0, 0, time.UTC))

+

+	type feed struct {

+		XMLName xml.Name `xml:"feed"`

+		Title   string   `xml:"title"`

+		Updated string   `xml:"updated"`

+		Entries []struct {

+			Title   string `xml:"title"`

+			Updated string `xml:"updated"`

+			Author  struct {

+				Name string `xml:"name"`

+			} `xml:"author"`

+			Summary string `xml:"summary"`

+			Link    struct {

+				Href string `xml:"href,attr"`

+			} `xml:"link"`

+		} `xml:"entry"`

+	}

+	var got feed

+	if err := xml.Unmarshal(buf.Bytes(), &got); err != nil {

+		t.Fatalf("unmarshal atom: %v\n%s", err, buf.String())

+	}

+	if got.Title != "alice/demo Actions runs" {

+		t.Fatalf("title = %q", got.Title)

+	}

+	if got.Updated != "2026-05-12T10:00:00Z" {

+		t.Fatalf("updated = %q", got.Updated)

+	}

+	if len(got.Entries) != 1 {

+		t.Fatalf("entries = %d", len(got.Entries))

+	}

+	if got.Entries[0].Title != "CI <release> #7 success" {

+		t.Fatalf("entry title = %q", got.Entries[0].Title)

+	}

+	if got.Entries[0].Author.Name != "dev<one>" {

+		t.Fatalf("author = %q", got.Entries[0].Author.Name)

+	}

+	if got.Entries[0].Link.Href != "/alice/demo/actions/runs/7" {

+		t.Fatalf("link = %q", got.Entries[0].Link.Href)

+	}

+	if !strings.Contains(got.Entries[0].Summary, "Conclusion: success") {

+		t.Fatalf("summary = %q", got.Entries[0].Summary)

+	}

+}

+	r.Get("/{owner}/{repo}/actions.atom", h.repoActionsAtom)