tinyland-inc/box-up-role
harness/harness/assets/claude/skills/box-up-role/SKILL.md
Package an Ansible role into a GitLab iteration with worktree, issues, and MR
tools
Updated Apr 20, 2026
$ install --global
skillsauthnpx skillsauth add tinyland-inc/ansible-dag-harness box-up-roleInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 27, 2026, 9:23 PM153.1s1 file scanned
SKILL.md
- name:
- box-up-role
- description:
- Package an Ansible role into a GitLab iteration with worktree, issues, and MR
- user-invocable:
- true
- argument-hint:
- <role-name>
- allowed-tools:
- Read, Grep, Glob, Bash, Task, Write, Edit
Box Up Role Workflow
You are packaging the Ansible role $ARGUMENTS for GitLab iteration management.
Harness Integration
The dag-harness LangGraph engine handles the full workflow. The harness CLI is the
primary entry point; script-based fallback is available when the harness package is
not installed.
Step 1: Check Harness Availability
Run a version check to determine whether the harness CLI is available.
harness --version 2>/dev/null
If harness is available (exit 0): proceed to Step 2.
If harness is NOT available (exit non-zero): install it first:
pip install dag-harness
# or: uv tool install dag-harness
Step 2: Pre-Flight Validation
Before running the workflow, verify basic prerequisites.
# Verify role exists
ls -d ansible/roles/$ARGUMENTS/ || { echo "ERROR: Role '$ARGUMENTS' not found"; exit 1; }
# Verify glab authentication
glab auth status
# Check SSH tunnels for tunneled targets
npm run tunnels:status
You can also use the harness to check role status and dependencies:
harness status $ARGUMENTS
harness deps $ARGUMENTS --transitive
harness deps $ARGUMENTS --reverse
Step 3: Run the Workflow
Execute the full box-up-role DAG workflow. The harness orchestrates all steps: analyze, validate dependencies, create worktree, run tests, commit, push, create issue, create MR, and request human approval.
harness box-up-role $ARGUMENTS
Dry run (show what would happen without making changes):
harness box-up-role $ARGUMENTS --dry-run
With breakpoints (pause before specific nodes for inspection):
harness box-up-role $ARGUMENTS --breakpoints "create_commit,push_branch"
Step 4: Parse Results
The workflow produces structured output. Watch for these result statuses:
Completed Successfully
The workflow prints:
Issue URL: <url>-- the GitLab issue created for this roleMR URL: <url>-- the merge request with closing patternWorktree: <path>-- the isolated worktree path
Record these URLs for the summary report.
Paused at Human Approval
When the workflow reaches the human_approval node, it pauses with an
interrupt() and prints:
Workflow paused at: human_approval
Resume with: harness resume <execution-id>
The execution ID is a numeric identifier. Note it for the next step.
Paused at Breakpoint
If you used --breakpoints, the workflow pauses before the named node:
Workflow paused at: <node-name>
Resume with: harness resume <execution-id>
Failed
On failure, the workflow prints:
Workflow failed: <error-message>
Failed at node: <node-name>
Check the error, fix the issue, and re-run the workflow.
Step 5: Handle Pauses (Human-in-the-Loop)
If the workflow paused at human_approval, review the current state and
ask the user whether to approve or reject.
Show current state:
harness status $ARGUMENTS
Approve and continue to merge train:
harness resume <execution-id> --approve
Reject with a reason:
harness resume <execution-id> --reject --reason "Tests need more coverage"
Resume from a breakpoint (no approval needed):
harness resume <execution-id>
You can also set additional breakpoints on resume:
harness resume <execution-id> --breakpoints "create_mr"
Step 6: Report Summary
After the workflow completes (either directly or after resume), present the user with a formatted summary:
==========================================
BOX UP ROLE COMPLETE: $ARGUMENTS
==========================================
Worktree Path: ../sid-$ARGUMENTS
Branch: sid/$ARGUMENTS
Wave: <wave_number> (<wave_name>)
GitLab Issue: <issue_url>
Merge Request: <mr_url>
Iteration: <iteration_name>
Test Commands:
cd ../sid-$ARGUMENTS
npm run molecule:role --role=$ARGUMENTS
npm run deploy:<target> -- --tags <role-tags>
Next Steps:
1. Review MR in GitLab
2. Request code review
3. Merge when approved (auto-squash)
==========================================
Harness CLI Reference
| Command | Purpose |
|---------|---------|
| harness --version | Check harness availability |
| harness box-up-role <role> | Execute full DAG workflow |
| harness box-up-role <role> --dry-run | Show what would happen |
| harness box-up-role <role> --breakpoints <nodes> | Pause at specific nodes |
| harness resume <id> | Resume paused workflow |
| harness resume <id> --approve | Approve at human_approval node |
| harness resume <id> --reject --reason "..." | Reject with reason |
| harness status [role] | Show role/workflow status |
| harness deps <role> --transitive | Show dependency tree |
| harness deps <role> --reverse | Show reverse dependencies |
| harness list-roles --wave N | List roles by wave |
| harness sync --gitlab | Sync state from GitLab |
| harness graph | Show workflow DAG |
| harness check | Run self-checks |
Workflow DAG Nodes
The box-up-role graph executes these nodes in order:
- analyze_role -- Extract dependencies, credentials, wave placement
- check_reverse_deps -- Block if reverse dependencies are not boxed up
- create_worktree -- Create role branch and worktree from origin/main
- run_tests -- Execute molecule tests (blocks on failure)
- deploy_test -- Deploy to test target (blocks on failure)
- create_commit -- Create signed commit
- push_branch -- Push to origin with tracking
- create_issue -- Create GitLab issue with iteration assignment
- create_mr -- Create merge request with closing pattern
- human_approval -- Pause with
interrupt()for human review - merge_train -- Add to merge train (on approval)
Visualize the graph:
harness graph
harness graph --format mermaid
harness graph --format json
Error Handling
Role Not Found
ERROR: Role '$ARGUMENTS' not found in ansible/roles/
Usage: /box-up-role <role-name>
Reverse Dependency Blocking
ERROR: Cannot box up '$ARGUMENTS' yet.
The following roles depend on '$ARGUMENTS' and must be boxed up first.
Molecule Test Failure
ERROR: Molecule tests FAILED
Fix the failing tests before proceeding.
GitLab API Error
ERROR: GitLab API request failed.
Check: glab auth status, network connectivity, rate limits.
Workflow Resume Failure
Resume failed: <error>
Check harness status $ARGUMENTS and the execution state in the database.
Script-Based Fallback
When the harness CLI is not installed, use the legacy script-based workflow.
This requires the scripts in the scripts/ directory.
Analyze Dependencies
python scripts/analyze-role-deps.py $ARGUMENTS --json
Create Worktree
scripts/create-role-worktree.sh $ARGUMENTS
scripts/create-role-worktree.sh $ARGUMENTS --force
Run Tests
scripts/validate-role-tests.sh $ARGUMENTS
scripts/validate-role-tests.sh $ARGUMENTS --molecule-only
Create GitLab Issue and MR
scripts/create-gitlab-issues.sh $ARGUMENTS
scripts/create-gitlab-mr.sh $ARGUMENTS --issue <issue_iid>
Configuration
See .claude/skills/box-up-role/config.yml for:
- GitLab project settings
- Iteration cadence name
- Default assignee
- Label mappings
- Worktree base path
- Testing requirements
Templates for issues and MRs are in .claude/skills/box-up-role/templates/.
Related Skills
tinyland-inc/observability
development
VerifiedTrustedCommunity
Debug and monitor platform services, IIS, and application health
SKILL.mdUpdated Apr 20, 2026
tinyland-inc/hotl
tools
VerifiedTrustedCommunity
Human-on-the-loop autonomous batch processing for Ansible roles
SKILL.mdUpdated Apr 20, 2026
openclaw/taskflow
tools
VerifiedTrustedCommunity
Use when work should span one or more detached tasks but still behave like one job with a single owner context. TaskFlow is the durable flow substrate under authoring layers like Lobster, ACPX, plugins, or plain code. Keep conditional logic in the caller; use TaskFlow for flow identity, child-task linkage, waiting state, revision-checked mutations, and user-facing emergence.
357,764SKILL.mdUpdated Apr 10, 2026
openclaw/extensions/lobster
tools
VerifiedTrustedCommunity
# Lobster Lobster executes multi-step workflows with approval checkpoints. Use it when: - User wants a repeatable automation (triage, monitor, sync) - Actions need human approval before executing (send, post, delete) - Multiple tool calls should run as one deterministic operation ## When to use Lobster | User intent | Use Lobster? | | ------------------------------------------------------ | --------------------------
357,764SKILL.mdUpdated Apr 10, 2026