docs(api): OpenAPI spec + README/CHANGELOG for org-governance (#727, #738) #739

Open
jmiller wants to merge 2 commits from feat/org-governance-openapi into dev
Owner

Completes the documentation/OpenAPI surface for the org-governance series (#728–#732) so the stable main release (#733) ships a fully-described API. Resolves scope A of #738 (the item that gated the merge to main).

OpenAPI / swagger (the gating work)

The five org-governance API groups were functional but undocumented — the four later handlers had zero swagger annotations and no swagger:response models were registered (even the existing branch_protection.go $ref'd responses that were never defined). Now:

  • 7 swagger:response models registered in routers/api/v1/swagger/org.go: OrgBranchProtection/OrgBranchProtectionList, OrgTagProtection/OrgTagProtectionList, and singletons OrgPushPolicy, OrgRepoDefaults, OrgEmailDomainPolicy.
  • 14 operations annotated across tag_protection.go (5), push_policy.go (3), repo_defaults.go (3), email_domain.go (3) — styled exactly like the existing branch_protection.go, unique operationIds, org path param, body $refs to the correct DTOs, #/responses/empty for 204, notFound/validationError. No handler logic changed (annotations only).
  • Spec regenerated: both templates/swagger/v1_json.tmpl and v1_openapi3_json.tmpl.

Pre-existing spec blockers fixed as a prerequisite

The committed spec was stale and could not be regenerated at all. To produce a valid spec (no logic changes):

  • manifest.go: removed a stray comment glued to the repoUpdateManifest swagger block (broke YAML parsing), added missing owner/repo path params, registered a Manifest response, gofmt whitespace.
  • options.go: registered the org option DTOs + pre-existing unregistered defs (EditAccessTokenOption, IssueBulk*Option, Issue{Priority,Status,Type}Def) so there are no dangling $refs.

Docs

  • README: added an Org Governance key-feature entry + broadened the tagline.
  • CHANGELOG [Unreleased]: recorded the recent build/CI fixes (#734, #735, #736, #737). (The org-governance features were already listed.)

Verification (local, Go 1.26.3)

  • go build ./...clean (only tests/integration, which is pre-existing-broken, excluded)
  • gofmt -l on all edited .go files → clean
  • swagger validate → valid against Swagger 2.0 (benign unused-response warnings only)
  • Dangling-ref scan → 0 missing definitions/responses
  • Confirmed all 4 new endpoint groups + all 14 operationIds present in v1_json.tmpl

Related: #738 (tracker; B = MCP tools and C = repo-facing views remain), #727, #733.

https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT

Completes the documentation/OpenAPI surface for the org-governance series (#728–#732) so the stable `main` release (#733) ships a fully-described API. Resolves scope **A** of #738 (the item that gated the merge to main). ## OpenAPI / swagger (the gating work) The five org-governance API groups were functional but **undocumented** — the four later handlers had zero swagger annotations and no `swagger:response` models were registered (even the existing `branch_protection.go` `$ref`'d responses that were never defined). Now: - **7 `swagger:response` models** registered in `routers/api/v1/swagger/org.go`: `OrgBranchProtection`/`OrgBranchProtectionList`, `OrgTagProtection`/`OrgTagProtectionList`, and singletons `OrgPushPolicy`, `OrgRepoDefaults`, `OrgEmailDomainPolicy`. - **14 operations annotated** across `tag_protection.go` (5), `push_policy.go` (3), `repo_defaults.go` (3), `email_domain.go` (3) — styled exactly like the existing `branch_protection.go`, unique operationIds, `org` path param, body `$ref`s to the correct DTOs, `#/responses/empty` for 204, `notFound`/`validationError`. **No handler logic changed** (annotations only). - **Spec regenerated**: both `templates/swagger/v1_json.tmpl` and `v1_openapi3_json.tmpl`. ### Pre-existing spec blockers fixed as a prerequisite The committed spec was stale and could not be regenerated at all. To produce a *valid* spec (no logic changes): - `manifest.go`: removed a stray comment glued to the `repoUpdateManifest` swagger block (broke YAML parsing), added missing `owner`/`repo` path params, registered a `Manifest` response, gofmt whitespace. - `options.go`: registered the org option DTOs + pre-existing unregistered defs (`EditAccessTokenOption`, `IssueBulk*Option`, `Issue{Priority,Status,Type}Def`) so there are no dangling `$ref`s. ## Docs - **README**: added an **Org Governance** key-feature entry + broadened the tagline. - **CHANGELOG** `[Unreleased]`: recorded the recent build/CI fixes (#734, #735, #736, #737). (The org-governance features were already listed.) ## Verification (local, Go 1.26.3) - `go build ./...` → **clean** (only `tests/integration`, which is pre-existing-broken, excluded) - `gofmt -l` on all edited `.go` files → clean - `swagger validate` → valid against Swagger 2.0 (benign unused-response warnings only) - Dangling-ref scan → 0 missing definitions/responses - Confirmed all 4 new endpoint groups + all 14 operationIds present in `v1_json.tmpl` Related: #738 (tracker; B = MCP tools and C = repo-facing views remain), #727, #733. https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
jmiller added 2 commits 2026-07-05 07:01:32 +00:00
Add an Org Governance entry to the README key-features list (org-wide
branch/tag protection, push policy, repo defaults, email-domain
allowlist) and record the recent build/CI fixes (#734, #735, #736,
#737) under CHANGELOG [Unreleased].

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
docs(api): swagger annotations + response models for org-governance endpoints (#727, #738)
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Successful in 11s
Generic: Project CI / Lint & Validate (pull_request) Successful in 41s
Universal: PR Check / Secret Scan (pull_request) Successful in 59s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
93365cdd95
Annotate the four previously undocumented org-governance API handlers
(tag_protection, push_policy, repo_defaults, email_domain) with
swagger:operation blocks, and register the swagger:response models the
branch_protection operations already referenced. Register the org
option DTOs in the parameterBodies hack so their definitions are
emitted.

Also fix pre-existing spec-generation blockers surfaced once the spec
became regenerable: a stray comment glued to the repoUpdateManifest
swagger block (broke YAML parsing), missing owner/repo path params on
the manifest operations, a Manifest response registration, and missing
definitions for EditAccessTokenOption, the IssueBulk* options, and the
Issue{Priority,Status,Type}Def types. Regenerated v1_json.tmpl and
v1_openapi3_json.tmpl; spec now validates cleanly against Swagger 2.0.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
Some required checks failed
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Successful in 11s
Generic: Project CI / Lint & Validate (pull_request) Successful in 41s
Universal: PR Check / Secret Scan (pull_request) Successful in 59s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
You are not authorized to merge this pull request.
This pull request can be merged automatically.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin feat/org-governance-openapi:feat/org-governance-openapi
git checkout feat/org-governance-openapi
Sign in to join this conversation.