From a0552ff51ea97852bd1f2aaef63abc2806319a5a Mon Sep 17 00:00:00 2001
From: MrSphay <lefiwilkens@gmail.com>
Date: Sun, 3 May 2026 02:10:10 +0200
Subject: [PATCH] Require Gitea workflow status loop

---
 README.md           | 4 ++++
 agent-quickstart.md | 4 ++++
 existing-project.md | 1 +
 files/AGENTS.md     | 1 +
 new-repository.md   | 1 +
 5 files changed, 11 insertions(+)

diff --git a/README.md b/README.md
index 8c761c2..767a4a3 100644
--- a/README.md
+++ b/README.md
@@ -91,6 +91,10 @@ Authorization: token GITEA_TOKEN
 
 `REGISTRY_TOKEN` is still the intended secret name for CI package publishing inside `.gitea/workflows/build.yml`.
 
+## Gitea Workflow Loop
+
+After pushing commits that add or change a Gitea workflow, Codex agents must check the resulting workflow run before finishing. If the run is still pending or in progress, report that status and keep checking when the user expects the agent loop to continue. If the run fails, inspect the failing job/logs, fix the issue when it is in scope, commit, push, and check the next run.
+
 ## Agent Prompt For A New Repo
 
 ```text
diff --git a/agent-quickstart.md b/agent-quickstart.md
index 95c4511..9c4de35 100644
--- a/agent-quickstart.md
+++ b/agent-quickstart.md
@@ -53,6 +53,10 @@ Are commands unknown?
 Is this a private Gitea repo with Actions?
   yes -> if GITEA_TOKEN is set locally, use it for read-only API checks of repository and workflow-run status
   no  -> use public web/API checks when available
+
+Did you push a commit that should trigger a workflow?
+  yes -> check the workflow run; if it fails, inspect logs, fix in scope, push again, and re-check
+  no  -> finish with local verification status
 ```
 
 ## Minimal File Set
diff --git a/existing-project.md b/existing-project.md
index 536b3b3..3116645 100644
--- a/existing-project.md
+++ b/existing-project.md
@@ -146,6 +146,7 @@ Before final response:
 - run `git diff --check`,
 - run the smallest reliable verification command,
 - if using Gitea Actions, check the pushed workflow run; for private `git.wilkensxl.de` repositories, use a locally set `GITEA_TOKEN` for read-only API status checks when available,
+- if the pushed workflow fails, inspect the failing job/logs, fix in scope, push again, and re-check the next run,
 - list files changed,
 - mention any skipped checks,
 - do not create a release unless explicitly requested.
diff --git a/files/AGENTS.md b/files/AGENTS.md
index 86a88de..55dca53 100644
--- a/files/AGENTS.md
+++ b/files/AGENTS.md
@@ -12,6 +12,7 @@ PROJECT_NAME: PROJECT_DESCRIPTION
 - Do not rewrite history or run destructive git commands unless explicitly requested.
 - Do not create a release unless explicitly requested.
 - If `GITEA_TOKEN` is available locally, use it only for read-only Gitea API checks such as private repository metadata, package-read visibility, and Actions run status. Never print, commit, or store the token.
+- After pushing commits that trigger a Gitea workflow, check the workflow run before finishing. If it fails, inspect the failing job/logs, fix the issue when in scope, push again, and continue the check loop.
 
 ## Commands
 
diff --git a/new-repository.md b/new-repository.md
index 246e024..9430ba7 100644
--- a/new-repository.md
+++ b/new-repository.md
@@ -155,6 +155,7 @@ Before final response:
 - run the cheapest reliable verification command,
 - check `git diff --check`,
 - if using Gitea Actions, check the pushed workflow run; for private `git.wilkensxl.de` repositories, use a locally set `GITEA_TOKEN` for read-only API status checks when available,
+- if the pushed workflow fails, inspect the failing job/logs, fix in scope, push again, and re-check the next run,
 - summarize changed files,
 - do not create a release unless explicitly requested.