Move the concrete Parser implementation from pkg/runner to
pkg/runner/function, keeping only the StepParser interface in
pkg/runner. Update pkg/di/container.go to use function.NewParser.

Move ExecutableStep and its tests from pkg/runner to
pkg/runner/function. Update the function.Parser to use the
local constructor.

Move StepFunction and its tests from pkg/runner to
pkg/runner/function. Update the function.Parser to use the
local constructor.

Move LazilyLoadedStep and its tests from pkg/runner to
pkg/runner/function. Add GlobalCtx() accessor to StepsContext
so the sub-package can access it. Update the function.Parser
to use the local constructor.

Move SequenceOfSteps and its tests from pkg/runner to
pkg/runner/function. The function.Parser now constructs all
four step types locally, removing the last runner.New* calls.

Refactor: Move step implementations to pkg/runner/function

See merge request !433

Use OCI version of upload_package_to_registry Function

See merge request !434

There's no functional change in .16 over .14. The only change is the
release process and artifacts.

There's no functional change in .7 over .6. The only change is the
release process and artifacts.

Same functionality, just the OCI version of this step.

Add AGENTS.md and testing style guide

See merge request !432

Use OCI version of `create_gitlab_release` Function

See merge request !436

Catch panics in StepFunction.Run and return them as errors

See merge request !438

Specifically to suggest a changelog entry if necessary.

Add DUO review instructions

See merge request !448

Add Go support to Duo Agent Flow

See merge request !447

Rename steps to functions

See merge request !437

The apt-get option requires double dashes (--no-install-recommends)
instead of a single dash (-no-install-recommends).

Previously, the schema package used a two-phase approach: the top-level
Step was decoded with a YAML unmarshaler, which then re-encoded child
values to JSON and decoded them again to invoke UnmarshalJSON on types
like Reference, GitReference, OCIReference, and OutputType. This made
YAML the entry point but JSON the internal wire format.

Since YAML is a superset of JSON and ReadSteps is the only entry point,
the JSON roundtrip and all UnmarshalJSON implementations are replaced
with a direct YAML marshal/unmarshal. Struct tags are simplified to
yaml-only, and the json/mapstructure tags and imports are dropped.

Validation that was scattered across UnmarshalJSON and UnmarshalYAML
methods is consolidated into Step.validate() and Spec.validate(), called
from ReadSteps after decoding. This separates the concerns of decoding
and validation, and adds identifier pattern validation (matching the JSON
schema) for step names, env keys, and input/output names. The
valueCompiler struct is also simplified to a plain compileValue function.

Tests are updated to match: git_reference_test.go and oci_reference_test.go
are folded into reference_test.go alongside a consolidated
TestReferenceValidation table; the check helper drops its generic
marshal/unmarshal parameters in favour of YAML directly; and a duplicate
test case in step_json_test.go is removed.

Previously, ReadSteps called both JSON schema validation and the Go-level
validate() methods (spec.validate, step.validate) before returning. This
meant validation was split: JSON schema ran on untyped data at parse time,
while validate() also ran at parse time as a secondary pass.

This commit moves the Go-level validate() calls into Spec.Compile() and
Step.Compile(), giving each layer a clear and distinct purpose:

- JSON schema validation (in ReadSteps) checks the raw shape of the input
  early, with user-facing error messages anchored to the YAML structure.
- Go validate() (in Compile) catches invariants that require typed Go
  values, such as empty-string required fields that pass JSON schema but
  are semantically invalid (e.g. git.url: "").

As a result, Compile() is now self-contained: callers that build schema
structs directly without going through ReadSteps (such as cmd/run and
cmd/ci) also get validation. Both commands were generating sub-steps
without a name field, which was previously undetected; cmd/run now emits
a default name and the ci_test fixture is corrected.

TestCompileValidation is added to cover both layers: a direct struct test
for Spec.Compile() (bypassing ReadSteps entirely) and a ReadSteps+Compile
path for the step.validate() case.

Update dependency golangci/golangci-lint to v2.11.4

See merge request !456

Update gitlab.com/gitlab-org/moa digest to 8234fc2

See merge request !455

Simplify schema/v1 to YAML-only unmarshaling with consolidated validation

See merge request !449

Fix Duo agent configuration typo

See merge request !452

Update gitlab.com/gitlab-org/moa digest to 1ca892a

See merge request !458

Replace mockery mocks with AI-written fakes

See merge request !459

Pilots failover

See merge request !461

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Recover panics in unary and stream gRPC handlers, returning
codes.Internal with the stack trace via a PanicError type.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Support inputs with arrays containing objects

See merge request !462

Recover panics in gRPC handlers

See merge request !457

Configures GitLab Duo to check whether code changes in MRs have
corresponding updates to docs/spec/, prompting reviewers to request
spec updates when behavior changes.

Address valid and partially valid suggestions from GitLab Duo review:
- cli/ci: correct misleading parenthetical about CI variable layering
- cli/ci: clarify that STEPS contains only the run: portion
- func_ref/oci: add example of ambiguous short reference fallthrough
- reporting: cross-reference job-lifecycle as source of cancelled status
- builtins/script: document user-visible error when no shell is found

This type extends exec.Cmd and implements graceful process exit. It
first sends sigterm/signint to the process, waits for it to exit, and
kills it if it does not exit in time.

Unsurprisingly, the implementation is very OS dependant.

Exec uses gracefulexitcmd.Cmd to terminate the sub-process running the
Function gracefully. The graceful wait timeout is hard-coded to 30
seconds for now, but eventually that value will come from the client
either in the `RunRequest` or `CancelRequest`.

Note that exec.Cmd.Run() can return errors other than
context.DeadlineExceeded or context.Cancelled when its context is
cancelled or expires, so we have to explicitly check if the context was
cancelled and set the error accordingly.

That job was failing in a very weird way, and i only in this pipeline:

    .local/bin/gocover-cobertura < out/coverage/coverage.windows.out > out/cobertura/coverage.windows.xml
    code coverage conversion failed: open : no such file or directory

It turns out the file(s) cobertura could not find are any/all windows
specific files, which this MR introduces!

The fix is to tell covertura we're dealing with windows by setting GOOS.

Implement Graceful Process Termination for Exec Function

See merge request !463

Update docker Docker tag to v29.3.1

See merge request !467

Lest make sure we're looking in the right place before embarking on a fix.

Prevent Scanner buffer overruns by using a bufio.Reader instead.
`bufio.Reader.ReadBytes()` does the necessary buffering internally so we
can't run into the original issue.

Note that we made a minor change in the read loop. Scanner.Bytes would
strip the trailing newline, which we re-added by explicitly writing a
newline character to the writer. Now, instead, we keep the trailing
newline returned by the reader, and no longer explicitly write the
newline to the writer. This changes the possible error cases slightly
since previously it was possible for the first write to fail, and the
data written would not include the trailing newline. There are a few
tests that either assume this or explicitly test for it, and we have to
update those.

Upgrade all Go dependencies to latest versions across root and
pkg/testutil/oci modules. docker/cli remains pinned at v28.x per
the gitlab-runner compatibility comment.

Claude Code command that automates the Go dependency update
workflow: upgrades all modules, respects pinned versions, and
verifies compatibility with gitlab-runner in Docker.

Specify the step-runner

See merge request !464

Relax t.Run requirement to only apply when multiple scenarios exist,
and simplify context guidance to prefer t.Context() over bldr helpers.

Update sr-create-review-report to fetch origin/main before diffing,
integrate go-lint findings, and use git branch --show-current. Expand
the quality rubric with modern Go features, cross-platform test
guidance, CI run: preference, and sharpen wording for several lenses.

chore: Update Go dependencies to latest versions

See merge request !473

Properly handle really long lines from subprocess

See merge request !471

Add GetJobVars() method so builtins can access job variables
(needed by gitlab-runner's script_legacy and concrete builtins
which previously used View().Vars). Fix struct field alignment
flagged by gofmt.

gitlab-runner uses encoding/json to serialize Step structs for the
STEPS variable and to deserialize them in tests. The json tags were
removed in 11e82e7a but are still needed by consumers.

Add code review skills and update testing style guide

See merge request !468

Add GITLAB_RUNNER_BRANCH variable (defaults to main) so cross-repo
MRs can test against a gitlab-runner feature branch.

Switch sr-submit-review-report from individual comments to draft notes
with bulk publish for cohesive reviews. Add severity/lens prefix to
comments, stale draft cleanup, and em dash style rule. Add orphan job
check to CI/CD quality lens.

Improve review commands and quality rubric

See merge request !479

Builtin functions should not have access to StepsContext

See merge request !475

Fix cloning steps when branch ref contains a forward slash

See merge request !481

Consolidate v0.34.0 changelog entry into v0.33.0

See merge request !485

This is mostly just builtin setup boilerplate. The actual implementation
is one line that calls the docker-auth step library .

Authored by DUO/Claude.

Add docker/auth builtin

See merge request !484

Split into 9 phases with independent verify and commit steps for Go
dependencies and Makefile tool versions. Retain the Docker-based runner
integration test in Go dependency verification (Phase 3b).

Upgrade direct and indirect dependencies to latest versions.
docker/cli kept pinned at v28.x for gitlab-runner compatibility.

- protoc: 33.5 → 34.1
- goimports (x/tools): v0.40.0 → v0.44.0
- gocover-cobertura: v1.2.0 → v1.4.0

make clean only removes out/bin and report.xml — it doesn't touch
.local/bin where tool binaries (protoc, goimports, etc.) are cached.
Add a dedicated clean-tools target and use it in the dep update command.

Add explicit module path argument to the command example.

Improve review commands workflow

See merge request !487

Restructure sr-go-update-deps into separate Go and Makefile phases

See merge request !486