Skip to content

feat(profiles): add 7 role-based presets#63

Merged
polaz merged 3 commits intomainfrom
feat/55-role-based-presets
Jan 20, 2026
Merged

feat(profiles): add 7 role-based presets#63
polaz merged 3 commits intomainfrom
feat/55-role-based-presets

Conversation

@polaz
Copy link
Copy Markdown
Member

@polaz polaz commented Jan 20, 2026

Summary

Add 7 built-in role-based presets for different user personas:

Preset Focus Key Restrictions
junior-dev Code, MRs, issues No pipelines, variables, webhooks
senior-dev + Review, pipelines No pipeline control, no webhooks
devops CI/CD, infrastructure No MRs, issues, wiki
team-lead Planning, oversight No variables, webhooks
pm Planning, docs No code ops
ci Automation Only pipelines, files, variables
gitlab-com Public GitLab Rate-limit friendly

Each preset is optimized for its role to minimize LLM context usage while providing sufficient tools.

Changes

  • Add 7 new preset YAML files in src/profiles/builtin/
  • Add comprehensive test suite for all built-in presets (67 tests)
  • Tests validate schema conformance, security (no host/auth), and role-specific restrictions

Test plan

  • All presets conform to PresetSchema
  • No preset contains host/auth (security requirement)
  • All denied_tools_regex patterns compile
  • All denied_actions follow tool:action format
  • Role-specific feature flags validated

Closes #55

@polaz
feat(profiles): add 7 role-based presets
a598c12 
Add built-in presets for different user personas:
- junior-dev: code, MRs, basic issue tracking
- senior-dev: + code review, pipeline monitoring
- devops: CI/CD, pipelines, variables, infrastructure
- team-lead: planning, milestones, oversight
- pm: planning, tracking, documentation (no code ops)
- ci: minimal tools for automation
- gitlab-com: rate-limit friendly for gitlab.com

Each preset is optimized for its role to minimize LLM context
usage while providing sufficient tools.

Closes #55
Copilot AI review requested due to automatic review settings January 20, 2026 15:47
@github-actions
Copy link
Copy Markdown

github-actions bot commented Jan 20, 2026
edited
Loading

📊 Test Coverage Report

Overall Coverage: 87.67%

Coverage Details

Metric Percentage
Statements 87.67%
Branches 80.55%
Functions 73.2%
Lines 88.18%

Coverage Report: View detailed coverage report

This report was generated automatically from your PR changes.

@codecov
Copy link
Copy Markdown

codecov bot commented Jan 20, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

Copilot AI reviewed Jan 20, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds 7 new role-based presets to provide optimized tool access patterns for different user personas (junior-dev, senior-dev, devops, team-lead, pm, ci, gitlab-com). The presets use feature flags and action restrictions to minimize LLM context usage while providing appropriate tools for each role.

Changes:

  • Add 7 new preset YAML files with role-specific tool restrictions and feature flags
  • Add comprehensive test suite with 67 tests validating schema conformance, security requirements, and role-specific configurations

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
tests/unit/profiles/builtin-presets.test.ts Comprehensive test suite validating all builtin presets for schema conformance, security (no host/auth), regex validity, and role-specific feature restrictions
src/profiles/builtin/team-lead.yaml Team lead preset with planning/oversight focus, blocks sensitive variables and webhooks
src/profiles/builtin/senior-dev.yaml Senior developer preset with code review and pipeline monitoring, blocks pipeline control
src/profiles/builtin/pm.yaml Project manager preset focused on planning/tracking, blocks code operations
src/profiles/builtin/junior-dev.yaml Junior developer preset for core development tasks, blocks pipelines and admin features
src/profiles/builtin/gitlab-com.yaml Rate-limit friendly preset optimized for gitlab.com public instance
src/profiles/builtin/devops.yaml DevOps engineer preset focused on CI/CD and infrastructure, blocks development workflow tools
src/profiles/builtin/ci.yaml CI/CD bot preset with minimal automation tools, blocks workflow operations

@polaz
fix(profiles): correct regex anchor precedence in preset patterns
c1f476a 
Fix denied_tools_regex patterns to properly anchor at start:
- Use ^manage_(a|b|c) instead of ^manage_a|^manage_b|^manage_c
- The latter incorrectly matches 'manage_b' anywhere in the string

Also simplify junior-dev description to match preset name.
@polaz polaz requested a review from Copilot January 20, 2026 15:53
Copilot AI reviewed Jan 20, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 8 out of 8 changed files in this pull request and generated no new comments.

@polaz polaz merged commit 5f05913 into main Jan 20, 2026
11 checks passed
@polaz polaz deleted the feat/55-role-based-presets branch January 20, 2026 15:57
sw-release-bot bot pushed a commit that referenced this pull request Jan 20, 2026
@semantic-release-bot
chore(release): 6.14.0 [skip ci]
1c2a34b 
## [6.14.0](v6.13.0...v6.14.0) (2026-01-20)

### Features

* **profiles:** add 7 role-based presets ([#63](#63)) ([5f05913](5f05913)), closes [#55](#55)
@sw-release-bot sw-release-bot bot mentioned this pull request Mar 29, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

feat: Built-in role-based profiles (junior-dev, senior-dev, devops, team-lead, pm, admin, ci, readonly)

2 participants

@polaz