Skip to content

feat: revive gh-attach for GHE React UI with session reuse#13

Merged
atani merged 2 commits intomainfrom
feat/ghe-react-support
Apr 18, 2026
Merged

feat: revive gh-attach for GHE React UI with session reuse#13
atani merged 2 commits intomainfrom
feat/ghe-react-support

Conversation

@atani
Copy link
Copy Markdown
Owner

@atani atani commented Apr 18, 2026

Summary

Revives gh-attach (previously archived) to solve two recurring pain points:

  1. SSO/SAML re-auth every few minutes. session-stop tore down the
    browser between every invocation, so session-only cookies (e.g. OneLogin
    "remember this device") died on exit. Add --session <name> +
    --keep-session so a single persistent playwright-cli session can
    serve many uploads. One login in the morning, rest of the day is free.
  2. GHE React UI. Modern GHE replaces the classic file-attachment
    custom element with a React implementation. Direct mode does not work
    there because the custom element never appears. Fix Browser mode to
    work on GHE:
    • Read upload URL from textarea.value (not accessibility snapshot
      src attribute).
    • Re-fetch the drop-zone ref per image (refs are reissued on every
      snapshot).

Also adds --url-only: prints uploaded asset URLs to stdout and skips
comment creation/update so callers can post their own comment via
gh pr review --comment --body-file or similar.

Other fixes bundled in

  • playwright-cli sandbox: daemon allowed_roots follows the parent
    shell's cwd. cd into the first image's parent so uploads work from
    any caller cwd.
  • snapshot grep: case-insensitive [Snapshot] match.
  • upload failure detection: use exit code plus File access denied /
    ENOENT strings, not a loose grep error that false-positives on
    "Console: N errors".
  • grep -cgrep -o | wc -l: the textarea can hold multiple URLs on
    a single line.
  • --session forces --persistent on open so the named session's
    on-disk user-data-dir is not silently replaced by an in-memory one.

README rewritten to reflect the new capabilities and drop the archive
notice.

Bumps VERSION to 0.7.0.

Test plan

Tested against a GHE instance (git.pepabo.com, React UI, behind OneLogin
SAML) on a closed test issue.

  • Single image upload returns a user-attachments/assets/<uuid> URL
    to stdout and exits 0
  • Multiple images upload in order and return one URL per line
  • Consecutive invocations reuse the session without re-auth
  • gh attach --help lists --session, --keep-session, --url-only
  • bash -n bin/gh-attach passes syntax check
  • Existing Browser/Release/Direct modes without the new flags keep
    their current behaviour on github.com (not regression-tested end to
    end in this branch; smoke-tested via help output and script structure)

atani added 2 commits April 18, 2026 23:12
@atani
feat: add --session/--keep-session/--url-only, revive for GHE React UI
8ac6eae 
Solves two long-standing problems.

1. Everyone hits SAML re-auth several times a day when gh-attach drives
   the browser. session-stop tore down the browser between invocations,
   and session-only cookies died with it. Add --session NAME +
   --keep-session so a single persistent playwright-cli session can
   serve many uploads. One-time login, the rest of the day is free.
2. GitHub Enterprise renders issue/PR pages as a React app. The app
   does not expose the file-attachment custom element, so Direct mode
   never worked on GHE. Fix Browser mode to work on GHE. Read the
   upload URL from textarea.value, not the accessibility snapshot src
   attribute. Re-fetch the drop-zone ref per image because refs are
   reissued on every snapshot.

Also adds --url-only so callers that manage their own comment posting
can use gh-attach purely as an uploader. Example callers: a wrapper
that combines several uploads with 'gh pr review --comment'.

Other robustness fixes folded in.

- playwright-cli sandbox: daemon allowed_roots tracks the parent shell
  cwd, not the subshell cwd. cd into the first image directory at
  startup so uploads work from any caller cwd.
- snapshot grep: case-insensitive match for the [Snapshot] header.
- upload failure detection: use exit code plus specific error strings,
  not a loose grep that false-positives on 'Console: N errors'.
- grep -c vs grep -o: the textarea may contain multiple URLs on a
  single line, so line-count undercounts. Switch to grep -o | wc -l.
- --session requires --persistent on open to avoid silently dropping
  the on-disk user-data-dir.

Bumps VERSION to 0.7.0.
@atani
docs: replace archived notice with feature-complete README
feb614a 
- Drop the archive banner. gh-attach is back and actively solves two
  real problems (SSO re-auth, GHE React UI).
- Document --session / --keep-session / --url-only with an end-to-end
  SAML example.
- Call out that Direct mode does not work on GHE yet. Users must pass
  --browser on GHE.
- Explain the allowed-roots constraint and the cd-to-first-image
  behaviour so File access denied errors are self-serviceable.
@atani atani merged commit f7d42aa into main Apr 18, 2026
1 check passed
@atani atani deleted the feat/ghe-react-support branch April 18, 2026 14:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@atani