A Task that clones a git repository and can push branches or create pull requests. This is the most common pattern for code-modification tasks.
Run an AI agent against an existing repository — fixing bugs, adding features, writing tests, or creating PRs.
| File | Kind | Purpose |
|---|---|---|
github-token-secret.yaml |
Secret | GitHub token for cloning and PR creation |
credentials-secret.yaml |
Secret | Claude OAuth token for the agent |
workspace.yaml |
Workspace | Git repository to clone |
task.yaml |
Task | The prompt to execute |
-
Edit the secrets — replace placeholders in both
github-token-secret.yamlandcredentials-secret.yamlwith your real tokens. -
Edit
workspace.yaml— set your repository URL and branch. -
Apply the resources:
kubectl apply -f examples/02-task-with-workspace/- Watch the Task:
kubectl get tasks -w- Stream the agent logs:
kelos logs add-tests -fTip: You can also use
kubectl logs -l job-name=add-tests -ffor direct Kubernetes access.
- Cleanup:
kubectl delete -f examples/02-task-with-workspace/- The
GITHUB_TOKENis injected into the agent container, so theghCLI andgit pushwork out of the box. - The agent runs with full autonomy inside the Pod — it can create branches, push commits, and open PRs.
- GitHub App auth: Instead of a PAT, you can use a GitHub App secret
(with
appID,installationID, andprivateKeykeys). The controller automatically exchanges App credentials for a short-lived installation token. See the Workspace reference for details.