[Feature] add --template-id and --callback-url command line arguments for pipeline integration

[lanmaoxinqing]

This PR introduces two new command-line arguments to support future workflow integration and asynchronous notification:

✅ New Flags

• --template-id: Specifies the default template ID used for triggering pipelines or environment initialization.
• --callback-url: Configures a webhook URL to receive asynchronous notifications upon operation completion.

🛠 Implementation

• Both parameters are optional and default to empty values, ensuring no impact on current behavior.
• Fully visible in --help output, improving CLI usability.

📦 Usage Example

./envhub \
  --port=8080 \
  --template-id=xxx \
  --callback-url=https://envhub.example.com/env/test/0.0.1/aci_trigger

🔌 Future Use Cases

• templateId can be used as the default template for environment creation.
• implements CITrigger interface for customize ci pipelines
• callbackURL enables external system integration by triggering callbacks when environment setup or teardown completes.

✅ Compatibility

• Fully backward compatible — no breaking changes.
• All new flags are optional, allowing smooth upgrades.

---

This change lays the foundation for future automation workflows and event-driven notification mechanisms.

[gemini-code-assist]

Summary of Changes

Hello @lanmaoxinqing, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the envhub application by introducing new command-line arguments, --template-id and --callback-url, to support future automation workflows and event-driven notification mechanisms. It refactors the internal CI triggering logic to use a new CITrigger interface, making the system more modular and extensible for integrating with various CI pipelines and external services. These changes are fully backward compatible, ensuring a smooth upgrade path.

Highlights

• New Command-Line Arguments: Introduced --template-id and --callback-url command-line arguments to envhub for enhanced pipeline integration and asynchronous notifications. These arguments are optional and default to empty values, ensuring backward compatibility.
• Pipeline Integration with --template-id: The --template-id argument allows specifying a default template ID for triggering pipelines or initializing environments, laying the groundwork for automated environment creation workflows.
• Asynchronous Notifications with --callback-url: The --callback-url argument enables configuring a webhook URL to receive asynchronous notifications upon operation completion, facilitating integration with external systems for event-driven workflows.
• Refactored CI Trigger Mechanism: A new CITrigger interface has been introduced in envhub/service/ci_trigger.go, abstracting the CI pipeline triggering logic. The EnvController now depends on this interface, allowing for more flexible and testable CI integrations.
• Updated ACI Hack Client: The ACIHackClient and its trigger function have been updated to accept templateId and callbackURL, passing these new parameters to the underlying aci_hack command.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces --template-id and --callback-url flags to support CI/CD integration. The implementation correctly uses a CITrigger interface to decouple the controller from the trigger logic, which is a great design choice.

I've found a couple of issues:

1. A bug in main.go causes the CI trigger to always be active, regardless of whether the new flags are provided.
2. A potential command argument injection vulnerability exists where user-provided data is passed to an external command.

I've provided detailed comments and suggestions to address these points. Otherwise, the changes look good and align with the PR's goal.

[gemini-code-assist]

Potential command argument injection vulnerability. The name and version parameters, which can originate from user-controlled input (e.g., URL path parameters), are passed directly as arguments to an external command. A malicious user could provide values that are interpreted as flags by the aci_hack command (e.g., --help, or other flags that alter its behavior).

While exec.Command prevents shell injection, it does not protect against argument injection. It is highly recommended to validate and sanitize name and version upstream to ensure they do not contain characters that could be misinterpreted by the aci_hack executable. For example, you could enforce that they only contain alphanumeric characters, dashes, and dots.

[gemini-code-assist]

There are two issues with the current ciTrigger initialization logic:

1. Bug: ciTrigger is declared as a struct type (clients.ACITrigger). A struct value is never nil, even if it's a zero-value. When passed to NewEnvController, it's wrapped in a service.CITrigger interface, which will also not be nil. Consequently, the if ctrl.ciTrigger != nil check in EnvController will always pass, and the trigger will be executed even when --template-id and --callback-url are not provided. To fix this, ciTrigger should be declared as an interface type (service.CITrigger).

2. Restrictive Condition: The && condition requires both --template-id and --callback-url to be present. It would be more flexible to use || to enable the trigger if at least one of them is provided, as they might have independent uses.

Here is a suggested fix that addresses both points.

Suggested change

	var ciTrigger clients.ACITrigger
	if templateId != "" && callbackURL != "" {
	ciTrigger = clients.ACITrigger{
	TemplateId: templateId,
	CallbackURL: callbackURL,
	}
	}
	var ciTrigger service.CITrigger
	if templateId != "" || callbackURL != "" {
	ciTrigger = clients.ACITrigger{
	TemplateId: templateId,
	CallbackURL: callbackURL,
	}
	}

[JacksonMei]

lgtm

[JacksonMei]

lgtm