Push and Pull Requests
Tempest provides multiple workflows for pushing changes and opening pull requests, designed to handle both automatic and manual operations. This guide covers the complete push and PR flow from commit to GitHub.Push Workflows
Tempest implements three distinct push operations, each suited to different scenarios:1. Push with Auto-Commit (git_push_branch)
The most common workflow,git_push_branch automatically stages and commits any pending changes before pushing. If nothing is staged, it stages all unstaged changes (quick-push behavior). If files are already staged via the staging area, it commits only those staged files.
Commit Message Generation: If no explicit message is provided, Tempest generates a default message in the form:
- Determine current branch via
git symbolic-ref - Check for staged vs unstaged changes
- Auto-stage everything if nothing is staged; otherwise commit only staged files
- Create commit with message (or default message)
- Push to origin with
-uflag (creates upstream tracking) - Return remote URL and branch name to frontend
- No remote configured: “Failed to run git” or “No remote named ‘origin’”
- Authentication failure: SSH key missing, or HTTPS credentials invalid
- No commits in repo: Push will fail if HEAD doesn’t exist
- Merge conflicts: Not applicable here (local operation)
2. Push Current Branch (git_push_current_branch)
A lightweight push that assumes all commits are already staged and committed. It does not auto-commit; it only pushes the current branch to the remote. This is useful when a user wants explicit control over what gets committed before pushing. Flow:- Determine current branch
- Run
git push -u origin [branch] - Return remote URL and branch name
- Working tree has uncommitted changes: Push succeeds but user changes remain local
- Branch is behind remote: Typically fails with “rejected” error (non-fast-forward)
- No commits in repo: HEAD doesn’t exist, push fails
3. Create Branch and Push (git_create_push_branch)
Creates a new local branch, switches to it, and pushes it to the remote in a single operation. This workflow allows users to branch off the current commit and immediately make it available remotely. Flow:- Validate branch name (cannot be empty)
- Run
git checkout -b [branch-name]to create and switch - Run
git push -u origin [branch-name] - If push fails, switch back to previous branch to avoid leaving repo detached
- Return remote URL and new branch name
- Branch name already exists locally: Fails at checkout
- Remote branch exists: Fails at push with “already exists” message
- Push fails: Repository reverts to previous branch, no orphaned state
The PrDialog Component
The PR dialog is a modal UI for creating pull requests directly from Tempest. It works exclusively with GitHub (GitLab and Bitbucket links are opened in the browser without dialog support).Initialization and Remote Parsing
When the PR dialog opens, it parses the remote URL to extract the GitHub repository owner and name. Two URL formats are supported: SSH format:git@github.com:owner/repo.git or git@github.com:owner/repo
HTTPS format: https://github.com/owner/repo.git or https://github.com/owner/repo
If the remote is not a GitHub URL (e.g., GitLab, self-hosted), the dialog shows a button to open the remote URL in the browser, bypassing the PR creation flow.
GitHub Authentication
Tempest uses personal access tokens (PATs) for GitHub API access. The token is stored in browser localStorage under the keytempest-github-token.
On First Use:
- Dialog displays a password input for the GitHub token
- User enters token starting with
ghp_ - Clicking “Save” or pressing Enter stores the token locally
- Token is never sent to Tempest’s servers; all API calls go directly to GitHub
- Scope:
repo(full access to public and private repositories) - Token must have push access to the target repository
- Token is retained across app restarts
- Token is stored as plain text in localStorage (same as browser developer tools access)
- Token is only sent to GitHub API endpoints via HTTPS
- Users should revoke tokens from github.com/settings/tokens if compromised
- No token is ever logged or transmitted to Tempest services
PR Creation Fields
Once authenticated, the dialog presents: Title: Auto-populated from the current branch name using branch-to-title conversion. Rules:- Strips prefixes like
feature/,fix/,feat/,bugfix/,hotfix/(case-insensitive) - Replaces hyphens and underscores with spaces
- Capitalizes the first letter of each word
feature/add-dark-mode becomes Add Dark Mode
Description (optional): A text area for PR body. Supports markdown.
Base Branch: The target branch for the PR. Defaults to main. Can be changed to any branch (e.g., develop, staging).
All fields except title are optional. The PR creation button is disabled until a title is provided.
PR Creation API Call
On submit, Tempest makes a single HTTP POST to the GitHub REST API:https://github.com/owner/repo/pull/123). The dialog displays this URL and offers an “Open in browser” button to navigate directly.
Error Handling
Errors from the GitHub API are displayed in the dialog. Common scenarios:- Invalid token: API returns 401 Unauthorized; message is displayed, user can re-enter token
- Repository not found: 404 error; usually means the URL was parsed incorrectly
- Base branch doesn’t exist: API error mentioning the branch
- Head branch doesn’t exist remotely: API error; branch must be pushed first
- Insufficient permissions: 403 Forbidden; token scope or repo access issue
Auto-Commit Behavior on Push
Whengit_push_branch is called and changes are pending, Tempest performs the following:
Commit Message Construction
If a commit message is provided, it is used as-is. If not, Tempest generates:Staging Logic
- Check if anything is staged: Run
git diff --cached --quiet - If staged: Commit only the staged changes
- If nothing staged: Auto-stage all changes with
git add -A, then commit
- Agents that want atomic commits of specific file sets can use the staging area
- Agents that want all changes pushed together can rely on auto-staging
File Exclusion
Gitignored files (specified in.gitignore) are never committed, even with git add -A. This ensures dependencies, build artifacts, and sensitive files stay out of version control.
The Tempest-specific entries (.tempest/, .tempest-pid) are automatically added to .gitignore at initialization and are never committed.
Co-Author Attribution Hook
When a user enables attribution or when Tempest initializes a workspace, it installs a git hook to add co-author metadata to commit messages.Hook Installation
Thewrite_coauthor_hook command writes a prepare-commit-msg hook at .git/hooks/prepare-commit-msg. This hook:
- Reads the commit message file (passed as
$1by git) - Checks if the co-author line (
Co-authored-by: [email]) already exists - If not present, appends it to the message
- Is idempotent: running twice has no additional effect
# Tempest-attribution-begin and # Tempest-attribution-end markers so it can be safely removed or replaced without affecting other hooks in the same file.
Removing Attribution
Theremove_coauthor_hook command strips the Tempest co-author block from the hook. If nothing remains in the hook file after removal, the file is deleted entirely.
How It Works
Every commit made in the repository (whether viagit commit directly or via Tempest’s push operations) will have the co-author trailer appended. This makes it easy to identify and query commits made by agents versus humans:
Error Handling and Recovery
Push Failures
No Remote Configured: Tempest returns “No remote named ‘origin’” ifgit_add_remote was never called. The user must add the remote via the project setup flow.
Authentication Issues:
- SSH key missing or not loaded:
ssh: Permission deniederror - HTTPS credentials invalid:
fatal: Authentication failed - Resolution: Ensure git is configured correctly at OS level; Tempest does not manage credentials
PR Dialog Failures
GitHub Token Issues:- Token expired or revoked: API returns 401 Unauthorized
- Token lacks
reposcope: API returns 403 Forbidden - Resolution: Generate a new token at github.com/settings/tokens and re-enter it
git remote -v.
Head Branch Not Pushed: The current branch exists locally but hasn’t been pushed to remote yet. Push the branch first via the push UI, then retry PR creation.
Workflow Examples
Agent Completing Work
- Agent finishes coding and calls the push Tauri command
- Tempest stages all changes and creates a commit with auto-generated message
- Tempest pushes to a new remote branch (or current branch)
- PR dialog is optionally opened for manual PR creation
- User fills title/description and clicks “Create PR”
- PR is created on GitHub and link is displayed
User Manual Workflow
- User stages specific files in the Diff pane
- User enters commit title and description
- User clicks “Commit” to create the commit
- User clicks “Push” (without auto-commit) to push the branch
- User optionally opens the PR dialog to create a pull request on GitHub
Fixing a Bad Push
If a push succeeds but the commit message is wrong, git history cannot be rewritten on a shared remote. The user should:- Create a new commit with the correct message
- Push again
- Squash or rebase locally before pushing, if history preservation is critical (consult git documentation)