aws
diff --git a/‎tools/version-tracker/README.md‎
Lines changed: 90 additions & 0 deletions b/‎tools/version-tracker/README.md‎
Lines changed: 90 additions & 0 deletions
diff --git a/‎tools/version-tracker/cmd/fixpatches.go‎
Lines changed: 46 additions & 0 deletions b/‎tools/version-tracker/cmd/fixpatches.go‎
Lines changed: 46 additions & 0 deletions
diff --git a/‎tools/version-tracker/go.mod‎
Lines changed: 39 additions & 2 deletions b/‎tools/version-tracker/go.mod‎
Lines changed: 39 additions & 2 deletions
@@ -204,6 +204,8 @@ vmware                govmomi
 
 The `upgrade` subcommand is used to upgrade the Git revision of a particular project. This command takes in a project name as input and updates the various version files pertaining to the project, such as Git tag, Go version, checksums, etc. Then it creates a PR with these changes from a fork of the build-tooling repository. The PR can then be reviewed and merged by a repository maintainer.
 
+When patches fail to apply during an upgrade, the command can optionally publish an event to AWS EventBridge (if `ENABLE_AUTO_PATCH_FIX=true`) for downstream automation.
+
 #### Usage
 
 ```
@@ -234,4 +236,92 @@ Updating Git tag and Go version in upstream projects tracker file
 Updating project checksums and attribution files
 Updating project readme
 Creating pull request with updated files
+```
+
+### The `fix-patches` subcommand
+
+The `fix-patches` subcommand is used to automatically fix patches that fail to apply during version upgrades. This command uses AI (AWS Bedrock with Claude) to analyze patch failures, understand the context, and generate corrected patches.
+
+#### How it works
+
+1. **Analyzes patch failures** - Extracts information about which patches failed and why
+2. **Gathers context** - Fetches relevant code from GitHub (PR diff, failed files, patch content)
+3. **Generates fixes** - Uses Claude AI to understand the changes and create corrected patches
+4. **Validates fixes** - Applies patches and runs builds to ensure they work
+5. **Updates metadata** - Regenerates checksums and attribution files
+6. **Pushes changes** - Commits and pushes fixed patches back to the PR
+
+#### Usage
+
+```
+$ version-tracker fix-patches --help
+Automatically fix patches that fail to apply during version upgrades
+
+Usage:
+  version-tracker fix-patches --project <project name> --pr <pr number> [flags]
+
+Flags:
+  -h, --help                help for fix-patches
+      --max-attempts int    Maximum number of fix attempts per patch (default 3)
+      --pr int              PR number where patches failed
+      --project string      Project name (e.g., kubernetes-sigs/image-builder)
+
+Global Flags:
+  -v, --verbosity int   Set the logging verbosity level
+```
+
+#### Required Environment Variables
+
+```bash
+# GitHub access
+export GITHUB_TOKEN=<your-github-token>
+
+# AWS Bedrock for AI-powered patch fixing
+export AWS_BEDROCK_REGION=us-west-2
+export BEDROCK_MODEL_ID=anthropic.claude-3-5-sonnet-20241022-v2:0
+```
+
+#### Sample output
+
+```
+$ version-tracker fix-patches --project kubernetes-sigs/image-builder --pr 5005
+Starting patch fixing workflow  {"project": "kubernetes-sigs/image-builder", "pr": 5005}
+Analyzing patch failures...
+Found 1 failed patch: 0001-EKS-A-AMI-changes.patch
+Extracting context from GitHub PR #5005...
+Fetching PR diff (2847 lines)...
+Fetching failed files content...
+Building prompt for LLM (estimated 45000 tokens)...
+Calling Claude to generate patch fix...
+Received fix from LLM (3421 tokens)
+Applying fixed patch...
+Patch applied successfully!
+Running build validation...
+Build succeeded!
+Updating checksums...
+Updating attribution files...
+Committing changes...
+Pushing to PR branch...
+Successfully fixed patches for kubernetes-sigs/image-builder PR #5005
+```
+
+#### Special Cases
+
+Some projects require special handling:
+
+- **kubernetes/autoscaler**: Patches are in `projects/kubernetes/autoscaler/patches/` and need to be regenerated using `git format-patch` after fixes are applied to the source code.
+
+#### Running Locally
+
+Run `fix-patches` manually when you see a PR with patch failures:
+
+```bash
+# Set up environment
+export GITHUB_TOKEN=$(gh auth token)
+export AWS_BEDROCK_REGION=us-west-2
+export BEDROCK_MODEL_ID=anthropic.claude-3-5-sonnet-20241022-v2:0
+
+# Run from the repository root
+cd /path/to/eks-anywhere-build-tooling
+version-tracker fix-patches --project fluxcd/source-controller --pr 4883
 ```
@@ -0,0 +1,46 @@
+package cmd
+
+import (
+	"log"
+
+	"github.com/spf13/cobra"
+
+	"github.com/aws/eks-anywhere-build-tooling/tools/version-tracker/pkg/commands/fixpatches"
+	"github.com/aws/eks-anywhere-build-tooling/tools/version-tracker/pkg/types"
+)
+
+var fixPatchesOptions = &types.FixPatchesOptions{}
+
+// fixPatchesCmd is the command used to fix failed patches using LLM assistance.
+var fixPatchesCmd = &cobra.Command{
+	Use:   "fix-patches --project <project name> --pr <PR number>",
+	Short: "Fix failed patches using LLM assistance",
+	Long:  "Use this command to automatically fix failed patch applications using AWS Bedrock LLM. The command analyzes .rej files, generates fixes, and validates them through compilation.",
+	Run: func(cmd *cobra.Command, args []string) {
+		err := fixpatches.Run(fixPatchesOptions)
+		if err != nil {
+			log.Fatalf("Error fixing patches: %v", err)
+		}
+	},
+}
+
+func init() {
+	rootCmd.AddCommand(fixPatchesCmd)
+
+	// Required flags
+	fixPatchesCmd.Flags().StringVar(&fixPatchesOptions.ProjectName, "project", "", "Specify the project name (e.g., aquasecurity/trivy)")
+	fixPatchesCmd.Flags().IntVar(&fixPatchesOptions.PRNumber, "pr", 0, "Specify the PR number")
+
+	// Optional flags
+	fixPatchesCmd.Flags().BoolVar(&fixPatchesOptions.Auto, "auto", false, "Auto-detect project and PR from current git branch")
+	fixPatchesCmd.Flags().IntVar(&fixPatchesOptions.MaxAttempts, "max-attempts", 5, "Maximum number of fix attempts")
+	fixPatchesCmd.Flags().StringVar(&fixPatchesOptions.Model, "model", "anthropic.claude-sonnet-4-5-20250929-v1:0", "Bedrock model ID to use (Claude Sonnet 4.5 - 200K context, 200K tokens/min)")
+	fixPatchesCmd.Flags().StringVar(&fixPatchesOptions.Region, "region", "us-west-2", "AWS region for Bedrock API")
+	fixPatchesCmd.Flags().IntVar(&fixPatchesOptions.ComplexityThreshold, "complexity-threshold", 10, "Skip patches exceeding this complexity score")
+	fixPatchesCmd.Flags().BoolVar(&fixPatchesOptions.CommentOnPR, "comment-on-pr", false, "Post success/failure comment on the PR")
+	fixPatchesCmd.Flags().BoolVar(&fixPatchesOptions.Push, "push", false, "Commit and push fixed patches to the PR branch")
+	fixPatchesCmd.Flags().StringVar(&fixPatchesOptions.Branch, "branch", "", "Branch name to push to (required if --push is used)")
+
+	// Mark required flags (unless --auto is used)
+	fixPatchesCmd.MarkFlagsRequiredTogether("project", "pr")
+}
@@ -5,45 +5,81 @@ go 1.24
 toolchain go1.24.0
 
 require (
+	github.com/aws/aws-sdk-go-v2 v1.40.1
+	github.com/aws/aws-sdk-go-v2/config v1.31.12
+	github.com/aws/aws-sdk-go-v2/service/bedrockruntime v1.41.0
+	github.com/aws/aws-sdk-go-v2/service/s3 v1.93.0
 	github.com/aws/eks-distro-build-tooling/release v0.0.0-20240513204929-c69ded04ed10
 	github.com/ghodss/yaml v1.0.0
 	github.com/go-git/go-git/v5 v5.13.0
 	github.com/go-logr/logr v1.2.4
 	github.com/go-logr/zapr v1.2.4
+	github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b
 	github.com/google/go-github/v53 v53.2.0
 	github.com/pelletier/go-toml/v2 v2.0.8
 	github.com/rodaine/table v1.1.0
 	github.com/spf13/cobra v1.7.0
 	github.com/spf13/viper v1.16.0
 	go.uber.org/zap v1.24.0
 	gopkg.in/yaml.v3 v3.0.1
+	k8s.io/api v0.26.2
+	k8s.io/apimachinery v0.26.2
+	k8s.io/autoscaler v0.0.0-20251204101657-bc3f44c85df1
+	k8s.io/client-go v0.26.1
 	sigs.k8s.io/yaml v1.3.0
 )
 
 require (
 	dario.cat/mergo v1.0.0 // indirect
 	github.com/Microsoft/go-winio v0.6.1 // indirect
 	github.com/ProtonMail/go-crypto v1.1.3 // indirect
+	github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.4 // indirect
+	github.com/aws/aws-sdk-go-v2/credentials v1.18.16 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.9 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.15 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.15 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/v4a v1.4.15 // indirect
+	github.com/aws/aws-sdk-go-v2/service/eventbridge v1.45.15 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.9.6 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.15 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.15 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.29.6 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.1 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.38.6 // indirect
+	github.com/aws/smithy-go v1.24.0 // indirect
 	github.com/cloudflare/circl v1.3.7 // indirect
 	github.com/cyphar/filepath-securejoin v0.2.5 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/emicklei/go-restful/v3 v3.9.0 // indirect
 	github.com/emirpasic/gods v1.18.1 // indirect
 	github.com/fsnotify/fsnotify v1.6.0 // indirect
 	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
 	github.com/go-git/go-billy/v5 v5.6.0 // indirect
+	github.com/go-openapi/jsonpointer v0.19.5 // indirect
+	github.com/go-openapi/jsonreference v0.20.0 // indirect
+	github.com/go-openapi/swag v0.19.14 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
+	github.com/google/gnostic v0.5.7-v3refs // indirect
+	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
+	github.com/imdario/mergo v0.3.6 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
+	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/kevinburke/ssh_config v1.2.0 // indirect
 	github.com/magiconair/properties v1.8.7 // indirect
+	github.com/mailru/easyjson v0.7.6 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/pjbgf/sha1cd v0.3.0 // indirect
 	github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
 	github.com/skeema/knownhosts v1.3.0 // indirect
@@ -61,17 +97,18 @@ require (
 	golang.org/x/oauth2 v0.8.0 // indirect
 	golang.org/x/sync v0.12.0 // indirect
 	golang.org/x/sys v0.31.0 // indirect
+	golang.org/x/term v0.30.0 // indirect
 	golang.org/x/text v0.23.0 // indirect
+	golang.org/x/time v0.3.0 // indirect
 	golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/protobuf v1.33.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
-	k8s.io/api v0.26.2 // indirect
-	k8s.io/apimachinery v0.26.2 // indirect
 	k8s.io/klog/v2 v2.90.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 // indirect
 	k8s.io/utils v0.0.0-20230220204549-a5ecb0141aa5 // indirect
 	sigs.k8s.io/controller-runtime v0.14.6 // indirect
 	sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect