feat: implement CloseIssue and PostComment methods in gitea client

Add CloseIssue (PATCH state=closed) and PostComment (POST comment body)
methods to the Gitea client with cache invalidation. Add corresponding
handler routes POST /issues/{owner}/{repo}/{index}/close and
POST /issues/{owner}/{repo}/{index}/comment with HTMX support.
Include unit tests for both client methods.

Closes leeworks-agents/gitea-mobile#36

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

internal/gitea/client.go

@@ -706,6 +706,51 @@ func (c *Client) SubmitReview(ctx context.Context, token, owner, repo string, in
 	return nil
 }
 
+// CloseIssue closes an issue by setting its state to "closed".
+func (c *Client) CloseIssue(ctx context.Context, token, owner, repo string, index int64) error {
+	payload, err := json.Marshal(map[string]string{"state": "closed"})
+	if err != nil {
+		return fmt.Errorf("marshaling close request: %w", err)
+	}
+
+	path := fmt.Sprintf("/repos/%s/%s/issues/%d", owner, repo, index)
+	resp, err := c.doRequest(ctx, token, http.MethodPatch, path, strings.NewReader(string(payload)))
+	if err != nil {
+		return fmt.Errorf("closing issue: %w", err)
+	}
+	resp.Body.Close()
+
+	c.InvalidateAll()
+	return nil
+}
+
+// PostComment creates a comment on an issue and returns the created Comment.
+func (c *Client) PostComment(ctx context.Context, token, owner, repo string, index int64, body string) (*Comment, error) {
+	payload, err := json.Marshal(map[string]string{"body": body})
+	if err != nil {
+		return nil, fmt.Errorf("marshaling comment: %w", err)
+	}
+
+	path := fmt.Sprintf("/repos/%s/%s/issues/%d/comments", owner, repo, index)
+	resp, err := c.doRequest(ctx, token, http.MethodPost, path, strings.NewReader(string(payload)))
+	if err != nil {
+		return nil, fmt.Errorf("posting comment: %w", err)
+	}
+	defer resp.Body.Close()
+
+	var comment Comment
+	if err := json.NewDecoder(resp.Body).Decode(&comment); err != nil {
+		return nil, fmt.Errorf("decoding comment: %w", err)
+	}
+
+	// Populate convenience fields.
+	comment.User = comment.RawUser.Login
+	comment.CreatedAt = comment.RawCreatedAt.Format("Jan 2, 2006 15:04")
+
+	c.InvalidateAll()
+	return &comment, nil
+}
+
 // priorityScore returns a numeric score for sorting (lower = higher priority).
 func priorityScore(labels []string) int {
 	for _, l := range labels {

internal/gitea/client_test.go

@@ -201,6 +201,97 @@ func TestGetTriageQueue_Sorting(t *testing.T) {
 	}
 }
 
+func TestCloseIssue(t *testing.T) {
+	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if r.Method != http.MethodPatch {
+			t.Errorf("expected PATCH, got %s", r.Method)
+		}
+		if r.URL.Path != "/api/v1/repos/owner1/repo1/issues/42" {
+			t.Errorf("unexpected path: %s", r.URL.Path)
+		}
+		if r.Header.Get("Authorization") != "token test-token" {
+			t.Error("missing or wrong Authorization header")
+		}
+
+		var body map[string]string
+		if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
+			t.Fatalf("failed to decode body: %v", err)
+		}
+		if body["state"] != "closed" {
+			t.Errorf("expected state=closed, got %q", body["state"])
+		}
+
+		w.WriteHeader(http.StatusOK)
+		json.NewEncoder(w).Encode(map[string]string{"state": "closed"})
+	}))
+	defer server.Close()
+
+	c := NewClient(server.URL)
+	c.setCache("issues-org1", "should-be-invalidated")
+
+	err := c.CloseIssue(context.Background(), "test-token", "owner1", "repo1", 42)
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+
+	// Verify cache was invalidated.
+	_, ok := c.getFromCache("issues-org1")
+	if ok {
+		t.Error("expected cache to be invalidated after CloseIssue")
+	}
+}
+
+func TestPostComment(t *testing.T) {
+	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if r.Method != http.MethodPost {
+			t.Errorf("expected POST, got %s", r.Method)
+		}
+		if r.URL.Path != "/api/v1/repos/owner1/repo1/issues/42/comments" {
+			t.Errorf("unexpected path: %s", r.URL.Path)
+		}
+
+		var body map[string]string
+		if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
+			t.Fatalf("failed to decode body: %v", err)
+		}
+		if body["body"] != "test comment" {
+			t.Errorf("expected body='test comment', got %q", body["body"])
+		}
+
+		comment := map[string]interface{}{
+			"id":   1,
+			"body": body["body"],
+			"user": map[string]string{"login": "testuser"},
+			"created_at": "2026-03-26T12:00:00Z",
+		}
+		json.NewEncoder(w).Encode(comment)
+	}))
+	defer server.Close()
+
+	c := NewClient(server.URL)
+	c.setCache("issues-org1", "should-be-invalidated")
+
+	comment, err := c.PostComment(context.Background(), "test-token", "owner1", "repo1", 42, "test comment")
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+	if comment.Body != "test comment" {
+		t.Errorf("comment.Body = %q, want %q", comment.Body, "test comment")
+	}
+	if comment.User != "testuser" {
+		t.Errorf("comment.User = %q, want %q", comment.User, "testuser")
+	}
+	if comment.ID != 1 {
+		t.Errorf("comment.ID = %d, want 1", comment.ID)
+	}
+
+	// Verify cache was invalidated.
+	_, ok := c.getFromCache("issues-org1")
+	if ok {
+		t.Error("expected cache to be invalidated after PostComment")
+	}
+}
+
 // sortTriageQueue is a test helper applying the same sort as GetTriageQueue.
 func sortTriageQueue(queue []TriageItem) {
 	for i := 0; i < len(queue); i++ {