improve agent CI matrix, token permissions, and waitlist follower backfill (#313)
* add workflows permission to git token and waitlist improvements - add `workflows` to `InstallationTokenPermissions` type in both action and API token routes - include `workflows: write` in the git token so agents can push workflow file changes - add `githubFollowers` field to WaitlistSignup schema with migration - add script to populate waitlist followers from GitHub API - add frog-green-square-border logo asset Co-authored-by: Cursor <cursoragent@cursor.com> * improve CI, agent logging, token permissions, and delegation guardrails - add format check and build step to root CI job - standardize agent model/effort log lines across all agents - fix GitHub App permissions types to match OpenAPI schema (workflows is write-only) - improve delegation error message to prevent subagent recursion - demote noisy OpenCode stderr to debug level - add subagent delegation rules to resolved instructions Co-authored-by: Cursor <cursoragent@cursor.com> * fix graphql partial error handling, update delegation message, add workflow_run fixtures Co-authored-by: Cursor <cursoragent@cursor.com> * remove module-level env var throws that break CI build Co-authored-by: Cursor <cursoragent@cursor.com> * fix logging bug and type hole from PR review - use batch-local notFound counter so per-batch log doesn't undercount - add workflows to WorkflowTokenPermissions so wire type matches what action sends Co-authored-by: Cursor <cursoragent@cursor.com> * lazy-init appOctokit to fix next build without env vars Co-authored-by: Cursor <cursoragent@cursor.com> * drop pnpm build from CI test workflow Co-authored-by: Cursor <cursoragent@cursor.com> * fix delegate-effort test regex to match actual log format, disable fail-fast for agnostic tests the test was matching `running \w+ with effort=auto` but the actual log line from shared.ts is `» effort: auto`. also temporarily set fail-fast: false on action-agnostic so all failures surface at once. Co-authored-by: Cursor <cursoragent@cursor.com> * disable fail-fast in action workflow too, relax ci.test.ts to match both workflow files now use fail-fast: false for agnostic tests so all matrix jobs run to completion. the ci consistency test now checks that the two workflows agree rather than requiring true. Co-authored-by: Cursor <cursoragent@cursor.com> * restore fail-fast: true now that all agnostic tests pass Co-authored-by: Cursor <cursoragent@cursor.com> * skip agent tests in CI when agent harness file didn't change adds action/test/changed-agents.sh which reads the PR diff (via dorny/paths-filter) and outputs only agents whose harness file was modified. the action-agents matrix now uses this dynamic list instead of a hardcoded array, so e.g. a PR touching only cursor.ts runs 6 jobs instead of 30. Co-authored-by: Cursor <cursoragent@cursor.com> * update ci.test.ts to validate dynamic agent matrix the test now checks that the matrix references the changes job output and that changed-agents.sh correctly discovers all agents. Co-authored-by: Cursor <cursoragent@cursor.com> * parallelize action jobs and use claude canary fallback for shared changes runs action-agents in parallel with action-agnostic after root/changes, and updates changed-agents logic so shared or non-harness action runtime changes run only claude while harness-specific edits run only those changed agents. Co-authored-by: Cursor <cursoragent@cursor.com> --------- Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
committed by
pullfrog[bot]
parent
37dcea86b9
commit
b6658ddbc1
+12
-9
@@ -53,33 +53,36 @@ function isOIDCAvailable(): boolean {
|
||||
);
|
||||
}
|
||||
|
||||
// github installation token permission levels
|
||||
type ReadWrite = "read" | "write";
|
||||
type WriteOnly = "write";
|
||||
type ReadOnly = "read";
|
||||
|
||||
// permission names use underscores (API format)
|
||||
type InstallationTokenPermissions = {
|
||||
/**
|
||||
* GitHub App installation access token permissions.
|
||||
* passed to `POST /app/installations/{id}/access_tokens` to scope the token.
|
||||
* fields and allowed values come from the `app-permissions` OpenAPI schema.
|
||||
* @see https://docs.github.com/en/rest/apps/installations#create-an-installation-access-token-for-an-app
|
||||
* @see https://github.com/github/rest-api-description — components.schemas.app-permissions
|
||||
*/
|
||||
type GitHubAppPermissions = {
|
||||
actions?: ReadWrite;
|
||||
artifact_metadata?: ReadWrite;
|
||||
attestations?: ReadWrite;
|
||||
checks?: ReadWrite;
|
||||
contents?: ReadWrite;
|
||||
deployments?: ReadWrite;
|
||||
id_token?: WriteOnly;
|
||||
issues?: ReadWrite;
|
||||
models?: ReadOnly;
|
||||
discussions?: ReadWrite;
|
||||
issues?: ReadWrite;
|
||||
packages?: ReadWrite;
|
||||
pages?: ReadWrite;
|
||||
pull_requests?: ReadWrite;
|
||||
security_events?: ReadWrite;
|
||||
statuses?: ReadWrite;
|
||||
workflows?: WriteOnly;
|
||||
};
|
||||
|
||||
type AcquireTokenOptions = {
|
||||
repos?: string[];
|
||||
permissions?: InstallationTokenPermissions;
|
||||
permissions?: GitHubAppPermissions;
|
||||
};
|
||||
|
||||
async function acquireTokenViaOIDC(opts?: AcquireTokenOptions): Promise<string> {
|
||||
@@ -215,7 +218,7 @@ const checkRepositoryAccess = async (
|
||||
const createInstallationToken = async (
|
||||
jwt: string,
|
||||
installationId: number,
|
||||
permissions?: InstallationTokenPermissions
|
||||
permissions?: GitHubAppPermissions
|
||||
): Promise<string> => {
|
||||
const requestOpts: { method: string; headers: Record<string, string>; body?: string } = {
|
||||
method: "POST",
|
||||
|
||||
@@ -422,7 +422,13 @@ export function resolveSubagentInstructions(
|
||||
): ResolvedInstructions {
|
||||
const inputs = buildCommonInputs(ctx);
|
||||
|
||||
const subagentTaskSection = `You are operating in **${ctx.mode.name}** mode.
|
||||
const subagentTaskSection = `You are operating in **${ctx.mode.name}** mode as a delegated subagent. An orchestrator spawned you and will read your final output to decide what to do next.
|
||||
|
||||
### Delegation rules
|
||||
|
||||
- The \`delegate\` tool is NOT available to you — complete your task directly using the available tools.
|
||||
- When you finish, end with a clear, concise summary: what you did, what succeeded, what failed, and any blockers or next steps. The orchestrator uses this to decide whether to delegate again or report final results.
|
||||
- If you encounter an error you cannot resolve, report it clearly — do not attempt to delegate or re-run yourself.
|
||||
|
||||
${ctx.mode.prompt}`;
|
||||
|
||||
|
||||
+1
-1
@@ -69,7 +69,7 @@ export interface SetupGitParams extends GitContext {
|
||||
* - sets up authentication via gitToken (minimal contents:write)
|
||||
* - for PR events, checks out the PR branch using shared helper
|
||||
*
|
||||
* gitToken is a minimal-permission token (contents:write only) used for git operations.
|
||||
* gitToken is a minimal-permission token (contents + workflows) used for git operations.
|
||||
* it is assumed to be potentially exfiltratable, so it has limited scope.
|
||||
*/
|
||||
export async function setupGit(params: SetupGitParams): Promise<void> {
|
||||
|
||||
+11
-3
@@ -105,12 +105,20 @@ export async function resolveTokens(params: ResolveTokensParams): Promise<TokenR
|
||||
|
||||
// create git token based on push permission (assumed exfiltratable)
|
||||
// disabled = read-only, restricted/enabled = write (MCP tools enforce branch restrictions)
|
||||
const gitContents = params.push === "disabled" ? "read" : "write";
|
||||
const gitToken = await acquireNewToken({ permissions: { contents: gitContents } });
|
||||
// workflows permission is write-only in the API, so only requested when pushing is allowed
|
||||
const gitPermissions =
|
||||
params.push === "disabled"
|
||||
? { contents: "read" as const }
|
||||
: { contents: "write" as const, workflows: "write" as const };
|
||||
const gitToken = await acquireNewToken({ permissions: gitPermissions });
|
||||
if (isGitHubActions) {
|
||||
core.setSecret(gitToken);
|
||||
}
|
||||
log.info(`» acquired git token (contents:${gitContents})`);
|
||||
log.info(
|
||||
`» acquired git token (${Object.entries(gitPermissions)
|
||||
.map((e) => e.join(":"))
|
||||
.join(", ")})`
|
||||
);
|
||||
|
||||
// create full MCP token - not exfiltratable (only accessible via MCP tools)
|
||||
const mcpToken = await acquireNewToken();
|
||||
|
||||
Reference in New Issue
Block a user