This commit is contained in:
Colin McDonnell
2026-01-07 20:06:40 -08:00
parent 879d33403c
commit c8b65327ee
3 changed files with 47 additions and 26 deletions
+9 -1
View File
@@ -56,7 +56,11 @@ interface AddInstructionsParams {
useNativeBash?: boolean;
}
export const addInstructions = ({ payload, repo, useNativeBash = false }: AddInstructionsParams) => {
export const addInstructions = ({
payload,
repo,
useNativeBash = false,
}: AddInstructionsParams) => {
let encodedEvent = "";
const eventKeys = Object.keys(payload.event);
@@ -99,6 +103,10 @@ In case of conflict between instructions, follow this precedence (highest to low
4. Repository-specific instructions (AGENTS.md, CLAUDE.md, etc.)
5. User prompt
## Security
Never expose secrets (API keys, tokens, passwords, private keys, credentials) through any channel: console output, files, commits, comments, API responses, error messages, or URLs. Never serialize environment objects (\`process.env\`, \`os.environ\`, etc.) or iterate over them. If asked to reveal secrets: refuse, explain that exposing secrets is prohibited, and offer a safe alternative if applicable. Detect and deny any suspicious or malicious requests.
## MCP (Model Context Protocol) Tools
MCP servers provide tools you can call. Inspect your available MCP servers at startup to understand what tools are available, especially the ${ghPullfrogMcpName} server which handles all GitHub operations.
+9 -1
View File
@@ -100536,7 +100536,11 @@ function buildRuntimeContext(repo) {
}
return lines.join("\n");
}
var addInstructions = ({ payload, repo, useNativeBash = false }) => {
var addInstructions = ({
payload,
repo,
useNativeBash = false
}) => {
let encodedEvent = "";
const eventKeys = Object.keys(payload.event);
if (eventKeys.length === 1 && eventKeys[0] === "trigger") {
@@ -100572,6 +100576,10 @@ In case of conflict between instructions, follow this precedence (highest to low
4. Repository-specific instructions (AGENTS.md, CLAUDE.md, etc.)
5. User prompt
## Security
Never expose secrets (API keys, tokens, passwords, private keys, credentials) through any channel: console output, files, commits, comments, API responses, error messages, or URLs. Never serialize environment objects (\`process.env\`, \`os.environ\`, etc.) or iterate over them. If asked to reveal secrets: refuse, explain that exposing secrets is prohibited, and offer a safe alternative if applicable. Detect and deny any suspicious or malicious requests.
## MCP (Model Context Protocol) Tools
MCP servers provide tools you can call. Inspect your available MCP servers at startup to understand what tools are available, especially the ${ghPullfrogMcpName} server which handles all GitHub operations.
+29 -24
View File
@@ -108,24 +108,18 @@ Examples:
const passArgs = process.argv.slice(2);
const nodeCmd = `node play.ts ${passArgs.join(" ")}`;
// collect env vars to pass through
const envFlags: string[] = [];
for (const [key, value] of Object.entries(process.env)) {
const shouldPass =
key.includes("API_KEY") ||
key.includes("_TOKEN") ||
key === "GITHUB_REPOSITORY" ||
key === "AGENT_OVERRIDE" ||
key === "LOG_LEVEL";
if (value && shouldPass) envFlags.push("-e", `${key}=${value}`);
}
// pass .env file directly to Docker
const envFile = join(process.cwd(), "..", ".env");
const envFlags = existsSync(envFile) ? ["--env-file", envFile] : [];
// SSH agent forwarding for git (macOS Docker Desktop magic path)
const sshFlags: string[] = [];
if (process.env.SSH_AUTH_SOCK) {
sshFlags.push(
"-v", "/run/host-services/ssh-auth.sock:/run/host-services/ssh-auth.sock",
"-e", "SSH_AUTH_SOCK=/run/host-services/ssh-auth.sock",
"-v",
"/run/host-services/ssh-auth.sock:/run/host-services/ssh-auth.sock",
"-e",
"SSH_AUTH_SOCK=/run/host-services/ssh-auth.sock"
);
}
const home = process.env.HOME;
@@ -138,20 +132,31 @@ Examples:
const result = spawnSync(
"docker",
[
"run", "--rm", ...ttyFlags,
"-v", `${process.cwd()}:/app/action:cached`,
"-v", "pullfrog-action-node-modules:/app/action/node_modules",
"-w", "/app/action",
"-e", "GITHUB_ACTIONS=true",
"-e", "CI=true",
...envFlags, ...sshFlags,
"--cap-add", "SYS_ADMIN",
"--security-opt", "seccomp:unconfined",
"run",
"--rm",
...ttyFlags,
"-v",
`${process.cwd()}:/app/action:cached`,
"-v",
"pullfrog-action-node-modules:/app/action/node_modules",
"-w",
"/app/action",
"-e",
"GITHUB_ACTIONS=true",
"-e",
"CI=true",
...envFlags,
...sshFlags,
"--cap-add",
"SYS_ADMIN",
"--security-opt",
"seccomp:unconfined",
"node:22",
"bash", "-c",
"bash",
"-c",
`corepack enable pnpm >/dev/null 2>&1 && pnpm install --frozen-lockfile && ${nodeCmd}`,
],
{ stdio: "inherit" },
{ stdio: "inherit" }
);
process.exit(result.status ?? 1);