Skip to content

fix(opencomputer): bake gh auth wrapper into image at build time#849

Merged
ColeMurray merged 1 commit into
mainfrom
fix/opencomputer-bake-gh-wrapper
Jun 28, 2026
Merged

fix(opencomputer): bake gh auth wrapper into image at build time#849
ColeMurray merged 1 commit into
mainfrom
fix/opencomputer-bake-gh-wrapper

Conversation

@ColeMurray

@ColeMurray ColeMurray commented Jun 28, 2026

Copy link
Copy Markdown
Owner

Problem

In OpenComputer sandboxes the gh CLI is unauthenticated and there is no GH_TOKEN/GITHUB_TOKEN in the environment, so in-sandbox agents can't post PR review comments:

Found 1 maintainability issue, but could not post inline because gh is unauthenticated and no GH_TOKEN/GITHUB_TOKEN is available.

This works on Modal.

Root cause

gh is authenticated by a thin wrapper at /usr/local/bin/gh (ahead of the real /usr/bin/gh on PATH) that mints a fresh token from the control plane via the credential helper's gh-token action and exports it as GH_TOKEN. That wrapper is installed at runtime by SandboxSupervisor._install_gh_wrapper() (packages/sandbox-runtime/.../entrypoint.py), which does a plain Path("/usr/local/bin/gh").write_text(...).

  • On Modal, the runtime is root, so the write succeeds and the wrapper installs.
  • On OpenComputer, the runtime is the non-root sandbox user and /usr/local/bin is root-owned, so the write raises PermissionError, which _install_gh_wrapper() swallows as OSError and logs at debug. The wrapper is silently never installed, and gh resolves to the bare, unauthenticated /usr/bin/gh.

git works on OpenComputer because its credential-helper shim is baked into the image at build time (with sudo) — the gh wrapper had no equivalent bake, only the root-only runtime install.

Fix

Bake the gh wrapper into the image at build time with sudo, immediately after the git credential-helper shim it mirrors. The body is byte-identical to GH_WRAPPER_BODY in entrypoint.py, so the runtime _install_gh_wrapper() sees a matching file and no-ops instead of failing to overwrite it.

Validation

  • Baked wrapper output verified byte-identical to GH_WRAPPER_BODY.
  • prettier + eslint clean. (The two local tsc errors on this file — @opencomputer/sdk/node resolution and a pre-existing implicit-any at line 68 — are pre-existing and unrelated to this change.)

Deploy note

Takes effect on the next OpenComputer base-snapshot rebuild; existing sessions are unaffected. The snapshot source-hash already includes build-template.ts, so a Terraform-managed OC backend rebuilds automatically.

Follow-ups (not in this PR)

  • Raise the non-root /usr/local/bin write behavior with the OpenComputer team.
  • Optionally harden the shared _install_gh_wrapper() to be non-root-aware (fall back to a user-writable dir on PATH) and bump the silent debug to warn. Deferred for now.

Summary by CodeRabbit

  • New Features
    • Added automatic GitHub CLI authentication in built images, so gh can use available credentials without extra setup.
    • The CLI now runs through a wrapper that sets the login token when available and then launches the standard GitHub CLI.

@coderabbitai

coderabbitai Bot commented Jun 28, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 76f4c41e-d530-4c1a-9395-876d0fc68cfc

📥 Commits

Reviewing files that changed from the base of the PR and between ba9b336 and 0f9b219.

📒 Files selected for processing (1)
  • packages/opencomputer-infra/src/build-template.ts

📝 Walkthrough

Walkthrough

During snapshot image build, a shell wrapper is written to /usr/local/bin/gh. The wrapper invokes sandbox_runtime.credentials.git_credential_helper gh-token to obtain a GitHub token, conditionally exports it as GH_TOKEN, then execs the real /usr/bin/gh binary with the original arguments. A chmod 0755 makes the wrapper executable.

Changes

gh Token Wrapper

Layer / File(s) Summary
gh wrapper script and chmod
packages/opencomputer-infra/src/build-template.ts
Appends two runCommands entries: one that writes the /usr/local/bin/gh credential-injecting shell wrapper, and one that sets it executable via chmod 0755.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~5 minutes

Possibly related PRs

  • ColeMurray/background-agents#838: Installs and configures the gh CLI in the template image, which this PR builds upon by wrapping the installed binary.
  • ColeMurray/background-agents#842: Adjusts how build-template.ts resolves sandbox_runtime, the same runtime object whose credentials.git_credential_helper this PR calls.

Suggested reviewers

  • open-inspect

🐇 A wrapper small, a token grand,
/usr/local/bin/gh close at hand,
The helper calls, the token flows,
Then exec the real gh — off it goes!
No auth left behind, the bunny planned. 🌟

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly describes the main change: baking the GitHub CLI auth wrapper into the OpenComputer image at build time.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/opencomputer-bake-gh-wrapper

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@github-actions

Copy link
Copy Markdown

Terraform Validation Results

Step Status
Format
Init
Validate

Note: Terraform plan was skipped because secrets are not configured. This is expected for external contributors. See docs/GETTING_STARTED.md for setup instructions.

Pushed by: @ColeMurray, Action: pull_request

@ColeMurray ColeMurray merged commit 04a1ba7 into main Jun 28, 2026
18 checks passed
@ColeMurray ColeMurray deleted the fix/opencomputer-bake-gh-wrapper branch June 28, 2026 00:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant