From 0f9b219e5b24c1336b56f2a71cef584126698988 Mon Sep 17 00:00:00 2001 From: Cole Murray Date: Sat, 27 Jun 2026 17:13:39 -0700 Subject: [PATCH] fix(opencomputer): bake gh auth wrapper into image at build time --- packages/opencomputer-infra/src/build-template.ts | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/packages/opencomputer-infra/src/build-template.ts b/packages/opencomputer-infra/src/build-template.ts index 4193da22e..28d4ac5f2 100644 --- a/packages/opencomputer-infra/src/build-template.ts +++ b/packages/opencomputer-infra/src/build-template.ts @@ -192,6 +192,17 @@ function buildImage(options: Pick) "sudo chmod 0755 /usr/local/bin/oi-git-credentials", "sudo git config --system credential.helper /usr/local/bin/oi-git-credentials", "sudo git config --system credential.useHttpPath true", + // gh CLI auth wrapper — baked here as root, at build time, rather than + // left to the runtime's _install_gh_wrapper(). That runtime install + // writes /usr/local/bin/gh as the non-root `sandbox` user, but the dir is + // root-owned, so the write fails with a swallowed PermissionError and gh + // is left unauthenticated — agents then can't post PR comments. (It works + // on Modal only because that runtime is root and can self-install.) Keep + // this body byte-identical to GH_WRAPPER_BODY in + // sandbox-runtime/src/sandbox_runtime/entrypoint.py so the runtime install + // sees a matching file and no-ops instead of failing to overwrite it. + "printf '%s\\n' '#!/bin/sh' 'REAL_GH=\"/usr/bin/gh\"' 'token=$(python3 -m sandbox_runtime.credentials.git_credential_helper gh-token || true)' 'if [ -n \"$token\" ]; then' ' export GH_TOKEN=\"$token\"' 'fi' 'exec \"$REAL_GH\" \"$@\"' | sudo tee /usr/local/bin/gh >/dev/null", + "sudo chmod 0755 /usr/local/bin/gh", `[ -f ${OPENSANDBOX_PROXY_CA} ] && sudo update-ca-certificates || true`, `[ -f ${OPENSANDBOX_PROXY_CA} ] && sudo git config --system http.sslCAInfo ${OPENSANDBOX_PROXY_CA} || true` );