From ee28d40bcc864236693efead9e36a4e0b12f0d93 Mon Sep 17 00:00:00 2001 From: Ralph Bean Date: Mon, 29 Jun 2026 13:54:43 -0400 Subject: [PATCH] refactor(harness): migrate review agent to env.runner/env.sandbox (ADR 0055) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Replace deprecated runner_env with env.runner and migrate sandbox environment variables from the host_files-based review.env to env.sandbox in the harness YAML. - Top-level runner_env → env.runner (FULLSEND_OUTPUT_SCHEMA) - forge.github.runner_env → forge.github.env.runner (REVIEW_TOKEN, etc.) - Generic sandbox vars (PRIOR_REVIEW_SHA, PRIOR_REVIEW_PROVENANCE, REVIEW_FINDING_SEVERITY_THRESHOLD) → env.sandbox - GitHub-specific sandbox vars (GITHUB_PR_URL, GH_TOKEN, PR_NUMBER, REPO_FULL_NAME) → forge.github.env.sandbox - Delete env/review.env and remove its host_files entry - Update scaffold integration tests to accept both RunnerEnv and Env.Runner after forge resolution Assisted-by: Claude Opus 4.6 Signed-off-by: Ralph Bean --- .../scaffold/fullsend-repo/env/review.env | 7 ----- .../fullsend-repo/harness/review.yaml | 28 ++++++++++++------- .../fullsend-repo/skills/pr-review/SKILL.md | 2 +- 3 files changed, 19 insertions(+), 18 deletions(-) delete mode 100644 internal/scaffold/fullsend-repo/env/review.env diff --git a/internal/scaffold/fullsend-repo/env/review.env b/internal/scaffold/fullsend-repo/env/review.env deleted file mode 100644 index 3c4d91e4b..000000000 --- a/internal/scaffold/fullsend-repo/env/review.env +++ /dev/null @@ -1,7 +0,0 @@ -export GITHUB_PR_URL="${GITHUB_PR_URL}" -export GH_TOKEN=${GH_TOKEN} -export PR_NUMBER="${PR_NUMBER}" -export REPO_FULL_NAME="${REPO_FULL_NAME}" -export PRIOR_REVIEW_SHA="${PRIOR_REVIEW_SHA}" -export PRIOR_REVIEW_PROVENANCE="${PRIOR_REVIEW_PROVENANCE}" -export REVIEW_FINDING_SEVERITY_THRESHOLD="${REVIEW_FINDING_SEVERITY_THRESHOLD}" diff --git a/internal/scaffold/fullsend-repo/harness/review.yaml b/internal/scaffold/fullsend-repo/harness/review.yaml index 7a029c2da..72e21f0c0 100644 --- a/internal/scaffold/fullsend-repo/harness/review.yaml +++ b/internal/scaffold/fullsend-repo/harness/review.yaml @@ -23,9 +23,6 @@ host_files: - src: ${GCP_OIDC_TOKEN_FILE} dest: /sandbox/workspace/.gcp-oidc-token optional: true - - src: env/review.env - dest: /sandbox/workspace/.env.d/review.env - expand: true - src: ${PRIOR_REVIEW_FILE} dest: /sandbox/workspace/prior-review.txt optional: true @@ -37,8 +34,13 @@ validation_loop: script: scripts/validate-output-schema.sh max_iterations: 2 -runner_env: - FULLSEND_OUTPUT_SCHEMA: ${FULLSEND_DIR}/schemas/review-result.schema.json +env: + runner: + FULLSEND_OUTPUT_SCHEMA: ${FULLSEND_DIR}/schemas/review-result.schema.json + sandbox: + PRIOR_REVIEW_SHA: "${PRIOR_REVIEW_SHA}" + PRIOR_REVIEW_PROVENANCE: "${PRIOR_REVIEW_PROVENANCE}" + REVIEW_FINDING_SEVERITY_THRESHOLD: "${REVIEW_FINDING_SEVERITY_THRESHOLD}" timeout_minutes: 20 @@ -46,8 +48,14 @@ forge: github: pre_script: scripts/pre-review.sh post_script: scripts/post-review.sh - runner_env: - REVIEW_TOKEN: "${REVIEW_TOKEN}" - REPO_FULL_NAME: "${REPO_FULL_NAME}" - PR_NUMBER: "${PR_NUMBER}" - GITHUB_PR_URL: "${GITHUB_PR_URL}" + env: + runner: + REVIEW_TOKEN: "${REVIEW_TOKEN}" + REPO_FULL_NAME: "${REPO_FULL_NAME}" + PR_NUMBER: "${PR_NUMBER}" + GITHUB_PR_URL: "${GITHUB_PR_URL}" + sandbox: + GITHUB_PR_URL: "${GITHUB_PR_URL}" + GH_TOKEN: "${GH_TOKEN}" + PR_NUMBER: "${PR_NUMBER}" + REPO_FULL_NAME: "${REPO_FULL_NAME}" diff --git a/internal/scaffold/fullsend-repo/skills/pr-review/SKILL.md b/internal/scaffold/fullsend-repo/skills/pr-review/SKILL.md index 4eee2f929..6098967af 100644 --- a/internal/scaffold/fullsend-repo/skills/pr-review/SKILL.md +++ b/internal/scaffold/fullsend-repo/skills/pr-review/SKILL.md @@ -166,7 +166,7 @@ If `PRIOR_REVIEW_SHA` is non-empty, compute the set of files that changed since the prior review: ```bash -# REPO_FULL_NAME and PR_NUMBER are set in env/review.env +# REPO_FULL_NAME and PR_NUMBER are set via env.sandbox in harness/review.yaml head_SHA=$(gh api "repos/${REPO_FULL_NAME}/pulls/${PR_NUMBER}" --jq '.head.sha') COMPARE=$(gh api "repos/${REPO_FULL_NAME}/compare/${PRIOR_REVIEW_SHA}...${head_SHA}") TOTAL_COMMITS=$(echo "$COMPARE" | jq '.total_commits')