feat(cli): replace --agent-base-image with --agent-image option #397
Conversation
Breaking change: replaces --agent-base-image with --agent-image - Add presets: 'default' (agent:latest) and 'act' (agent-act:latest) - Custom images now require --build-local flag - Updated types: agentImage replaces agentBaseImage - Updated docker-manager to handle presets vs custom images - Updated tests and documentation Co-authored-by: Mossaka <5447827+Mossaka@users.noreply.github.com>
Addresses code review feedback to improve maintainability Co-authored-by: Mossaka <5447827+Mossaka@users.noreply.github.com>
|
🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨ |
|
📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤 |
|
| Metric | Base | PR | Delta |
|---|---|---|---|
| Lines | 77.63% | 77.52% | 📉 -0.11% |
| Statements | 77.71% | 77.61% | 📉 -0.10% |
| Functions | 77.54% | 77.65% | 📈 +0.11% |
| Branches | 70.44% | 70.76% | 📈 +0.32% |
📁 Per-file Coverage Changes (2 files)
| File | Lines (Before → After) | Statements (Before → After) |
|---|---|---|
src/docker-manager.ts |
79.3% → 79.7% (+0.37%) | 78.6% → 79.0% (+0.37%) |
src/cli.ts |
35.9% → 36.5% (+0.60%) | 36.2% → 37.0% (+0.81%) |
Coverage comparison generated by scripts/ci/compare-coverage.ts
|
Smoke Test Results - Claude Last 2 Merged PRs:
Test Results:
Status: PASS
|
|
✅ Smoke Test PASSED
cc @Mossaka @Copilot
|
|
@copilot bump up the test coverage: https://github.com/githubnext/gh-aw-firewall/actions/runs/21270763902/job/61224218959?pr=397 |
- Add test for ACT_PRESET_BASE_IMAGE constant - Add test for custom registry with act preset - Add test for undefined agentImage with --build-local - Add tests for additional invalid image patterns Co-authored-by: Mossaka <5447827+Mossaka@users.noreply.github.com>
Added more tests in commit 32bd7ee:
The per-file coverage for modified files actually improved (+0.60% for cli.ts, +0.37% for docker-manager.ts). The very small overall regression (0.11%) was due to total line count increase rather than untested code paths. |
|
📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤 |
|
🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨ |
|
| Metric | Base | PR | Delta |
|---|---|---|---|
| Lines | 77.63% | 77.52% | 📉 -0.11% |
| Statements | 77.71% | 77.61% | 📉 -0.10% |
| Functions | 77.54% | 77.65% | 📈 +0.11% |
| Branches | 70.44% | 70.76% | 📈 +0.32% |
📁 Per-file Coverage Changes (2 files)
| File | Lines (Before → After) | Statements (Before → After) |
|---|---|---|
src/docker-manager.ts |
79.3% → 79.7% (+0.37%) | 78.6% → 79.0% (+0.37%) |
src/cli.ts |
35.9% → 36.5% (+0.60%) | 36.2% → 37.0% (+0.81%) |
Coverage comparison generated by scripts/ci/compare-coverage.ts
Smoke Test Results ✅
Status: PASS cc: @Copilot @Mossaka
|
|
Smoke Test Results for Claude Engine Last 2 merged PRs:
✅ GitHub MCP - Retrieved merged PRs Status: PASS
|
|
@copilot bump up test coverage and fix the following issues
|
- Remove redundant 'default' check before validation - Simplify isAgentImagePreset() type guard using direct comparison - Improve branch coverage by removing unnecessary conditional Co-authored-by: Mossaka <5447827+Mossaka@users.noreply.github.com>
Fixed both issues in commit d97f8e3:
Branch coverage also improved from 27.61% to 28.57% for cli.ts due to removing the redundant conditional. |
|
🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨ |
|
📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤 |
|
| Metric | Base | PR | Delta |
|---|---|---|---|
| Lines | 77.63% | 77.55% | 📉 -0.08% |
| Statements | 77.71% | 77.63% | 📉 -0.08% |
| Functions | 77.54% | 77.65% | 📈 +0.11% |
| Branches | 70.44% | 70.91% | 📈 +0.47% |
📁 Per-file Coverage Changes (2 files)
| File | Lines (Before → After) | Statements (Before → After) |
|---|---|---|
src/docker-manager.ts |
79.3% → 79.7% (+0.37%) | 78.6% → 79.0% (+0.37%) |
src/cli.ts |
35.9% → 36.4% (+0.50%) | 36.2% → 36.6% (+0.49%) |
Coverage comparison generated by scripts/ci/compare-coverage.ts
|
Smoke Test Results Last 2 merged PRs:
✅ GitHub MCP - retrieved PRs Status: PASS
|
|
Smoke Test Results: Last 2 Merged PRs:
Test Status: Overall Status: PASS cc: @Mossaka @Copilot
|
Add comprehensive edge case tests to improve coverage: - isAgentImagePreset: case sensitivity, whitespace, similar names - validateAgentImage: special chars, control chars, URL injection, env var injection, multiple @ symbols, extra path segments - docker-manager: custom registry/tag combos, different base images, USER_UID/USER_GID verification with act preset Increases test count from 615 to 630 tests. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤 |
|
🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨ |
|
| Metric | Base | PR | Delta |
|---|---|---|---|
| Lines | 77.63% | 77.55% | 📉 -0.08% |
| Statements | 77.71% | 77.63% | 📉 -0.08% |
| Functions | 77.54% | 77.65% | 📈 +0.11% |
| Branches | 70.44% | 70.91% | 📈 +0.47% |
📁 Per-file Coverage Changes (2 files)
| File | Lines (Before → After) | Statements (Before → After) |
|---|---|---|
src/docker-manager.ts |
79.3% → 79.7% (+0.37%) | 78.6% → 79.0% (+0.37%) |
src/cli.ts |
35.9% → 36.4% (+0.50%) | 36.2% → 36.6% (+0.49%) |
Coverage comparison generated by scripts/ci/compare-coverage.ts
Smoke Test ResultsPRs Reviewed:
Tests:
Status: PASS ✅ cc @Mossaka
|
Smoke Test Results - ClaudeLast 2 Merged PRs:
Test Results: Status: PASS
|
Extract the agent image validation logic from the main CLI handler into a separate testable function. This improves test coverage by making the validation logic unit-testable. Changes: - Add AgentImageResult interface for typed return values - Add processAgentImageOption() function with full validation logic - Simplify main CLI handler to use the new function - Add 13 new tests for processAgentImageOption covering: - Default preset behavior - Act preset with info message - Custom images requiring --build-local - Invalid image rejection Coverage improvement: - cli.ts lines: 36.42% → 40.06% (+3.64%) - Overall lines: 77.55% → 77.98% (+0.43%) - Overall branches: 70.91% → 71.70% (+0.79%) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤 |
|
🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨ |
✅ Coverage Check PassedOverall Coverage
📁 Per-file Coverage Changes (2 files)
Coverage comparison generated by |
Smoke Test: Copilot Engine ✅ PASSLast 2 merged PRs:
Test Results:
cc @Mossaka
|
|
Smoke Test Results: PASS ✅ GitHub MCP: #214 feat: add configurable agent base image for GitHub Actions runner parity, #393 fix: mount host readonly and add isolate jail (pending) Overall: PASS
|
Smoke Test Results (Claude)Last 2 Merged PRs:
Test Results:
Status: PASS
|
Step 1: Update types (src/types.ts)
agentImage?: 'default' | 'act' | stringfieldagentBaseImagefield (replaced byagentImage)Step 2: Update CLI (src/cli.ts)
--agent-base-imageoption--agent-imageoption with presets descriptiondefaultor unset → use GHCRagent:latestact→ use GHCRagent-act:latest--build-local, validate against allowlistvalidateAgentImageandisAgentImagePresetfunctionsStep 3: Update Docker Manager (src/docker-manager.ts)
config.agentImage:undefinedor'default'→ useagent:tagfrom GHCR'act'→ useagent-act:tagfrom GHCRBASE_IMAGEargStep 4: Update Tests
src/cli.test.ts- add tests for presets, update function namessrc/docker-manager.test.ts- test preset behavior and GHCR images, use constantStep 5: Update Documentation (docs/usage.md)
--agent-base-imagewith--agent-imagedefault,act) with tableStep 6: Verify changes
Step 7: Code review and security scan
Security Summary: No security vulnerabilities introduced. CodeQL found 0 alerts.
Original prompt
Problem Statement
The current --agent-base-image option is confusing:
Proposed Solution
"Base image" is an implementation detail. Users care about which agent image to use.
┌─────────┬──────────────────┬───────────────────────────────┬────────┬───────────────────────┐
│ Preset │ GHCR Image │ Base │ Size │ Use Case │
├─────────┼──────────────────┼───────────────────────────────┼────────┼───────────────────────┤
│ default │ agent:latest │ ubuntu:22.04 │ ~200MB │ Minimal, fast │
├─────────┼──────────────────┼───────────────────────────────┼────────┼───────────────────────┤
│ act │ agent-act:latest │ catthehacker/ubuntu:act-24.04 │ ~2GB │ GitHub Actions parity │
└─────────┴──────────────────┴───────────────────────────────┴────────┴───────────────────────┘
💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.