chore(ci): dispatch ClaudeBox to the v2 webhook (retire abandoned v1 SSH-tunnel path) (#23600)

## Why

The merge-train auto-fix (and every other ClaudeBox CI kickoff) goes
through `.github/workflows/claudebox.yml`, which SSH-tunneled to the
**abandoned v1 ClaudeBox server** on the private build instance
(`http://localhost:4001/run` via `ci.aztec-labs.com`). That v1 server is
dead — symptom seen in #team-alpha: `create_pr` failing with *"No GitHub
access configured"* and the analysis link pointing at a non-resolving v1
URL.

ClaudeBox v2 runs as a public service at `https://claudebox.work` (this
is the same bot you get when you `@ClaudeBox` in Slack). It exposes the
same `/run` API, Bearer-authed with `CLAUDEBOX_API_SECRET`. The fix is
to point CI at the v2 webhook and drop the v1 tunnel.

## What changed

- **`.github/workflows/claudebox.yml`** — both jobs now `POST` to
`${CLAUDEBOX_URL:-https://claudebox.work}/run` instead of tunneling to
the v1 server. Removed the `Setup SSH tunnel` steps and the 120-minute
synchronous poll loop. Dispatch is now **fire-and-forget**: v2 reports
progress to the bound Slack thread and to the GitHub comment IDs we pass
through (`comment_id` / `run_comment_id`), so the `/claudebox`
PR-comment UX is preserved.
- **`ci3/slack_notify_with_claudebox_kickoff`** — forwards the Slack
channel ID + thread ts it just posted to (`-f slack_channel`, `-f
slack_thread_ts`). v2 threads its status reply under that kickoff
message, restoring the Slack feedback loop for merge-train / nightly /
healthcheck kickoffs. This one script backs ~12 kickoff workflows, so
they need no individual change.
- **`backport.yml` / `deploy-network.yml`** — the two direct `gh
workflow run claudebox.yml` callers now also forward `slack_channel` /
`slack_thread_ts`.
- `target_ref` (which v1 checked out server-side) is folded into the
prompt — v2's `/run` has no `target_ref` field, so the agent
fetches/bases its branch on the ref per the prompt (matches v2's
prompt-driven model).

`claudebox.yml` keeps `CLAUDEBOX_API_SECRET` in one place, so no
per-workflow secret plumbing was needed.

## Operator prerequisites (action required)

1. **Secret**: the `CLAUDEBOX_API_SECRET` GitHub Actions secret in this
repo must equal the deployed v2 server's `api_secret`. (`POST /run` is
verified live — it returns 401 without a matching bearer.)
2. **Slack membership**: the v2 ClaudeBox bot must be a member of the
kickoff channels (`#alerts-next-scenario`, `#backports`, `#honk-team`,
`#team-bonobos`, `#team-fairies`, `#alpha-team`, the per-team
merge-train channels, and the `#alerts-<network>` deploy channels) for
threaded status. If it isn't, the session still runs — it just won't
post back into that thread.
3. Optional: set repo variable `CLAUDEBOX_URL` to override the default
endpoint.

## Notes

- The `claude-review` job is migrated too. v2 *also* handles
`claude-review` labels natively via the GitHub App
`workflow_run`/`pull_request` webhook, so that job can be retired in a
follow-up once the App is confirmed wired for this repo.
- No ClaudeBox (`AztecProtocol/claudebox`) code change is required —
v2's `/run` already accepts this payload (`prompt`, `user`, `repo`,
`run_url`, `link`, numeric `comment_id`/`run_comment_id`,
`slack_channel`, `slack_thread_ts`).

## Testing

- `bash -n` on the kickoff script and on every `run:` body in
`claudebox.yml` (7 steps) — pass.
- `jq` payload construction validated for both the issue-comment case
(numeric `comment_id`/`run_comment_id` added) and the workflow_dispatch
case (omitted) — produces valid JSON matching the v2 `RunRequest`.
- All three workflow YAMLs parse.
- `POST https://claudebox.work/run` confirmed reachable and
auth-protected (401 without bearer). End-to-end with the real secret
could not be exercised from this session (the deployed secret is not
exposed here).

---
*Created by
[claudebox](https://claudebox.work/v2/sessions/4b53f2dd8370a83a) ·
group: `slackbot`*

Author: ludamad

.github/workflows/backport.yml

@@ -122,4 +122,6 @@ jobs:
           gh workflow run claudebox.yml \
             -f prompt="Backport PR #$PR ($TITLE) to $BRANCH. The automatic cherry-pick failed due to conflicts. Follow .claude/claudebox/backport.md to resolve conflicts and create a PR." \
             -f link="${LINK:-$URL}" \
-            -f target_ref="origin/backport-to-${BRANCH}-staging"
+            -f target_ref="origin/backport-to-${BRANCH}-staging" \
+            -f slack_channel="$CHANNEL_ID" \
+            -f slack_thread_ts="$TS"

.github/workflows/claudebox.yml

@@ -16,10 +16,27 @@ on:
         required: false
         type: string
       target_ref:
-        description: 'Git ref to checkout in the container (e.g., origin/backport-to-v4-next-staging)'
+        description: 'Git ref the session should work against (e.g., origin/merge-train/barretenberg)'
+        required: false
+        type: string
+      slack_channel:
+        description: 'Slack channel ID to thread status into (set by the kickoff script)'
+        required: false
+        type: string
+      slack_thread_ts:
+        description: 'Slack thread timestamp to reply under (set by the kickoff script)'
         required: false
         type: string
 
+# ClaudeBox v2 runs as a public service at https://claudebox.work. CI hands a
+# job off by POSTing to its /run webhook (Bearer-authed with
+# CLAUDEBOX_API_SECRET) and returns immediately — the session reports progress
+# back to the bound Slack thread and to any GitHub comment IDs we pass through.
+# The old v1 server lived on a private build instance reached over an SSH
+# tunnel; that path is retired.
+env:
+  CLAUDEBOX_URL: ${{ vars.CLAUDEBOX_URL || 'https://claudebox.work' }}
+
 jobs:
   claudebox:
     if: >-
@@ -49,41 +66,13 @@ jobs:
             repos/${{ github.repository }}/issues/comments/${{ github.event.comment.id }}/reactions \
             -f content='eyes' || true
 
-      - name: Setup SSH tunnel to ClaudeBox
-        env:
-          BUILD_INSTANCE_SSH_KEY: ${{ secrets.BUILD_INSTANCE_SSH_KEY }}
-        run: |
-          set -eu
-          mkdir -p ~/.ssh
-          echo "${BUILD_INSTANCE_SSH_KEY}" | base64 --decode > ~/.ssh/build_instance_key
-          chmod 600 ~/.ssh/build_instance_key
-
-          # SSH tunnel: CI runner :4001 → bastion :3000 → (reverse tunnel) → claude-box :3001
-          ssh -f -N -L 4001:localhost:3000 \
-            -o StrictHostKeyChecking=no \
-            -o ServerAliveInterval=30 \
-            -o ServerAliveCountMax=3 \
-            -o ConnectTimeout=15 \
-            -i ~/.ssh/build_instance_key \
-            ubuntu@ci.aztec-labs.com
-
-          # Wait for tunnel
-          for i in $(seq 1 15); do
-            if curl -s -o /dev/null --max-time 2 http://localhost:4001/ 2>/dev/null; then
-              echo "SSH tunnel ready"
-              exit 0
-            fi
-            sleep 1
-          done
-          echo "ERROR: SSH tunnel failed to connect"
-          exit 1
-
       - name: Parse command
         id: parse
         env:
           COMMENT_BODY: ${{ github.event.comment.body || '' }}
           INPUT_PROMPT: ${{ inputs.prompt || '' }}
           INPUT_LINK: ${{ inputs.link || '' }}
+          INPUT_TARGET_REF: ${{ inputs.target_ref || '' }}
         run: |
           if [ -n "$INPUT_PROMPT" ]; then
             PROMPT="$INPUT_PROMPT"
@@ -93,6 +82,14 @@ jobs:
             LINK=""
           fi
 
+          # ClaudeBox v2 has no separate target_ref input; fold it into the
+          # prompt so the agent fetches and bases its branch on the right ref.
+          if [ -n "$INPUT_TARGET_REF" ]; then
+            PROMPT="$PROMPT
+
+          Work against git ref: $INPUT_TARGET_REF. Fetch it and base your branch on it."
+          fi
+
           echo "link=$LINK" >> "$GITHUB_OUTPUT"
           {
             echo "prompt<<PROMPT_EOF"
@@ -120,22 +117,24 @@ jobs:
           echo "run_comment_id=$COMMENT_ID" >> "$GITHUB_OUTPUT"
           echo "Posted status comment: $COMMENT_ID"
 
-      - name: Run ClaudeBox
-        timeout-minutes: 120
+      - name: Dispatch ClaudeBox v2
         env:
-          CLAUDEBOX_URL: http://localhost:4001
           CLAUDEBOX_API_SECRET: ${{ secrets.CLAUDEBOX_API_SECRET }}
           CLAUDEBOX_PROMPT: ${{ steps.parse.outputs.prompt }}
           CLAUDEBOX_LINK: ${{ steps.parse.outputs.link }}
-          CLAUDEBOX_TARGET_REF: ${{ inputs.target_ref || '' }}
           COMMENT_ID: ${{ github.event.comment.id || '' }}
           RUN_COMMENT_ID: ${{ steps.status_comment.outputs.run_comment_id || '' }}
           REPO: ${{ github.repository }}
           RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
           AUTHOR: ${{ github.event.comment.user.login || github.actor }}
+          SLACK_CHANNEL: ${{ inputs.slack_channel || '' }}
+          SLACK_THREAD_TS: ${{ inputs.slack_thread_ts || '' }}
         run: |
-          AUTH="Authorization: Bearer ${CLAUDEBOX_API_SECRET}"
-          echo "Creating payload..."
+          if [ -z "${CLAUDEBOX_API_SECRET:-}" ]; then
+            echo "ERROR: CLAUDEBOX_API_SECRET is not set; cannot dispatch ClaudeBox v2"
+            exit 1
+          fi
+
           PAYLOAD=$(jq -n \
             --arg prompt "$CLAUDEBOX_PROMPT" \
             --arg user "$AUTHOR" \
@@ -144,41 +143,29 @@ jobs:
             --arg repo "$REPO" \
             --arg run_url "$RUN_URL" \
             --arg link "$CLAUDEBOX_LINK" \
-            --arg target_ref "$CLAUDEBOX_TARGET_REF" \
-            '{prompt: $prompt, user: $user, comment_id: $comment_id, run_comment_id: $run_comment_id, repo: $repo, run_url: $run_url, link: $link, target_ref: $target_ref}')
+            --arg slack_channel "$SLACK_CHANNEL" \
+            --arg slack_thread_ts "$SLACK_THREAD_TS" \
+            '{prompt: $prompt, user: $user, repo: $repo, run_url: $run_url, link: $link, slack_channel: $slack_channel, slack_thread_ts: $slack_thread_ts}
+             + (if $comment_id != "" then {comment_id: ($comment_id | tonumber)} else {} end)
+             + (if $run_comment_id != "" then {run_comment_id: ($run_comment_id | tonumber)} else {} end)')
 
-          echo "Sending payload..."
-          # Start session — returns 202 with log URL
+          # Fire-and-forget: v2 reports progress to Slack / GitHub comments.
           RESPONSE=$(curl -sS -w "\n%{http_code}" \
-            -H "$AUTH" -H "Content-Type: application/json" \
+            -H "Authorization: Bearer ${CLAUDEBOX_API_SECRET}" \
+            -H "Content-Type: application/json" \
             -d "$PAYLOAD" "${CLAUDEBOX_URL}/run")
 
           HTTP_CODE=$(echo "$RESPONSE" | tail -1)
           BODY=$(echo "$RESPONSE" | head -n -1)
 
           if [ "$HTTP_CODE" -ge 400 ] 2>/dev/null; then
-            echo "ClaudeBox returned HTTP $HTTP_CODE: $BODY"
+            echo "ClaudeBox v2 returned HTTP $HTTP_CODE: $BODY"
             exit 1
           fi
 
-          LOG_URL=$(echo "$BODY" | jq -r '.log_url // empty')
-          SESSION_ID=$(basename "$LOG_URL")
-          echo "Session started: $LOG_URL"
-
-          echo "Session received, polling..."
-          # Poll until completed
-          while true; do
-            sleep 30
-            STATUS_BODY=$(curl -sS -H "$AUTH" "${CLAUDEBOX_URL}/session/${SESSION_ID}" 2>/dev/null || echo '{}')
-            STATUS=$(echo "$STATUS_BODY" | jq -r '.status // "unknown"')
-            echo "$(date -u +%H:%M:%S) status=$STATUS"
-            if [ "$STATUS" != "running" ]; then
-              EXIT_CODE=$(echo "$STATUS_BODY" | jq -r '.exit_code // 1')
-              echo "Session finished: status=$STATUS exit_code=$EXIT_CODE"
-              echo "Log: $LOG_URL"
-              exit "$EXIT_CODE"
-            fi
-          done
+          SESSION_ID=$(echo "$BODY" | jq -r '.session_id // empty')
+          echo "ClaudeBox v2 session: ${CLAUDEBOX_URL}/v2/sessions/${SESSION_ID}"
+          echo "Status: $(echo "$BODY" | jq -r '.status // "unknown"')"
 
   claude-review:
     if: >-
@@ -189,33 +176,6 @@ jobs:
     permissions:
       contents: read
     steps:
-      - name: Setup SSH tunnel to ClaudeBox
-        env:
-          BUILD_INSTANCE_SSH_KEY: ${{ secrets.BUILD_INSTANCE_SSH_KEY }}
-        run: |
-          set -eu
-          mkdir -p ~/.ssh
-          echo "${BUILD_INSTANCE_SSH_KEY}" | base64 --decode > ~/.ssh/build_instance_key
-          chmod 600 ~/.ssh/build_instance_key
-
-          ssh -f -N -L 4001:localhost:3000 \
-            -o StrictHostKeyChecking=no \
-            -o ServerAliveInterval=30 \
-            -o ServerAliveCountMax=3 \
-            -o ConnectTimeout=15 \
-            -i ~/.ssh/build_instance_key \
-            ubuntu@ci.aztec-labs.com
-
-          for i in $(seq 1 15); do
-            if curl -s -o /dev/null --max-time 2 http://localhost:4001/ 2>/dev/null; then
-              echo "SSH tunnel ready"
-              exit 0
-            fi
-            sleep 1
-          done
-          echo "ERROR: SSH tunnel failed to connect"
-          exit 1
-
       - name: Post review status comment
         id: status_comment
         env:
@@ -232,10 +192,8 @@ jobs:
           echo "run_comment_id=$COMMENT_ID" >> "$GITHUB_OUTPUT"
           echo "Posted review status comment: $COMMENT_ID"
 
-      - name: Trigger ClaudeBox review
-        timeout-minutes: 120
+      - name: Dispatch ClaudeBox v2 review
         env:
-          CLAUDEBOX_URL: http://localhost:4001
           CLAUDEBOX_API_SECRET: ${{ secrets.CLAUDEBOX_API_SECRET }}
           PR_NUMBER: ${{ github.event.pull_request.number }}
           PR_TITLE: ${{ github.event.pull_request.title }}
@@ -246,7 +204,10 @@ jobs:
           RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
           REPO: ${{ github.repository }}
         run: |
-          AUTH="Authorization: Bearer ${CLAUDEBOX_API_SECRET}"
+          if [ -z "${CLAUDEBOX_API_SECRET:-}" ]; then
+            echo "ERROR: CLAUDEBOX_API_SECRET is not set; cannot dispatch ClaudeBox v2"
+            exit 1
+          fi
 
           PROMPT="Review PR #${PR_NUMBER}: ${PR_TITLE}
           ${PR_URL}
@@ -265,36 +226,22 @@ jobs:
             --arg repo "$REPO" \
             --arg run_url "$RUN_URL" \
             --arg link "$PR_URL" \
-            --arg profile "review" \
-            '{prompt: $prompt, user: $user, run_comment_id: $run_comment_id, repo: $repo, run_url: $run_url, link: $link, profile: $profile}')
+            '{prompt: $prompt, user: $user, repo: $repo, run_url: $run_url, link: $link}
+             + (if $run_comment_id != "" then {run_comment_id: ($run_comment_id | tonumber)} else {} end)')
 
           RESPONSE=$(curl -sS -w "\n%{http_code}" \
-            -H "$AUTH" -H "Content-Type: application/json" \
+            -H "Authorization: Bearer ${CLAUDEBOX_API_SECRET}" \
+            -H "Content-Type: application/json" \
             -d "$PAYLOAD" "${CLAUDEBOX_URL}/run")
 
           HTTP_CODE=$(echo "$RESPONSE" | tail -1)
           BODY=$(echo "$RESPONSE" | head -n -1)
 
           if [ "$HTTP_CODE" -ge 400 ] 2>/dev/null; then
-            echo "ClaudeBox returned HTTP $HTTP_CODE: $BODY"
-            exit 1
+            echo "ClaudeBox v2 returned HTTP $HTTP_CODE: $BODY"
+            # Review dispatch failures are informational — don't fail the workflow.
+            exit 0
           fi
 
-          LOG_URL=$(echo "$BODY" | jq -r '.log_url // empty')
-          SESSION_ID=$(basename "$LOG_URL")
-          echo "Review session started: $LOG_URL"
-
-          # Poll until completed
-          while true; do
-            sleep 30
-            STATUS_BODY=$(curl -sS -H "$AUTH" "${CLAUDEBOX_URL}/session/${SESSION_ID}" 2>/dev/null || echo '{}')
-            STATUS=$(echo "$STATUS_BODY" | jq -r '.status // "unknown"')
-            echo "$(date -u +%H:%M:%S) status=$STATUS"
-            if [ "$STATUS" != "running" ]; then
-              EXIT_CODE=$(echo "$STATUS_BODY" | jq -r '.exit_code // 1')
-              echo "Review finished: status=$STATUS exit_code=$EXIT_CODE"
-              echo "Log: $LOG_URL"
-              # Don't fail the workflow on review errors — the review itself is informational
-              exit 0
-            fi
-          done
+          SESSION_ID=$(echo "$BODY" | jq -r '.session_id // empty')
+          echo "ClaudeBox v2 review session: ${CLAUDEBOX_URL}/v2/sessions/${SESSION_ID}"

.github/workflows/deploy-network.yml

@@ -294,7 +294,9 @@ jobs:
           gh workflow run claudebox.yml \
             -f prompt="$PROMPT" \
             -f link="${LINK:-$RUN_URL}" \
-            -f target_ref="${{ steps.checkout-ref.outputs.ref }}" || true
+            -f target_ref="${{ steps.checkout-ref.outputs.ref }}" \
+            -f slack_channel="$CHANNEL_ID" \
+            -f slack_thread_ts="$TS" || true
 
   update-irm:
     needs: deploy-network

ci3/slack_notify_with_claudebox_kickoff

@@ -47,14 +47,22 @@ if [[ -n "${SLACK_BOT_TOKEN:-}" ]]; then
   fi
 fi
 
-# Dispatch ClaudeBox workflow (CI=1 guaranteed above; gh auth assumed in CI)
-target_ref_args=()
+# Dispatch ClaudeBox workflow (CI=1 guaranteed above; gh auth assumed in CI).
+# claudebox.yml forwards these inputs to the ClaudeBox v2 /run webhook; passing
+# the Slack channel + thread ts lets v2 reply into the message posted above.
+extra_args=()
 if [[ -n "$target_ref" ]]; then
-  target_ref_args+=(-f "target_ref=$target_ref")
+  extra_args+=(-f "target_ref=$target_ref")
+fi
+if [[ -n "${CHANNEL_ID:-}" ]]; then
+  extra_args+=(-f "slack_channel=$CHANNEL_ID")
+fi
+if [[ -n "${TS:-}" ]]; then
+  extra_args+=(-f "slack_thread_ts=$TS")
 fi
 gh workflow run claudebox.yml \
   -R "$REPO" --ref next \
   -f prompt="$prompt" \
   -f link="$link" \
-  "${target_ref_args[@]}" || true
+  "${extra_args[@]}" || true
 echo "ClaudeBox dispatched"