File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1+ FROM public.ecr.aws/docker/library/python:3.12-slim
2+
3+ # Install system dependencies
4+ RUN apt-get update && apt-get install -y \
5+ git \
6+ curl \
7+ jq \
8+ && rm -rf /var/lib/apt/lists/*
9+
10+ # Install GitHub CLI
11+ RUN curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg -o /usr/share/keyrings/githubcli-archive-keyring.gpg \
12+ && echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" \
13+ > /etc/apt/sources.list.d/github-cli.list \
14+ && apt-get update \
15+ && apt-get install -y gh \
16+ && rm -rf /var/lib/apt/lists/*
17+
18+ # Tokens are passed as build args only — not stored in env vars
19+ ARG CLONE_TOKEN
20+ ARG GITHUB_TOKEN
21+
22+ # Configure git to use clone token for HTTPS clones
23+ RUN git config --global url."https://${CLONE_TOKEN}@github.com/" .insteadOf "https://github.com/"
24+
25+ # Persist gh CLI auth so GITHUB_TOKEN doesn't need to be in the environment
26+ RUN mkdir -p /root/.config/gh \
27+ && echo "github.com:" > /root/.config/gh/hosts.yml \
28+ && echo " oauth_token: ${GITHUB_TOKEN}" >> /root/.config/gh/hosts.yml \
29+ && echo " user: agentcore-cli-automation" >> /root/.config/gh/hosts.yml \
30+ && echo " git_protocol: https" >> /root/.config/gh/hosts.yml
31+
32+ WORKDIR /opt/workspace
Original file line number Diff line number Diff line change 1+ # Harness Resources
2+
3+ Container and scripts for AI-powered automation via
4+ [ AgentCore Harness] ( https://docs.aws.amazon.com/bedrock/latest/userguide/agentcore.html ) .
5+
6+ ## Structure
7+
8+ ```
9+ harness/
10+ ├── Dockerfile # Container image for the harness runtime
11+ ├── harness_review.py # Invokes the harness to review PRs (SigV4 + event stream)
12+ └── prompts/
13+ ├── system.md # System prompt (workspace context)
14+ └── review.md # PR review task prompt
15+ ```
16+
17+ ## Current: PR Reviewer
18+
19+ Reviews pull requests on open/reopen via ` .github/workflows/pr-ai-review.yml ` .
20+
21+ ### Dual-token setup
22+
23+ The Dockerfile takes two build args:
24+
25+ - ** ` CLONE_TOKEN ` ** — baked into git config for cloning private repos
26+ - ** ` GITHUB_TOKEN ` ** — baked into ` gh ` CLI auth for posting PR comments
27+
28+ ### Building the container
29+
30+ ``` bash
31+ finch build \
32+ --build-arg CLONE_TOKEN=< pat-for-cloning> \
33+ --build-arg GITHUB_TOKEN=< pat-for-gh-api> \
34+ -t pr-reviewer .github/harness/
35+ ```
36+
37+ ## Future: Tester
38+
39+ This directory will also house a harness-based test runner.
Original file line number Diff line number Diff line change 2525DIM = "\033 [2m"
2626RESET = "\033 [0m"
2727
28- SCRIPTS_DIR = os .path .join ( os . path . dirname (__file__ ), ".." )
28+ SCRIPTS_DIR = os .path .dirname (__file__ )
2929
3030
3131def read_prompt (filename ):
File renamed without changes.
File renamed without changes.
Original file line number Diff line number Diff line change @@ -139,7 +139,7 @@ jobs:
139139 env :
140140 PR_URL : ${{ steps.pr-url.outputs.url }}
141141 HARNESS_ARN : ${{ secrets.HARNESS_ARN }}
142- run : python .github/scripts/python /harness_review.py
142+ run : python .github/harness /harness_review.py
143143
144144 - name : Remove agentcore-harness-reviewing label
145145 if : always()
Original file line number Diff line number Diff line change 11CHANGELOG.md
22src /assets /** /* .md
3- .github /scripts /prompts /
3+ .github /harness /prompts /
You can’t perform that action at this time.
0 commit comments