Wire runtime credentials into workforce deploy

[khaliqgant]

Summary

• request cloud /runtime-credentials for non-cloud deploy launches with declared integrations
• inject only RELAYFILE runtime env plus path-scoped relay_pa metadata into launched dev/BYO-sandbox personas
• prefer cloud integration status before env fallback, while masking provider env token/connection-id values when runtime credentials are used
• add live unauthenticated POST 401 and GET 405 route acceptance coverage

Evidence

• corepack pnpm --filter @agentworkforce/deploy test -> 153/153 pass
• git diff --check -> pass

Contract coverage

• Live acceptance: packages/deploy/src/runtime-credentials-live.test.ts asserts prod POST no-auth returns 401 unauthorized and GET returns 405.
• No-leak sentinel: deploy test sets WORKFORCE_INTEGRATION_GITHUB_TOKEN=WORKFORCE_PROVIDER_TOKEN_SHOULD_NOT_LEAK and asserts the launched env, request calls, and logs do not contain the sentinel; provider token/connection env values are masked.
• Detection + credential same path: deploy test sends a persona with github writeback trigger to /runtime-credentials, asserts request includes the same trigger, and asserts launched env receives non-null relay_pa_scoped plus matching /github/repos/**/**/pulls/** mount paths.
• No-trigger: deploy test asserts a no-trigger integration preserves relayfileToken:null as empty RELAYFILE_TOKEN and RELAYFILE_MOUNT_PATHS=[].

No hosted cloud deployment endpoint behavior changed; this is the workforce deploy half only.

[coderabbitai]

Warning

Review limit reached

@khaliqgant, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 39 minutes and 51 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: f855598c-73dc-495c-a67c-f0c86dc798be

📥 Commits

Reviewing files that changed from the base of the PR and between e155b84 and 8cca9ac.

📒 Files selected for processing (3)

• packages/deploy/src/deploy.test.ts
• packages/deploy/src/deploy.ts
• packages/deploy/src/runtime-credentials-live.test.ts

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/conn-runtime-credentials-acceptance

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Code Review

This pull request introduces support for resolving and injecting runtime credentials during deployment (specifically in dev mode or with a BYO sandbox). It adds a helper resolveRuntimeCredentialEnv to fetch credentials from the cloud, injects them into the launcher environment, and masks integration tokens to prevent leakage. It also includes unit and live integration tests to verify this behavior. Feedback on the changes highlights a potential TypeScript compilation error and runtime crash under strictNullChecks because activeToken can be undefined but is passed to a parameter typed strictly as string. A suggestion is provided to make workspaceToken optional and handle its absence gracefully.

[gemini-code-assist]

The activeToken variable can be undefined (as indicated by its conditional usage on line 319). Passing it to resolveRuntimeCredentialEnv where workspaceToken is strictly typed as string will cause a TypeScript compilation error under strictNullChecks.

Furthermore, if activeToken is missing (e.g., in offline or unauthenticated local dev scenarios), attempting to fetch runtime credentials from the cloud will fail with a 401 Unauthorized or network error, crashing the entire deployment. Making workspaceToken optional and returning undefined early when it is missing prevents this crash and allows local-only dev flows to proceed smoothly.

Suggested change

	async function resolveRuntimeCredentialEnv(args: {
	mode: DeployMode;
	persona: PersonaSpec;
	workspace: string;
	workspaceToken: string;
	cloudUrl?: string;
	byoSandbox: boolean;
	enabled: boolean;
	}): Promise<Record<string, string> | undefined> {
	if (!args.enabled || !shouldRequestRuntimeCredentials(args)) {
	return undefined;
	}
	async function resolveRuntimeCredentialEnv(args: {
	mode: DeployMode;
	persona: PersonaSpec;
	workspace: string;
	workspaceToken?: string;
	cloudUrl?: string;
	byoSandbox: boolean;
	enabled: boolean;
	}): Promise<Record<string, string> | undefined> {
	if (!args.enabled || !args.workspaceToken || !shouldRequestRuntimeCredentials(args)) {
	return undefined;
	}

[cubic-dev-ai]

1 issue found across 3 files

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="packages/deploy/src/deploy.ts">

<violation number="1" location="packages/deploy/src/deploy.ts:510">
P1: Do not include raw runtime-credentials payloads in thrown errors; it can leak `relayfileToken` secrets into logs.</violation>
</file>

<sub>Reply with feedback, questions, or to request a fix.

Re-trigger cubic</sub>

[cubic-dev-ai]

P1: Do not include raw runtime-credentials payloads in thrown errors; it can leak relayfileToken secrets into logs.

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At packages/deploy/src/deploy.ts, line 510:

<comment>Do not include raw runtime-credentials payloads in thrown errors; it can leak `relayfileToken` secrets into logs.</comment>

<file context>
@@ -370,13 +381,159 @@ function defaultIntegrationResolver(args: {
+    ? body.relayfileMountPaths.filter((entry): entry is string => typeof entry === 'string')
+    : [];
+  if (!relayfileUrl || !relayfileWorkspaceId || relayfileToken === '') {
+    throw new Error(
+      `runtime-credentials response missing relayfileUrl/relayfileWorkspaceId/relayfileToken: ${JSON.stringify(body)}`
+    );
</file context>

Suggested change

	throw new Error(
	`runtime-credentials response missing relayfileUrl/relayfileWorkspaceId/relayfileToken: ${JSON.stringify(body)}`
	);
	const safeBody = {
	relayfileUrl: body.relayfileUrl,
	relayfileWorkspaceId: body.relayfileWorkspaceId,
	relayfileToken: body.relayfileToken === null ? null : '[redacted]',
	relayfileMountPaths: body.relayfileMountPaths
	};
	throw new Error(
	`runtime-credentials response missing relayfileUrl/relayfileWorkspaceId/relayfileToken: ${JSON.stringify(safeBody)}`
	);

[agent-relay-bot]

Reviewed PR #171 and made two fixes:

• Gated packages/deploy/src/runtime-credentials-live.test.ts behind WORKFORCE_LIVE_RUNTIME_CREDENTIALS_TESTS=1 so normal test runs don’t depend on production network behavior.
• Fixed packages/runtime/src/ctx.test.ts isolation by clearing RELAYFILE_TOKEN and RELAY_AGENT_TOKENS in the “cloud auth absent” case.

Local verification completed:

• corepack pnpm --filter @agentworkforce/deploy test
• corepack pnpm run check

[agent-relay-bot]

✅ pr-reviewer applied fixes — committed and pushed 05262c2 to this PR. The notes below describe what changed.

Reviewed PR #171 and made two fixes:

• Gated packages/deploy/src/runtime-credentials-live.test.ts behind WORKFORCE_LIVE_RUNTIME_CREDENTIALS_TESTS=1 so normal test runs don’t depend on production network behavior.
• Fixed packages/runtime/src/ctx.test.ts isolation by clearing RELAYFILE_TOKEN and RELAY_AGENT_TOKENS in the “cloud auth absent” case.

Local verification completed:

• corepack pnpm --filter @agentworkforce/deploy test
• corepack pnpm run check

[agent-relay-bot]

✅ pr-reviewer applied fixes — committed and pushed 05262c2 to this PR. The notes below describe what changed.

Reviewed PR #171 and made two fixes:

• Gated packages/deploy/src/runtime-credentials-live.test.ts behind WORKFORCE_LIVE_RUNTIME_CREDENTIALS_TESTS=1 so normal test runs don’t depend on production network behavior.
• Fixed packages/runtime/src/ctx.test.ts isolation by clearing RELAYFILE_TOKEN and RELAY_AGENT_TOKENS in the “cloud auth absent” case.

Local verification completed:

• corepack pnpm --filter @agentworkforce/deploy test
• corepack pnpm run check

[agent-relay-bot]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Reviewed PR #171 and made one CI-stability fix: packages/deploy/src/runtime-credentials-live.test.ts now runs only when WORKFORCE_LIVE_TESTS=1, so normal test runs don’t depend on the live agentrelay.com endpoint.

Verification run locally:

• corepack pnpm --filter @agentworkforce/persona-kit build
• corepack pnpm --filter @agentworkforce/deploy test
• corepack pnpm --filter @agentworkforce/deploy lint

Deploy tests pass with the live runtime-credentials probe skipped by default.

[agent-relay-bot]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Reviewed PR #171 and made one CI-stability fix: packages/deploy/src/runtime-credentials-live.test.ts now runs only when WORKFORCE_LIVE_TESTS=1, so normal test runs don’t depend on the live agentrelay.com endpoint.

Verification run locally:

• corepack pnpm --filter @agentworkforce/persona-kit build
• corepack pnpm --filter @agentworkforce/deploy test
• corepack pnpm --filter @agentworkforce/deploy lint

Deploy tests pass with the live runtime-credentials probe skipped by default.

[agent-relay-bot]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Fixed the issues I found:

• Gated the live runtime-credentials probe in runtime-credentials-live.test.ts behind WORKFORCE_LIVE_RUNTIME_CREDENTIALS_TEST=1, so normal tests do not depend on an external service.
• Hardened the runtime no-auth memory test in ctx.test.ts to clear all token/workspace fallback env vars used by the runtime.

Validation run locally:

• corepack pnpm --filter @agentworkforce/deploy test
• corepack pnpm --filter @agentworkforce/runtime test
• corepack pnpm run check

[agent-relay-bot]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Fixed the issues I found:

• Gated the live runtime-credentials probe in runtime-credentials-live.test.ts behind WORKFORCE_LIVE_RUNTIME_CREDENTIALS_TEST=1, so normal tests do not depend on an external service.
• Hardened the runtime no-auth memory test in ctx.test.ts to clear all token/workspace fallback env vars used by the runtime.

Validation run locally:

• corepack pnpm --filter @agentworkforce/deploy test
• corepack pnpm --filter @agentworkforce/runtime test
• corepack pnpm run check

[agent-relay-bot]

Reviewed PR #171 locally and made targeted fixes:

• Prevented malformed runtime-credentials errors from dumping response bodies that may contain scoped tokens.
• Added a regression test for that non-leak behavior.
• Gated the new live runtime-credentials probe behind WORKFORCE_LIVE_RUNTIME_CREDENTIALS_TEST=1 so default CI is deterministic.
• Fixed an existing runtime test isolation gap by clearing all token fallback env vars.

Local verification passed:

• corepack pnpm --filter @agentworkforce/deploy test
• corepack pnpm --filter @agentworkforce/runtime test
• corepack pnpm run check

[agent-relay-bot]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Reviewed PR #171 locally and made targeted fixes:

• Prevented malformed runtime-credentials errors from dumping response bodies that may contain scoped tokens.
• Added a regression test for that non-leak behavior.
• Gated the new live runtime-credentials probe behind WORKFORCE_LIVE_RUNTIME_CREDENTIALS_TEST=1 so default CI is deterministic.
• Fixed an existing runtime test isolation gap by clearing all token fallback env vars.

Local verification passed:

• corepack pnpm --filter @agentworkforce/deploy test
• corepack pnpm --filter @agentworkforce/runtime test
• corepack pnpm run check

[agent-relay-bot]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Reviewed PR #171 locally and made targeted fixes:

• Prevented malformed runtime-credentials errors from dumping response bodies that may contain scoped tokens.
• Added a regression test for that non-leak behavior.
• Gated the new live runtime-credentials probe behind WORKFORCE_LIVE_RUNTIME_CREDENTIALS_TEST=1 so default CI is deterministic.
• Fixed an existing runtime test isolation gap by clearing all token fallback env vars.

Local verification passed:

• corepack pnpm --filter @agentworkforce/deploy test
• corepack pnpm --filter @agentworkforce/runtime test
• corepack pnpm run check

[agent-relay-bot]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Implemented the PR review fixes:

• Gated the live runtime-credentials probe behind WORKFORCE_LIVE_RUNTIME_CREDENTIALS_TEST=1.
• Removed malformed runtime-credentials response body dumping so scoped tokens cannot leak through error messages.
• Added a regression test for malformed response token non-leakage.
• Hardened the runtime no-auth memory test by clearing additional token fallback env vars.

Local verification passed:

• corepack pnpm --filter @agentworkforce/deploy test
• corepack pnpm --filter @agentworkforce/runtime test
• corepack pnpm run check

[agent-relay-bot]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Implemented the PR review fixes:

• Gated the live runtime-credentials probe behind WORKFORCE_LIVE_RUNTIME_CREDENTIALS_TEST=1.
• Removed malformed runtime-credentials response body dumping so scoped tokens cannot leak through error messages.
• Added a regression test for malformed response token non-leakage.
• Hardened the runtime no-auth memory test by clearing additional token fallback env vars.

Local verification passed:

• corepack pnpm --filter @agentworkforce/deploy test
• corepack pnpm --filter @agentworkforce/runtime test
• corepack pnpm run check

[agent-relay-bot]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Reviewed PR #171 and made the needed fixes.

Changed:

• Made packages/deploy/src/runtime-credentials-live.test.ts opt-in with WORKFORCE_LIVE_RUNTIME_CREDENTIALS=1, so normal tests do not depend on the public cloud route.
• Fixed packages/runtime/src/ctx.ts so RELAYFILE_TOKEN path-scoped runtime credentials are not reused as cloud memory auth.
• Added runtime coverage proving relayfile path tokens do not enable memory calls, and hardened the no-auth memory test against ambient env.

Validation:

• corepack pnpm --filter @agentworkforce/deploy test passed.
• corepack pnpm --filter @agentworkforce/runtime test passed.
• corepack pnpm run check passed locally.

[agent-relay-bot]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Reviewed PR #171 and made the needed fixes.

Changed:

• Made packages/deploy/src/runtime-credentials-live.test.ts opt-in with WORKFORCE_LIVE_RUNTIME_CREDENTIALS=1, so normal tests do not depend on the public cloud route.
• Fixed packages/runtime/src/ctx.ts so RELAYFILE_TOKEN path-scoped runtime credentials are not reused as cloud memory auth.
• Added runtime coverage proving relayfile path tokens do not enable memory calls, and hardened the no-auth memory test against ambient env.

Validation:

• corepack pnpm --filter @agentworkforce/deploy test passed.
• corepack pnpm --filter @agentworkforce/runtime test passed.
• corepack pnpm run check passed locally.

[agent-relay-bot]

Reviewed PR #171 and applied the needed fixes.

Changed:

• Gated the live runtime-credentials probe behind WORKFORCE_LIVE_RUNTIME_CREDENTIALS=1.
• Removed malformed runtime-credentials response body dumping so scoped tokens cannot leak in errors.
• Added deploy regression coverage for malformed response non-leakage.
• Fixed runtime memory auth so RELAYFILE_TOKEN path-scoped credentials are not reused as cloud memory auth.
• Hardened the no-auth memory test against ambient fallback env vars and added regression coverage.

Local verification passed:

• corepack pnpm --filter @agentworkforce/deploy test
• corepack pnpm --filter @agentworkforce/runtime test
• corepack pnpm run check

[agent-relay-bot]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Reviewed PR #171 and applied the needed fixes.

Changed:

• Gated the live runtime-credentials probe behind WORKFORCE_LIVE_RUNTIME_CREDENTIALS=1.
• Removed malformed runtime-credentials response body dumping so scoped tokens cannot leak in errors.
• Added deploy regression coverage for malformed response non-leakage.
• Fixed runtime memory auth so RELAYFILE_TOKEN path-scoped credentials are not reused as cloud memory auth.
• Hardened the no-auth memory test against ambient fallback env vars and added regression coverage.

Local verification passed:

• corepack pnpm --filter @agentworkforce/deploy test
• corepack pnpm --filter @agentworkforce/runtime test
• corepack pnpm run check

[agent-relay-bot]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Reviewed PR #171 and applied the needed fixes.

Changed:

• Gated the live runtime-credentials probe behind WORKFORCE_LIVE_RUNTIME_CREDENTIALS=1.
• Removed malformed runtime-credentials response body dumping so scoped tokens cannot leak in errors.
• Added deploy regression coverage for malformed response non-leakage.
• Fixed runtime memory auth so RELAYFILE_TOKEN path-scoped credentials are not reused as cloud memory auth.
• Hardened the no-auth memory test against ambient fallback env vars and added regression coverage.

Local verification passed:

• corepack pnpm --filter @agentworkforce/deploy test
• corepack pnpm --filter @agentworkforce/runtime test
• corepack pnpm run check