chore(ci): dispatch ClaudeBox to the v2 webhook (retire abandoned v1 SSH-tunnel path)

[AztecBot]

Why

The merge-train auto-fix (and every other ClaudeBox CI kickoff) goes through .github/workflows/claudebox.yml, which SSH-tunneled to the abandoned v1 ClaudeBox server on the private build instance (http://localhost:4001/run via ci.aztec-labs.com). That v1 server is dead — symptom seen in #team-alpha: create_pr failing with "No GitHub access configured" and the analysis link pointing at a non-resolving v1 URL.

ClaudeBox v2 runs as a public service at https://claudebox.work (this is the same bot you get when you @ClaudeBox in Slack). It exposes the same /run API, Bearer-authed with CLAUDEBOX_API_SECRET. The fix is to point CI at the v2 webhook and drop the v1 tunnel.

What changed

• .github/workflows/claudebox.yml — both jobs now POST to ${CLAUDEBOX_URL:-https://claudebox.work}/run instead of tunneling to the v1 server. Removed the Setup SSH tunnel steps and the 120-minute synchronous poll loop. Dispatch is now fire-and-forget: v2 reports progress to the bound Slack thread and to the GitHub comment IDs we pass through (comment_id / run_comment_id), so the /claudebox PR-comment UX is preserved.
• ci3/slack_notify_with_claudebox_kickoff — forwards the Slack channel ID + thread ts it just posted to (-f slack_channel, -f slack_thread_ts). v2 threads its status reply under that kickoff message, restoring the Slack feedback loop for merge-train / nightly / healthcheck kickoffs. This one script backs ~12 kickoff workflows, so they need no individual change.
• backport.yml / deploy-network.yml — the two direct gh workflow run claudebox.yml callers now also forward slack_channel / slack_thread_ts.
• target_ref (which v1 checked out server-side) is folded into the prompt — v2's /run has no target_ref field, so the agent fetches/bases its branch on the ref per the prompt (matches v2's prompt-driven model).

claudebox.yml keeps CLAUDEBOX_API_SECRET in one place, so no per-workflow secret plumbing was needed.

Operator prerequisites (action required)

1. Secret: the CLAUDEBOX_API_SECRET GitHub Actions secret in this repo must equal the deployed v2 server's api_secret. (POST /run is verified live — it returns 401 without a matching bearer.)
2. Slack membership: the v2 ClaudeBox bot must be a member of the kickoff channels (#alerts-next-scenario, #backports, #honk-team, #team-bonobos, #team-fairies, #alpha-team, the per-team merge-train channels, and the #alerts-<network> deploy channels) for threaded status. If it isn't, the session still runs — it just won't post back into that thread.
3. Optional: set repo variable CLAUDEBOX_URL to override the default endpoint.

Notes

• The claude-review job is migrated too. v2 also handles claude-review labels natively via the GitHub App workflow_run/pull_request webhook, so that job can be retired in a follow-up once the App is confirmed wired for this repo.
• No ClaudeBox (AztecProtocol/claudebox) code change is required — v2's /run already accepts this payload (prompt, user, repo, run_url, link, numeric comment_id/run_comment_id, slack_channel, slack_thread_ts).

Testing

• bash -n on the kickoff script and on every run: body in claudebox.yml (7 steps) — pass.
• jq payload construction validated for both the issue-comment case (numeric comment_id/run_comment_id added) and the workflow_dispatch case (omitted) — produces valid JSON matching the v2 RunRequest.
• All three workflow YAMLs parse.
• POST https://claudebox.work/run confirmed reachable and auth-protected (401 without bearer). End-to-end with the real secret could not be exercised from this session (the deployed secret is not exposed here).

---

Created by claudebox · group: slackbot