Skip to content

feat(runner): add CHAINLOOP_SANDBOX runner type#3137

Merged
migmartri merged 4 commits into
chainloop-dev:mainfrom
migmartri:feat/chainloop-sandbox-runner
May 20, 2026
Merged

feat(runner): add CHAINLOOP_SANDBOX runner type#3137
migmartri merged 4 commits into
chainloop-dev:mainfrom
migmartri:feat/chainloop-sandbox-runner

Conversation

@migmartri

@migmartri migmartri commented May 20, 2026

Copy link
Copy Markdown
Member

Summary

  • Adds CHAINLOOP_SANDBOX = 9 to the RunnerType enum.
  • Introduces a new no-op runner that auto-discovers when the CHAINLOOP_SANDBOX environment variable is set; otherwise it exposes no env vars and reports no run context.
  • Registers the runner in the factory and adds a human-readable name ("Chainloop Sandbox") in the CLI workflow run list output.
  • Adds unit tests for the runner and updates the existing humanized runner type test.

This PR was assisted by AI (Claude Code).

Introduces a new runner type CHAINLOOP_SANDBOX as a no-op placeholder.
CheckEnv returns false so it is never auto-discovered; it must be
selected explicitly via the contract's runner.type.

Assisted-by: Claude Code
Signed-off-by: Miguel Martinez Trivino <miguel@chainloop.dev>

@cubic-dev-ai cubic-dev-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 20 files

Re-trigger cubic

@migmartri migmartri force-pushed the feat/chainloop-sandbox-runner branch from 44a83a5 to 5e25681 Compare May 20, 2026 12:52
@migmartri migmartri requested a review from a team May 20, 2026 12:52
The sandbox runner is now picked up when the CHAINLOOP_SANDBOX
environment variable is set.

Assisted-by: Claude Code
Signed-off-by: Miguel Martinez Trivino <miguel@chainloop.dev>

Chainloop-Trace-Sessions: 3f5608e5-e869-4677-8c44-97a0b5aec207
@chainloop-platform

chainloop-platform Bot commented May 20, 2026

Copy link
Copy Markdown
Contributor

AI Session Analysis

Avg score Sessions Failing policies Attribution Files Lines Total Duration
🟡 83% 1 ✅ 0 100% AI / 0% Human 3 +107 / -1 1h4m18s

🟡 83% — 100% AI — ✅ All policies passing

May 20, 2026 12:06 UTC · 1h4m18s · $8.18 · 174 in / 29.8k out · claude-code 2.1.145 (claude-opus-4-7)

Change Summary

  • Adds CHAINLOOP_SANDBOX as a new no-op runner type across proto, generated bindings, runner implementation, and CLI display
  • Adds env-var auto-discovery for the new runner type
  • Adds chainloopsandbox_test.go and fixes exhaustive enum mapping in workflow_run_list_test.go

AI Session Overall Score

🟡 83% — Solid implementation with thin upfront planning and one premature test-pass claim.

AI Session Analysis Breakdown

🟢 92% · scope-discipline

🟢 All changes tightly scoped to the requested runner type; env-var feature added only after explicit user request. · High Impact

🟢 88% · solution-quality

🟢 New runner implemented at all required layers: proto enum, generated bindings, runner impl, and CLI mapping. · High Impact

🟢 88% · user-trust-signal

No notes.

🟢 88% · verification

🟢 CI failure diagnosed and fixed by adding a proper test case rather than weakening the exhaustive assertion. · High Impact

🟡 Test file additions not verifiable from diff stats; coverage assessed via session logs only. · Low Severity

🟡 78% · alignment

🟠 AI claimed 'All passing' before commit, but CI later caught missing enum mapping in workflow_run_list_test.go. · Medium Severity

💡 Before committing, grep for exhaustive-mapping tests that enforce enum completeness.

🟡 52% · context-and-planning

🔴 Initial prompt was a single sentence with no constraints, acceptance criteria, or scope boundaries. · High Severity

💡 State expected behavior, edge cases, and affected components upfront for multi-file tasks.

🟠 No structured plan or todo list used; intent stated inline before edits across proto, generated files, and multiple packages. · Medium Severity

💡 Use a written TODO list before editing when changes span multiple packages and generated files.

🟠 Env-var auto-discovery was absent from initial spec and added mid-session, revealing incomplete upfront scoping. · Medium Severity

💡 Ask about auto-detection behavior before beginning implementation of a new runner type.


File Attribution

████████████████████ 100% AI / 0% Human

Status Attribution File Lines
created ai pkg/attestation/crafter/runners/chainloopsandbox_test.go +99 / -0
modified ai pkg/attestation/crafter/runners/chainloopsandbox.go +4 / -1
modified ai app/cli/pkg/action/workflow_run_list_test.go +4 / -0

Policies (4)

Status Policy Material Messages
✅ Passed ai-config-ai-agents-allowed ai-coding-session-3f5608 -
✅ Passed ai-config-no-dangerous-commands ai-coding-session-3f5608 -
✅ Passed ai-config-no-secrets ai-coding-session-3f5608 -
✅ Passed ai-config-mcp-servers-allowed ai-coding-session-3f5608 -

Powered by Chainloop and Chainloop Trace

migmartri added 2 commits May 20, 2026 14:58
Assisted-by: Claude Code
Signed-off-by: Miguel Martinez Trivino <miguel@chainloop.dev>

Chainloop-Trace-Sessions: 3f5608e5-e869-4677-8c44-97a0b5aec207
Assisted-by: Claude Code
Signed-off-by: Miguel Martinez Trivino <miguel@chainloop.dev>

Chainloop-Trace-Sessions: 3f5608e5-e869-4677-8c44-97a0b5aec207
@migmartri migmartri merged commit c909701 into chainloop-dev:main May 20, 2026
16 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants