Skip to content

ci: configure git credentials for prerelease CDK clone#1371

Merged
tejaskash merged 1 commit into
aws:mainfrom
Hweinstock:fix/prerelease-git-credentials
May 22, 2026
Merged

ci: configure git credentials for prerelease CDK clone#1371
tejaskash merged 1 commit into
aws:mainfrom
Hweinstock:fix/prerelease-git-credentials

Conversation

@Hweinstock
Copy link
Copy Markdown
Contributor

@Hweinstock Hweinstock commented May 22, 2026

Description

Move GitHub App token generation before npm run bundle and configure git credentials so the bundle script can clone the private agentcore-l3-cdk-constructs repo.

The bundle script runs git clone https://github.com/aws/agentcore-l3-cdk-constructs.git which fails without credentials since the repo is private. This uses the same x-access-token pattern as the e2e test workflows.

Failed run: https://github.com/aws/agentcore-cli/actions/runs/26293331790

Related Issue

N/A

Documentation PR

N/A

Type of Change

  • Bug fix
  • New feature
  • Breaking change
  • Documentation update
  • Other (please describe):

Testing

How have you tested the change?

  • I ran npm run test:unit and npm run test:integ
  • I ran npm run typecheck
  • I ran npm run lint
  • If I modified src/assets/, I ran npm run test:update-snapshots and committed the updated snapshots

Workflow-only change — validated YAML syntax. Same x-access-token pattern proven in e2e-tests.yml and e2e-tests-full.yml.

Checklist

  • I have read the CONTRIBUTING document
  • I have added any necessary tests that prove my fix is effective or my feature works
  • I have updated the documentation accordingly
  • I have added an appropriate example to the documentation to outline the feature, or no new docs are needed
  • My changes generate no new warnings
  • Any dependent changes have been merged and published

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the
terms of your choice.

@github-actions github-actions Bot added the size/xs PR size: XS label May 22, 2026
@github-actions github-actions Bot added the agentcore-harness-reviewing AgentCore Harness review in progress label May 22, 2026
@agentcore-devx-automation agentcore-devx-automation Bot added the claude-security-reviewing Claude Code /security-review in progress label May 22, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 22, 2026

Package Tarball

aws-agentcore-0.14.2.tgz

How to install

gh release download pr-1371-tarball --repo aws/agentcore-cli --pattern "*.tgz" --dir /tmp/pr-tarball
npm install -g /tmp/pr-tarball/aws-agentcore-0.14.2.tgz

@agentcore-devx-automation
Copy link
Copy Markdown
Contributor

agentcore-devx-automation Bot commented May 22, 2026

Claude Security Review: no high-confidence findings. (run)

@agentcore-devx-automation agentcore-devx-automation Bot removed the claude-security-reviewing Claude Code /security-review in progress label May 22, 2026
agentcore-cli-automation
agentcore-cli-automation approved these changes May 22, 2026
View reviewed changes
Copy link
Copy Markdown

@agentcore-cli-automation agentcore-cli-automation left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Correct fix — moves token generation and git credential configuration before npm run bundle so the script's git clone of aws/agentcore-l3-cdk-constructs is authenticated. The insteadOf approach is a clean way to authenticate the clone without modifying scripts/bundle.mjs.

One small observation (non-blocking): .github/workflows/e2e-tests.yml and e2e-tests-full.yml both set owner: aws on the create-github-app-token step when they clone the same CDK repo, but this workflow omits it. If the App's default installation scope already covers the aws org this will work fine; otherwise you may need to add owner: aws to match those workflows. Since the linked failed run will tell you immediately, happy to defer to the next run.

@github-actions github-actions Bot removed the agentcore-harness-reviewing AgentCore Harness review in progress label May 22, 2026
@Hweinstock Hweinstock force-pushed the fix/prerelease-git-credentials branch from 31f3e22 to 321af1b Compare May 22, 2026 16:59
@github-actions github-actions Bot added size/s PR size: S and removed size/xs PR size: XS labels May 22, 2026
@agentcore-devx-automation agentcore-devx-automation Bot added the claude-security-reviewing Claude Code /security-review in progress label May 22, 2026
@agentcore-devx-automation
Copy link
Copy Markdown
Contributor

agentcore-devx-automation Bot commented May 22, 2026

Claude Security Review: no high-confidence findings. (run)

@agentcore-devx-automation agentcore-devx-automation Bot removed the claude-security-reviewing Claude Code /security-review in progress label May 22, 2026
@Hweinstock Hweinstock marked this pull request as ready for review May 22, 2026 17:59
@Hweinstock Hweinstock requested a review from a team May 22, 2026 17:59
@tejaskash tejaskash merged commit 5939a7e into aws:main May 22, 2026
26 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tejaskash tejaskash tejaskash approved these changes

+1 more reviewer

@agentcore-cli-automation agentcore-cli-automation agentcore-cli-automation approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

size/s PR size: S

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Hweinstock @tejaskash @agentcore-cli-automation