fix(issue-reporter): use session-scoped endpoint, drop agent_id requirement#341
Merged
Conversation
Contributor
Greptile SummaryThis PR simplifies the issue-reporter MCP by replacing the
Confidence Score: 5/5Safe to merge. The session-scoped routes follow the same auth and cross-tenant ownership patterns as the existing agent-scoped routes, and the MCP tool changes are consistent end-to-end. The core change — resolving agent_id server-side from a session row — is well-contained, and the new route handlers correctly perform auth and cross-ownership checks before any write. The MCP tool, subprocess env, and system-prompt instruction are all updated in concert with no dangling references to the old agent_id flow. The new GET handler in sessions/[session_id]/issues/route.ts has a minor limit-parsing edge case worth a look before shipping.
|
| Filename | Overview |
|---|---|
| harnesses/opencode/report-issue-mcp.mjs | Migrated all three tool handlers (report_issue, list_issues, update_issue) to resolve session_id from env or tool arg and call session-scoped API endpoints; tool schemas updated accordingly. |
| harnesses/opencode/gen-mcp-config.mjs | Switched subprocess env injection from AGENT_ID to SESSION_ID, consistent with the updated tool implementation. |
| src/app/api/v1/managed_agents/sessions/[session_id]/issues/route.ts | Added a GET handler alongside the existing POST; the limit query parameter is not validated against NaN, so a non-numeric value will produce take: NaN in the Prisma query. |
| src/app/api/v1/managed_agents/sessions/[session_id]/issues/[issue_id]/route.ts | New PATCH route that resolves agent_id from the session and verifies issue ownership before update; auth and cross-tenant checks are correctly ordered. |
| src/app/api/v1/managed_agents/agents/[agent_id]/session/route.ts | System prompt updated to instruct the model to pass session_id only (agent_id is still shown for context but no longer required by the tool schema). |
| src/server/sandbox/daytona.ts | Added optional memoryGb parameter forwarded as resources.memory to Daytona sandbox create calls. |
| harnesses/opencode/Dockerfile.inline | Pins opencode install to version 1.14.41 instead of latest, improving build reproducibility. |
| tests/opencode-inline-local.spec.ts | New E2E smoke test for the inline harness; AGENT_ID is read from env with an empty-string default and will throw clearly if unset. |
| src/server/env.ts | Added DAYTONA_MEMORY as an optional positive integer env var, coerced by Zod. |
Reviews (2): Last reviewed commit: "test(opencode-inline): drive AGENT_ID fr..." | Re-trigger Greptile
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
Contributor
Author
|
@greptile review |
…rement
report_issue now POSTs to /sessions/{session_id}/issues instead of
/agents/{agent_id}/issues. The platform derives agent_id from the session
row server-side, so callers only need session_id — which is already in
SESSION_ID env on K8s pods and in the system prompt for the inline harness.
- gen-mcp-config: pass SESSION_ID (not AGENT_ID) into lap-issue-reporter env
- report-issue-mcp: callReportIssue uses session-scoped URL; drops agent_id
from tool schema
- session/route.ts: update system prompt instruction to only require session_id
Co-authored-by: Cursor <cursoragent@cursor.com>
…s + update_issue
list_issues and update_issue now also use /sessions/{session_id}/issues URLs.
Adds the missing backend routes:
GET /sessions/{session_id}/issues — resolves agent_id, lists all agent issues
PATCH /sessions/{session_id}/issues/{id} — resolves agent_id, updates issue
Removes agent_id from all three tool schemas in report-issue-mcp.mjs.
The MCP now requires only session_id (from SESSION_ID env on K8s, or passed
as a tool arg by the model on the inline harness).
Co-authored-by: Cursor <cursoragent@cursor.com>
Remove the hardcoded production agent UUID. AGENT_ID is now required via env var so running the test against a non-local server doesn't silently create sessions against a production agent. Co-authored-by: Cursor <cursoragent@cursor.com>
krrish-berri-2
force-pushed
the
worktree-move-to-gh-cli
branch
from
6cb05f5 to
daa83ab
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
report_issuenow POSTs to/sessions/{session_id}/issuesinstead of/agents/{agent_id}/issuesagent_idfrom the session row server-side — callers only needsession_idagent_idfrom thereport_issuetool schema entirelySESSION_IDis passed into the MCP subprocess env viagen-mcp-config.mjs(no tool arg needed)session_idfrom its system prompt and passes it as a tool arg (same as before, but one field instead of two)Why
A session is 1:1 with an agent — there's no reason for the model to track and pass both. The agent-scoped endpoint required the caller to already know
agent_id, which is redundant whensession_iduniquely identifies the agent. The session-scopedPOST /sessions/{session_id}/issuesroute writes to the sameagentIssuetable with the sameagent_idfield, so the agent issues UI is unaffected.Files changed
harnesses/opencode/report-issue-mcp.mjs— use session URL, dropagent_idfromcallReportIssueand tool schemaharnesses/opencode/gen-mcp-config.mjs— passSESSION_ID(notAGENT_ID) to issue reporter subprocesssrc/app/api/v1/managed_agents/agents/[agent_id]/session/route.ts— update system prompt to say "pass your session_id" instead of "pass session_id and agent_id"Made with Cursor