Skip to content

feat: Thailand sandbox#31

Merged
pottekkat merged 1 commit into
mainfrom
pottekkat/thailand-sandbox
Jun 15, 2026
Merged

feat: Thailand sandbox#31
pottekkat merged 1 commit into
mainfrom
pottekkat/thailand-sandbox

Conversation

@pottekkat

@pottekkat pottekkat commented Jun 15, 2026

Copy link
Copy Markdown
Member

New image with an additional tool for Thailand government.

Summary by CodeRabbit

  • New Features

    • Added Thailand-specific agent sandbox image with access to official Thai government data portals.
    • Introduced Thai government data query skill for accessing datasets from data.go.th and parliament.go.th.
    • Automated CI/CD workflow to build and publish Thailand-specific Docker images.
  • Documentation

    • Added Skills system documentation explaining discovery and management.
    • Added Thai government data API reference with usage examples and query functions.

Signed-off-by: Navendu Pottekkat <navendu@apache.org>
@coderabbitai

coderabbitai Bot commented Jun 15, 2026

Copy link
Copy Markdown

Walkthrough

This PR introduces a Thailand-specific agent sandbox capability across four files. skills-thailand/thai-government-data/SKILL.md defines a Python skill for querying Thai government CKAN portals (data.go.th and catalog.parliament.go.th) via a mandatory proxy (THAI_DATA_PROXY_URL), including retry logic, a ckan() dispatcher, generic dataset/DataStore wrappers, and Parliament-specific shortcuts. Dockerfile.thailand creates a thin overlay image that copies the skills-thailand/ directory into the OpenCode runtime's skill scan path and sets executable permissions. .github/workflows/build-thailand.yml adds a workflow that builds and pushes the agent-sandbox-thailand image to ghcr.io, triggered after the base build succeeds on main or manually. CLAUDE.md gains a new Skills section documenting skill discovery, customer overlays, and the Thailand image's runtime requirements.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

🐰 Hop over to Thailand with data in paw,
Through proxies and portals and Thai CKAN's maw,
A Dockerfile thin wraps the skills just right,
The workflow then pushes the image at night.
With parliament_rows() and slugs neatly mapped,
The rabbit declares: Thai data's unwrapped! 🌏

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title 'feat: Thailand sandbox' directly corresponds to the main objective of introducing a Thailand-specific sandbox image with government data skills support.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch pottekkat/thailand-sandbox

Comment @coderabbitai help to get the list of available commands and usage tips.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🧹 Nitpick comments (1)
.github/workflows/build-thailand.yml (1)

38-41: ⚡ Quick win

Disable persisted checkout credentials for least privilege.

On Lines 38-41, actions/checkout keeps credentials by default. Set persist-credentials: false to reduce token exposure to downstream steps.

Suggested fix
       - uses: actions/checkout@v4
         with:
           # Build from the same commit the base image was built from.
           ref: ${{ github.event.workflow_run.head_sha || github.ref }}
+          persist-credentials: false
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/build-thailand.yml around lines 38 - 41, The
actions/checkout@v4 action in the workflow is not explicitly disabling
credential persistence, which means authentication tokens may be exposed to
downstream steps. Add `persist-credentials: false` to the `with` section of the
actions/checkout@v4 step to disable credential persistence and reduce the scope
of token exposure in the workflow.

Source: Linters/SAST tools

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/build-thailand.yml:
- Line 38: Replace all floating version tags in the uses directives with full
40-character commit SHAs for security. For each GitHub Action reference
currently using `@v`* format (such as actions/checkout@v4, and others mentioned in
the comment), pin them to their corresponding immutable commit SHA. You may
optionally include the version tag as a comment after the SHA for readability.
This applies to all uses directives throughout the workflow file that reference
actions by floating tags.

In `@Dockerfile.thailand`:
- Around line 20-21: The BASE_IMAGE default value in the ARG declaration uses
the mutable :latest tag, which compromises reproducibility of Docker builds.
Replace the :latest tag with a specific, immutable version tag (e.g., :v1.0.0 or
a specific SHA digest) in the BASE_IMAGE default argument to ensure consistent,
reproducible builds across all environments.

---

Nitpick comments:
In @.github/workflows/build-thailand.yml:
- Around line 38-41: The actions/checkout@v4 action in the workflow is not
explicitly disabling credential persistence, which means authentication tokens
may be exposed to downstream steps. Add `persist-credentials: false` to the
`with` section of the actions/checkout@v4 step to disable credential persistence
and reduce the scope of token exposure in the workflow.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: f1ecb5b5-77c9-4400-a807-8dc2f6668c80

📥 Commits

Reviewing files that changed from the base of the PR and between 24b6714 and 33e4801.

📒 Files selected for processing (4)
  • .github/workflows/build-thailand.yml
  • CLAUDE.md
  • Dockerfile.thailand
  • skills-thailand/thai-government-data/SKILL.md

packages: write

steps:
- uses: actions/checkout@v4

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

cat .github/workflows/build-thailand.yml

Repository: EternisAI/agent-sandbox

Length of output: 2772


🌐 Web query:

GitHub Actions pinning commit SHA security best practices 2024

💡 Result:

As of June 2026, pinning GitHub Actions to a full-length commit SHA is considered the industry standard and a critical security best practice for mitigating supply chain risks [1][2][3]. ### Why Pinning to a Full-Length SHA is Essential * Immutability: Tags (e.g., @v4) and branches (e.g., @main) are mutable, meaning they can be updated or re-pointed to different commits by maintainers or malicious actors at any time [4][5][6]. Pinning to a full-length (40-character) commit SHA ensures that your workflow consistently runs the exact same code, providing a cryptographically secure, immutable reference [1][2][7]. * Mitigating Compromise: If an action's repository is compromised, attackers often attempt to inject malicious code into existing tags [8][2][3]. Because commit SHAs are immutable and content-addressed, a pinned SHA remains unaffected by such updates, preventing automatic execution of compromised code [4][2][9]. * Security Policies: GitHub now provides organization and repository-level policies that allow administrators to mandate SHA pinning [8][5][2]. When enabled, any workflow attempting to use a non-pinned action will fail, ensuring compliance across an entire organization [8][5]. ### Best Practices for Implementation * Use Full 40-Character SHAs: Never use shortened SHAs, as they carry a risk of collision and ambiguity [7]. Always use the full 40-character hexadecimal string [6][7]. * Maintain Human Readability: To preserve context, append the version tag as a comment in your workflow file [2][3]. This helps maintainers understand which version is being used while keeping the reference immutable [2][6]. * Example: uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 [2] * Automate Updates: Pinning manually creates maintenance overhead. Use dependency management tools like Dependabot or Renovate to automatically open pull requests that update your pinned SHAs when new releases are published [5][2][3]. * Audit Regularly: Use tools like Zizmor, Scorecards, or custom scripts to periodically scan your repositories for unpinned actions or short SHAs to ensure ongoing compliance with your security policies [2][10][3]. ### Recommended Workflow for Maintainers If you maintain your own GitHub Actions, you should also pin your internal (sub-action) dependencies to full commit SHAs [5]. This prevents your action from breaking when users adopt organization-wide SHA-enforcement policies [5].

Citations:


Pin GitHub Actions to full commit SHAs.

Lines 38, 43, 45, 61, and 69 reference actions by floating tags (@v*), which is a supply-chain risk. Pin each uses: to an immutable full 40-character commit SHA, optionally with the version tag as a comment for readability.

Suggested fix pattern
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@<full-commit-sha> # v4

-      - uses: docker/setup-buildx-action@v3
+      - uses: docker/setup-buildx-action@<full-commit-sha> # v3

-      - uses: docker/login-action@v3
+      - uses: docker/login-action@<full-commit-sha> # v3

-      - uses: docker/metadata-action@v5
+      - uses: docker/metadata-action@<full-commit-sha> # v5

-      - uses: docker/build-push-action@v5
+      - uses: docker/build-push-action@<full-commit-sha> # v5

Consider automating updates with Dependabot or Renovate.

🧰 Tools
🪛 zizmor (1.25.2)

[warning] 38-41: credential persistence through GitHub Actions artifacts (artipacked): does not set persist-credentials: false

(artipacked)


[error] 38-38: unpinned action reference (unpinned-uses): action is not pinned to a hash (required by blanket policy)

(unpinned-uses)

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/build-thailand.yml at line 38, Replace all floating
version tags in the uses directives with full 40-character commit SHAs for
security. For each GitHub Action reference currently using `@v`* format (such as
actions/checkout@v4, and others mentioned in the comment), pin them to their
corresponding immutable commit SHA. You may optionally include the version tag
as a comment after the SHA for readability. This applies to all uses directives
throughout the workflow file that reference actions by floating tags.

Source: Linters/SAST tools

Comment thread Dockerfile.thailand
Comment on lines +20 to +21
ARG BASE_IMAGE=ghcr.io/eternisai/agent-sandbox:latest
FROM ${BASE_IMAGE}

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

# First, locate and examine Dockerfile.thailand
fd -t f "Dockerfile.thailand" --exec cat -n {} \;

Repository: EternisAI/agent-sandbox

Length of output: 1704


Avoid mutable :latest for BASE_IMAGE default.

Line 20 uses :latest, which makes local/manual builds non-reproducible and can drift from the intended base. Use an explicit immutable tag (or require the build arg).

Suggested fix
-ARG BASE_IMAGE=ghcr.io/eternisai/agent-sandbox:latest
+ARG BASE_IMAGE
 FROM ${BASE_IMAGE}

As per coding guidelines, Dockerfile* must use versioned tags and never :latest for Docker images.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
ARG BASE_IMAGE=ghcr.io/eternisai/agent-sandbox:latest
FROM ${BASE_IMAGE}
ARG BASE_IMAGE
FROM ${BASE_IMAGE}
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Dockerfile.thailand` around lines 20 - 21, The BASE_IMAGE default value in
the ARG declaration uses the mutable :latest tag, which compromises
reproducibility of Docker builds. Replace the :latest tag with a specific,
immutable version tag (e.g., :v1.0.0 or a specific SHA digest) in the BASE_IMAGE
default argument to ensure consistent, reproducible builds across all
environments.

Source: Coding guidelines

@pottekkat pottekkat merged commit 26eeebc into main Jun 15, 2026
3 checks passed
@pottekkat pottekkat deleted the pottekkat/thailand-sandbox branch June 15, 2026 11:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant