Skip to content

Comments

prime tunnel in cliagentenv#746

Merged
willccbb merged 24 commits intomainfrom
cooper/tunnel
Jan 22, 2026
Merged

prime tunnel in cliagentenv#746
willccbb merged 24 commits intomainfrom
cooper/tunnel

Conversation

@kcoopermiller
Copy link
Member

@kcoopermiller kcoopermiller commented Jan 19, 2026

Description

Type of Change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation update
  • Test improvement

Testing

  • All existing tests pass when running uv run pytest locally.
  • New tests have been added to cover the changes

Checklist

  • My code follows the style guidelines of this project as outlined in AGENTS.md
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • Any dependent changes have been merged and published

Additional Notes


Note

Introduces Prime Tunnel and modernizes agent execution and interception.

  • Replace Cloudflare tunnel management with prime-tunnel (single managed Tunnel, start/stop via API); add dependency and UV git source
  • Run agent as sandbox BackgroundJob and poll its status, capturing stdout/stderr and exit code; remove nohup/file-sentinel logic
  • Add streaming chat completions interception: forward SSE chunks to the agent while accumulating a final ChatCompletion (including tool calls); always unblock HTTP handlers
  • Ensure server provides /health, add longer OpenAI/HTTPX timeouts in env vars, and always use state model over intercepted payload model
  • More robust teardown/cleanup for tunnel and server; remove tunnel URL parsing test; Harbor: add 900s timeout when extracting uploaded tests

Written by Cursor Bugbot for commit cc63f75. This will update automatically on new commits. Configure here.

cursor[bot]

This comment was marked as outdated.

cursor[bot]

This comment was marked as outdated.

@willccbb
Copy link
Member

Approved, good to merge when Tunnels land in prod

cursor[bot]

This comment was marked as outdated.

Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 2 potential issues.

Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.

self.tunnel = Tunnel(local_port=self.interception_port)
url = await self.tunnel.start()
logger.debug(f"Prime Tunnel started: {url}")
return url
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing URL validation on first tunnel start path

Medium Severity

In get_tunnel_url(), the first call path returns url from tunnel.start() without validation, while subsequent calls assert self.tunnel.url is not None before returning. If start() returns None or empty string, the first rollout gets a broken interception_base_url like "None/rollout/.../v1", causing silent failures. Subsequent rollouts would crash with AssertionError. The asymmetric validation suggests awareness of this edge case, but the check is missing on the first path.

Fix in Cursor Fix in Web

@willccbb willccbb merged commit 0b5361f into main Jan 22, 2026
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants