Skip to content

feat: wire telemetry into all add.* commands#2

Draft
Hweinstock wants to merge 49 commits into
feat/filesystem-sink-auditfrom
feat/telemetry-add-commands
Draft

feat: wire telemetry into all add.* commands#2
Hweinstock wants to merge 49 commits into
feat/filesystem-sink-auditfrom
feat/telemetry-add-commands

Conversation

@Hweinstock
Copy link
Copy Markdown
Owner

@Hweinstock Hweinstock commented Apr 29, 2026

Problem

The telemetry infrastructure (withCommandRun, schemas, sinks) is in place from aws#1014, but no add.* command handlers are instrumented yet.

Solution

Wraps all 10 add command CLI-mode handlers with client.withCommandRun():

  • add.agent, add.memory, add.credential, add.evaluator, add.online-eval
  • add.gateway, add.gateway-target, add.policy, add.policy-engine, add.runtime-endpoint

Adds a standardize() helper in common-shapes.ts that lowercases CLI values and parses them through Zod enums — giving runtime validation + narrowed return types without type casts.

Also adds add.runtime-endpoint: NoAttrs to COMMAND_SCHEMAS (was missing).

Testing

  • npm run build passes
  • All 74 telemetry unit tests pass
  • All 78 primitive unit tests pass
  • Pre-commit hooks (eslint, prettier, tsc --noEmit, secretlint) all pass

jesseturner21 and others added 17 commits April 29, 2026 09:17
@jesseturner21
fix(import): use GatewayNameSchema for gateway import name validation (
29b6522 
…aws#1011)

The import gateway command used NAME_REGEX which only allowed
underscores and max 48 chars, rejecting valid gateway names with
hyphens like "agentcore-gateway". Switch to GatewayNameSchema which
matches the actual AWS API: alphanumeric with hyphens, up to 100 chars.

Constraint: AWS CreateGateway API allows [0-9a-zA-Z] with hyphens
Rejected: Updating NAME_REGEX | it is shared with other import commands that have different naming rules
Confidence: high
Scope-risk: narrow
@avi-alpert
feat: add CloudWatch traces API for web UI (aws#997)
76b07aa
@aidandaly24
fix: remove CONFIG_DIR exclusion from zip stage to preserve dependenc…
d1e5241 
…y agentcore/ packages (aws#1015)

PR aws#844 correctly removed the flat name-based agentcore exclusion and
threaded rootDir through copySourceTree, but the same CONFIG_DIR check
remained in collectFiles/collectFilesSync (the zip stage). Since the zip
stage operates on the staging directory — not the project root — the
check incorrectly stripped any top-level agentcore/ Python package
installed by uv (e.g., langgraph_checkpoint_aws/agentcore/) from the
deployment artifact, causing ModuleNotFoundError at runtime.

The CONFIG_DIR exclusion is only needed in copySourceTree (which copies
from the project root into staging). By the time we zip, the project
config dir was already filtered out — the only agentcore/ in staging is
a legitimate dependency package.

Closes aws#843
@notgitika
ci: add coordinated main + preview release workflow (aws#995)
7e8cae4 
* ci: add coordinated main + preview release workflow

Adds a single workflow_dispatch that releases both branches together,
ensuring they stay in sync on npm.

* fix: address review — bump script compat, pre-publish verification, drop unused artifacts

- Preview bump now uses `prerelease --prerelease-tag preview` which the
  bump-version.ts script actually accepts
- Added verify-merges job that checks both main and preview have the
  expected versions before either publish runs (prevents drift)
- Both publish jobs now depend on verify-merges instead of each other,
  so neither publishes unless both PRs are confirmed merged
- Removed upload-artifact steps from test jobs since publish jobs
  rebuild from source post-merge

* fix: auto-rebase preview onto main in preflight step

Instead of failing when preview isn't rebased, the workflow now
rebases automatically. If there are conflicts, it aborts and
directs the user to resolve manually.

* ci: add sync-preview workflow, simplify release preflight

- New sync-preview.yml: runs on every push to main, auto-rebases
  preview onto main. Silently skips on conflicts (no failure).
- Release workflow preflight reverted to a simple check — relies
  on sync-preview having already done the rebase.

* fix: use merge instead of rebase for preview sync

Rebase overwrites preview-specific values (package version, tests).
Merge preserves preview's divergent files and only conflicts when
both branches touch the same lines.

* fix: concurrency control, conflict notifications, CDK tag TODO

- Add concurrency group to sync-preview to prevent parallel race
- On merge conflict, auto-create a GitHub issue (deduplicated) instead
  of silently skipping
- Add TODO comment for CDK preview dist-tag in prepare-preview

* fix: create PR with conflict markers instead of issue on merge conflict

On conflict, sync-preview now:
- Creates a branch with the merge conflict markers committed
- Opens a PR targeting preview with resolution instructions
- Tags the original commit author for visibility
- Deduplicates (skips if a sync PR is already open)
@dependabot
chore(deps): bump the aws-sdk group with 14 updates (aws#1024)
1fc366c 
Bumps the aws-sdk group with 14 updates:

| Package | From | To |
| --- | --- | --- |
| [@aws-sdk/client-application-signals](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-application-signals) | `3.1037.0` | `3.1038.0` |
| [@aws-sdk/client-bedrock](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-bedrock) | `3.1037.0` | `3.1038.0` |
| [@aws-sdk/client-bedrock-agent](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-bedrock-agent) | `3.1037.0` | `3.1038.0` |
| [@aws-sdk/client-bedrock-agentcore](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-bedrock-agentcore) | `3.1037.0` | `3.1038.0` |
| [@aws-sdk/client-bedrock-agentcore-control](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-bedrock-agentcore-control) | `3.1037.0` | `3.1038.0` |
| [@aws-sdk/client-bedrock-runtime](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-bedrock-runtime) | `3.1037.0` | `3.1038.0` |
| [@aws-sdk/client-cloudformation](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-cloudformation) | `3.1037.0` | `3.1038.0` |
| [@aws-sdk/client-cloudwatch-logs](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-cloudwatch-logs) | `3.1037.0` | `3.1038.0` |
| [@aws-sdk/client-resource-groups-tagging-api](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-resource-groups-tagging-api) | `3.1037.0` | `3.1038.0` |
| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.1037.0` | `3.1038.0` |
| [@aws-sdk/client-sts](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-sts) | `3.1037.0` | `3.1038.0` |
| [@aws-sdk/client-xray](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-xray) | `3.1037.0` | `3.1038.0` |
| [@aws-sdk/credential-providers](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/credential-providers) | `3.1037.0` | `3.1038.0` |
| [@aws-sdk/client-cognito-identity-provider](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-cognito-identity-provider) | `3.1037.0` | `3.1038.0` |


Updates `@aws-sdk/client-application-signals` from 3.1037.0 to 3.1038.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-application-signals/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1038.0/clients/client-application-signals)

Updates `@aws-sdk/client-bedrock` from 3.1037.0 to 3.1038.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-bedrock/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1038.0/clients/client-bedrock)

Updates `@aws-sdk/client-bedrock-agent` from 3.1037.0 to 3.1038.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-bedrock-agent/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1038.0/clients/client-bedrock-agent)

Updates `@aws-sdk/client-bedrock-agentcore` from 3.1037.0 to 3.1038.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-bedrock-agentcore/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1038.0/clients/client-bedrock-agentcore)

Updates `@aws-sdk/client-bedrock-agentcore-control` from 3.1037.0 to 3.1038.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-bedrock-agentcore-control/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1038.0/clients/client-bedrock-agentcore-control)

Updates `@aws-sdk/client-bedrock-runtime` from 3.1037.0 to 3.1038.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-bedrock-runtime/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1038.0/clients/client-bedrock-runtime)

Updates `@aws-sdk/client-cloudformation` from 3.1037.0 to 3.1038.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-cloudformation/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1038.0/clients/client-cloudformation)

Updates `@aws-sdk/client-cloudwatch-logs` from 3.1037.0 to 3.1038.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-cloudwatch-logs/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1038.0/clients/client-cloudwatch-logs)

Updates `@aws-sdk/client-resource-groups-tagging-api` from 3.1037.0 to 3.1038.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-resource-groups-tagging-api/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1038.0/clients/client-resource-groups-tagging-api)

Updates `@aws-sdk/client-s3` from 3.1037.0 to 3.1038.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1038.0/clients/client-s3)

Updates `@aws-sdk/client-sts` from 3.1037.0 to 3.1038.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-sts/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1038.0/clients/client-sts)

Updates `@aws-sdk/client-xray` from 3.1037.0 to 3.1038.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-xray/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1038.0/clients/client-xray)

Updates `@aws-sdk/credential-providers` from 3.1037.0 to 3.1038.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/packages/credential-providers/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1038.0/packages/credential-providers)

Updates `@aws-sdk/client-cognito-identity-provider` from 3.1037.0 to 3.1038.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-cognito-identity-provider/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1038.0/clients/client-cognito-identity-provider)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-application-signals"
  dependency-version: 3.1038.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk
- dependency-name: "@aws-sdk/client-bedrock"
  dependency-version: 3.1038.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk
- dependency-name: "@aws-sdk/client-bedrock-agent"
  dependency-version: 3.1038.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk
- dependency-name: "@aws-sdk/client-bedrock-agentcore"
  dependency-version: 3.1038.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk
- dependency-name: "@aws-sdk/client-bedrock-agentcore-control"
  dependency-version: 3.1038.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk
- dependency-name: "@aws-sdk/client-bedrock-runtime"
  dependency-version: 3.1038.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk
- dependency-name: "@aws-sdk/client-cloudformation"
  dependency-version: 3.1038.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk
- dependency-name: "@aws-sdk/client-cloudwatch-logs"
  dependency-version: 3.1038.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk
- dependency-name: "@aws-sdk/client-resource-groups-tagging-api"
  dependency-version: 3.1038.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk
- dependency-name: "@aws-sdk/client-s3"
  dependency-version: 3.1038.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk
- dependency-name: "@aws-sdk/client-sts"
  dependency-version: 3.1038.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk
- dependency-name: "@aws-sdk/client-xray"
  dependency-version: 3.1038.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk
- dependency-name: "@aws-sdk/credential-providers"
  dependency-version: 3.1038.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk
- dependency-name: "@aws-sdk/client-cognito-identity-provider"
  dependency-version: 3.1038.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: aws-sdk
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore(deps): bump the aws-cdk group with 2 updates (aws#1025)
1686e4d 
Bumps the aws-cdk group with 2 updates: [@aws-cdk/toolkit-lib](https://github.com/aws/aws-cdk-cli/tree/HEAD/packages/@aws-cdk/toolkit-lib) and [aws-cdk-lib](https://github.com/aws/aws-cdk/tree/HEAD/packages/aws-cdk-lib).


Updates `@aws-cdk/toolkit-lib` from 1.24.0 to 1.25.0
- [Release notes](https://github.com/aws/aws-cdk-cli/releases)
- [Commits](https://github.com/aws/aws-cdk-cli/commits/@aws-cdk/toolkit-lib@v1.25.0/packages/@aws-cdk/toolkit-lib)

Updates `aws-cdk-lib` from 2.250.0 to 2.251.0
- [Release notes](https://github.com/aws/aws-cdk/releases)
- [Changelog](https://github.com/aws/aws-cdk/blob/main/CHANGELOG.v2.alpha.md)
- [Commits](https://github.com/aws/aws-cdk/commits/v2.251.0/packages/aws-cdk-lib)

---
updated-dependencies:
- dependency-name: "@aws-cdk/toolkit-lib"
  dependency-version: 1.25.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-cdk
- dependency-name: aws-cdk-lib
  dependency-version: 2.251.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: aws-cdk
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore(deps): bump @opentelemetry/resources from 2.6.1 to 2.7.0 (aws#1026
ad482cf 
)

Bumps [@opentelemetry/resources](https://github.com/open-telemetry/opentelemetry-js) from 2.6.1 to 2.7.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-js/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-js/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-js@v2.6.1...v2.7.0)

---
updated-dependencies:
- dependency-name: "@opentelemetry/resources"
  dependency-version: 2.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore(deps-dev): bump @secretlint/secretlint-rule-preset-recommend (a…
56a6d4c 
…ws#1028)

Bumps [@secretlint/secretlint-rule-preset-recommend](https://github.com/secretlint/secretlint) from 12.2.0 to 12.3.1.
- [Release notes](https://github.com/secretlint/secretlint/releases)
- [Commits](secretlint/secretlint@v12.2.0...v12.3.1)

---
updated-dependencies:
- dependency-name: "@secretlint/secretlint-rule-preset-recommend"
  dependency-version: 12.3.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore(deps-dev): bump secretlint from 12.2.0 to 12.3.1 (aws#1029)
36755e9 
Bumps [secretlint](https://github.com/secretlint/secretlint) from 12.2.0 to 12.3.1.
- [Release notes](https://github.com/secretlint/secretlint/releases)
- [Commits](secretlint/secretlint@v12.2.0...v12.3.1)

---
updated-dependencies:
- dependency-name: secretlint
  dependency-version: 12.3.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore(deps): bump @opentelemetry/sdk-metrics from 2.6.1 to 2.7.0 (aws…
ad59fc0 
…#1030)

Bumps [@opentelemetry/sdk-metrics](https://github.com/open-telemetry/opentelemetry-js) from 2.6.1 to 2.7.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-js/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-js/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-js@v2.6.1...v2.7.0)

---
updated-dependencies:
- dependency-name: "@opentelemetry/sdk-metrics"
  dependency-version: 2.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@aidandaly24
fix(ci): update snapshots after CDK version sync in release workflow (a…
d3b412f 
…ws#1033)

The release workflow syncs @aws/agentcore-cdk to the latest npm version
in the asset template, but never updates the snapshot file. This causes
the asset snapshot test to fail because the snapshot still holds the old
version string.
@tejaskash
fix(ci): enable coverage collection in sharded unit test runs (aws#1034)
061b6b3 
The coverage report on PRs was empty (0/0 Unknown%) because the sharded
unit-test jobs ran without --coverage. Without that flag, V8 coverage
data is never collected, so the blob reports contain no coverage maps.
The merge-reports step then merges undefined entries and produces empty
results.

Also fixes the coverage report action referencing a nonexistent
vitest.unit.config.ts (should be vitest.config.ts).
@aidandaly24
fix(ci): move snapshot update after build in release workflow (aws#1036)
227c840 
Move `npm run test:update-snapshots` from inside the CDK sync step
(before build) to its own step after `npm run build`. The test suite
needs built artifacts to pass — running it before the build caused
18 test failures.
@aidandaly24
fix(ci): install uv in release workflow prepare steps (aws#1038)
29ae8e5 
The create.test.ts tests require uv for Python project scaffolding.
The Build and Test workflow installs it via astral-sh/setup-uv, but
the release workflow's prepare steps were missing it, causing test
failures during the snapshot update step.
@github-actions
chore: bump version to 0.12.1
c097232
@aidandaly24
Merge pull request aws#1042 from aws/release/v0.12.1
c9852f4 
Release v0.12.1
@aidandaly24
fix: remove CDK version auto-sync from release workflow and restore c…
27ce126 
…aret range (aws#1044)

Remove the auto-sync step that bumped @aws/agentcore-cdk during releases
— version updates will be managed manually via PRs. Restore the caret
range (^0.1.0-alpha.19) in the asset and snapshot that was dropped by
the auto-sync in aws#1042.
@Hweinstock Hweinstock mentioned this pull request Apr 29, 2026
Merged
7 tasks
@imranismail
fix: add Accept header to HTTP protocol invocation proxy (aws#1051)
821e4c3 
The dev web UI proxy for HTTP protocol agents doesn't include an
Accept header when forwarding requests to /invocations. The
bedrock-agentcore runtime SDK checks for Accept: text/event-stream
before enabling SSE streaming (via @fastify/sse reply.sse), so
streaming handlers always get a 406 response in the inspector.

A2A and AGUI protocol paths already send the header correctly —
this brings HTTP in line with them.

Using "text/event-stream, */*" so streaming agents get SSE enabled
while non-streaming agents can respond in whatever format they need.
@Hweinstock Hweinstock force-pushed the feat/telemetry-add-commands branch from 77d1af2 to a290c00 Compare April 30, 2026 13:04
@Hweinstock
feat: add telemetry audit mode with FileSystemSink (aws#1014)
397c187 
* feat: add FilesystemSink for telemetry audit mode

* feat: instrument help.modes with telemetry, add audit integ test
@Hweinstock Hweinstock force-pushed the feat/telemetry-add-commands branch from a290c00 to 89db03d Compare April 30, 2026 13:29
jesseturner21 and others added 8 commits April 30, 2026 11:00
@jesseturner21 @claude
refactor: move harness resources to .github/harness/ (aws#992)
aef3890 
* refactor: move harness resources to .github/harness/

Move PR reviewer harness files into a dedicated .github/harness/ directory,
separate from the general .github/scripts/ used by Strands workflows.

- Move harness_review.py, prompts/ to .github/harness/
- Add Dockerfile for the harness container (dual-token: CLONE_TOKEN for
  git clones, GITHUB_TOKEN for gh CLI/PR comments)
- Add README documenting the harness directory
- Update pr-ai-review workflow to reference new path
- Update .prettierignore for new prompts location

* fix(harness): update Dockerfile comment to accurately describe token handling

Tokens are baked into image layers at build time — the previous comment
incorrectly implied they were not stored. Updated to make the security
posture explicit: the image itself must be treated as a secret.

* refactor(harness): use boto3 invoke_harness instead of raw SigV4 HTTP

Replace manual SigV4 signing + urllib3 + EventStreamBuffer parsing with
the native boto3 bedrock-agentcore client's invoke_harness method.
This simplifies the code significantly and leverages the typed event
stream response from the SDK.

Rejected: keep raw HTTP approach | boto3 now supports invoke_harness natively
Confidence: high
Scope-risk: narrow

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
@jesseturner21
Revert "refactor: move harness resources to .github/harness/ (aws#992)"
b8a90c9 
This reverts commit aef3890.
@jesseturner21
refactor: move harness resources to .github/harness/ and use boto3 in…
ad2ba9b 
…voke_harness

- Move harness_review.py, prompts/ to .github/harness/
- Add Dockerfile for the harness container (dual-token setup)
- Add README documenting the harness directory
- Update pr-ai-review workflow to reference new path
- Replace manual SigV4 signing + urllib3 with native boto3 invoke_harness
- Update .prettierignore for new prompts location
@aidandaly24
Merge pull request aws#1054 from aws/fix/remove-coauthor-reland
0afeaf5 
chore: reland harness refactor without co-author metadata
@avi-alpert
feat: update @aws/agent-inspector to 0.3.0
278783a
@jesseturner21
fix(harness): add error handling for invoke_harness API call (aws#1056)
9a6a5d0 
Wrap the invoke_harness_streaming call in a try/except so boto3 errors
(bad credentials, network issues, invalid ARN) produce a clean error
message instead of a raw traceback in GitHub Actions logs.
@github-actions
chore: bump version to 0.12.2
5ce4bdc 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@avi-alpert
Merge pull request aws#1058 from aws/release/v0.12.2
68b25bf 
Release v0.12.2
@Hweinstock
ci: cut full e2e time in half via vitest sharding (aws#1016)
4daca83 
* ci: shard e2e full suite across 6 runners

- Add 6-way vitest sharding to the cdk-source matrix (2 → 12 parallel runners)
- Isolate import test resources per run via RESOURCE_SUFFIX to prevent concurrent conflicts

* fix: import RESOURCE_SUFFIX in cleanup_resources.py
@Hweinstock Hweinstock force-pushed the feat/telemetry-add-commands branch from b676e65 to 0c88f2b Compare April 30, 2026 17:05
avi-alpert and others added 21 commits April 30, 2026 13:39
@avi-alpert
feat: update @aws/agent-inspector to 0.3.0
90f17b4
@Hweinstock
refactor: consolidate cli-config into global-config (aws#802)
3aec000
@Hweinstock
feat: make parsing resilient to individual failures (aws#1062)
a4c37a2
@Hweinstock
feat: wire telemetry withCommandRun into all add.* commands
2a6caaf
@Hweinstock
refactor: extract cliCommandRun helper, apply to all add.* primitives
a0eb4ec
@Hweinstock
test: add audit file assertions for all add.* telemetry
b102b94
@Hweinstock
test: add telemetry audit assertions to existing add integ tests
72ab9d3
@Hweinstock
refactor: extract shared audit test utils into src/test-utils/audit.ts
e521dbc
@Hweinstock
fix: address review feedback — guard telemetry init, replaceAll, unkn…
f152b0c 
…own fallback, TUI try/catch
@Hweinstock
fix: AgentPrimitive TUI try/catch, standardize uses safeParse
f7003ca
@Hweinstock
refactor: extract standalone assertTelemetry helper
091264c
@Hweinstock
refactor: rename audit.ts to telemetry-helper.ts, clarify method names
8aecebf
@Hweinstock
refactor: move assertTelemetry into TelemetryHelper as assertMetricEm…
8e4a229 
…itted
@Hweinstock
feat: add telemetry to TUI add paths via withAddTelemetry
445a448
@Hweinstock
fix: review feedback — withAddTelemetry safety, standardize handles u…
c0af1ea 
…ndefined, MCP agent attrs, policy TUI attrs
@Hweinstock
fix: remove unnecessary type assertion
db7300b
@Hweinstock
fix: address review — document standardize cast, add policy-engine + …
de7c6df 
…episodic telemetry tests
@Hweinstock
refactor: centralize gateway target type mapping in common-shapes
9087af0
@Hweinstock
fix: preserve original function error with telemetry wrapper
35a0531
@Hweinstock
refactor: extract telemetryAttrs into a single line
0d09e63
@Hweinstock
feat: wire up telemetry for addAgent
3d948c4
@Hweinstock Hweinstock force-pushed the feat/telemetry-add-commands branch from 90c87f6 to 3d948c4 Compare April 30, 2026 19:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@Hweinstock @jesseturner21 @avi-alpert @aidandaly24 @notgitika @tejaskash @imranismail