feat: introduce ComputeStrategy interface and extract AgentCoreComputeStrategy#8
feat: introduce ComputeStrategy interface and extract AgentCoreComputeStrategy#8MichaelWalker-git wants to merge 4 commits intomainfrom
Conversation
…AgentCore logic Introduce ComputeStrategy interface with SessionHandle/SessionStatus types and resolveComputeStrategy factory. Extract AgentCoreComputeStrategy from orchestrator.ts. Refactor orchestrate-task handler to use strategy pattern for session lifecycle (start/poll/stop). Pure refactor — no behavior change, identical CloudFormation output.
MichaelWalker-git
force-pushed
the
feat/compute-strategy
branch
from
236d7bd to
bad8867
Compare
The mise install step downloads tools (trivy) from GitHub releases. Without GITHUB_TOKEN, unauthenticated requests hit the 60 req/hr rate limit, causing flaky CI failures.
Mise uses GITHUB_API_TOKEN (not GITHUB_TOKEN) for authenticated GitHub API requests when downloading aqua tools like trivy.
Trivy, grype, semgrep, osv-scanner, and gitleaks are only needed for security scanning tasks, not for the build/test/synth pipeline. Disable them via MISE_DISABLE_TOOLS to avoid GitHub API rate limits when mise tries to download them on every PR build.
There was a problem hiding this comment.
Pull request overview
Introduces a compute strategy abstraction for orchestrating agent sessions, extracting AgentCore-specific session invocation logic out of the shared orchestrator and updating the durable “start-session” step to delegate compute-specific work to the selected strategy.
Changes:
- Added a
ComputeStrategyinterface plusresolveComputeStrategy()factory keyed offblueprintConfig.compute_type. - Extracted AgentCore session invocation/stop logic into
AgentCoreComputeStrategy, and refactored orchestration to use it. - Added/updated unit tests for the new strategy + factory, and adjusted existing orchestrator-related tests accordingly.
Reviewed changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
cdk/src/handlers/shared/compute-strategy.ts |
Adds strategy interface/types and a factory for selecting a compute backend. |
cdk/src/handlers/shared/strategies/agentcore-strategy.ts |
Implements AgentCore-specific session start/poll/stop behind the strategy interface. |
cdk/src/handlers/shared/orchestrator.ts |
Removes AgentCore session start logic from the shared orchestrator. |
cdk/src/handlers/orchestrate-task.ts |
Updates the durable start-session step to resolve and use a compute strategy. |
cdk/test/handlers/shared/compute-strategy.test.ts |
Tests strategy resolution and unknown compute type behavior. |
cdk/test/handlers/shared/strategies/agentcore-strategy.test.ts |
Tests AgentCore strategy session start/poll/stop behavior with SDK mocking. |
cdk/test/handlers/orchestrate-task.test.ts |
Removes old startSession tests and adjusts mocks (now mostly orchestrator-focused). |
.github/workflows/build.yml |
Updates CI environment variables and disables several security/scanning tools via MISE_DISABLE_TOOLS. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| AQUA_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| MISE_DISABLE_TOOLS: "aqua:aquasecurity/trivy,grype,semgrep,osv-scanner,gitleaks" |
There was a problem hiding this comment.
This workflow change disables multiple security/scanning tools (trivy, grype, semgrep, osv-scanner, gitleaks) via MISE_DISABLE_TOOLS. That reduces CI coverage and can allow vulnerabilities/secrets to slip through unnoticed. If the goal is to mitigate rate limits, consider keeping gitleaks/osv-scanner enabled (or running scanners in a separate job with caching/backoff) and document the rationale in the workflow so the security tradeoff is explicit.
| MISE_DISABLE_TOOLS: "aqua:aquasecurity/trivy,grype,semgrep,osv-scanner,gitleaks" | |
| # Keep secret and dependency scanning enabled in CI; only disable the | |
| # remaining tools that are intentionally skipped here. | |
| MISE_DISABLE_TOOLS: "aqua:aquasecurity/trivy,grype,semgrep" |
| await emitTaskEvent(taskId, 'session_started', { | ||
| session_id: handle.sessionId, | ||
| strategy_type: handle.strategyType, | ||
| }); |
There was a problem hiding this comment.
The PR description says this is a pure refactor with no behavior change, but the session_started event metadata now includes strategy_type (previously only session_id). If consumers depend on a fixed schema, this is a behavior change; either update the PR description to note the additive event field or keep the emitted metadata identical to the previous shape.
| jest.mock('@aws-sdk/client-bedrock-agentcore', () => ({ | ||
| BedrockAgentCoreClient: jest.fn(() => ({ send: mockAgentCoreSend })), | ||
| BedrockAgentCoreClient: jest.fn(() => ({ send: jest.fn() })), | ||
| InvokeAgentRuntimeCommand: jest.fn((input: unknown) => ({ _type: 'InvokeAgentRuntime', input })), | ||
| StopRuntimeSessionCommand: jest.fn((input: unknown) => ({ _type: 'StopRuntimeSession', input })), | ||
| })); |
There was a problem hiding this comment.
This test file still mocks @aws-sdk/client-bedrock-agentcore, but after extracting startSession out of shared/orchestrator the test suite no longer uses that SDK. Removing this mock will reduce noise and avoid accidentally masking real imports/usages in future tests.
Summary
ComputeStrategyinterface (SessionHandle,SessionStatus,startSession/pollSession/stopSession) and aresolveComputeStrategy()factory that selects the strategy based onblueprintConfig.compute_typeorchestrator.tsintoAgentCoreComputeStrategyclass (src/handlers/shared/strategies/agentcore-strategy.ts)start-sessiondurable execution step inorchestrate-task.tsto use the strategy pattern — state transitions remain in the handler, compute-specific work is delegated to the strategymainThis is PR 1 of 3 for wiring the Fargate compute backend through a strategy interface, as requested in PR #4 review.
Files changed
src/handlers/shared/compute-strategy.ts— interface, types, factorysrc/handlers/shared/strategies/agentcore-strategy.ts— AgentCore implementationsrc/handlers/shared/orchestrator.ts— removestartSession(),agentCoreClient, related importssrc/handlers/orchestrate-task.ts—start-sessionstep usesresolveComputeStrategy()test/handlers/shared/compute-strategy.test.tstest/handlers/shared/strategies/agentcore-strategy.test.tstest/handlers/orchestrate-task.test.ts— remove oldstartSessiontests (moved to strategy tests)Test plan
npx projen buildpasses (509 tests, 37 suites, compile + synth + lint)main(git diff main -- cdk.out/is empty)SUBMITTED → HYDRATING → RUNNING → FAILED(GitHub token expiry, unrelated)session_startedevent containsstrategy_type: "agentcore"metadata confirming strategy pattern is active