Conversation
jlewi
force-pushed
the
dev/jlewi/image
branch
from
dad3a8d to
3338199
Compare
Signed-off-by: Jeremy lewi <jeremy@lewi.us>
Signed-off-by: Jeremy lewi <jeremy@lewi.us>
Signed-off-by: Jeremy lewi <jeremy@lewi.us>
Signed-off-by: Jeremy lewi <jeremy@lewi.us>
Signed-off-by: Jeremy lewi <jeremy@lewi.us>
Signed-off-by: Jeremy lewi <jeremy@lewi.us>
…sets. Fix oauth for OpenAI. Signed-off-by: Jeremy lewi <jeremy@lewi.us>
Signed-off-by: Jeremy lewi <jeremy@lewi.us>
Signed-off-by: Jeremy lewi <jeremy@lewi.us>
Signed-off-by: Jeremy lewi <jeremy@lewi.us>
jlewi
force-pushed
the
dev/jlewi/image
branch
from
f8fce4a to
ce2bfb5
Compare
There was a problem hiding this comment.
Pull request overview
This pull request adds functionality to download static web app assets from an OCI image and embed them into the Go binary, while enhancing CORS support for serving these assets and additional configuration files.
Changes:
- Implements OCI image downloader to fetch and extract web app assets from published images
- Refactors CORS handling into a reusable wrapper function and extends it to static asset serving
- Adds OpenAI Organization and Project configuration fields to support OAuth-based authentication flows
Reviewed changes
Copilot reviewed 12 out of 13 changed files in this pull request and generated 8 comments.
Show a summary per file
| File | Description |
|---|---|
| pkg/agent/assets/downloader.go | New package implementing OCI image pull and tar.gz extraction for static assets |
| pkg/agent/cmd/download_assets.go | New CLI command to download assets from OCI images |
| pkg/agent/cmd/agent.go | Registers the new download-assets command |
| pkg/agent/server/cors.go | Extracts CORS configuration into reusable wrapWithCORS function |
| pkg/agent/server/auth.go | Refactored to use the new wrapWithCORS helper, removing duplicate code |
| pkg/agent/server/assets.go | Adds CORS support for static assets with wildcard origin filtering |
| pkg/agent/config/config.go | Adds Organization and Project fields for OpenAI OAuth configuration |
| pkg/agent/cmd/serve.go | Passes OpenAI org/project config to the agent |
| pkg/agent/ai/client.go | Allows creating OpenAI client without API key for OAuth flows |
| pkg/agent/ai/agent.go | Enhanced logging of agent initialization parameters |
| .github/workflows/runme-image.yml | Adds workflow_dispatch trigger and downloads assets during build |
| go.mod/go.sum | Adds oras.land/oras-go/v2 dependency for OCI operations |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Contributor
|
Add DCOs, please, @jlewi. The LF/CNCF requires it. |
Contributor
Author
|
@sourishkrout FYI looks like github copilot doesn't signoff correctly when you accept its suggestions. |
jlewi
force-pushed
the
dev/jlewi/image
branch
from
15d11b6 to
f043b29
Compare
| ) | ||
|
|
||
| //go:embed dist/index.* | ||
| // TODO(jlewi): I think we should get rid of embedded assets. Now that we publish and download assets |
Contributor
There was a problem hiding this comment.
Feel free to remove it in this PR, @jlewi. It's unused.
sourishkrout
approved these changes
Feb 12, 2026
sourishkrout
pushed a commit
that referenced
this pull request
Feb 20, 2026
* Support downloading the static assets from the published OCI image since thats how runmedev/web is publishing them * We want to be able to support serving additional YAML/JSON files from the server e.g. https://acme.dev/configs/app-configs.yaml * This YAML can contain application configuration that the webapp fetches and configures itself with * e.g. it can contain the OIDC and Google Drive configuration. * Then in the web app we can just do ``` app.setConfig("http://localhost:9966/configs/app-configs.yaml") ``` * Allow CORS to be partially set on static assets. During development we might still serve app-configs from the server even though the frontend is running on a different development server. --------- Signed-off-by: Jeremy lewi <jeremy@lewi.us>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Support downloading the static assets from the published OCI image since thats how runmedev/web is publishing them
We want to be able to support serving additional YAML/JSON files from the server e.g.
https://acme.dev/configs/app-configs.yaml
This YAML can contain application configuration that the webapp fetches and configures itself with
Then in the web app we can just do
Allow CORS to be partially set on static assets. During development we might still serve app-configs from the server even though the frontend is running on a different development server.