fix(seal-policy): extend dbus_disabled marker to coderabbit bundle + add us.i.posthog.com to coderabbit network grants (SEA-769)

[mattwilkinsonn]

Pull request

Summary

The coderabbit bundle now injects DBUS_SESSION_BUS_ADDRESS=disabled: into the spawn environment (the same fix already applied to gh) so that cr's unconditional libsecret startup probe fails fast instead of blocking indefinitely inside the bwrap namespace. The bundle's allowed network list also gains us.i.posthog.com so the CLI's PostHog telemetry calls succeed and don't surface 403 errors into the structured agent-mode review report.

Related issues

Refs SEA-769

Changes

• resolve_gh_dbus_disabled renamed to resolve_dbus_disabled; the coderabbit bundle name is added alongside gh as a trigger so any coderabbit:* or cr:* spawn sets the dbus_disabled marker.
• KernelParams.gh_dbus_disabled field renamed to dbus_disabled with updated doc-comment covering both the gh and coderabbit cases.
• us.i.posthog.com added to the coderabbit bundle's allowed domain list so telemetry flushes on startup and review completion don't 403 at the proxy and pollute the review report.
• All test fixtures, integration tests, and assertion messages updated to use dbus_disabled.
• Four new unit tests added: coderabbit_alone_on_coderabbit_pattern_sets_dbus_disabled, coderabbit_alone_on_cr_pattern_sets_dbus_disabled, coderabbit_granted_on_unrelated_pattern_omits_dbus_disabled, and kernel_params_hash_flips_with_coderabbit_dbus_disabled.
• Bundle doc-comments, the reference docs page, and the JSON schema updated to describe the DBus short-circuit behavior and the PostHog domain grant.

Test plan

• New unit tests in seal-sandbox/src/compile.rs cover the coderabbit:* and cr:* pattern cases, the negative case (coderabbit bundle granted but unrelated pattern), and the kernel-params hash flip.
• Existing gh_dbus_disabled tests (now dbus_disabled) continue to pass unchanged in behavior.
• coderabbit_bundle_curated_domains assertion updated to include us.i.posthog.com and verified against the bundle definition.
• Grant synthesis integration test updated to assert us.i.posthog.com is in the synthesized domain allowlist for a coderabbit command-tools entry.

Notes for reviewers

The dbus_disabled marker is intentionally shared between gh and coderabbit rather than introducing a second per-bundle flag — both cases are "libsecret-using binary in the bwrap namespace, needs the same env-var short-circuit." The resolve_dbus_disabled doc-comment enumerates all triggers explicitly so the full set is discoverable from a single grep.

---

^{Need help on this PR? Tag /codesmith with what you need. Autofix is disabled.}

[linear-code]

SEA-769

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 8349318a-4d95-46c9-8bb7-03081069d374

📥 Commits

Reviewing files that changed from the base of the PR and between 8be9f83 and 61f0d6f.

📒 Files selected for processing (16)

• crates/seal-policy/src/manifest/sandbox.rs
• crates/seal-policy/src/manifest/tests/grant_synthesis.rs
• crates/seal-runtime/src/scope/sandbox_spawn/linux.rs
• crates/seal-runtime/src/scope/sandbox_spawn/macos.rs
• crates/seal-runtime/src/scope/sandbox_spawn/mod.rs
• crates/seal-runtime/src/scope/tool_scope.rs
• crates/seal-runtime/tests/bwrap_dispatcher_integration.rs
• crates/seal-runtime/tests/integration/e2e/sandbox_command_run.rs
• crates/seal-sandbox/src/compile.rs
• crates/seal-sandbox/src/kernel_params.rs
• crates/seal-sandbox/src/linux.rs
• crates/seal-sandbox/src/macos.rs
• crates/seal-sandbox/tests/bwrap_integration.rs
• crates/seal-sandbox/tests/sandbox_exec_integration.rs
• docs/site/src/content/docs/reference/manifest/sandbox/command-tools.mdx
• schemas/seal.toml.json

---

📝 Walkthrough

Summary by CodeRabbit

• Bug Fixes

  • Coderabbit and CLI sandboxing now force DBus to fail fast so the CLI reliably falls back to API-key auth when needed.

• Documentation

  • Updated Coderabbit docs to document the DBus fail-fast behavior and added us.i.posthog.com to the default telemetry/network allowlist.

Walkthrough

This PR generalizes the DBus-disable mechanism from GitHub-only to support both GitHub and Coderabbit bundles. The KernelParams.gh_dbus_disabled field is renamed to dbus_disabled, the resolver logic is expanded to recognize coderabbit as a trigger, all test fixtures are updated, and the coderabbit bundle's network allowlist gains the us.i.posthog.com telemetry endpoint.

Changes

DBus disable field generalization and coderabbit bundle support

Layer / File(s)	Summary
KernelParams struct field rename and documentation crates/seal-sandbox/src/kernel_params.rs	gh_dbus_disabled field is replaced with dbus_disabled, and documentation is broadened to cover both GitHub (SEA-571) and Coderabbit (SEA-769) scenarios where DBUS_SESSION_BUS_ADDRESS=disabled: forces libsecret/DBus failures.
Resolver logic and documentation expanded to support coderabbit crates/seal-sandbox/src/compile.rs	resolve_dbus_disabled replaces resolve_gh_dbus_disabled with OR-style conditions accepting both gh and coderabbit bundle names. Function documentation, condition list, and bundle-name gating are expanded. Test helper tool_entry_for gains a coderabbit arm and tests updated.
Resolver test suite updated for gh and coderabbit triggers crates/seal-sandbox/src/compile.rs	Existing marker and hash tests updated to assert p.dbus_disabled. New SEA-769 test cases validate coderabbit-bundle trigger for coderabbit:* and cr:* patterns, including negative cases and kernel-params hash flipping.
Runtime environment injection updated for generalized flag crates/seal-runtime/src/scope/tool_scope.rs	A generalized dbus_disable_env gated by kernel_params.dbus_disabled replaces the GitHub-only gh_dbus_env. Comment expanded to cover broader libsecret/DBus failure modes.
Test fixture updates across runtime and sandbox test helpers crates/seal-runtime/src/scope/sandbox_spawn/*.rs, crates/seal-runtime/tests/*.rs, crates/seal-sandbox/src/*.rs, crates/seal-sandbox/tests/*.rs	All test helpers updated to use dbus_disabled: false instead of removed gh_dbus_disabled: false.
Policy manifest coderabbit bundle docs and telemetry domain allowlist crates/seal-policy/src/manifest/sandbox.rs, crates/seal-policy/src/manifest/tests/grant_synthesis.rs	Coderabbit bundle documentation refined with DBus-disable mechanism and SEA-769 reference. Curated network allowlist extended to include us.i.posthog.com for telemetry. Unit test expectations updated.
BDD test rename and user-facing documentation updates crates/seal-runtime/tests/integration/e2e/sandbox_command_run.rs, docs/site/src/content/docs/reference/manifest/sandbox/command-tools.mdx, schemas/seal.toml.json	DBus-disable credential-helper BDD test renamed and contract updated to reference generalized resolver. User documentation and JSON schema updated to describe DBus-disable mechanism and expanded network allowlist.

🎯 3 (Moderate) | ⏱️ ~25 minutes

A rabbit hops through the sandbox gates, 🐰
Disabling DBus with a clever trick—
GitHub and Coderabbit both now sprint,
Faster to the --api-key they skip!
Telemetry batches from posthog.com shine bright. ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically describes the main changes: extending dbus_disabled to coderabbit and adding posthog domain to network grants, with direct reference to the SEA-769 issue.
Description check	✅ Passed	The description provides comprehensive context about the changeset, explaining why dbus_disabled is needed for coderabbit, why posthog domain is needed, the refactoring approach, test coverage, and implementation details.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch sea-769-coderabbit-dbus-disabled--athena

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[mattwilkinsonn]

• fix(seal-policy): extend dbus_disabled marker to coderabbit bundle + add us.i.posthog.com to coderabbit network grants (SEA-769) #484 👈 (View in Graphite)
• main

---

How to use the Graphite Merge Queue

Add either label to this PR to merge it via the merge queue:

• Merge Queue - adds this PR to the back of the merge queue
• Merge Queue Fast Track - for urgent changes, fast-track this PR to the front of the merge queue

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has required the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

This stack of pull requests is managed by Graphite. Learn more about stacking.

[github-actions]

Docs preview: https://870662e9.seal-docs.pages.dev

[greptile-apps]

Greptile Summary

This PR extends the dbus_disabled sandbox marker (previously gh_dbus_disabled) to also cover the coderabbit bundle, and adds us.i.posthog.com to the coderabbit bundle's allowed domain list to prevent PostHog telemetry 403 errors from polluting agent-mode review reports.

• Renames KernelParams.gh_dbus_disabled → dbus_disabled and resolve_gh_dbus_disabled → resolve_dbus_disabled; adds "coderabbit" alongside "gh" as a trigger in the loop, so any coderabbit:* or cr:* spawn injects DBUS_SESSION_BUS_ADDRESS=disabled: into the spawn environment.
• Adds us.i.posthog.com to the coderabbit bundle's domains list and updates all test fixtures, integration tests, doc comments, reference docs, and the JSON schema accordingly.
• Adds four new unit tests covering the coderabbit:* pattern, the cr:* alias, the negative case (bundle granted but unrelated pattern), and the kernel-params hash flip.

Confidence Score: 5/5

Safe to merge — the changes are a focused rename plus a well-tested extension of an existing mechanism to a second bundle.

The rename from gh_dbus_disabled to dbus_disabled is applied consistently across all 16 changed files with no missed sites. The addition of coderabbit to resolve_dbus_disabled mirrors the existing gh path exactly, and is covered by four new unit tests including positive, negative, and hash-flip cases. The us.i.posthog.com domain grant is low-risk — it unblocks outbound telemetry that was already occurring (and 403ing) rather than opening a new egress path. The one pre-existing dead-code line (is_direnv_wrap_target) was already flagged in a previous review and does not affect correctness.

No files require special attention.

Important Files Changed

Filename	Overview
crates/seal-sandbox/src/compile.rs	Renames resolve_gh_dbus_disabled → resolve_dbus_disabled and adds "coderabbit" to the bundle-name filter; the pre-existing is_direnv_wrap_target variable inside the loop is dead code (carried forward, flagged in prior review) but no new logic errors introduced. Four new unit tests added.
crates/seal-sandbox/src/kernel_params.rs	Renames gh_dbus_disabled: bool → dbus_disabled: bool with expanded doc comment covering both gh and coderabbit triggers; clean field rename, no logic changes.
crates/seal-policy/src/manifest/sandbox.rs	Adds us.i.posthog.com to the coderabbit bundle's domain list with detailed rationale; updates BundleName::Coderabbit and ExpandedTool::Coderabbit doc comments; updates coderabbit_bundle_curated_domains test assertion to include the new domain.
crates/seal-runtime/src/scope/tool_scope.rs	Renames gh_dbus_env → dbus_disable_env and gh_dbus_disabled → dbus_disabled; updates comment to cover both gh and coderabbit cases. Clean rename, no logic changes.
crates/seal-policy/src/manifest/tests/grant_synthesis.rs	Adds us.i.posthog.com to the coderabbit grant synthesis test assertion; straightforward domain list update.
docs/site/src/content/docs/reference/manifest/sandbox/command-tools.mdx	Updates coderabbit bundle description to document the DBus short-circuit behavior and the us.i.posthog.com telemetry grant.
schemas/seal.toml.json	JSON schema descriptions updated for both the coderabbit bundle name and the coderabbit expanded tool to match the new domain list and DBus behavior.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A["spawn request\n(matched_pattern)"] --> B{"gh_credential_helper\nactive?"}
    B -- yes --> E["dbus_disabled = true"]
    B -- no --> C{"loop: entry in\ncommand_tools"}
    C --> D{"entry.name ==\n'gh' OR 'coderabbit'?"}
    D -- no --> C
    D -- yes --> F{"bundle_applies\n(entry, pattern)?"}
    F -- no --> C
    F -- yes --> E
    C -- exhausted --> G["dbus_disabled = false"]
    E --> H["dispatcher injects\nDBUS_SESSION_BUS_ADDRESS=disabled:"]
    G --> I["no DBus env injected"]
    H --> J["libsecret fails-fast\n→ falls back to --api-key / file token"]

Loading

_{Reviews (3): Last reviewed commit: "fix(seal-policy, seal-sandbox): coderabb..." | Re-trigger Greptile}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@crates/seal-policy/src/manifest/sandbox.rs`:
- Around line 1709-1722: Update the explanatory comment around the
"us.i.posthog.com" entry to explicitly state this is PostHog's US
ingestion/capture host (used for capture/ingest API paths like /i/v0/e/) and
clarify that it is distinct from the PostHog app domain (e.g., us.posthog.com);
reference the string "us.i.posthog.com" in the comment and replace or append the
existing text so readers understand this is the ingestion endpoint used for
telemetry requests.

In `@schemas/seal.toml.json`:
- Line 260: The ExpandedTool entry for "coderabbit" still has the old
default-network text; update the coderabbit description string in the
ExpandedTool (the "coderabbit" / "cr" docblock) so its default network list
includes "cli.coderabbit.ai" and "us.i.posthog.com" to match the shorter/schema
description—ensure the same phrasing used earlier (including "*.coderabbit.ai",
"cli.coderabbit.ai", "us.i.posthog.com", and GitHub) and keep the rest of the
env-var and API-key explanation unchanged.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 51e05d6c-c1b2-450c-807e-e0d278de36f3

📥 Commits

Reviewing files that changed from the base of the PR and between 207c70f and a750d89.

📒 Files selected for processing (16)

• crates/seal-policy/src/manifest/sandbox.rs
• crates/seal-policy/src/manifest/tests/grant_synthesis.rs
• crates/seal-runtime/src/scope/sandbox_spawn/linux.rs
• crates/seal-runtime/src/scope/sandbox_spawn/macos.rs
• crates/seal-runtime/src/scope/sandbox_spawn/mod.rs
• crates/seal-runtime/src/scope/tool_scope.rs
• crates/seal-runtime/tests/bwrap_dispatcher_integration.rs
• crates/seal-runtime/tests/integration/e2e/sandbox_command_run.rs
• crates/seal-sandbox/src/compile.rs
• crates/seal-sandbox/src/kernel_params.rs
• crates/seal-sandbox/src/linux.rs
• crates/seal-sandbox/src/macos.rs
• crates/seal-sandbox/tests/bwrap_integration.rs
• crates/seal-sandbox/tests/sandbox_exec_integration.rs
• docs/site/src/content/docs/reference/manifest/sandbox/command-tools.mdx
• schemas/seal.toml.json