Skip to content

Add Augment Code "Auggie" CLI as a new agentic engine #42199

Description

@carlosflorencio

Add Augment Code "Auggie" CLI as a new agentic engine

Summary

Add the Augment Code Auggie CLI as a new (experimental) agentic engine, alongside the existing Copilot, Claude, Codex, Gemini, Crush, OpenCode, and Pi engines. Auggie is a single-provider hosted agent: authentication happens via a session JSON (AUGMENT_SESSION_AUTH, produced by auggie login), and the model is selected by Augment Code's backend unless overridden with --model.

This issue contains a complete, step-by-step agentic plan as required by CONTRIBUTING.md (non-core contributors submit plans rather than PRs). I have a working, verified reference implementation that rebases cleanly onto main (see "Reference implementation" at the bottom), so the plan below is concrete and grounded in code that already compiles and passes tests.

Motivation / Use case

Auggie is a CLI coding agent with a non-interactive --print mode well suited to CI automation, built-in web-fetch/web-search tools, and standard {"mcpServers": {...}} MCP config support. Adding it as an engine lets workflow authors select engine: auggie and run agentic workflows on Augment Code's hosted agent, the same way they can with the other engines today.

Usage example

Once the engine is registered, a workflow author selects it like any other engine. Minimal form:

---
on:
  workflow_dispatch:
engine:
  id: auggie
permissions:
  contents: read
---

# My workflow
Summarize the open pull requests in this repository.

Extended form (pin a version, override the model, and add args), mirroring EngineConfig handling in the plan:

engine:
  id: auggie
  version: "0.29.0"      # optional; defaults to DefaultAuggieVersion
  model: <model-name>    # optional; appended as `--model <model-name>`
  args: ["--quiet"]      # optional; appended after the built-in `--print --quiet`

Authentication is provided via the AUGMENT_SESSION_AUTH repository secret (the session JSON produced by auggie login).

Implementation plan

The engine follows the existing Engine Separation Pattern (one file per engine, shared helpers reused). All helper APIs referenced below already exist on main (GenerateNpmInstallSteps, BuildNpmEngineInstallStepsWithAWF, BuildAWFCommand, BuildDefaultSecretValidationStep, renderDefaultJSONMCPConfig, GetAllowedDomainsForEngine, etc.).

  1. Register the engine ID and metadata (pkg/constants/engine_constants.go):

    • Add AuggieEngine EngineName = "auggie".
    • Append string(AuggieEngine) to the AgenticEngines slice (it must stay last to preserve catalog ordering expected by tests).
    • Add an engine descriptor entry: Value: "auggie", Label: "Auggie", Description: "Augment Code Auggie CLI (experimental)", SecretName: "AUGMENT_SESSION_AUTH", KeyURL: "https://docs.augmentcode.com/cli/overview", WhenNeeded: "Auggie engine workflows".
    • Add model env-var constants EnvVarModelAgentAuggie = "GH_AW_MODEL_AGENT_AUGGIE" and EnvVarModelDetectionAuggie = "GH_AW_MODEL_DETECTION_AUGGIE".
    • Add AuggieSessionAuthEnvVar = "AUGMENT_SESSION_AUTH" (the native env var the Auggie CLI reads).
  2. Pin the default version (pkg/constants/version_constants.go):

    • Add const DefaultAuggieVersion Version = "0.29.0".
  3. Implement the engine (pkg/workflow/auggie_engine.go), a new AuggieEngine embedding BaseEngine:

    • NewAuggieEngine() with id: "auggie", displayName: "Auggie CLI", experimental: true, and capabilities: ToolsAllowlist: false (Auggie manages its own tool permissions), MaxTurns: false (no native max-turns flag), WebSearch: true (built-in web-fetch/web-search), MaxContinuations: false, NativeAgentFile: false.
    • GetRequiredSecretNames: AUGMENT_SESSION_AUTH + collectCommonMCPSecrets + GITHUB_MCP_SERVER_TOKEN when a GitHub tool is present + HTTP MCP header secrets.
    • GetSecretValidationStep: BuildDefaultSecretValidationStep(..., []string{AUGMENT_SESSION_AUTH}, "Auggie CLI", "https://docs.augmentcode.com/cli/overview").
    • GetInstallationSteps: install via GenerateNpmInstallSteps("@augmentcode/auggie", version, "Install Auggie CLI", "auggie", true /*node setup*/, false /*no install scripts*/, false /*no release-age cooldown*/), then a auggie --version verify step, wrapped with BuildNpmEngineInstallStepsWithAWF. Respect EngineConfig.Command/EngineConfig.Version overrides.
    • GetExecutionSteps: build args --print --quiet, append --model <m> when EngineConfig.Model is set, append EngineConfig.Args, append --mcp-config "${RUNNER_TEMP}/gh-aw/mcp-config/mcp-servers.json" when MCP servers are present, then the prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)". Route through BuildAWFCommand when the firewall is enabled (excluding AUGMENT_SESSION_AUTH from the forwarded env via ComputeAWFExcludeEnvVarNames), otherwise a plain tee-to-logfile command. Set env (AUGMENT_SESSION_AUTH, GH_AW_PROMPT, GITHUB_AW, GH_AW_PHASE, GH_AW_MAX_TURNS, MCP config path, etc.) and filter via FilterEnvForSecrets.
    • GetAgentManifestFiles: ["AGENTS.md"]; GetAgentManifestPathPrefixes: [".augment/"] (protect Auggie config from fork-PR injection).
    • Compile-time assertion: var _ CodingAgentEngine = (*AuggieEngine)(nil).
  4. MCP config rendering (pkg/workflow/auggie_mcp.go):

    • (*AuggieEngine).RenderMCPConfig delegating to renderDefaultJSONMCPConfig(..., "${RUNNER_TEMP}/gh-aw/mcp-config/mcp-servers.json") (standard {"mcpServers": {...}} schema).
  5. Register in the engine catalog (pkg/workflow/agentic_engine.go):

    • Add NewAuggieEngine() to the registered engines list.
  6. Version/lookup wiring (pkg/workflow/compiler_yaml_lookups.go):

    • Map AuggieEngine -> DefaultAuggieVersion in the relevant version-lookup switch/maps, and include AuggieEngine in the npm-engine grouping alongside Claude/Gemini/OpenCode/Crush/Pi.
  7. Network domains (pkg/workflow/domains.go):

    • Add AuggieDefaultDomains = []string{"*.augmentcode.com", "api.augmentcode.com", "auth.augmentcode.com", "d3.augmentcode.com"}.
    • Map constants.AuggieEngine -> AuggieDefaultDomains in the per-engine domains map, and add AuggieEngine to the engine grouping that uses default-domain handling.
  8. Engine data descriptor (pkg/workflow/data/engines/auggie.md):

    • Frontmatter: id: auggie, display-name: Auggie CLI, runtime-id: auggie, provider.name: augmentcode, auth: [{role: session, secret: AUGMENT_SESSION_AUTH}].
  9. JSON schema (pkg/parser/schemas/main_workflow_schema.json):

    • Add auggie to the allowed engine.id enum so engine: auggie validates.
  10. Docs (docs/src/content/docs/reference/engines.md):

    • Add Auggie to the engines table (id auggie, secret AUGMENT_SESSION_AUTH session JSON from auggie login), default-version row ("0.29.0"), and the page description list.
  11. Smoke workflow (.github/workflows/smoke-auggie.md):

    • A slash_command: smoke-auggie workflow with engine: { id: auggie }, strict: true, GitHub MCP (repos, pull_requests), web-fetch, bash, edit, cache-memory, and safe-outputs (add-comment, create-issue, add-labels), exercising GitHub MCP, web-fetch, file writing, bash, and make build. Recompile to generate its .lock.yml.
  12. Tests (extend existing tables; do not add net-new test files beyond the engine's own):

    • pkg/workflow/auggie_engine_test.go: install/execute step generation, args (--print --quiet, --model, --mcp-config), secret requirements, capabilities, manifest files/prefixes.
    • pkg/workflow/engine_catalog_test.go: catalog contains auggie in the expected position.
    • pkg/constants/constants_test.go: AgenticEngines includes auggie; descriptor fields correct.
    • pkg/cli/completions_test.go: engine-name completion count includes auggie.

Validation

All changes pass the standard gate (make agent-finish): make build, make test, make recompile (regenerates all .lock.yml, including smoke-auggie.lock.yml), make update-wasm-golden, make fmt, make lint, make lint-errors. The generated smoke-auggie.lock.yml installs @augmentcode/auggie@0.29.0, runs auggie --print --quiet --mcp-config ... "$(cat .../prompt.txt)", validates AUGMENT_SESSION_AUTH, and excludes that secret from the firewall env in both agent and detection phases.

Because the engine deeply impacts execution, this is a good candidate for the smoke label so a smoke run validates it end to end.

Reference implementation

I have a complete, rebased-onto-main, verified implementation on a fork branch that a core team member can use as a starting point:

https://github.com/carlosflorencio/gh-aw/tree/add-auggie-engine

It touches 14 source files (listed above) plus regenerated lock/golden artifacts. Happy to refine the plan or the reference branch based on team feedback.

Metadata

Metadata

Type

No type
No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions