fix: improve sandbox model handling and diagnostics

[Zeyuzhao]

Summary

• sanitize unsupported models in session state responses and sandbox model resolution
• add sandbox creation diagnostics in the Modal backend and API
• expose the sandbox settings page in the web integrations UI

Testing

• Not run

Summary by CodeRabbit

Release Notes

• New Features

  • Added sandbox integration settings page for enhanced configuration management.

• Bug Fixes

  • Improved validation and normalization of model selection and reasoning effort parameters to handle unsupported values gracefully.

• Chores

  • Enhanced diagnostic logging throughout sandbox creation pipeline for better monitoring.
  • Updated provider model registry for improved compatibility.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR normalizes model handling across session lifecycle endpoints through validation functions, introduces structured logging to sandbox creation and API responses for improved observability, updates the Docker image cache-buster for OpenCode refresh, and adds support for a new "sandbox" integration type in the settings UI.

Changes

Cohort / File(s)	Summary
Session Lifecycle Model Validation packages/control-plane/src/sandbox/lifecycle/manager.ts, packages/control-plane/src/session/http/handlers/session-lifecycle.handler.ts, packages/control-plane/src/session/http/handlers/session-lifecycle.handler.test.ts	Model value normalization via getValidModelOrDefault in session manager and handler, with corresponding test coverage for invalid/unsupported models and reasoning_effort validation behavior.
Modal Infrastructure Observability packages/modal-infra/src/sandbox/manager.py, packages/modal-infra/src/web_api.py	Structured logging additions at sandbox creation stages (start, Modal readiness, tunnel readiness) and API response/error handling, including timing measurements and session/sandbox identifiers.
Docker Image Cache Management packages/modal-infra/src/images/base.py	Cache-buster version bump from v46-prebuilt-deps to v47-opencode-refresh with updated comment reflecting OpenCode model registry refresh.
Web UI Integration Type packages/web/src/app/(app)/settings/integrations/[id]/page.tsx	Conditional rendering support for new "sandbox" integration type alongside existing GitHub, Linear, and Code Server integrations.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• fix(modal): fix Sandbox.create test mocks, enforce test-python in CI #419: Touches the same modal-infra sandbox creation code path with production handling of modal.Sandbox.create.aio and related test mocking.

Poem

🐰 Models now validated true and bright,
Logs now flow with structured delight,
Sandbox tunnels sing of their creation,
OpenCode refreshed through iteration,
New integrations hop into place!

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main changes: improving model handling (sanitization/validation) across multiple layers and adding diagnostics (logging) in the backend.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (2)

packages/modal-infra/src/web_api.py (1)

188-241: LGTM — structured diagnostics around sandbox creation.

Start/success/error logs include the identifiers needed to correlate control-plane spawn attempts with Modal-side outcomes (session_id, sandbox_id, trace_id, request_id, repo). Payload is unchanged, and the finally block still emits the uniform modal.http_request summary.

Minor nit (optional): request.get("session_id") is repeated across the three log sites; hoisting it into a local near the top of the handler would DRY it up and guarantee all three logs reflect the same value.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/modal-infra/src/web_api.py` around lines 188 - 241, Hoist the
repeated request.get("session_id") into a local variable at the start of the
handler (e.g., session_id = request.get("session_id")) and use that variable in
all three log sites instead of calling request.get each time; update the
session_id parameter in the "api.create_sandbox.start" and
"api.create_sandbox.success" log.info calls and the "api.error" log.error call
so they reference the new session_id local (the affected symbols are
manager.create_sandbox, the
"api.create_sandbox.start"/"api.create_sandbox.success" log.info calls, and the
"api.error" log.error call).

packages/control-plane/src/session/http/handlers/session-lifecycle.handler.ts (1)

164-179: LGTM — state response now returns a guaranteed-valid model.

Normalizing session.model via getValidModelOrDefault and revalidating reasoning_effort against the normalized model (omitting it when invalid) makes the response self-consistent even when stored DB rows contain stale/unsupported model IDs. This pairs cleanly with the matching change in SandboxLifecycleManager.resolveProviderAndModel.

One thing worth considering (optional): when the stored session.model differs from the normalized one returned here, clients may overwrite their local state with the default silently. If that's undesired, consider persisting the sanitized value back to the session row (or surfacing a warning log) so the divergence doesn't persist across reads.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@packages/control-plane/src/session/http/handlers/session-lifecycle.handler.ts`
around lines 164 - 179, Response normalization currently uses
getValidModelOrDefault and revalidates with deps.validateReasoningEffort, but if
the sanitized model differs from the stored session.model clients may silently
drift; update the session row when the normalized model differs by calling the
session persistence/update routine used elsewhere (or add a call to a
SessionRepository.updateSession field) from the session-lifecycle handler after
computing model, or alternatively emit a warning log via processLogger (or the
existing logger) indicating the mismatch; reference getValidModelOrDefault,
deps.validateReasoningEffort, and
SandboxLifecycleManager.resolveProviderAndModel to locate the related logic and
ensure the persistence/log path runs before returning the Response.json payload.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In
`@packages/control-plane/src/session/http/handlers/session-lifecycle.handler.ts`:
- Around line 164-179: Response normalization currently uses
getValidModelOrDefault and revalidates with deps.validateReasoningEffort, but if
the sanitized model differs from the stored session.model clients may silently
drift; update the session row when the normalized model differs by calling the
session persistence/update routine used elsewhere (or add a call to a
SessionRepository.updateSession field) from the session-lifecycle handler after
computing model, or alternatively emit a warning log via processLogger (or the
existing logger) indicating the mismatch; reference getValidModelOrDefault,
deps.validateReasoningEffort, and
SandboxLifecycleManager.resolveProviderAndModel to locate the related logic and
ensure the persistence/log path runs before returning the Response.json payload.

In `@packages/modal-infra/src/web_api.py`:
- Around line 188-241: Hoist the repeated request.get("session_id") into a local
variable at the start of the handler (e.g., session_id =
request.get("session_id")) and use that variable in all three log sites instead
of calling request.get each time; update the session_id parameter in the
"api.create_sandbox.start" and "api.create_sandbox.success" log.info calls and
the "api.error" log.error call so they reference the new session_id local (the
affected symbols are manager.create_sandbox, the
"api.create_sandbox.start"/"api.create_sandbox.success" log.info calls, and the
"api.error" log.error call).

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: ca8a88f9-494c-42c3-9b5b-55fded09cade

📥 Commits

Reviewing files that changed from the base of the PR and between 6f9ee21 and 23679f5.

📒 Files selected for processing (7)

• packages/control-plane/src/sandbox/lifecycle/manager.ts
• packages/control-plane/src/session/http/handlers/session-lifecycle.handler.test.ts
• packages/control-plane/src/session/http/handlers/session-lifecycle.handler.ts
• packages/modal-infra/src/images/base.py
• packages/modal-infra/src/sandbox/manager.py
• packages/modal-infra/src/web_api.py
• packages/web/src/app/(app)/settings/integrations/[id]/page.tsx

[ColeMurray]

this exists already in the main settings and would be duplicated here