fix(ci): #528 — e2e assertions auth via ANTHROPIC_API_KEY

[silongtan]

Summary

• Switch v0-user-flow-e2e.yml assertions job from production env (CLAUDE_CODE_OAUTH_TOKEN) to ci-test env (ANTHROPIC_API_KEY)
• Decouples CI from the org Claude Code subscription, which was disabled and surfaced as oauth_org_not_allowed 403 on every flow before turn 1
• Aligns the assertions job with the recording job (already on ANTHROPIC_API_KEY) and with test-mcp-regression.yml + preflight-eval.yml

Closes #528.

Why ANTHROPIC_API_KEY, not Copilot or re-enabling the subscription

• claude -p (the harness's call surface) honours ANTHROPIC_API_KEY natively — no other changes needed
• The harness exists to validate the Claude Code + bicameral-mcp surface end-to-end; swapping the LLM (Copilot) defeats the test, and Copilot doesn't host MCP tool calls the same way
• Re-enabling the org subscription is an external blocker (already disabled once); API key bills per-run and only on PRs that touch the e2e surface

Test plan

• CI: the new run on this PR shows ANTHROPIC_API_KEY: present (length=…) in the visibility probe and all 7 flows reach turn ≥ 1
• No oauth_org_not_allowed lines in any flow's .ndjson
• Once green, PRs fix(code-locator): #334 — validate_symbols returns indexed_at_sha for snapshot-drift detection #527, fix(skill): #402 — preflight auto-fires on /qor-plan + sibling slash-commands #524, feat(handlers): mutation writes routed through DaemonProxy (Phase 2c-6c) #516 should rerun cleanly without further changes

🤖 Generated with Claude Code

Summary by CodeRabbit

• Chores
  • Updated CI/CD pipeline configuration to use Anthropic API credentials for end-to-end testing.
  • Migrated test environment setup for improved credential management.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 0c8b26e3-4557-43fa-965c-f8b942568a66

📥 Commits

Reviewing files that changed from the base of the PR and between 7672029 and 5ad5d79.

📒 Files selected for processing (3)

• .github/workflows/v0-user-flow-e2e.yml
• tests/e2e/README.md
• tests/e2e/run_e2e_flows.py

---

📝 Walkthrough

Walkthrough

The workflow's Stage 1 assertions job moves from the production environment to ci-test, replacing CLAUDE_CODE_OAUTH_TOKEN authentication with ANTHROPIC_API_KEY. The visibility probe is updated accordingly, and documentation is aligned to reflect the new setup.

Changes

E2E Workflow Authentication Migration

Layer / File(s)	Summary
Workflow environment and auth migration .github/workflows/v0-user-flow-e2e.yml	Stage 1 assertions job environment changes from production to ci-test. OAuth token visibility probe is replaced with an Anthropic API key visibility probe that fails fast if unset. The "Run v0 user flow e2e" step env wiring switches from CLAUDE_CODE_OAUTH_TOKEN to ANTHROPIC_API_KEY.
Documentation alignment tests/e2e/README.md, tests/e2e/run_e2e_flows.py	README and Python module docstrings update to reflect ci-test environment and ANTHROPIC_API_KEY-based authentication instead of the prior production environment setup with CLAUDE_CODE_OAUTH_TOKEN.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 A token's life came to an end,
When OAuth gently had to bend,
Now Anthropic keys light the way,
Through ci-test's gates, the flows will play!

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically identifies the main change: switching e2e assertions authentication from CLAUDE_CODE_OAUTH_TOKEN to ANTHROPIC_API_KEY to fix issue #528.
Linked Issues check	✅ Passed	The PR successfully addresses issue #528 by switching the assertions job from the production environment (CLAUDE_CODE_OAUTH_TOKEN) to the ci-test environment (ANTHROPIC_API_KEY), removing the oauth_org_not_allowed error and aligning with the recording job.
Out of Scope Changes check	✅ Passed	All changes are directly scoped to fixing issue #528: updating the workflow, documentation, and environment variable references from CLAUDE_CODE_OAUTH_TOKEN to ANTHROPIC_API_KEY with no unrelated modifications.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/528-e2e-anthropic-api-key

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}