@desplega.ai/agent-swarm 1.95.0 → 1.96.0

package/src/commands/provider-credentials.ts

@@ -29,6 +29,21 @@ import { scrubSecrets } from "../utils/secret-scrubber";
 
 export type SupportedProvider = "claude" | "claude-managed" | "codex" | "devin" | "opencode" | "pi";
 
+/**
+ * True when the pi harness should use the AWS SDK Bedrock path: either an
+ * explicit `BEDROCK_AUTH_MODE=sdk`, or — preserving prefix-inference semantics —
+ * `BEDROCK_AUTH_MODE` absent with a `MODEL_OVERRIDE=amazon-bedrock/*` selection.
+ * Single source of truth for the gate so the live-test arm and the worker
+ * reconcile loop agree with `checkPiMonoCredentials`.
+ */
+export function isBedrockSdkMode(env: Record<string, string | undefined>): boolean {
+  const mode = env.BEDROCK_AUTH_MODE?.toLowerCase();
+  return (
+    mode === "sdk" ||
+    (mode === undefined && Boolean(env.MODEL_OVERRIDE?.toLowerCase().startsWith("amazon-bedrock/")))
+  );
+}
+
 /**
  * Static documentation of which env vars each provider considers when running
  * `checkCredentials`. Used by the dashboard to render hints before any worker
@@ -243,7 +258,7 @@ function parseCodexOAuthAccess(blob: string | undefined): string | null {
  * | `codex`          | `~/.codex/auth.json` (file) → `CODEX_OAUTH` (env OAuth) → `OPENAI_API_KEY` | OpenAI `/v1/models` (api-key path only) |
  * | `opencode`       | `OPENROUTER_API_KEY` → `ANTHROPIC_API_KEY` → `OPENAI_API_KEY` (pi-style) | matching provider's `/v1/models` |
  * | `pi`             | `OPENROUTER_API_KEY` → `ANTHROPIC_API_KEY` → `OPENAI_API_KEY`           | matching provider's `/v1/models` |
- * | `pi` (bedrock)   | `MODEL_OVERRIDE=amazon-bedrock/*` → AWS SDK default credential chain    | presence-only (validated at first inference call) |
+ * | `pi` (bedrock)   | `MODEL_OVERRIDE=amazon-bedrock/*` → AWS SDK default credential chain    | presence-only (real check is the worker-side Bedrock enumeration) |
  * | `devin`          | `DEVIN_API_KEY` (+ `DEVIN_API_BASE_URL` override)                       | `${baseUrl}/v1/sessions?limit=1` |
  *
  * Returns `{ok: true, latency_ms}` on 2xx, `{ok: false, error, latency_ms}`
@@ -302,20 +317,14 @@ export async function validateProviderCredentials(provider: string): Promise<Liv
       }
       case "pi":
       case "opencode": {
-        // For the pi Bedrock path, the real credential check is the
-        // `ListFoundationModels` probe that `checkProviderCredentials` (the
-        // `pi` dynamic-import arm) already ran.  That probe result is already
-        // in `buildCredStatusReport` — the live-test is a pass-through / no-op
-        // so we never issue a second AWS SDK call here (which would drag the
-        // SDK into the wrong binary or make slow IMDS calls on non-EC2 hosts).
-        // Bedrock mode: explicit BEDROCK_AUTH_MODE=sdk OR
-        //               absent BEDROCK_AUTH_MODE + amazon-bedrock/ MODEL_OVERRIDE prefix.
-        if (
-          provider === "pi" &&
-          (env.BEDROCK_AUTH_MODE?.toLowerCase() === "sdk" ||
-            (env.BEDROCK_AUTH_MODE === undefined &&
-              env.MODEL_OVERRIDE?.toLowerCase().startsWith("amazon-bedrock/")))
-        ) {
+        // For the pi Bedrock path, the real credential check is the AWS SDK
+        // enumeration (`ListFoundationModels` + `ListInferenceProfiles`) that
+        // `checkProviderCredentials` (the `pi` dynamic-import arm) already ran.
+        // That result is already in `buildCredStatusReport` — the live-test is a
+        // pass-through / no-op so we never issue a second AWS SDK call here
+        // (which would drag the SDK into the wrong binary or make slow IMDS
+        // calls on non-EC2 hosts).
+        if (provider === "pi" && isBedrockSdkMode(env)) {
           return presenceCheckOk();
         }
         // Both pi-mono and opencode resolve credentials in the same order:
@@ -408,6 +417,18 @@ export async function buildCredStatusReport(
       testedAt: Date.now(),
     };
   }
+  // Include the Bedrock enumeration block when the pi probe ran in Bedrock SDK
+  // mode (bedrockRegion is only set by checkPiMonoCredentials in that branch).
+  const bedrock: AgentCredStatus["bedrock"] =
+    presence.bedrockRegion !== undefined
+      ? {
+          region: presence.bedrockRegion,
+          probedAt: Date.now(),
+          ready: presence.ready,
+          models: presence.bedrockModels ?? [],
+          error: presence.ready ? undefined : (presence.hint ?? undefined),
+        }
+      : null;
   return {
     ready: presence.ready,
     missing: presence.missing ?? [],
@@ -417,6 +438,7 @@ export async function buildCredStatusReport(
     latestModel: null,
     reportedAt: Date.now(),
     reportKind: kind,
+    bedrock,
   };
 }
 

package/src/commands/runner.ts

@@ -60,6 +60,7 @@ import { resolveClaudeMdPath, syncProfileFilesToServer } from "./profile-sync.ts
 import {
   buildCredStatusReport,
   buildLatestModelReport,
+  isBedrockSdkMode,
   isCredCheckDisabled,
   reportCredStatus,
   reportLatestModel,
@@ -3848,6 +3849,16 @@ export async function runAgent(config: RunnerConfig, opts: RunnerOptions) {
   let lastHarnessReconcileAt = 0;
   const HARNESS_RECONCILE_INTERVAL_MS = 10_000;
 
+  // Throttle for the periodic Bedrock model-enumeration refresh. The credential
+  // report below only re-runs on a harness_provider change (boot + provider
+  // swap), so enabling Bedrock access after boot would otherwise never reach the
+  // picker. This timer re-runs the enumeration on a fixed interval, decoupled
+  // from the harness-change gate, so the UI stays accurate. 5 minutes keeps it
+  // cheap (one bounded AWS enumeration per tick) while still surfacing newly
+  // granted access within a few minutes.
+  let lastBedrockRefreshAt = 0;
+  const BEDROCK_REFRESH_INTERVAL_MS = 5 * 60 * 1000;
+
   // Create API config for ping/close
   const apiConfig: ApiConfig = { apiUrl, apiKey, agentId };
 
@@ -4572,6 +4583,22 @@ export async function runAgent(config: RunnerConfig, opts: RunnerOptions) {
           .catch((err) =>
             console.warn(`[${role}] cred_status post_task report failed (non-fatal): ${err}`),
           );
+      } else if (
+        currentHarness === "pi" &&
+        isBedrockSdkMode(process.env) &&
+        Date.now() - lastBedrockRefreshAt > BEDROCK_REFRESH_INTERVAL_MS
+      ) {
+        // Bedrock enumeration drifts independently of the harness_provider:
+        // access granted (or revoked) in the AWS console after boot won't flip
+        // the provider, so the harness-change gate above never fires. Re-run the
+        // enumeration on the throttled interval so the picker reflects the live
+        // account state. One bounded AWS round-trip per tick.
+        lastBedrockRefreshAt = Date.now();
+        buildCredStatusReport(currentHarness, process.env, {}, "post_task")
+          .then((snap) => reportCredStatus(apiUrl, apiKey, agentId, snap))
+          .catch((err) =>
+            console.warn(`[${role}] bedrock enumeration refresh failed (non-fatal): ${err}`),
+          );
       }
     }
 

package/src/http/agents.ts

@@ -615,6 +615,7 @@ export async function handleAgentsRest(
         latestModel: null,
         reportedAt: parsed.body.latest_model.reportedAt,
         reportKind: "post_task" as const,
+        bedrock: null,
       };
       finalAgent =
         updateAgentCredStatus(parsed.params.id, {

package/src/http/config.ts

@@ -14,6 +14,7 @@ import {
   reservedKeyError,
   validateConfigValue,
 } from "../be/swarm-config-guard";
+import { registerVolatileSecret } from "../utils/secret-scrubber";
 import { reloadGlobalConfigsAndIntegrations, scheduleIntegrationsReload } from "./core";
 import { route } from "./route-def";
 import { json, jsonError } from "./utils";
@@ -152,7 +153,15 @@ export async function handleConfig(
       parsed.query.agentId || undefined,
       parsed.query.repoId || undefined,
     );
-    json(res, { configs: includeSecrets ? configs : maskSecrets(configs) });
+    const result = includeSecrets ? configs : maskSecrets(configs);
+    if (includeSecrets) {
+      for (const c of result) {
+        if (c.isSecret && c.value) {
+          registerVolatileSecret(c.value, `config:${c.key}`);
+        }
+      }
+    }
+    json(res, { configs: result });
     return true;
   }
 
@@ -199,8 +208,11 @@ export async function handleConfig(
       jsonError(res, "Config not found", 404);
       return true;
     }
-    const result = includeSecrets ? config : maskSecrets([config])[0];
-    json(res, result);
+    const singleResult = includeSecrets ? config : maskSecrets([config])[0]!;
+    if (includeSecrets && singleResult.isSecret && singleResult.value) {
+      registerVolatileSecret(singleResult.value, `config:${singleResult.key}`);
+    }
+    json(res, singleResult);
     return true;
   }
 
@@ -212,7 +224,15 @@ export async function handleConfig(
       scope: parsed.query.scope || undefined,
       scopeId: parsed.query.scopeId || undefined,
     });
-    json(res, { configs: includeSecrets ? configs : maskSecrets(configs) });
+    const listResult = includeSecrets ? configs : maskSecrets(configs);
+    if (includeSecrets) {
+      for (const c of listResult) {
+        if (c.isSecret && c.value) {
+          registerVolatileSecret(c.value, `config:${c.key}`);
+        }
+      }
+    }
+    json(res, { configs: listResult });
     return true;
   }
 

package/src/http/index.ts

@@ -576,6 +576,15 @@ httpServer
       .catch((err) => {
         console.error("[boot-reembed-scripts] startup backfill failed (non-fatal):", err);
       });
+
+    // One-time scrub: retroactively redact any session_logs rows containing
+    // sensitive patterns that pre-date the defense-in-depth scrub layer.
+    // Idempotent, tracked via seed_state.
+    import("../be/boot-scrub-logs")
+      .then(({ runBootScrubLogs }) => runBootScrubLogs())
+      .catch((err) => {
+        console.error("[boot-scrub-logs] startup scrub failed (non-fatal):", err);
+      });
   })
   .on("error", (err) => {
     console.error("HTTP Server Error:", err);

package/src/prompts/session-templates.ts

@@ -158,6 +158,27 @@ When you finish a task:
 - **Failure**: Use \`store-progress\` with status: "failed" and failureReason: "<what went wrong>"
 
 Always include meaningful output - the lead agent reviews your work.
+
+#### Credential Hygiene
+
+When you retrieve secrets via \`get-config\` (with \`includeSecrets: true\`), **never pass secret values directly on a command line or embed them in tool output**. Command arguments are logged.
+
+**Safe pattern:** Write the secret to a temporary \`.env\` file, then source it:
+\`\`\`bash
+# Write to temp file (not logged)
+echo "MY_TOKEN=<value>" > /tmp/.task-env && source /tmp/.task-env
+# Use the variable (value stays out of logs)
+curl -H "Authorization: Bearer $MY_TOKEN" https://api.example.com
+rm /tmp/.task-env
+\`\`\`
+
+**Unsafe pattern (NEVER do this):**
+\`\`\`bash
+# The literal secret appears in the logged command
+curl -H "Authorization: Bearer lin_oauth_abc123..." https://api.example.com
+\`\`\`
+
+The same applies to \`store-progress\` output — never include raw secret values in progress text, output, or failure reasons.
 `,
   variables: [],
   category: "system",

package/src/providers/pi-mono-adapter.ts

@@ -8,7 +8,7 @@
 
 import { existsSync, lstatSync, symlinkSync, unlinkSync } from "node:fs";
 import { join } from "node:path";
-import { getModel } from "@earendil-works/pi-ai";
+import { getModel, getModels } from "@earendil-works/pi-ai";
 import type {
   AgentSessionEvent,
   CreateAgentSessionOptions,
@@ -75,29 +75,99 @@ function modelToCredKeys(modelStr: string | undefined): string[] | null {
 }
 
 /**
- * Run a single `ListFoundationModels` call against the AWS Bedrock management
- * API to verify that the active credential chain is valid for Bedrock in the
- * configured region. Returns the client directly (callers discard the model
- * list — only the throw/no-throw distinction is the signal).
+ * Return the pi-ai Bedrock models the harness can actually drive via the
+ * Converse API (the catalog from `getModels("amazon-bedrock")`). Each id is a
+ * valid pi-ai id — base foundation-model id OR inference-profile id (`us.` /
+ * `eu.` / `apac.` / `au.` / `global.` prefixes) — so the matched id round-trips
+ * through `MODEL_OVERRIDE=amazon-bedrock/<id>` unchanged. Used as the
+ * harness-drivable half of the (drivable ∩ invocable) intersection.
+ */
+function getHarnessDrivableBedrockModels(): Array<{ id: string; name: string }> {
+  try {
+    return getModels("amazon-bedrock").map((m) => ({ id: m.id, name: m.name }));
+  } catch {
+    // getModels may throw if the pi-ai catalog is empty or corrupted.
+    // Return an empty list — the intersection will be empty too, which is safe.
+    return [];
+  }
+}
+
+/**
+ * Enumerate the Bedrock models that are both invocable by this AWS account and
+ * drivable by the pi-ai Converse harness, and verify the credential chain in
+ * one pass:
+ *   1. VERIFY the active credential chain is valid for Bedrock in `region`
+ *      (the AWS list calls throw on auth/access failure).
+ *   2. ENUMERATE usable models = harness-drivable ∩ AWS-invocable, where the
+ *      AWS-invocable set is:
+ *        - `ListFoundationModels` filtered to on-demand TEXT models that are
+ *          `ACTIVE` (base foundation-model ids), UNION
+ *        - `ListInferenceProfiles` ids (the `us.`/`eu.`/… cross-region profile
+ *          ids). The newest Claude models on Bedrock are invocable ONLY via an
+ *          inference profile and never appear in `ListFoundationModels`, so this
+ *          union is what keeps the current models in the usable list.
+ *
+ * `ListFoundationModels` reports models that EXIST in the region, not strictly
+ * ones the account has enabled access to, so the on-demand/ACTIVE filtering
+ * narrows it; base on-demand access-grant is not fully enumerable from the
+ * catalog. The inference-profile union is what makes the *current* models
+ * accurate. The matched id is stored/displayed as the pi-ai id (the id the
+ * harness can drive); ids are matched exactly.
  *
+ * Two list calls per refresh, no pagination loops or per-model lookups.
  * Dynamically imported so the API binary never loads `@aws-sdk/client-bedrock`.
  * Tests inject a stub via `CredCheckOptions.bedrockProbe` instead.
+ *
+ * Returns `Array<{id, name}>` on success; throws on auth/access failure.
  */
-async function runBedrockSdkProbe(region: string): Promise<void> {
-  const { BedrockClient, ListFoundationModelsCommand } = await import("@aws-sdk/client-bedrock");
+export async function runBedrockSdkProbeAndEnumerate(
+  region: string,
+): Promise<Array<{ id: string; name: string }>> {
+  const { BedrockClient, ListFoundationModelsCommand, ListInferenceProfilesCommand } = await import(
+    "@aws-sdk/client-bedrock"
+  );
   const client = new BedrockClient({ region });
-  await client.send(new ListFoundationModelsCommand({}));
+
+  // AWS-invocable set, region-scoped to `region`.
+  const invocable = new Set<string>();
+
+  // Base on-demand TEXT foundation models that are ACTIVE.
+  const fmResponse = await client.send(
+    new ListFoundationModelsCommand({ byInferenceType: "ON_DEMAND", byOutputModality: "TEXT" }),
+  );
+  for (const m of fmResponse.modelSummaries ?? []) {
+    if (m.modelId && m.modelLifecycle?.status === "ACTIVE") {
+      invocable.add(m.modelId);
+    }
+  }
+
+  // Inference-profile / cross-region ids (`us.`/`eu.`/`apac.`/…). These are the
+  // only invocation path for the newest Claude models and are absent from
+  // `ListFoundationModels`.
+  const profileResponse = await client.send(new ListInferenceProfilesCommand({}));
+  for (const p of profileResponse.inferenceProfileSummaries ?? []) {
+    if (p.inferenceProfileId) {
+      invocable.add(p.inferenceProfileId);
+    }
+  }
+
+  // Usable = harness-drivable ∩ AWS-invocable, exact-id match. The stored id is
+  // the pi-ai id so it round-trips through `getModel("amazon-bedrock", id)`.
+  return getHarnessDrivableBedrockModels().filter((m) => invocable.has(m.id));
 }
 
 /**
  * Pi-mono is satisfied by ANY of:
  *   1. `BEDROCK_AUTH_MODE=sdk` — or `MODEL_OVERRIDE` selects the
  *      `amazon-bedrock` provider (prefix-inference fallback when
- *      `BEDROCK_AUTH_MODE` is absent). A real `ListFoundationModels` probe
- *      is issued via the AWS SDK default credential chain. Success →
- *      `ready:true, satisfiedBy:"sdk-delegated"`; failure → `ready:false`
- *      with a classified hint. The probe is worker-only (the pi dynamic-import
- *      arm in `checkProviderCredentials`); the API binary never imports the SDK.
+ *      `BEDROCK_AUTH_MODE` is absent). The AWS SDK default credential chain is
+ *      exercised by a real enumeration pass (`ListFoundationModels` +
+ *      `ListInferenceProfiles`) that both verifies access and lists the usable
+ *      models. Success → `ready:true, satisfiedBy:"sdk-delegated"` with the
+ *      enumerated models; failure → `ready:false` with a classified hint;
+ *      `AWS_REGION` unset → `ready:false` with a set-region hint. The
+ *      enumeration is worker-only (the pi dynamic-import arm in
+ *      `checkProviderCredentials`); the API binary never imports the SDK.
  *   2. `~/.pi/agent/auth.json` exists.
  *   3. `MODEL_OVERRIDE` is set to a non-Bedrock provider-prefixed model — only
  *      the matching provider's key is required.
@@ -118,7 +188,7 @@ export async function checkPiMonoCredentials(
   //   - Fallback:  BEDROCK_AUTH_MODE absent AND MODEL_OVERRIDE starts with
   //                "amazon-bedrock/" (preserves today's prefix-inference semantics)
   // BEDROCK_AUTH_MODE=bearer is declared/validated but the full bearer-token
-  // path is out of scope for PR1 — it falls through to the standard auth check.
+  // path is not implemented yet — it falls through to the standard auth check.
   const bedrockAuthMode = env.BEDROCK_AUTH_MODE?.toLowerCase();
   const isBedrockSdk =
     bedrockAuthMode === "sdk" ||
@@ -126,15 +196,37 @@ export async function checkPiMonoCredentials(
       env.MODEL_OVERRIDE?.toLowerCase().startsWith("amazon-bedrock/"));
 
   if (isBedrockSdk) {
-    const region = env.AWS_REGION ?? "us-east-1";
-    const probe = opts.bedrockProbe ?? (() => runBedrockSdkProbe(region));
+    const region = env.AWS_REGION;
+    if (!region) {
+      // Do NOT fabricate a region. A guessed `us-east-1` can differ from where
+      // inference actually runs, which would enumerate the wrong region's
+      // models. Report a not-ready Bedrock state with a hint instead, so the
+      // enumeration region always matches the inference region. `bedrockRegion`
+      // is an empty string (not undefined) so the report still carries a
+      // Bedrock block and the picker can surface the reason.
+      return {
+        ready: false,
+        missing: [],
+        hint: "AWS_REGION is not set — set it to the region where your Bedrock models are accessible so model enumeration matches the inference region.",
+        bedrockModels: [],
+        bedrockRegion: "",
+      };
+    }
+    const probe = opts.bedrockProbe ?? (() => runBedrockSdkProbeAndEnumerate(region));
     try {
-      await probe();
+      const probeResult = await probe();
+      // `probeResult` is `Array<{id,name}> | void` — void comes from auth-only
+      // stubs that don't exercise enumeration. Treat void as [].
+      const bedrockModels: Array<{ id: string; name: string }> = Array.isArray(probeResult)
+        ? probeResult
+        : [];
       return {
         ready: true,
         missing: [],
         satisfiedBy: "sdk-delegated",
-        hint: `AWS SDK credentials verified via ListFoundationModels (region: ${region}).`,
+        hint: `Bedrock models invocable in ${region} enumerated (${bedrockModels.length} usable; ListFoundationModels + ListInferenceProfiles).`,
+        bedrockModels,
+        bedrockRegion: region,
       };
     } catch (err) {
       const errorMessage = err instanceof Error ? err.message : String(err);
@@ -144,7 +236,9 @@ export async function checkPiMonoCredentials(
         missing: [],
         hint:
           classification?.message ??
-          `AWS Bedrock credential probe failed (region: ${region}): ${errorMessage}`,
+          `AWS Bedrock enumeration failed (region: ${region}): ${errorMessage}`,
+        bedrockModels: [],
+        bedrockRegion: region,
       };
     }
   }

package/src/providers/types.ts

@@ -181,6 +181,19 @@ export interface CredStatus {
   missing: string[];
   satisfiedBy?: "env" | "file" | "side-effect-pending" | "sdk-delegated";
   hint?: string;
+  /**
+   * Pi-mono Bedrock mode only: usable model list = harness-drivable ∩
+   * AWS-invocable (on-demand/ACTIVE foundation models ∪ inference profiles),
+   * region-scoped. Empty when enumeration failed (ready===false), when
+   * `AWS_REGION` is unset, or when the intersection is empty. Undefined when not
+   * in Bedrock mode.
+   */
+  bedrockModels?: Array<{ id: string; name: string }>;
+  /**
+   * Pi-mono Bedrock mode only: AWS region the enumeration ran against. An empty
+   * string signals Bedrock mode with `AWS_REGION` unset (no region fabricated).
+   */
+  bedrockRegion?: string;
 }
 
 /**
@@ -189,19 +202,27 @@ export interface CredStatus {
  * `~/.pi/agent/auth.json`, `~/.local/share/opencode/auth.json`. Tests inject
  * a fake `fs` + `homeDir` to exercise the file-vs-env branches deterministically.
  *
- * `bedrockProbe` is an injectable for the Bedrock SDK probe path in
- * `checkPiMonoCredentials`. In production it is left undefined and the
- * function dynamically imports `@aws-sdk/client-bedrock` to run a real
- * `ListFoundationModels` call. Tests inject a stub to avoid hitting AWS.
+ * `bedrockProbe` is an injectable for the Bedrock SDK enumeration path in
+ * `checkPiMonoCredentials`. In production it is left undefined and the function
+ * dynamically imports `@aws-sdk/client-bedrock` to run real
+ * `ListFoundationModels` + `ListInferenceProfiles` calls. Tests inject a stub
+ * to avoid hitting AWS.
  */
 export interface CredCheckOptions {
   homeDir?: string;
   fs?: { existsSync(p: string): boolean };
   /**
-   * Injectable for Bedrock SDK credential probe. When provided, called instead
-   * of the real `@aws-sdk/client-bedrock` `ListFoundationModels` call.
-   * Should throw on auth/access failure (with an AWS SDK-shaped error message)
-   * or resolve on success.
+   * Injectable for the Bedrock SDK enumeration. When provided, called instead
+   * of the real `@aws-sdk/client-bedrock` `ListFoundationModels` +
+   * `ListInferenceProfiles` calls. Should throw on auth/access failure (with an
+   * AWS SDK-shaped error message) or resolve with the intersected
+   * (harness-drivable ∩ AWS-invocable) model list on success.
+   *
+   * Return type is `Array<{id,name}> | undefined` for backward compatibility:
+   * existing test stubs that return void (`async () => {}`) are still valid
+   * (void is assignable to undefined in TypeScript's structural typing);
+   * new tests that need to exercise the model list inject stubs that return
+   * an array. Production code always returns the model list.
    */
-  bedrockProbe?: () => Promise<void>;
+  bedrockProbe?: () => Promise<Array<{ id: string; name: string }> | undefined>;
 }

package/src/tests/bedrock-model-groups.test.ts

@@ -0,0 +1,135 @@
+/**
+ * Unit tests for amazon-bedrock model group behaviour in modelGroupsForHarness.
+ *
+ * Verifies:
+ *  - Bedrock group always appears for the pi harness (NEVER blank).
+ *  - Live worker-reported models are preferred when present.
+ *  - Static snapshot from modelsdev-cache.json is used as fallback.
+ *  - Converse-incompatible models listed by AWS but absent from pi-ai's catalog
+ *    are NOT in the live list (the intersection is worker-side; this test just
+ *    ensures the UI renders what the worker sent, without adding phantom entries).
+ *  - Non-pi harnesses do NOT get a Bedrock group.
+ */
+
+import { describe, expect, test } from "bun:test";
+import {
+  type LiveBedrockStatus,
+  modelGroupsForHarness,
+} from "../../ui/src/lib/agent-runtime-models";
+
+describe("modelGroupsForHarness — Bedrock group for pi harness", () => {
+  const configs = undefined;
+  const envPresence = undefined;
+
+  test("pi harness always includes an Amazon Bedrock group (NEVER blank)", () => {
+    // No live status provided — falls back to static snapshot.
+    const groups = modelGroupsForHarness("pi", configs, envPresence);
+    const bedrockGroup = groups.find((g) => g.provider === "Amazon Bedrock");
+    expect(bedrockGroup).toBeDefined();
+    // Static snapshot has 98 models — at least one must be present.
+    expect(bedrockGroup!.models.length).toBeGreaterThan(0);
+    // All model IDs must be prefixed with the provider.
+    for (const m of bedrockGroup!.models) {
+      expect(m.id.startsWith("amazon-bedrock/")).toBe(true);
+    }
+  });
+
+  test("pi harness with no live report → Bedrock group disabled (auth state unknown)", () => {
+    const groups = modelGroupsForHarness("pi", configs, envPresence, null);
+    const bedrockGroup = groups.find((g) => g.provider === "Amazon Bedrock");
+    expect(bedrockGroup).toBeDefined();
+    expect(bedrockGroup!.enabled).toBe(false);
+  });
+
+  test("pi harness with live report ready:true → Bedrock group enabled + live models", () => {
+    const liveStatus: LiveBedrockStatus = {
+      ready: true,
+      models: [
+        { id: "anthropic.claude-sonnet-4-20250514-v1:0", name: "Claude Sonnet 4" },
+        { id: "anthropic.claude-haiku-4-5-20251001-v1:0", name: "Claude Haiku 4.5" },
+      ],
+    };
+    const groups = modelGroupsForHarness("pi", configs, envPresence, liveStatus);
+    const bedrockGroup = groups.find((g) => g.provider === "Amazon Bedrock");
+    expect(bedrockGroup).toBeDefined();
+    expect(bedrockGroup!.enabled).toBe(true);
+    expect(bedrockGroup!.models).toHaveLength(2);
+    expect(bedrockGroup!.models[0]!.id).toBe(
+      "amazon-bedrock/anthropic.claude-sonnet-4-20250514-v1:0",
+    );
+    expect(bedrockGroup!.models[0]!.label).toBe("Claude Sonnet 4");
+  });
+
+  test("pi harness with live report ready:false → Bedrock group disabled + live models shown", () => {
+    // Auth failed but we still show models so the operator can see what's available.
+    const liveStatus: LiveBedrockStatus = {
+      ready: false,
+      models: [{ id: "anthropic.claude-sonnet-4-20250514-v1:0", name: "Claude Sonnet 4" }],
+    };
+    const groups = modelGroupsForHarness("pi", configs, envPresence, liveStatus);
+    const bedrockGroup = groups.find((g) => g.provider === "Amazon Bedrock");
+    expect(bedrockGroup!.enabled).toBe(false);
+    expect(bedrockGroup!.models).toHaveLength(1);
+  });
+
+  test("pi harness with failed probe surfaces the probe error as disabledReason", () => {
+    // A failed probe (ready:false with an error) should surface WHY the group is
+    // disabled instead of a silent disable.
+    const liveStatus: LiveBedrockStatus = {
+      ready: false,
+      models: [],
+      error: "Token expired — run aws sso login",
+    };
+    const groups = modelGroupsForHarness("pi", configs, envPresence, liveStatus);
+    const bedrockGroup = groups.find((g) => g.provider === "Amazon Bedrock");
+    expect(bedrockGroup!.enabled).toBe(false);
+    expect(bedrockGroup!.disabledReason).toBe("Token expired — run aws sso login");
+  });
+
+  test("pi harness with ready:true → no disabledReason and Bedrock icon key", () => {
+    const liveStatus: LiveBedrockStatus = {
+      ready: true,
+      models: [{ id: "anthropic.claude-sonnet-4-20250514-v1:0", name: "Claude Sonnet 4" }],
+    };
+    const groups = modelGroupsForHarness("pi", configs, envPresence, liveStatus);
+    const bedrockGroup = groups.find((g) => g.provider === "Amazon Bedrock");
+    expect(bedrockGroup!.disabledReason).toBeUndefined();
+    // Bedrock has its own provider icon — it no longer borrows the OpenRouter glyph.
+    expect(bedrockGroup!.models[0]!.providerId).toBe("amazon-bedrock");
+  });
+
+  test("pi harness with live report and empty model list → shows empty list (not snapshot fallback)", () => {
+    // Worker reported successfully but no models were in the intersection.
+    const liveStatus: LiveBedrockStatus = { ready: true, models: [] };
+    const groups = modelGroupsForHarness("pi", configs, envPresence, liveStatus);
+    const bedrockGroup = groups.find((g) => g.provider === "Amazon Bedrock");
+    expect(bedrockGroup!.models).toHaveLength(0);
+  });
+
+  test("opencode harness does NOT get a Bedrock group", () => {
+    const groups = modelGroupsForHarness("opencode", configs, envPresence);
+    const bedrockGroup = groups.find((g) => g.provider === "Amazon Bedrock");
+    expect(bedrockGroup).toBeUndefined();
+  });
+
+  test("claude harness does NOT get a Bedrock group", () => {
+    const groups = modelGroupsForHarness("claude", configs, envPresence);
+    const bedrockGroup = groups.find((g) => g.provider === "Amazon Bedrock");
+    expect(bedrockGroup).toBeUndefined();
+  });
+
+  test("codex harness does NOT get a Bedrock group", () => {
+    const groups = modelGroupsForHarness("codex", configs, envPresence);
+    const bedrockGroup = groups.find((g) => g.provider === "Amazon Bedrock");
+    expect(bedrockGroup).toBeUndefined();
+  });
+
+  test("pi harness still returns openrouter/anthropic/openai snapshot groups alongside Bedrock", () => {
+    const groups = modelGroupsForHarness("pi", configs, envPresence);
+    const providerNames = groups.map((g) => g.provider);
+    expect(providerNames).toContain("OpenRouter");
+    expect(providerNames).toContain("Anthropic");
+    expect(providerNames).toContain("OpenAI");
+    expect(providerNames).toContain("Amazon Bedrock");
+  });
+});