@grackle-ai/server 0.72.0 → 0.72.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auto-reconnect.js +3 -3
- package/dist/auto-reconnect.js.map +1 -1
- package/dist/credential-bundle.d.ts +12 -0
- package/dist/credential-bundle.d.ts.map +1 -0
- package/dist/credential-bundle.js +183 -0
- package/dist/credential-bundle.js.map +1 -0
- package/dist/credential-providers.d.ts +0 -10
- package/dist/credential-providers.d.ts.map +1 -1
- package/dist/credential-providers.js +5 -177
- package/dist/credential-providers.js.map +1 -1
- package/dist/db-seed.d.ts +16 -0
- package/dist/db-seed.d.ts.map +1 -0
- package/dist/db-seed.js +176 -0
- package/dist/db-seed.js.map +1 -0
- package/dist/db.d.ts.map +1 -1
- package/dist/db.js +1 -165
- package/dist/db.js.map +1 -1
- package/dist/finding-store.d.ts +0 -2
- package/dist/finding-store.d.ts.map +1 -1
- package/dist/finding-store.js +0 -23
- package/dist/finding-store.js.map +1 -1
- package/dist/grpc-service.d.ts.map +1 -1
- package/dist/grpc-service.js +10 -7
- package/dist/grpc-service.js.map +1 -1
- package/dist/index.js +20 -12
- package/dist/index.js.map +1 -1
- package/dist/orchestrator-context.js +27 -1
- package/dist/orchestrator-context.js.map +1 -1
- package/dist/task-store.d.ts +24 -1
- package/dist/task-store.d.ts.map +1 -1
- package/dist/task-store.js +43 -20
- package/dist/task-store.js.map +1 -1
- package/dist/{token-broker.d.ts → token-push.d.ts} +3 -27
- package/dist/token-push.d.ts.map +1 -0
- package/dist/{token-broker.js → token-push.js} +25 -71
- package/dist/token-push.js.map +1 -0
- package/dist/token-store.d.ts +25 -0
- package/dist/token-store.d.ts.map +1 -0
- package/dist/token-store.js +58 -0
- package/dist/token-store.js.map +1 -0
- package/dist/ws-bridge.d.ts.map +1 -1
- package/dist/ws-bridge.js +10 -7
- package/dist/ws-bridge.js.map +1 -1
- package/package.json +11 -7
- package/dist/adapters/codespace.d.ts +0 -40
- package/dist/adapters/codespace.d.ts.map +0 -1
- package/dist/adapters/codespace.js +0 -212
- package/dist/adapters/codespace.js.map +0 -1
- package/dist/adapters/docker.d.ts +0 -39
- package/dist/adapters/docker.d.ts.map +0 -1
- package/dist/adapters/docker.js +0 -366
- package/dist/adapters/docker.js.map +0 -1
- package/dist/adapters/local.d.ts +0 -15
- package/dist/adapters/local.d.ts.map +0 -1
- package/dist/adapters/local.js +0 -57
- package/dist/adapters/local.js.map +0 -1
- package/dist/adapters/ssh.d.ts +0 -45
- package/dist/adapters/ssh.d.ts.map +0 -1
- package/dist/adapters/ssh.js +0 -214
- package/dist/adapters/ssh.js.map +0 -1
- package/dist/token-broker.d.ts.map +0 -1
- package/dist/token-broker.js.map +0 -1
package/dist/auto-reconnect.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { reconnectOrProvision } from "@grackle-ai/adapter-sdk";
|
|
2
2
|
import * as envRegistry from "./env-registry.js";
|
|
3
3
|
import * as adapterManager from "./adapter-manager.js";
|
|
4
|
-
import * as
|
|
4
|
+
import * as tokenPush from "./token-push.js";
|
|
5
5
|
import { recoverSuspendedSessions } from "./session-recovery.js";
|
|
6
6
|
import { parseAdapterConfig } from "./adapter-config.js";
|
|
7
7
|
import { emit } from "./event-bus.js";
|
|
@@ -123,10 +123,10 @@ async function tryReconnect(environmentId) {
|
|
|
123
123
|
adapterManager.setConnection(environmentId, conn);
|
|
124
124
|
// Push tokens (local environments exclude file tokens)
|
|
125
125
|
if (env.adapterType === "local") {
|
|
126
|
-
await
|
|
126
|
+
await tokenPush.pushToEnv(environmentId, { excludeFileTokens: true });
|
|
127
127
|
}
|
|
128
128
|
else {
|
|
129
|
-
await
|
|
129
|
+
await tokenPush.pushToEnv(environmentId);
|
|
130
130
|
}
|
|
131
131
|
envRegistry.updateEnvironmentStatus(environmentId, "connected");
|
|
132
132
|
envRegistry.markBootstrapped(environmentId);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auto-reconnect.js","sourceRoot":"","sources":["../src/auto-reconnect.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,yBAAyB,CAAC;AAC/D,OAAO,KAAK,WAAW,MAAM,mBAAmB,CAAC;AACjD,OAAO,KAAK,cAAc,MAAM,sBAAsB,CAAC;AACvD,OAAO,KAAK,
|
|
1
|
+
{"version":3,"file":"auto-reconnect.js","sourceRoot":"","sources":["../src/auto-reconnect.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,yBAAyB,CAAC;AAC/D,OAAO,KAAK,WAAW,MAAM,mBAAmB,CAAC;AACjD,OAAO,KAAK,cAAc,MAAM,sBAAsB,CAAC;AACvD,OAAO,KAAK,SAAS,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC;AACjE,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AACtC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAErC,+DAA+D;AAE/D,mEAAmE;AACnE,MAAM,0BAA0B,GAAW,MAAM,CAAC;AAElD,6DAA6D;AAC7D,MAAM,qBAAqB,GAAW,CAAC,CAAC;AAExC,+DAA+D;AAC/D,MAAM,sBAAsB,GAAW,OAAO,CAAC;AAE/C,0CAA0C;AAC1C,MAAM,4BAA4B,GAAW,CAAC,CAAC;AAY/C,sDAAsD;AACtD,MAAM,eAAe,GAAgC,IAAI,GAAG,EAA0B,CAAC;AAEvF,uEAAuE;AACvE,MAAM,YAAY,GAAgB,IAAI,GAAG,EAAU,CAAC;AAEpD,+DAA+D;AAE/D;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB;IACrC,MAAM,YAAY,GAAG,WAAW,CAAC,gBAAgB,EAAE,CAAC;IACpD,MAAM,YAAY,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,KAAK,cAAc,CAAC,CAAC;IAEjF,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;QAC/B,MAAM,KAAK,GAAG,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAE1C,gFAAgF;QAChF,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE;gBAC1B,QAAQ,EAAE,CAAC;gBACX,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,0BAA0B;aACrD,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QAED,0BAA0B;QAC1B,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;YACnC,SAAS;QACX,CAAC;QAED,wBAAwB;QACxB,IAAI,KAAK,CAAC,QAAQ,IAAI,qBAAqB,EAAE,CAAC;YAC5C,SAAS;QACX,CAAC;QAED,uBAAuB;QACvB,IAAI,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;YAC7B,SAAS;QACX,CAAC;QAED,sCAAsC;QACtC,YAAY,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YACjC,MAAM,CAAC,KAAK,CAAC,EAAE,aAAa,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EAAE,uCAAuC,CAAC,CAAC;QACxF,CAAC,CAAC,CAAC;IACL,CAAC;IAED,kEAAkE;IAClE,KAAK,MAAM,CAAC,KAAK,CAAC,IAAI,eAAe,EAAE,CAAC;QACtC,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,KAAK,CAAC,CAAC;QACrD,IAAI,GAAG,EAAE,MAAM,KAAK,cAAc,EAAE,CAAC;YACnC,eAAe,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAChC,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CAAC,aAAqB;IACvD,eAAe,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;IACtC,kEAAkE;IAClE,kEAAkE;IAClE,+BAA+B;AACjC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,mBAAmB,CAAC,aAAqB;IACvD,eAAe,CAAC,GAAG,CAAC,aAAa,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;AAC/E,CAAC;AAED,uDAAuD;AACvD,MAAM,UAAU,gBAAgB;IAC9B,eAAe,CAAC,KAAK,EAAE,CAAC;IACxB,YAAY,CAAC,KAAK,EAAE,CAAC;AACvB,CAAC;AAED,+DAA+D;AAE/D;;;GAGG;AACH,KAAK,UAAU,YAAY,CAAC,aAAqB;IAC/C,YAAY,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAEhC,IAAI,CAAC;QACH,4DAA4D;QAC5D,MAAM,GAAG,GAAG,WAAW,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC;QACtD,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,eAAe,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;YACtC,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAAG,cAAc,CAAC,UAAU,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC3D,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,CAAC,IAAI,CAAC,EAAE,aAAa,EAAE,WAAW,EAAE,GAAG,CAAC,WAAW,EAAE,EAAE,4CAA4C,CAAC,CAAC;YAC3G,OAAO;QACT,CAAC;QAED,MAAM,CAAC,IAAI,CAAC,EAAE,aAAa,EAAE,WAAW,EAAE,GAAG,CAAC,WAAW,EAAE,EAAE,2BAA2B,CAAC,CAAC;QAC1F,WAAW,CAAC,uBAAuB,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC;QACjE,IAAI,CAAC,qBAAqB,EAAE,EAAE,CAAC,CAAC;QAEhC,MAAM,MAAM,GAAG,kBAAkB,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QACrD,MAAM,CAAC,cAAc,GAAG,GAAG,CAAC,cAAc,CAAC;QAC3C,MAAM,cAAc,GAAG,GAAG,CAAC,cAAc,CAAC;QAE1C,wFAAwF;QACxF,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,oBAAoB,CAC5C,aAAa,EACb,OAAO,EACP,MAAM,EACN,cAAc,EACd,CAAC,CAAC,GAAG,CAAC,YAAY,CACnB,EAAE,CAAC;YACF,MAAM,CAAC,KAAK,CAAC,EAAE,aAAa,EAAE,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,EAAE,oBAAoB,CAAC,CAAC;QACpG,CAAC;QAED,4BAA4B;QAC5B,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,OAAO,CAAC,aAAa,EAAE,MAAM,EAAE,cAAc,CAAC,CAAC;QAC1E,cAAc,CAAC,aAAa,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;QAElD,uDAAuD;QACvD,IAAI,GAAG,CAAC,WAAW,KAAK,OAAO,EAAE,CAAC;YAChC,MAAM,SAAS,CAAC,SAAS,CAAC,aAAa,EAAE,EAAE,iBAAiB,EAAE,IAAI,EAAE,CAAC,CAAC;QACxE,CAAC;aAAM,CAAC;YACN,MAAM,SAAS,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;QAC3C,CAAC;QAED,WAAW,CAAC,uBAAuB,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC;QAChE,WAAW,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC;QAC5C,IAAI,CAAC,qBAAqB,EAAE,EAAE,CAAC,CAAC;QAEhC,oDAAoD;QACpD,wBAAwB,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YAC1D,MAAM,CAAC,KAAK,CAAC,EAAE,aAAa,EAAE,GAAG,EAAE,EAAE,8CAA8C,CAAC,CAAC;QACvF,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,IAAI,CAAC,EAAE,aAAa,EAAE,EAAE,2BAA2B,CAAC,CAAC;QAC5D,eAAe,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;IAExC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,uEAAuE;QACvE,cAAc,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC;QAE/C,MAAM,KAAK,GAAG,eAAe,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC;QACpF,KAAK,CAAC,QAAQ,EAAE,CAAC;QAEjB,IAAI,KAAK,CAAC,QAAQ,IAAI,qBAAqB,EAAE,CAAC;YAC5C,MAAM,CAAC,KAAK,CACV,EAAE,aAAa,EAAE,QAAQ,EAAE,KAAK,CAAC,QAAQ,EAAE,GAAG,EAAE,EAChD,kDAAkD,CACnD,CAAC;YACF,WAAW,CAAC,uBAAuB,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;YAC5D,IAAI,CAAC,qBAAqB,EAAE,EAAE,CAAC,CAAC;QAClC,CAAC;aAAM,CAAC;YACN,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CACpB,0BAA0B,GAAG,IAAI,CAAC,GAAG,CAAC,4BAA4B,EAAE,KAAK,CAAC,QAAQ,CAAC,EACnF,sBAAsB,CACvB,CAAC;YACF,KAAK,CAAC,WAAW,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;YACvC,eAAe,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;YAE1C,MAAM,CAAC,IAAI,CACT,EAAE,aAAa,EAAE,QAAQ,EAAE,KAAK,CAAC,QAAQ,EAAE,aAAa,EAAE,KAAK,EAAE,GAAG,EAAE,EACtE,oCAAoC,CACrC,CAAC;YACF,WAAW,CAAC,uBAAuB,CAAC,aAAa,EAAE,cAAc,CAAC,CAAC;YACnE,IAAI,CAAC,qBAAqB,EAAE,EAAE,CAAC,CAAC;QAClC,CAAC;IACH,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;IACrC,CAAC;AACH,CAAC"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { powerline } from "@grackle-ai/common";
|
|
2
|
+
import { type DatabaseInstance } from "./credential-providers.js";
|
|
3
|
+
/**
|
|
4
|
+
* Build a token bundle containing enabled provider credentials.
|
|
5
|
+
* When `runtime` is a known {@link RuntimeName}, only providers mapped to that runtime are included.
|
|
6
|
+
* When `runtime` is omitted, all enabled providers are included.
|
|
7
|
+
* When `runtime` is provided but not a recognized {@link RuntimeName}, no providers are included
|
|
8
|
+
* (fails safe rather than exposing all credentials for an unrecognized runtime).
|
|
9
|
+
* Reads values fresh from `process.env` or disk at call time.
|
|
10
|
+
*/
|
|
11
|
+
export declare function buildProviderTokenBundle(runtime?: string, database?: DatabaseInstance): powerline.TokenBundle;
|
|
12
|
+
//# sourceMappingURL=credential-bundle.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"credential-bundle.d.ts","sourceRoot":"","sources":["../src/credential-bundle.ts"],"names":[],"mappings":"AAYA,OAAO,EAAE,SAAS,EAAoB,MAAM,oBAAoB,CAAC;AACjE,OAAO,EAAyD,KAAK,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAezH;;;;;;;GAOG;AACH,wBAAgB,wBAAwB,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,gBAAgB,GAAG,SAAS,CAAC,WAAW,CA0K7G"}
|
|
@@ -0,0 +1,183 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Builds token bundles from enabled credential providers by reading
|
|
3
|
+
* `process.env` and credential files from disk.
|
|
4
|
+
*
|
|
5
|
+
* Separated from {@link ./credential-providers.ts} (persistence layer) and
|
|
6
|
+
* {@link ./token-push.ts} (network orchestration) to keep each module
|
|
7
|
+
* focused on a single concern.
|
|
8
|
+
*/
|
|
9
|
+
import { existsSync, readFileSync } from "node:fs";
|
|
10
|
+
import { homedir } from "node:os";
|
|
11
|
+
import { join } from "node:path";
|
|
12
|
+
import { create } from "@bufbuild/protobuf";
|
|
13
|
+
import { powerline } from "@grackle-ai/common";
|
|
14
|
+
import { getCredentialProviders } from "./credential-providers.js";
|
|
15
|
+
/** Maps each runtime to the credential providers it needs. */
|
|
16
|
+
const RUNTIME_PROVIDERS = {
|
|
17
|
+
"claude-code": ["claude", "github"],
|
|
18
|
+
"copilot": ["copilot", "github"],
|
|
19
|
+
"codex": ["codex", "github"],
|
|
20
|
+
"goose": ["goose", "github"],
|
|
21
|
+
"stub": [],
|
|
22
|
+
// ACP runtimes (experimental) — auth via ACP authenticate method, not credential files
|
|
23
|
+
"claude-code-acp": ["claude", "github"],
|
|
24
|
+
"codex-acp": ["codex", "github"],
|
|
25
|
+
"copilot-acp": ["copilot", "github"],
|
|
26
|
+
};
|
|
27
|
+
/**
|
|
28
|
+
* Build a token bundle containing enabled provider credentials.
|
|
29
|
+
* When `runtime` is a known {@link RuntimeName}, only providers mapped to that runtime are included.
|
|
30
|
+
* When `runtime` is omitted, all enabled providers are included.
|
|
31
|
+
* When `runtime` is provided but not a recognized {@link RuntimeName}, no providers are included
|
|
32
|
+
* (fails safe rather than exposing all credentials for an unrecognized runtime).
|
|
33
|
+
* Reads values fresh from `process.env` or disk at call time.
|
|
34
|
+
*/
|
|
35
|
+
export function buildProviderTokenBundle(runtime, database) {
|
|
36
|
+
const config = getCredentialProviders(database);
|
|
37
|
+
// When runtime is given, look it up in the map. Unknown runtimes get [] (empty, not all providers).
|
|
38
|
+
const runtimeProviders = runtime !== undefined
|
|
39
|
+
? (Object.hasOwn(RUNTIME_PROVIDERS, runtime) ? RUNTIME_PROVIDERS[runtime] : [])
|
|
40
|
+
: undefined;
|
|
41
|
+
const allowedProviders = runtimeProviders !== undefined
|
|
42
|
+
? new Set(runtimeProviders)
|
|
43
|
+
: undefined;
|
|
44
|
+
const items = [];
|
|
45
|
+
// Claude provider
|
|
46
|
+
if ((!allowedProviders || allowedProviders.has("claude")) && config.claude === "subscription") {
|
|
47
|
+
const credentialsPath = join(homedir(), ".claude", ".credentials.json");
|
|
48
|
+
if (existsSync(credentialsPath)) {
|
|
49
|
+
const value = readFileSync(credentialsPath, "utf-8");
|
|
50
|
+
if (value.trim()) {
|
|
51
|
+
items.push(create(powerline.TokenItemSchema, {
|
|
52
|
+
name: "claude-credentials",
|
|
53
|
+
type: "file",
|
|
54
|
+
filePath: "~/.claude/.credentials.json",
|
|
55
|
+
value,
|
|
56
|
+
}));
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
}
|
|
60
|
+
else if ((!allowedProviders || allowedProviders.has("claude")) && config.claude === "api_key") {
|
|
61
|
+
const apiKey = process.env.ANTHROPIC_API_KEY;
|
|
62
|
+
if (apiKey) {
|
|
63
|
+
items.push(create(powerline.TokenItemSchema, {
|
|
64
|
+
name: "anthropic-api-key",
|
|
65
|
+
type: "env_var",
|
|
66
|
+
envVar: "ANTHROPIC_API_KEY",
|
|
67
|
+
value: apiKey,
|
|
68
|
+
}));
|
|
69
|
+
}
|
|
70
|
+
}
|
|
71
|
+
// GitHub provider
|
|
72
|
+
if ((!allowedProviders || allowedProviders.has("github")) && config.github === "on") {
|
|
73
|
+
for (const varName of ["GITHUB_TOKEN", "GH_TOKEN"]) {
|
|
74
|
+
const value = process.env[varName];
|
|
75
|
+
if (value) {
|
|
76
|
+
items.push(create(powerline.TokenItemSchema, {
|
|
77
|
+
name: varName.toLowerCase().replace(/_/g, "-"),
|
|
78
|
+
type: "env_var",
|
|
79
|
+
envVar: varName,
|
|
80
|
+
value,
|
|
81
|
+
}));
|
|
82
|
+
}
|
|
83
|
+
}
|
|
84
|
+
}
|
|
85
|
+
// Copilot provider — push the config file so the SDK's useLoggedInUser path works.
|
|
86
|
+
// Also forward env vars for explicit token / BYOK scenarios.
|
|
87
|
+
if ((!allowedProviders || allowedProviders.has("copilot")) && config.copilot === "on") {
|
|
88
|
+
const copilotConfigPath = join(homedir(), ".copilot", "config.json");
|
|
89
|
+
if (existsSync(copilotConfigPath)) {
|
|
90
|
+
const value = readFileSync(copilotConfigPath, "utf-8");
|
|
91
|
+
if (value.trim()) {
|
|
92
|
+
items.push(create(powerline.TokenItemSchema, {
|
|
93
|
+
name: "copilot-config",
|
|
94
|
+
type: "file",
|
|
95
|
+
filePath: "~/.copilot/config.json",
|
|
96
|
+
value,
|
|
97
|
+
}));
|
|
98
|
+
}
|
|
99
|
+
}
|
|
100
|
+
for (const varName of [
|
|
101
|
+
"COPILOT_GITHUB_TOKEN",
|
|
102
|
+
"COPILOT_CLI_URL",
|
|
103
|
+
"COPILOT_CLI_PATH",
|
|
104
|
+
"COPILOT_PROVIDER_CONFIG",
|
|
105
|
+
]) {
|
|
106
|
+
const value = process.env[varName];
|
|
107
|
+
if (value) {
|
|
108
|
+
items.push(create(powerline.TokenItemSchema, {
|
|
109
|
+
name: varName.toLowerCase().replace(/_/g, "-"),
|
|
110
|
+
type: "env_var",
|
|
111
|
+
envVar: varName,
|
|
112
|
+
value,
|
|
113
|
+
}));
|
|
114
|
+
}
|
|
115
|
+
}
|
|
116
|
+
}
|
|
117
|
+
// Codex provider — push the auth file so the SDK's ChatGPT auth path works.
|
|
118
|
+
// Also forward OPENAI_API_KEY env var for API-key scenarios.
|
|
119
|
+
if ((!allowedProviders || allowedProviders.has("codex")) && config.codex === "on") {
|
|
120
|
+
const codexAuthPath = join(homedir(), ".codex", "auth.json");
|
|
121
|
+
if (existsSync(codexAuthPath)) {
|
|
122
|
+
const value = readFileSync(codexAuthPath, "utf-8");
|
|
123
|
+
if (value.trim()) {
|
|
124
|
+
items.push(create(powerline.TokenItemSchema, {
|
|
125
|
+
name: "codex-auth",
|
|
126
|
+
type: "file",
|
|
127
|
+
filePath: "~/.codex/auth.json",
|
|
128
|
+
value,
|
|
129
|
+
}));
|
|
130
|
+
}
|
|
131
|
+
}
|
|
132
|
+
const openaiKey = process.env.OPENAI_API_KEY;
|
|
133
|
+
if (openaiKey) {
|
|
134
|
+
items.push(create(powerline.TokenItemSchema, {
|
|
135
|
+
name: "openai-api-key",
|
|
136
|
+
type: "env_var",
|
|
137
|
+
envVar: "OPENAI_API_KEY",
|
|
138
|
+
value: openaiKey,
|
|
139
|
+
}));
|
|
140
|
+
}
|
|
141
|
+
}
|
|
142
|
+
// Goose provider — forward config file and provider-related env vars.
|
|
143
|
+
// Goose is provider-agnostic so we forward whichever API keys are available.
|
|
144
|
+
if ((!allowedProviders || allowedProviders.has("goose")) && config.goose === "on") {
|
|
145
|
+
const isWindows = process.platform === "win32";
|
|
146
|
+
const gooseConfigPath = isWindows
|
|
147
|
+
? join(process.env.APPDATA || join(homedir(), "AppData", "Roaming"), "Block", "goose", "config", "config.yaml")
|
|
148
|
+
: join(homedir(), ".config", "goose", "config.yaml");
|
|
149
|
+
const gooseConfigFilePath = isWindows
|
|
150
|
+
? "%APPDATA%/Block/goose/config/config.yaml"
|
|
151
|
+
: "~/.config/goose/config.yaml";
|
|
152
|
+
if (existsSync(gooseConfigPath)) {
|
|
153
|
+
const value = readFileSync(gooseConfigPath, "utf-8");
|
|
154
|
+
if (value.trim()) {
|
|
155
|
+
items.push(create(powerline.TokenItemSchema, {
|
|
156
|
+
name: "goose-config",
|
|
157
|
+
type: "file",
|
|
158
|
+
filePath: gooseConfigFilePath,
|
|
159
|
+
value,
|
|
160
|
+
}));
|
|
161
|
+
}
|
|
162
|
+
}
|
|
163
|
+
for (const varName of [
|
|
164
|
+
"GOOSE_PROVIDER",
|
|
165
|
+
"GOOSE_MODEL",
|
|
166
|
+
"ANTHROPIC_API_KEY",
|
|
167
|
+
"OPENAI_API_KEY",
|
|
168
|
+
"GOOGLE_API_KEY",
|
|
169
|
+
]) {
|
|
170
|
+
const value = process.env[varName];
|
|
171
|
+
if (value) {
|
|
172
|
+
items.push(create(powerline.TokenItemSchema, {
|
|
173
|
+
name: varName.toLowerCase().replace(/_/g, "-"),
|
|
174
|
+
type: "env_var",
|
|
175
|
+
envVar: varName,
|
|
176
|
+
value,
|
|
177
|
+
}));
|
|
178
|
+
}
|
|
179
|
+
}
|
|
180
|
+
}
|
|
181
|
+
return create(powerline.TokenBundleSchema, { tokens: items });
|
|
182
|
+
}
|
|
183
|
+
//# sourceMappingURL=credential-bundle.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"credential-bundle.js","sourceRoot":"","sources":["../src/credential-bundle.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAoB,MAAM,oBAAoB,CAAC;AACjE,OAAO,EAAE,sBAAsB,EAAwD,MAAM,2BAA2B,CAAC;AAEzH,8DAA8D;AAC9D,MAAM,iBAAiB,GAAuD;IAC5E,aAAa,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC;IACnC,SAAS,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC;IAChC,OAAO,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC;IAC5B,OAAO,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC;IAC5B,MAAM,EAAE,EAAE;IACV,uFAAuF;IACvF,iBAAiB,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC;IACvC,WAAW,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC;IAChC,aAAa,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC;CACrC,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,UAAU,wBAAwB,CAAC,OAAgB,EAAE,QAA2B;IACpF,MAAM,MAAM,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC;IAChD,oGAAoG;IACpG,MAAM,gBAAgB,GAAG,OAAO,KAAK,SAAS;QAC5C,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,iBAAiB,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,iBAAiB,CAAC,OAAsB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC9F,CAAC,CAAC,SAAS,CAAC;IACd,MAAM,gBAAgB,GAAG,gBAAgB,KAAK,SAAS;QACrD,CAAC,CAAC,IAAI,GAAG,CAAC,gBAAgB,CAAC;QAC3B,CAAC,CAAC,SAAS,CAAC;IACd,MAAM,KAAK,GAA0B,EAAE,CAAC;IAExC,kBAAkB;IAClB,IAAI,CAAC,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,cAAc,EAAE,CAAC;QAC9F,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,mBAAmB,CAAC,CAAC;QACxE,IAAI,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;YAChC,MAAM,KAAK,GAAG,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;YACrD,IAAI,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;gBACjB,KAAK,CAAC,IAAI,CACR,MAAM,CAAC,SAAS,CAAC,eAAe,EAAE;oBAChC,IAAI,EAAE,oBAAoB;oBAC1B,IAAI,EAAE,MAAM;oBACZ,QAAQ,EAAE,6BAA6B;oBACvC,KAAK;iBACN,CAAC,CACH,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;SAAM,IAAI,CAAC,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;QAChG,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;QAC7C,IAAI,MAAM,EAAE,CAAC;YACX,KAAK,CAAC,IAAI,CACR,MAAM,CAAC,SAAS,CAAC,eAAe,EAAE;gBAChC,IAAI,EAAE,mBAAmB;gBACzB,IAAI,EAAE,SAAS;gBACf,MAAM,EAAE,mBAAmB;gBAC3B,KAAK,EAAE,MAAM;aACd,CAAC,CACH,CAAC;QACJ,CAAC;IACH,CAAC;IAED,kBAAkB;IAClB,IAAI,CAAC,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,IAAI,EAAE,CAAC;QACpF,KAAK,MAAM,OAAO,IAAI,CAAC,cAAc,EAAE,UAAU,CAAC,EAAE,CAAC;YACnD,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YACnC,IAAI,KAAK,EAAE,CAAC;gBACV,KAAK,CAAC,IAAI,CACR,MAAM,CAAC,SAAS,CAAC,eAAe,EAAE;oBAChC,IAAI,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC;oBAC9C,IAAI,EAAE,SAAS;oBACf,MAAM,EAAE,OAAO;oBACf,KAAK;iBACN,CAAC,CACH,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,mFAAmF;IACnF,6DAA6D;IAC7D,IAAI,CAAC,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;QACtF,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC;QACrE,IAAI,UAAU,CAAC,iBAAiB,CAAC,EAAE,CAAC;YAClC,MAAM,KAAK,GAAG,YAAY,CAAC,iBAAiB,EAAE,OAAO,CAAC,CAAC;YACvD,IAAI,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;gBACjB,KAAK,CAAC,IAAI,CACR,MAAM,CAAC,SAAS,CAAC,eAAe,EAAE;oBAChC,IAAI,EAAE,gBAAgB;oBACtB,IAAI,EAAE,MAAM;oBACZ,QAAQ,EAAE,wBAAwB;oBAClC,KAAK;iBACN,CAAC,CACH,CAAC;YACJ,CAAC;QACH,CAAC;QACD,KAAK,MAAM,OAAO,IAAI;YACpB,sBAAsB;YACtB,iBAAiB;YACjB,kBAAkB;YAClB,yBAAyB;SAC1B,EAAE,CAAC;YACF,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YACnC,IAAI,KAAK,EAAE,CAAC;gBACV,KAAK,CAAC,IAAI,CACR,MAAM,CAAC,SAAS,CAAC,eAAe,EAAE;oBAChC,IAAI,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC;oBAC9C,IAAI,EAAE,SAAS;oBACf,MAAM,EAAE,OAAO;oBACf,KAAK;iBACN,CAAC,CACH,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,4EAA4E;IAC5E,6DAA6D;IAC7D,IAAI,CAAC,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,IAAI,MAAM,CAAC,KAAK,KAAK,IAAI,EAAE,CAAC;QAClF,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,QAAQ,EAAE,WAAW,CAAC,CAAC;QAC7D,IAAI,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;YAC9B,MAAM,KAAK,GAAG,YAAY,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;YACnD,IAAI,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;gBACjB,KAAK,CAAC,IAAI,CACR,MAAM,CAAC,SAAS,CAAC,eAAe,EAAE;oBAChC,IAAI,EAAE,YAAY;oBAClB,IAAI,EAAE,MAAM;oBACZ,QAAQ,EAAE,oBAAoB;oBAC9B,KAAK;iBACN,CAAC,CACH,CAAC;YACJ,CAAC;QACH,CAAC;QACD,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC;QAC7C,IAAI,SAAS,EAAE,CAAC;YACd,KAAK,CAAC,IAAI,CACR,MAAM,CAAC,SAAS,CAAC,eAAe,EAAE;gBAChC,IAAI,EAAE,gBAAgB;gBACtB,IAAI,EAAE,SAAS;gBACf,MAAM,EAAE,gBAAgB;gBACxB,KAAK,EAAE,SAAS;aACjB,CAAC,CACH,CAAC;QACJ,CAAC;IACH,CAAC;IAED,sEAAsE;IACtE,6EAA6E;IAC7E,IAAI,CAAC,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,IAAI,MAAM,CAAC,KAAK,KAAK,IAAI,EAAE,CAAC;QAClF,MAAM,SAAS,GAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC;QAC/C,MAAM,eAAe,GAAG,SAAS;YAC/B,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,SAAS,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,aAAa,CAAC;YAC/G,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,OAAO,EAAE,aAAa,CAAC,CAAC;QACvD,MAAM,mBAAmB,GAAG,SAAS;YACnC,CAAC,CAAC,0CAA0C;YAC5C,CAAC,CAAC,6BAA6B,CAAC;QAClC,IAAI,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;YAChC,MAAM,KAAK,GAAG,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;YACrD,IAAI,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;gBACjB,KAAK,CAAC,IAAI,CACR,MAAM,CAAC,SAAS,CAAC,eAAe,EAAE;oBAChC,IAAI,EAAE,cAAc;oBACpB,IAAI,EAAE,MAAM;oBACZ,QAAQ,EAAE,mBAAmB;oBAC7B,KAAK;iBACN,CAAC,CACH,CAAC;YACJ,CAAC;QACH,CAAC;QACD,KAAK,MAAM,OAAO,IAAI;YACpB,gBAAgB;YAChB,aAAa;YACb,mBAAmB;YACnB,gBAAgB;YAChB,gBAAgB;SACjB,EAAE,CAAC;YACF,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YACnC,IAAI,KAAK,EAAE,CAAC;gBACV,KAAK,CAAC,IAAI,CACR,MAAM,CAAC,SAAS,CAAC,eAAe,EAAE;oBAChC,IAAI,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC;oBAC9C,IAAI,EAAE,SAAS;oBACf,MAAM,EAAE,OAAO;oBACf,KAAK;iBACN,CAAC,CACH,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC,SAAS,CAAC,iBAAiB,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;AAChE,CAAC"}
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
import type { BetterSQLite3Database } from "drizzle-orm/better-sqlite3";
|
|
2
|
-
import { powerline } from "@grackle-ai/common";
|
|
3
2
|
import * as schema from "./schema.js";
|
|
4
3
|
/** Configuration for which credential providers are enabled. */
|
|
5
4
|
export interface CredentialProviderConfig {
|
|
@@ -39,13 +38,4 @@ export declare function isValidCredentialProviderConfig(value: unknown): value i
|
|
|
39
38
|
* @param database - Optional Drizzle instance; defaults to the module-level db.
|
|
40
39
|
*/
|
|
41
40
|
export declare function setCredentialProviders(config: CredentialProviderConfig, database?: DatabaseInstance): void;
|
|
42
|
-
/**
|
|
43
|
-
* Build a token bundle containing enabled provider credentials.
|
|
44
|
-
* When `runtime` is a known {@link RuntimeName}, only providers mapped to that runtime are included.
|
|
45
|
-
* When `runtime` is omitted, all enabled providers are included.
|
|
46
|
-
* When `runtime` is provided but not a recognized {@link RuntimeName}, no providers are included
|
|
47
|
-
* (fails safe rather than exposing all credentials for an unrecognized runtime).
|
|
48
|
-
* Reads values fresh from `process.env` or disk at call time.
|
|
49
|
-
*/
|
|
50
|
-
export declare function buildProviderTokenBundle(runtime?: string, database?: DatabaseInstance): powerline.TokenBundle;
|
|
51
41
|
//# sourceMappingURL=credential-providers.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"credential-providers.d.ts","sourceRoot":"","sources":["../src/credential-providers.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"credential-providers.d.ts","sourceRoot":"","sources":["../src/credential-providers.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AAExE,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AAKtC,gEAAgE;AAChE,MAAM,WAAW,wBAAwB;IACvC,MAAM,EAAE,KAAK,GAAG,cAAc,GAAG,SAAS,CAAC;IAC3C,MAAM,EAAE,KAAK,GAAG,IAAI,CAAC;IACrB,OAAO,EAAE,KAAK,GAAG,IAAI,CAAC;IACtB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IACpB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;CACrB;AAcD,4BAA4B;AAC5B,eAAO,MAAM,eAAe,EAAE,SAAS,MAAM,EAAsD,CAAC;AAEpG,4CAA4C;AAC5C,eAAO,MAAM,mBAAmB,EAAE,WAAW,CAAC,MAAM,CAA+C,CAAC;AAEpG,wEAAwE;AACxE,eAAO,MAAM,mBAAmB,EAAE,WAAW,CAAC,MAAM,CAA0B,CAAC;AAE/E,4EAA4E;AAC5E,MAAM,MAAM,gBAAgB,GAAG,qBAAqB,CAAC,OAAO,MAAM,CAAC,CAAC;AAIpE;;;;;GAKG;AACH,wBAAgB,6BAA6B,CAAC,OAAO,EAAE,MAAM,GAAG,wBAAwB,CAUvF;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,QAAQ,CAAC,EAAE,gBAAgB,GAAG,wBAAwB,CAkB5F;AAED;;;GAGG;AACH,wBAAgB,+BAA+B,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,wBAAwB,CAYjG;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,wBAAwB,EAAE,QAAQ,CAAC,EAAE,gBAAgB,GAAG,IAAI,CAU1G"}
|
|
@@ -1,13 +1,11 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* Configurable credential providers — manages which
|
|
3
|
-
*
|
|
2
|
+
* Configurable credential providers — manages which credential providers
|
|
3
|
+
* are enabled and persists the configuration to the database.
|
|
4
|
+
*
|
|
5
|
+
* The token bundle builder that reads `process.env` / disk lives in
|
|
6
|
+
* {@link ./credential-bundle.ts} to keep this module a pure persistence layer.
|
|
4
7
|
*/
|
|
5
8
|
import { eq } from "drizzle-orm";
|
|
6
|
-
import { existsSync, readFileSync } from "node:fs";
|
|
7
|
-
import { homedir } from "node:os";
|
|
8
|
-
import { join } from "node:path";
|
|
9
|
-
import { create } from "@bufbuild/protobuf";
|
|
10
|
-
import { powerline } from "@grackle-ai/common";
|
|
11
9
|
import db from "./db.js";
|
|
12
10
|
import * as schema from "./schema.js";
|
|
13
11
|
import { logger } from "./logger.js";
|
|
@@ -97,174 +95,4 @@ export function setCredentialProviders(config, database) {
|
|
|
97
95
|
})
|
|
98
96
|
.run();
|
|
99
97
|
}
|
|
100
|
-
// ─── Runtime → Provider Mapping ────────────────────────────
|
|
101
|
-
/** Maps each runtime to the credential providers it needs. */
|
|
102
|
-
const RUNTIME_PROVIDERS = {
|
|
103
|
-
"claude-code": ["claude", "github"],
|
|
104
|
-
"copilot": ["copilot", "github"],
|
|
105
|
-
"codex": ["codex", "github"],
|
|
106
|
-
"goose": ["goose", "github"],
|
|
107
|
-
"stub": [],
|
|
108
|
-
// ACP runtimes (experimental) — auth via ACP authenticate method, not credential files
|
|
109
|
-
"claude-code-acp": ["claude", "github"],
|
|
110
|
-
"codex-acp": ["codex", "github"],
|
|
111
|
-
"copilot-acp": ["copilot", "github"],
|
|
112
|
-
};
|
|
113
|
-
// ─── Token Bundle Builder ──────────────────────────────────
|
|
114
|
-
/**
|
|
115
|
-
* Build a token bundle containing enabled provider credentials.
|
|
116
|
-
* When `runtime` is a known {@link RuntimeName}, only providers mapped to that runtime are included.
|
|
117
|
-
* When `runtime` is omitted, all enabled providers are included.
|
|
118
|
-
* When `runtime` is provided but not a recognized {@link RuntimeName}, no providers are included
|
|
119
|
-
* (fails safe rather than exposing all credentials for an unrecognized runtime).
|
|
120
|
-
* Reads values fresh from `process.env` or disk at call time.
|
|
121
|
-
*/
|
|
122
|
-
export function buildProviderTokenBundle(runtime, database) {
|
|
123
|
-
const config = getCredentialProviders(database);
|
|
124
|
-
// When runtime is given, look it up in the map. Unknown runtimes get [] (empty, not all providers).
|
|
125
|
-
const runtimeProviders = runtime !== undefined
|
|
126
|
-
? (Object.hasOwn(RUNTIME_PROVIDERS, runtime) ? RUNTIME_PROVIDERS[runtime] : [])
|
|
127
|
-
: undefined;
|
|
128
|
-
const allowedProviders = runtimeProviders !== undefined
|
|
129
|
-
? new Set(runtimeProviders)
|
|
130
|
-
: undefined;
|
|
131
|
-
const items = [];
|
|
132
|
-
// Claude provider
|
|
133
|
-
if ((!allowedProviders || allowedProviders.has("claude")) && config.claude === "subscription") {
|
|
134
|
-
const credentialsPath = join(homedir(), ".claude", ".credentials.json");
|
|
135
|
-
if (existsSync(credentialsPath)) {
|
|
136
|
-
const value = readFileSync(credentialsPath, "utf-8");
|
|
137
|
-
if (value.trim()) {
|
|
138
|
-
items.push(create(powerline.TokenItemSchema, {
|
|
139
|
-
name: "claude-credentials",
|
|
140
|
-
type: "file",
|
|
141
|
-
filePath: "~/.claude/.credentials.json",
|
|
142
|
-
value,
|
|
143
|
-
}));
|
|
144
|
-
}
|
|
145
|
-
}
|
|
146
|
-
}
|
|
147
|
-
else if ((!allowedProviders || allowedProviders.has("claude")) && config.claude === "api_key") {
|
|
148
|
-
const apiKey = process.env.ANTHROPIC_API_KEY;
|
|
149
|
-
if (apiKey) {
|
|
150
|
-
items.push(create(powerline.TokenItemSchema, {
|
|
151
|
-
name: "anthropic-api-key",
|
|
152
|
-
type: "env_var",
|
|
153
|
-
envVar: "ANTHROPIC_API_KEY",
|
|
154
|
-
value: apiKey,
|
|
155
|
-
}));
|
|
156
|
-
}
|
|
157
|
-
}
|
|
158
|
-
// GitHub provider
|
|
159
|
-
if ((!allowedProviders || allowedProviders.has("github")) && config.github === "on") {
|
|
160
|
-
for (const varName of ["GITHUB_TOKEN", "GH_TOKEN"]) {
|
|
161
|
-
const value = process.env[varName];
|
|
162
|
-
if (value) {
|
|
163
|
-
items.push(create(powerline.TokenItemSchema, {
|
|
164
|
-
name: varName.toLowerCase().replace(/_/g, "-"),
|
|
165
|
-
type: "env_var",
|
|
166
|
-
envVar: varName,
|
|
167
|
-
value,
|
|
168
|
-
}));
|
|
169
|
-
}
|
|
170
|
-
}
|
|
171
|
-
}
|
|
172
|
-
// Copilot provider — push the config file so the SDK's useLoggedInUser path works.
|
|
173
|
-
// Also forward env vars for explicit token / BYOK scenarios.
|
|
174
|
-
if ((!allowedProviders || allowedProviders.has("copilot")) && config.copilot === "on") {
|
|
175
|
-
const copilotConfigPath = join(homedir(), ".copilot", "config.json");
|
|
176
|
-
if (existsSync(copilotConfigPath)) {
|
|
177
|
-
const value = readFileSync(copilotConfigPath, "utf-8");
|
|
178
|
-
if (value.trim()) {
|
|
179
|
-
items.push(create(powerline.TokenItemSchema, {
|
|
180
|
-
name: "copilot-config",
|
|
181
|
-
type: "file",
|
|
182
|
-
filePath: "~/.copilot/config.json",
|
|
183
|
-
value,
|
|
184
|
-
}));
|
|
185
|
-
}
|
|
186
|
-
}
|
|
187
|
-
for (const varName of [
|
|
188
|
-
"COPILOT_GITHUB_TOKEN",
|
|
189
|
-
"COPILOT_CLI_URL",
|
|
190
|
-
"COPILOT_CLI_PATH",
|
|
191
|
-
"COPILOT_PROVIDER_CONFIG",
|
|
192
|
-
]) {
|
|
193
|
-
const value = process.env[varName];
|
|
194
|
-
if (value) {
|
|
195
|
-
items.push(create(powerline.TokenItemSchema, {
|
|
196
|
-
name: varName.toLowerCase().replace(/_/g, "-"),
|
|
197
|
-
type: "env_var",
|
|
198
|
-
envVar: varName,
|
|
199
|
-
value,
|
|
200
|
-
}));
|
|
201
|
-
}
|
|
202
|
-
}
|
|
203
|
-
}
|
|
204
|
-
// Codex provider — push the auth file so the SDK's ChatGPT auth path works.
|
|
205
|
-
// Also forward OPENAI_API_KEY env var for API-key scenarios.
|
|
206
|
-
if ((!allowedProviders || allowedProviders.has("codex")) && config.codex === "on") {
|
|
207
|
-
const codexAuthPath = join(homedir(), ".codex", "auth.json");
|
|
208
|
-
if (existsSync(codexAuthPath)) {
|
|
209
|
-
const value = readFileSync(codexAuthPath, "utf-8");
|
|
210
|
-
if (value.trim()) {
|
|
211
|
-
items.push(create(powerline.TokenItemSchema, {
|
|
212
|
-
name: "codex-auth",
|
|
213
|
-
type: "file",
|
|
214
|
-
filePath: "~/.codex/auth.json",
|
|
215
|
-
value,
|
|
216
|
-
}));
|
|
217
|
-
}
|
|
218
|
-
}
|
|
219
|
-
const openaiKey = process.env.OPENAI_API_KEY;
|
|
220
|
-
if (openaiKey) {
|
|
221
|
-
items.push(create(powerline.TokenItemSchema, {
|
|
222
|
-
name: "openai-api-key",
|
|
223
|
-
type: "env_var",
|
|
224
|
-
envVar: "OPENAI_API_KEY",
|
|
225
|
-
value: openaiKey,
|
|
226
|
-
}));
|
|
227
|
-
}
|
|
228
|
-
}
|
|
229
|
-
// Goose provider — forward config file and provider-related env vars.
|
|
230
|
-
// Goose is provider-agnostic so we forward whichever API keys are available.
|
|
231
|
-
if ((!allowedProviders || allowedProviders.has("goose")) && config.goose === "on") {
|
|
232
|
-
const isWindows = process.platform === "win32";
|
|
233
|
-
const gooseConfigPath = isWindows
|
|
234
|
-
? join(process.env.APPDATA || join(homedir(), "AppData", "Roaming"), "Block", "goose", "config", "config.yaml")
|
|
235
|
-
: join(homedir(), ".config", "goose", "config.yaml");
|
|
236
|
-
const gooseConfigFilePath = isWindows
|
|
237
|
-
? "%APPDATA%/Block/goose/config/config.yaml"
|
|
238
|
-
: "~/.config/goose/config.yaml";
|
|
239
|
-
if (existsSync(gooseConfigPath)) {
|
|
240
|
-
const value = readFileSync(gooseConfigPath, "utf-8");
|
|
241
|
-
if (value.trim()) {
|
|
242
|
-
items.push(create(powerline.TokenItemSchema, {
|
|
243
|
-
name: "goose-config",
|
|
244
|
-
type: "file",
|
|
245
|
-
filePath: gooseConfigFilePath,
|
|
246
|
-
value,
|
|
247
|
-
}));
|
|
248
|
-
}
|
|
249
|
-
}
|
|
250
|
-
for (const varName of [
|
|
251
|
-
"GOOSE_PROVIDER",
|
|
252
|
-
"GOOSE_MODEL",
|
|
253
|
-
"ANTHROPIC_API_KEY",
|
|
254
|
-
"OPENAI_API_KEY",
|
|
255
|
-
"GOOGLE_API_KEY",
|
|
256
|
-
]) {
|
|
257
|
-
const value = process.env[varName];
|
|
258
|
-
if (value) {
|
|
259
|
-
items.push(create(powerline.TokenItemSchema, {
|
|
260
|
-
name: varName.toLowerCase().replace(/_/g, "-"),
|
|
261
|
-
type: "env_var",
|
|
262
|
-
envVar: varName,
|
|
263
|
-
value,
|
|
264
|
-
}));
|
|
265
|
-
}
|
|
266
|
-
}
|
|
267
|
-
}
|
|
268
|
-
return create(powerline.TokenBundleSchema, { tokens: items });
|
|
269
|
-
}
|
|
270
98
|
//# sourceMappingURL=credential-providers.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"credential-providers.js","sourceRoot":"","sources":["../src/credential-providers.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"credential-providers.js","sourceRoot":"","sources":["../src/credential-providers.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,OAAO,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;AAEjC,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AACtC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAarC,gEAAgE;AAChE,MAAM,YAAY,GAAW,sBAAsB,CAAC;AAEpD,iDAAiD;AACjD,MAAM,cAAc,GAA6B;IAC/C,MAAM,EAAE,KAAK;IACb,MAAM,EAAE,KAAK;IACb,OAAO,EAAE,KAAK;IACd,KAAK,EAAE,KAAK;IACZ,KAAK,EAAE,KAAK;CACb,CAAC;AAEF,4BAA4B;AAC5B,MAAM,CAAC,MAAM,eAAe,GAAsB,CAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;AAEpG,4CAA4C;AAC5C,MAAM,CAAC,MAAM,mBAAmB,GAAwB,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,cAAc,EAAE,SAAS,CAAC,CAAC,CAAC;AAEpG,wEAAwE;AACxE,MAAM,CAAC,MAAM,mBAAmB,GAAwB,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC;AAK/E,8DAA8D;AAE9D;;;;;GAKG;AACH,MAAM,UAAU,6BAA6B,CAAC,OAAe;IAC3D,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAY,CAAC;IAC3C,MAAM,MAAM,GAAG,CAAC,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAsC,CAAC;IACzG,OAAO;QACL,MAAM,EAAE,mBAAmB,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,MAAO,CAAC,CAAC,CAAC,cAAc,CAAC,MAAM;QAC7F,MAAM,EAAE,mBAAmB,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,MAAO,CAAC,CAAC,CAAC,cAAc,CAAC,MAAM;QAC7F,OAAO,EAAE,mBAAmB,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,OAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,OAAO;QACjG,KAAK,EAAE,mBAAmB,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAM,CAAC,CAAC,CAAC,cAAc,CAAC,KAAK;QACzF,KAAK,EAAE,mBAAmB,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAM,CAAC,CAAC,CAAC,cAAc,CAAC,KAAK;KAC1F,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CAAC,QAA2B;IAChE,MAAM,IAAI,GAAG,QAAQ,IAAI,EAAE,CAAC;IAC5B,MAAM,GAAG,GAAG,IAAI;SACb,MAAM,EAAE;SACR,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;SACrB,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;SAC5C,GAAG,EAAE,CAAC;IAET,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,OAAO,EAAE,GAAG,cAAc,EAAE,CAAC;IAC/B,CAAC;IAED,IAAI,CAAC;QACH,OAAO,6BAA6B,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAClD,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,CAAC,IAAI,CAAC,0DAA0D,CAAC,CAAC;QACxE,OAAO,EAAE,GAAG,cAAc,EAAE,CAAC;IAC/B,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,+BAA+B,CAAC,KAAc;IAC5D,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QAChD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,CAAC,GAAG,KAAgC,CAAC;IAC3C,OAAO,CACL,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,MAAgB,CAAC;QAC3C,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,MAAgB,CAAC;QAC3C,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,OAAiB,CAAC;QAC5C,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,KAAe,CAAC;QAC1C,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,KAAe,CAAC,CAC3C,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CAAC,MAAgC,EAAE,QAA2B;IAClG,MAAM,IAAI,GAAG,QAAQ,IAAI,EAAE,CAAC;IAC5B,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IACrC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC;SACzB,MAAM,CAAC,EAAE,GAAG,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC;SACpC,kBAAkB,CAAC;QAClB,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,GAAG;QAC3B,GAAG,EAAE,EAAE,KAAK,EAAE;KACf,CAAC;SACD,GAAG,EAAE,CAAC;AACX,CAAC"}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Application-level database seeding — creates default personas, root task,
|
|
3
|
+
* and backfills settings for fresh installs and upgrades.
|
|
4
|
+
*
|
|
5
|
+
* Separated from {@link initDatabase} (which owns schema migrations) so that
|
|
6
|
+
* the persistence layer stays free of business/domain knowledge.
|
|
7
|
+
*/
|
|
8
|
+
import type Database from "better-sqlite3";
|
|
9
|
+
/**
|
|
10
|
+
* Seed the database with application-level defaults.
|
|
11
|
+
* Call once at startup after {@link initDatabase} has applied schema migrations.
|
|
12
|
+
*
|
|
13
|
+
* @param conn - The raw better-sqlite3 connection to seed.
|
|
14
|
+
*/
|
|
15
|
+
export declare function seedDatabase(conn: InstanceType<typeof Database>): void;
|
|
16
|
+
//# sourceMappingURL=db-seed.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"db-seed.d.ts","sourceRoot":"","sources":["../src/db-seed.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAG3C;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,YAAY,CAAC,OAAO,QAAQ,CAAC,GAAG,IAAI,CAsLtE"}
|