optio-opencode 0.1.7__tar.gz → 0.1.9__tar.gz

{optio_opencode-0.1.7 → optio_opencode-0.1.9}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: optio-opencode
-Version: 0.1.7
+Version: 0.1.9
 Summary: Run opencode web as an optio task; local subprocess or remote via SSH.
 Author-email: Kristof Csillag <kristof.csillag@deai-labs.com>
 License-Expression: Apache-2.0

{optio_opencode-0.1.7 → optio_opencode-0.1.9}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "optio-opencode"
-version = "0.1.7"
+version = "0.1.9"
 description = "Run opencode web as an optio task; local subprocess or remote via SSH."
 readme = "README.md"
 license = "Apache-2.0"

{optio_opencode-0.1.7 → optio_opencode-0.1.9}/src/optio_opencode/host_actions.py

@@ -366,6 +366,7 @@ async def launch_opencode(
     opencode_executable: str = "opencode",
     hostname: str = "127.0.0.1",
     extra_env: dict[str, str] | None = None,
+    env_remove: list[str] | None = None,
 ) -> tuple[ProcessHandle, int]:
     """Launch ``opencode web`` on ``host``; wait for the listening URL.
 
@@ -425,7 +426,9 @@ async def launch_opencode(
         **(extra_env or {}),
     }
 
-    handle = await host.launch_subprocess(cmd, env=env, cwd=host.workdir)
+    handle = await host.launch_subprocess(
+        cmd, env=env, cwd=host.workdir, env_remove=env_remove,
+    )
 
     async def _read_url() -> int:
         async for raw in handle.stdout:

{optio_opencode-0.1.7 → optio_opencode-0.1.9}/src/optio_opencode/session.py

@@ -268,6 +268,7 @@ async def run_opencode_session(ctx: ProcessContext, config: OpencodeTaskConfig)
             opencode_executable=opencode_exec,
             hostname=opencode_hostname,
             extra_env=hook_ctx.browser_launch_env,
+            env_remove=config.scrub_env,
         )
         launched_handle = handle
 
@@ -482,6 +483,24 @@ async def _capture_snapshot(
     opencode_executable: str = "opencode",
     session_blob_encrypt: "Callable[[bytes], bytes] | None" = None,
 ) -> None:
+    # Defense-in-depth (guard #2): refuse to capture a resumable snapshot
+    # unless opencode's auth.json exists and is non-empty on the host. A
+    # credential-less workdir is degenerate — restoring it would relaunch
+    # opencode with no auth, so marking it resumable is worse than useless.
+    # (Live-reach is already covered by the session_id is not None gate at
+    # the call site; this covers the bad/empty-seed edge.)
+    workdir = host.workdir.rstrip("/")
+    chk = await host.run_command(
+        f"test -s {shlex.quote(workdir)}/home/.local/share/opencode/auth.json "
+        f"&& echo OK || true"
+    )
+    if "OK" not in chk.stdout:
+        _LOG.warning(
+            "snapshot capture skipped: opencode auth.json absent/empty; "
+            "refusing to mark resumable"
+        )
+        return
+
     session_json = await host_actions.opencode_export(
         host, opencode_db, session_id,
         opencode_executable=opencode_executable,

{optio_opencode-0.1.7 → optio_opencode-0.1.9}/src/optio_opencode/types.py

@@ -64,6 +64,10 @@ class OpencodeTaskConfig:
     # (POST /api/session/<id>/prompt "Read AGENTS.md and execute the task it
     # describes"); suppressed on resume.
     auto_start: bool = False
+    # Glob patterns (fnmatch) of env var NAMES to strip from the opencode
+    # subprocess, so inherited provider creds don't override the seed. e.g.
+    # ["*_API_KEY", "*_TOKEN"].
+    scrub_env: list[str] | None = None
 
     def __post_init__(self) -> None:
         e = self.session_blob_encrypt is not None

{optio_opencode-0.1.7 → optio_opencode-0.1.9}/src/optio_opencode.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: optio-opencode
-Version: 0.1.7
+Version: 0.1.9
 Summary: Run opencode web as an optio task; local subprocess or remote via SSH.
 Author-email: Kristof Csillag <kristof.csillag@deai-labs.com>
 License-Expression: Apache-2.0

{optio_opencode-0.1.7 → optio_opencode-0.1.9}/tests/test_host_actions.py

@@ -128,6 +128,7 @@ class _RecordingLaunchHost:
 
     async def launch_subprocess(
         self, command, *, env=None, cwd=None, merge_stderr=True, stdin=False,
+        env_remove=None,
     ) -> ProcessHandle:
         self.launch_cmd = command
         self.launch_env = env

{optio_opencode-0.1.7 → optio_opencode-0.1.9}/tests/test_host_local.py

@@ -71,7 +71,7 @@ async def test_launch_opencode_passes_hostname_into_cmd(local_host, monkeypatch)
     --hostname=`` argument."""
     captured: dict[str, str] = {}
 
-    async def fake_launch_subprocess(self, cmd, *, env=None, cwd=None):
+    async def fake_launch_subprocess(self, cmd, *, env=None, cwd=None, env_remove=None):
         captured["cmd"] = cmd
         raise RuntimeError("stop before waiting on stdout")
 
@@ -92,7 +92,7 @@ async def test_launch_opencode_default_hostname_is_loopback(local_host, monkeypa
     """Default keeps single-host / RemoteHost-over-SSH behaviour intact."""
     captured: dict[str, str] = {}
 
-    async def fake_launch_subprocess(self, cmd, *, env=None, cwd=None):
+    async def fake_launch_subprocess(self, cmd, *, env=None, cwd=None, env_remove=None):
         captured["cmd"] = cmd
         raise RuntimeError("stop")
 

{optio_opencode-0.1.7 → optio_opencode-0.1.9}/tests/test_seed_config.py

@@ -32,6 +32,11 @@ def test_seed_config_defaults_none():
     assert cfg.auto_start is False
 
 
+def test_opencode_config_scrub_env_default_none():
+    from optio_opencode.types import OpencodeTaskConfig
+    assert OpencodeTaskConfig(consumer_instructions="hi").scrub_env is None
+
+
 def test_manifest_shape():
     assert OPENCODE_SEED_SUFFIX == "_opencode_seeds"
     assert OPENCODE_SEED_MANIFEST.home_subdir == "home"

{optio_opencode-0.1.7 → optio_opencode-0.1.9}/tests/test_session_blob_hooks.py

@@ -99,6 +99,11 @@ async def test_capture_writes_through_session_blob_encrypt(monkeypatch):
         yield b"workdir-bytes"
     fake_host = MagicMock()
     fake_host.archive_workdir = _fake_archive
+    # Satisfy the snapshot-capture defense-in-depth guard: it runs a
+    # `test -s .../auth.json && echo OK` probe on the host and refuses to
+    # capture unless the output contains "OK".
+    fake_host.workdir = "/work"
+    fake_host.run_command = AsyncMock(return_value=MagicMock(stdout="OK\n"))
 
     await _capture_snapshot(
         fake_ctx, fake_host,

{optio_opencode-0.1.7 → optio_opencode-0.1.9}/tests/test_session_hooks.py

@@ -118,7 +118,7 @@ def _patch_host_actions(monkeypatch, host):
     async def _version(_host, *, opencode_executable="opencode"):
         return None
 
-    async def _launch(_host, _password, *, ready_timeout_s=30.0, opencode_executable="opencode", hostname="127.0.0.1", extra_env=None):
+    async def _launch(_host, _password, *, ready_timeout_s=30.0, opencode_executable="opencode", hostname="127.0.0.1", extra_env=None, env_remove=None):
         host.timeline.append("launch_opencode")
         raise RuntimeError("test never gets past launch")
 

{optio_opencode-0.1.7 → optio_opencode-0.1.9}/tests/test_session_local.py

@@ -92,6 +92,21 @@ def _config(scenario: str, deliverable_cb=None, raises: bool = False) -> Opencod
     )
 
 
+async def _plant_auth_json(hook_ctx) -> None:
+    """before_execute hook: plant a non-empty opencode auth.json in the workdir.
+
+    The snapshot-capture defense-in-depth guard refuses to mark a session
+    resumable unless ``home/.local/share/opencode/auth.json`` exists and is
+    non-empty on the host, so capture-expecting tests must plant credentials
+    the same way a real seeded launch would.
+    """
+    await hook_ctx.run_on_host(
+        "mkdir -p home/.local/share/opencode && "
+        "printf '{\"anthropic\": {\"type\": \"api\", \"key\": \"sk-test\"}}' "
+        "> home/.local/share/opencode/auth.json"
+    )
+
+
 @pytest.fixture(autouse=True)
 def _supply_scenario(monkeypatch):
     """Substitute fake_opencode.py for the real opencode binary.
@@ -105,7 +120,7 @@ def _supply_scenario(monkeypatch):
     orig_launch = host_actions.launch_opencode
     scenario_holder: dict = {"name": "happy"}
 
-    async def _launch(host, password, *, ready_timeout_s=30.0, opencode_executable="opencode", hostname="127.0.0.1", extra_env=None):
+    async def _launch(host, password, *, ready_timeout_s=30.0, opencode_executable="opencode", hostname="127.0.0.1", extra_env=None, env_remove=None):
         del opencode_executable  # we substitute fully
         return await orig_launch(
             host, password,
@@ -596,11 +611,14 @@ async def test_session_local_supports_resume_true_captures_snapshot(
     ctx_and_captures, _supply_scenario, tmp_workdir,
 ):
     """With supports_resume=True (default), a snapshot IS captured."""
+    import dataclasses
     from optio_opencode.snapshots import SESSION_SNAPSHOT_COLLECTION_SUFFIX
     ctx, _, _ = ctx_and_captures
     _supply_scenario["name"] = "happy"
 
-    cfg = _config("happy")  # default supports_resume=True
+    # Plant auth.json so the snapshot-capture defense-in-depth guard permits
+    # capture; without credentials it would refuse to mark resumable.
+    cfg = dataclasses.replace(_config("happy"), before_execute=_plant_auth_json)
     await run_opencode_session(ctx, cfg)
 
     coll_name = f"{ctx._prefix}{SESSION_SNAPSHOT_COLLECTION_SUFFIX}"

{optio_opencode-0.1.7 → optio_opencode-0.1.9}/tests/test_session_resume.py

@@ -53,7 +53,7 @@ def _supply_scenario(monkeypatch):
     orig_launch = host_actions.launch_opencode
     holder = {"name": "happy"}
 
-    async def _launch(host, password, *, ready_timeout_s=30.0, opencode_executable="opencode", hostname="127.0.0.1", extra_env=None):
+    async def _launch(host, password, *, ready_timeout_s=30.0, opencode_executable="opencode", hostname="127.0.0.1", extra_env=None, env_remove=None):
         del opencode_executable
         return await orig_launch(
             host, password,
@@ -121,9 +121,30 @@ async def _make_ctx(mongo_db, process_id: str, *, resume: bool):
     return ctx, proc["_id"]
 
 
-async def _run_one_cycle(mongo_db, process_id: str, resume: bool) -> None:
+async def _plant_auth_json(hook_ctx) -> None:
+    """before_execute hook: plant a non-empty opencode auth.json in the workdir.
+
+    The snapshot-capture defense-in-depth guard refuses to mark a session
+    resumable unless ``home/.local/share/opencode/auth.json`` exists and is
+    non-empty on the host. Capture-expecting tests must therefore plant a
+    credentials file the same way a real seeded launch would, mirroring how
+    claudecode tests plant ``.credentials.json``.
+    """
+    await hook_ctx.run_on_host(
+        "mkdir -p home/.local/share/opencode && "
+        "printf '{\"anthropic\": {\"type\": \"api\", \"key\": \"sk-test\"}}' "
+        "> home/.local/share/opencode/auth.json"
+    )
+
+
+async def _run_one_cycle(
+    mongo_db, process_id: str, resume: bool, *, plant_auth: bool = True,
+) -> None:
     ctx, _ = await _make_ctx(mongo_db, process_id, resume=resume)
-    cfg = OpencodeTaskConfig(consumer_instructions=f"(scenario: happy {process_id})")
+    cfg = OpencodeTaskConfig(
+        consumer_instructions=f"(scenario: happy {process_id})",
+        before_execute=_plant_auth_json if plant_auth else None,
+    )
     await run_opencode_session(ctx, cfg)
 
 
@@ -142,6 +163,27 @@ async def test_terminal_flow_captures_snapshot_and_wipes_workdir(mongo_db, task_
     assert not wd.exists() or not any(wd.iterdir())
 
 
+async def test_no_auth_json_refuses_to_capture_snapshot(mongo_db, task_root):
+    """Defense-in-depth: a normal launch (session_id created) but with NO
+    opencode auth.json on the host must NOT capture a snapshot or mark the
+    process resumable. Guards against marking a degenerate, credential-less
+    workdir as resumable.
+    """
+    pid = "oc_no_auth_1"
+    await _run_one_cycle(mongo_db, pid, resume=False, plant_auth=False)
+
+    snap = await load_latest_snapshot(mongo_db, prefix="test", process_id=pid)
+    assert snap is None
+
+    count = await mongo_db[f"test{SESSION_SNAPSHOT_COLLECTION_SUFFIX}"].count_documents(
+        {"processId": pid}
+    )
+    assert count == 0
+
+    proc = await mongo_db["test_processes"].find_one({"processId": pid})
+    assert proc.get("hasSavedState") is not True
+
+
 async def test_resume_creates_second_snapshot(mongo_db, task_root):
     pid = "oc_resume_1"
     await _run_one_cycle(mongo_db, pid, resume=False)

{optio_opencode-0.1.7 → optio_opencode-0.1.9}/tests/test_session_seed.py

@@ -71,7 +71,7 @@ def _supply_scenario(monkeypatch):
     orig_launch = host_actions.launch_opencode
     holder = {"name": "happy"}
 
-    async def _launch(host, password, *, ready_timeout_s=30.0, opencode_executable="opencode", hostname="127.0.0.1", extra_env=None):
+    async def _launch(host, password, *, ready_timeout_s=30.0, opencode_executable="opencode", hostname="127.0.0.1", extra_env=None, env_remove=None):
         del opencode_executable
         return await orig_launch(
             host, password,
@@ -330,6 +330,10 @@ async def test_auto_start_posts_on_fresh_and_not_on_resume(
     await run_opencode_session(ctx_fresh, OpencodeTaskConfig(
         consumer_instructions="(scenario: happy)",
         auto_start=True,
+        # Plant auth.json so the snapshot-capture defense-in-depth guard does
+        # not refuse to mark this resumable; otherwise the resume leg would
+        # fall back to a fresh launch and POST the kickoff prompt again.
+        before_execute=_plant_env,
     ))
     assert len(posts) == 1
     posted_session_id, posted_message = posts[0]
@@ -341,6 +345,7 @@ async def test_auto_start_posts_on_fresh_and_not_on_resume(
     await run_opencode_session(ctx_resume, OpencodeTaskConfig(
         consumer_instructions="(scenario: happy)",
         auto_start=True,
+        before_execute=_plant_env,
     ))
     assert len(posts) == 1, posts