feat: 支持 provider profile auth.json 写入
This commit is contained in:
@@ -23,11 +23,12 @@ const selfTest: SelfTestCase = async (context) => {
|
||||
const createdJobPath = path.join(context.tmp, "provider-validation-job.json");
|
||||
const secretStateDir = path.join(context.tmp, "provider-secret-state");
|
||||
await writeFile(fakeKubectl, `#!/usr/bin/env bun
|
||||
import { rmSync } from "node:fs";
|
||||
import { mkdirSync, rmSync } from "node:fs";
|
||||
const args = Bun.argv.slice(2);
|
||||
const secretStateDir = ${JSON.stringify(secretStateDir)};
|
||||
const secretStatePath = (name) => secretStateDir + "/" + name + ".json";
|
||||
const deletedMarkerPath = (name) => secretStateDir + "/" + name + ".deleted";
|
||||
mkdirSync(secretStateDir, { recursive: true });
|
||||
const fixtureSecret = (name) => ({ apiVersion: "v1", kind: "Secret", metadata: { name, namespace: "agentrun-v01", resourceVersion: "rv-selftest", creationTimestamp: "2026-06-05T00:00:00.000Z" }, data: { "auth.json": Buffer.from(JSON.stringify({ token: "redacted-fixture" })).toString("base64"), "config.toml": Buffer.from("model = \\\"fixture\\\"\\n").toString("base64") } });
|
||||
const readStdin = async () => {
|
||||
const chunks = [];
|
||||
@@ -119,7 +120,7 @@ if (args[0] === "create") {
|
||||
if (args[0] === "delete" && args[1] === "secret") {
|
||||
const name = args[2];
|
||||
try { rmSync(secretStatePath(name)); } catch {}
|
||||
await Bun.write(deletedMarkerPath(name), "deleted\n");
|
||||
await Bun.write(deletedMarkerPath(name), "deleted\\n");
|
||||
console.log(JSON.stringify({ kind: "Status", status: "Success", details: { name } }));
|
||||
process.exit(0);
|
||||
}
|
||||
@@ -265,6 +266,24 @@ process.exit(1);
|
||||
const dynamicReplaceData = dynamicReplaceManifest.data as JsonRecord;
|
||||
assert.equal(Buffer.from(String(dynamicReplaceData["auth.json"]), "base64").toString("utf8").includes(secretText), true);
|
||||
assert.equal(Buffer.from(String(dynamicReplaceData["config.toml"]), "base64").toString("utf8"), dynamicConfigToml);
|
||||
|
||||
const directAuthJsonSecret = "sk-selftest-auth-json-direct";
|
||||
const directAuthJson = `${JSON.stringify({ OPENAI_API_KEY: directAuthJsonSecret })}\n`;
|
||||
const dynamicAuthJsonCredential = await client.put(`/api/v1/provider-profiles/${encodeURIComponent(dynamicProfile)}/credential`, {
|
||||
authJson: directAuthJson,
|
||||
delegatedBy: { system: "hwlab-v02", userId: "u4", username: "tester4", requestId: "req-dynamic-auth-json-selftest" },
|
||||
reason: "self-test-dynamic-auth-json",
|
||||
}) as JsonRecord;
|
||||
assert.equal(dynamicAuthJsonCredential.profile, dynamicProfile);
|
||||
assert.equal(dynamicAuthJsonCredential.credentialSource, "auth-json");
|
||||
assert.equal(JSON.stringify(dynamicAuthJsonCredential).includes(directAuthJsonSecret), false);
|
||||
assertNoSecretLeak(dynamicAuthJsonCredential);
|
||||
const dynamicAuthJsonReplaceRecord = JSON.parse(await readFile(replacedSecretPath, "utf8")) as JsonRecord;
|
||||
const dynamicAuthJsonReplaceManifest = dynamicAuthJsonReplaceRecord.manifest as JsonRecord;
|
||||
const dynamicAuthJsonData = dynamicAuthJsonReplaceManifest.data as JsonRecord;
|
||||
assert.equal(Buffer.from(String(dynamicAuthJsonData["auth.json"]), "base64").toString("utf8"), directAuthJson);
|
||||
assert.equal(Buffer.from(String(dynamicAuthJsonData["config.toml"]), "base64").toString("utf8"), dynamicConfigToml);
|
||||
|
||||
const dynamicShown = await client.get(`/api/v1/provider-profiles/${encodeURIComponent(dynamicProfile)}`) as JsonRecord;
|
||||
assert.equal(dynamicShown.configured, true);
|
||||
assert.equal(dynamicShown.failureKind, null);
|
||||
@@ -322,7 +341,7 @@ process.exit(1);
|
||||
assert.equal(finalValidation.status, "completed");
|
||||
assert.equal(JSON.stringify(finalValidation).includes(secretText), false);
|
||||
assertNoSecretLeak(finalValidation);
|
||||
return { name: "provider-profile-management", tests: ["provider-profiles-list-redacted", "provider-profile-config", "provider-profile-set-key-redacted", "provider-profile-secret-replace-annotation-cleanup", "provider-profile-secret-create-upsert", "provider-profile-config-only-create", "provider-profile-dynamic-slug-roundtrip", "provider-profile-remove-builtin", "provider-profile-remove-dynamic-slug", "provider-profile-deepseek-moon-bridge", "provider-profile-manager-secret-rbac", "provider-profile-validation-runner-job"] };
|
||||
return { name: "provider-profile-management", tests: ["provider-profiles-list-redacted", "provider-profile-config", "provider-profile-set-key-redacted", "provider-profile-set-auth-json-redacted", "provider-profile-secret-replace-annotation-cleanup", "provider-profile-secret-create-upsert", "provider-profile-config-only-create", "provider-profile-dynamic-slug-roundtrip", "provider-profile-remove-builtin", "provider-profile-remove-dynamic-slug", "provider-profile-deepseek-moon-bridge", "provider-profile-manager-secret-rbac", "provider-profile-validation-runner-job"] };
|
||||
} finally {
|
||||
await new Promise<void>((resolve) => server.server.close(() => resolve()));
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user