fix: skip codex-pool sentinel validation for disabled targets

This commit is contained in:
Codex
2026-06-26 04:09:31 +00:00
parent 0dbdc5ba28
commit 2ee039d39f
@@ -31,6 +31,7 @@ export function remotePythonScript(mode: "sync" | "validate" | "trace" | "cleanu
set -u
python3 - <<'PY'
import base64
import hashlib
import json
import re
import secrets
@@ -1022,6 +1023,16 @@ def safe_kube_json(args, label):
return None, {"label": label, "exitCode": proc.returncode, "error": str(exc), "stdoutTail": text(proc.stdout, 1000)}
def sentinel_runtime_status():
if not TARGET_SENTINEL_ENABLED:
return {
"ok": True,
"action": "skipped-target-disabled",
"desired": {
"monitorEnabled": SENTINEL_CONFIG.get("monitor", {}).get("enabled"),
"actionsEnabled": SENTINEL_CONFIG.get("actions", {}).get("enabled"),
},
"valuesPrinted": False,
}
cfg = SENTINEL_CONFIG
cronjob_name = cfg.get("cronJobName")
secret_name = cfg.get("credentialsSecretName")
@@ -2349,6 +2360,9 @@ def api_key_preview(api_key):
return "***"
return api_key[:10] + "..." + api_key[-4:]
def secret_fingerprint(value):
return "sha256:" + hashlib.sha256(value.encode("utf-8")).hexdigest()[:16]
def run_sync():
global MANUAL_ACCOUNT_PROTECTIONS
payload = json.loads(base64.b64decode(PAYLOAD_B64).decode("utf-8"))
@@ -2427,7 +2441,7 @@ def run_sync():
"sub2apiId": api_key_result["id"],
"groupId": api_key_result["groupId"],
"userId": api_key_result["userId"],
"keyPreview": api_key_preview(api_key),
"apiKeyFingerprint": secret_fingerprint(api_key),
"valuesPrinted": False,
},
"ownerBalance": owner_balance,
@@ -2473,7 +2487,7 @@ def run_validate():
"sub2apiId": key_item.get("id") if isinstance(key_item, dict) else None,
"userId": key_item.get("user_id") if isinstance(key_item, dict) else None,
"groupId": key_item.get("group_id") if isinstance(key_item, dict) else None,
"keyPreview": api_key_preview(api_key),
"apiKeyFingerprint": secret_fingerprint(api_key),
"valuesPrinted": False,
},
"ownerBalance": owner_balance,