From 36ce7aed4fb565955685b6d20329789cb96f000d Mon Sep 17 00:00:00 2001
From: didericis-codex <eric+codex@dideric.is>
Date: Mon, 1 Jun 2026 17:20:14 -0400
Subject: [PATCH] refactor(codex): derive trusted paths from guest home

---
 .../backend/docker/provision/provider_auth.py | 19 ++++++++-----------
 .../smolmachines/provision/provider_auth.py   | 14 ++++----------
 .../test_docker_provision_provider_auth.py    |  3 +--
 tests/unit/test_smolmachines_provision.py     |  3 +--
 4 files changed, 14 insertions(+), 25 deletions(-)

diff --git a/bot_bottle/backend/docker/provision/provider_auth.py b/bot_bottle/backend/docker/provision/provider_auth.py
index eed6010..ec97bdc 100644
--- a/bot_bottle/backend/docker/provision/provider_auth.py
+++ b/bot_bottle/backend/docker/provision/provider_auth.py
@@ -9,22 +9,22 @@ import subprocess
 from ..bottle_plan import DockerBottlePlan
 
 
-_CODEX_HOME_PROJECT = "/home/node"
-_CODEX_WORKSPACE = "/home/node/workspace"
+_DEFAULT_GUEST_HOME = "/home/node"
 
 
 def provision_provider_auth(plan: DockerBottlePlan, target: str) -> None:
     """Prepare Codex home state inside a Docker bottle.
 
     Every Codex bottle gets a minimal config.toml that trusts the
-    in-container launch directory and workspace path. When host
-    credentials are forwarded, auth.json contains no real access or
-    refresh token values; it only nudges Codex into the same user/device
-    auth branch as the host.
+    in-container launch directory. When host credentials are forwarded,
+    auth.json contains no real access or refresh token values; it only
+    nudges Codex into the same user/device auth branch as the host.
     """
     if plan.agent_provider_template != "codex":
         return
-    container_home = os.environ.get("BOT_BOTTLE_CONTAINER_HOME", "/home/node")
+    container_home = os.environ.get(
+        "BOT_BOTTLE_CONTAINER_HOME", _DEFAULT_GUEST_HOME,
+    )
     auth_dir = f"{container_home}/.codex"
 
     subprocess.run(
@@ -44,10 +44,7 @@ def provision_provider_auth(plan: DockerBottlePlan, target: str) -> None:
     )
     config_path = f"{auth_dir}/config.toml"
     config = (
-        f'[projects."{_CODEX_HOME_PROJECT}"]\n'
-        'trust_level = "trusted"\n'
-        "\n"
-        f'[projects."{_CODEX_WORKSPACE}"]\n'
+        f'[projects."{container_home}"]\n'
         'trust_level = "trusted"\n'
     )
     subprocess.run(
diff --git a/bot_bottle/backend/smolmachines/provision/provider_auth.py b/bot_bottle/backend/smolmachines/provision/provider_auth.py
index 7357a32..93095d3 100644
--- a/bot_bottle/backend/smolmachines/provision/provider_auth.py
+++ b/bot_bottle/backend/smolmachines/provision/provider_auth.py
@@ -11,18 +11,15 @@ from ..bottle_plan import SmolmachinesBottlePlan
 
 
 _DEFAULT_GUEST_HOME = "/home/node"
-_CODEX_HOME_PROJECT = "/home/node"
-_CODEX_WORKSPACE = "/home/node/workspace"
 
 
 def provision_provider_auth(plan: SmolmachinesBottlePlan, target: str) -> None:
     """Prepare Codex home state inside the smolmachine.
 
     Every Codex bottle gets a minimal config.toml that trusts the
-    in-guest launch directory and workspace path. When host credentials
-    are forwarded, the real host access token remains in the egress
-    bundle env; auth.json only selects Codex's user/device auth code
-    path.
+    in-guest launch directory. When host credentials are forwarded,
+    the real host access token remains in the egress bundle env;
+    auth.json only selects Codex's user/device auth code path.
     """
     if plan.agent_provider_template != "codex":
         return
@@ -72,10 +69,7 @@ def provision_provider_auth(plan: SmolmachinesBottlePlan, target: str) -> None:
 
     config_path = f"{auth_dir}/config.toml"
     config = (
-        f'[projects."{_CODEX_HOME_PROJECT}"]\n'
-        'trust_level = "trusted"\n'
-        "\n"
-        f'[projects."{_CODEX_WORKSPACE}"]\n'
+        f'[projects."{guest_home}"]\n'
         'trust_level = "trusted"\n'
     )
     result = _smolvm.machine_exec(
diff --git a/tests/unit/test_docker_provision_provider_auth.py b/tests/unit/test_docker_provision_provider_auth.py
index 2924b40..532410e 100644
--- a/tests/unit/test_docker_provision_provider_auth.py
+++ b/tests/unit/test_docker_provision_provider_auth.py
@@ -75,7 +75,7 @@ class TestProvisionProviderAuth(unittest.TestCase):
             )
         self.assertEqual(0, run.call_count)
 
-    def test_codex_provider_trusts_workspace_without_auth_file(self):
+    def test_codex_provider_trusts_launch_dir_without_auth_file(self):
         with patch.object(_provider_auth.subprocess, "run") as run:
             _provider_auth.provision_provider_auth(
                 _plan(), "bot-bottle-demo-abc12",
@@ -91,7 +91,6 @@ class TestProvisionProviderAuth(unittest.TestCase):
             if a[:6] == ["docker", "exec", "-u", "0", "bot-bottle-demo-abc12", "sh"]
         )
         self.assertIn('[projects."/home/node"]', trust_config[-1])
-        self.assertIn('[projects."/home/node/workspace"]', trust_config[-1])
         self.assertIn('trust_level = "trusted"', trust_config[-1])
         self.assertIn(
             ["docker", "exec", "-u", "0", "bot-bottle-demo-abc12",
diff --git a/tests/unit/test_smolmachines_provision.py b/tests/unit/test_smolmachines_provision.py
index 14a0451..941dbbd 100644
--- a/tests/unit/test_smolmachines_provision.py
+++ b/tests/unit/test_smolmachines_provision.py
@@ -213,7 +213,7 @@ class TestProvisionProviderAuth(unittest.TestCase):
         self.assertEqual(0, cp.call_count)
         self.assertEqual(0, ex.call_count)
 
-    def test_codex_provider_trusts_workspace_without_auth_file(self):
+    def test_codex_provider_trusts_launch_dir_without_auth_file(self):
         cp_p, ex_p = self._patch()
         with cp_p as cp, ex_p as ex:
             ex.return_value = SmolvmRunResult(0, "", "")
@@ -229,7 +229,6 @@ class TestProvisionProviderAuth(unittest.TestCase):
             if a[:2] == ["sh", "-c"] and "config.toml" in a[2]
         )
         self.assertIn('[projects."/home/node"]', trust_config[2])
-        self.assertIn('[projects."/home/node/workspace"]', trust_config[2])
         self.assertIn('trust_level = "trusted"', trust_config[2])
         self.assertIn(
             ["chown", "node:node", "/home/node/.codex/config.toml"],