didericis/bot-bottle
1
0
Fork 0
Code Issues 5 Pull Requests 3 Actions Packages Projects Releases Wiki Activity
185 Commits 15 Branches 0 Tags
07da4366ad9a13408a055fff8bca2387dae809b1
Commit Graph

3 Commits

Author SHA1 Message Date
didericis 9fa9717135 docs: switch cred-proxy to sidecar shape
test / unit (pull_request) Successful in 15s
Details
test / integration (pull_request) Successful in 27s
Details 
Make the cred-proxy a per-bottle sidecar container on the bottle's
internal docker network instead of a root-owned process inside the
agent container. The boundary becomes container namespace
separation, matching pipelock and git-gate. Update summary,
problem, goals, in-scope, architecture diagram, components,
existing code touched, external deps, and open questions; add a
"Considered alternatives" section recording the rejected
in-container shape.
 2026-05-13 15:35:38 -04:00
didericis 3747927b9e docs: align cred-proxy architecture diagram 
Trim one trailing space from the four arrow/HTTPS rows and add
one dash to the bottle-container bottom edge so all box-bound
lines are 68 columns.
 2026-05-13 15:35:37 -04:00
didericis 1411719973 docs: add PRD 0010 for credential proxy 
Per-bottle reverse proxy that holds API tokens (Anthropic OAuth,
GitHub PAT, Gitea PAT, npm) in a root-owned process; agent gets
only URLs in its environ. AWS / SigV4 explicitly out of scope.
 2026-05-13 15:35:37 -04:00