bot-bottle

didericis/bot-bottle

Fork 0

Commit Graph

Author	SHA1	Message	Date
didericis	fcbbc4484d	refactor(cred_proxy): flat routes, role-driven provisioning (PRD 0010) test / unit (pull_request) Successful in 14s Details test / integration (pull_request) Successful in 22s Details Replace bottle.tokens (with Kind enum and hardcoded per-kind route/auth tables) with bottle.cred_proxy.routes — each route declares its own path, upstream, auth_scheme, token_ref, and optional role[]. The manifest is now the source of truth for the proxy's runtime route table; adding an upstream is a manifest edit, not a code change. Agent-side rewrites move from per-kind dispatch to per-role tags on routes: anthropic-base-url -> set ANTHROPIC_BASE_URL=<proxy><path> npm-registry -> write ~/.npmrc registry= git-insteadof -> write ~/.gitconfig [url] insteadOf, keyed off route.upstream (suppressed when bottle.git brokers the same host) tea-login -> add a ~/.config/tea/config.yml login Roles are a list (string accepted as sugar). A gitea route typically carries ["git-insteadof", "tea-login"]. Singleton roles (anthropic-base-url, npm-registry) appear on at most one route. token_env slots are assigned per distinct TokenRef in declaration order — two routes sharing a token_ref (e.g. github API + git endpoints) share a slot. Drops: TOKEN_KINDS, _KIND_ROUTES, _KIND_AUTH_SCHEME, _TOKEN_DEFAULT_HOST, cred_proxy_route_path_for_gitea, the kind field on CredProxyUpstream, and the kind-based hardcoding in pipelock_token_hosts (now derives from route.UpstreamHost). Legacy bottle.tokens manifests now die with a hint pointing at bottle.cred_proxy.routes + this PRD. Tests rewritten end-to-end. Docs + example.json + the dev ~/claude-bottle.json updated to match.	2026-05-13 21:49:55 -04:00
didericis	07da4366ad	test(cred_proxy): integration tests for header inject + strip (PRD 0010) Drives DockerCredProxy.start through the production code path against a fake upstream container running on the same egress network. The "agent" is a curl container on the bottle's internal network — same access topology the agent uses in production. Covers PRD 0010 success criteria: - SC3 (the request reaches upstream, header round-trip works) - SC6 (inbound Authorization stripped; the proxy injects the configured token even when the agent tries to smuggle one in) - partial SC2 (cred-proxy reachable by the alias from the internal network) - 404 for unconfigured routes Live-network tests against real Anthropic / GitHub / Gitea / npm upstreams (SC4 and SC5 specifically) are deferred — the fake-upstream shape covers the routing + header layer that's actually under test here.	2026-05-13 16:29:10 -04:00

Author

SHA1

Message

Date

didericis

fcbbc4484d

refactor(cred_proxy): flat routes, role-driven provisioning (PRD 0010)

test / unit (pull_request) Successful in 14s

Details

test / integration (pull_request) Successful in 22s

Details

Replace bottle.tokens (with Kind enum and hardcoded per-kind
route/auth tables) with bottle.cred_proxy.routes — each route
declares its own path, upstream, auth_scheme, token_ref, and
optional role[]. The manifest is now the source of truth for the
proxy's runtime route table; adding an upstream is a manifest edit,
not a code change.

Agent-side rewrites move from per-kind dispatch to per-role tags
on routes:
  anthropic-base-url -> set ANTHROPIC_BASE_URL=<proxy><path>
  npm-registry       -> write ~/.npmrc registry=
  git-insteadof      -> write ~/.gitconfig [url] insteadOf, keyed
                        off route.upstream (suppressed when
                        bottle.git brokers the same host)
  tea-login          -> add a ~/.config/tea/config.yml login

Roles are a list (string accepted as sugar). A gitea route
typically carries ["git-insteadof", "tea-login"]. Singleton roles
(anthropic-base-url, npm-registry) appear on at most one route.

token_env slots are assigned per distinct TokenRef in declaration
order — two routes sharing a token_ref (e.g. github API + git
endpoints) share a slot.

Drops: TOKEN_KINDS, _KIND_ROUTES, _KIND_AUTH_SCHEME, _TOKEN_DEFAULT_HOST,
cred_proxy_route_path_for_gitea, the kind field on CredProxyUpstream,
and the kind-based hardcoding in pipelock_token_hosts (now derives
from route.UpstreamHost).

Legacy bottle.tokens manifests now die with a hint pointing at
bottle.cred_proxy.routes + this PRD. Tests rewritten end-to-end.
Docs + example.json + the dev ~/claude-bottle.json updated to match.

2026-05-13 21:49:55 -04:00

didericis

07da4366ad

test(cred_proxy): integration tests for header inject + strip (PRD 0010)

Drives DockerCredProxy.start through the production code path against
a fake upstream container running on the same egress network. The
"agent" is a curl container on the bottle's internal network — same
access topology the agent uses in production.

Covers PRD 0010 success criteria:
- SC3 (the request reaches upstream, header round-trip works)
- SC6 (inbound Authorization stripped; the proxy injects the
  configured token even when the agent tries to smuggle one in)
- partial SC2 (cred-proxy reachable by the alias from the internal
  network)
- 404 for unconfigured routes

Live-network tests against real Anthropic / GitHub / Gitea / npm
upstreams (SC4 and SC5 specifically) are deferred — the fake-upstream
shape covers the routing + header layer that's actually under test
here.

2026-05-13 16:29:10 -04:00

2 Commits