github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-09 21:24:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(daemon): preserve envfile auth provenance

Browse Source
This commit is contained in:
Peter Steinberger
2026-03-08 00:56:50 +00:00
parent ad052d661b
commit a2cb80b9c4
7 changed files with 120 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/daemon/service-audit.test.ts
View File

@@ -126,6 +126,30 @@ describe("auditGatewayServiceConfig", () => {
audit.issues.some((issue) => issue.code === SERVICE_AUDIT_CODES.gatewayTokenMismatch),
).toBe(false);
});
it("does not treat EnvironmentFile-backed tokens as embedded", async () => {
const audit = await auditGatewayServiceConfig({
env: { HOME: "/tmp" },
platform: "linux",
expectedGatewayToken: "new-token",
command: {
programArguments: ["/usr/bin/node", "gateway"],
environment: {
PATH: "/usr/local/bin:/usr/bin:/bin",
OPENCLAW_GATEWAY_TOKEN: "old-token",
},
environmentValueSources: {
OPENCLAW_GATEWAY_TOKEN: "file",
},
},
});
expect(
audit.issues.some((issue) => issue.code === SERVICE_AUDIT_CODES.gatewayTokenEmbedded),
).toBe(false);
expect(
audit.issues.some((issue) => issue.code === SERVICE_AUDIT_CODES.gatewayTokenMismatch),
).toBe(false);
});
});
describe("checkTokenDrift", () => {