Comparing 03576b7f72..e6643bdc4d - xworkspace-console - gitea.svc.plus

ai-workspace-lab/xworkspace-console

Author	SHA1	Message	Date
Haitao Pan	e6643bdc4d	ci: honor AI_WORKSPACE_AUTH_TOKEN from input/Vault, pass through to host (#11 ) Restore the Vault kv/CICD/AI_WORKSPACE_AUTH_TOKEN read in the deploy job (the key now exists) and resolve the bootstrap token with a clear precedence: workflow_dispatch input overrides, else Vault value, else the on-host installer's resolve_unified_auth_token reuses the persisted ~/.ai_workspace_auth_token or generates a new one. Also fix run-on-host-bootstrap.sh which silently dropped AI_WORKSPACE_AUTH_TOKEN: it is now written to the remote env payload and exported, so an input/Vault-provided token is actually honored on the host instead of being regenerated. Empty stays empty so the no-arg curl\|bash install path still self-generates. Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-28 17:02:33 +08:00
Haitao Pan	537315f0fc	ci: remove AI_WORKSPACE_AUTH_TOKEN from vault-action reads (#9 ) vault-action ignoreNotFound only suppresses path-level 404, not missing keys within an existing path. Token is now sourced exclusively from the ai_workspace_auth_token workflow_dispatch input. Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-06-28 16:55:38 +08:00
Haitao Pan	ddae3b3574	ci: simplify AI_WORKSPACE_AUTH_TOKEN input description for consistency (#7 ) Remove openssl rand -hex 32 alternative (format inconsistent with UUID output). Standardize to UUID-only generation hint matching existing input description style. Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-06-28 16:45:09 +08:00
Haitao Pan	bfbe038ab2	Release/v1.1.5 (#6 ) * ci: backport release/* source validation workflow to release/v1.1.5 (#3) 让现有 release/v1.1.5 分支自身包含门禁 workflow（pull_request_target 用 base 分支版本）。详见 iac_modules/docs/tldr-github-branch-model.md Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com> * backport: support customizable AI_WORKSPACE_AUTH_TOKEN in deployment workflow * ci: support customizable AI_WORKSPACE_AUTH_TOKEN in deployment workflow (#5) - Add AI_WORKSPACE_AUTH_TOKEN to Vault KV secret reads (provision + deploy jobs) - Add ai_workspace_auth_token as optional workflow_dispatch input parameter - Allow runtime override of auth token (input takes precedence over Vault) - Include TLDR token generation guidance in workflow description - Wire token through all-in-one bootstrap with precedence: input > Vault Co-authored-by: Claude Haiku 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-28 16:34:21 +08:00
Haitao Pan	b29b85025b	ci: support customizable AI_WORKSPACE_AUTH_TOKEN in deployment workflow (#4 ) * ci: backport release/* source validation workflow to release/v1.1.5 让现有 release/v1.1.5 分支自身包含门禁 workflow（pull_request_target 用 base 分支版本）。详见 iac_modules/docs/tldr-github-branch-model.md Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * ci: support customizable AI_WORKSPACE_AUTH_TOKEN in deployment workflow - Add AI_WORKSPACE_AUTH_TOKEN to Vault KV secret reads (provision + deploy jobs) - Add ai_workspace_auth_token as optional workflow_dispatch input parameter - Allow runtime override of auth token (input takes precedence over Vault) - Include TLDR token generation guidance in workflow description - Wire token through all-in-one bootstrap with precedence: input > Vault Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-28 16:12:49 +08:00
Haitao Pan	6eb16afb14	ci: add release/* branch source validation workflow (#2 ) release/* 仅接受 hotfix/* 或带 cherry-pick/backport 标签的 PR。详见 iac_modules/docs/tldr-github-branch-model.md Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-28 12:12:21 +08:00

Diff Content Not Available