From 5a606947b53a2ecdf60629709bca6a1987024bbd Mon Sep 17 00:00:00 2001 From: Shakker Date: Wed, 29 Apr 2026 18:55:18 +0100 Subject: [PATCH] docs: document manifest auth evidence --- CHANGELOG.md | 1 + docs/plugins/manifest.md | 39 +++++++++++++++++++++++++++++++++------ 2 files changed, 34 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8824c3bd705..59aa745efb0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -62,6 +62,7 @@ Docs: https://docs.openclaw.ai - Cron/Gateway: abort and bounded-clean up timed-out isolated agent turns before recording the timeout, so stale cron sessions cannot leave Discord or other chat lanes stuck in `processing` after a timeout. Thanks @vincentkoc. - Agents/errors: suppress malformed streaming tool-call JSON fragments before they reach chat surfaces while preserving provider request-validation diagnostics. Fixes #59076; keeps #59080 as duplicate coverage. (#59118) Thanks @singleGanghood. - CLI/models: restore provider-filtered `models list --all --provider ` rows for providers without manifest/static catalog coverage, including Anthropic and Amazon Bedrock, while keeping the compatibility fallback off expensive availability and resolver paths. Thanks @shakkernerd. +- CLI/models: move local credential evidence such as Google Vertex ADC into generic plugin manifest setup metadata so the model-list auth index stays declarative without provider-specific runtime branches. Thanks @shakkernerd. - CLI/models: compute the `models list` Auth column through one command-local provider auth index so row rendering no longer repeats auth profile, env, configured-provider, AWS, or synthetic-auth checks per model row. Thanks @shakkernerd. - CLI/models: move the OpenAI listable catalog into the plugin manifest so `models list --all --provider openai` uses the manifest fast path instead of loading provider runtime normalization hooks. Thanks @shakkernerd. - CLI/tools: keep the Gateway `tools.*` RPC namespace out of plugin command discovery and managed proxy startup, so stray commands like `openclaw tools effective` fail quickly instead of cold-loading plugin metadata. Refs #73477. Thanks @oromeis. diff --git a/docs/plugins/manifest.md b/docs/plugins/manifest.md index 579202c314f..eff5ed14b91 100644 --- a/docs/plugins/manifest.md +++ b/docs/plugins/manifest.md @@ -357,7 +357,16 @@ before runtime loads. { "id": "openai", "authMethods": ["api-key"], - "envVars": ["OPENAI_API_KEY"] + "envVars": ["OPENAI_API_KEY"], + "authEvidence": [ + { + "type": "local-file-with-env", + "fileEnvVar": "OPENAI_CREDENTIALS_FILE", + "requiresAllEnv": ["OPENAI_PROJECT"], + "credentialMarker": "openai-local-credentials", + "source": "openai local credentials" + } + ] } ], "cliBackends": ["openai-cli"], @@ -408,11 +417,29 @@ registration. These diagnostics are additive and do not reject legacy plugins. ### setup.providers reference -| Field | Required | Type | What it means | -| ------------- | -------- | ---------- | ------------------------------------------------------------------------------------ | -| `id` | Yes | `string` | Provider id exposed during setup or onboarding. Keep normalized ids globally unique. | -| `authMethods` | No | `string[]` | Setup/auth method ids this provider supports without loading full runtime. | -| `envVars` | No | `string[]` | Env vars that generic setup/status surfaces can check before plugin runtime loads. | +| Field | Required | Type | What it means | +| -------------- | -------- | ---------- | ------------------------------------------------------------------------------------------------ | +| `id` | Yes | `string` | Provider id exposed during setup or onboarding. Keep normalized ids globally unique. | +| `authMethods` | No | `string[]` | Setup/auth method ids this provider supports without loading full runtime. | +| `envVars` | No | `string[]` | Env vars that generic setup/status surfaces can check before plugin runtime loads. | +| `authEvidence` | No | `object[]` | Cheap local auth evidence checks for providers that can authenticate through non-secret markers. | + +`authEvidence` is for provider-owned local credential markers that can be +verified without loading runtime code. These checks must stay cheap and local: +no network calls, no keychain or secret-manager reads, no shell commands, and no +provider API probes. + +Supported evidence entries: + +| Field | Required | Type | What it means | +| ------------------ | -------- | ---------- | --------------------------------------------------------------------------------------------- | +| `type` | Yes | `string` | Currently `local-file-with-env`. | +| `fileEnvVar` | No | `string` | Env var containing an explicit credential file path. | +| `fallbackPaths` | No | `string[]` | Local credential file paths checked when `fileEnvVar` is absent or empty. Supports `${HOME}`. | +| `requiresAnyEnv` | No | `string[]` | At least one listed env var must be non-empty before the evidence is valid. | +| `requiresAllEnv` | No | `string[]` | Every listed env var must be non-empty before the evidence is valid. | +| `credentialMarker` | Yes | `string` | Non-secret marker returned when the evidence is present. | +| `source` | No | `string` | User-facing source label for auth/status output. | ### setup fields