vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-14 02:31:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
28,549 Commits 1,274 Branches 107 Tags
4329d94de3a71803db177ee50af68eb75d7ea06b
Commit Graph

9 Commits

Author SHA1 Message Date
Vincent Koc
d5ed6d26e9 chore(plugins): bulk add package boundary tsconfig rollout 2026-04-07 08:48:23 +01:00
Peter Steinberger
54cd8ed25b refactor: dedupe extension error formatting 2026-04-07 05:06:54 +01:00
Peter Steinberger
8b79cbcd06 build(plugins): align package versions to 2026.4.6 2026-04-06 17:05:30 +01:00
Peter Steinberger
af62a2c2e4 style: fix extension lint violations 2026-04-06 14:53:55 +01:00
wirjo
0793136c63 feat(bedrock-mantle): add IAM credential auth via @aws/bedrock-token-… (#61563) 
* feat(bedrock-mantle): add IAM credential auth via @aws/bedrock-token-generator

Mantle previously required a manually-created API key (AWS_BEARER_TOKEN_BEDROCK).
This adds automatic bearer token generation from IAM credentials using the
official @aws/bedrock-token-generator package.

Auth priority:
1. Explicit AWS_BEARER_TOKEN_BEDROCK env var (manual API key from Console)
2. IAM credentials via getTokenProvider() → Bearer token (instance roles,
   SSO profiles, access keys, EKS IRSA, ECS task roles)

Token is cached in memory (1hr TTL, generated with 2hr validity) and in
process.env.AWS_BEARER_TOKEN_BEDROCK for downstream sync reads.

Falls back gracefully when package is not installed or credentials are
unavailable — Mantle provider simply not registered.

Closes #45152

* fix(bedrock-mantle): harden IAM auth

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-04-06 01:41:24 +01:00
Peter Steinberger
ce8492f9a0 chore: bump version to 2026.4.5 2026-04-05 21:33:04 +01:00
Ayaan Zaidi
75752a862d fix(plugins): add required bedrock mantle config schema 2026-04-05 18:11:37 +05:30
Vincent Koc
fc9648b620 docs: add Bedrock inference profiles and Bedrock Mantle provider coverage, re-sort changelog 2026-04-05 13:04:47 +01:00
wirjo
dbac5fa258 feat(bedrock): add Bedrock Mantle (OpenAI-compatible) provider (#61296) 
* feat(bedrock): add Bedrock Mantle (OpenAI-compatible) provider

New amazon-bedrock-mantle extension that provides auto-discovery and
authentication for Amazon Bedrock Mantle endpoints.

Mantle (bedrock-mantle.<region>.api.aws) is Amazon Bedrock's OpenAI-
compatible API surface, separate from the existing bedrock-runtime
(ConverseStream) endpoint. It has its own model catalog including
models not available via ConverseStream (e.g. openai.gpt-oss-120b,
mistral.devstral-2-123b).

Extension structure:
- discovery.ts: Model discovery via GET /v1/models (OpenAI format),
  bearer token resolution, implicit provider configuration
- register.sync.runtime.ts: Provider registration with catalog,
  error classification (rate limits, context overflow)
- openclaw.plugin.json: Plugin manifest, enabledByDefault

Auth support:
- Long-lived Bedrock API key (AWS_BEARER_TOKEN_BEDROCK env var)
  created from the AWS Console → used directly as Bearer token
- Pre-generated SigV4-derived tokens (via aws-bedrock-token-generator)
  set in AWS_BEARER_TOKEN_BEDROCK → works transparently

Provider config (auto-resolved when AWS_BEARER_TOKEN_BEDROCK is set):
  api: "openai-completions"
  baseUrl: "https://bedrock-mantle.<region>.api.aws/v1"
  auth: "api-key" (bearer token)

Available in 12 regions: us-east-1, us-east-2, us-west-2,
ap-northeast-1, ap-south-1, ap-southeast-3, eu-central-1,
eu-west-1, eu-west-2, eu-south-1, eu-north-1, sa-east-1

Tests: 15 passing (13 discovery + 2 plugin registration)

* chore(bedrock): clarify mantle bearer auth scope

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-04-05 12:53:54 +01:00