mirror of
https://github.com/openclaw/openclaw.git
synced 2026-03-18 21:40:53 +00:00
a2cb81199e
* secrets: harden read-only SecretRef resolution for status and audit * CLI: add SecretRef degrade-safe regression coverage * Docs: align SecretRef status and daemon probe semantics * Security audit: close SecretRef review gaps * Security audit: preserve source auth SecretRef configuredness * changelog Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com> --------- Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
35 lines
1.3 KiB
TypeScript
35 lines
1.3 KiB
TypeScript
import { describe, expect, it } from "vitest";
|
|
import {
|
|
getAgentRuntimeCommandSecretTargetIds,
|
|
getMemoryCommandSecretTargetIds,
|
|
getSecurityAuditCommandSecretTargetIds,
|
|
} from "./command-secret-targets.js";
|
|
|
|
describe("command secret target ids", () => {
|
|
it("includes memorySearch remote targets for agent runtime commands", () => {
|
|
const ids = getAgentRuntimeCommandSecretTargetIds();
|
|
expect(ids.has("agents.defaults.memorySearch.remote.apiKey")).toBe(true);
|
|
expect(ids.has("agents.list[].memorySearch.remote.apiKey")).toBe(true);
|
|
expect(ids.has("tools.web.fetch.firecrawl.apiKey")).toBe(true);
|
|
});
|
|
|
|
it("keeps memory command target set focused on memorySearch remote credentials", () => {
|
|
const ids = getMemoryCommandSecretTargetIds();
|
|
expect(ids).toEqual(
|
|
new Set([
|
|
"agents.defaults.memorySearch.remote.apiKey",
|
|
"agents.list[].memorySearch.remote.apiKey",
|
|
]),
|
|
);
|
|
});
|
|
|
|
it("includes gateway auth and channel targets for security audit", () => {
|
|
const ids = getSecurityAuditCommandSecretTargetIds();
|
|
expect(ids.has("channels.discord.token")).toBe(true);
|
|
expect(ids.has("gateway.auth.token")).toBe(true);
|
|
expect(ids.has("gateway.auth.password")).toBe(true);
|
|
expect(ids.has("gateway.remote.token")).toBe(true);
|
|
expect(ids.has("gateway.remote.password")).toBe(true);
|
|
});
|
|
});
|