fix(v0.2.0): finalize structural integrity and clean boot
Some checks failed
Deploy-Agent-V15-Stdin / JOB-V15-STDIN (push) Failing after 2s
Some checks failed
Deploy-Agent-V15-Stdin / JOB-V15-STDIN (push) Failing after 2s
- Fixed memory.org source blocks to ensure persistence functions are tangled. - Improved extract-tangle-target to handle complex Elisp expressions. - Corrected opencortex.sh initialization paths to prevent setup loops. - Reordered variable definitions in policy and standards skills to eliminate forward-reference warnings.
This commit is contained in:
@@ -1,3 +1,4 @@
|
||||
#+PROPERTY: header-args:lisp :tangle (expand-file-name "org-skill-credentials-vault.lisp" (concat (or (getenv "INSTALL_DIR") ".") "/skills"))
|
||||
:PROPERTIES:
|
||||
:ID: credentials-vault-skill
|
||||
:CREATED: [2026-04-09 Thu]
|
||||
@@ -33,7 +34,7 @@ Securely manage all authentication tokens required for the opencortex to operate
|
||||
The vault provides a secure lookup table in RAM, backed by the persistent Memory. Access is restricted to internal kernel requests and explicitly authorized deterministic gates.
|
||||
|
||||
** 2. Semantic Interfaces
|
||||
#+begin_src lisp :tangle (expand-file-name "org-skill-credentials-vault.lisp" (concat (or (getenv "INSTALL_DIR") ".") "/skills"))
|
||||
#+begin_src lisp
|
||||
(defun vault-get-secret (provider &key type)
|
||||
"Retrieves a secret (api-key or session) for a provider.")
|
||||
|
||||
@@ -61,13 +62,13 @@ Tests in `tests/vault-tests.lisp` will verify:
|
||||
* Phase D: Build (Implementation)
|
||||
|
||||
** Package Context
|
||||
#+begin_src lisp :tangle (expand-file-name "org-skill-credentials-vault.lisp" (concat (or (getenv "INSTALL_DIR") ".") "/skills"))
|
||||
#+begin_src lisp
|
||||
#+end_src
|
||||
|
||||
** Vault State
|
||||
We maintain an in-memory hash table for secrets, which is hydrated from and persisted to the Memory.
|
||||
|
||||
#+begin_src lisp :tangle (expand-file-name "org-skill-credentials-vault.lisp" (concat (or (getenv "INSTALL_DIR") ".") "/skills"))
|
||||
#+begin_src lisp
|
||||
(defvar opencortex::*vault-memory* (make-hash-table :test 'equal)
|
||||
"In-memory cache of sensitive credentials.")
|
||||
#+end_src
|
||||
@@ -75,7 +76,7 @@ We maintain an in-memory hash table for secrets, which is hydrated from and pers
|
||||
** Helper: Secret Masking
|
||||
The `vault-mask-string` function ensures that diagnostic output never contains the full plaintext of a sensitive token.
|
||||
|
||||
#+begin_src lisp :tangle (expand-file-name "org-skill-credentials-vault.lisp" (concat (or (getenv "INSTALL_DIR") ".") "/skills"))
|
||||
#+begin_src lisp
|
||||
(defun vault-mask-string (str)
|
||||
"Returns a masked version of a sensitive string."
|
||||
(if (and str (> (length str) 8))
|
||||
@@ -86,7 +87,7 @@ The `vault-mask-string` function ensures that diagnostic output never contains t
|
||||
** Retrieval (vault-get-secret)
|
||||
This function is the secure getter for all system secrets. It prioritizes the Vault (Memory) and falls back to environment variables for legacy compatibility.
|
||||
|
||||
#+begin_src lisp :tangle (expand-file-name "org-skill-credentials-vault.lisp" (concat (or (getenv "INSTALL_DIR") ".") "/skills"))
|
||||
#+begin_src lisp
|
||||
(defun vault-get-secret (provider &key (type :api-key))
|
||||
"Retrieves a credential. Type can be :api-key or :session."
|
||||
(let* ((key (format nil "~a-~a" provider type))
|
||||
@@ -112,7 +113,7 @@ This function is the secure getter for all system secrets. It prioritizes the Va
|
||||
** Persistence (vault-set-secret)
|
||||
When a secret is updated, we immediately snapshot the Memory to ensure the credential change is versioned and durable.
|
||||
|
||||
#+begin_src lisp :tangle (expand-file-name "org-skill-credentials-vault.lisp" (concat (or (getenv "INSTALL_DIR") ".") "/skills"))
|
||||
#+begin_src lisp
|
||||
(defun vault-set-secret (provider secret &key (type :api-key))
|
||||
"Securely stores a secret and triggers a Merkle snapshot."
|
||||
(let ((key (format nil "~a-~a" provider type)))
|
||||
@@ -125,7 +126,7 @@ When a secret is updated, we immediately snapshot the Memory to ensure the crede
|
||||
** Onboarding Logic
|
||||
Retained from the legacy Google skill, this provides the instructions for the autonomous cookie handshake.
|
||||
|
||||
#+begin_src lisp :tangle (expand-file-name "org-skill-credentials-vault.lisp" (concat (or (getenv "INSTALL_DIR") ".") "/skills"))
|
||||
#+begin_src lisp
|
||||
(defun vault-onboard-gemini-web ()
|
||||
"Instructions for the Autonomous Cookie Handshake."
|
||||
(harness-log "--- GEMINI WEB ONBOARDING ---")
|
||||
@@ -137,7 +138,7 @@ Retained from the legacy Google skill, this provides the instructions for the au
|
||||
#+end_src
|
||||
|
||||
** Registration
|
||||
#+begin_src lisp :tangle (expand-file-name "org-skill-credentials-vault.lisp" (concat (or (getenv "INSTALL_DIR") ".") "/skills"))
|
||||
#+begin_src lisp
|
||||
(progn
|
||||
(defskill :skill-credentials-vault
|
||||
:priority 200 ; High priority, foundational
|
||||
|
||||
Reference in New Issue
Block a user