build: dynamically tangle to INSTALL_DIR without copying .org files
Some checks failed
Deploy-Agent-V15-Stdin / JOB-V15-STDIN (push) Failing after 2s
Some checks failed
Deploy-Agent-V15-Stdin / JOB-V15-STDIN (push) Failing after 2s
- Updated all 150+ :tangle headers across harness/ and skills/ to use elisp (expand-file-name) to target INSTALL_DIR dynamically. - Cleaned up environment/ directory depth by moving memory-image.lisp to state/. - Moved test scripts to tests/ and deleted redundant chat scripts.
This commit is contained in:
@@ -33,7 +33,7 @@ Securely manage all authentication tokens required for the opencortex to operate
|
||||
The vault provides a secure lookup table in RAM, backed by the persistent Memory. Access is restricted to internal kernel requests and explicitly authorized deterministic gates.
|
||||
|
||||
** 2. Semantic Interfaces
|
||||
#+begin_src lisp :tangle ./org-skill-credentials-vault.lisp
|
||||
#+begin_src lisp :tangle (expand-file-name "org-skill-credentials-vault.lisp" (concat (or (getenv "INSTALL_DIR") ".") "/skills"))
|
||||
(defun vault-get-secret (provider &key type)
|
||||
"Retrieves a secret (api-key or session) for a provider.")
|
||||
|
||||
@@ -61,13 +61,13 @@ Tests in `tests/vault-tests.lisp` will verify:
|
||||
* Phase D: Build (Implementation)
|
||||
|
||||
** Package Context
|
||||
#+begin_src lisp :tangle ./org-skill-credentials-vault.lisp
|
||||
#+begin_src lisp :tangle (expand-file-name "org-skill-credentials-vault.lisp" (concat (or (getenv "INSTALL_DIR") ".") "/skills"))
|
||||
#+end_src
|
||||
|
||||
** Vault State
|
||||
We maintain an in-memory hash table for secrets, which is hydrated from and persisted to the Memory.
|
||||
|
||||
#+begin_src lisp :tangle ./org-skill-credentials-vault.lisp
|
||||
#+begin_src lisp :tangle (expand-file-name "org-skill-credentials-vault.lisp" (concat (or (getenv "INSTALL_DIR") ".") "/skills"))
|
||||
(defvar opencortex::*vault-memory* (make-hash-table :test 'equal)
|
||||
"In-memory cache of sensitive credentials.")
|
||||
#+end_src
|
||||
@@ -75,7 +75,7 @@ We maintain an in-memory hash table for secrets, which is hydrated from and pers
|
||||
** Helper: Secret Masking
|
||||
The `vault-mask-string` function ensures that diagnostic output never contains the full plaintext of a sensitive token.
|
||||
|
||||
#+begin_src lisp :tangle ./org-skill-credentials-vault.lisp
|
||||
#+begin_src lisp :tangle (expand-file-name "org-skill-credentials-vault.lisp" (concat (or (getenv "INSTALL_DIR") ".") "/skills"))
|
||||
(defun vault-mask-string (str)
|
||||
"Returns a masked version of a sensitive string."
|
||||
(if (and str (> (length str) 8))
|
||||
@@ -86,7 +86,7 @@ The `vault-mask-string` function ensures that diagnostic output never contains t
|
||||
** Retrieval (vault-get-secret)
|
||||
This function is the secure getter for all system secrets. It prioritizes the Vault (Memory) and falls back to environment variables for legacy compatibility.
|
||||
|
||||
#+begin_src lisp :tangle ./org-skill-credentials-vault.lisp
|
||||
#+begin_src lisp :tangle (expand-file-name "org-skill-credentials-vault.lisp" (concat (or (getenv "INSTALL_DIR") ".") "/skills"))
|
||||
(defun vault-get-secret (provider &key (type :api-key))
|
||||
"Retrieves a credential. Type can be :api-key or :session."
|
||||
(let* ((key (format nil "~a-~a" provider type))
|
||||
@@ -112,7 +112,7 @@ This function is the secure getter for all system secrets. It prioritizes the Va
|
||||
** Persistence (vault-set-secret)
|
||||
When a secret is updated, we immediately snapshot the Memory to ensure the credential change is versioned and durable.
|
||||
|
||||
#+begin_src lisp :tangle ./org-skill-credentials-vault.lisp
|
||||
#+begin_src lisp :tangle (expand-file-name "org-skill-credentials-vault.lisp" (concat (or (getenv "INSTALL_DIR") ".") "/skills"))
|
||||
(defun vault-set-secret (provider secret &key (type :api-key))
|
||||
"Securely stores a secret and triggers a Merkle snapshot."
|
||||
(let ((key (format nil "~a-~a" provider type)))
|
||||
@@ -125,7 +125,7 @@ When a secret is updated, we immediately snapshot the Memory to ensure the crede
|
||||
** Onboarding Logic
|
||||
Retained from the legacy Google skill, this provides the instructions for the autonomous cookie handshake.
|
||||
|
||||
#+begin_src lisp :tangle ./org-skill-credentials-vault.lisp
|
||||
#+begin_src lisp :tangle (expand-file-name "org-skill-credentials-vault.lisp" (concat (or (getenv "INSTALL_DIR") ".") "/skills"))
|
||||
(defun vault-onboard-gemini-web ()
|
||||
"Instructions for the Autonomous Cookie Handshake."
|
||||
(harness-log "--- GEMINI WEB ONBOARDING ---")
|
||||
@@ -137,7 +137,7 @@ Retained from the legacy Google skill, this provides the instructions for the au
|
||||
#+end_src
|
||||
|
||||
** Registration
|
||||
#+begin_src lisp :tangle ./org-skill-credentials-vault.lisp
|
||||
#+begin_src lisp :tangle (expand-file-name "org-skill-credentials-vault.lisp" (concat (or (getenv "INSTALL_DIR") ".") "/skills"))
|
||||
(progn
|
||||
(defskill :skill-credentials-vault
|
||||
:priority 200 ; High priority, foundational
|
||||
@@ -153,7 +153,7 @@ Retained from the legacy Google skill, this provides the instructions for the au
|
||||
Note: Tests disabled in jail load.
|
||||
|
||||
** 1. Unit Tests (FiveAM)
|
||||
#+begin_src lisp :tangle ./org-skill-credentials-vault.lisp
|
||||
#+begin_src lisp :tangle (expand-file-name "org-skill-credentials-vault.lisp" (concat (or (getenv "INSTALL_DIR") ".") "/skills"))
|
||||
#|
|
||||
(defpackage :opencortex-vault-tests
|
||||
(:use :cl :fiveam :opencortex))
|
||||
|
||||
Reference in New Issue
Block a user