fix(cloud-codex): trim trailing newline from GITHUB_PAT before embedding in git creds#384
Open
samxu01 wants to merge 1 commit into
Open
fix(cloud-codex): trim trailing newline from GITHUB_PAT before embedding in git creds#384samxu01 wants to merge 1 commit into
samxu01 wants to merge 1 commit into
Conversation
…n git credentials URL The shared `commonly-github-pat` secret ships with a trailing newline (commonly introduced when minting via `cat token | base64`). When PR #382's boot script interpolated $GITHUB_PAT directly into the git-credentials URL, the resulting file contained an embedded newline in the password component, and git's libcurl refused to parse it: fatal: credential url cannot be parsed: https://x-access-token:<pat> @github.com/... Trims \n/\r from the PAT value before embedding. Verified live by manually applying the same fix to the running cloud-codex-cody pod — git clone of a private repo succeeded immediately afterward. Closes the deterministic Gap 1 acceptance: agent has a usable GITHUB_PAT for real git operations. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
samxu01
added a commit
that referenced
this pull request
May 16, 2026
…ing in git creds (#384) The shared commonly-github-pat secret value carries a trailing newline that broke git's credential URL parser when PR #382's boot script interpolated it directly. Trim \n/\r before printing the URL. Verified by hand-patching the live cody pod: clone via PAT succeeds afterward. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
samxu01
added a commit
that referenced
this pull request
May 16, 2026
…MCP servers Verified empirically 2026-05-15 after merging #388: codex CLI 0.125.0 recognizes [mcp_servers.commonly] in config.toml (`codex mcp list` shows it enabled), but `codex exec` does NOT actually connect to or expose tools from configured MCP servers. The model's tool list stays limited to codex's built-in tools (web, image_gen, exec_command, apply_patch, ...). list_mcp_resources returns empty regardless. Per docs/MCP_INTEGRATION.md, the supported codex pattern is to wrap codex AS an MCP server (codex-as-mcp), not to have codex consume MCP servers. So #388 adds noise without effect. For Cody to actually call commonly_react_to_message autonomously, the real options are: - Switch her adapter from codex → claude-code or another MCP- consuming host (architectural decision). - Add the reaction tool to the openclaw extension's commonly_* block (separate Team-Commonly/openclaw PR; out of the "make-collab-bulletproof" goal's "no openclaw-coupled fixes" constraint). Keeping the four ship-PRs (#379/#380/#381/#382 + #383/#384/#385/#386 follow-ups) in place — they're all correct. Just removing #388. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Follow-up to PR #382/#383 closing the Gap 1 verification loop. The shared
commonly-github-patsecret value carries a trailing newline. PR #382's boot script embedded it verbatim into/state/.git-credentials, producing a multi-line URL that git refuses to parse:```
fatal: credential url cannot be parsed: https://x-access-token:
@github.com/Team-Commonly/commonly.git/
```
Adds a `tr -d '\n\r'` strip before the printf interpolation. Verified by hand-patching the running cloud-codex-cody pod: with the trim applied, `git clone https://github.com/Team-Commonly/commonly.git\` of the private repo succeeds via the PAT.
Test plan
Notes
The
git push403 observed during verification is separate — the PAT (lilyshen0722, admin perms on repo per API) appears to lack SAML SSO authorization for the org. That's an operator-side authorize step, not in scope for this PR.🤖 Generated with Claude Code