feat: add oneclaw module for 1Claw MCP integration#845
Closed
kmjones1979 wants to merge 2 commits intocoder:mainfrom
Closed
feat: add oneclaw module for 1Claw MCP integration#845kmjones1979 wants to merge 2 commits intocoder:mainfrom
kmjones1979 wants to merge 2 commits intocoder:mainfrom
Conversation
Add kmjones1979 namespace and oneclaw module, ported from 1clawAI/1claw-coder-workspace-module. Provides vault-backed secrets and MCP server config for AI coding agents in Coder workspaces. - Namespace: kmjones1979 (avatar from GitHub) - Module: oneclaw with three provisioning modes (terraform-native, shell bootstrap, manual) - Tests: main.tftest.hcl (5 runs) and main.test.ts (5 tests) - Scripts: provision.sh, bootstrap.sh, setup.sh Made-with: Cursor
Made-with: Cursor
Author
|
Any feedback on this PR? I would be happy to adjust if anything is needed. Thanks. |
Collaborator
|
@kmjones1979 I took a look at the changes, and I would like you to take a look at some of our modules in our coder namespace for a reference on what the structure should look like. Generally in almost all cases you would just have: This is split up way more than usual, and does not follow the standards. If you use the new module script to scaffold this you might see what I mean here. |
Collaborator
|
I would resubmit this, but please follow the module style and schema, the scaffolding scripts definitely will help here |
kmjones1979
added a commit
to kmjones1979/registry
that referenced
this pull request
Apr 22, 2026
…dling Addresses reviewer feedback on closed PR coder#845 that the module was "split up way more than usual" and did not follow the registry module schema. Structure (matches the coder/ namespace conventions): - Collapse variables.tf + outputs.tf into main.tf - Merge scripts/bootstrap.sh + scripts/setup.sh into a single scripts/run.sh executed by a single coder_script - Remove Terraform-native provisioning mode (scripts/provision.sh, null_resource.provision, master_api_key): it relied on local-exec writing a state file to the provisioner's cwd, which is ephemeral inside Coder template provisioners and therefore cannot round-trip credentials into coder_env - Keep two supported modes: bootstrap (human 1ck_ key, recommended) and manual (pre-provisioned scoped ocv_ key) Security hardening for the 1ck_ human bootstrap key: - Deliver the key via a sensitive coder_env (_ONECLAW_HUMAN_API_KEY) instead of templatefile() substitution, so the literal key never appears in the rendered script body stored in Terraform state or logged to the workspace's /tmp/coder-agent.log - Send the key to the 1Claw auth endpoint via curl --data-binary @- from stdin so it does not appear in process argv (ps/proc/cmdline) - Unset HUMAN_KEY and _ONECLAW_HUMAN_API_KEY as soon as auth completes so downstream processes do not inherit the key - Only the scoped ocv_ agent key and vault id are persisted to ~/.1claw/bootstrap.json and the MCP config files - README documents post-bootstrap cleanup (set human_api_key = "" once the state file exists) and the full security guarantees Tested end-to-end against a local Coder server with real 1Claw credentials: first boot, idempotent restart, and post-bootstrap cleanup all succeed and leave no copy of the 1ck_ value anywhere on the workspace filesystem or in its process environments. Made-with: Cursor
8 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Files added
All under
registry/kmjones1979/:README.md,.images/avatar.png(from GitHub)modules/oneclaw/):main.tf,variables.tf,outputs.tf,README.mdscripts/provision.sh,scripts/bootstrap.sh,scripts/setup.shmain.tftest.hcl(5 plan runs),main.test.ts(5 bun tests)No shared repo files were modified.
Test plan
terraform validatepassesterraform testpasses (Terraform 1.14 via Docker)bun test main.test.tspasses (5/5).shfilesbun run fmtappliedGenerated with Cursor using Claude
Made with Cursor