^D Document injection-policy schema + doc/parser drift check (E5)#391
Conversation
|
@codex review |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 3873765106
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 3873765106
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
Fixed: added a scope note (outside the schema markers, so the drift check is unaffected) clarifying the credential-entry table is the post-resolution injection-policy key set, and that resolver-backed sources additionally accept |
|
@codex review |
|
Codex Review: Didn't find any major issues. Keep them coming! Reviewed commit: ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
… (docs/injection-policy.md annotates every accepted key per section; a white-box test (schema_doc_drift_test.go) cross-checks the documented keys against the validator's allowed-key sets so the doc can't silently drift from the parser; the render_*.go change is a behavior-preserving extraction of the inline mapKeysSet allowed-key literals into package-level vars so both the validator and the drift test read one source - same keys, no runtime change) (drift check green + negative-tested, behavior-preserving var extraction; user-visible operator security docs are the primary deliverable, refactor is supporting)
…P2) (the credential-entry table is machine-checked against the injection renderer's post-resolution key set (source/providers/modes), but resolver-backed sources like codex-home-auth-file/claude-macos-keychain also accept resolver and materialization in internal/authresolve before resolution - adding those rows would break the drift check, so add a prose scope note (outside the schema markers) clarifying the table is post-resolution and pointing to the resolver keys) (drift check + markdownlint green; doc accuracy for the resolver workflow)
|
Rebased onto main (now includes the Cloudflare CDN mirror fix #392) so CI builds on the reliable mirror. Content unchanged from the prior LGTM — just re-based. |
|
@codex review |
5033508 to
6ea5aaf
Compare
|
Codex Review: Didn't find any major issues. What shall we delve into next? Reviewed commit: ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
… (the schema examples used /home/op/... absolute paths, which check-public-repo-hygiene.sh flags as machine-specific home paths - the failure was masked while the Debian-mirror outage blocked Validate from running; switch to the sanctioned /home/example placeholder the check allowlists) (hygiene/drift/markdownlint green; docs-only example-path fix)
|
@codex review |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 45c4cb0cd1
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
…a (P2) (drift check exercises the new credentials-entry-resolver scope + negative-tested, go test green for internal/injection and internal/authresolve, markdownlint/doc-links/hygiene clean; the doc table is the user-visible deliverable, the CredentialEntryKeys export is a read-only rename supporting the drift test) The credentials-entry table was machine-checked only against the injection renderer's post-resolution key set (source/providers/modes), leaving the resolver entry form (resolver/materialization, accepted by internal/authresolve before rendering) undocumented and unchecked. Add a separate machine-checked credentials-entry-resolver table for the pre-resolution form, split the prose into pre- vs post-resolution stages, export authresolve.CredentialEntryKeys read-only so the drift test grounds the new scope against the real parser set, and wire the credentials-entry-resolver scope into schemaScopeSets. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
Fixed: split the credential-entry schema into two machine-checked tables — a pre-resolution resolver form (source/resolver/materialization/providers/modes, checked against the now-exported authresolve.CredentialEntryKeys) and the post-resolution rendered form (source/providers/modes). Both are drift-checked; negative control confirmed the new scope guards. go test (injection+authresolve)/markdownlint/links/hygiene green. |
|
@codex review |
|
Codex Review: Didn't find any major issues. Swish! Reviewed commit: ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
E5 (v0.14): injection-policy schema documentation + drift guard.
What
docs/injection-policy.mddocuments every accepted key of the injection policy, per section (credentials, copies, network, ssh).internal/injection/schema_doc_drift_test.gois a white-box test that cross-checks the documented keys against the validator's allowed-key sets, so the doc cannot silently drift from the parser.render_*.gochange is a behavior-preserving extraction of the inlinemapKeysSet(...)allowed-key literals into package-level vars, so the validator and the drift test read a single source of truth (same keys, no runtime change).Validation
go test ./internal/injection/(incl. the drift check + its negative cases), markdownlint, doc-links — all green. 375 lines / 6 files.🤖 Generated with Claude Code