forked from molecule-ai/molecule-core
784376f19f
#612 added AdminAuth to GET /admin/workspaces/:id/test-token, breaking the chicken-and-egg bootstrap that E2E tests rely on: 1. POST /workspaces creates first workspace (fail-open, no tokens) 2. Provision generates a workspace auth token → inserts into DB 3. AdminAuth now sees a live token → requires auth on ALL routes 4. E2E calls test-token to get its first admin bearer → 401 5. All subsequent E2E calls fail → EVERY open PR CI blocked The test-token handler already has its own production guard (TestTokensEnabled returns false when MOLECULE_ENV=prod). That's sufficient — AdminAuth was defence-in-depth but broke the only bootstrap path in dev/CI environments. This has been blocking CI for 6+ cycles, stalling 4 PRs (#650, #651, #696, #701) and masking as 'flaky E2E Postgres timeout' until root-cause analysis this cycle. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| cmd/server | ||
| internal | ||
| migrations | ||
| pkg/provisionhook | ||
| Dockerfile | ||
| Dockerfile.tenant | ||
| entrypoint-tenant.sh | ||
| go.mod | ||
| go.sum | ||