forked from molecule-ai/molecule-core
eec59fe63b
Container rebuild or volume wipe caused workspaces to lose /configs/.auth_token. On re-registration the platform returned no auth_token (HasAnyLiveToken==true → no re-issue), leaving the workspace unable to authenticate any subsequent API call. Fix: provisionWorkspaceOpts now calls issueAndInjectToken before Start(). This revokes any existing live tokens (plaintext is irrecoverable from the stored hash, so rotation is the only safe path) and issues a fresh token that is written into cfg.ConfigFiles[".auth_token"]. WriteFilesToContainer delivers it to /configs immediately after ContainerStart, racing safely ahead of the Python adapter's 1-2s startup time. Failure modes are soft: revoke or issue errors skip injection with a warning; provisioning continues and the workspace recovers on the next restart. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| bundle | ||
| channels | ||
| crypto | ||
| db | ||
| envx | ||
| events | ||
| handlers | ||
| metrics | ||
| middleware | ||
| models | ||
| plugins | ||
| provisioner | ||
| registry | ||
| router | ||
| scheduler | ||
| supervised | ||
| ws | ||
| wsauth | ||