molecule-ai/molecule-ai-workspace-template-claude-code
35
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
84 Commits 9 Branches 1 Tag 384 KiB
Python 88.9%
Shell 8.7%
Dockerfile 2.4%
test/log-boot-context-bash-coverage
Go to file
Hongming Wang 227787bbbd
Some checks failed
CI / validate (push) Failing after 0s
Details
CI / Adapter unit tests (push) Failing after 6s
Details
test: bash coverage for entrypoint.sh log_boot_context() 
The Python adapter audit (test_adapter_logging.py) pins the
adapter.py side, but the entrypoint shell function fires earlier and
twice (pre-gosu + post-gosu). When the SDK import wedge keeps the
adapter from running at all, the shell emission is the operator's
only visibility into the boot env.

Eight new tests cover:
- env NAME=set / env NAME=unset shape for every audited var
- value-leak guard: secret strings never appear in output
- WORKSPACE_ID + PLATFORM_URL passthrough by value (not secret)
- <unset> fallback for missing platform identifiers
- uid/gid line shape (used to verify the privilege drop)
- dated boot banner shape (used to count restarts in a crash loop)
- cross-file gate: shell for-loop names == fixture tuple, mirroring
  test_audit_env_list_matches_entrypoint_sh's adapter.py↔shell gate

Strategy: regex-extract the function body from entrypoint.sh and run
it in a fresh /bin/sh with controlled env. We never source the whole
entrypoint because it would chown /workspace and exec molecule-runtime.

Closes the gap from task #251 (follow-up to PR #32 boot-debug logging).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-02 22:26:35 -07:00
.claude feat: initial template content (extracted from molecule-monorepo) 2026-04-16 03:05:40 -07:00
.github/workflows ci: install pyyaml so the YAML-loading test path is exercised 2026-04-30 23:40:47 -07:00
.molecule-ci/scripts docs: add CI validation scripts (#4) 2026-04-21 03:17:30 +00:00
runbooks docs: add known-issues.md and runbooks/local-dev-setup.md 2026-04-22 08:36:22 +00:00
scripts fix: wire up GitHub App token refresh — fixes #1933 2026-04-23 17:57:30 -07:00
tests test: bash coverage for entrypoint.sh log_boot_context() 2026-05-02 22:26:35 -07:00
__init__.py feat: add adapter code + Dockerfile for standalone deployment 2026-04-16 04:27:22 -07:00
.gitattributes chore: enforce LF line endings + fix entrypoint.sh CRLF 2026-04-23 17:57:57 -07:00
.gitignore chore: gitignore credentials for molecule-ai-workspace-template-claude-code 2026-04-16 09:15:36 -07:00
adapter.py feat: per-vendor env routing for third-party providers (task #244) 2026-05-02 22:20:03 -07:00
claude_sdk_executor.py chore(executor): runtime_wedge mirror follow-ups from PR #29 review 2026-05-01 18:04:24 -07:00
CLAUDE.md docs(claude): document runtime_wedge integration + dev-channels server tag 2026-05-01 20:04:11 -07:00
config.yaml feat: per-vendor env routing for third-party providers (task #244) 2026-05-02 22:20:03 -07:00
Dockerfile Merge branch 'main' into fix/wire-up-gh-token-refresh 2026-04-29 00:56:02 -07:00
entrypoint.sh feat(adapter,entrypoint): boot env audit + crash-loop diagnosis logging 2026-05-02 21:41:05 -07:00
known-issues.md fix(adapter): warn at startup if CLAUDE_CODE_OAUTH_TOKEN is absent (KI-001) 2026-04-29 01:57:16 -07:00
README.md fix: document Token Plan URL support and multi-endpoint routing 2026-04-29 16:56:43 -07:00
requirements.txt chore: bump pin to >=0.1.22 (state_transition_history fix) 2026-04-27 07:39:20 -07:00

README.md

template-claude-code-default

Molecule AI workspace template for the claude-code-default runtime.

Usage

In Molecule AI canvas

Select this template when creating a new workspace — it appears in the template picker automatically.

From a URL (community install)

Paste this URL when creating a workspace:

github://Molecule-AI/template-claude-code-default

Files

  • config.yaml — workspace configuration (runtime, model, skills, etc.)
  • system-prompt.md — agent system prompt (if present)

Auth paths

Path Env var(s) Where to get the key
OAuth (Claude Code subscription) CLAUDE_CODE_OAUTH_TOKEN claude login
Anthropic API (direct) ANTHROPIC_API_KEY console.anthropic.com
Third-party Anthropic-compat (e.g. Xiaomi MiMo pay-as-you-go) ANTHROPIC_API_KEY (provider's key) provider console
Xiaomi MiMo Token Plan ANTHROPIC_API_KEY (Token Plan key), ANTHROPIC_BASE_URL (Token Plan endpoint) token-plan dashboard

For third-party providers, entrypoint.sh rewrites ANTHROPIC_BASE_URL based on the selected MODEL so the claude CLI routes there. Currently auto-routes mimo-* models to https://api.xiaomimimo.com/anthropic (pay-as-you-go). Token Plan users should set ANTHROPIC_BASE_URL=https://token-plan-sgp.xiaomimimo.com/anthropic as a workspace or org-level secret — the shell mapping is the fallback and operator-set values always win. Other Token Plan endpoints (e.g. token-plan-hk.xiaomimimo.com) can be used by setting the secret explicitly.

Schema version

template_schema_version: 1 — compatible with Molecule AI platform v1.x.

License

Business Source License 1.1 — © Molecule AI.