molecule-ai/molecule-core
36
0
Fork 2
Code Issues 13 Pull Requests 13 Actions 83 Packages Projects Releases Wiki Activity

fix(workspace): set git user.name/email from $GITEA_USER at boot (closes #155) #156

Merged
claude-ceo-assistant merged 1 commits from fix/workspace-persona-git-identity into main 2026-05-09 20:36:59 +00:00
Conversation 0 Commits 1 Files Changed 1 +25 -5
claude-ceo-assistant commented 2026-05-09 19:52:44 +00:00
Owner
Copy Link

What

Sets git config --global user.name and user.email from $GITEA_USER (already injected per-workspace by the provisioner) at workspace boot, so commits from a team workspace are attributed to that team's persona in Gitea instead of the founder PAT.

Why now

Today: 0 commits authored by any team persona in the last 24h, despite 8 Core-* workspaces running. Diagnosis: GITEA_USER is set correctly in env (core-lead, core-be, etc.), but git config --global user.name/user.email are unset. Even when the team unblocks on the auth chain (internal#187), they'd still push under the wrong identity.

Same fingerprint pattern that got Molecule-AI org suspended on GitHub 2026-05-06.

Risk

Low. Two-line addition guarded by [ -n "${GITEA_USER:-}" ], falls through cleanly when unset (legacy boxes). Pushes to bot.moleculesai.app email domain so agent commits are visually distinct from human commits.

Closes

Related

  • #171 (cherry-pick PR #23 dropping github-app-auth) — this PR adds an inline note that the github.com credential-helper block is post-suspension legacy; full removal stays in #171's scope.
  • internal#187 (platform /github-installation-token 500) — orthogonal fix Core-DevOps owns.

Verification

  • docker exec form of this same change applied to 8 running Core-* workspaces locally; git config -l --global shows correct per-persona identity.
  • The docker-exec band-aid resets on container restart; this PR makes it persistent through the runtime image.

Tier

tier:low — single-file boot script change, fully backwards-compatible.

## What Sets `git config --global user.name` and `user.email` from `$GITEA_USER` (already injected per-workspace by the provisioner) at workspace boot, so commits from a team workspace are attributed to that team's persona in Gitea instead of the founder PAT. ## Why now Today: 0 commits authored by any team persona in the last 24h, despite 8 Core-* workspaces running. Diagnosis: `GITEA_USER` is set correctly in env (`core-lead`, `core-be`, etc.), but `git config --global user.name`/`user.email` are unset. Even when the team unblocks on the auth chain (internal#187), they'd still push under the wrong identity. Same fingerprint pattern that got Molecule-AI org suspended on GitHub 2026-05-06. ## Risk Low. Two-line addition guarded by `[ -n "${GITEA_USER:-}" ]`, falls through cleanly when unset (legacy boxes). Pushes to `bot.moleculesai.app` email domain so agent commits are visually distinct from human commits. ## Closes - Closes #155 ## Related - #171 (cherry-pick PR #23 dropping github-app-auth) — this PR adds an inline note that the github.com credential-helper block is post-suspension legacy; full removal stays in #171's scope. - internal#187 (platform `/github-installation-token` 500) — orthogonal fix Core-DevOps owns. ## Verification - `docker exec` form of this same change applied to 8 running Core-* workspaces locally; `git config -l --global` shows correct per-persona identity. - The docker-exec band-aid resets on container restart; this PR makes it persistent through the runtime image. ## Tier `tier:low` — single-file boot script change, fully backwards-compatible.
claude-ceo-assistant added 1 commit 2026-05-09 19:52:44 +00:00
fix(workspace): set git user.name/email from $GITEA_USER at boot
Some checks failed
branch-protection drift check / Branch protection drift (pull_request) Successful in 10s
Details
Check merge_group trigger on required workflows / Required workflows have merge_group trigger (pull_request) Successful in 11s
Details
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 14s
Details
cascade-list-drift-gate / check (pull_request) Successful in 18s
Details
Check migration collisions / Migration version collision check (pull_request) Successful in 23s
Details
CI / Detect changes (pull_request) Successful in 24s
Details
E2E API Smoke Test / detect-changes (pull_request) Successful in 24s
Details
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 24s
Details
pr-guards / disable-auto-merge-on-push (pull_request) Failing after 7s
Details
Handlers Postgres Integration / detect-changes (pull_request) Successful in 22s
Details
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 16s
Details
Harness Replays / detect-changes (pull_request) Successful in 25s
Details
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 20s
Details
sop-tier-check / tier-check (pull_request) Failing after 21s
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 38s
Details
CI / Shellcheck (E2E scripts) (pull_request) Successful in 26s
Details
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 41s
Details
Ops Scripts Tests / Ops scripts (unittest) (pull_request) Successful in 1m46s
Details
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 13s
Details
Harness Replays / Harness Replays (pull_request) Successful in 9s
Details
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 1m31s
Details
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 4m8s
Details
CI / Python Lint & Test (pull_request) Successful in 8m54s
Details
CI / Canvas Deploy Reminder (pull_request) Has been skipped
Details
CI / Canvas (Next.js) (pull_request) Failing after 10m21s
Details
CI / Platform (Go) (pull_request) Successful in 13m8s
Details
CodeQL / Analyze (${{ matrix.language }}) (go) (pull_request) Failing after 22m59s
Details
CodeQL / Analyze (${{ matrix.language }}) (javascript-typescript) (pull_request) Failing after 23m26s
Details
CodeQL / Analyze (${{ matrix.language }}) (python) (pull_request) Failing after 23m31s
Details
audit-force-merge / audit (pull_request) Successful in 4s
Details
a4fc04189c 
Closes #155.

Without this, every commit from a workspace booted via the standard
provisioner lands with an empty `user.name`/`user.email` and Gitea
attributes the work to whichever PAT pushed (typically the founder's
`claude-ceo-assistant`), instead of the persona that actually authored
the commit. That's the same fingerprint pattern that got us suspended
on GitHub 2026-05-06.

GITEA_USER is already injected per-workspace by the provisioner from
workspace_secrets (verified: 8/8 Core-* workspaces have it set,
correctly-named, on operator + local). Boot picks it up unconditionally;
falls through cleanly if unset (e.g. legacy boxes without persona
identity wiring).

Email uses `bot.moleculesai.app` so agent commits are visually distinct
from human-authored commits in Gitea history. The `gitconfig` copy from
`/root/.gitconfig` to `/home/agent/.gitconfig` is now unconditional —
previously it was nested inside the `molecule-git-token-helper.sh`
block, which meant the per-persona identity wouldn't propagate to the
agent user when the helper was unavailable.

Also added an inline note that the github.com credential-helper block
is post-suspension legacy. Full removal tracked under #171; this PR
deliberately doesn't touch it (smaller blast radius).

Tested: docker exec sets the same config in 8 running Core-* workspaces
locally and they pick up correct identity for `git config -l`. Will
reset when those containers restart, hence this PR for the persistent
fix.
hongming approved these changes 2026-05-09 20:27:01 +00:00
claude-ceo-assistant merged commit 6193f67bc0 into main 2026-05-09 20:36:59 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
hongming
Labels
Clear labels   
release-blocker

Blocks the staging→main promotion / a release

  
security

   
tier:high

High risk per dev-sop §SOP-6 — ceo only, 24h cooldown

  
tier:low

Low risk per dev-sop §SOP-6 — engineers/managers/ceo can approve

  
tier:medium

Medium risk per dev-sop §SOP-6 — managers/ceo can approve

No Label
release-blocker
security
tier:high
tier:low
tier:medium
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: molecule-ai/molecule-core#156
No description provided.
Delete Branch "fix/workspace-persona-git-identity"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?