Hongming Wang a79366a04a fix(security): tenant CPProvisioner attaches CP bearer on all calls ... Completes the C1 integration (PR #50 on molecule-controlplane). The CP now requires Authorization: Bearer <PROVISION_SHARED_SECRET> on all three /cp/workspaces/* endpoints; without this change the tenant-side Start/Stop/IsRunning calls would all 401 (or 404 when the CP's routes refused to mount) and every workspace provision from a SaaS tenant would silently fail. Reads MOLECULE_CP_SHARED_SECRET, falling back to PROVISION_SHARED_SECRET so operators can use one env-var name on both sides of the wire. Empty value is a no-op: self-hosted deployments with no CP or a CP that doesn't gate /cp/workspaces/* keep working as before. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>		2026-04-19 01:53:12 -07:00
..
cmd/server	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00
internal	fix(security): tenant CPProvisioner attaches CP bearer on all calls	2026-04-19 01:53:12 -07:00
migrations	Merge pull request #976 from Molecule-AI/feat/last-outbound-at-817	2026-04-19 00:30:01 -07:00
pkg/provisionhook	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00
.gitignore	chore: final open-source cleanup — binary, stale paths, private refs	2026-04-18 00:38:55 -07:00
Dockerfile	fix: Dockerfile go.sum path after platform → workspace-server rename	2026-04-18 00:31:16 -07:00
Dockerfile.tenant	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00
entrypoint-tenant.sh	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00
go.mod	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00
go.sum	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00