Files
nousresearch--hermes-agent/tests/test_env_loader_op_bootstrap.py
wehub-resource-sync b4fbd6fe9f
Deploy Site / deploy-vercel (push) Has been skipped
Deploy Site / deploy-docs (push) Has been skipped
Build Skills Index / build-index (push) Has been skipped
Build Skills Index / trigger-deploy (push) Waiting to run
CI / Deny unrelated histories (push) Has been skipped
CI / CI timing report (push) Blocked by required conditions
CI / Detect affected areas (push) Successful in 27m35s
CI / OSV scan (push) Failing after 4s
CI / Build&Test Docker image (push) Successful in 9s
CI / Supply-chain scan (push) Has been skipped
CI / Lint Docker scripts (push) Failing after 5m13s
CI / Check contributors (push) Failing after 12m8s
CI / Docs Site (push) Failing after 12m8s
CI / TypeScript (push) Failing after 12m8s
CI / Python lints (push) Failing after 12m9s
CI / Python tests (push) Failing after 12m9s
CI / Check uv.lock (push) Failing after 23m22s
CI / All required checks pass (push) Waiting to run
chore: import upstream snapshot with attribution
2026-07-13 11:56:03 +08:00

166 lines
6.0 KiB
Python

"""Tests for the 1Password bootstrap-token reliability patches.
Two behaviours are covered:
1. ``load_hermes_dotenv()`` auto-loads ``~/.hermes/.op.env`` so the
``OP_SERVICE_ACCOUNT_TOKEN`` bootstrap token is available to
``apply_onepassword_secrets()`` in cron / subprocess / macOS / Docker
contexts that inherit no shell state (no systemd EnvironmentFile, no
``op run``). ``.op.env`` must never override a token already present
in the environment (e.g. injected by a systemd ``EnvironmentFile``).
2. ``credential_pool._seed_from_env`` (via the inner
``_get_env_prefer_dotenv``) must prefer an already-resolved value from
``os.environ`` over a raw ``op://`` reference still sitting in ``.env``,
while leaving the normal ``.env``-takes-precedence behaviour untouched
for every non-``op://`` value.
These stay fully hermetic — the real ``op`` binary is never invoked and no
1Password integration is enabled.
"""
from __future__ import annotations
import os
import sys
from pathlib import Path
from unittest import mock
import pytest
# Make the worktree importable without depending on the installed wheel.
ROOT = Path(__file__).resolve().parents[1]
if str(ROOT) not in sys.path:
sys.path.insert(0, str(ROOT))
from hermes_cli import env_loader # noqa: E402
import agent.credential_pool as credential_pool # noqa: E402
@pytest.fixture(autouse=True)
def _isolate_op_token(monkeypatch):
"""Each test starts with OP_SERVICE_ACCOUNT_TOKEN unset and a clean cache."""
monkeypatch.delenv("OP_SERVICE_ACCOUNT_TOKEN", raising=False)
env_loader.reset_secret_source_cache()
yield
env_loader.reset_secret_source_cache()
# ---------------------------------------------------------------------------
# Patch 1 — .op.env bootstrap-token auto-load
# ---------------------------------------------------------------------------
def test_op_env_autoloads_bootstrap_token_in_cron_context(tmp_path, monkeypatch):
"""A fresh interpreter (no inherited shell state) picks up the token."""
home = tmp_path / ".hermes"
home.mkdir()
# .env carries user secrets / op:// references but NOT the bootstrap token.
(home / ".env").write_text("FOO=bar\n", encoding="utf-8")
# The gitignored .op.env holds only the service-account token.
(home / ".op.env").write_text(
"OP_SERVICE_ACCOUNT_TOKEN=test-token\n", encoding="utf-8"
)
assert os.environ.get("OP_SERVICE_ACCOUNT_TOKEN") is None
env_loader.load_hermes_dotenv(hermes_home=home)
assert os.environ["OP_SERVICE_ACCOUNT_TOKEN"] == "test-token"
def test_op_env_does_not_override_existing_token(tmp_path, monkeypatch):
"""A token already in the environment (e.g. systemd EnvironmentFile) wins."""
home = tmp_path / ".hermes"
home.mkdir()
(home / ".env").write_text("FOO=bar\n", encoding="utf-8")
(home / ".op.env").write_text(
"OP_SERVICE_ACCOUNT_TOKEN=test-token\n", encoding="utf-8"
)
monkeypatch.setenv("OP_SERVICE_ACCOUNT_TOKEN", "live-token")
env_loader.load_hermes_dotenv(hermes_home=home)
# override=False AND the explicit guard both protect the live token.
assert os.environ["OP_SERVICE_ACCOUNT_TOKEN"] == "live-token"
def test_missing_op_env_is_a_noop(tmp_path):
"""No .op.env present must not raise and must not invent a token."""
home = tmp_path / ".hermes"
home.mkdir()
(home / ".env").write_text("FOO=bar\n", encoding="utf-8")
env_loader.load_hermes_dotenv(hermes_home=home)
assert os.environ.get("OP_SERVICE_ACCOUNT_TOKEN") is None
# ---------------------------------------------------------------------------
# Patch 2 — credential_pool prefers resolved value over raw op:// ref
# ---------------------------------------------------------------------------
def _seed_openrouter_token(monkeypatch, dotenv_value, environ_value):
"""Drive _seed_from_env('openrouter') and return the seeded access_token.
_get_env_prefer_dotenv is a closure inside _seed_from_env, so we exercise
it through the openrouter seeding path, which calls
_get_env_prefer_dotenv('OPENROUTER_API_KEY') and stores the result as the
pooled credential's access_token.
"""
monkeypatch.setattr(
credential_pool,
"load_env",
lambda: {"OPENROUTER_API_KEY": dotenv_value},
)
if environ_value is None:
monkeypatch.delenv("OPENROUTER_API_KEY", raising=False)
else:
monkeypatch.setenv("OPENROUTER_API_KEY", environ_value)
# Never treat the synthetic source as suppressed.
monkeypatch.setattr(
"hermes_cli.auth.is_source_suppressed", lambda _p, _s: False
)
entries: list = []
changed, sources = credential_pool._seed_from_env("openrouter", entries)
assert changed and entries, "expected a seeded openrouter credential"
return entries[0].access_token
def test_credential_pool_prefers_resolved_env_over_raw_op_ref(monkeypatch):
"""A raw op:// reference in .env must lose to the resolved os.environ value."""
token = _seed_openrouter_token(
monkeypatch,
dotenv_value="op://Vault/Item/field",
environ_value="resolved-value",
)
assert token == "resolved-value"
def test_credential_pool_still_prefers_dotenv_for_non_op_values(monkeypatch):
"""Regression guard: .env still beats os.environ for ordinary values."""
token = _seed_openrouter_token(
monkeypatch,
dotenv_value="dotenv-value",
environ_value="shell-value",
)
assert token == "dotenv-value"
def test_credential_pool_falls_back_to_env_when_dotenv_is_only_op_ref(monkeypatch):
"""An unresolved op:// in .env with no resolved env value yields the raw ref.
This is the pre-resolution / misconfigured edge: there is nothing better
to return, so behaviour is unchanged (the raw reference is surfaced rather
than silently dropping the credential).
"""
token = _seed_openrouter_token(
monkeypatch,
dotenv_value="op://Vault/Item/field",
environ_value=None,
)
assert token == "op://Vault/Item/field"