chore(#1763): remove stale OPENSHELL_SSH_HANDSHAKE_SECRET references#1769
Open
fullsend-ai-coder[bot] wants to merge 1 commit into
Open
chore(#1763): remove stale OPENSHELL_SSH_HANDSHAKE_SECRET references#1769fullsend-ai-coder[bot] wants to merge 1 commit into
fullsend-ai-coder[bot] wants to merge 1 commit into
Conversation
OpenShell v0.0.42 removed shared-secret SSH authentication (OPENSHELL_SSH_HANDSHAKE_SECRET) in favor of per-sandbox JWT auth. Fullsend still set this variable in two places: - action.yml: generated and masked the secret for CI runs - docs/guides/user/running-agents-locally.md: instructed users to set it for local development Remove both references. No OPENSHELL_SSH_HANDSHAKE_SKEW_SECS references were found. This is a prerequisite for bumping the OpenShell version past v0.0.38 (#1767). Note: make lint could not run in sandbox (Go toolchain permission error). Only YAML and Markdown files changed; YAML syntax validated with pyyaml. Closes #1763
Site previewPreview: https://561ae488-site.fullsend-ai.workers.dev Commit: |
ReviewFindingsLow
Info
|
![fullsend-ai-review[bot]](https://avatars.githubusercontent.com/in/3478501?s=60&v=4){kind=small}
|
|
||
| export OPENSHELL_SSH_HANDSHAKE_SECRET="ci-$(openssl rand -hex 16)" | ||
| echo "::add-mask::${OPENSHELL_SSH_HANDSHAKE_SECRET}" | ||
| # Version-tagged images start at 0.0.41; for 0.0.38 use the release commit SHA. |
There was a problem hiding this comment.
[low] api-contract
This PR removes OPENSHELL_SSH_HANDSHAKE_SECRET while OpenShell remains pinned at v0.0.38. Evidence strongly suggests v0.0.38 treats the variable as optional (gateway invoked without --ssh-handshake-secret flag, issue frames this as prerequisite, CI tests pass). The version upgrade (#1767) should follow promptly.
fullsend-ai-review
Bot
added
the
ready-for-merge
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
OpenShell v0.0.42 removed shared-secret SSH authentication (OPENSHELL_SSH_HANDSHAKE_SECRET) in favor of per-sandbox JWT auth. Fullsend still set this variable in two places:
users to set it for local development
Remove both references. No OPENSHELL_SSH_HANDSHAKE_SKEW_SECS references were found. This is a prerequisite for bumping the OpenShell version past v0.0.38 (#1767).
Note: make lint could not run in sandbox (Go toolchain permission error). Only YAML and Markdown files changed; YAML syntax validated with pyyaml.
Closes #1763
Post-script verification
agent/1763-remove-handshake-secret)027de9f0879a2099426e24831e8077030ac79837..HEAD)