ClusterCockpit/cc-backend
1
0
Fork 0
mirror of https://github.com/ClusterCockpit/cc-backend synced 2026-06-26 12:20:36 +02:00
Code Issues Packages Releases Activity

Checkpoint: 78d927d6aca2

Browse Source 
Entire-Session: ff60049e-0295-4c11-91d2-df6328961aca
Entire-Strategy: manual-commit
Entire-Agent: Claude Code
Ephemeral-branch: entire/3bfd3d0-e3b0c4
This commit is contained in:
Jan Eitzinger
2026-06-17 09:04:04 +02:00
parent 08bb471866
commit 173379c69e
5 changed files with 169 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
78/d927d6aca2/0/content_hash.txt
+1
View File
@@ -0,0 +1 @@
sha256:8415bdd9b4e1e1fe344fb08566fb668f72874316e03eb9f3f59fa0f1e4336d5d
78/d927d6aca2/0/full.jsonl
+109
View File
File diff suppressed because one or more lines are too long
78/d927d6aca2/0/metadata.json
+32
View File
@@ -0,0 +1,32 @@
{
"cli_version": "0.7.6",
"checkpoint_id": "78d927d6aca2",
"session_id": "ff60049e-0295-4c11-91d2-df6328961aca",
"strategy": "manual-commit",
"created_at": "2026-06-17T07:04:04.005435Z",
"branch": "feature/283-remove-env-file-support",
"checkpoints_count": 1,
"files_touched": [],
"agent": "Claude Code",
"model": "",
"turn_id": "4a4678c20bbd",
"token_usage": {
"input_tokens": 5321,
"cache_creation_tokens": 87360,
"cache_read_tokens": 665424,
"output_tokens": 16424,
"api_call_count": 16
},
"prompt_attributions": [
{
"checkpoint_number": 1,
"user_lines_added": 48,
"user_lines_removed": 0,
"agent_lines_added": 0,
"agent_lines_removed": 0,
"user_added_per_file": {
".claude/settings.local.json": 48
}
}
]
}
78/d927d6aca2/0/prompt.txt
+4
View File
@@ -0,0 +1,4 @@
We want to replace .env file support by a layered approach with secrets put into config and load secrets from env variables takes precendence. Error if neither is present. A Claude review of the approach added the following points: Use a separate, gitignored config overlay for local dev secrets (e.g. config.local.yaml merged over config.yaml) rather than embedding secret fields in the base config struct path. Keeps the separation clean.
Add a startup validation function that checks every required secret resolves to a non-empty string, reports all missing ones at once (not just the first), and logs the source of each secret at debug level (resolved DB_PASSWORD from environment vs from config).
Explicitly block config-sourced secrets in production with a runtime guard, not just documentation.
Document the resolution order in the README and in a comment near the resolution logic — future maintainers will thank you. . Analyse the situation and make a plan.