mirror of
https://github.com/openclaw/openclaw.git
synced 2026-07-09 15:59:30 +00:00
fix(release): hydrate fresh Anthropic OAuth access
This commit is contained in:
parent
a467ceb523
commit
96e676c2b3
2 changed files with 39 additions and 1 deletions
|
|
@ -28,6 +28,38 @@ write_secret_file() {
|
|||
chmod 600 "$destination"
|
||||
}
|
||||
|
||||
activate_claude_oauth_access_token() {
|
||||
local credentials="${OPENCLAW_CLAUDE_CREDENTIALS_JSON:-}"
|
||||
if [[ -z "$credentials" ]]; then
|
||||
return
|
||||
fi
|
||||
|
||||
local access_token expires_at now_ms
|
||||
local min_remaining_ms="$(( 90 * 60 * 1000 ))"
|
||||
access_token="$(jq -r '.claudeAiOauth.accessToken // empty' <<<"$credentials" 2>/dev/null || true)"
|
||||
expires_at="$(jq -r '.claudeAiOauth.expiresAt // 0' <<<"$credentials" 2>/dev/null || true)"
|
||||
now_ms="$(( $(date +%s) * 1000 ))"
|
||||
|
||||
if [[ "$access_token" != sk-ant-oat* ]]; then
|
||||
echo "::warning::Claude credentials JSON has no usable OAuth access token; keeping the configured Anthropic fallback." >&2
|
||||
return
|
||||
fi
|
||||
# Stable live shards can run for an hour, so never shadow the fallback with
|
||||
# a token that could expire before setup, retries, and cleanup complete.
|
||||
if ! [[ "$expires_at" =~ ^[0-9]+$ ]] || (( expires_at <= now_ms + min_remaining_ms )); then
|
||||
echo "::warning::Claude credentials JSON OAuth access token lacks 90 minutes of remaining life; keeping the configured Anthropic fallback." >&2
|
||||
return
|
||||
fi
|
||||
|
||||
echo "::add-mask::$access_token"
|
||||
export ANTHROPIC_OAUTH_TOKEN="$access_token"
|
||||
if [[ -n "${GITHUB_ENV:-}" ]]; then
|
||||
printf 'ANTHROPIC_OAUTH_TOKEN=%s\n' "$access_token" >>"$GITHUB_ENV"
|
||||
fi
|
||||
}
|
||||
|
||||
activate_claude_oauth_access_token
|
||||
|
||||
for env_key in \
|
||||
OPENAI_API_KEY \
|
||||
OPENAI_BASE_URL \
|
||||
|
|
|
|||
|
|
@ -1421,10 +1421,16 @@ describe("package artifact reuse", () => {
|
|||
);
|
||||
});
|
||||
|
||||
it("reuses the Claude setup-token for direct Anthropic live provider lanes", () => {
|
||||
it("prefers fresh Claude OAuth credentials for direct Anthropic live provider lanes", () => {
|
||||
const hydrateScript = readFileSync(CI_HYDRATE_LIVE_AUTH_SCRIPT, "utf8");
|
||||
|
||||
expect(hydrateScript).toContain(" ANTHROPIC_OAUTH_TOKEN \\");
|
||||
expect(hydrateScript).toContain("access_token=\"$(jq -r '.claudeAiOauth.accessToken // empty'");
|
||||
expect(hydrateScript).toContain('export ANTHROPIC_OAUTH_TOKEN="$access_token"');
|
||||
expect(hydrateScript).toContain('local min_remaining_ms="$(( 90 * 60 * 1000 ))"');
|
||||
expect(hydrateScript).toContain(
|
||||
'printf \'ANTHROPIC_OAUTH_TOKEN=%s\\n\' "$access_token" >>"$GITHUB_ENV"',
|
||||
);
|
||||
for (const jobName of [
|
||||
"validate_live_models_docker",
|
||||
"validate_live_models_docker_targeted",
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue