feat(secrets): expand onboarding secret-ref flows and custom-provider parity
This commit is contained in:
joshavant
committed by
Peter Steinberger
Peter Steinberger
parent
e8637c79b3
commit
5e3a86fd2f
@@ -24,6 +24,15 @@ Secrets are resolved into an in-memory runtime snapshot.
|
||||
|
||||
This keeps external secret source outages off the hot request path.
|
||||
|
||||
## Onboarding reference preflight
|
||||
|
||||
When onboarding runs in interactive mode and you choose secret reference storage, OpenClaw performs a fast preflight check before saving:
|
||||
|
||||
- Env refs: validates env var name and confirms a non-empty value is visible during onboarding.
|
||||
- File refs (`sops`): validates `secrets.sources.file`, decrypts, and resolves the JSON pointer.
|
||||
|
||||
If validation fails, onboarding shows the error and lets you retry with a different ref/source.
|
||||
|
||||
## SecretRef contract
|
||||
|
||||
Use one object shape everywhere:
|
||||
|
||||
Reference in New Issue
Block a user