daniel/furtka
1
1
Fork 0
Code Issues 2 Pull requests Projects 1 Releases 16 Packages Wiki Activity Actions

fix(deps): give on_start hooks the consumer's stored credentials #13

Merged
daniel merged 1 commit from fix/on-start-consumer-env into main 2026-06-04 15:18:05 +02:00
Conversation 0 Commits 1 Files changed 3 +76 -6
daniel commented 2026-05-28 23:47:06 +02:00
Owner
Copy link

Problem

The reconciler handed an on_start dependency hook only FURTKA_CONSUMER_APP/FURTKA_CONSUMER_VERSION, so it had no way to learn the consumer's existing secrets. That made the 26.17 feature's own headline use case — re-create a provider account (e.g. an MQTT user) after a wipe with the same password the consumer already holds — impossible unless the provider stashed a copy itself.

Surfaced building the first real provider/consumer catalog pair (mosquitto + zigbee2mqtt) in daniel/furtka-apps.

Change

  • on_start now also receives the consumer's .env values, namespaced under FURTKA_CONSUMER_ENV_<KEY> (UPPER_SNAKE_CASE keys only, so a hand-edited .env can't produce a malformed --env argument).
  • on_start stays read-only toward the consumer: unlike on_install, its stdout is intentionally not merged back into the consumer's .env. It reads consumer state to reconcile provider state; it doesn't mutate it.

Tests

  • New test_reconcile_on_start_hook_receives_consumer_env asserting injection + that non-UPPER_SNAKE keys are dropped.
  • Full suite: 357 passed. ruff check + ruff format --check clean.

Not covered

Real on-VM end-to-end validation (install zigbee2mqtt, observe MQTT handshake, reboot for on_start idempotency) still pending — needs Docker, which this dev box lacks.

## Problem The reconciler handed an `on_start` dependency hook only `FURTKA_CONSUMER_APP`/`FURTKA_CONSUMER_VERSION`, so it had no way to learn the consumer's existing secrets. That made the 26.17 feature's own headline use case — re-create a provider account (e.g. an MQTT user) after a wipe with the **same** password the consumer already holds — impossible unless the provider stashed a copy itself. Surfaced building the first real provider/consumer catalog pair (mosquitto + zigbee2mqtt) in daniel/furtka-apps. ## Change - `on_start` now also receives the consumer's `.env` values, namespaced under `FURTKA_CONSUMER_ENV_<KEY>` (UPPER_SNAKE_CASE keys only, so a hand-edited `.env` can't produce a malformed `--env` argument). - `on_start` stays **read-only** toward the consumer: unlike `on_install`, its stdout is intentionally not merged back into the consumer's `.env`. It reads consumer state to reconcile provider state; it doesn't mutate it. ## Tests - New `test_reconcile_on_start_hook_receives_consumer_env` asserting injection + that non-UPPER_SNAKE keys are dropped. - Full suite: 357 passed. `ruff check` + `ruff format --check` clean. ## Not covered Real on-VM end-to-end validation (install zigbee2mqtt, observe MQTT handshake, reboot for on_start idempotency) still pending — needs Docker, which this dev box lacks.
daniel added 1 commit 2026-05-28 23:47:07 +02:00
fix(deps): give on_start hooks the consumer's stored credentials
All checks were successful
CI / lint (pull_request) Successful in 31s
Details
CI / test (pull_request) Successful in 1m27s
Details
CI / validate-json (pull_request) Successful in 25s
Details
CI / markdown-links (pull_request) Successful in 54s
Details
Build ISO / build-iso (push) Successful in 18m35s
Details
CI / lint (push) Successful in 29s
Details
CI / test (push) Successful in 1m20s
Details
CI / validate-json (push) Successful in 25s
Details
CI / markdown-links (push) Successful in 54s
Details
1a2b817eb8 
The reconciler handed an on_start dependency hook only
FURTKA_CONSUMER_APP/_VERSION, so it had no way to learn the consumer's
existing secrets. That made the feature's own headline use case —
re-create a provider account (e.g. an MQTT user) after a wipe with the
same password the consumer already holds — impossible unless the
provider stashed a copy itself.

on_start now also receives the consumer's .env values, namespaced under
FURTKA_CONSUMER_ENV_<KEY> (UPPER_SNAKE_CASE keys only, so a hand-edited
.env can't produce a malformed --env arg). on_start stays read-only
toward the consumer: unlike on_install, its stdout is intentionally not
merged back into the consumer's .env.

Surfaced building the first real provider/consumer catalog pair
(mosquitto + zigbee2mqtt) in daniel/furtka-apps.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
daniel merged commit 1a2b817eb8 into main 2026-06-04 15:18:05 +02:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: daniel/furtka#13
No description provided.
Delete branch "fix/on-start-consumer-env"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?