Skip to content

fix(cli): creds-recovery verb, webhook URL print, env-token 401 advice, full token in list#33

Merged
mastermanas805 merged 1 commit into
masterfrom
fix/cli-creds-verb-webhook-url-401-token
Jun 10, 2026
Merged

fix(cli): creds-recovery verb, webhook URL print, env-token 401 advice, full token in list#33
mastermanas805 merged 1 commit into
masterfrom
fix/cli-creds-verb-webhook-url-401-token

Conversation

@mastermanas805

@mastermanas805 mastermanas805 commented Jun 10, 2026

Copy link
Copy Markdown
Member

Four agent-DX follow-ups found in a live cohort dogfood (round 2). All build on the just-merged #32 (whoami/--json/--no-browser) — reuse its defaultAPIBaseURL, --json provision output, and env-vs-stored auth distinction; #32's work is untouched.

F1 (P0) — no way to recover a resource's connection string

  • Symptom: instant db new frequently times out at the 60s client timeout (server provisioning >60s under contention); the connection URL is printed ONLY by new, so on timeout it's lost forever. GET /api/v1/resources/:id/credentials exists but the CLI never called it.
  • Enumeration: rg -n "/credentials|GetCredentials|fetchCredentials" — credentials surface lives in up.go::fetchCredentials (a up-internal helper) only; no user-facing verb.
  • Fix: new instant resource creds <token> (alias credentials) dispatched from resourceCmd (cmd/extras.go:103), handler runResourceCredentials (cmd/operate.go:612) GETs /api/v1/resources/:token/credentials and prints connection_url (webhook receive_url fallback); --json emits the full structured response. Path fragment is the named const resourceCredsSuffix = "/credentials" (cmd/operate.go:70).
  • Endpoint + output: GET {API}/api/v1/resources/<token>/credentials
    ok    creds  <token>
url   postgres://u:p@host/db
type  postgres
env   production
    --json{ok,id,token,resource_type,env,connection_url,receive_url}.
  • Coverage test: TestF1_ResourceCreds_* (refetch / alias / json / webhook-receive-url-fallback / unauthenticated-exit3 / missing-token / empty-token / parse-error / server-error / token-fallback).
  • Live verified: awaiting prod (cli is build-from-source; binary built locally, instant resource creds --help renders the verb). Auth/contract proven against the hermetic mock that mirrors the live GetCredentials shape.

F2 (P1) — webhook new prints a blank URL

  • Symptom: instant webhook new succeeds but prints url (blank). /webhook/new returns receive_url, not connection_url; the human print path used creds.ConnectionURL only.
  • Fix: cmd/monitor.go:219 — fall back to creds.ReceiveURL when ConnectionURL is empty (the local token-store code right above already did this). --json already emits receive_url via emitProvisionJSONverified in TestF2_WebhookNew_JSONHasReceiveURL.
  • Coverage test: TestF2_WebhookNew_PrintsReceiveURL (asserts the receiver URL prints AND no blank url line), TestF2_WebhookNew_JSONHasReceiveURL.

F3 (P1) — 401 with INSTANT_TOKEN set gives wrong advice

  • Symptom: an invalid INSTANT_TOKEN yields session expired — run instant login (exit 3), but the env var SHADOWS any saved login, so instant login changes nothing.
  • Fix: new authFromEnvToken() (cmd/up.go:386, precedence --token > INSTANT_TOKEN > saved). errSessionExpired() (cmd/errors.go) and classifyError/sessionExpiredAction (cmd/json_error.go) branch the advice on source: env-sourced reject → "fix or unset INSTANT_TOKEN". Also fixes a latent bug — a 401 was mis-coded auth_required in the JSON envelope (errSessionExpired carries ExitAuthRequired) and never reached the session_expired classifier; it now codes session_expired correctly.
  • Coverage test: TestF3_SessionExpired_EnvTokenAdvice, TestF3_SessionExpired_SavedLoginAdvice, TestF3_SessionExpired_EnvTokenJSONAction, TestF3_AuthFromEnvToken_FlagOverridesEnv; updated TestClassifyError_AllBranches to the corrected contract.

F4 (P2) — instant resources table truncates the token

  • Symptom: token column showed d3cef90f-a75… — the exact value every other command needs as an argument, so it was un-copyable.
  • Fix: cmd/discover.go — print the FULL token; truncate the human-facing NAME instead via truncateName + named const nameDisplayMaxLen (rune-safe). --json unchanged.
  • Coverage test: TestF4_ResourcesTable_FullToken, TestF4_ResourcesTable_TruncatesLongName, TestF4_TruncateName_Unit.

Gate: make ci green (build + vet + race + golangci-lint 0 issues). 100%-patch coverage on the diff (every changed source line exercised; verified the uncovered blocks in changed files are all pre-existing and outside the diff). typos check is warn-only; no new typos introduced.

🤖 Generated with Claude Code

@mastermanas805 @claude
fix(cli): creds-recovery verb, webhook URL print, env-token 401 advic…
3c01e9b 
…e, full token in list

Four agent-DX follow-ups found in a live cohort dogfood (round 2, building on #32):

F1 (P0): add `instant resource creds <token>` (alias `credentials`) — GETs
  /api/v1/resources/:id/credentials and prints the connection_url (webhook
  receive_url fallback; --json for the full response). Closes the broken
  first-provision recovery loop: `db new` frequently hits the 60s client
  timeout and the URL — printed only by `new` — was otherwise lost forever.
  Path fragment is the named const resourceCredsSuffix.

F2 (P1): `webhook new` printed a blank `url` line — the human path read
  creds.ConnectionURL only, but /webhook/new returns receive_url. Fall back
  to ReceiveURL like the local token-store code already does. (--json already
  emits receive_url via emitProvisionJSON; verified.)

F3 (P1): a 401 with INSTANT_TOKEN set advised `instant login`, which is
  useless — the env var SHADOWS any saved login. errSessionExpired() +
  classifyError() now branch on token SOURCE (new authFromEnvToken helper):
  an env-sourced reject tells the user to fix/unset INSTANT_TOKEN. This also
  fixes the dead session_expired JSON code (a 401 was mis-coded auth_required
  because errSessionExpired carries ExitAuthRequired).

F4 (P2): `instant resources` truncated the token (`d3cef90f-a75…`) — the
  exact value every other command needs as an argument, so it was
  un-copyable. Print the FULL token; truncate the NAME column instead
  (new truncateName + nameDisplayMaxLen). --json unchanged.

Tests: cmd/agent_dx_followups_test.go covers all four (creds happy/alias/json/
webhook-fallback/unauth/missing-token/empty/parse/server-error + token
fallback; webhook receive_url human+json; env-vs-saved 401 advice + json
action + flag-over-env; full-token + name-truncation + truncateName unit).
100%-patch on the diff; make ci green (build+vet+race+lint).

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@mastermanas805 mastermanas805 enabled auto-merge (squash) June 10, 2026 20:06
@mastermanas805 mastermanas805 merged commit 6c6a5df into master Jun 10, 2026
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mastermanas805