feat(teams): full [teams] section — credentials + connection config-first#1384
Conversation
6f8ce39 to
bcf35d8
Compare
6305407 to
caadf8f
Compare
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
caadf8f to
e77928c
Compare
bcf35d8 to
21f5f8a
Compare
e77928c to
4428463
Compare
This comment has been minimized.
This comment has been minimized.
4428463 to
f514587
Compare
c71528c to
3c6a924
Compare
|
Note LGTM ✅ — Clean config-first graduation for What This PR DoesGraduates How It Works
Findings
Finding Details🟢 F1: from_reader abstraction
🟢 F2: Test coverage
🟢 F3: Backward compatibilityThe 🟢 F4: Documentation approachOld trust-only description wrapped in a 🟢 F5: PlatformTrustConfig doc commentClarifies that all platform sections have now graduated to dedicated structs and this type remains as the common-denominator view consumed by Baseline Check
What's Good (🟢)
5️⃣ Three Reasons We Might Not Need This PR
All three are reasonable trade-offs addressed by the project's config-first invariant (#1375), the stacked-PR workflow convention, and deliberate crate isolation policy. Reviewed: |
…irst Fourth platform slice of the config-first parity umbrella (#1375): [teams] graduates from the shared PlatformTrustConfig to a dedicated TeamsConfig carrying app_id, app_secret, allowed_tenants, oauth_endpoint, openid_metadata, webhook_path alongside the trust fields. Each field resolves config → TEAMS_* env → default. - core: TeamsConfig/ResolvedTeams + resolve(); trust_config() view - gateway: TeamsConfig::from_env refactored onto a from_reader shared with the new AppState::apply_teams_config (app_id + app_secret mandatory — incomplete section disables the adapter, matching env-only semantics); new teams_webhook_path state honored by both binaries' route mounts - unified: applies [teams] before warn_unenforceable_l1 - docs: config.toml.example, config-reference.md (full field table), msteams-selfhosted.md Closes #1380. Refs #1375. Stacked on #1383.
f514587 to
323fec3
Compare
|
Note LGTM ✅ — Clean graduation of What This PR DoesTeams credentials and connection settings were env-only ( How It Works
Findings
What's Good (🟢)
Baseline Check
5️⃣ Three Reasons We Might Not Need This PR
All three are addressable: (1) config-first is the project's declared direction per #1375, (2) stacking is deliberate for reviewability and each slice is independently useful, (3) the two layers serve different roles (core = typed resolution for the binary; gateway = adapter construction with mandatory-credential gate). |
Note
Stacked on #1383 (→ #1382 → #1381 → main). Net-new diff = the last commit; will re-target as parents merge.
What problem does this solve?
Fourth platform slice of #1375: Teams credentials/connection were env-only.
[teams]graduates from the shared trust-only struct to a dedicatedTeamsConfig(6 fields + trust), resolving each field config →TEAMS_*env → default.How It Works
TeamsConfig/ResolvedTeams+resolve();trust_config()view keeps the registry path unchangedTeamsConfig::from_envrefactored ontofrom_reader, shared withapply_teams_config()— same mandatory-credential semantics both paths (app_id+app_secretrequired; incomplete ⇒ adapter disabled); newteams_webhook_pathhonored by both binaries[teams]beforewarn_unenforceable_l1Tests
teams_resolve_all_scenarios— defaults (Bot Framework endpoints), config-wins-over-env, empty-string fallthrough,trust_config()apply_teams_config_requires_credentials— complete credentials build the adapter; missing secret disables itValidation
-D warningsclean (all-features + gateway no-features); unified + default builds passsecretsfailure); gateway 261/261Closes #1380. Refs #1375.