Skip to content

fix(providers): read opencode config file during credential discovery#1290

Open
ericcurtin wants to merge 1 commit intoNVIDIA:mainfrom
ericcurtin:fix-opencode-config-discovery/ec
Open

fix(providers): read opencode config file during credential discovery#1290
ericcurtin wants to merge 1 commit intoNVIDIA:mainfrom
ericcurtin:fix-opencode-config-discovery/ec

Conversation

@ericcurtin
Copy link
Copy Markdown

@ericcurtin ericcurtin commented May 9, 2026

Summary

openshell sandbox create -- opencode falsely reported "No existing local credentials/config found for 'opencode'" even when the user had a working opencode installation, then hung waiting for a sandbox that was created without any provider credentials.

Related Issue

N/A (reported via direct session)

Changes

  • OpencodeProvider::discover_existing now reads $XDG_CONFIG_HOME/opencode/opencode.json (defaulting to ~/.config/opencode/opencode.json) in addition to env vars
  • Extracts per-provider API keys from provider.<name>.options.apiKey and surfaces them as <NAME_UPPERCASE>_API_KEY credentials so they are injected into the sandbox environment
  • Env vars continue to take priority over the config file
  • Adds extract_credentials_from_opencode_config as a testable pure function
  • Adds five unit tests: extraction of multiple providers, keyless providers (e.g. Ollama), empty keys, malformed JSON, missing provider section

Testing

  • mise run pre-commit passes
  • Unit tests added/updated (cargo test -p openshell-providers — 29 passed)
  • E2E tests added/updated (not applicable — provider discovery is local-only)

Checklist

  • Follows Conventional Commits
  • Commits are signed off (DCO)

@ericcurtin
fix(providers): read opencode config file during credential discovery
91e89e9 
The opencode provider only checked three environment variables
(OPENCODE_API_KEY, OPENROUTER_API_KEY, OPENAI_API_KEY) when discovering
existing credentials. opencode stores its API keys natively in
$XDG_CONFIG_HOME/opencode/opencode.json under provider.<name>.options.apiKey,
so users with a normal opencode installation but no env vars set always
received the 'no credentials found' warning and the sandbox was created
without any provider, causing the watch loop to hang.

Extract per-provider API keys from the config file and inject them as
<PROVIDER_UPPERCASE>_API_KEY credentials so the sandbox environment
receives working credentials. Env vars continue to take priority.

Adds five unit tests covering extraction, edge cases (keyless providers,
empty keys, malformed JSON, missing provider section).
@copy-pr-bot
Copy link
Copy Markdown

copy-pr-bot Bot commented May 9, 2026

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

@ericcurtin
Copy link
Copy Markdown
Author

ericcurtin commented May 9, 2026

I have read the DCO document and I hereby sign the DCO.

@ericcurtin
Copy link
Copy Markdown
Author

ericcurtin commented May 9, 2026

recheck

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mrunalp mrunalp Awaiting requested review from mrunalp mrunalp is a code owner

@maxamillion maxamillion Awaiting requested review from maxamillion maxamillion is a code owner

@derekwaynecarr derekwaynecarr Awaiting requested review from derekwaynecarr derekwaynecarr is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ericcurtin