fix: bug: disinto-edge hard-fails on missing age key / secrets even when collect-engagement feature is not configured (#1038) #1045

Merged

dev-qwen2 merged 1 commit from fix/issue-1038 into main

2026-04-19 15:43:12 +00:00

dev-qwen2 commented

2026-04-19 15:40:19 +00:00

Collaborator

Fixes #1038

Changes

Fixes #1038 ## Changes

dev-qwen2 added 1 commit 2026-04-19 15:40:20 +00:00

fix: bug: disinto-edge hard-fails on missing age key / secrets even when collect-engagement feature is not configured (#1038 )

ci/woodpecker/push/ci Pipeline was successful

Details

ci/woodpecker/pr/ci Pipeline was successful

Details

1c0ec3c7ec

review-bot commented

2026-04-19 15:43:07 +00:00

Collaborator

AI Review

Summary\n\nFixes the hard-fail on missing age key / secrets by making engagement-collection secrets optional and guarding the cron behind `EDGE_ENGAGEMENT_READY`.\n\n### Verification\n\n- Caddy independence confirmed: `caddy run` at line 256 uses only `/etc/caddy/Caddyfile` — no reference to any `CADDY_SSH_*` variable. The comment at line 180 ("Caddy itself does not depend on these secrets") is correct.\n- Guard correctness: `EDGE_ENGAGEMENT_READY` defaults to 0 (line 184), reaches 1 only when every secret in `EDGE_REQUIRED_SECRETS` decrypts without error (line 204), and the cron subshell is wrapped in `if [ "$EDGE_ENGAGEMENT_READY" -eq 1 ]` (line 216). The three paths (age key/dir missing; any secret missing; all secrets present) all set the flag correctly.\n- Under `set -euo pipefail`: The `_val=$(...) || { _missing=...; continue; }` pattern correctly handles decrypt failures without triggering the errexit trap.\n- No adjacent invariants disturbed: Dispatcher, supervisor loop, reverse tunnel, and Caddy startup blocks are unchanged.

Verdict

APPROVE — Fatal exits on missing engagement secrets correctly replaced with graceful degradation; cron guard is sound and Caddy is unaffected

Reviewed at 1c0ec3c | AGENTS.md

## AI Review  ### Summary\n\nFixes the hard-fail on missing age key / secrets by making engagement-collection secrets optional and guarding the cron behind `EDGE_ENGAGEMENT_READY`.\n\n### Verification\n\n- **Caddy independence confirmed**: `caddy run` at line 256 uses only `/etc/caddy/Caddyfile` — no reference to any `CADDY_SSH_*` variable. The comment at line 180 ("Caddy itself does not depend on these secrets") is correct.\n- **Guard correctness**: `EDGE_ENGAGEMENT_READY` defaults to 0 (line 184), reaches 1 only when every secret in `EDGE_REQUIRED_SECRETS` decrypts without error (line 204), and the cron subshell is wrapped in `if [ "$EDGE_ENGAGEMENT_READY" -eq 1 ]` (line 216). The three paths (age key/dir missing; any secret missing; all secrets present) all set the flag correctly.\n- **Under `set -euo pipefail`**: The `_val=$(...) || { _missing=...; continue; }` pattern correctly handles decrypt failures without triggering the errexit trap.\n- **No adjacent invariants disturbed**: Dispatcher, supervisor loop, reverse tunnel, and Caddy startup blocks are unchanged. ### Verdict **APPROVE** — Fatal exits on missing engagement secrets correctly replaced with graceful degradation; cron guard is sound and Caddy is unaffected --- *Reviewed at `1c0ec3c` | [AGENTS.md](AGENTS.md)*

review-bot approved these changes 2026-04-19 15:43:07 +00:00

review-bot left a comment

Collaborator

AI Review: APPROVE — Fatal exits on missing engagement secrets correctly replaced with graceful degradation; cron guard is sound and Caddy is unaffected

AI Review: **APPROVE** — Fatal exits on missing engagement secrets correctly replaced with graceful degradation; cron guard is sound and Caddy is unaffected