Add runtime event telemetry and auth-mode config hardening

2026-02-23 17:30:53 -05:00
parent 3ca9bd3db8
commit 94c79d9dd7
10 changed files with 853 additions and 3 deletions
--- a/tests/config.test.ts
+++ b/tests/config.test.ts
@@ -1,6 +1,11 @@
 import test from "node:test";
 import assert from "node:assert/strict";
-import { buildClaudeAuthEnv, loadConfig, resolveAnthropicToken } from "../src/config.js";
+import {
+  buildClaudeAuthEnv,
+  loadConfig,
+  resolveAnthropicToken,
+  resolveOpenAiApiKey,
+} from "../src/config.js";

 test("loads defaults and freezes config", () => {
  const config = loadConfig({});
@@ -11,10 +16,25 @@ test("loads defaults and freezes config", () => {
  assert.equal(config.discovery.fileRelativePath, ".agent-context/resources.json");
  assert.equal(config.security.violationHandling, "hard_abort");
  assert.equal(config.security.commandTimeoutMs, 120000);
+  assert.equal(config.runtimeEvents.logPath, ".ai_ops/events/runtime-events.ndjson");
+  assert.equal(config.runtimeEvents.discordMinSeverity, "critical");
+  assert.deepEqual(config.runtimeEvents.discordAlwaysNotifyTypes, [
+    "session.started",
+    "session.completed",
+    "session.failed",
+  ]);
+  assert.equal(config.provider.openAiAuthMode, "auto");
  assert.equal(Object.isFrozen(config), true);
  assert.equal(Object.isFrozen(config.orchestration), true);
 });

+test("validates OPENAI_AUTH_MODE values", () => {
+  assert.throws(
+    () => loadConfig({ OPENAI_AUTH_MODE: "oauth" }),
+    /OPENAI_AUTH_MODE must be one of/,
+  );
+});
+
 test("validates boolean env values", () => {
  assert.throws(
    () => loadConfig({ CODEX_SKIP_GIT_CHECK: "maybe" }),
@@ -29,6 +49,13 @@ test("validates security violation mode", () => {
  );
 });

+test("validates runtime discord severity mode", () => {
+  assert.throws(
+    () => loadConfig({ AGENT_RUNTIME_DISCORD_MIN_SEVERITY: "verbose" }),
+    /Runtime event severity/,
+  );
+});
+
 test("prefers CLAUDE_CODE_OAUTH_TOKEN over ANTHROPIC_API_KEY", () => {
  const config = loadConfig({
    CLAUDE_CODE_OAUTH_TOKEN: "oauth-token",
@@ -57,3 +84,23 @@ test("falls back to ANTHROPIC_API_KEY when oauth token is absent", () => {
  assert.equal(authEnv.CLAUDE_CODE_OAUTH_TOKEN, undefined);
  assert.equal(authEnv.ANTHROPIC_API_KEY, "api-key");
 });
+
+test("resolveOpenAiApiKey respects chatgpt auth mode", () => {
+  const config = loadConfig({
+    OPENAI_AUTH_MODE: "chatgpt",
+    CODEX_API_KEY: "codex-key",
+    OPENAI_API_KEY: "openai-key",
+  });
+
+  assert.equal(resolveOpenAiApiKey(config.provider), undefined);
+});
+
+test("resolveOpenAiApiKey prefers CODEX_API_KEY in auto mode", () => {
+  const config = loadConfig({
+    OPENAI_AUTH_MODE: "auto",
+    CODEX_API_KEY: "codex-key",
+    OPENAI_API_KEY: "openai-key",
+  });
+
+  assert.equal(resolveOpenAiApiKey(config.provider), "codex-key");
+});