feat(web): add Capture Auth button to agent detail page#459
Conversation
Add a "Capture Auth" button visible only for no-auth running agents with
a resolved harness. The button calls POST /api/v1/agents/{id}/exec to
run capture_auth.py inside the container, handling exit codes 0 (success),
2 (not authenticated yet), and others (error).
|
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). View this failed invocation of the CLA check for more information. For the most up to date status, view the checks section at the bottom of the pull request. |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a feature to capture credentials from inside an agent's container. It adds a 'Capture Auth' button to the agent detail page, which triggers a Python script via an API call when the agent is running and configured with no authentication. Additionally, the AgentAppliedConfig interface is updated to support the noAuth property. The review feedback suggests improving the robustness of the API response handling by using optional chaining and fallback values to prevent potential runtime errors if the response structure is unexpected.
| const result = await response.json() as { output: string; exitCode: number }; | ||
|
|
||
| if (result.exitCode === 0) { | ||
| alert(`Credentials captured successfully.\n\n${result.output}`); | ||
| await this.fetchAndMergeAgent(); | ||
| } else if (result.exitCode === 2) { | ||
| alert(`No credentials found yet.\n\nAuthenticate first (e.g., run 'agy' inside the container), then try again.\n\n${result.output}`); | ||
| } else { | ||
| alert(`Capture failed (exit ${result.exitCode}).\n\n${result.output}`); | ||
| } |
There was a problem hiding this comment.
The API response from /exec is cast directly to { output: string; exitCode: number } without checking if the response body is null or missing these properties. If the response is empty or unexpected, accessing result.exitCode could throw a runtime TypeError. It is safer to use optional chaining and provide fallback values.
| const result = await response.json() as { output: string; exitCode: number }; | |
| if (result.exitCode === 0) { | |
| alert(`Credentials captured successfully.\n\n${result.output}`); | |
| await this.fetchAndMergeAgent(); | |
| } else if (result.exitCode === 2) { | |
| alert(`No credentials found yet.\n\nAuthenticate first (e.g., run 'agy' inside the container), then try again.\n\n${result.output}`); | |
| } else { | |
| alert(`Capture failed (exit ${result.exitCode}).\n\n${result.output}`); | |
| } | |
| const result = await response.json() as { output?: string; exitCode?: number } | null; | |
| const exitCode = result?.exitCode; | |
| const output = result?.output ?? ''; | |
| if (exitCode === 0) { | |
| alert('Credentials captured successfully.\n\n' + output); | |
| await this.fetchAndMergeAgent(); | |
| } else if (exitCode === 2) { | |
| alert('No credentials found yet.\n\nAuthenticate first (e.g., run \'agy\' inside the container), then try again.\n\n' + output); | |
| } else { | |
| alert('Capture failed (exit ' + (exitCode !== undefined ? exitCode : 'unknown') + ').\n\n' + output); | |
| } |
1 participant
Add a "Capture Auth" button visible only for no-auth running agents with a resolved harness. The button calls POST /api/v1/agents/{id}/exec to run capture_auth.py inside the container, handling exit codes 0 (success), 2 (not authenticated yet), and others (error).
Fixes #<issue_number_goes_here>