mirror of
https://github.com/shankar0123/certctl.git
synced 2026-06-07 12:21:31 +00:00
shankar0123
58b14412a1
Third latent bug surfaced by the Auditable Codebase Bundle's cold-DB compose smoke. Server cold-boot and migration re-runs are now clean after the prior two fixes (6d0f774DEMO_MODE_ACK,910097emigration 000043 idempotency); the smoke now makes it through cold boot, force-recreate, and the second healthcheck pass — then dies at step 4 (mint day-0 admin) because: POST /api/v1/auth/bootstrap returns 410 Gone → strategy disabled (no token configured) → Python json.load fails with KeyError: 'key_value' on the error response body → step exits 1 Root cause: the documented manual smoke flow at cowork/manual-testing-bundle-2.html (Part 2) injects the bootstrap token via: echo "CERTCTL_BOOTSTRAP_TOKEN=$TOKEN" > /tmp/_smoke.env docker compose --env-file /tmp/_smoke.env up -d --force-recreate certctl-server This only populates compose's own interpolation environment — NOT the container's runtime environment. For the variable to reach the container, the compose file's environment: block must explicitly reference it. The certctl-server environment: block listed every other CERTCTL_* var the demo path needs but missed CERTCTL_BOOTSTRAP_TOKEN. Fix: add an explicit interpolation line: CERTCTL_BOOTSTRAP_TOKEN: ${CERTCTL_BOOTSTRAP_TOKEN:-} Default empty value = bootstrap strategy disabled (safe default; server returns 410 on POST /api/v1/auth/bootstrap when no token is set, which is correct steady-state behavior). The variable only gets populated when an operator/CI explicitly sets it before compose up — same model as CERTCTL_CONFIG_ENCRYPTION_KEY one line above. Verified: - YAML parse clean. - scripts/ci-guards/complete-path-config-coverage.sh green — CERTCTL_BOOTSTRAP_TOKEN now has a non-config consumer in deploy/. - Same fix unblocks both CI's cold-DB smoke AND the operator's manual smoke walkthrough (which had the same latent gap; the operator must have been setting the env var via a shell export or a local override compose, since the documented flow doesn't work against this file as-shipped). Pattern note (THIRD complete-path gap on the demo compose in this bundle): the demo compose is the documented entry point for new users, and three different env-var contract surfaces had to be wired before its documented manual smoke flow worked end-to-end on a true cold boot. A future follow-up should add a CI guard that asserts every documented-in-manual-testing-bundle-2.html env var also has a corresponding interpolation line in deploy/docker-compose.yml. Audit-Closes: post-v2.1.0-anti-rot/item-6