build(agent-job): pin Claude Code CLI; smoke one turn per runtime
Add @anthropic-ai/claude-code@2.1.207 to the job image global npm install, extend the smoke script with claude --version plus a documented per-runtime turn block, and reconcile OpenCode/Claude adapter flags against the real CLIs (all assumed flags confirmed). Document the anthropic_oauth_json credential snapshot pattern in the README.
This commit is contained in:
@@ -206,8 +206,9 @@ SPOON_AGENT_JOB_IMAGE="git.gbrown.org/gib/spoon-agent-job:latest"
|
||||
```
|
||||
|
||||
The job image includes Node 22, Bun, pnpm and yarn through Corepack, npm, git,
|
||||
ripgrep, Python, build tools, OpenCode, and the Codex CLI. It is not the forked
|
||||
project's production runtime; it is the agent execution environment.
|
||||
ripgrep, Python, build tools, OpenCode, the Codex CLI, and the Claude Code CLI.
|
||||
It is not the forked project's production runtime; it is the agent execution
|
||||
environment.
|
||||
|
||||
Production worker runtime requirements:
|
||||
|
||||
@@ -255,7 +256,11 @@ Deployment readiness checklist:
|
||||
API-key based AI provider profiles run through OpenCode. Codex ChatGPT login
|
||||
profiles run through the Codex CLI: Spoon writes the encrypted `auth.json` into
|
||||
the isolated job workspace as `CODEX_HOME/.codex/auth.json` before execution.
|
||||
Treat that saved auth file like a password and only use it on trusted workers.
|
||||
Anthropic profiles run through the Claude Code CLI: API-key profiles authenticate
|
||||
via `ANTHROPIC_API_KEY`, while `anthropic_oauth_json` credential-snapshot profiles
|
||||
have their encrypted OAuth blob written into the isolated job workspace as
|
||||
`~/.claude/.credentials.json` before execution. Treat those saved auth files like
|
||||
a password and only use them on trusted workers.
|
||||
|
||||
</details>
|
||||
|
||||
|
||||
Reference in New Issue
Block a user