Commit 2334f8d
Feat/headless env auth (#6)
* feat: non-interactive (sandbox) auth via env token + base URL
Run the agent CLI headlessly inside Ellipsis cloud sandboxes, where a
per-sandbox token and base URL are injected into the environment and the
device-code login can't work (no human/browser). No new commands.
Credential precedence (highest wins): explicit arg -> environment
(ELLIPSIS_API_TOKEN / ELLIPSIS_API_BASE_URL) -> config file -> default.
- config.ts: add resolveToken()/resolveApiBase() (+ envToken/envApiBase
helpers); requireToken() now reads the env token and its error mentions
ELLIPSIS_API_TOKEN. Config path resolves lazily so ELLIPSIS_CONFIG_DIR is
honored at runtime.
- api.ts: ApiClient ctor resolves base + token through the precedence chain.
- constants.ts: DEFAULT_API_BASE is now the bare default; env layering moved
to resolveApiBase(), which accepts ELLIPSIS_API_BASE_URL and the legacy
ELLIPSIS_API_BASE.
- login.ts: logout no longer claims to clear an env-supplied token; the env
session stays active.
- tests: cover credential precedence and the ELLIPSIS_API_BASE_URL fallback.
me already surfaces sandbox_id. Out of scope: run streaming, keychain
storage, backend changes.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
* .
---------
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>1 parent 095bdcf commit 2334f8d
7 files changed
Lines changed: 2847 additions & 48 deletions
File tree
- src
- commands
- lib
- ui
- test
0 commit comments