Fix secrets bug: Convert strings to StaticSecret objects in RemoteConversation #1231
+57
−4
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Fix issue where string secrets were sent as plain strings instead of StaticSecret objects - Server expects discriminated union format with 'kind' field for secret types - Modified update_secrets() to use _wrap_secret() helper and model_dump() with expose_secrets context - Added comprehensive tests to verify payload format matches server expectations - Resolves 422 Unprocessable Entity error when updating secrets in RemoteWorkspace Co-authored-by: openhands <openhands@all-hands.dev>
|
Looks like there are a few issues preventing this PR from being merged!
If you'd like me to help, just leave a comment, like Feel free to include any additional details that might help me get this PR into a better state. You can manage your notification settings |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Problem
Fixes a bug where string secrets passed to
RemoteConversation.update_secrets()were causing 422 Unprocessable Entity errors. The server expects secrets to be wrapped inStaticSecretobjects with a discriminated union format, but the client was sending plain strings.Error:
Solution
RemoteConversation.update_secrets()to automatically convert string secrets toStaticSecretobjects using the existing_wrap_secret()helper functionmodel_dump(context={"expose_secrets": True})to ensure proper formatChanges
Core Fix
openhands-sdk/openhands/sdk/conversation/impl/remote_conversation.pyupdate_secrets()(lines 635-656)StaticSecretobjects before sending to serverBefore:
{"API_KEY": "secret-value"}After:
{"API_KEY": {"kind": "StaticSecret", "value": "secret-value", "description": null}}Enhanced Tests
tests/sdk/conversation/remote/test_remote_conversation.pyTesting
StaticSecretobjectsImpact
This fix resolves the 422 error when using
RemoteWorkspacewith string secrets, ensuring seamless integration with the server API while maintaining the existing user interface.@rbren can click here to continue refining the PR
Agent Server images for this PR
• GHCR package: https://github.com/OpenHands/agent-sdk/pkgs/container/agent-server
Variants & Base Images
eclipse-temurin:17-jdknikolaik/python-nodejs:python3.12-nodejs22golang:1.21-bookwormPull (multi-arch manifest)
# Each variant is a multi-arch manifest supporting both amd64 and arm64 docker pull ghcr.io/openhands/agent-server:558bdc6-pythonRun
All tags pushed for this build
About Multi-Architecture Support
558bdc6-python) is a multi-arch manifest supporting both amd64 and arm64558bdc6-python-amd64) are also available if needed