fix-wg-secret — Workgraph live mirror

Metadata

Status	done
Assigned	`agent-1073`
Agent identity	`f51439356729d112a6c404803d88015d5b44832c6c584c62b96732b63c2b0c7e`
Created	2026-04-29T10:59:04.405001726+00:00
Started	2026-04-29T10:59:22.547184118+00:00
Completed	2026-04-29T11:18:17.407205603+00:00
Tags	`fix,secrets,security`, `eval-scheduled`
Eval score	0.90
└ blocking impact	0.90
└ completeness	0.90
└ constraint fidelity	0.70
└ coordination overhead	0.88
└ correctness	0.95
└ downstream usability	0.85
└ efficiency	0.85
└ intent fidelity	0.83
└ style adherence	0.90

Description

implement-wg-secret (commit 6f4c98d1c) shipped the secret command frame but several design requirements are missing or misnamed. Verified by live smoke 2026-04-29 ~02:55Z after cargo install --path .:

Gaps

1. "keyring" backend is actually a file store

wg secret backend show reports: Default backend: keyring (secure file store at ~/.wg/keystore/).

The design (design-secure-credential §1, §4) specified the keyring backend uses the OS credential store (keyring crate → macOS Keychain / Linux secret-service / kwallet / Windows Credential Manager). Implementation built a custom on-disk keystore at ~/.wg/keystore/ and labeled it "keyring."

Two ways forward (pick one):

A) Wire the actual keyring crate as the keyring backend; rename the current file-based store to keystore (or similar). User running wg secret set foo on macOS expects it in Keychain.
B) Keep the file-based store but rename it honestly. Default backend: keystore (secure file at ~/.wg/keystore/). Then add the OS keyring as a separate backend with scheme keyring: (or os-keyring:), or expose it only when a feature flag / config opts in.

Decision belongs in this task. Recommend A — match the design and the user's mental model. The OS keyring is materially more secure than a 0600 file (OS handles unlock, no plaintext on disk).

2. `wg secret set --from-stdin` flag missing

Design (design-secure-credential §3) specified wg secret set <name> --from-stdin reads one line from stdin (no prompt). Implementation rejects piped input with Error: Secret value cannot be empty and only accepts interactive TTY input. This blocks all scripted setup, all CI provisioning, and ALL non-TTY smoke testing.

3. `wg secret rm --yes` flag missing

Design specified --yes for non-interactive removal. Currently the rm command rejects --yes with unexpected argument. Same scripting friction.

4. Smoke scenarios under-cover non-interactive paths

The smoke manifest probably contains the round-trip scenarios from design §7, but if --from-stdin doesn't exist they can't run non-interactively. Verify the manifest entries; either they were stubbed (bad), or they depend on a TTY emulator (fragile), or the implementer skipped them. Cross-check before claiming this fix done.

Validation

Failing tests written first (TDD)
echo "value" | wg secret set foo --from-stdin round-trips: wg secret get foo --reveal returns value
wg secret rm foo --yes deletes without prompting and exits 0
Backend naming: either OS keyring is wired (A) OR the file-based store is renamed honestly (B). wg secret backend show accurately describes what it actually is.
If A: wg secret set foo on macOS lands in Keychain (verify with security find-generic-password -a foo -s wg); on Linux GNOME desktop lands in secret-service (verify with secret-tool search service wg account foo).
Smoke manifest entries from design §7 actually run end-to-end against the real binary (no stubs, no TTY emulators required for non-interactive scenarios)
cargo build + cargo test pass with no regressions
cargo install --path . was run before claiming done — and the smoke commands above were run against the installed binary AND the daemon-log evidence pasted into this task's log

Process note (per recurring user feedback)

The pattern of 'implementation shipped but missed design specifics' has happened twice in this session (bump-codex-defaults skipped its live smoke; implement-wg-secret skipped --from-stdin / --yes / OS-keyring integration). The fix is for implementation tasks to actually run the design's smoke scenarios on the installed binary BEFORE claiming done. The validation criteria above require evidence — paste actual command output, don't just check the box.

## Description
`implement-wg-secret` (commit 6f4c98d1c) shipped the secret command frame but several design requirements are missing or misnamed. Verified by live smoke 2026-04-29 ~02:55Z after `cargo install --path .`:

## Gaps

### 1. "keyring" backend is actually a file store
`wg secret backend show` reports: `Default backend: keyring (secure file store at ~/.wg/keystore/)`.

The design (design-secure-credential §1, §4) specified the keyring backend uses the OS credential store (`keyring` crate → macOS Keychain / Linux secret-service / kwallet / Windows Credential Manager). Implementation built a custom on-disk keystore at `~/.wg/keystore/` and labeled it "keyring."

Two ways forward (pick one):
- A) Wire the actual `keyring` crate as the keyring backend; rename the current file-based store to `keystore` (or similar). User running `wg secret set foo` on macOS expects it in Keychain.
- B) Keep the file-based store but rename it honestly. `Default backend: keystore (secure file at ~/.wg/keystore/)`. Then add the OS keyring as a separate backend with scheme `keyring:` (or `os-keyring:`), or expose it only when a feature flag / config opts in.

Decision belongs in this task. Recommend A — match the design and the user's mental model. The OS keyring is materially more secure than a 0600 file (OS handles unlock, no plaintext on disk).

### 2. `wg secret set --from-stdin` flag missing
Design (design-secure-credential §3) specified `wg secret set <name> --from-stdin` reads one line from stdin (no prompt). Implementation rejects piped input with `Error: Secret value cannot be empty` and only accepts interactive TTY input. This blocks all scripted setup, all CI provisioning, and ALL non-TTY smoke testing.

### 3. `wg secret rm --yes` flag missing
Design specified `--yes` for non-interactive removal. Currently the rm command rejects `--yes` with `unexpected argument`. Same scripting friction.

### 4. Smoke scenarios under-cover non-interactive paths
The smoke manifest probably contains the round-trip scenarios from design §7, but if `--from-stdin` doesn't exist they can't run non-interactively. Verify the manifest entries; either they were stubbed (bad), or they depend on a TTY emulator (fragile), or the implementer skipped them. Cross-check before claiming this fix done.

## Validation
- [ ] Failing tests written first (TDD)
- [ ] `echo "value" | wg secret set foo --from-stdin` round-trips: `wg secret get foo --reveal` returns `value`
- [ ] `wg secret rm foo --yes` deletes without prompting and exits 0
- [ ] Backend naming: either OS keyring is wired (A) OR the file-based store is renamed honestly (B). `wg secret backend show` accurately describes what it actually is.
- [ ] If A: `wg secret set foo` on macOS lands in Keychain (verify with `security find-generic-password -a foo -s wg`); on Linux GNOME desktop lands in secret-service (verify with `secret-tool search service wg account foo`).
- [ ] Smoke manifest entries from design §7 actually run end-to-end against the real binary (no stubs, no TTY emulators required for non-interactive scenarios)
- [ ] cargo build + cargo test pass with no regressions
- [ ] cargo install --path . was run before claiming done — and the smoke commands above were run against the installed binary AND the daemon-log evidence pasted into this task's log

## Process note (per recurring user feedback)
The pattern of 'implementation shipped but missed design specifics' has happened twice in this session (bump-codex-defaults skipped its live smoke; implement-wg-secret skipped --from-stdin / --yes / OS-keyring integration). The fix is for implementation tasks to actually run the design's smoke scenarios on the installed binary BEFORE claiming done. The validation criteria above require evidence — paste actual command output, don't just check the box.

Depends on

done .assign-fix-wg-secret

Required by

(none)

Log

2026-04-29T10:59:04.395799103+00:00 Task paused
2026-04-29T10:59:04.442211075+00:00 Task published
2026-04-29T10:59:21.057485473+00:00 Lightweight assignment: agent=Careful Programmer (f5143935), exec_mode=full, context_scope=task, reason=Careful Programmer with 0.77 score and 269 tasks is ideal for security-critical implementation requiring architectural decisions, TDD, and rigorous validation.
2026-04-29T10:59:22.547188035+00:00 Spawned by coordinator --executor claude --model opus
2026-04-29T10:59:36.204826378+00:00 Starting work — checking current secret implementation in repo
2026-04-29T11:17:35.978809373+00:00 Implementation complete. Summary: - Added keyring v3 crate (apple-native + sync-secret-service + windows-native + vendored, no default-features) - Refactored src/secret.rs: kept Backend::Keyring as smart-with-fallback, added Backend::Keystore for explicit file backend, kept Backend::Plaintext - backend show now reports both Keyring (OS native: reachable/unreachable) and Keystore (file at ~/.wg/keystore/) honestly; the old 'Default backend: keyring (secure file store ...)' misnomer is gone - Added --from-stdin to wg secret set (mutually exclusive with --value); refuses to prompt when stdin is non-TTY without --from-stdin - Added --yes (-y) to wg secret rm; refuses to delete non-interactively without --yes - 5 live smoke scenarios pass against installed binary (4 PASS + 1 PASS where we expected SKIP — OS keyring is actually reachable on this dev box): PASS secret_keyring_round_trip (--from-stdin, --yes, honest backend status) PASS secret_plaintext_round_trip PASS secret_keystore_explicit (new — pins option-A naming honesty) PASS secret_os_keyring_when_available (new — verified no fallback file written; reachable via dbus session bus) PASS secret_api_key_ref_resolve
2026-04-29T11:17:36.012102792+00:00 Validation evidence (verbatim from installed binary): === --from-stdin round-trips === $ echo 'my-secret-value' | wg secret set foo --from-stdin Secret 'foo' stored in keyring backend. $ wg secret get foo --reveal my-secret-value === --yes deletes non-interactively, exits 0 === $ wg secret rm foo --yes ; echo $? Secret 'foo' deleted from keyring backend. 0 === backend show is honest === Default backend: keyring (OS native — reachable (secret-service (libsecret / GNOME Keyring / KWallet))) Keyring (OS native): reachable (secret-service (libsecret / GNOME Keyring / KWallet)) Keystore (file at ~/.wg/keystore/): always available (0600 perms) Plaintext backend: disabled (set secrets.allow_plaintext = true to enable)
2026-04-29T11:17:36.040657787+00:00 Pre-existing test_global_config_path failure in src/config.rs is unrelated — that file is unchanged vs. main, and the test fails on any host where ~/.wg exists (modern path).
2026-04-29T11:18:09.580096577+00:00 Committed: 467e3779d — pushed to remote (origin/wg/agent-1073/fix-wg-secret)
2026-04-29T11:18:17.407208869+00:00 Task pending eval (agent reported done; awaiting `.evaluate-*` to score)
2026-04-29T11:21:03.481191863+00:00 PendingEval → Done (evaluator passed; downstream unblocks)

Metadata

Description

Description

Gaps

1. "keyring" backend is actually a file store

2. wg secret set --from-stdin flag missing

3. wg secret rm --yes flag missing

4. Smoke scenarios under-cover non-interactive paths

Validation

Process note (per recurring user feedback)

Depends on

Required by

Log

2. `wg secret set --from-stdin` flag missing

3. `wg secret rm --yes` flag missing