feat(settings): Spend controls in the workspace, compute keys actually applied#84
Merged
Merged
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
…y applied Compute panel keys now do something: applyComputeEnv() mirrors the credentials store's pattern — decrypt the stored GPU provider keys and inject them under the canonical env var names the skills read (Modal's combined key splits into token id + secret), at boot and after every connect/disconnect, with removed-entry cleanup, shell-export precedence, and output redaction. Ship the Spend settings panel: LLM spend (managed / byok / auto) and compute spend (managed / byok) driven by GET/PUT /settings/billing via the generated SDK, plus wallet balance and signed-in state. The PUT route keeps the server-side account billing mode in sync and now accepts llm: null to set the toggle back to auto (config schema + SDK types regenerated). Usage panel copy now points at the real control. Fixes #71 Fixes #72
621c73f to
b8be62c
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #71
Fixes #72
Compute keys are now applied (#71)
The Compute panel encrypted and stored GPU provider keys, showed a green "connected" badge — and nothing ever read them back. This adds
ComputeSettings.applyComputeEnv(), mirroringapplyCredentialEnvin the credentials store exactly:subprocessEnv) read. Where two spellings exist in the wild, both are set:TENSORPOOL_KEY/TENSORPOOL_API_KEY,LAMBDA_API_KEY/LAMBDA_LABS_API_KEY,PRIME_API_KEY/PRIME_INTELLECT_API_KEY,VAST_API_KEY,RUNPOD_API_KEY. Modal's combinedak-… : as-…key splits intoMODAL_TOKEN_ID+MODAL_TOKEN_SECRET(a half-pasted key maps to nothing rather than half a credential).applyCredentialEnv(index.ts middleware) and again after every provider connect/disconnect, so a saved key applies live without a restart.last_usedis left as-is: there is no code path that observes an actual compute run (usage reporting is LLM-step-only), so any timestamp written here — e.g. at boot-time injection — would just mean "CLI started", which is more misleading than "never". Wiring it honestly needs a compute-run hook and is out of scope.Spend panel + copy fixes (#72)
Error copy pointed at "Settings → Spend", which didn't exist, and the only way to flip
billing.llmwas hand-editingopenscience.json. This ships the panel:registry.ts), reading GET/settings/billingand writing PUT/settings/billingthrough the generated SDK (client.settings.billing.get/update).llm: nullto clear the toggle back to auto-detect (config schema made nullable,llmBillingMode()normalizes null to undefined, SDK types regenerated from the OpenAPI spec — the gen diff is exactly the nullable field).OpenScience.setBillingMode+ resync (verified, unchanged) — so the gate (config) and the Usage panel (account mode) stay in sync through the one control. Auto skips the mirror since it has no server-side counterpart.Usage.tsxno longer says "Switch to managed mode (Credentials)" — it points at Settings → Spend.processor.tsalready said Settings → Spend, which is now true, so it's untouched.Verification
cd backend/cli && bun test— 836 pass, 0 fail (includes new tests below).bun run typecheck— clean across all 6 packages.bun run --cwd frontend/workspace build— passes.test/server/settings-compute.test.tsexercises the real routes + store (no mocks): connect applies every canonical var, modal splits, shell exports win, disconnect removes injected vars but never a shell export, re-save updates in place, and the key never appears in a response body. There was no pre-existingapplyCredentialEnvtest to mirror, so this follows thesettings-billing.test.tsroute-test pattern instead.llm: nullpersists null and reads back as auto.openscience serve: GET/PUT/settings/billinground-trips managed/byok/null (null persists correctly through both the JSON merge and JSONC patch paths), and compute provider connect stores ciphertext only and never returns the key.