From 352b7752fb262f856401b3c270434e9d087dbf99 Mon Sep 17 00:00:00 2001 From: DevelopmentCats Date: Thu, 12 Mar 2026 08:58:22 -0500 Subject: [PATCH] feat: address comments from Copilot and tighten up config behaviour and validation --- registry/coder/modules/claude-code/main.tf | 10 ++++ .../coder/modules/claude-code/main.tftest.hcl | 60 +++++++++++++++++++ .../modules/claude-code/scripts/start.sh | 7 +++ 3 files changed, 77 insertions(+) diff --git a/registry/coder/modules/claude-code/main.tf b/registry/coder/modules/claude-code/main.tf index 099d0492..a8a781c3 100644 --- a/registry/coder/modules/claude-code/main.tf +++ b/registry/coder/modules/claude-code/main.tf @@ -247,12 +247,22 @@ variable "boundary_config" { type = string description = "Inline YAML config for coder boundary network filtering rules. Written to ~/.config/coder_boundary/config.yaml before boundary starts. Mutually exclusive with boundary_config_path." default = null + + validation { + condition = var.boundary_config == null || trimspace(var.boundary_config) != "" + error_message = "boundary_config must not be empty or whitespace-only when provided." + } } variable "boundary_config_path" { type = string description = "Path to an existing boundary config file on disk. Symlinked to ~/.config/coder_boundary/config.yaml before boundary starts. Mutually exclusive with boundary_config." default = null + + validation { + condition = var.boundary_config_path == null || trimspace(var.boundary_config_path) != "" + error_message = "boundary_config_path must not be empty or whitespace-only when provided." + } } variable "boundary_version" { diff --git a/registry/coder/modules/claude-code/main.tftest.hcl b/registry/coder/modules/claude-code/main.tftest.hcl index 97d0c905..44ca6501 100644 --- a/registry/coder/modules/claude-code/main.tftest.hcl +++ b/registry/coder/modules/claude-code/main.tftest.hcl @@ -317,6 +317,66 @@ run "test_boundary_config_path_without_boundary_fails" { ] } +run "test_boundary_empty_config_fails" { + command = plan + + variables { + agent_id = "test-agent-empty-config" + workdir = "/home/coder/boundary-test" + enable_boundary = true + boundary_config = "" + } + + expect_failures = [ + var.boundary_config, + ] +} + +run "test_boundary_empty_config_path_fails" { + command = plan + + variables { + agent_id = "test-agent-empty-config-path" + workdir = "/home/coder/boundary-test" + enable_boundary = true + boundary_config_path = "" + } + + expect_failures = [ + var.boundary_config_path, + ] +} + +run "test_boundary_whitespace_config_fails" { + command = plan + + variables { + agent_id = "test-agent-whitespace-config" + workdir = "/home/coder/boundary-test" + enable_boundary = true + boundary_config = " " + } + + expect_failures = [ + var.boundary_config, + ] +} + +run "test_boundary_whitespace_config_path_fails" { + command = plan + + variables { + agent_id = "test-agent-whitespace-config-path" + workdir = "/home/coder/boundary-test" + enable_boundary = true + boundary_config_path = " " + } + + expect_failures = [ + var.boundary_config_path, + ] +} + run "test_claude_code_system_prompt" { command = plan diff --git a/registry/coder/modules/claude-code/scripts/start.sh b/registry/coder/modules/claude-code/scripts/start.sh index 0567772e..f85c6ca1 100644 --- a/registry/coder/modules/claude-code/scripts/start.sh +++ b/registry/coder/modules/claude-code/scripts/start.sh @@ -26,6 +26,8 @@ ARG_USE_BOUNDARY_DIRECTLY=${ARG_USE_BOUNDARY_DIRECTLY:-false} ARG_CODER_HOST=${ARG_CODER_HOST:-} ARG_BOUNDARY_CONFIG=${ARG_BOUNDARY_CONFIG:-} ARG_BOUNDARY_CONFIG_PATH=${ARG_BOUNDARY_CONFIG_PATH:-} +ARG_BOUNDARY_CONFIG_PATH="${ARG_BOUNDARY_CONFIG_PATH/#\~/$HOME}" +ARG_BOUNDARY_CONFIG_PATH="${ARG_BOUNDARY_CONFIG_PATH//\$HOME/$HOME}" echo "--------------------------------" @@ -240,6 +242,11 @@ function start_agentapi() { fi fi + if [ ! -s "$BOUNDARY_CONFIG_FILE" ]; then + printf "Error: boundary configuration file '%s' does not exist or is empty. Check boundary_config/boundary_config_path.\n" "$BOUNDARY_CONFIG_FILE" >&2 + exit 1 + fi + install_boundary printf "Starting with coder boundary enabled\n"