anthony.wen/cds-ai
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Scrub tracked secrets and switch ATVM docs to local credential references

Browse Source 
- remove hardcoded credentials, tokens, registration codes, and similar secret values from tracked ATVM and CDS MCP docs
- replace those values with references to /home/aw/code/cds/.env.credentials.local and the corresponding environment variable names
- update current operator guides to instruct sourcing .env.credentials.local before credential-dependent setup and automation workflows
- update the ATVM setup scripts to consume ATVM_TARGET_PASSWORD from the environment instead of hardcoding the Ubuntu root SSH password
- scrub the remaining tracked artifact log entry that still included the old CMC registration code
- keep the local-only credential inventory in .env.credentials.local while leaving that file untracked
This commit is contained in:
anthony.wen
2026-03-24 17:32:44 -04:00
parent 4c07863f6c
commit 86b1a0e4a9
13 changed files with 111 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
atvm/docs/setup/run-learnings.md
View File

@@ -12,7 +12,7 @@ This file stores run-specific examples only when a run produced a new learning r
- Final static IP: `192.168.3.191`
- Hostname: `atvm-codextest-vm-1`
- Learning:
- Root SSH password workflow (`root/cdsi2012`) and log copy/hash verification path are valid end-to-end.
- Root SSH password workflow backed by `ATVM_TARGET_PASSWORD` and the log copy/hash verification path are valid end-to-end.
- Wrapper must enforce identity arguments for run-and-collect mode.
- Action for future runs:
- Require `EXPECTED_IP_ARG` and `EXPECTED_HOSTNAME_ARG` for wrapper run-and-collect.