ward agent/container: inject claude credentials (ANTHROPIC_API_KEY) for in-container runs #128

Closed
opened 2026-06-18 01:00:46 +00:00 by coilysiren · 0 comments
Owner

ward agent/container injects no claude credentials

Surfaced alongside ward#127 during the first real ward agent claude headless e2e (ward#126). The container injects the forgejo push token but no claude credentials - no ANTHROPIC_API_KEY, no ~/.claude credential mount. Headless claude -p needs ANTHROPIC_API_KEY (Claude Code headless docs).

Proposed

Mirror the forgejo-token path: resolve the key on the host and inject it via the same private 0600 --env-file (so it never enters argv/audit), as ANTHROPIC_API_KEY. The in-container claude picks it up from env.

Open decision (needs Kai)

Which credential, from where?

  • An Anthropic API key from SSM (e.g. a /anthropic/... path) - simplest for headless, but a billable raw key in every container.
  • A scoped/subscription token, or OAuth-token forwarding from the host ~/.claude (macOS Keychain - not trivially portable to a linux container).

Blocks ward agent claude from running once the non-root blocker (ward#127) is cleared. The two are needed together for an end-to-end claude run.

## `ward agent`/`container` injects no claude credentials Surfaced alongside ward#127 during the first real `ward agent claude headless` e2e (ward#126). The container injects the forgejo push token but **no claude credentials** - no `ANTHROPIC_API_KEY`, no `~/.claude` credential mount. Headless `claude -p` needs `ANTHROPIC_API_KEY` (Claude Code headless docs). ### Proposed Mirror the forgejo-token path: resolve the key **on the host** and inject it via the same private 0600 `--env-file` (so it never enters argv/audit), as `ANTHROPIC_API_KEY`. The in-container claude picks it up from env. ### Open decision (needs Kai) **Which credential, from where?** - An Anthropic **API key** from SSM (e.g. a `/anthropic/...` path) - simplest for headless, but a billable raw key in every container. - A scoped/subscription token, or OAuth-token forwarding from the host `~/.claude` (macOS Keychain - not trivially portable to a linux container). Blocks `ward agent claude` from running once the non-root blocker (ward#127) is cleared. The two are needed together for an end-to-end claude run.
Sign in to join this conversation.
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
coilyco-flight-deck/ward#128
No description provided.