Credential Source Pattern (cross-cutting)
Status: Partially implemented — EnvValue covers literals, host-env references, structured op:// refs, and on-demand jackin-exec delivery; auth/provider-key forms reuse those env values through shared console source pickers. A general CredentialSource abstraction spanning non-env consumers (command, OS secret store, file backends) has not been started in source.
Shipped baseline
EnvValue (crates/jackin-core/src/env_value.rs) is the persisted operator-env vocabulary: Plain(String), structured OpRef (canonical op:// URI, display breadcrumb, optional account, on_demand flag), and Extended { value, on_demand } for literal/$VAR values that opt into on-demand delivery.
CLI/config paths and console pickers turn a selected or typed 1Password value into EnvValue::OpRef; typed non-op values stay Plain/Extended. Auth/provider-key forms use the same literal-vs-1Password source picker and persist credentials back through env values (crates/jackin-console/src/tui/auth_config.rs, crates/jackin-console/src/tui/input/auth.rs).
jackin-exec filters on_demand env values out of launch env, advertises their names to the container via JACKIN_EXEC_BINDINGS (never the values), then resolves selected op://, host-env, or literal values through the host socket for one command (crates/jackin-runtime/src/runtime/launch/launch_pipeline.rs, crates/jackin-protocol/src/lib.rs).
That baseline is env-shaped: it does not model command, OS secret store, or file backends, and there is no reusable type for non-env consumers (GitHub link tracking, task sources, daemon/MCP credential requests).
Remaining work
CredentialSourceenum + TOML deserialization for literal, host env, command, 1Password, OS secret store, and file backends — no such type exists in source yet.- Adapter from the shipped
EnvValue/OpRefvocabulary intoCredentialSource, so existing operator env, auth/provider-key forms, andjackin-execbehavior keep working during migration. - Missing shared backends:
command(run without shell, minimal env, stdout-only secret), OS secret store (Keychain/secret-tool/Credential Manager), andfile. - Secret wrapper (
SecretStringor equivalent) with zeroize-on-drop and redacted debug output. - Replace existing env-shaped credential lookups with the unified type where the consumer is not inherently an environment variable.
- New consumers (GitHub link tracking, task source abstraction, daemon/MCP credential requests) accept
CredentialSourcefrom day one instead of rolling their own resolution. - New docs page
docs/content/docs/(public)/guides/credentials.mdx: shipped baseline, target backends, delivery modes, security tradeoffs, recommended pattern per use case.
Out of scope
- Vault / AWS Secrets Manager / GCP Secret Manager backends — defer until a real user asks; file-mount + K8s secrets covers most of the space.
- Per-source resolution caching with TTL — lazy-once-per-run is enough for V1.
- A
jackin secrets testCLI that resolves every configured credential and reports status.
Related work
- Research: Credential Source Pattern — Design — multicode prior art, target TOML shape, resolution/forwarding model, open design questions.
- 1Password integration — existing consumer; refactors onto the new type.
- Claude auth strategy — existing consumer; this pattern should be the abstraction it uses, not a parallel design.
- GitHub link tracking, Task source abstraction — new consumers.
- jackin-remote — credential forwarding model (local resolve, remote forward).
- Agent Orchestration Program