fix: declare required secrets so Pinata prompts on deploy#5
Merged
Conversation
Pinata's setup UI reads manifest.json → secrets to know what env vars to prompt for. We had none declared, so users hitting deploy never got asked for OPENSEA_API_KEY, PRIVY_APP_ID, PRIVY_APP_SECRET, or PRIVY_WALLET_ID — they had to know to paste them into the env UI by hand (the README mentions this, but a setup wizard that doesn't ask is the wrong default). Declared all four as required, with descriptions matching what the README's secrets table says. Pattern follows the moonpay-defi-portfolio template's secrets array (the canonical schema only requires name + description; required defaults to true). CI now asserts the secrets array exists, every entry has a valid SHOUTING_SNAKE_CASE name and non-empty description, and all four required vars are declared with required: true — so this can't silently regress. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Pinata's setup UI reads
manifest.json→secretsto know what env vars to prompt for at deploy time. We had nosecretsarray, so users were never prompted for the four credentials the agent actually needs — they had to know to paste them into the env UI by hand. The README mentions doing this, but a setup wizard that silently doesn't ask is the wrong default.Changes
manifest.json: declare all four asrequired: true, with descriptions matching the README's Secrets you'll need table:OPENSEA_API_KEY— includes the curl one-liner that mints an instant keyPRIVY_APP_ID— points at dashboard.privy.ioPRIVY_APP_SECRET— same dashboard pagePRIVY_WALLET_ID— points at the skill's wallet-setup referencePattern follows
moonpay-defi-portfolio'ssecretsarray. The canonical schema (peruseful-assistant's_docsblock) only requiresname+description;requireddefaults to true..github/workflows/validate.yml: assert thesecretsarray exists, every entry has aSHOUTING_SNAKE_CASEname and non-empty description, and all four required vars are explicitly declared withrequired: true. So this can't silently regress.Test plan
🤖 Generated with Claude Code