feat: smart credential detection for multi-agent projects#182
Merged
Conversation
Contributor
Coverage Report
|
8cf7e1a to
5b444ef
Compare
Contributor
Author
|
/strands review this PR. DO NOT MAKE ANY CHANGES TO THE CODE UNDER ANY CIRCUMSTANCES |
notgitika
requested changes
Feb 9, 2026
cd39a61 to
959b709
Compare
- Add resolveCredentialStrategy() to detect same vs different API keys - Same key reuses project-scoped credential, different key creates agent-scoped - Clean up agent-scoped credentials on agent removal - Fix deploy flow: always update credentials on deploy (not just manual entry) - Add getAllCredentials() for credential prompt, updateApiKeyProvider() for updates - Fix double-execution bugs in useCdkPreflight and CredentialSourcePrompt - Add unit and integration tests
- Add non-null assertions for credentials[0] after length check - Fix credential type 'ApiKey' -> 'ApiKeyCredentialProvider' in tests - Fix result.agentName -> result.providerName in useCdkPreflight
- Check ALL existing credentials for matching API key (not just project-scoped) - Agent3 can now reuse Agent2's credential if they share the same key - Preserve credentials on agent removal for potential reuse - If agent re-added with different key, credential is updated
959b709 to
78f54fd
Compare
notgitika
approved these changes
Feb 9, 2026
|
Reviewed this PR. Since it's already merged, sharing feedback here for reference: Already flagged in existing comments (no need to repeat):
Minor additional observations (non-blocking, follow-up if desired):
Tests look good — integration tests use real tmp dirs rather than fs mocks, and the unit-test mocking of No telemetry gap — this change is covered by the existing command-level LGTM overall. Nothing here would have blocked merge. |
jariy17
pushed a commit
that referenced
this pull request
May 21, 2026
The app token needs `owner: aws` to generate a token scoped to all repos the app is installed on, not just the current repo. Without this, the token can't clone the CDK repo.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Implements smart credential detection for multi-agent projects. When adding a new agent with a non-Bedrock model provider:
Fixes Issue #148, #162, and #169
Deploy Flow Fixes:
Problem: After destroy and redeploy, credentials weren't being recreated because:
Solution:
Other Fixes:
Related Issues
Documentation PR
Type of Change
Testing
How have you tested the change?
Note: typecheck and lint have pre-existing failures in mainline unrelated to this PR.
Checklist
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the
terms of your choice.