Sylvain Tremblay
9eb6bda257
All checks were successful
Run Check Script / check (pull_request) Successful in 2m48s
Net-diff PR (1 of 4) splitting feat/unified-config-and-secrets into reviewable pieces. harmony_secret changes only; compiles against master. - Silent OIDC refresh + clearer device-code error surfacing - renew-self on cached OpenBao token; auto-open device-flow browser - OIDC session cache scoped by sso_url + client_id (was one shared file) - LocalFileSecretStore nested per namespace - validate cached token via lookup-self (default policy), not lookup (sudo) - drop dead HARMONY_SECRETS_URL var and OidcSession::is_openbao_token_expired Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>