Skip to content

Tighten opportunity queue flow #47

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
mrmsoc09 wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Tighten opportunity queue flow #47

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions .env.example
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -213,6 +213,13 @@ K1_SCOPE_POLICY_PATH=config/scope_guardrails.yaml
KAI_STORAGE_ROOT=/srv/kai
K1_ARTIFACTS_HOST_ROOT=/srv/kai/artifacts
K1_WORKFLOW_OUTPUT_ROOT=/srv/kai/output
K1_PGP_KEY_SOURCE_DIR=/srv/kai/keys/pgp
K1_PGP_KEY_VAULT_PATH=secret/k1/auth/pgp/kaisonai

# Optional hunter-account import source and inventory index.
KAI_HUNTER_ACCOUNTS_CSV=/home/k1-admin/Documents/Proton Shit/Proton Pass_export_2026-06-11_1781164711.csv

@gemini-code-assist gemini-code-assist Bot Jun 13, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The example path contains unprofessional language (Proton Shit) and a highly specific local home directory (/home/k1-admin). Example environment files should use generic, clean placeholder paths to maintain professionalism and ease of configuration for other developers.

KAI_HUNTER_ACCOUNTS_CSV=/srv/kai/artifacts/hunter-accounts/proton_pass_export.csv

KAI_HUNTER_ACCOUNTS_INDEX_FILE=/srv/kai/artifacts/hunter-accounts/index.json
KAI_HUNTER_ACCOUNTS_VAULT_INDEX_PATH=k1/hunter-accounts/index

# ==================== Security Controls ====================
K1_FORCE_HTTPS=false
Expand Down Expand Up @@ -260,6 +267,11 @@ K1_STARTUP_VALIDATE_TOOLPACKS=false
# Set to false for local platform bring-up without full toolchain install.
K1_BOOTSTRAP_REQUIRE_EXTERNAL_TOOLS=true

# Enforce schema migrations on backend startup.
KAI_DB_ENFORCE_MIGRATIONS=true
KAI_DB_AUTO_APPLY_MIGRATIONS=true
KAI_DB_FAIL_ON_DIRTY_SCHEMA=true

# ==================== Toolpacks ====================
# Comma-separated tool IDs to enable beyond catalog defaults.
K1_TOOLPACKS_ENABLE=
Expand Down
9 changes: 3 additions & 6 deletions apps/backend/src/core/crypto_artifact_signing.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,15 +60,15 @@ def __init__(
self,
gpg_home: str = None,
key_source_dir: str = None,
machine_identity: str = "machine-kaisonai@pm.me"
machine_identity: str = "kaisonai@pm.me"
):
"""
Initialize the crypto system

Args:
gpg_home: Path to GnuPG home directory (default: ~/.kai/gpg_home)
key_source_dir: Path to Kai PGP-Keys directory (default: /home/user/kai/Kai PGP-Keys)
machine_identity: The machine signing identity (default: machine-kaisonai@pm.me)
machine_identity: The machine signing identity (default: kaisonai@pm.me)
"""
self.key_source_dir = Path(key_source_dir or os.getenv("K1_PGP_KEY_SOURCE_DIR", "/home/user/kai/Kai PGP-Keys"))
self.machine_identity = machine_identity
Expand All @@ -82,10 +82,7 @@ def __init__(

# Key identity mappings
self.trusted_identities = {
"admin-kaisonai@pm.me": "Kai Admin",
"user-kaisonai@pm.me": "Kai User",
"infra-kaisonai@pm.me": "Kai Infrastructure",
"machine-kaisonai@pm.me": "Kai Machine"
"kaisonai@pm.me": "Kai Signing",
}

# Signature and verification logs
Expand Down
Loading
Loading