Part of epic #3602.
Scope
Wire the two new gonka vault keys through the secret resolver so they are available to the provider factory at startup.
Files to modify
crates/zeph-config/src/root.rs:143 — add to ResolvedSecrets:
pub gonka_private_key: Option<Secret>,
pub gonka_address: Option<Secret>,
crates/zeph-core/src/config.rs — after the existing ZEPH_GEMINI_API_KEY resolution block, read both keys from the vault and populate the fields. Log at INFO when both are present.
Acceptance
cargo nextest run -p zeph-core -E 'test(vault)' covers the new fields with a mock vault.- New unit test: when only
ZEPH_GONKA_PRIVATE_KEY is set, address remains None (derivation happens in the provider factory, not the resolver).
cargo nextest run --workspace --features full --lib --bins green.CHANGELOG.md [Unreleased] documents the new vault keys.
Depends on
#5.
Size
S (~1.5h)
Part of epic #3602.
Scope
Wire the two new gonka vault keys through the secret resolver so they are available to the provider factory at startup.
Files to modify
crates/zeph-config/src/root.rs:143— add toResolvedSecrets:crates/zeph-core/src/config.rs— after the existingZEPH_GEMINI_API_KEYresolution block, read both keys from the vault and populate the fields. Log at INFO when both are present.Acceptance
cargo nextest run -p zeph-core -E 'test(vault)'covers the new fields with a mock vault.ZEPH_GONKA_PRIVATE_KEYis set, address remainsNone(derivation happens in the provider factory, not the resolver).cargo nextest run --workspace --features full --lib --binsgreen.CHANGELOG.md[Unreleased]documents the new vault keys.Depends on
#5.
Size
S (~1.5h)