Skip to content

feat: support SAMPLEX_API_KEY for CI/CD authentication#4

Merged
lolstring merged 3 commits into
mainfrom
feature/api-key-auth
Mar 15, 2026
Merged

feat: support SAMPLEX_API_KEY for CI/CD authentication#4
lolstring merged 3 commits into
mainfrom
feature/api-key-auth

Conversation

@lolstring

@lolstring lolstring commented Mar 14, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Summary

  • Adds SAMPLE_API_KEY environment variable support for CI/CD authentication
  • When set, uses x-api-key header instead of OAuth Bearer tokens — no interactive login needed
  • API key takes precedence over OAuth credentials when both exist
  • Updated CLI error messages to mention API keys as an alternative to samplex login

Changes

  • src/lib/env.ts — Added SAMPLE_API_KEY env var
  • src/lib/api.tsrequireAuth() checks API key first, falls back to OAuth. Separate error messages for API key vs OAuth 401s. No token refresh when using API key.
  • src/lib/__tests__/api.test.ts — 25 new tests covering API key auth path (97 total, up from 72)

Usage

# In CI/CD (e.g. GitHub Actions)
export SAMPLE_API_KEY=sk_your_key_here
samplex deploy ./dist --slug my-preview

# API key is generated from the web app settings page (requires genmod-ai/sample-workspace#1)

Test plan

  • All 97 tests pass (bun run test)
  • Type check passes (bun run check-types)
  • Lint + format pass (pre-commit hooks)
  • SAMPLEX_API_KEY=user_... samplex list uses x-api-key header
  • SAMPLEX_API_KEY=user_bad samplex list shows "API key is invalid or expired"
  • Without API key or login: error mentions both samplex login and SAMPLEX_API_KEY
  • With both API key and OAuth creds: API key takes precedence

@lolstring
feat: support SAMPLE_API_KEY env var for CI/CD authentication
22eb64a 
When SAMPLE_API_KEY is set, the CLI uses x-api-key header instead of
OAuth Bearer tokens. This enables authentication in CI/CD environments
where interactive OAuth flows aren't possible.

- API key takes precedence over OAuth credentials when both exist
- No token refresh needed for API key auth
- Updated error messages to mention SAMPLE_API_KEY as an alternative
- Added 25 tests covering API key auth for rpc() and rpcUpload()
@lolstring
fix: update the API key to use SAMPLEX naming convention
bd2fb3b
@lolstring lolstring changed the title feat: support SAMPLE_API_KEY for CI/CD authentication feat: support SAMPLEX_API_KEY for CI/CD authentication Mar 15, 2026
@lolstring
fix: inline getAuthHeaders, add missing API key test coverage
bf3c053 
- Remove dead-code getAuthHeaders() helper, inline into requireAuth()
- Add SAMPLEX_API_KEY assertion to rpcUpload 401 test for consistency
- Add non-401 error tests (500) for both rpc and rpcUpload with API key
@lolstring lolstring merged commit 82d6de7 into main Mar 15, 2026
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@lolstring