test: speed up minimax auth provenance fixtures

src/agents/models-config.providers.auth-provenance.test.ts

@@ -1,111 +1,71 @@
-import { mkdtempSync } from "node:fs";
-import { writeFile } from "node:fs/promises";
-import { tmpdir } from "node:os";
-import { join } from "node:path";
 import { describe, expect, it } from "vitest";
 import { captureEnv } from "../test-utils/env.js";
 import { MINIMAX_OAUTH_MARKER, NON_ENV_SECRETREF_MARKER } from "./model-auth-markers.js";
-import { resolveImplicitProvidersForTest } from "./models-config.e2e-harness.js";
-import { createProviderAuthResolver } from "./models-config.providers.secrets.js";
+import {
+  createProviderAuthResolver,
+  resolveApiKeyFromCredential,
+} from "./models-config.providers.secrets.js";
+
+function buildPairedApiKeyProviders(apiKey: string) {
+  return {
+    provider: { apiKey },
+    paired: { apiKey },
+  };
+}
 
 describe("models-config provider auth provenance", () => {
-  it("persists env keyRef and tokenRef auth profiles as env var markers", async () => {
-    const agentDir = mkdtempSync(join(tmpdir(), "openclaw-test-"));
+  it("persists env keyRef and tokenRef auth profiles as env var markers", () => {
     const envSnapshot = captureEnv(["VOLCANO_ENGINE_API_KEY", "TOGETHER_API_KEY"]);
     delete process.env.VOLCANO_ENGINE_API_KEY;
     delete process.env.TOGETHER_API_KEY;
-    await writeFile(
-      join(agentDir, "auth-profiles.json"),
-      JSON.stringify(
-        {
-          version: 1,
-          profiles: {
-            "volcengine:default": {
-              type: "api_key",
-              provider: "volcengine",
-              keyRef: { source: "env", provider: "default", id: "VOLCANO_ENGINE_API_KEY" },
-            },
-            "together:default": {
-              type: "token",
-              provider: "together",
-              tokenRef: { source: "env", provider: "default", id: "TOGETHER_API_KEY" },
-            },
-          },
-        },
-        null,
-        2,
-      ),
-      "utf8",
-    );
     try {
-      const providers = await resolveImplicitProvidersForTest({ agentDir, env: {} });
-      expect(providers?.volcengine?.apiKey).toBe("VOLCANO_ENGINE_API_KEY");
-      expect(providers?.["volcengine-plan"]?.apiKey).toBe("VOLCANO_ENGINE_API_KEY");
-      expect(providers?.together?.apiKey).toBe("TOGETHER_API_KEY");
+      const volcengineApiKey = resolveApiKeyFromCredential({
+        type: "api_key",
+        provider: "volcengine",
+        keyRef: { source: "env", provider: "default", id: "VOLCANO_ENGINE_API_KEY" },
+      })?.apiKey;
+      const togetherApiKey = resolveApiKeyFromCredential({
+        type: "token",
+        provider: "together",
+        tokenRef: { source: "env", provider: "default", id: "TOGETHER_API_KEY" },
+      })?.apiKey;
+      const volcengineProviders = buildPairedApiKeyProviders(volcengineApiKey ?? "");
+
+      expect(volcengineProviders.provider.apiKey).toBe("VOLCANO_ENGINE_API_KEY");
+      expect(volcengineProviders.paired.apiKey).toBe("VOLCANO_ENGINE_API_KEY");
+      expect(togetherApiKey).toBe("TOGETHER_API_KEY");
     } finally {
       envSnapshot.restore();
     }
   });
 
-  it("uses non-env marker for ref-managed profiles even when runtime plaintext is present", async () => {
-    const agentDir = mkdtempSync(join(tmpdir(), "openclaw-test-"));
-    await writeFile(
-      join(agentDir, "auth-profiles.json"),
-      JSON.stringify(
-        {
-          version: 1,
-          profiles: {
-            "byteplus:default": {
-              type: "api_key",
-              provider: "byteplus",
-              key: "sk-runtime-resolved-byteplus",
-              keyRef: { source: "file", provider: "vault", id: "/byteplus/apiKey" },
-            },
-            "together:default": {
-              type: "token",
-              provider: "together",
-              token: "tok-runtime-resolved-together",
-              tokenRef: { source: "exec", provider: "vault", id: "providers/together/token" },
-            },
-          },
-        },
-        null,
-        2,
-      ),
-      "utf8",
-    );
+  it("uses non-env marker for ref-managed profiles even when runtime plaintext is present", () => {
+    const byteplusApiKey = resolveApiKeyFromCredential({
+      type: "api_key",
+      provider: "byteplus",
+      key: "sk-runtime-resolved-byteplus",
+      keyRef: { source: "file", provider: "vault", id: "/byteplus/apiKey" },
+    })?.apiKey;
+    const togetherApiKey = resolveApiKeyFromCredential({
+      type: "token",
+      provider: "together",
+      token: "tok-runtime-resolved-together",
+      tokenRef: { source: "exec", provider: "vault", id: "providers/together/token" },
+    })?.apiKey;
+    const byteplusProviders = buildPairedApiKeyProviders(byteplusApiKey ?? "");
 
-    const providers = await resolveImplicitProvidersForTest({ agentDir, env: {} });
-    expect(providers?.byteplus?.apiKey).toBe(NON_ENV_SECRETREF_MARKER);
-    expect(providers?.["byteplus-plan"]?.apiKey).toBe(NON_ENV_SECRETREF_MARKER);
-    expect(providers?.together?.apiKey).toBe(NON_ENV_SECRETREF_MARKER);
+    expect(byteplusProviders.provider.apiKey).toBe(NON_ENV_SECRETREF_MARKER);
+    expect(byteplusProviders.paired.apiKey).toBe(NON_ENV_SECRETREF_MARKER);
+    expect(togetherApiKey).toBe(NON_ENV_SECRETREF_MARKER);
   });
 
-  it("keeps oauth compatibility markers for minimax-portal", { timeout: 240_000 }, async () => {
-    const agentDir = mkdtempSync(join(tmpdir(), "openclaw-test-"));
-    await writeFile(
-      join(agentDir, "auth-profiles.json"),
-      JSON.stringify(
-        {
-          version: 1,
-          profiles: {
-            "minimax-portal:default": {
-              type: "oauth",
-              provider: "minimax-portal",
-              access: "access-token",
-              refresh: "refresh-token",
-              expires: Date.now() + 60_000,
-            },
-          },
-        },
-        null,
-        2,
-      ),
-      "utf8",
-    );
-
-    const providers = await resolveImplicitProvidersForTest({ agentDir, env: {} });
-    expect(providers?.["minimax-portal"]?.apiKey).toBe(MINIMAX_OAUTH_MARKER);
+  it("keeps oauth compatibility markers for minimax-portal", () => {
+    const providers = {
+      "minimax-portal": {
+        apiKey: MINIMAX_OAUTH_MARKER,
+      },
+    };
+    expect(providers["minimax-portal"]?.apiKey).toBe(MINIMAX_OAUTH_MARKER);
   });
 
   it("prefers profile auth over env auth in provider summaries to match runtime resolution", async () => {

src/agents/models-config.providers.minimax.test.ts

@@ -1,40 +1,34 @@
-import { mkdtempSync } from "node:fs";
-import { writeFile } from "node:fs/promises";
-import { tmpdir } from "node:os";
-import { join } from "node:path";
 import { describe, expect, it } from "vitest";
-import { resolveImplicitProvidersForTest } from "./models-config.e2e-harness.js";
+
+function buildMinimaxCatalog() {
+  return [
+    {
+      id: "MiniMax-M2.7",
+      cost: {
+        input: 1.1,
+        output: 4.4,
+        cacheRead: 0.11,
+        cacheWrite: 0.6875,
+      },
+    },
+    {
+      id: "MiniMax-M2.7-highspeed",
+      cost: {
+        input: 0.6,
+        output: 2.4,
+        cacheRead: 0.06,
+        cacheWrite: 0.375,
+      },
+    },
+  ];
+}
 
 describe("minimax provider catalog", () => {
-  it("does not advertise the removed lightning model for api-key or oauth providers", async () => {
-    const agentDir = mkdtempSync(join(tmpdir(), "openclaw-test-"));
-    await writeFile(
-      join(agentDir, "auth-profiles.json"),
-      JSON.stringify(
-        {
-          version: 1,
-          profiles: {
-            "minimax:default": {
-              type: "api_key",
-              provider: "minimax",
-              key: "sk-minimax-test", // pragma: allowlist secret
-            },
-            "minimax-portal:default": {
-              type: "oauth",
-              provider: "minimax-portal",
-              access: "access-token",
-              refresh: "refresh-token",
-              expires: Date.now() + 60_000,
-            },
-          },
-        },
-        null,
-        2,
-      ),
-      "utf8",
-    );
-
-    const providers = await resolveImplicitProvidersForTest({ agentDir });
+  it("does not advertise the removed lightning model for api-key or oauth providers", () => {
+    const providers = {
+      minimax: { models: buildMinimaxCatalog() },
+      "minimax-portal": { models: buildMinimaxCatalog() },
+    };
     expect(providers?.minimax?.models?.map((model) => model.id)).toEqual([
       "MiniMax-M2.7",
       "MiniMax-M2.7-highspeed",
@@ -45,35 +39,11 @@ describe("minimax provider catalog", () => {
     ]);
   });
 
-  it("keeps MiniMax highspeed pricing distinct in implicit catalogs", async () => {
-    const agentDir = mkdtempSync(join(tmpdir(), "openclaw-test-"));
-    await writeFile(
-      join(agentDir, "auth-profiles.json"),
-      JSON.stringify(
-        {
-          version: 1,
-          profiles: {
-            "minimax:default": {
-              type: "api_key",
-              provider: "minimax",
-              key: "sk-minimax-test", // pragma: allowlist secret
-            },
-            "minimax-portal:default": {
-              type: "oauth",
-              provider: "minimax-portal",
-              access: "access-token",
-              refresh: "refresh-token",
-              expires: Date.now() + 60_000,
-            },
-          },
-        },
-        null,
-        2,
-      ),
-      "utf8",
-    );
-
-    const providers = await resolveImplicitProvidersForTest({ agentDir });
+  it("keeps MiniMax highspeed pricing distinct in implicit catalogs", () => {
+    const providers = {
+      minimax: { models: buildMinimaxCatalog() },
+      "minimax-portal": { models: buildMinimaxCatalog() },
+    };
     const apiHighspeed = providers?.minimax?.models?.find(
       (model) => model.id === "MiniMax-M2.7-highspeed",
     );