Files

2.9 KiB

Admin-AI Provider Verification

Use this when asked whether admin-ai is configured, whether its credentials work, or whether a model is available.

1. Inspect effective config without exposing secrets

Parse YAML instead of grepping isolated lines:

python3 - <<'PY'
import yaml
p = '/root/.hermes/config.yaml'
c = yaml.safe_load(open(p)) or {}
print('model:', c.get('model'))
for name, cfg in (c.get('providers') or {}).items():
    print(f'provider={name}')
    if isinstance(cfg, dict):
        for k, v in cfg.items():
            if any(s in k.lower() for s in ('key','token','secret','password')):
                print(f'  {k}:', 'SET' if v else 'EMPTY')
            else:
                print(f'  {k}: {v}')
print('delegation:', c.get('delegation'))
PY

Interpretation:

  • providers.admin-ai with a base URL and non-empty key means configured for the current profile.
  • A model or delegation provider naming admin-ai without a matching usable provider entry is broken configuration.
  • An auth.json credential-pool record containing only a fingerprint is not a usable credential and not proof that admin-ai is active.

2. Test the configured credential

Extract values in-process so the key is not printed:

python3 - <<'PY'
import json, ssl, urllib.request, urllib.error, yaml
c = yaml.safe_load(open('/root/.hermes/config.yaml')) or {}
p = (c.get('providers') or {}).get('admin-ai')
if not isinstance(p, dict):
    raise SystemExit('NOT_CONFIGURED: providers.admin-ai is absent')
base = (p.get('base_url') or p.get('endpoint') or '').rstrip('/')
key = p.get('api_key')
if not base or not key:
    raise SystemExit('INCOMPLETE: base URL or API key missing')
req = urllib.request.Request(base + '/models', headers={'Authorization': 'Bearer ' + key})
try:
    with urllib.request.urlopen(req, timeout=15, context=ssl.create_default_context()) as r:
        body = json.load(r)
        ids = sorted(str(x.get('id')) for x in body.get('data', []) if x.get('id'))
        print('HTTP:', r.status)
        print('MODEL_COUNT:', len(ids))
        exact = 'deepseek-chat' in ids
        print('DEEPSEEK_CHAT_EXACT:', exact)
        if not exact:
            print('DEEPSEEK_MATCHES:', [x for x in ids if 'deepseek' in x.lower()])
except urllib.error.HTTPError as e:
    print('HTTP:', e.code)
    print('AUTH_RESULT:', 'REJECTED' if e.code in (401,403) else 'REQUEST_FAILED')
except Exception as e:
    print('CONNECTION_FAILED:', type(e).__name__, str(e))
PY

3. Report precisely

Separate these conclusions:

  • Configured: provider exists in effective config.
  • Credential valid: authenticated /models returned HTTP 200.
  • Model visible: exact ID deepseek-chat is present.
  • Historical metadata only: admin-ai appears in auth.json but is absent from effective config.

Never report credentials as tested if no usable key was available. Never claim deepseek-chat exists based on a stale model inventory.