Files

77 lines
2.9 KiB
Markdown

# Admin-AI Provider Verification
Use this when asked whether admin-ai is configured, whether its credentials work, or whether a model is available.
## 1. Inspect effective config without exposing secrets
Parse YAML instead of grepping isolated lines:
```bash
python3 - <<'PY'
import yaml
p = '/root/.hermes/config.yaml'
c = yaml.safe_load(open(p)) or {}
print('model:', c.get('model'))
for name, cfg in (c.get('providers') or {}).items():
print(f'provider={name}')
if isinstance(cfg, dict):
for k, v in cfg.items():
if any(s in k.lower() for s in ('key','token','secret','password')):
print(f' {k}:', 'SET' if v else 'EMPTY')
else:
print(f' {k}: {v}')
print('delegation:', c.get('delegation'))
PY
```
Interpretation:
- `providers.admin-ai` with a base URL and non-empty key means configured for the current profile.
- A model or delegation provider naming admin-ai without a matching usable provider entry is broken configuration.
- An `auth.json` credential-pool record containing only a fingerprint is not a usable credential and not proof that admin-ai is active.
## 2. Test the configured credential
Extract values in-process so the key is not printed:
```bash
python3 - <<'PY'
import json, ssl, urllib.request, urllib.error, yaml
c = yaml.safe_load(open('/root/.hermes/config.yaml')) or {}
p = (c.get('providers') or {}).get('admin-ai')
if not isinstance(p, dict):
raise SystemExit('NOT_CONFIGURED: providers.admin-ai is absent')
base = (p.get('base_url') or p.get('endpoint') or '').rstrip('/')
key = p.get('api_key')
if not base or not key:
raise SystemExit('INCOMPLETE: base URL or API key missing')
req = urllib.request.Request(base + '/models', headers={'Authorization': 'Bearer ' + key})
try:
with urllib.request.urlopen(req, timeout=15, context=ssl.create_default_context()) as r:
body = json.load(r)
ids = sorted(str(x.get('id')) for x in body.get('data', []) if x.get('id'))
print('HTTP:', r.status)
print('MODEL_COUNT:', len(ids))
exact = 'deepseek-chat' in ids
print('DEEPSEEK_CHAT_EXACT:', exact)
if not exact:
print('DEEPSEEK_MATCHES:', [x for x in ids if 'deepseek' in x.lower()])
except urllib.error.HTTPError as e:
print('HTTP:', e.code)
print('AUTH_RESULT:', 'REJECTED' if e.code in (401,403) else 'REQUEST_FAILED')
except Exception as e:
print('CONNECTION_FAILED:', type(e).__name__, str(e))
PY
```
## 3. Report precisely
Separate these conclusions:
- **Configured:** provider exists in effective config.
- **Credential valid:** authenticated `/models` returned HTTP 200.
- **Model visible:** exact ID `deepseek-chat` is present.
- **Historical metadata only:** admin-ai appears in `auth.json` but is absent from effective config.
Never report credentials as tested if no usable key was available. Never claim `deepseek-chat` exists based on a stale model inventory.