refactor(settings): pivot to Coolify env API as source of truth

Investigation showed legal-ai container has no INFISICAL_TOKEN and there is no /legal-ai folder in Infisical — all env vars are stored in Coolify and injected into os.environ at container start. - Replace _read_infisical_values with _read_coolify_envs - New: _coolify_authoritative_value picks among Coolify duplicates - PATCH writes via Coolify API (upsert by key) - Drift = Coolify-stored vs container-runtime (common: Coolify edited without redeploy) - Response field renamed: infisical_value → coolify_value - New 'has_duplicates' flag per row when Coolify has multiple entries Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-04 07:50:02 +00:00
parent 1cb832473c
commit d1e12619d4
2 changed files with 140 additions and 133 deletions
--- a/web/mcp_env_catalog.py
+++ b/web/mcp_env_catalog.py
@@ -1,7 +1,9 @@
 # web/mcp_env_catalog.py
 """Static catalog of MCP server env vars exposed in the settings UI.

-Whitelist policy: keys not in this catalog are not displayed or editable.
+Source of truth: Coolify env vars (read/write via Coolify API).
+This file defines the whitelist + types + display metadata.
+Keys not in this catalog are not displayed or editable.
 """

 from __future__ import annotations