feat(secrets): Bitwarden Secrets Manager integration with lazy bws install (#30035)

* feat(secrets): Bitwarden Secrets Manager integration with lazy bws install Pull API keys from Bitwarden Secrets Manager at process startup instead of storing them all in plaintext in ~/.hermes/.env. One bootstrap token (BWS_ACCESS_TOKEN) replaces N per-provider keys, and rotating a credential becomes a single change in the Bitwarden web app. Bitwarden defaults to source of truth: secrets pulled from BSM overwrite any matching env vars on startup so rotations actually take effect. Set secrets.bitwarden.override_existing: false in config.yaml to invert. The bws binary is auto-downloaded into ~/.hermes/bin/bws on first use (pinned to v2.0.0, SHA-256 verified against the GitHub release checksum file). No apt, brew, or sudo required. New surfaces: hermes secrets bitwarden setup — interactive wizard hermes secrets bitwarden status — config + binary + token state hermes secrets bitwarden sync — dry-run fetch / --apply exports hermes secrets bitwarden disable — flip enabled: false hermes secrets bitwarden install — just download the binary Failures (missing binary, bad token, no network) never block Hermes startup — they emit a one-line warning to stderr and continue with whatever credentials .env already had. Docs: website/docs/user-guide/secrets/{index,bitwarden}.md Tests: tests/test_bitwarden_secrets.py (26 tests, hermetic — bws subprocess and HTTP downloads fully mocked) * chore(infographic): add bitwarden-secrets-manager bento-grid retro-pop-grid Generated for PR #30035 — Bitwarden Secrets Manager integration. Style picked via pick_pr_infographic_style.py rotation: layout: bento-grid style: retro-pop-grid aspect: 1:1 square Saved at infographic/bitwarden-secrets-manager/infographic.png
2026-05-29 06:31:32 +00:00 · 2026-05-21 14:10:34 -07:00 · 2026-05-21 14:10:34 -07:00 · 552e9c7881
commit 552e9c7881
parent 18cd1e5c72
13 changed files with 1921 additions and 1 deletions
--- a/hermes_cli/env_loader.py
+++ b/hermes_cli/env_loader.py
@ -172,4 +172,81 @@ def load_hermes_dotenv(
        _load_dotenv_with_fallback(project_env_path, override=not loaded)
        loaded.append(project_env_path)

+    _apply_external_secret_sources(home_path)
+
    return loaded
+
+
+def _apply_external_secret_sources(home_path: Path) -> None:
+    """Pull secrets from external sources (currently Bitwarden) into env.
+
+    Runs AFTER dotenv loads so .env values are visible (we use them to
+    locate the access token) but BEFORE the rest of Hermes reads
+    ``os.environ`` for credentials.  Any failure here is logged and
+    swallowed — external secret sources must never block startup.
+    """
+    try:
+        cfg = _load_secrets_config(home_path)
+    except Exception:  # noqa: BLE001 — config errors must not block startup
+        return
+
+    bw_cfg = (cfg or {}).get("bitwarden") or {}
+    if not bw_cfg.get("enabled"):
+        return
+
+    try:
+        from agent.secret_sources.bitwarden import apply_bitwarden_secrets
+    except ImportError:
+        return
+
+    result = apply_bitwarden_secrets(
+        enabled=True,
+        access_token_env=bw_cfg.get("access_token_env", "BWS_ACCESS_TOKEN"),
+        project_id=bw_cfg.get("project_id", ""),
+        override_existing=bool(bw_cfg.get("override_existing", False)),
+        cache_ttl_seconds=float(bw_cfg.get("cache_ttl_seconds", 300)),
+        auto_install=bool(bw_cfg.get("auto_install", True)),
+    )
+
+    if result.applied:
+        # Re-run the ASCII sanitization pass: BSM values are user-supplied
+        # and might have the same copy-paste corruption as a manually
+        # edited .env (see #6843).
+        _sanitize_loaded_credentials()
+        print(
+            f"  Bitwarden Secrets Manager: applied {len(result.applied)} "
+            f"secret{'s' if len(result.applied) != 1 else ''} "
+            f"({', '.join(sorted(result.applied))})",
+            file=sys.stderr,
+        )
+    if result.error:
+        print(
+            f"  Bitwarden Secrets Manager: {result.error}",
+            file=sys.stderr,
+        )
+    for warn in result.warnings:
+        print(
+            f"  Bitwarden Secrets Manager: {warn}",
+            file=sys.stderr,
+        )
+
+
+def _load_secrets_config(home_path: Path) -> dict:
+    """Read just the ``secrets:`` section out of config.yaml.
+
+    Imported lazily and isolated from the main config loader so a
+    malformed config can't take down dotenv loading entirely.
+    """
+    config_path = home_path / "config.yaml"
+    if not config_path.exists():
+        return {}
+    try:
+        import yaml  # type: ignore
+    except ImportError:
+        return {}
+    try:
+        with open(config_path, "r", encoding="utf-8") as f:
+            data = yaml.safe_load(f) or {}
+    except Exception:  # noqa: BLE001
+        return {}
+    return data.get("secrets") or {}