trustee 0.1.54

A general-purpose agent that can morph into different specialized agents using WASM lifecycle plugins
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75

# Example ~/.trustee/.env file for Trustee
# This file configures local behavior and remote encrypted config/secrets storage

# =============================================
# LLM Provider Configuration
# =============================================
# Choose your LLM provider and set the appropriate API key(s)

# OpenAI
OPENAI_API_KEY=sk-your-key-here
# OPENAI_DEFAULT_MODEL=gpt-4o
# OPENAI_BASE_URL=https://api.openai.com/v1

# GitHub Copilot
# GITHUB_TOKEN=ghu-your-token-here
# GITHUB_MODEL=openai/gpt-4o-mini
# GITHUB_BASE_URL=https://api.githubcopilot.com

# Anthropic
# ANTHROPIC_AUTH_TOKEN=sk-ant-your-key-here
# ANTHROPIC_MODEL=claude-3-5-sonnet-20241022
# ANTHROPIC_BASE_URL=https://api.anthropic.com

# LLM Provider Selection
# LLM_PROVIDER=tanbal

# =============================================
# Local Configuration Files (Optional)
# =============================================
# Override default local config and env file names
# Default config file is ~/.trustee/config/trustee.toml
# TRUSTEE_CONFIG_FILE=my-custom-config.toml
# Default env file is ~/.trustee/.env
# TRUSTEE_ENV_FILE=my-custom-env

# =============================================
# Remote Encrypted Config/Secrets Configuration (Optional)
# =============================================
# If these are set, Trustee will attempt to load config and secrets from
# remote encrypted storage using the getmyconfig library

# Required: S3-compatible storage endpoint
GETMYCONFIG_ENDPOINT=your-storage.example.com

# Required: Storage access credentials
GETMYCONFIG_ACCESS_KEY=your-access-key
GETMYCONFIG_SECRET_KEY=your-secret-key

# Required: Storage bucket name
GETMYCONFIG_BUCKET=your-bucket-name

# Required: Encryption key for decrypting remote files
# Must be 32 bytes hex-encoded (64 hex characters)
GETMYCONFIG_ENCRYPTION_KEY=your-32-byte-encryption-key-hex

# Optional: Storage region (if required by your provider)
# GETMYCONFIG_REGION=us-east-1

# Remote File Names (Optional)
# Override default remote config and env file names
# Default config file is trustee.toml.enc
GETMYCONFIG_CONFIG_FILE=trustee.toml.enc
# Default env file is .env.enc
GETMYCONFIG_ENV_FILE=.env.enc

# =============================================
# Notes
# =============================================
# 1. If remote config is configured, Trustee will try to load from remote first,
#    then fall back to local files if remote is unavailable.
# 2. Remote secrets are merged with local secrets (remote takes priority).
# 3. GETMYCONFIG_* variables are always read from the local ~/.trustee/.env file.
# 4. The local ~/.trustee/.env file MUST exist to configure remote storage,
#    even if you plan to use primarily remote config/secrets.
# 5. Remote files are decrypted using AES-256-GCM with the provided encryption key.