Skip to content

[Hackathon] setup should not re-prompt for API key when credentials already exist #206

Description

@hempun10

Discord Username / User ID

hempun10

What does this improvement do?

Right now, running testsprite setup always asks for your API key, even if you already configured one and it is saved in ~/.testsprite/credentials.

That is confusing because:

  • Other commands (auth status, project list, test run, etc.) already use the saved key without asking again.
  • Re-running setup usually means "install or refresh the agent skill," not "type my API key again."
  • New users cannot tell whether their key was saved or if something went wrong.

This improvement would make setup smarter on repeat runs: detect an existing profile, show what is already configured, and let the user keep it, update the key, or set up a different profile — instead of blindly prompting every time.

Note: API keys are stored globally on your machine (~/.testsprite/credentials), not per project. This issue is about better UX for that global store, not about linking keys to individual TestSprite projects.

Details / implementation notes

Steps to reproduce (today)

# First run — enter your API key when prompted
testsprite setup

# Confirm the key was saved
testsprite auth status   # works, no prompt

# Run setup again
testsprite setup         # asks for API key again

What happens today

  • setup calls runConfigure in src/commands/auth.ts, which always prompts for the API key in interactive mode.
  • It does read an existing profile, but only to inherit api_url — not to skip the key prompt.
  • Tests in src/commands/auth.test.ts expect this (e.g. re-configure keeps the endpoint but still prompts for the key).

So this is intentional today, but it feels wrong for most users.

What we would like instead

When setup runs and the active profile already has a valid saved key:

  1. Show a short summary — profile name, endpoint, masked key hint (e.g. last 4 chars), email from GET /me if available.
  2. Offer a simple choice (interactive text mode):
    • Keep existing credentials (default) → skip key prompt, continue to skill install (unless --no-agent)
    • Update API key → prompt for a new key, validate, overwrite profile
    • Cancel → exit 0 with a clear message

For non-interactive / CI use, add something like:

  • --skip-if-configured — if profile exists and key validates, skip the prompt and only run the skill install step
  • Existing flags still work: --api-key, --from-env, --no-agent, --yes

Suggested acceptance criteria

  • Re-running testsprite setup with a valid saved profile does not ask for the API key unless the user chooses to update it.
  • testsprite auth status and testsprite setup (keep-existing path) resolve the same profile/key.
  • --output json never blocks on an interactive prompt (same rule as today).
  • --dry-run still makes no network calls and writes no credentials.
  • Invalid or expired saved keys still prompt to enter a new one (with a clear message).
  • Unit tests cover: first-time setup, repeat setup (keep), repeat setup (update), --skip-if-configured, non-interactive guardrails.

Code pointers

File Relevance
src/commands/auth.tsrunConfigure() Where the key prompt lives
src/commands/init.tsrunInit() / createSetupCommand() Orchestrates setup (configure + skill install)
src/lib/credentials.tsreadProfile() Reads ~/.testsprite/credentials
src/lib/config.tsloadConfig() How other commands resolve the active key

Related issues (not duplicates)

No PR yet — happy to implement once assigned.

Confirmations

  • I have searched existing issues and this is not a duplicate.
  • I have provided my Discord identity above for reward coordination.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions