bug: ${VAR} references in agent-orchestrator.yaml are not expanded #701
Description
Summary
Environment variable references like ${SLACK_WEBHOOK_URL} in agent-orchestrator.yaml are passed through as literal strings to the YAML parser. Users are forced to hardcode secrets directly in the config file, making it impossible to keep sensitive values (e.g. webhook URLs, API tokens) in environment variables.
Steps to Reproduce
- Add an env var reference to your config:
notifiers: slack: plugin: slack webhookUrl: ${SLACK_WEBHOOK_URL}
- Set the env var:
export SLACK_WEBHOOK_URL=https://hooks.slack.com/... - Run
ao start - Observe that Slack notifications fail with "No webhookUrl configured" — the plugin received the literal string
${SLACK_WEBHOOK_URL}instead of the actual URL
Expected Behavior
${VAR} placeholders in agent-orchestrator.yaml should be replaced with the corresponding process.env values before YAML parsing, consistent with common config-file conventions (Docker Compose, GitHub Actions, etc.).
Actual Behavior
The raw YAML string is passed directly to parseYaml without any substitution. The plugin receives the unexpanded placeholder as its configuration value.
Root Cause
loadConfig and loadConfigWithPath in packages/core/src/config.ts use readFileSync + parseYaml with no preprocessing step. There is no regex substitution or template expansion applied to the raw YAML content.
Environment
- agent-orchestrator: main
- Node: v22.x
- macOS / Linux
Workaround
Hardcode secrets directly in agent-orchestrator.yaml (not recommended for shared or version-controlled configs).
Fix
See PR #699 which adds a raw.replace(/\$\{([^}]+)\}/g, ...) substitution pass over the raw YAML string before parsing. If the referenced env var is not set, the placeholder is left unchanged.