jetpac/dotfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

create mrshughes update

Browse Source
This commit is contained in:
Petr Nyc
2026-04-20 17:20:59 +02:00
parent cbce1614ff
commit 4bef91eb1b
2 changed files with 136 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
bin/codex-devops-auth.sh
View File

@@ -7,30 +7,23 @@ TOKEN_HOST="${TOKEN_HOST:-operator-access-token.svc.ad1.r2}"
SSH_CONFIG_FILE="${SSH_CONFIG_FILE:-$HOME/.ssh/config.oci}" SSH_CONFIG_FILE="${SSH_CONFIG_FILE:-$HOME/.ssh/config.oci}"
OCI_BIN="${OCI_BIN:-/opt/homebrew/bin/oci}" OCI_BIN="${OCI_BIN:-/opt/homebrew/bin/oci}"
OCI_SESSION_REGION="${OCI_SESSION_REGION:-us-chicago-1}" OCI_SESSION_REGION="${OCI_SESSION_REGION:-us-chicago-1}"
OCI_PROFILE_NAME="${OCI_PROFILE_NAME:-DEFAULT}"
RESET_AGENT="${RESET_AGENT:-0}" RESET_AGENT="${RESET_AGENT:-0}"
DEDICATED_AGENT_PID="" DEDICATED_AGENT_PID=""
DEDICATED_AGENT_SOCK=""
log() { log() {
print -u2 -- "$@" print -u2 -- "$@"
} }
inherited_agent_likely_rejects_pkcs11() { cleanup() {
[[ -n "${SSH_AUTH_SOCK:-}" ]] || return 1 if [[ -n "${DEDICATED_AGENT_PID}" && -n "${DEDICATED_AGENT_SOCK}" ]]; then
[[ -z "${SSH_AGENT_PID:-}" ]] || return 1 SSH_AGENT_PID="${DEDICATED_AGENT_PID}" SSH_AUTH_SOCK="${DEDICATED_AGENT_SOCK}" ssh-agent -k >/dev/null 2>&1 || true
fi
case "${SSH_AUTH_SOCK}" in
/private/tmp/com.apple.launchd.*/Listeners)
return 0
;;
esac
return 1
} }
cleanup() { run_oci() {
if [[ -n "${DEDICATED_AGENT_PID}" ]]; then "${OCI_BIN}" --profile "${OCI_PROFILE_NAME}" "$@"
SSH_AGENT_PID="${DEDICATED_AGENT_PID}" ssh-agent -k >/dev/null 2>&1 || true
fi
} }
ensure_oci_session() { ensure_oci_session() {
@@ -40,7 +33,7 @@ ensure_oci_session() {
fi fi
set +e set +e
"${OCI_BIN}" session validate >/dev/null 2>&1 run_oci session validate >/dev/null 2>&1
local validate_rc=$? local validate_rc=$?
set -e set -e
@@ -51,7 +44,7 @@ ensure_oci_session() {
log "OCI CLI session is not valid; attempting refresh." log "OCI CLI session is not valid; attempting refresh."
set +e set +e
"${OCI_BIN}" session refresh >/dev/null 2>&1 run_oci session refresh >/dev/null 2>&1
local refresh_rc=$? local refresh_rc=$?
set -e set -e
@@ -60,26 +53,16 @@ ensure_oci_session() {
return 0 return 0
fi fi
log "Running OCI CLI session authenticate for ${OCI_SESSION_REGION}." log "Running OCI CLI session authenticate for ${OCI_SESSION_REGION} with profile ${OCI_PROFILE_NAME}."
"${OCI_BIN}" session authenticate --region "${OCI_SESSION_REGION}" "${OCI_BIN}" session authenticate --region "${OCI_SESSION_REGION}" --profile-name "${OCI_PROFILE_NAME}"
} }
ensure_ssh_agent() { ensure_ssh_agent() {
if [[ -n "${SSH_AUTH_SOCK:-}" && -S "${SSH_AUTH_SOCK}" ]]; then log "Starting dedicated ssh-agent for Codex."
set +e unset SSH_AUTH_SOCK SSH_AGENT_PID
ssh-add -l >/dev/null 2>&1
local rc=$?
set -e
case ${rc} in
0|1)
return 0
;;
esac
fi
log "Starting ssh-agent for Codex."
eval "$(ssh-agent -s)" >/dev/null eval "$(ssh-agent -s)" >/dev/null
DEDICATED_AGENT_PID="${SSH_AGENT_PID:-}" DEDICATED_AGENT_PID="${SSH_AGENT_PID:-}"
DEDICATED_AGENT_SOCK="${SSH_AUTH_SOCK:-}"
} }
add_pkcs11_provider() { add_pkcs11_provider() {
@@ -88,32 +71,8 @@ add_pkcs11_provider() {
} }
prepare_agent() { prepare_agent() {
local had_inherited_agent=0
if [[ -n "${SSH_AUTH_SOCK:-}" && -S "${SSH_AUTH_SOCK}" ]]; then
had_inherited_agent=1
fi
if inherited_agent_likely_rejects_pkcs11; then
log "Inherited launchd SSH agent is unlikely to support PKCS#11; starting a dedicated ssh-agent for Codex."
unset SSH_AUTH_SOCK SSH_AGENT_PID
had_inherited_agent=0
fi
ensure_ssh_agent ensure_ssh_agent
add_pkcs11_provider
if add_pkcs11_provider; then
return 0
fi
if [[ ${had_inherited_agent} -eq 1 ]]; then
log "Existing SSH agent rejected PKCS#11 provider; starting a dedicated ssh-agent for Codex."
unset SSH_AUTH_SOCK SSH_AGENT_PID
ensure_ssh_agent
add_pkcs11_provider
return 0
fi
return 1
} }
if [[ ! -f "${SSH_CONFIG_FILE}" ]]; then if [[ ! -f "${SSH_CONFIG_FILE}" ]]; then

140
bin/create_mrshughes
View File

@@ -3,29 +3,119 @@
set -e set -e
set -x set -x
# function to get PARENT_WS as a parameter usage() {
# default value is 'ssh://pnyc@andel.us.oracle.com//workspace/pnyc/solaris-reviews/secure-integrate/userland11.4' print "Usage: ${0:t} [-r repo_url] [-d dest_dir] [-h]"
# print ""
print " -r repo_url Mercurial repo URL to clone."
print " Default: ssh://pnyc@dabel.us.oracle.com//workspace/pnyc/solaris-reviews/on-sru"
print " -d dest_dir Local directory to clone into."
print " Default: ~/PycharmProjects/<repo_name>"
print " -h Show this help text."
print ""
print "The script exits if dest_dir already exists."
}
if [[ -z $1 ]]; then ensure_clone_identity_loaded() {
# PARENT_WS='ssh://pnyc@andel.us.oracle.com//workspace/pnyc/solaris-reviews/secure-integrate/userland11.4' local ssh_host="$1"
# PARENT_WS='ssh://pnyc@andel.us.oracle.com//workspace/pnyc/solaris-reviews/userland-pipeline' local identity_file=""
# PARENT_WS='ssh://pnyc@andel.us.oracle.com//workspace/pnyc/solaris-reviews/akidr-text' local identity_pub=""
PARENT_WS='ssh://pnyc@andel.us.oracle.com//workspace/pnyc/solaris-reviews/akidr'
else ssh_host="${ssh_host%%:*}"
PARENT_WS=$1
identity_file=$(ssh -G "$ssh_host" 2>/dev/null | awk '/^identityfile / {print $2; exit}')
if [[ -z "$identity_file" ]]; then
return 0
fi
identity_file=${~identity_file}
identity_pub="${identity_file}.pub"
if [[ ! -f "$identity_file" || ! -f "$identity_pub" ]]; then
return 0
fi
if ssh-add -T "$identity_pub" >/dev/null 2>&1; then
return 0
fi
print "Loading SSH identity for ${ssh_host}: ${identity_file}"
ssh-add --apple-use-keychain "$identity_file" >/dev/null 2>&1 || ssh-add "$identity_file"
}
DEFAULT_PARENT_WS='ssh://pnyc@dabel.us.oracle.com//workspace/pnyc/solaris-reviews/on-sru'
# Example repo URLs:
# ssh://pnyc@andel.us.oracle.com//workspace/pnyc/solaris-reviews/secure-integrate/userland11.4
# ssh://pnyc@andel.us.oracle.com//workspace/pnyc/solaris-reviews/userland-pipeline
# ssh://pnyc@andel.us.oracle.com//workspace/pnyc/solaris-reviews/akidr-text
# ssh://pnyc@andel.us.oracle.com//workspace/pnyc/solaris-reviews/akidr
PARENT_WS="$DEFAULT_PARENT_WS"
DEST_DIR=''
while getopts ":r:d:h" opt; do
case "$opt" in
r)
PARENT_WS="$OPTARG"
;;
d)
DEST_DIR="$OPTARG"
;;
h)
usage
exit 0
;;
:)
print -u2 "Missing argument for -$OPTARG"
usage >&2
exit 1
;;
\?)
print -u2 "Unknown option: -$OPTARG"
usage >&2
exit 1
;;
esac
done
shift $((OPTIND - 1))
if [[ $# -ne 0 ]]; then
print -u2 "Unexpected positional arguments: $*"
usage >&2
exit 1
fi fi
# remove trailing slash # remove trailing slash
PARENT_WS="${PARENT_WS%/}" PARENT_WS="${PARENT_WS%/}"
JENKINS_CLONE_FROM="ssh://${PARENT_WS##ssh://pnyc@}" REPO=${PARENT_WS##*/} # userland11.4
if [[ -z "$DEST_DIR" ]]; then
DEST_DIR=~/PycharmProjects/${REPO}
fi
DEST_DIR=${~DEST_DIR}
DEST_DIR=${DEST_DIR:A}
if [[ -e "$DEST_DIR" ]]; then
print -u2 "Destination already exists: $DEST_DIR"
exit 1
fi
HG_CLONE_ARGS=()
if [[ "$PARENT_WS" == ssh://* ]]; then
SSH_CLONE_HOST=${${PARENT_WS#ssh://}%%/*}
SSH_CLONE_HOST=${SSH_CLONE_HOST#*@}
ensure_clone_identity_loaded "$SSH_CLONE_HOST"
# Avoid exhausting ssh-agent identities before ssh reaches the host-specific
# IdentityFile from ~/.ssh/config (for example ~/.ssh/dabel.key).
HG_CLONE_ARGS+=(--config "ui.ssh=ssh -o BatchMode=yes -o IdentitiesOnly=yes")
fi
JENKINS_CLONE_FROM="ssh://${${PARENT_WS#ssh://}#*@}"
FOLDER_PREFIX='PetrN/' FOLDER_PREFIX='PetrN/'
POINT_OF_CONTACT='petr.nyc@oracle.com' POINT_OF_CONTACT='petr.nyc@oracle.com'
SLACK_CHANNEL='@pnyc' SLACK_CHANNEL='@pnyc'
DIR=$(pwd)
REPO=${PARENT_WS##*/} # userland11.4
# /workspace/pnyc/solaris-reviews/secure-integrate/userland11.4 # /workspace/pnyc/solaris-reviews/secure-integrate/userland11.4
SCRIPT_DIR_BASE=$(echo "$PARENT_WS" | awk '{sub(/^.*\/\//,"/"); print}') SCRIPT_DIR_BASE=$(echo "$PARENT_WS" | awk '{sub(/^.*\/\//,"/"); print}')
@@ -35,9 +125,10 @@ CP=/bin/cp
CAT=/bin/cat CAT=/bin/cat
pwd pwd
hg clone "$PARENT_WS" mkdir -p "${DEST_DIR:h}"
hg "${HG_CLONE_ARGS[@]}" clone "$PARENT_WS" "$DEST_DIR"
pwd pwd
cd "${DIR}/${REPO}" cd "$DEST_DIR"
pwd pwd
source proxy off source proxy off
@@ -59,11 +150,11 @@ $MV "$tmpmake" Makefile.inc
# set up pwd # set up pwd
cd "${DIR}/${REPO}/common/etc" cd "$DEST_DIR/common/etc"
$CP passwd.template passwd $CP passwd.template passwd
# set up dev defaults # set up dev defaults
cd "${DIR}/${REPO}/common/jobs/" cd "$DEST_DIR/common/jobs/"
cp defaults.devel.tmpl defaults.devel.yml cp defaults.devel.tmpl defaults.devel.yml
cp defaults.stage.tmpl defaults.stage.yml cp defaults.stage.tmpl defaults.stage.yml
@@ -92,6 +183,15 @@ CATT
patch -p0 defaults.devel.yml < defaults_devel_patch patch -p0 defaults.devel.yml < defaults_devel_patch
if [[ -d "$DEST_DIR/solaris/on/production" ]]; then
LINT_DIR="$DEST_DIR/solaris/on/production"
elif [[ -d "$DEST_DIR/solaris/userland/sru" ]]; then
LINT_DIR="$DEST_DIR/solaris/userland/sru"
else
print -u2 "Unable to determine lint directory under $DEST_DIR/solaris"
exit 1
fi
source proxy off source proxy off
cd "${DIR}/${REPO}/solaris/userland/sru/" cd "$LINT_DIR"
make lint make FAKE_DEVEL_ENV=yes lint