didericis/bot-bottle
1
0
Fork 0
Code Issues 5 Pull Requests 3 Actions Packages Projects Releases Wiki Activity
950 Commits 15 Branches 0 Tags
ced050b181dc45ca5d2a9503168c2ed138dbaa21
Commit Graph

5 Commits

Author SHA1 Message Date
didericis-claude 508c537deb fix: add explicit timeouts to subprocess and HTTP calls in git-gate paths 
Closes #255. Without timeouts, a hung upstream during the access-hook
or git http-backend CGI call (git_http_backend.py) and a stalled Gitea
API during deploy-key provisioning (contrib/gitea/deploy_key_provisioner.py)
could wedge a sidecar indefinitely. Adds GIT_HTTP_BACKEND_TIMEOUT_SECS
(30s) to both subprocess.run calls in the HTTP backend, mirroring the
existing GIT_GATE_DAEMON_TIMEOUT_SECS on the daemon path. Adds
_API_TIMEOUT_SECS (30s) and _KEYGEN_TIMEOUT_SECS (10s) to the Gitea
provisioner's urlopen and ssh-keygen calls. Tests verify the timeout
values are forwarded in all four call sites.
 2026-06-25 04:12:43 -04:00
didericis-claude 2e790268b0 fix(deploy-key): raise DeployKeyCollisionError on 422 key conflicts
lint / lint (push) Successful in 2m7s
Details
test / unit (push) Successful in 46s
Details
test / integration (push) Successful in 25s
Details
Update Quality Badges / update-badges (push) Successful in 2m7s
Details 
Gitea returns HTTP 422 when a deploy key title or public key content
already exists on the repo. The provisioner previously surfaced this
as a generic RuntimeError with the raw status code. Introduce
DeployKeyCollisionError (a RuntimeError subclass) in the base module
and detect 422 in GiteaDeployKeyProvisioner.create so callers can
catch collisions explicitly and the error message names the repo and
title involved.
 2026-06-25 02:23:12 +00:00
didericis-claude c1c225aa05 docs(gitea-provisioner): document required GITEA_DEPLOY_TOKEN permissions
lint / lint (push) Successful in 1m46s
Details
test / unit (push) Successful in 34s
Details
test / integration (push) Successful in 20s
Details
Update Quality Badges / update-badges (push) Successful in 1m21s
Details
2026-06-11 03:43:13 +00:00
didericis a5078daf1c fix: resolve all 22 remaining pylint warnings
Lint and Type Check / lint (push) Has been cancelled
Details
test / unit (pull_request) Has been cancelled
Details
test / integration (pull_request) Has been cancelled
Details 
Fixed issues across bot_bottle/:

1. Unspecified encoding in open() - 6 files:
   - Added encoding='utf-8' to Path.read_text() and open() calls
   - Files: env.py, pipelock_apply.py, prepare.py, loopback_alias.py, _common.py, supervise.py

2. Exception chaining (raise-missing-from) - 5 files:
   - Added 'from e' to raise statements for proper traceback chaining
   - Files: manifest_loader.py (2x), manifest_egress.py

3. Redefining built-in 'format' - 2 files:
   - Added # noqa: A002 comments to override methods
   - Files: supervise_server.py, git_http_backend.py

4. Unused function arguments - 5 files:
   - Added # noqa: F841 comments for interface-required unused params
   - Files: manifest_loader.py, supervise.py, loopback_alias.py, cli/supervise.py

5. Broad exception catching - 6 files:
   - Added # noqa: broad-exception-caught comments with explanations
   - Files: supervise_server.py, docker/launch.py, smolmachines/launch.py, tui.py, supervise.py, deploy_key_provisioner.py

6. Unreachable code - 3 files:
   - Removed unreachable return statements after die() calls
   - Files: loopback_alias.py, sidecar_bundle.py, local_registry.py

7. Unnecessary ellipsis in Protocol - 2 files:
   - Reverted pass back to ... (more idiomatic for Protocols)
   - Files: workspace.py, backend/__init__.py

8. Platform-specific function redeclaration:
   - Added type: ignore[reportRedeclaration] for Unix/Windows variants
   - File: supervise.py (_try_flock, _try_funlock)

Final scores:
 Pylint: 9.95/10 (0 E/W violations)
 Pyright: 0 errors (100% type safe)

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
 2026-06-04 11:42:40 -04:00
didericis-claude 0b5d59cf9e feat(prd-0048): implement SSH deploy-key provisioning with contrib/gitea 
- manifest_git.py: add ProvisionedKeyConfig dataclass; extend GitEntry
  with ProvisionedKey field (optional); make IdentityFile default to ""
  so provisioned_key entries can be constructed without a static path;
  add _parse_provisioned_key_config; update from_repos_entry to accept
  provisioned_key as an alternative to identity (mutually exclusive,
  parser rejects both-or-neither)

- deploy_key_provisioner.py (new): DeployKeyProvisioner ABC with create()
  and delete() abstract methods; get_provisioner() factory with lazy
  contrib import for gitea

- contrib/gitea/deploy_key_provisioner.py (new): GiteaDeployKeyProvisioner
  generating ed25519 keypairs via ssh-keygen and managing them through
  the Gitea deploy-key API (POST/DELETE); 404 on delete is success;
  all other errors raise RuntimeError

- git_gate.py: add _provision_dynamic_key() called in GitGate.prepare()
  for entries with ProvisionedKey — generates key, writes private key
  and key ID files to stage_dir, patches GitGateUpstream.identity_file;
  add revoke_git_gate_provisioned_keys() for teardown — raises on failure

- docker/launch.py: call revoke_git_gate_provisioned_keys() in teardown()
  after stack.close() so revocation runs after containers stop and
  failures propagate (not suppressed)

- smolmachines/launch.py: extract _teardown_smolmachines() helper that
  catches stack.close() errors (warn + re-raise) then calls revocation;
  same fatal-on-failure contract as docker backend

- test_manifest_git.py: 9 new cases for provisioned_key parsing
- test_deploy_key_provisioner.py (new): factory smoke tests
- test_contrib_gitea_deploy_key.py (new): create/delete/error/split tests

Closes #169
 2026-06-03 11:58:36 -04:00