31 lines
1.0 KiB
Python
31 lines
1.0 KiB
Python
"""Provision non-secret provider auth markers into a smolmachines bottle."""
|
|
|
|
from __future__ import annotations
|
|
|
|
import os
|
|
|
|
from .. import smolvm as _smolvm
|
|
from ..bottle_plan import SmolmachinesBottlePlan
|
|
|
|
|
|
_DEFAULT_GUEST_HOME = "/home/node"
|
|
|
|
|
|
def provision_provider_auth(plan: SmolmachinesBottlePlan, target: str) -> None:
|
|
"""Copy a dummy Codex auth marker when host credentials are
|
|
forwarded through egress.
|
|
|
|
The real host access token remains in the egress bundle env; this
|
|
file only selects Codex's user/device auth code path.
|
|
"""
|
|
if not plan.codex_auth_file:
|
|
return
|
|
guest_home = os.environ.get("BOT_BOTTLE_GUEST_HOME", _DEFAULT_GUEST_HOME)
|
|
auth_dir = f"{guest_home}/.codex"
|
|
auth_path = f"{auth_dir}/auth.json"
|
|
|
|
_smolvm.machine_exec(target, ["mkdir", "-p", auth_dir])
|
|
_smolvm.machine_cp(str(plan.codex_auth_file), f"{target}:{auth_path}")
|
|
_smolvm.machine_exec(target, ["chown", "node:node", auth_path])
|
|
_smolvm.machine_exec(target, ["chmod", "600", auth_path])
|