github-mirrors/openclaw
1
0
Fork 0
mirror of https://fastgit.cc/github.com/openclaw/openclaw synced 2026-04-21 05:12:57 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
openclaw/scripts/lib/live-docker-auth.sh
Onur 361750775d CI: stabilize live release lanes (#67838) 
* CI: stabilize live release lanes

* CI: widen codex live exclusions

* Gateway: stop live config/auth lazy re-imports

* CI: mount writable live Docker homes

* Live: tighten retry and provider filter overrides

* CI: use API-key auth for codex live lanes

* CI: fix remaining live lanes

* CI: stop forwarding live OpenAI base URLs

* Gateway: fix live startup loader regression

* CI: stop expanding OpenAI keys in live Docker lanes

* CI: stop expanding installer secrets in Docker

* CI: tighten live secret boundaries

* Gateway: pin Codex harness base URL

* CI: fix reusable workflow runner label

* CI: avoid template expansion in live ref guard

* CI: tighten live trust gate

* Gateway: ignore empty Codex harness base URL

* CI: stabilize remaining live lanes

* CI: harden live retries and canvas auth test

* CI: extend cron live probe budget

* CI: keep codex harness lane on api-key auth

* CI: stage live Docker OpenAI auth via env files

* CI: bootstrap codex login for Docker API-key lanes

* CI: accept hosted-runner codex fallback responses

* CI: accept additional codex sandbox fallback text

* CI: accept hosted-runner live fallback variants

* CI: accept codex current-model fallback

* CI: broaden codex sandbox model fallbacks

* CI: cover extra codex sandbox wording

* CI: extend cli backend cron retry budget

* CI: match codex models fallbacks by predicate

* CI: accept configured-models live fallback

* CI: relax OpenAI websocket warmup timeout

* CI: accept extra codex model fallback wording

* CI: generalize codex model fallback matching

* CI: retry cron verify cancellation wording

* CI: accept interactive codex model entrypoint fallback

* Agents: stabilize Claude bundle skill command test

* CI: prestage live Docker auth homes

* Tests: accept current Codex models wording

* CI: stabilize remaining live lanes

* Tests: widen CLI backend live timeout

* Tests: accept current Codex model summary wording

* CI: disable codex-cli image probe in Docker lane

* Tests: respect CLI override for Codex Docker login

* Tests: accept current Codex session models header

* CI: stabilize remaining live validation lanes

* CI: preserve Gemini ACP coverage in auth fallback

* CI: fix final live validation blockers

* CI: restore Codex auth for CLI backend lane

* CI: drop local Codex config in live Docker lane

* Tests: tolerate Codex cron and model reply drift

* Tests: accept current Codex live replies

* Tests: retry more Codex cron retry wording

* Tests: accept environment-cancelled Codex cron retries

* Tests: retry blank Codex cron probe replies

* Tests: broaden Codex cron retry wording

* Tests: require explicit Codex cron retry replies

* Tests: accept current Codex models environment wording

* CI: restore trusted Codex config in live lane

* CI: bypass nested Codex sandbox in docker

* CI: instrument live codex cron lane

* CI: forward live CLI resume args

* Tests: accept interactive Codex model selection

* Tests: bound websocket warm-up live lane

* CI: close live lane review gaps

* Tests: lazy-load gateway live server

* Tests: avoid gateway live loader regression

* CI: scope reusable workflow secrets

* Tests: tighten codex models live assertion

* Tests: normalize OpenAI speech live text
2026-04-18 03:18:12 +02:00

206 lines
4.9 KiB
Bash
Raw Permalink Blame History

#!/usr/bin/env bash
OPENCLAW_DOCKER_LIVE_AUTH_ALL=(.gemini .minimax)
OPENCLAW_DOCKER_LIVE_AUTH_FILES_ALL=(
.codex/auth.json
.codex/config.toml
.claude.json
.claude/.credentials.json
.claude/settings.json
.claude/settings.local.json
.gemini/settings.json
)
openclaw_live_trim() {
local value="${1:-}"
value="${value#"${value%%[![:space:]]*}"}"
value="${value%"${value##*[![:space:]]}"}"
printf '%s' "$value"
}
openclaw_live_validate_relative_home_path() {
local value
value="$(openclaw_live_trim "${1:-}")"
[[ -n "$value" ]] || {
echo "ERROR: empty auth path." >&2
return 1
}
case "$value" in
/* | *..* | *\\* | *:*)
echo "ERROR: invalid auth path '$value'." >&2
return 1
;;
esac
printf '%s' "$value"
}
openclaw_live_normalize_auth_dir() {
local value
value="$(openclaw_live_trim "${1:-}")"
[[ -n "$value" ]] || return 1
if [[ "$value" != .* ]]; then
value=".$value"
fi
value="$(openclaw_live_validate_relative_home_path "$value")" || return 1
printf '%s' "$value"
}
openclaw_live_should_include_auth_dir_for_provider() {
local provider
provider="$(openclaw_live_trim "${1:-}")"
case "$provider" in
gemini | gemini-cli | google-gemini-cli)
printf '%s\n' ".gemini"
;;
minimax | minimax-portal)
printf '%s\n' ".minimax"
;;
esac
}
openclaw_live_should_include_auth_file_for_provider() {
local provider
provider="$(openclaw_live_trim "${1:-}")"
case "$provider" in
codex-cli | openai-codex)
printf '%s\n' ".codex/auth.json"
printf '%s\n' ".codex/config.toml"
;;
anthropic | claude-cli)
printf '%s\n' ".claude.json"
printf '%s\n' ".claude/.credentials.json"
printf '%s\n' ".claude/settings.json"
printf '%s\n' ".claude/settings.local.json"
;;
esac
}
openclaw_live_collect_auth_dirs_from_csv() {
local raw="${1:-}"
local token normalized
[[ -n "$(openclaw_live_trim "$raw")" ]] || return 0
IFS=',' read -r -a tokens <<<"$raw"
for token in "${tokens[@]}"; do
while IFS= read -r normalized; do
printf '%s\n' "$normalized"
done < <(openclaw_live_should_include_auth_dir_for_provider "$token")
done | awk 'NF && !seen[$0]++'
}
openclaw_live_collect_auth_dirs_from_override() {
local raw token normalized
raw="$(openclaw_live_trim "${OPENCLAW_DOCKER_AUTH_DIRS:-}")"
[[ -n "$raw" ]] || return 1
case "$raw" in
all)
printf '%s\n' "${OPENCLAW_DOCKER_LIVE_AUTH_ALL[@]}"
return 0
;;
none)
return 0
;;
esac
IFS=',' read -r -a tokens <<<"$raw"
for token in "${tokens[@]}"; do
normalized="$(openclaw_live_normalize_auth_dir "$token")" || continue
printf '%s\n' "$normalized"
done | awk '!seen[$0]++'
return 0
}
openclaw_live_collect_auth_dirs() {
if openclaw_live_collect_auth_dirs_from_override; then
return 0
fi
printf '%s\n' "${OPENCLAW_DOCKER_LIVE_AUTH_ALL[@]}"
}
openclaw_live_collect_auth_files_from_csv() {
local raw="${1:-}"
local token normalized
[[ -n "$(openclaw_live_trim "$raw")" ]] || return 0
IFS=',' read -r -a tokens <<<"$raw"
for token in "${tokens[@]}"; do
while IFS= read -r normalized; do
printf '%s\n' "$normalized"
done < <(openclaw_live_should_include_auth_file_for_provider "$token")
done | awk 'NF && !seen[$0]++'
}
openclaw_live_collect_auth_files_from_override() {
local raw
raw="$(openclaw_live_trim "${OPENCLAW_DOCKER_AUTH_DIRS:-}")"
[[ -n "$raw" ]] || return 1
case "$raw" in
all)
printf '%s\n' "${OPENCLAW_DOCKER_LIVE_AUTH_FILES_ALL[@]}"
return 0
;;
none)
return 0
;;
esac
return 0
}
openclaw_live_collect_auth_files() {
if openclaw_live_collect_auth_files_from_override; then
return 0
fi
printf '%s\n' "${OPENCLAW_DOCKER_LIVE_AUTH_FILES_ALL[@]}"
}
openclaw_live_join_csv() {
local first=1 value
for value in "$@"; do
[[ -n "$value" ]] || continue
if (( first )); then
printf '%s' "$value"
first=0
else
printf ',%s' "$value"
fi
done
}
openclaw_live_stage_auth_into_home() {
local dest_home="${1:?destination home directory required}"
shift
local mode="dirs"
local relative_path source_path dest_path
mkdir -p "$dest_home"
chmod u+rwx "$dest_home" || true
while (($# > 0)); do
case "$1" in
--files)
mode="files"
shift
continue
;;
esac
relative_path="$(openclaw_live_validate_relative_home_path "$1")" || return 1
source_path="$HOME/$relative_path"
dest_path="$dest_home/$relative_path"
if [[ "$mode" == "dirs" ]]; then
if [[ -d "$source_path" ]]; then
mkdir -p "$dest_path"
cp -R "$source_path"/. "$dest_path"
chmod -R u+rwX "$dest_path" || true
fi
else
if [[ -f "$source_path" ]]; then
mkdir -p "$(dirname "$dest_path")"
cp "$source_path" "$dest_path"
chmod u+rw "$dest_path" || true
fi
fi
shift
done
}
Reference in New Issue View Git Blame Copy Permalink