@gricha/perry 0.1.5 → 0.1.6

package/dist/workspace/manager.js

@@ -8,6 +8,7 @@ import { expandPath } from '../config/loader';
 import * as docker from '../docker';
 import { getContainerName } from '../docker';
 import { VOLUME_PREFIX, WORKSPACE_IMAGE_LOCAL, WORKSPACE_IMAGE_REGISTRY, SSH_PORT_RANGE_START, SSH_PORT_RANGE_END, } from '../shared/constants';
+import { collectAuthorizedKeys, collectCopyKeys } from '../ssh/sync';
 async function findAvailablePort(start, end) {
     for (let port = start; port <= end; port++) {
         const available = await new Promise((resolve) => {
@@ -226,12 +227,64 @@ export class WorkspaceManager {
             tempPrefix: 'ws-gitconfig',
         });
     }
-    async setupWorkspaceCredentials(containerName) {
+    async setupSSHKeys(containerName, workspaceName) {
+        if (!this.config.ssh) {
+            return;
+        }
+        await docker.execInContainer(containerName, ['mkdir', '-p', '/home/workspace/.ssh'], {
+            user: 'workspace',
+        });
+        await docker.execInContainer(containerName, ['chmod', '700', '/home/workspace/.ssh'], {
+            user: 'workspace',
+        });
+        const authorizedKeys = await collectAuthorizedKeys(this.config.ssh, workspaceName);
+        if (authorizedKeys.length > 0) {
+            const content = authorizedKeys.join('\n') + '\n';
+            const tempFile = path.join(os.tmpdir(), `ws-authkeys-${Date.now()}`);
+            try {
+                await fs.writeFile(tempFile, content);
+                await docker.copyToContainer(containerName, tempFile, '/home/workspace/.ssh/authorized_keys');
+                await docker.execInContainer(containerName, ['chown', 'workspace:workspace', '/home/workspace/.ssh/authorized_keys'], { user: 'root' });
+                await docker.execInContainer(containerName, ['chmod', '600', '/home/workspace/.ssh/authorized_keys'], { user: 'workspace' });
+            }
+            finally {
+                await fs.unlink(tempFile).catch(() => { });
+            }
+        }
+        const copyKeys = await collectCopyKeys(this.config.ssh, workspaceName);
+        for (const key of copyKeys) {
+            const privateKeyPath = `/home/workspace/.ssh/${key.name}`;
+            const publicKeyPath = `/home/workspace/.ssh/${key.name}.pub`;
+            const privateTempFile = path.join(os.tmpdir(), `ws-privkey-${Date.now()}`);
+            const publicTempFile = path.join(os.tmpdir(), `ws-pubkey-${Date.now()}`);
+            try {
+                await fs.writeFile(privateTempFile, key.privateKey + '\n');
+                await fs.writeFile(publicTempFile, key.publicKey + '\n');
+                await docker.copyToContainer(containerName, privateTempFile, privateKeyPath);
+                await docker.copyToContainer(containerName, publicTempFile, publicKeyPath);
+                await docker.execInContainer(containerName, ['chown', 'workspace:workspace', privateKeyPath, publicKeyPath], { user: 'root' });
+                await docker.execInContainer(containerName, ['chmod', '600', privateKeyPath], {
+                    user: 'workspace',
+                });
+                await docker.execInContainer(containerName, ['chmod', '644', publicKeyPath], {
+                    user: 'workspace',
+                });
+            }
+            finally {
+                await fs.unlink(privateTempFile).catch(() => { });
+                await fs.unlink(publicTempFile).catch(() => { });
+            }
+        }
+    }
+    async setupWorkspaceCredentials(containerName, workspaceName) {
         await this.copyGitConfig(containerName);
         await this.copyCredentialFiles(containerName);
         await this.setupClaudeCodeConfig(containerName);
         await this.copyCodexCredentials(containerName);
         await this.setupOpencodeConfig(containerName);
+        if (workspaceName) {
+            await this.setupSSHKeys(containerName, workspaceName);
+        }
     }
     async runPostStartScript(containerName) {
         const scriptPath = this.config.scripts.post_start;
@@ -347,7 +400,7 @@ export class WorkspaceManager {
             await this.state.setWorkspace(workspace);
             await docker.startContainer(containerName);
             await docker.waitForContainerReady(containerName);
-            await this.setupWorkspaceCredentials(containerName);
+            await this.setupWorkspaceCredentials(containerName, name);
             workspace.status = 'running';
             await this.state.setWorkspace(workspace);
             await this.runPostStartScript(containerName);
@@ -413,7 +466,7 @@ export class WorkspaceManager {
         }
         await docker.startContainer(containerName);
         await docker.waitForContainerReady(containerName);
-        await this.setupWorkspaceCredentials(containerName);
+        await this.setupWorkspaceCredentials(containerName, name);
         workspace.status = 'running';
         await this.state.setWorkspace(workspace);
         await this.runPostStartScript(containerName);
@@ -481,6 +534,6 @@ export class WorkspaceManager {
         if (!running) {
             throw new Error(`Workspace '${name}' is not running`);
         }
-        await this.setupWorkspaceCredentials(containerName);
+        await this.setupWorkspaceCredentials(containerName, name);
     }
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@gricha/perry",
-  "version": "0.1.5",
+  "version": "0.1.6",
   "description": "Self-contained CLI for spinning up Docker-in-Docker development environments with SSH and proxy helpers.",
   "type": "module",
   "bin": {