npm - create-openthrottle - Versions diffs - 1.3.3 → 1.3.4 - Mend

create-openthrottle 1.3.3 → 1.3.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/index.mjs +101 -7
package/package.json +1 -1
package/templates/docker/entrypoint.sh +34 -9
package/templates/wake-sandbox.yml +4 -2

package/index.mjs CHANGED Viewed

@@ -8,8 +8,8 @@
 // wake-sandbox.yml, creates a Daytona snapshot from GHCR, and prints next steps.
 // =============================================================================
-import { readFileSync, writeFileSync, existsSync, mkdirSync, copyFileSync } from 'node:fs';
-import { join, dirname } from 'node:path';
+import { readFileSync, writeFileSync, existsSync, mkdirSync, copyFileSync, readdirSync, statSync } from 'node:fs';
+import { join, dirname, relative } from 'node:path';
 import { execFileSync } from 'node:child_process';
 import { fileURLToPath } from 'node:url';
 import prompts from 'prompts';
@@ -70,6 +70,50 @@ function detectProject() {
   };
 }
+// ---------------------------------------------------------------------------
+// 1b. Detect .env files and extract key names
+// ---------------------------------------------------------------------------
+function detectEnvFiles() {
+  const envFiles = {};
+  const seen = new Set();
+  function scan(dir) {
+    let entries;
+    try { entries = readdirSync(dir); } catch { return; }
+    for (const entry of entries) {
+      if (entry === 'node_modules' || entry === '.git' || entry === '.next' || entry === 'dist') continue;
+      const full = join(dir, entry);
+      let stat;
+      try { stat = statSync(full); } catch { continue; }
+      if (stat.isDirectory()) { scan(full); continue; }
+      if (!entry.startsWith('.env')) continue;
+      // Skip .env.example, .env.sample, .env.template
+      if (/\.(example|sample|template)$/i.test(entry)) continue;
+      const relPath = relative(cwd, full);
+      const keys = [];
+      try {
+        const content = readFileSync(full, 'utf8');
+        for (const line of content.split('\n')) {
+          const trimmed = line.trim();
+          if (!trimmed || trimmed.startsWith('#')) continue;
+          const match = trimmed.replace(/^export\s+/, '').match(/^([a-zA-Z_][a-zA-Z0-9_]*)=/);
+          if (match) keys.push(match[1]);
+        }
+      } catch { continue; }
+      if (keys.length > 0) {
+        envFiles[relPath] = keys;
+        keys.forEach(k => seen.add(k));
+      }
+    }
+  }
+  scan(cwd);
+  return { envFiles, allKeys: [...seen].sort() };
+}
 // ---------------------------------------------------------------------------
 // 2. Prompt for config
 // ---------------------------------------------------------------------------
@@ -130,6 +174,9 @@ function generateConfig(config) {
     snapshot: config.snapshotName || 'openthrottle',
     post_bootstrap: [config.postBootstrap],
     mcp_servers: {},
+    env_files: config.envFiles && Object.keys(config.envFiles).length > 0
+      ? config.envFiles
+      : undefined,
     review: {
       enabled: config.reviewEnabled,
       max_rounds: config.maxRounds ?? 3,
@@ -155,12 +202,41 @@ function generateConfig(config) {
 // 4. Copy wake-sandbox.yml
 // ---------------------------------------------------------------------------
-function copyWorkflow() {
+function copyWorkflow(config) {
   const src = join(__dirname, 'templates', 'wake-sandbox.yml');
   const destDir = join(cwd, '.github', 'workflows');
   const dest = join(destDir, 'wake-sandbox.yml');
   mkdirSync(destDir, { recursive: true });
-  copyFileSync(src, dest);
+  let content = readFileSync(src, 'utf8');
+  // Inject project-specific secrets into the workflow
+  const allKeys = config.envAllKeys || [];
+  if (allKeys.length > 0) {
+    // Add env: entries for secrets
+    const envSecrets = allKeys
+      .map(k => `          ${k}: \${{ secrets.${k} }}`)
+      .join('\n');
+    content = content.replace(
+      /          # @@ENV_SECRETS@@ — scaffolder inserts project-specific secrets here/,
+      envSecrets
+    );
+    // Add --env flags for daytona create
+    const envFlags = allKeys
+      .map(k => `            --env ${k}=\${${k}} \\`)
+      .join('\n');
+    content = content.replace(
+      /            # @@ENV_FLAGS@@ — scaffolder inserts --env flags for project secrets here/,
+      envFlags
+    );
+  } else {
+    // No project secrets — remove the placeholder comments
+    content = content.replace(/          # @@ENV_SECRETS@@ — scaffolder inserts project-specific secrets here\n/, '');
+    content = content.replace(/            # @@ENV_FLAGS@@ — scaffolder inserts --env flags for project secrets here\n/, '');
+  }
+  writeFileSync(dest, content);
   return dest;
 }
@@ -217,13 +293,20 @@ function printNextSteps(config) {
     agentSecret,
   ];
+  // Project-specific secrets from env_files
+  const projectKeys = config.envAllKeys || [];
+  const projectSecrets = projectKeys.length > 0
+    ? '\n\n     Project secrets (from .env files):\n' +
+      projectKeys.map(k => `     ${k}`).join('\n')
+    : '';
   console.log(`
   Next steps:
   1. Set GitHub repo secrets:
 ${secrets.join('\n')}
      TELEGRAM_BOT_TOKEN            ← optional (notifications)
-     TELEGRAM_CHAT_ID              ← optional (notifications)
+     TELEGRAM_CHAT_ID              ← optional (notifications)${projectSecrets}
   2. Commit and push:
      git add .openthrottle.yml .github/workflows/wake-sandbox.yml
@@ -246,9 +329,20 @@ async function main() {
   // Step 1: Detect
   const detected = detectProject();
+  const { envFiles, allKeys: envAllKeys } = detectEnvFiles();
+  if (Object.keys(envFiles).length > 0) {
+    console.log(`  Found ${Object.keys(envFiles).length} .env file(s):`);
+    for (const [path, keys] of Object.entries(envFiles)) {
+      console.log(`    ${path} (${keys.length} keys)`);
+    }
+    console.log('');
+  }
   // Step 2: Prompt
   const config = await promptConfig(detected);
+  config.envFiles = envFiles;
+  config.envAllKeys = envAllKeys;
   // Step 3: Generate config
   const configPath = join(cwd, '.openthrottle.yml');
@@ -272,9 +366,9 @@ async function main() {
       message: 'wake-sandbox.yml already exists. Overwrite?', initial: false,
     }, { onCancel: () => { console.log('\nCancelled.'); process.exit(0); } });
     if (!overwrite) { console.log('  Skipped wake-sandbox.yml'); }
-    else { copyWorkflow(); console.log('  ✓ Copied .github/workflows/wake-sandbox.yml'); }
+    else { copyWorkflow(config); console.log('  ✓ Copied .github/workflows/wake-sandbox.yml'); }
   } else {
-    copyWorkflow();
+    copyWorkflow(config);
     console.log('  ✓ Copied .github/workflows/wake-sandbox.yml');
   }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "create-openthrottle",
-  "version": "1.3.3",
+  "version": "1.3.4",
   "description": "Set up openthrottle in any Node.js project — agent-agnostic, config-driven.",
   "type": "module",
   "bin": {

package/templates/docker/entrypoint.sh CHANGED Viewed

@@ -60,7 +60,32 @@ LINT_CMD=$(read_config '.lint' '')
 AGENT=$(read_config '.agent' 'claude')
 # ---------------------------------------------------------------------------
-# 3. Run post_bootstrap commands (as daytona user, not root)
+# 3. Write .env files from env_files config
+#    Maps sandbox env vars to .env files at project-specific paths.
+#    Keys are defined in .openthrottle.yml; values come from --env flags
+#    passed by the GitHub Action (sourced from GitHub repo secrets).
+# ---------------------------------------------------------------------------
+ENV_FILES_COUNT=$(yq -r '.env_files // {} | keys | length' "$CONFIG" 2>/dev/null || echo "0")
+if [[ "$ENV_FILES_COUNT" -gt 0 ]]; then
+  log "Writing ${ENV_FILES_COUNT} .env file(s)"
+  yq -r '.env_files // {} | to_entries[] | .key' "$CONFIG" | while IFS= read -r filepath; do
+    target="${REPO}/${filepath}"
+    mkdir -p "$(dirname "$target")"
+    # Write each key=value pair
+    yq -r ".env_files[\"${filepath}\"][]" "$CONFIG" | while IFS= read -r key; do
+      value="${!key:-}"
+      if [[ -n "$value" ]]; then
+        echo "${key}=${value}" >> "$target"
+      else
+        log "  WARNING: ${key} not set in environment — skipping for ${filepath}"
+      fi
+    done
+    log "  Wrote ${filepath}"
+  done
+fi
+# ---------------------------------------------------------------------------
+# 4. Run post_bootstrap commands (as daytona user, not root)
 # ---------------------------------------------------------------------------
 POST_BOOTSTRAP=$(yq -r '.post_bootstrap // [] | .[]' "$CONFIG") || {
   log "FATAL: Failed to parse post_bootstrap from .openthrottle.yml — check YAML syntax"
@@ -78,17 +103,17 @@ if [[ -n "$POST_BOOTSTRAP" ]]; then
 fi
 # ---------------------------------------------------------------------------
-# 4. Configure agent settings (per-agent)
+# 5. Configure agent settings (per-agent)
 # ---------------------------------------------------------------------------
 log "Configuring agent settings (${AGENT})"
-# 4a. Install universal git hooks and seal git config (works for ALL agent runtimes)
+# 5a. Install universal git hooks and seal git config (works for ALL agent runtimes)
 git -C "$REPO" config core.hooksPath /opt/openthrottle/git-hooks
 log "Installed git hooks (pre-push)"
 # Seal .git/config to prevent agents from changing core.hooksPath
 seal_file "${REPO}/.git/config" 2>/dev/null || true
-# 4b. Per-agent configuration
+# 5b. Per-agent configuration
 case "$AGENT" in
   claude)
     SETTINGS_DIR="${SANDBOX_HOME}/.claude"
@@ -214,7 +239,7 @@ AIDEREOF
 esac
 # ---------------------------------------------------------------------------
-# 5. Seal settings (immutable — only root can undo)
+# 6. Seal settings (immutable — only root can undo)
 # ---------------------------------------------------------------------------
 # Seal agent-specific settings
@@ -233,7 +258,7 @@ elif [[ "$AGENT" == "aider" ]] && [[ -f "${SANDBOX_HOME}/.aider.conf.yml" ]]; th
 fi
 # ---------------------------------------------------------------------------
-# 6. Install skills into Claude's skill directory
+# 7. Install skills into Claude's skill directory
 #    Baked-in skills from the image are installed first, then any repo-level
 #    skills override them (allows user customization).
 # ---------------------------------------------------------------------------
@@ -265,12 +290,12 @@ if [[ -d "${REPO}/skills" ]]; then
 fi
 # ---------------------------------------------------------------------------
-# 7. Fix ownership (skip sealed files — chattr prevents chown on them)
+# 8. Fix ownership (skip sealed files — chattr prevents chown on them)
 # ---------------------------------------------------------------------------
 chown -R daytona:daytona "$SANDBOX_HOME" 2>/dev/null || true
 # ---------------------------------------------------------------------------
-# 8. Start heartbeat (resets autoStopInterval every 5 min)
+# 9. Start heartbeat (resets autoStopInterval every 5 min)
 #
 # Daytona auto-stop only resets on Toolbox SDK API calls, NOT on internal
 # process activity. The Toolbox agent runs inside the sandbox on port 63650.
@@ -296,7 +321,7 @@ chown -R daytona:daytona "$SANDBOX_HOME" 2>/dev/null || true
 HEARTBEAT_PID=$!
 # ---------------------------------------------------------------------------
-# 9. Drop to daytona user and run the appropriate runner
+# 10. Drop to daytona user and run the appropriate runner
 # ---------------------------------------------------------------------------
 log "Task: ${TASK_TYPE} #${WORK_ITEM} (agent: ${AGENT})"

package/templates/wake-sandbox.yml CHANGED Viewed

@@ -87,6 +87,7 @@ jobs:
           echo "resume_session=$RESUME_SESSION" >> "$GITHUB_OUTPUT"
       - name: Validate config
+        id: config
         run: |
           SNAPSHOT=$(yq '.snapshot // ""' .openthrottle.yml)
           if [[ -z "$SNAPSHOT" || "$SNAPSHOT" == "null" ]]; then
@@ -94,7 +95,6 @@ jobs:
             exit 1
           fi
           echo "snapshot=$SNAPSHOT" >> "$GITHUB_OUTPUT"
-        id: config
       - name: Activate snapshot (reactivates if idle >2 weeks)
         env:
@@ -110,8 +110,9 @@ jobs:
           CLAUDE_CODE_OAUTH_TOKEN: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
           OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
           SUPABASE_ACCESS_TOKEN: ${{ secrets.SUPABASE_ACCESS_TOKEN }}
+          # @@ENV_SECRETS@@ — scaffolder inserts project-specific secrets here
         run: |
-          # Create ephemeral sandbox (capture both stdout and stderr for error reporting)
+          # Create ephemeral sandbox
           OUTPUT=$(daytona create \
             --snapshot "${{ steps.config.outputs.snapshot }}" \
             --auto-delete 0 \
@@ -132,6 +133,7 @@ jobs:
             --env WORK_ITEM="${{ steps.work.outputs.item }}" \
             --env TASK_TYPE="${{ steps.work.outputs.task_type }}" \
             --env RESUME_SESSION="${{ steps.work.outputs.resume_session }}" \
+            # @@ENV_FLAGS@@ — scaffolder inserts --env flags for project secrets here
             2>&1) || {
               # Redact secrets from error output
               SAFE_OUTPUT=$(echo "$OUTPUT" | sed \