gitarsenal-cli 1.6.9 → 1.6.11

package/bin/gitarsenal.js

@@ -283,7 +283,8 @@ async function handleKeysAdd(options) {
           choices: [
             { name: 'OpenAI', value: 'openai' },
             { name: 'Weights & Biases', value: 'wandb' },
-            { name: 'Hugging Face', value: 'huggingface' }
+            { name: 'Hugging Face', value: 'huggingface' },
+            { name: 'GitArsenal OpenAI (for debugging)', value: 'gitarsenal-openai' }
           ]
         }
       ]);
@@ -305,11 +306,11 @@ async function handleKeysAdd(options) {
     
     // Call Python script to add the key
     const { spawn } = require('child_process');
-    const scriptPath = require('../lib/sandbox').getPythonScriptPath();
+    const path = require('path');
+    const scriptPath = path.join(__dirname, '..', 'python', 'gitarsenal_keys.py');
     
     const pythonProcess = spawn('python', [
       scriptPath,
-      'keys',
       'add',
       '--service', service,
       '--key', key
@@ -344,11 +345,11 @@ async function handleKeysList() {
     
     // Call Python script to list keys
     const { spawn } = require('child_process');
-    const scriptPath = require('../lib/sandbox').getPythonScriptPath();
+    const path = require('path');
+    const scriptPath = path.join(__dirname, '..', 'python', 'gitarsenal_keys.py');
     
     const pythonProcess = spawn('python', [
       scriptPath,
-      'keys',
       'list'
     ], { stdio: 'inherit' });
     
@@ -382,7 +383,8 @@ async function handleKeysView(options) {
           choices: [
             { name: 'OpenAI', value: 'openai' },
             { name: 'Weights & Biases', value: 'wandb' },
-            { name: 'Hugging Face', value: 'huggingface' }
+            { name: 'Hugging Face', value: 'huggingface' },
+            { name: 'GitArsenal OpenAI (for debugging)', value: 'gitarsenal-openai' }
           ]
         }
       ]);
@@ -391,11 +393,11 @@ async function handleKeysView(options) {
     
     // Call Python script to view the key
     const { spawn } = require('child_process');
-    const scriptPath = require('../lib/sandbox').getPythonScriptPath();
+    const path = require('path');
+    const scriptPath = path.join(__dirname, '..', 'python', 'gitarsenal_keys.py');
     
     const pythonProcess = spawn('python', [
       scriptPath,
-      'keys',
       'view',
       '--service', service
     ], { stdio: 'inherit' });
@@ -430,7 +432,8 @@ async function handleKeysDelete(options) {
           choices: [
             { name: 'OpenAI', value: 'openai' },
             { name: 'Weights & Biases', value: 'wandb' },
-            { name: 'Hugging Face', value: 'huggingface' }
+            { name: 'Hugging Face', value: 'huggingface' },
+            { name: 'GitArsenal OpenAI (for debugging)', value: 'gitarsenal-openai' }
           ]
         }
       ]);
@@ -457,11 +460,11 @@ async function handleKeysDelete(options) {
     
     // Call Python script to delete the key
     const { spawn } = require('child_process');
-    const scriptPath = require('../lib/sandbox').getPythonScriptPath();
+    const path = require('path');
+    const scriptPath = path.join(__dirname, '..', 'python', 'gitarsenal_keys.py');
     
     const pythonProcess = spawn('python', [
       scriptPath,
-      'keys',
       'delete',
       '--service', service
     ], { stdio: 'pipe' });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gitarsenal-cli",
-  "version": "1.6.9",
+  "version": "1.6.11",
   "description": "CLI tool for creating Modal sandboxes with GitHub repositories",
   "main": "index.js",
   "bin": {

package/python/credentials_manager.py

@@ -115,17 +115,34 @@ class CredentialsManager:
             return None
     
     def get_openai_api_key(self):
-        """Get OpenAI API key with validation"""
+        """Get OpenAI API key with validation - for user's repository execution"""
         def validate_openai_key(key):
             # Basic validation - OpenAI keys usually start with "sk-" and are 51 chars
             return key.startswith("sk-") and len(key) > 40
         
-        # First check environment variable
+        # First check stored credentials (user's key)
+        credentials = self.load_credentials()
+        if "openai_api_key" in credentials:
+            stored_key = credentials["openai_api_key"]
+            if validate_openai_key(stored_key):
+                return stored_key
+        
+        # Then check environment variable
         env_key = os.environ.get("OPENAI_API_KEY")
         if env_key and validate_openai_key(env_key):
             return env_key
             
-        # Then try to fetch from server using fetch_modal_tokens if available
+        # For user's repository execution, prompt if no key found
+        prompt = "An OpenAI API key is needed to run this repository.\nYou can get your API key from: https://platform.openai.com/api-keys"
+        return self.get_credential("openai_api_key", prompt, is_password=True, validate_func=validate_openai_key)
+    
+    def get_gitarsenal_openai_api_key(self):
+        """Get GitArsenal's OpenAI API key for debugging - never prompts user"""
+        def validate_openai_key(key):
+            # Basic validation - OpenAI keys usually start with "sk-" and are 51 chars
+            return key.startswith("sk-") and len(key) > 40
+        
+        # First try to fetch from server using fetch_modal_tokens (GitArsenal's key)
         try:
             from fetch_modal_tokens import get_tokens
             _, _, api_key = get_tokens()
@@ -136,10 +153,23 @@ class CredentialsManager:
         except ImportError:
             pass
         except Exception as e:
-            print(f"⚠️ Error fetching API key from server: {e}")
+            print(f"⚠️ Error fetching GitArsenal API key from server: {e}")
+        
+        # Then check environment variable (for development/testing)
+        env_key = os.environ.get("GITARSENAL_OPENAI_API_KEY")
+        if env_key and validate_openai_key(env_key):
+            return env_key
             
-        prompt = "To debug failed commands, an OpenAI API key is needed.\nYou can get your API key from: https://platform.openai.com/api-keys"
-        return self.get_credential("openai_api_key", prompt, is_password=True, validate_func=validate_openai_key)
+        # Check for GitArsenal's key in credentials (for development)
+        credentials = self.load_credentials()
+        if "gitarsenal_openai_api_key" in credentials:
+            stored_key = credentials["gitarsenal_openai_api_key"]
+            if validate_openai_key(stored_key):
+                return stored_key
+        
+        # If no GitArsenal key found, return None (don't prompt user)
+        print("⚠️ GitArsenal's OpenAI API key not available for debugging")
+        return None
     
     def get_modal_token(self):
         """Get Modal token with basic validation"""
@@ -163,6 +193,13 @@ class CredentialsManager:
         def validate_hf_token(token):
             # HF tokens are typically non-empty strings
             return bool(token) and len(token) > 8
+        
+        # First check stored credentials
+        credentials = self.load_credentials()
+        if "huggingface_token" in credentials:
+            stored_token = credentials["huggingface_token"]
+            if validate_hf_token(stored_token):
+                return stored_token
             
         prompt = "A Hugging Face token is required.\nYou can get your token from: https://huggingface.co/settings/tokens"
         return self.get_credential("huggingface_token", prompt, is_password=True, validate_func=validate_hf_token)
@@ -172,6 +209,13 @@ class CredentialsManager:
         def validate_wandb_key(key):
             # W&B API keys are typically 40 characters
             return len(key) == 40
+        
+        # First check stored credentials
+        credentials = self.load_credentials()
+        if "wandb_api_key" in credentials:
+            stored_key = credentials["wandb_api_key"]
+            if validate_wandb_key(stored_key):
+                return stored_key
             
         prompt = "A Weights & Biases API key is required.\nYou can get your API key from: https://wandb.ai/authorize"
         return self.get_credential("wandb_api_key", prompt, is_password=True, validate_func=validate_wandb_key)
@@ -189,6 +233,16 @@ class CredentialsManager:
         """Clear all saved credentials"""
         return self.save_credentials({})
     
+    def has_credential(self, key):
+        """Check if a credential exists without prompting"""
+        credentials = self.load_credentials()
+        return key in credentials and credentials[key]
+    
+    def get_credential_silently(self, key):
+        """Get a credential without prompting if it exists"""
+        credentials = self.load_credentials()
+        return credentials.get(key)
+    
     def cleanup_security_files(self):
         """Clean up all security-related files including legacy files"""
         try:

package/python/gitarsenal_keys.py

@@ -0,0 +1,166 @@
+#!/usr/bin/env python3
+"""
+GitArsenal Keys Management Script
+Handles API key storage and retrieval for GitArsenal CLI
+"""
+
+import os
+import sys
+import json
+import argparse
+from pathlib import Path
+from credentials_manager import CredentialsManager
+
+def main():
+    parser = argparse.ArgumentParser(description='GitArsenal Keys Management')
+    parser.add_argument('command', choices=['add', 'list', 'view', 'delete'], help='Command to execute')
+    parser.add_argument('--service', help='Service name (openai, wandb, huggingface)')
+    parser.add_argument('--key', help='API key (for add command)')
+    
+    args = parser.parse_args()
+    
+    # Initialize credentials manager
+    credentials_manager = CredentialsManager()
+    
+    if args.command == 'add':
+        handle_add(credentials_manager, args)
+    elif args.command == 'list':
+        handle_list(credentials_manager)
+    elif args.command == 'view':
+        handle_view(credentials_manager, args)
+    elif args.command == 'delete':
+        handle_delete(credentials_manager, args)
+
+def handle_add(credentials_manager, args):
+    """Handle adding a new API key"""
+    service = args.service
+    key = args.key
+    
+    if not service:
+        print("❌ Service name is required. Use --service option.")
+        sys.exit(1)
+    
+    if not key:
+        print("❌ API key is required. Use --key option.")
+        sys.exit(1)
+    
+    # Map service names to credential keys
+    service_mapping = {
+        'openai': 'openai_api_key',
+        'wandb': 'wandb_api_key', 
+        'huggingface': 'huggingface_token',
+        'gitarsenal-openai': 'gitarsenal_openai_api_key'
+    }
+    
+    if service not in service_mapping:
+        print(f"❌ Unsupported service: {service}")
+        print("Supported services: openai, wandb, huggingface, gitarsenal-openai")
+        sys.exit(1)
+    
+    credential_key = service_mapping[service]
+    
+    # Save the credential
+    credentials = credentials_manager.load_credentials()
+    credentials[credential_key] = key
+    success = credentials_manager.save_credentials(credentials)
+    
+    if success:
+        print(f"✅ API key for {service} added successfully")
+        print(f"📁 Stored in: {credentials_manager.credentials_file}")
+    else:
+        print("❌ Failed to save API key")
+        sys.exit(1)
+
+def handle_list(credentials_manager):
+    """Handle listing all stored API keys"""
+    credentials = credentials_manager.load_credentials()
+    
+    if not credentials:
+        print("📭 No API keys stored")
+        return
+    
+    print("🔑 Stored API Keys:")
+    print("=" * 50)
+    
+    # Map credential keys to display names
+    key_mapping = {
+        'openai_api_key': 'OpenAI',
+        'wandb_api_key': 'Weights & Biases',
+        'huggingface_token': 'Hugging Face',
+        'gitarsenal_openai_api_key': 'GitArsenal OpenAI'
+    }
+    
+    for key, value in credentials.items():
+        if key in key_mapping:
+            display_name = key_mapping[key]
+            masked_value = value[:8] + "*" * (len(value) - 12) + value[-4:] if len(value) > 12 else "*" * len(value)
+            print(f"  {display_name}: {masked_value}")
+    
+    print(f"\n📁 Storage location: {credentials_manager.credentials_file}")
+
+def handle_view(credentials_manager, args):
+    """Handle viewing a specific API key (masked)"""
+    service = args.service
+    
+    if not service:
+        print("❌ Service name is required. Use --service option.")
+        sys.exit(1)
+    
+    # Map service names to credential keys
+    service_mapping = {
+        'openai': 'openai_api_key',
+        'wandb': 'wandb_api_key',
+        'huggingface': 'huggingface_token',
+        'gitarsenal-openai': 'gitarsenal_openai_api_key'
+    }
+    
+    if service not in service_mapping:
+        print(f"❌ Unsupported service: {service}")
+        print("Supported services: openai, wandb, huggingface, gitarsenal-openai")
+        sys.exit(1)
+    
+    credential_key = service_mapping[service]
+    credentials = credentials_manager.load_credentials()
+    
+    if credential_key not in credentials:
+        print(f"❌ No API key found for {service}")
+        sys.exit(1)
+    
+    value = credentials[credential_key]
+    masked_value = value[:8] + "*" * (len(value) - 12) + value[-4:] if len(value) > 12 else "*" * len(value)
+    
+    print(f"🔑 {service.upper()} API Key:")
+    print(f"  {masked_value}")
+    print(f"📁 Stored in: {credentials_manager.credentials_file}")
+
+def handle_delete(credentials_manager, args):
+    """Handle deleting an API key"""
+    service = args.service
+    
+    if not service:
+        print("❌ Service name is required. Use --service option.")
+        sys.exit(1)
+    
+    # Map service names to credential keys
+    service_mapping = {
+        'openai': 'openai_api_key',
+        'wandb': 'wandb_api_key',
+        'huggingface': 'huggingface_token',
+        'gitarsenal-openai': 'gitarsenal_openai_api_key'
+    }
+    
+    if service not in service_mapping:
+        print(f"❌ Unsupported service: {service}")
+        print("Supported services: openai, wandb, huggingface, gitarsenal-openai")
+        sys.exit(1)
+    
+    credential_key = service_mapping[service]
+    success = credentials_manager.clear_credential(credential_key)
+    
+    if success:
+        print(f"✅ API key for {service} deleted successfully")
+    else:
+        print(f"❌ No API key found for {service}")
+
+if __name__ == "__main__":
+    main() 

package/python/test_modalSandboxScript.py

@@ -418,59 +418,38 @@ def call_openai_for_debug(command, error_output, api_key=None, current_dir=None,
             except Exception as e:
                 print(f"⚠️ Could not load saved API key: {e}")
         
-        # Then try credentials manager
+        # Then try credentials manager for GitArsenal's debugging key
         if not api_key:
-            print("🔍 DEBUG: Trying credentials manager...")
+            print("🔍 DEBUG: Trying credentials manager for GitArsenal's debugging key...")
             try:
                 from credentials_manager import CredentialsManager
                 credentials_manager = CredentialsManager()
-                api_key = credentials_manager.get_openai_api_key()
+                api_key = credentials_manager.get_gitarsenal_openai_api_key()
                 if api_key:
-                    print(f"🔍 DEBUG: API key from credentials manager: Found")
-                    print(f"🔍 DEBUG: Credentials manager API key value: {api_key}")
+                    print(f"🔍 DEBUG: GitArsenal API key from credentials manager: Found")
+                    print(f"🔍 DEBUG: GitArsenal API key value: {api_key}")
                     # Set in environment for this session
                     os.environ["OPENAI_API_KEY"] = api_key
                 else:
-                    print(f"🔍 DEBUG: API key from credentials manager: Not found")
+                    print(f"🔍 DEBUG: GitArsenal API key from credentials manager: Not found")
             except ImportError as e:
                 print(f"🔍 DEBUG: Credentials manager not available: {e}")
                 # Fall back to direct input if credentials_manager is not available
                 pass
         
-        # Finally, prompt the user if still no API key
+        # If still no GitArsenal API key found, skip debugging
         if not api_key:
-            print("🔍 DEBUG: No API key found in any source, prompting user...")
-            print("\n" + "="*60)
-            print("🔑 OPENAI API KEY REQUIRED FOR DEBUGGING")
-            print("="*60)
-            print("To debug failed commands, an OpenAI API key is needed.")
-            print("📝 Please paste your OpenAI API key below:")
-            print("   (Your input will be hidden for security)")
-            print("-" * 60)
-            
-            try:
-                api_key = getpass.getpass("OpenAI API Key: ").strip()
-                if not api_key:
-                    print("❌ No API key provided. Skipping debugging.")
-                    return None
-                print("✅ API key received successfully!")
-                print(f"🔍 DEBUG: User-provided API key: {api_key}")
-                # Save the API key to environment for future use in this session
-                os.environ["OPENAI_API_KEY"] = api_key
-            except KeyboardInterrupt:
-                print("\n❌ API key input cancelled by user.")
-                return None
-            except Exception as e:
-                print(f"❌ Error getting API key: {e}")
-                return None
+            print("🔍 DEBUG: No GitArsenal API key found for debugging")
+            print("⚠️ Skipping LLM debugging - GitArsenal's API key not available")
+            return None
     
     # If we still don't have an API key, we can't proceed
     if not api_key:
-        print("❌ No OpenAI API key available. Cannot perform LLM debugging.")
-        print("💡 To enable LLM debugging, set the OPENAI_API_KEY environment variable")
+        print("❌ No GitArsenal OpenAI API key available. Cannot perform LLM debugging.")
+        print("💡 GitArsenal's debugging API key is not available")
         return None
     
-    print(f"✅ OpenAI API key available (length: {len(api_key)})")
+    print(f"✅ GitArsenal OpenAI API key available for debugging (length: {len(api_key)})")
     
     # Gather additional context to help with debugging
     directory_context = ""
@@ -1186,7 +1165,8 @@ def create_modal_ssh_container(gpu_type, repo_url=None, repo_name=None, setup_co
         
         # Use a more stable CUDA base image and avoid problematic packages
         ssh_image = (
-            modal.Image.from_registry("nvidia/cuda:12.4.0-runtime-ubuntu22.04", add_python="3.11")
+            # modal.Image.from_registry("nvidia/cuda:12.4.0-runtime-ubuntu22.04", add_python="3.11")
+            modal.Image.debian_slim()
             .apt_install(
                 "openssh-server", "sudo", "curl", "wget", "vim", "htop", "git", 
                 "python3", "python3-pip", "build-essential", "tmux", "screen", "nano",

package/test_modalSandboxScript.py

@@ -1186,7 +1186,8 @@ def create_modal_ssh_container(gpu_type, repo_url=None, repo_name=None, setup_co
         
         # Use a more stable CUDA base image and avoid problematic packages
         ssh_image = (
-            modal.Image.from_registry("nvidia/cuda:12.4.0-runtime-ubuntu22.04", add_python="3.11")
+            # modal.Image.from_registry("nvidia/cuda:12.4.0-runtime-ubuntu22.04", add_python="3.11")
+            modal.Image.debian_slim()
             .apt_install(
                 "openssh-server", "sudo", "curl", "wget", "vim", "htop", "git", 
                 "python3", "python3-pip", "build-essential", "tmux", "screen", "nano",