vrr/spawn
2
0
Fork 0
mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-06 08:10:48 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8
60 commits 25 branches 19 tags 24 MiB
Commit graph

8 commits

Author SHA1 Message Date
Sprite
a631faf4fe refactor: suppress SC2086 for intentional SSH_OPTS word splitting 
SSH_OPTS contains multiple flags that must be word-split, so unquoted
usage is intentional. Added shellcheck directives to suppress false
positive warnings across all cloud provider common.sh files.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-08 01:29:56 +00:00
Sprite
331fa3a6ac refactor: replace raw color echo with log_warn in provider libraries 
Replaced raw echo -e "${YELLOW}...${NC}" statements with log_warn calls
in ensure_*_token functions across all provider libraries. This fixes
SC2154 shellcheck warnings for undeclared YELLOW and NC color variables
and improves code consistency.

Files changed:
- digitalocean/lib/common.sh:62
- hetzner/lib/common.sh:60
- linode/lib/common.sh:49
- vultr/lib/common.sh:55
- lambda/lib/common.sh:49
- e2b/lib/common.sh:52

Benefits:
- Eliminates 6 SC2154 shellcheck warnings
- Uses centralized logging function that already handles yellow coloring
- Improves code maintainability and consistency

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-08 01:20:43 +00:00
Sprite
0b4fe29026 refactor: fix SC2154 warnings for SSH_OPTS in provider libraries 
Added shellcheck directive comments before first SSH_OPTS usage in:
- aws-lightsail/lib/common.sh
- gcp/lib/common.sh
- lambda/lib/common.sh
- vultr/lib/common.sh
- linode/lib/common.sh
- hetzner/lib/common.sh
- digitalocean/lib/common.sh

SSH_OPTS is defined in shared/common.sh but shellcheck can't detect
cross-file variable definitions, so we suppress the warning with
an explanatory comment.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-08 01:20:06 +00:00
Sprite
b05d55f03a security: add input validation to safe_read calls 
- Added validate_api_token() to block shell metacharacters
- Added validate_region_name() for cloud regions/zones
- Added validate_resource_name() for server types/sizes
- Added validated_read() wrapper function for easy validation
- Updated 6 cloud libraries to use validated API token input:
  - Linode, Vultr, Hetzner, DigitalOcean, E2B, Lambda
- Prevents command injection via API tokens and other inputs

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-08 01:16:20 +00:00
Sprite
a9818001da refactor: migrate 5 cloud libraries to shared/common.sh pattern 
Migrated aws-lightsail, e2b, gcp, lambda, and modal libraries to use
the shared library pattern established in earlier refactoring rounds.

Changes:
- Added shared/common.sh sourcing block (local-first, remote-fallback)
- Added bash safety flags (set -eo pipefail) to all 5 libraries
- Removed duplicate provider-agnostic functions:
  - Logging (log_info, log_warn, log_error)
  - Input handling (safe_read)
  - OAuth flow (try_oauth_flow, get_openrouter_api_key_oauth)
  - SSH helpers (generate_ssh_key_if_missing, etc.)
- Retained cloud-specific functions:
  - API wrappers and CLI integration
  - Server provisioning and lifecycle management
  - Cloud-specific validation and configuration

Impact:
- Net reduction: 460 lines (-545 added +85)
- Eliminates code duplication across 5 providers
- Improves consistency and maintainability
- All libraries now follow the same architectural pattern

Task: #3 (score 56 - highest priority)
Also addresses Task #4 (bash safety flags)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-08 01:08:34 +00:00
L
591066cd53
Use ${VAR:-} for all optional env var checks (#28) 
Protects against 'unbound variable' errors even if set -u is
re-enabled or inherited. Every [[ -n "$UPPER_VAR" ]] pattern now
uses [[ -n "${UPPER_VAR:-}" ]] to safely default to empty.

Co-authored-by: Sprite <noreply@sprite.dev>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-02-07 16:28:12 -08:00
L
6ac59e6bb3
Fix OAuth server for macOS bash 3.x (#24) 
Three issues broke the OAuth callback server on macOS:

1. echo -e doesn't work in bash 3.x — \r\n appears as literal text
   in the HTTP response, browser gets malformed headers.
   Fix: pre-write response with printf to a file before the subshell.

2. local variables inside ( ... ) & subshell — undefined behavior in
   bash 3.x since subshells aren't function scope.
   Fix: use plain variables in subshells.

3. ((elapsed++)) when elapsed=0 evaluates to falsy — set -e kills
   the script on the first iteration of the timeout loop.
   Fix: use elapsed=$((elapsed + 1)) instead.

Also simplified nc_listen detection to only check for BusyBox
(the -p flag check could misfire on macOS nc).

Applied to all 10 lib/common.sh files.

Co-authored-by: Sprite <noreply@sprite.dev>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-02-07 14:21:47 -08:00
L
02327d37f3
Add Lambda Cloud as seventh cloud provider with all 8 agents (#16) 
Lambda GPU Cloud via REST API, uses 'ubuntu' user.
Manual tool install (no cloud-init support).
- lambda/lib/common.sh: API wrapper, SSH key management, instance lifecycle
- All 8 agents: claude, openclaw, nanoclaw, aider, goose, codex, interpreter, gemini

Matrix now 8 agents x 7 clouds = 56/56 implemented.

Co-authored-by: Sprite <noreply@sprite.dev>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-02-07 11:55:42 -08:00