mirror of
https://github.com/OpenRouterTeam/spawn.git
synced 2026-05-06 16:31:08 +00:00
2af285dc52
* feat: fall back to SigV4 REST API when AWS CLI is absent (aws/lightsail) If `aws` CLI is not installed but AWS_ACCESS_KEY_ID + AWS_SECRET_ACCESS_KEY are set, provision Lightsail instances directly via the REST API instead of erroring out. - Add _lightsail_rest(): inline Bun TypeScript that computes SigV4 signatures via node:crypto and calls the Lightsail API with native fetch — no openssl or curl gymnastics required - Add _ls_json(): dot-path JSON parser, prefers jq, falls back to bun eval - ensure_aws_cli() now sets LIGHTSAIL_MODE=cli|rest; REST mode requires bun (already a project dependency) and shows a clear error if missing - All API calls in ensure_ssh_key, create_server, _wait_for_lightsail_instance, destroy_server, list_servers are gated on LIGHTSAIL_MODE - Replace all python3 JSON encoding (key import, userdata, list table) with bun eval — consistent with project tooling - No more auto-install of the 200 MB AWS CLI binary Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * feat: add interactive AWS CLI install when CLI is missing When neither aws CLI nor raw credentials are found, prompt the user to install AWS CLI v2 on the spot (macOS .pkg / Linux zip installer). After install, prompt for Access Key ID + Secret and validate via sts:GetCallerIdentity before proceeding. The decision cascade is now: 1. Existing aws CLI with valid creds → cli mode 2. Raw env-var creds + bun available → rest mode 3. Offer to install aws CLI → prompt for creds → cli mode 4. Creds collected during install + bun → rest mode fallback 5. Nothing worked → show manual instructions Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: eliminate code/path injection in bun eval calls (aws/lib/common.sh) Pass shell variables as process.argv arguments instead of interpolating them into JavaScript string literals: - _ls_json(): path parameter passed as process.argv[2] (was CRITICAL code injection — attacker-controlled path could escape the string) - ensure_ssh_key(): pub_path and key_name passed as process.argv[2..3] (was HIGH — path injection via $HOME) - create_server(): ud_tmp, name, az, bundle passed as process.argv[2..5] (was MEDIUM — temp file path interpolation) Agent: pr-maintainer Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude <claude@anthropic.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: B <6723574+louisgv@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| lib | ||
| claude.sh | ||
| codex.sh | ||
| kilocode.sh | ||
| openclaw.sh | ||
| opencode.sh | ||
| README.md | ||
| zeroclaw.sh | ||
AWS Lightsail
AWS Lightsail instances via AWS CLI. AWS Lightsail
Uses 'ubuntu' user instead of 'root'. Requires AWS CLI installed and configured.
Agents
Claude Code
bash <(curl -fsSL https://openrouter.ai/labs/spawn/aws/claude.sh)
OpenClaw
bash <(curl -fsSL https://openrouter.ai/labs/spawn/aws/openclaw.sh)
ZeroClaw
bash <(curl -fsSL https://openrouter.ai/labs/spawn/aws/zeroclaw.sh)
Codex CLI
bash <(curl -fsSL https://openrouter.ai/labs/spawn/aws/codex.sh)
OpenCode
bash <(curl -fsSL https://openrouter.ai/labs/spawn/aws/opencode.sh)
Kilo Code
bash <(curl -fsSL https://openrouter.ai/labs/spawn/aws/kilocode.sh)
Non-Interactive Mode
LIGHTSAIL_SERVER_NAME=dev-mk1 \
OPENROUTER_API_KEY=sk-or-v1-xxxxx \
bash <(curl -fsSL https://openrouter.ai/labs/spawn/aws/claude.sh)