Skip to content

Address SSH runner review feedback #28

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
PabloZaiden merged 1 commit into from
Jun 7, 2026
Merged

Address SSH runner review feedback #28

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 22 additions & 10 deletions src/runner/ssh-server.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,22 @@ if [ -n "${VSCODE_SSH_AUTH_SOCK}" ]; then
export SSH_AUTH_SOCK=${VSCODE_SSH_AUTH_SOCK}
fi

append_unique_line() {
local file="$1"
local line="$2"

mkdir -p "$(dirname "$file")"
touch "$file"
if ! grep -qxF "$line" "$file"; then
printf '%s\n' "$line" >> "$file"
fi
Comment thread
PabloZaiden marked this conversation as resolved.
}

if [ -n "${SSH_AUTH_SOCK:-}" ]; then
echo "export SSH_AUTH_SOCK=\"${SSH_AUTH_SOCK}\"" >> ~/.profile
echo "export SSH_AUTH_SOCK=\"${SSH_AUTH_SOCK}\"" >> ~/.bashrc
echo "export SSH_AUTH_SOCK=\"${SSH_AUTH_SOCK}\"" >> ~/.zshenv
ssh_auth_sock_export="export SSH_AUTH_SOCK=\"${SSH_AUTH_SOCK}\""
append_unique_line "$HOME/.profile" "$ssh_auth_sock_export"
append_unique_line "$HOME/.bashrc" "$ssh_auth_sock_export"
append_unique_line "$HOME/.zshenv" "$ssh_auth_sock_export"
fi

CRED_FILE="${CRED_FILE:-.devbox/ssh/credentials}"
Expand All @@ -27,12 +39,12 @@ as_root() {
return
fi

if command -v sudo >/dev/null 2>&1; then
sudo -n "$@" 2>/dev/null || sudo "$@"
if command -v sudo >/dev/null 2>&1 && sudo -n true 2>/dev/null; then
sudo -n "$@"
return
fi

echo "ERROR: need root privileges (run as root or install/configure sudo)" >&2
echo "ERROR: need root privileges (run as root or configure passwordless sudo)" >&2
exit 1
}

Expand All @@ -44,12 +56,12 @@ as_root_bash() {
return
fi

if command -v sudo >/dev/null 2>&1; then
sudo -n bash -lc "$cmd" 2>/dev/null || sudo bash -lc "$cmd"
if command -v sudo >/dev/null 2>&1 && sudo -n true 2>/dev/null; then
sudo -n bash -lc "$cmd"
return
fi

echo "ERROR: need root privileges (run as root or install/configure sudo)" >&2
echo "ERROR: need root privileges (run as root or configure passwordless sudo)" >&2
exit 1
}

Expand Down Expand Up @@ -139,7 +151,7 @@ minimumReleaseAge = 259200" > "$HOME/.bunfig.toml"

# Use existing password if present, otherwise create it once
if [[ -f "$CRED_FILE" ]]; then
PASS="$(cat "$CRED_FILE")"
PASS="$(tr -d '\r\n' < "$CRED_FILE")"
if [[ -z "${PASS}" ]]; then
echo "ERROR: ${CRED_FILE} exists but is empty" >&2
exit 1
Expand Down
5 changes: 3 additions & 2 deletions tests/runtime.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -562,10 +562,11 @@ describe("ensurePathIgnored", () => {
run(["git", "-C", repoDir, "add", "README.md"]);
run(["git", "-C", repoDir, "commit", "-m", "init"]);

const credFilePath = path.join(repoDir, ".devbox", "ssh", "credentials");
const devboxDir = path.join(repoDir, ".devbox");
const credFilePath = path.join(devboxDir, "ssh", "credentials");
await mkdir(path.dirname(credFilePath), { recursive: true });
await writeFile(credFilePath, "user=devbox\npassword=secret\n", "utf8");
await ensurePathIgnored(repoDir, credFilePath);
await ensurePathIgnored(repoDir, devboxDir);

const excludePathResult = Bun.spawnSync(
["git", "-C", repoDir, "rev-parse", "--path-format=absolute", "--git-path", "info/exclude"],
Expand Down
Loading