stem95su: scheduled Drive->site sync CronJob (every 10m)

CronJob stem95su-gdrive-sync (*/10) mounts the content PVC RW and rclone-syncs the read-only Drive folder "claude" (stem claude/files) onto it (rclone/rclone:1.74.3, scope=drive.readonly, empty-source guard + --max-delete 25). ESO ExternalSecret stem95su-rclone <- Vault secret/stem95su. Requires the GCP OAuth app published to Production or the refresh token expires ~weekly. Lands the gdrive-sync stack on master (it had landed on a feature branch by accident on the shared devvm checkout). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-09 08:42:26 +00:00 · 2026-06-09 08:42:26 +00:00 · 6d224861c4
commit 6d224861c4
parent 05b50d2b96
1168 changed files with 120 additions and 358547 deletions
--- a/cli/git.go
+++ b/cli/git.go
@ -1,51 +0,0 @@
-package main
-
-import (
-	"os"
-
-	"github.com/go-git/go-billy/v5"
-	"github.com/go-git/go-billy/v5/memfs"
-	"github.com/go-git/go-git/v5"
-	"github.com/go-git/go-git/v5/plumbing/transport/http"
-	memory "github.com/go-git/go-git/v5/storage/memory"
-	"github.com/golang/glog"
-	"github.com/pkg/errors"
-)
-
-const (
-	repository = "https://github.com/ViktorBarzin/infra"
-)
-
-var (
-	gitUser  = os.Getenv("GIT_USER")
-	gitToken = os.Getenv("GIT_TOKEN")
-)
-
-type GitFS struct {
-	repo *git.Repository
-	fs   *billy.Filesystem
-	auth *http.BasicAuth
-}
-
-func NewGitFS(repoURL string) (*GitFS, error) {
-	glog.Infof("initializing new git fs from repo url: %s", repoURL)
-	auth := &http.BasicAuth{
-		Username: gitUser,
-		Password: gitToken,
-	}
-	storer := memory.NewStorage()
-	fs := memfs.New()
-
-	r, err := git.Clone(storer, fs, &git.CloneOptions{
-		URL:  repository,
-		Auth: auth,
-	})
-	if err != nil {
-		return nil, errors.Wrapf(err, "failed to clone repo from repo url '%s'", repoURL)
-	}
-	return &GitFS{repo: r, fs: &fs, auth: auth}, nil
-}
-
-func (g *GitFS) Push() error {
-	return g.repo.Push(&git.PushOptions{Auth: g.auth})
-}