diff --git a/.woodpecker/default.yml b/.woodpecker/default.yml index 5661bccd..0df7500e 100644 --- a/.woodpecker/default.yml +++ b/.woodpecker/default.yml @@ -24,6 +24,26 @@ clone: backoff: 10s steps: + # Audit feed for the allow-then-audit contribution model: any master push by + # a NON-admin author is surfaced in Slack (Viktor's own pushes are not). + # Runs before apply and never blocks it. Note: [ci skip] commits never reach + # this step (Woodpecker skips the whole pipeline) β€” hence the rule that + # non-admins must not use [ci skip]. + - name: notify-nonadmin-push + image: curlimages/curl + environment: + SLACK_WEBHOOK: + from_secret: slack_webhook + commands: + - | + case "$CI_COMMIT_AUTHOR" in + viktor|ViktorBarzin|wizard) echo "admin push β€” no notify"; exit 0 ;; + esac + SUBJECT=$(echo "$CI_COMMIT_MESSAGE" | head -1 | tr -d '"\\') + curl -s -X POST -H 'Content-type: application/json' \ + --data "{\"text\":\"πŸ“ infra master push by *$CI_COMMIT_AUTHOR*: $SUBJECT\n$CI_REPO_URL/commit/$CI_COMMIT_SHA\"}" \ + "$SLACK_WEBHOOK" || true + - name: apply image: forgejo.viktorbarzin.me/viktor/infra-ci:latest pull: true diff --git a/AGENTS.md b/AGENTS.md index 984e98d6..7559d276 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -226,6 +226,49 @@ Per-workload opt-out: add the label `keel.sh/policy: never` on the Deployment me 4. Viktor reviews β†’ CI applies β†’ Slack notification 5. Portal: `https://k8s-portal.viktorbarzin.me/onboarding` for full guide +### Non-admin workstation users β€” the AGENT does the git work + +Non-admin devvm users (power-user / namespace-owner tiers) may not know git at +all. Their agent handles every version-control step silently β€” never ask them +to commit, push, pull, or open a PR, and never surface git jargon at them. +Their `~/code` clone arrives preconfigured: git identity, a `forgejo` remote +authenticated via `~/.git-credentials`, and `master` tracking `forgejo/master` +(auto-freshened hourly and at session launch, fast-forward only). + +The model is **allow-then-audit** (Viktor, 2026-06-10): whitelisted users (emo) +push straight to `master` β€” no PR gate β€” and the record of *what changed and +why* is what matters. Force-push is disabled for everyone, so master history +is append-only. + +To land a finished change from such a clone: + +1. Commit on `master`. **The commit message is the audit trail** β€” this matters + more than the change itself: + - subject: what changed, specific ("ha-sofia: lower fan curve bias to -5") + - body: WHY, in plain words β€” paraphrase the user's actual request and any + reasoning ("Emil asked for quieter fans in the evening; curve was + overshooting after the 2026-06-08 redesign") +2. `git push forgejo master`. If rejected non-fast-forward: `git pull --rebase + forgejo master` and push again. +3. **Never use `[ci skip]`** as a non-admin β€” it hides the change from the + Slack audit feed; a no-op CI apply on a docs-only commit is harmless. +4. Leave the clone on clean `master` so auto-refresh keeps working. +5. Tell the user in plain language what happened. Stack changes are + auto-applied by CI β€” verify the live result with the user's read-only + kubectl before saying "it's live". + +If a push to `master` is rejected by branch protection (user not on the +whitelist β€” e.g. new users before Viktor grants it), fall back to a +`/` branch + PR with the user's own PAT +(`write:repository` suffices β€” verified 2026-06-10): + +```bash +TOK=$(sed -E 's#https://[^:]+:([^@]+)@.*#\1#' ~/.git-credentials) +curl -X POST -H "Authorization: token $TOK" -H 'Content-Type: application/json' \ + https://forgejo.viktorbarzin.me/api/v1/repos/viktor/infra/pulls \ + -d '{"title":"","head":"<os-user>/<short-topic>","base":"master","body":"<what + why>"}' +``` + ## Common Operations - **Deploy new service**: Use `stacks/<existing-service>/` as template. Create stack, add DNS in tfvars, apply platform then service. - **Fix crashed pods**: Run healthcheck first. Safe to delete evicted/failed pods and CrashLoopBackOff pods with >10 restarts. diff --git a/docs/architecture/ci-cd.md b/docs/architecture/ci-cd.md index 8a5990b6..e44df43d 100644 --- a/docs/architecture/ci-cd.md +++ b/docs/architecture/ci-cd.md @@ -197,6 +197,34 @@ steps: - Keeps Woodpecker global secrets in sync with Vault - Runs in `woodpecker` namespace +## Infra repo CI (Woodpecker repo 82 β€” Forgejo forge) + +The infra repo itself runs on Woodpecker via the **Forgejo** forge (repo id 82, +registered 2026-06-08; the GitHub-side repo id 1 also remains registered). +Pushes to `master` fire `.woodpecker/default.yml` (changed-stacks terragrunt +apply) plus the `notify-nonadmin-push` Slack audit step (allow-then-audit +contribution model β€” see `multi-tenancy.md`). Operational facts (2026-06-10): + +- **Webhook URL is the IN-CLUSTER service**: `http://woodpecker-server.woodpecker.svc.cluster.local/api/hook?...` + (PATCHed via the Forgejo API). The Woodpecker-generated default + (`https://ci.viktorbarzin.me/...`) resolves to the non-proxied public A + record from pods β†’ NAT hairpin β†’ intermittent `context deadline exceeded`, + silently dropping push events (found when a push produced no pipeline). + If Woodpecker ever "repairs" the repo it will rewrite the hook back to + `ci.viktorbarzin.me` β€” re-apply the in-cluster URL (or pin `ci.viktorbarzin.me` + in the CoreDNS pod carve-out alongside forgejo). +- **Repo-scoped secrets must exist on BOTH repos**: pipelines reference + repo-level secrets (`registry_ssh_key`, `pve_ssh_key`, `CLOUDFLARE_TOKEN`, + …). Repo 82 was registered without them and every all-workflow compile + errored with `secret "registry_ssh_key" not found`. Fixed by cloning repo-1 + rows to repo 82 in the Woodpecker DB (`insert into secrets … select … where + repo_id=1`). When registering a new forge repo for infra, clone the secret + set too. +- **Empty commits defeat path filters**: a commit with no changed files makes + Woodpecker include ALL workflow files (path conditions can't exclude), so + every repo secret must resolve. Normal commits with real files only compile + the matching workflows. + ## Decisions & Rationale ### Why GitHub Actions + Woodpecker? diff --git a/docs/architecture/multi-tenancy.md b/docs/architecture/multi-tenancy.md index 2e66ae21..067cdcaf 100644 --- a/docs/architecture/multi-tenancy.md +++ b/docs/architecture/multi-tenancy.md @@ -543,9 +543,17 @@ Separate from the in-cluster namespace-owner model above, the **devvm** (`10.0.1 **Config inheritance (live):** wizard authors the base (his chezmoi-versioned `~/.claude`). Two native layers carry it to every user β€” the enforced org `claudeMd` in `/etc/claude-code/managed-settings.json` (top precedence, all sessions) and per-user `~/.claude/{skills,rules,…}` **symlinks** to the base (seeded via `/etc/skel`; edits propagate live). Secrets stay per-user at mode 600, never symlinked. -**Infra access:** non-admins get their own **writable, git-crypt-LOCKED** clone of the (public) infra repo at `~/code` β€” code/docs plaintext, secret files (`*.tfvars`, `secrets/**`) stay ciphertext. Changes are ungated (push β‰  apply); the real boundary is apply-time (`scripts/tg apply` needs an admin Vault token + cluster RBAC). +**Infra access:** non-admins get their own **writable, git-crypt-LOCKED** clone of the (public) infra repo at `~/code` β€” code/docs plaintext, secret files (`*.tfvars`, `secrets/**`) stay ciphertext. The provisioner clones anonymously from the public GitHub mirror; **contribute access is wired per-user on top** (see below). The apply boundary still holds (`scripts/tg apply` needs an admin Vault token + cluster RBAC), but **pushing `master` is NOT inert** β€” the Forgejoβ†’Woodpecker webhook fires `.woodpecker/default.yml` (`event: push, branch: master`, `require_approval: forks` only), which terragrunt-applies changed stacks. `master` is **branch-protected on Forgejo** (force-push disabled for everyone β€” history is append-only; push + merge whitelists = `viktor` + explicitly granted users, deploy keys allowed). **Allow-then-audit (Viktor, 2026-06-10):** `ebarzin` (emo) is on the whitelist and pushes straight to `master` β€” no PR gate. The tracking burden moves to: (a) **commit messages that record what + why** (the agent instructions in AGENTS.md and the managed claudeMd require the body to paraphrase the user's request), (b) the **`notify-nonadmin-push` Slack audit step** in `.woodpecker/default.yml` β€” every master push by a non-admin author is posted to Slack (admin pushes are not), and (c) non-admins **never use `[ci skip]`** so every change fires the pipeline (and thus the audit feed). Users NOT on the whitelist fall back to `<user>/<topic>` branches + PRs. **Clones stay fresh automatically** (2026-06-10): the hourly `t3-provision-users` reconcile runs `refresh_locked_clone` (fetch all remotes + fast-forward `master`, ONLY when on master with a clean tree and an upstream β€” dirty trees and local commits are left alone with a WARN), and `start-claude.sh` does the same freshen at session launch (15s-capped so an offline remote never stalls the session). -**Status (2026-06-08):** built + verified on the live host β€” capacity (8 GiB swap), config inheritance, roster-driven provisioner, per-user locked clone, **per-user OIDC kubeconfig + the `oidc-power-user-readonly` ClusterRole + emo's `k8s_users` entry (applied + impersonation-verified), and the Authentik `T3 Users` edge gate (applied + verified)**. **Remaining (held / future):** the emo cutover to his own locked clone (Phase 5), the offboarding apply-side (Phase 7), per-user MCP/auth injection, and roster-reconciled `T3 Users` membership. See `../runbooks/offboard-user.md` for deprovisioning. +**Contribute access (per non-admin, manual β€” the anca/tripit PAT precedent):** +1. Add their Forgejo user as a **write** collaborator on `viktor/infra` (`PUT /api/v1/repos/viktor/infra/collaborators/<login>`). +2. Mint a PAT β€” the admin REST endpoint 404s here, use the in-pod CLI: `kubectl -n forgejo exec deploy/forgejo -- su -s /bin/sh git -c "forgejo admin user generate-access-token --username <login> --token-name devvm-infra-git --scopes 'write:repository'"`. +3. Install it in their `~/.git-credentials` (`https://<login>:<token>@forgejo.viktorbarzin.me`, mode 600) + `git config --global credential.helper store`, set `user.name`/`user.email`. +4. In their clone: `git remote add forgejo https://forgejo.viktorbarzin.me/viktor/infra.git` and `git branch --set-upstream-to=forgejo/master master` (origin stays the anonymous GitHub mirror). +5. (Optional β€” Viktor's call per user) Grant direct master push: add their login to the `master` branch-protection push + merge whitelists (`PATCH /api/v1/repos/viktor/infra/branch_protections/master`). Done for `ebarzin` 2026-06-10. +6. Verify: branch push succeeds; a `master` push succeeds for whitelisted users and is rejected with `Not allowed to push to protected branch` otherwise. + +**Status (2026-06-10):** built + verified on the live host β€” capacity (8 GiB swap), config inheritance, roster-driven provisioner, per-user locked clone, per-user OIDC kubeconfig + the `oidc-power-user-readonly` ClusterRole + emo's `k8s_users` entry (applied + impersonation-verified), the Authentik `T3 Users` edge gate, **the emo Phase-5 cutover (own clone + launcher repoint + `code-shared` removal, completed 2026-06-10) and emo's contribute access (`ebarzin` write collaborator + PAT + protected `master`)**. Per the live `/etc/skel` design, non-admin `~/.claude/{rules,skills}` symlinks into the admin base are **kept** (they ARE the shared-base delivery mechanism β€” the plan's step to remove them is obsolete). **Remaining (held / future):** the offboarding apply-side (Phase 7), per-user MCP/auth injection, and roster-reconciled `T3 Users` membership. See `../runbooks/offboard-user.md` for deprovisioning. ## Related diff --git a/docs/plans/2026-06-07-multi-user-workstation-design.md b/docs/plans/2026-06-07-multi-user-workstation-design.md index 2148ae27..8e54fa95 100644 --- a/docs/plans/2026-06-07-multi-user-workstation-design.md +++ b/docs/plans/2026-06-07-multi-user-workstation-design.md @@ -166,6 +166,8 @@ Design principle: **every bit of devvm setup is an idempotent git script** β€” n - **ADR-0002 β€” devvm Linux users, not K8s ephemeral pods.** Re-platforming is overkill at this scale; config-push is easier on one host. - **ADR-0003 β€” Config inheritance via native machine-wide layers + per-user override.** Rejected: periodic sync, OverlayFS (no live lowerdir edits), Nix (rebuild not live). - **ADR-0004 β€” Infra access via per-user writable git-crypt-locked clones (changes ungated).** Each non-admin gets their own writable, keyless (locked) clone β€” read + edit + push freely, no PR gate. Safe because infra apply is manual + admin-only (push β‰  apply, id=4355) and the clone can't decrypt secrets. Rejected: the shared read-only mirror (gated changes) and the shared unlocked tree (secret leak + commit entanglement). Trade: repo-local CLAUDE.md updates via pull, not live (global config inheritance stays live via Β§4). + - **AMENDED 2026-06-10 β€” the "push β‰  apply" premise was WRONG.** The Forgejoβ†’Woodpecker webhook on `viktor/infra` fires `.woodpecker/default.yml` on `push` to `master` (`require_approval: forks` only), which terragrunt-applies changed stacks β€” so an ungated master push IS a deploy. Enforcement added instead of dropping the ADR: Forgejo **branch protection on `master`** (push + merge whitelists = `viktor`, deploy keys allowed). Non-admins keep free branch pushes + PRs; only admin merges land on master. "No PR gate" is thereby reversed for non-admins; the rest of the ADR (per-user locked clones) stands. As-built: `../architecture/multi-tenancy.md` β†’ "Contribute access". + - **AMENDED AGAIN 2026-06-10 (later) β€” allow-then-audit.** Viktor granted emo (`ebarzin`) direct master push ("he's allowed to make any change; what matters is tracking what changed and why"). The PR gate is dropped FOR WHITELISTED USERS; tracking is enforced instead: agent-written commit messages must carry the user's plain-language intent (the WHY), a `notify-nonadmin-push` Slack step in `.woodpecker/default.yml` surfaces every non-admin master push, `[ci skip]` is forbidden for non-admins, and force-push stays disabled (append-only history). Accepted consequence: emo's pushes auto-apply changed stacks via CI. Branch protection + the PR fallback remain for non-whitelisted users. - **ADR-0005 β€” Power-user = cluster-wide read-only (no Secrets), via a NEW dedicated ClusterRole.** Re-widens cross-tenant READ for the trusted power-user tier only β€” but via a NEW `oidc-power-user-readonly` ClusterRole (get/list/watch, NO `secrets`), NOT the existing `oidc-power-user` (which grants read+write+Secrets and is unbound). Bound to the user's OIDC identity (kubelogin) β€” the apiserver accepts Authentik OIDC for the `kubernetes` audience; the dashboard's SA-token pattern is for the dashboard UI only. - **ADR-0006 β€” The roster is the single source of truth for the FULL lifecycle.** `roster.yaml` drives onboard *and* offboard; `/etc/ttyd-user-map`, `dispatch.json`, and Authentik `T3 Users` membership are *derived* from it, and tier is *validated* against `k8s_users` (fail-loud on mismatch). Rejected: hand-maintaining the four membership lists in parallel (guaranteed drift). Offboarding is first-class + staged (reversible cut β†’ cluster revoke β†’ gated `userdel`), not an afterthought. - **ADR-0007 β€” Add swap + a capacity budget to the devvm before onboarding active users.** A shared 24 GB / **0-swap** host OOM-kills live sessions under multi-user load (wizard alone runs ~20). Swap + a max-concurrent ceiling are prerequisites, not follow-ups. diff --git a/docs/plans/2026-06-07-multi-user-workstation-plan.md b/docs/plans/2026-06-07-multi-user-workstation-plan.md index 1bd3275c..f98580c7 100644 --- a/docs/plans/2026-06-07-multi-user-workstation-plan.md +++ b/docs/plans/2026-06-07-multi-user-workstation-plan.md @@ -171,6 +171,8 @@ users: ### Task 5.1: Cut emo over to his own writable locked clone (opt-in, reversible) +> **DONE 2026-06-10** (staged across 06-08 β†’ 06-10), with two deviations: (1) step 4(c) **skipped deliberately** β€” the live `/etc/skel` shared base delivers `~/.claude/{rules,skills}` AS symlinks into the admin base, so emo's existing symlinks match the as-built design and were kept; (2) push access was **added** (not in this plan): `ebarzin` = write collaborator on Forgejo `viktor/infra` + PAT in `~/.git-credentials` + `forgejo` remote, with `master` branch-protected (see ADR-0004 amendment β€” push to master auto-applies via Woodpecker, so it is whitelist-gated to `viktor`). Verified: branch push OK, master push rejected, `code-shared` removed, admin tree unreadable as emo. + **Files:** none (host state; an explicit one-time action β€” NOT the routine reconcile) - [ ] **Step 1: Prereqs.** Confirm emo inherits config (Phase 1) + has his scoped kubeconfig (Phase 2). (Phase 3 deliberately SKIPPED emo β€” his clone is created *here*.) diff --git a/docs/runbooks/offboard-user.md b/docs/runbooks/offboard-user.md index 104f4fcd..05c0c5a8 100644 --- a/docs/runbooks/offboard-user.md +++ b/docs/runbooks/offboard-user.md @@ -29,7 +29,26 @@ gated `userdel_archive`, which is **never** auto-applied). sudo systemctl disable --now t3-serve@<os_user>.service sudo passwd -l <os_user> ``` -4. **Verify:** they can no longer reach `t3.viktorbarzin.me` (302 β†’ Authentik, then +4. **Revoke git + group access** *(manual)*: + ```bash + # legacy secret-bearing group, if they were ever in it + sudo gpasswd -d <os_user> code-shared + # drop write access to the infra repo + curl -X DELETE -H "Authorization: token <admin_pat>" \ + https://forgejo.viktorbarzin.me/api/v1/repos/viktor/infra/collaborators/<forgejo_login> + # if they were whitelisted for direct master push, remove them from the + # branch-protection whitelists (PATCH with the remaining usernames) + curl -X PATCH -H "Authorization: token <admin_pat>" -H 'Content-Type: application/json' \ + https://forgejo.viktorbarzin.me/api/v1/repos/viktor/infra/branch_protections/master \ + -d '{"push_whitelist_usernames":["viktor"],"merge_whitelist_usernames":["viktor"]}' + # revoke their devvm git PAT (token name: devvm-infra-git; admin PAT may + # manage other users' tokens β€” verified 2026-06-10; the CLI has no delete) + curl -X DELETE -H "Authorization: token <admin_pat>" \ + https://forgejo.viktorbarzin.me/api/v1/users/<forgejo_login>/tokens/devvm-infra-git + ``` + Note: their already-running sessions keep dropped groups until cycled β€” restart + `t3-serve@<os_user>` to enforce immediately. +5. **Verify:** they can no longer reach `t3.viktorbarzin.me` (302 β†’ Authentik, then denied once removed from the `T3 Users` group β€” Part C) and cannot log in. Nothing is deleted; re-adding the roster entry + reconcile fully restores them. diff --git a/scripts/t3-provision-users.sh b/scripts/t3-provision-users.sh index 37689153..52a27015 100644 --- a/scripts/t3-provision-users.sh +++ b/scripts/t3-provision-users.sh @@ -45,6 +45,25 @@ install_locked_clone() { runuser -u "$user" -- git -C "$home/code" checkout --quiet master } +# Keep an EXISTING non-admin clone fresh (the admin's tree is never touched): fetch +# all remotes, then fast-forward master only when that is provably safe β€” on master, +# clean tree, upstream configured. Never rebases/merges; a non-ff master (local +# commits) is the user's to reconcile and is only WARNed about. Fetch failures +# (offline, missing credentials) are non-fatal: freshness is best-effort. +refresh_locked_clone() { + local user="$1" home + home="$(getent passwd "$user" | cut -d: -f6)" + [[ -n "$home" && -d "$home/code/.git" ]] || return 0 + if [[ "$DRY_RUN" == 1 ]]; then echo "[dry-run] refresh clone -> $user:$home/code"; return 0; fi + runuser -u "$user" -- env GIT_TERMINAL_PROMPT=0 git -C "$home/code" fetch --all --prune --quiet 2>/dev/null \ + || { log "WARN: clone fetch failed for $user (offline/credentials?) β€” skipped"; return 0; } + [[ "$(runuser -u "$user" -- git -C "$home/code" symbolic-ref --short -q HEAD)" == master ]] || return 0 + [[ -z "$(runuser -u "$user" -- git -C "$home/code" status --porcelain)" ]] || return 0 + runuser -u "$user" -- git -C "$home/code" rev-parse --verify -q 'master@{upstream}' >/dev/null || return 0 + runuser -u "$user" -- git -C "$home/code" merge --ff-only 'master@{upstream}' >/dev/null 2>&1 \ + || log "WARN: $user master not fast-forwardable (local commits?) β€” left as-is" +} + # Per-user OIDC kubeconfig (kubelogin/PKCE β€” the `kubernetes` Authentik client is # public, no secret). Identical for all users: identity comes from each user's own # interactive OIDC login, which the apiserver maps (email claim) to their RBAC. @@ -177,8 +196,9 @@ while IFS=$'\t' read -r os_user tier shell groups_csv; do log "add $os_user -> group $g"; run gpasswd -a "$os_user" "$g" >/dev/null done fi - if [[ "$tier" != admin ]]; then # non-admins: locked clone + kubeconfig + shared Claude token + if [[ "$tier" != admin ]]; then # non-admins: locked clone (kept fresh) + kubeconfig + shared Claude token install_locked_clone "$os_user" + refresh_locked_clone "$os_user" install_user_kubeconfig "$os_user" install_user_claude_token "$os_user" fi diff --git a/scripts/workstation/managed-settings.json b/scripts/workstation/managed-settings.json index 224c49bd..d9a7ccaf 100644 --- a/scripts/workstation/managed-settings.json +++ b/scripts/workstation/managed-settings.json @@ -1,4 +1,4 @@ { - "claudeMd": "# Viktor Barzin homelab β€” shared multi-user Claude Code Workstation (devvm)\n\nYou are running as a specific OS user on a SHARED devvm Workstation, not as the admin. These org-wide rules apply to EVERY user and sit at the top of settings precedence (they cannot be overridden by a user's own config):\n\n- Respect your permission tier. Your kubectl, Vault, and infra access are scoped to your RBAC tier (admin / power-user / namespace-owner). Do not attempt to escalate privileges or reach another user's resources.\n- Secrets are per-user. Never read another user's home directory, credentials, tokens, or ~/.claude secrets. Your own secrets live in your home at mode 600.\n- Infrastructure changes go through Terraform/Terragrunt (scripts/tg apply) β€” never direct kubectl apply/edit/patch. Pushing to git does NOT deploy; applies are manual and admin-gated, so your edits cannot take effect without an admin apply.\n- Follow the engineering rules in ~/.claude/rules/ (execution, planning, quality) and every CLAUDE.md in the repo tree.\n- The monorepo is at ~/code. Non-admins get a git-crypt-LOCKED clone: secret files read as ciphertext β€” that is expected, not an error.", + "claudeMd": "# Viktor Barzin homelab β€” shared multi-user Claude Code Workstation (devvm)\n\nYou are running as a specific OS user on a SHARED devvm Workstation, not as the admin. These org-wide rules apply to EVERY user and sit at the top of settings precedence (they cannot be overridden by a user's own config):\n\n- Respect your permission tier. Your kubectl, Vault, and infra access are scoped to your RBAC tier (admin / power-user / namespace-owner). Do not attempt to escalate privileges or reach another user's resources.\n- Secrets are per-user. Never read another user's home directory, credentials, tokens, or ~/.claude secrets. Your own secrets live in your home at mode 600.\n- Infrastructure changes go through Terraform/Terragrunt β€” never direct kubectl apply/edit/patch. Committed stack changes are auto-applied by CI on push to master; you can verify the live result with your read-only kubectl.\n- The AGENT does ALL git mechanics silently β€” the user may not know git, so never ask them to commit, push, pull, or open anything, and never surface git jargon. When you finish a change in ~/code: commit it ON master and push to the forgejo remote. THE COMMIT MESSAGE IS THE AUDIT TRAIL β€” subject says WHAT changed; body says WHY in plain words (paraphrase the user's actual request) β€” this matters more than the change itself. Never use [ci skip] as a non-admin (it would hide the change from the audit feed; harmless no-op applies are fine). If the push is rejected non-fast-forward, git pull --rebase forgejo master and push again. If it is rejected by branch protection (user not whitelisted), fall back to a <os-user>/<topic> branch + PR via the Forgejo API (token = password field in ~/.git-credentials). Keep ~/code on a clean master when done so background auto-refresh keeps working. Tell the user in plain words what happened ('done β€” your change is live/recorded'). Full recipe: AGENTS.md β†’ 'Non-admin workstation users' in ~/code.\n- Follow the engineering rules in ~/.claude/rules/ (execution, planning, quality) and every CLAUDE.md in the repo tree.\n- The monorepo is at ~/code. Non-admins get a git-crypt-LOCKED clone: secret files read as ciphertext β€” that is expected, not an error.", "model": "claude-fable-5" } diff --git a/scripts/workstation/skel/start-claude.sh b/scripts/workstation/skel/start-claude.sh index fa21aa36..1a630366 100755 --- a/scripts/workstation/skel/start-claude.sh +++ b/scripts/workstation/skel/start-claude.sh @@ -19,6 +19,19 @@ fi cd "$HOME/code" 2>/dev/null || cd "$HOME" +# Freshen ~/code at session start so the user begins on current upstream state +# (the hourly t3-provision-users reconcile does the same in the background). +# Fast-forward only, and only when safe (on master + clean tree); hard 15s cap so +# an offline remote never stalls the launch. No-op for repos without remotes. +if [ -d "$HOME/code/.git" ]; then + GIT_TERMINAL_PROMPT=0 timeout 15 git -C "$HOME/code" fetch --all --prune --quiet 2>/dev/null || true + if [ "$(git -C "$HOME/code" symbolic-ref --short -q HEAD)" = master ] \ + && [ -z "$(git -C "$HOME/code" status --porcelain 2>/dev/null)" ] \ + && git -C "$HOME/code" rev-parse --verify -q 'master@{upstream}' >/dev/null 2>&1; then + git -C "$HOME/code" merge --ff-only 'master@{upstream}' >/dev/null 2>&1 || true + fi +fi + # Prefer the system-wide `claude` (installed by setup-devvm.sh); fall back to npx. launch() { if command -v claude >/dev/null 2>&1; then