2.8 KiB
Phase 6: Default Repos & SSH Mount - Discussion Log
Audit trail only. Do not use as input to planning, research, or execution agents. Decisions are captured in CONTEXT.md — this log preserves the alternatives considered.
Date: 2026-06-14 Phase: 6-Default Repos & SSH Mount Areas discussed: Git auth strategy, Workspace path, Init script, Default repos list, Configurability
Git Auth Strategy
| Option | Description | Selected |
|---|---|---|
| Mount full ~/.ssh:ro | Simple, exposes all keys including personal ones | |
| Mount specific key files | More surgical — only the keys needed for bitbucket | ✓ |
| HTTPS + App Password | No SSH in container, env var based |
User's choice: Mount specific keys — id_ed25519razer and id_rsa plus ~/.ssh/config
Notes: The config already maps bitbucket.org → id_ed25519razer. Keys mounted read-only.
Workspace Path
| Option | Description | Selected |
|---|---|---|
| Clone into Docker volume | Ephemeral, lost on restart | |
| Mount host repo dirs | Repos at ~/Razer/* mounted directly into container | ✓ |
| Hybrid clone + mount | Some repos cloned, some mounted |
User's choice: Mount host repo dirs directly
Notes: Repos live at ~/Razer/rai-ops, ~/Razer/rai-deployment, ~/Razer/rai-devtools. Mounted read-write per folder. Host-side git worktrees are preserved — no re-cloning needed.
Init Script
| Option | Description | Selected |
|---|---|---|
| Ok | session-init.sh in ~/.hermes/scripts/ | ✓ |
User's choice: Approved as proposed
Notes: Script goes in ~/.hermes/scripts/session-init.sh, configured via shell_init_files.
Default Repos List
| Option | Description | Selected |
|---|---|---|
| rai-ops, rai-deployment, rai-devtools only | 3 repos on Bitbucket razersw workspace | ✓ |
User's choice: These 3 for now, but wants it configurable Notes: DEFAULT_REPOS as env var in .env so user can add/remove without editing the script.
Configurability
| Option | Description | Selected |
|---|---|---|
| Hardcoded in script | Simple but requires editing script to change | |
| Env var in .env | Configurable by editing .env | ✓ |
| Config file | Dedicated config file |
User's choice: Env var in .env
Notes: DEFAULT_REPOS=rai-ops,rai-deployment,rai-devtools in ~/.hermes/.env, forwarded into Docker via docker_forward_env.
the agent's Discretion
- Init script error handling (non-blocking on missing repos)
- On-demand clone destination (default to /workspace/)
Deferred Ideas
- Per-repo deploy keys for future security hardening
- Auto-register repos as git worktrees (already handled host-side)