82 lines
2.8 KiB
Markdown
82 lines
2.8 KiB
Markdown
# Phase 6: Default Repos & SSH Mount - Discussion Log
|
|
|
|
> **Audit trail only.** Do not use as input to planning, research, or execution agents.
|
|
> Decisions are captured in CONTEXT.md — this log preserves the alternatives considered.
|
|
|
|
**Date:** 2026-06-14
|
|
**Phase:** 6-Default Repos & SSH Mount
|
|
**Areas discussed:** Git auth strategy, Workspace path, Init script, Default repos list, Configurability
|
|
|
|
---
|
|
|
|
## Git Auth Strategy
|
|
|
|
| Option | Description | Selected |
|
|
|--------|-------------|----------|
|
|
| Mount full ~/.ssh:ro | Simple, exposes all keys including personal ones | |
|
|
| Mount specific key files | More surgical — only the keys needed for bitbucket | ✓ |
|
|
| HTTPS + App Password | No SSH in container, env var based | |
|
|
|
|
**User's choice:** Mount specific keys — `id_ed25519razer` and `id_rsa` plus `~/.ssh/config`
|
|
**Notes:** The config already maps bitbucket.org → `id_ed25519razer`. Keys mounted read-only.
|
|
|
|
---
|
|
|
|
## Workspace Path
|
|
|
|
| Option | Description | Selected |
|
|
|--------|-------------|----------|
|
|
| Clone into Docker volume | Ephemeral, lost on restart | |
|
|
| Mount host repo dirs | Repos at ~/Razer/* mounted directly into container | ✓ |
|
|
| Hybrid clone + mount | Some repos cloned, some mounted | |
|
|
|
|
**User's choice:** Mount host repo dirs directly
|
|
**Notes:** Repos live at `~/Razer/rai-ops`, `~/Razer/rai-deployment`, `~/Razer/rai-devtools`. Mounted read-write per folder. Host-side git worktrees are preserved — no re-cloning needed.
|
|
|
|
---
|
|
|
|
## Init Script
|
|
|
|
| Option | Description | Selected |
|
|
|--------|-------------|----------|
|
|
| Ok | session-init.sh in ~/.hermes/scripts/ | ✓ |
|
|
|
|
**User's choice:** Approved as proposed
|
|
**Notes:** Script goes in `~/.hermes/scripts/session-init.sh`, configured via `shell_init_files`.
|
|
|
|
---
|
|
|
|
## Default Repos List
|
|
|
|
| Option | Description | Selected |
|
|
|--------|-------------|----------|
|
|
| rai-ops, rai-deployment, rai-devtools only | 3 repos on Bitbucket razersw workspace | ✓ |
|
|
|
|
**User's choice:** These 3 for now, but wants it configurable
|
|
**Notes:** DEFAULT_REPOS as env var in .env so user can add/remove without editing the script.
|
|
|
|
---
|
|
|
|
## Configurability
|
|
|
|
| Option | Description | Selected |
|
|
|--------|-------------|----------|
|
|
| Hardcoded in script | Simple but requires editing script to change | |
|
|
| Env var in .env | Configurable by editing .env | ✓ |
|
|
| Config file | Dedicated config file | |
|
|
|
|
**User's choice:** Env var in .env
|
|
**Notes:** `DEFAULT_REPOS=rai-ops,rai-deployment,rai-devtools` in `~/.hermes/.env`, forwarded into Docker via `docker_forward_env`.
|
|
|
|
---
|
|
|
|
## the agent's Discretion
|
|
|
|
- Init script error handling (non-blocking on missing repos)
|
|
- On-demand clone destination (default to /workspace/)
|
|
|
|
## Deferred Ideas
|
|
|
|
- Per-repo deploy keys for future security hardening
|
|
- Auto-register repos as git worktrees (already handled host-side)
|