forked from CodebuffAI/codebuff
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathbun
More file actions
executable file
·279 lines (246 loc) · 8.1 KB
/
Copy pathbun
File metadata and controls
executable file
·279 lines (246 loc) · 8.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
#!/bin/bash
# Common bun installation paths to check
BUN_PATHS=(
"/opt/homebrew/bin/bun"
"/usr/local/bin/bun"
"$HOME/.bun/bin/bun"
)
# Find the real bun executable
REAL_BUN=""
for path in "${BUN_PATHS[@]}"; do
if [ -f "$path" ]; then
REAL_BUN="$path"
break
fi
done
# Fallback: try to find bun in PATH excluding our directory
if [ -z "$REAL_BUN" ]; then
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
REAL_BUN=$(PATH=$(echo "$PATH" | tr ':' '\n' | grep -v "^$SCRIPT_DIR$" | tr '\n' ':') which bun)
fi
# Function to find project root using git
find_project_root() {
# Use git to find the repository root
local git_root=$(git rev-parse --show-toplevel 2>/dev/null)
if [ -n "$git_root" ]; then
echo "$git_root"
else
# Fallback to current directory if not in a git repo
echo "$(pwd)"
fi
}
# Infisical cache configuration
PROJECT_ROOT="$(find_project_root)"
CACHE_FILE="$PROJECT_ROOT/.infisical-cache"
CACHE_TTL_SECONDS=${INFISICAL_CACHE_TTL:-900} # Default 15 minutes, configurable via env var
# Clean up any leftover temporary files
rm -f "$CACHE_FILE.tmp" 2>/dev/null
# Function to check if cache is valid
is_cache_valid() {
if [ ! -f "$CACHE_FILE" ]; then
return 1
fi
local cache_time=$(stat -f "%m" "$CACHE_FILE" 2>/dev/null || stat -c "%Y" "$CACHE_FILE" 2>/dev/null)
local current_time=$(date +%s)
local age=$((current_time - cache_time))
# Check if cache has expired
if [ $age -ge $CACHE_TTL_SECONDS ]; then
return 1
fi
# Check if .infisical.json has been modified since cache was created
if [ -f "$PROJECT_ROOT/.infisical.json" ]; then
local infisical_time=$(stat -f "%m" "$PROJECT_ROOT/.infisical.json" 2>/dev/null || stat -c "%Y" "$PROJECT_ROOT/.infisical.json" 2>/dev/null)
if [ $infisical_time -gt $cache_time ]; then
return 1
fi
fi
return 0
}
# Function to load environment variables from cache
load_from_cache() {
if [ ! -f "$CACHE_FILE" ]; then
return 1
fi
# Use source to handle multi-line environment variables correctly
set -a # automatically export all variables
source "$CACHE_FILE" 2>/dev/null
set +a
# Verify that key variables are set to confirm success
if [ -n "$PORT" ] || [ -n "$DATABASE_URL" ] || [ -n "$ANTHROPIC_API_KEY" ]; then
return 0
else
# Cache validation failed
return 1
fi
}
# Function to load worktree env if it exists
load_worktree_env() {
if [ -f "$PROJECT_ROOT/.env.worktree" ]; then
if [ "$1" = "override" ]; then
echo "🔧 Loading worktree environment variables from .env.worktree (overriding Infisical)"
else
echo "🔧 Loading worktree environment variables from .env.worktree"
fi
set -a
source "$PROJECT_ROOT/.env.worktree"
set +a
fi
}
# Function to finalize and exec bun with secrets loaded
finalize_and_exec() {
export NEXT_PUBLIC_INFISICAL_UP=true
# Load worktree overrides AFTER Infisical cache to ensure they take precedence
load_worktree_env "override"
exec "$REAL_BUN" "$@"
}
# Function to create cache from infisical
create_cache() {
# Set performance optimizations for Infisical
export INFISICAL_DISABLE_UPDATE_CHECK=true
# Run infisical export in a subshell from project root to avoid cd in main shell
local output
local temp_file=$(mktemp)
# Run infisical export in background from project root, suppress stderr to avoid cluttered output
(cd "$PROJECT_ROOT" && infisical export > "$temp_file" 2>/dev/null; echo $? > "$temp_file.exit") &
local pid=$!
# Wait up to 10 seconds
local count=0
while [ $count -lt 100 ]; do # 100 * 0.1s = 10s
if ! kill -0 $pid 2>/dev/null; then
# Process finished
wait $pid 2>/dev/null
output=$(cat "$temp_file")
local exit_code=$(cat "$temp_file.exit" 2>/dev/null || echo 1)
rm -f "$temp_file" "$temp_file.exit"
break
fi
sleep 0.1
count=$((count + 1))
done
# If still running, kill it (timeout)
if kill -0 $pid 2>/dev/null; then
kill $pid 2>/dev/null
wait $pid 2>/dev/null
local exit_code=124 # Timeout exit code
output=""
rm -f "$temp_file" "$temp_file.exit"
fi
if [ $exit_code -eq 0 ]; then
# Command succeeded, write to cache
echo "$output" > "$CACHE_FILE"
if [ -s "$CACHE_FILE" ]; then
return 0 # Cache created successfully
else
rm -f "$CACHE_FILE"
return 1 # No variables found
fi
else
# Command failed or timed out
if echo "$output" | grep -q "Select the environment"; then
echo "⚠️ Infisical session expired or not logged in."
elif [ $exit_code -eq 124 ]; then
echo "⚠️ Infisical command timed out. Please check your connection or run 'infisical login'."
else
echo "⚠️ Infisical session expired or not logged in."
fi
echo " Please run: infisical login"
echo " Then try your command again."
rm -f "$CACHE_FILE"
return 1
fi
}
# Function to check if command doesn't need secrets
# Returns 0 if secrets are NOT needed, 1 if they ARE needed
doesnt_need_secrets() {
# If we're already running under infisical, don't need to wrap again
if [ -n "$NEXT_PUBLIC_INFISICAL_UP" ]; then
return 0
fi
# Find the first non-flag argument, which is the command
local cmd=""
for arg in "$@"; do
if [[ ! "$arg" =~ ^- ]]; then
cmd="$arg"
break
fi
done
# Handle version/help flags which can appear anywhere
for arg in "$@"; do
case "$arg" in
--version|-v|--help|-h|--revision)
return 0
;;
esac
done
# If no command is found (e.g., just 'bun'), it doesn't need secrets
if [ -z "$cmd" ]; then
return 0
fi
# Commands that don't need secrets
case "$cmd" in
# Package management
install|i|add|remove|rm|link|unlink|pm|update|upgrade)
return 0
;;
# Project initialization
init|create)
return 0
;;
# Info/utility
info|outdated|audit|typecheck)
return 0
;;
# Run command needs special handling
run)
# Find the script name after 'run'
local script=""
local found_run=false
for arg in "$@"; do
if $found_run && [[ ! "$arg" =~ ^- ]]; then
script="$arg"
break
fi
if [[ "$arg" == "run" ]]; then
found_run=true
fi
done
# 'bun run' with no script lists scripts, no secrets needed
if [ -z "$script" ]; then
return 0
fi
# Scripts that typically don't need secrets
case "$script" in
format|lint|typecheck|compile)
return 0
;;
*)
# Default run scripts to needing secrets
return 1
;;
esac
;;
*)
# Default to needing secrets for all other commands
return 1
;;
esac
}
# Main logic - determine execution path based on secrets requirement
if doesnt_need_secrets "$@"; then
# Path 1: Command doesn't need secrets - run directly
# But still load worktree overrides for commands that don't need secrets
load_worktree_env
exec "$REAL_BUN" "$@"
fi
# Path 2: Command needs secrets - try cache first, then create if needed
if is_cache_valid && load_from_cache; then
# Path 2a: Valid cache exists - use it, then apply worktree overrides
finalize_and_exec "$@"
fi
# Path 2b: No valid cache - create new one
if create_cache; then
load_from_cache
finalize_and_exec "$@"
fi
# Path 2c: Cache creation failed - exit with error
exit 1