From 1340d2086c9106330911c04744e98385b0d64578 Mon Sep 17 00:00:00 2001 From: Codex Date: Mon, 15 Jun 2026 04:53:32 +0000 Subject: [PATCH] fix: isolate AgentRun gitops publish workspace --- scripts/src/agentrun.ts | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/scripts/src/agentrun.ts b/scripts/src/agentrun.ts index 76171933..30c8e98a 100644 --- a/scripts/src/agentrun.ts +++ b/scripts/src/agentrun.ts @@ -3151,7 +3151,7 @@ async function waitForYamlLaneSourceBootstrap(config: UniDeskConfig, spec: Agent sourceCommit: stringOrNull(payload.sourceCommit), elapsedMs: Date.now() - startedAt, }); - if (payload.ok === true && stringOrNull(payload.sourceCommit) !== null) return { ok: true, payload, polls, elapsedMs: Date.now() - startedAt }; + if (payload.status === "succeeded" && stringOrNull(payload.sourceCommit) !== null) return { ok: payload.ok === true, payload, polls, elapsedMs: Date.now() - startedAt }; if (payload.status === "failed") return { ok: false, payload, polls, elapsedMs: Date.now() - startedAt }; await sleep(pollMs); } @@ -3299,9 +3299,7 @@ function yamlLaneGitopsPublishSubmitScript(spec: AgentRunLaneSpec, files: readon return [ "set -eu", `state_dir=${shQuote(stateDir)}`, - `workspace=${shQuote(spec.source.workspace)}`, `remote=${shQuote(spec.source.remote)}`, - `source_branch=${shQuote(spec.source.branch)}`, `gitops_branch=${shQuote(spec.gitops.branch)}`, `gitops_root=${shQuote(spec.deployment.gitopsRoot)}`, `artifact_catalog=${shQuote(spec.deployment.artifactCatalogPath)}`, @@ -3311,19 +3309,23 @@ function yamlLaneGitopsPublishSubmitScript(spec: AgentRunLaneSpec, files: readon "status_file=\"$state_dir/$job_id.json\"", "stdout_file=\"$state_dir/$job_id.stdout.log\"", "stderr_file=\"$state_dir/$job_id.stderr.log\"", + "publish_root=\"$state_dir/worktrees\"", + "publish_worktree=\"$publish_root/$job_id\"", "cat > \"$status_file\" </dev/null | sed 's/\"/\\\\\"/g' | tr '\\n' ' ' | cut -c1-4000); CODE=\"$code\" ERROR_TAIL=\"$tail_text\" JOB_ID=\"$job_id\" WORKSPACE=\"$workspace\" GITOPS_BRANCH=\"$gitops_branch\" node <<'NODE' > \"$status_file\"", + " write_failed_status() { code=$?; if [ \"$code\" -ne 0 ]; then tail_text=$(tail -n 80 \"$stderr_file\" 2>/dev/null | sed 's/\"/\\\\\"/g' | tr '\\n' ' ' | cut -c1-4000); CODE=\"$code\" ERROR_TAIL=\"$tail_text\" JOB_ID=\"$job_id\" PUBLISH_WORKSPACE=\"$publish_worktree\" GITOPS_BRANCH=\"$gitops_branch\" node <<'NODE' > \"$status_file\"", "const code = Number(process.env.CODE || 1);", - "console.log(JSON.stringify({ ok: false, status: 'failed', exitCode: code, jobId: process.env.JOB_ID, workspace: process.env.WORKSPACE, gitopsBranch: process.env.GITOPS_BRANCH, errorTail: process.env.ERROR_TAIL || null, valuesPrinted: false }));", + "console.log(JSON.stringify({ ok: false, status: 'failed', exitCode: code, jobId: process.env.JOB_ID, publishWorkspace: process.env.PUBLISH_WORKSPACE, gitopsBranch: process.env.GITOPS_BRANCH, errorTail: process.env.ERROR_TAIL || null, valuesPrinted: false }));", "NODE", " fi; exit \"$code\"; }", " trap write_failed_status EXIT", - " cd \"$workspace\"", - " git remote set-url origin \"$remote\" || git remote add origin \"$remote\"", + " mkdir -p \"$publish_root\"", + " rm -rf \"$publish_worktree\"", + " git clone --no-checkout \"$remote\" \"$publish_worktree\"", + " cd \"$publish_worktree\"", " git fetch origin \"$gitops_branch\" || true", " if git rev-parse --verify \"refs/remotes/origin/$gitops_branch^{commit}\" >/dev/null 2>&1; then", " git checkout -B \"$gitops_branch\" \"refs/remotes/origin/$gitops_branch\"", @@ -3348,9 +3350,9 @@ function yamlLaneGitopsPublishSubmitScript(spec: AgentRunLaneSpec, files: readon " if git diff --quiet --cached; then changed=false; else changed=true; git -c user.email=agentrun@unidesk.local -c user.name='UniDesk AgentRun Ops' commit -m \"deploy: render AgentRun ${gitops_branch} from UniDesk YAML\"; fi", " git push -u origin \"$gitops_branch\"", " gitops_commit=$(git rev-parse HEAD)", - " git checkout \"$source_branch\" >/dev/null 2>&1 || true", - " CHANGED=\"$changed\" GITOPS_BRANCH=\"$gitops_branch\" GITOPS_COMMIT=\"$gitops_commit\" FILE_COUNT=\"" + String(files.length) + "\" JOB_ID=\"$job_id\" WORKSPACE=\"$workspace\" node <<'NODE' > \"$status_file\"", - "console.log(JSON.stringify({ ok: true, status: 'succeeded', jobId: process.env.JOB_ID, workspace: process.env.WORKSPACE, changed: process.env.CHANGED === 'true', gitopsBranch: process.env.GITOPS_BRANCH, gitopsCommit: process.env.GITOPS_COMMIT, fileCount: Number(process.env.FILE_COUNT || 0), valuesPrinted: false }));", + " rm -rf \"$publish_worktree\"", + " CHANGED=\"$changed\" GITOPS_BRANCH=\"$gitops_branch\" GITOPS_COMMIT=\"$gitops_commit\" FILE_COUNT=\"" + String(files.length) + "\" JOB_ID=\"$job_id\" node <<'NODE' > \"$status_file\"", + "console.log(JSON.stringify({ ok: true, status: 'succeeded', jobId: process.env.JOB_ID, changed: process.env.CHANGED === 'true', gitopsBranch: process.env.GITOPS_BRANCH, gitopsCommit: process.env.GITOPS_COMMIT, fileCount: Number(process.env.FILE_COUNT || 0), valuesPrinted: false }));", "NODE", " trap - EXIT", ") >\"$stdout_file\" 2>\"$stderr_file\" &",