mess: UV + settings KISS + fixes
This commit is contained in:
+121
-211
@@ -1,239 +1,149 @@
|
||||
#!/usr/bin/env python3
|
||||
"""Bootstrap script - generates .env.alfred, .env.librechat, .env.secrets and .env.make."""
|
||||
|
||||
import re
|
||||
import secrets
|
||||
import sys
|
||||
from pathlib import Path
|
||||
|
||||
import tomllib
|
||||
from config_loader import load_build_config, write_env_make
|
||||
|
||||
BASE_DIR = Path(__file__).resolve().parent.parent
|
||||
|
||||
def load_secrets_spec(toml_data: dict) -> dict[str, tuple[int, str]]:
|
||||
"""Load secrets spec from pyproject.toml [tool.alfred.secrets]."""
|
||||
raw = toml_data.get("tool", {}).get("alfred", {}).get("secrets", {})
|
||||
result = {}
|
||||
for key, rule in raw.items():
|
||||
size_str, fmt = rule.split(":")
|
||||
result[key] = (int(size_str), fmt)
|
||||
return result
|
||||
|
||||
|
||||
def generate_secret(rule: str) -> str:
|
||||
"""
|
||||
Generates a cryptographically secure secret based on a spec string.
|
||||
Example specs: '32:b64', '16:hex'.
|
||||
"""
|
||||
chunks: list[str] = rule.split(":")
|
||||
size: int = int(chunks[0])
|
||||
tech: str = chunks[1]
|
||||
def generate_secret(size: int, fmt: str) -> str:
|
||||
match fmt:
|
||||
case "hex":
|
||||
return secrets.token_hex(size)
|
||||
case "b64":
|
||||
return secrets.token_urlsafe(size)
|
||||
case _:
|
||||
raise ValueError(f"Unknown format: {fmt}")
|
||||
|
||||
if tech == "b64":
|
||||
return secrets.token_urlsafe(size)
|
||||
elif tech == "hex":
|
||||
return secrets.token_hex(size)
|
||||
|
||||
def load_env_file(path: Path) -> dict[str, str]:
|
||||
"""Load key=value pairs from an env file, ignoring comments and blanks."""
|
||||
result = {}
|
||||
if not path.exists():
|
||||
return result
|
||||
for line in path.read_text().splitlines():
|
||||
stripped = line.strip()
|
||||
if stripped and not stripped.startswith("#") and "=" in stripped:
|
||||
key, _, value = stripped.partition("=")
|
||||
result[key.strip()] = value.strip()
|
||||
return result
|
||||
|
||||
|
||||
def copy_example_if_missing(src: Path, dst: Path, label: str) -> None:
|
||||
"""Copy src to dst only if dst doesn't exist yet."""
|
||||
if dst.exists():
|
||||
print(f" ↻ {dst.name} already exists, skipping")
|
||||
return
|
||||
if not src.exists():
|
||||
print(f" ⚠ {label} example not found at {src} — skipping (add it manually)")
|
||||
return
|
||||
dst.write_text(src.read_text())
|
||||
print(f" + {dst.name} created from {src.name}")
|
||||
|
||||
|
||||
def generate_secrets_file(path: Path, secrets_spec: dict[str, tuple[int, str]]) -> None:
|
||||
"""Generate .env.secrets with missing secrets, never overwrite existing ones."""
|
||||
existing = load_env_file(path)
|
||||
lines = list(path.read_text().splitlines()) if path.exists() else [
|
||||
"# Auto-generated secrets — DO NOT COMMIT",
|
||||
"# Run 'make bootstrap' to generate missing secrets",
|
||||
"",
|
||||
]
|
||||
|
||||
added = []
|
||||
for key, (size, fmt) in secrets_spec.items():
|
||||
if key not in existing:
|
||||
value = generate_secret(size, fmt)
|
||||
lines.append(f"{key}={value}")
|
||||
added.append(key)
|
||||
|
||||
path.write_text("\n".join(lines) + "\n")
|
||||
|
||||
if added:
|
||||
print(f" + Generated: {', '.join(added)}")
|
||||
else:
|
||||
raise ValueError(f"Invalid security format: {tech}")
|
||||
print(" ↻ All secrets already exist, nothing generated")
|
||||
|
||||
|
||||
def extract_python_version(version_string: str) -> tuple[str, str]:
|
||||
"""
|
||||
Extract Python version from poetry dependency string.
|
||||
Examples:
|
||||
"==3.14.2" -> ("3.14.2", "3.14")
|
||||
"^3.14.2" -> ("3.14.2", "3.14")
|
||||
"~3.14.2" -> ("3.14.2", "3.14")
|
||||
"3.14.2" -> ("3.14.2", "3.14")
|
||||
"""
|
||||
import re # noqa: PLC0415
|
||||
|
||||
# Remove poetry version operators (==, ^, ~, >=, etc.)
|
||||
clean_version = re.sub(r"^[=^~><]+", "", version_string.strip())
|
||||
|
||||
# Extract version parts
|
||||
parts = clean_version.split(".")
|
||||
|
||||
clean = re.sub(r"^[=^~><]+", "", version_string.strip())
|
||||
parts = clean.split(".")
|
||||
if len(parts) >= 2:
|
||||
full_version = clean_version
|
||||
short_version = f"{parts[0]}.{parts[1]}"
|
||||
return full_version, short_version
|
||||
else:
|
||||
raise ValueError(f"Invalid Python version format: {version_string}")
|
||||
return clean, f"{parts[0]}.{parts[1]}"
|
||||
raise ValueError(f"Invalid Python version: {version_string}")
|
||||
|
||||
|
||||
# TODO: Refactor
|
||||
def bootstrap(): # noqa: PLR0912, PLR0915
|
||||
"""
|
||||
Initializes the .env file by merging .env.example with generated secrets
|
||||
and build variables from pyproject.toml.
|
||||
Also generates .env.make for Makefile.
|
||||
def write_env_make(toml_data: dict) -> None:
|
||||
"""Write .env.make from pyproject.toml."""
|
||||
project = toml_data["project"]
|
||||
alfred = toml_data["tool"]["alfred"]
|
||||
|
||||
ALWAYS preserves existing secrets!
|
||||
"""
|
||||
base_dir = Path(__file__).resolve().parent.parent
|
||||
env_path = base_dir / ".env"
|
||||
python_full, python_short = extract_python_version(project["requires-python"])
|
||||
|
||||
example_path = base_dir / ".env.example"
|
||||
if not example_path.exists():
|
||||
print(f"❌ {example_path.name} not found.")
|
||||
return
|
||||
lines = [
|
||||
"# Auto-generated from pyproject.toml — do not edit manually",
|
||||
f"export ALFRED_VERSION={project['version']}",
|
||||
f"export PYTHON_VERSION={python_full}",
|
||||
f"export PYTHON_VERSION_SHORT={python_short}",
|
||||
f"export IMAGE_NAME={alfred['image_name']}",
|
||||
f"export SERVICE_NAME={alfred['service_name']}",
|
||||
f"export LIBRECHAT_VERSION={alfred['librechat_version']}",
|
||||
f"export RAG_VERSION={alfred['rag_version']}",
|
||||
f"export UV_VERSION={alfred['uv_version']}",
|
||||
]
|
||||
|
||||
toml_path = base_dir / "pyproject.toml"
|
||||
env_make_path = BASE_DIR / ".env.make"
|
||||
env_make_path.write_text("\n".join(lines) + "\n")
|
||||
print(f" + {env_make_path.name} written")
|
||||
|
||||
|
||||
def main() -> int:
|
||||
print("🚀 Starting bootstrap...")
|
||||
|
||||
toml_path = BASE_DIR / "pyproject.toml"
|
||||
if not toml_path.exists():
|
||||
print(f"❌ {toml_path.name} not found.")
|
||||
return
|
||||
print(f"❌ pyproject.toml not found: {toml_path}")
|
||||
return 1
|
||||
|
||||
# ALWAYS load existing .env if it exists
|
||||
existing_env = {}
|
||||
if env_path.exists():
|
||||
print("🔄 Reading existing .env...")
|
||||
with open(env_path) as f:
|
||||
for line in f:
|
||||
if "=" in line and not line.strip().startswith("#"):
|
||||
key, value = line.split("=", 1)
|
||||
existing_env[key.strip()] = value.strip()
|
||||
print(f" Found {len(existing_env)} existing keys")
|
||||
print("🔧 Updating .env file (keeping secrets)...")
|
||||
else:
|
||||
print("🔧 Initializing: Creating secure .env file...")
|
||||
|
||||
# Load data from pyproject.toml
|
||||
with open(toml_path, "rb") as f:
|
||||
data = tomllib.load(f)
|
||||
security_keys = data["tool"]["alfred"]["security"]
|
||||
settings_keys = data["tool"]["alfred"]["settings"]
|
||||
dependencies = data["tool"]["poetry"]["dependencies"]
|
||||
alfred_version = data["tool"]["poetry"]["version"]
|
||||
toml_data = tomllib.load(f)
|
||||
|
||||
# Normalize TOML keys to UPPER_CASE for .env format (done once)
|
||||
security_keys_upper = {k.upper(): v for k, v in security_keys.items()}
|
||||
settings_keys_upper = {k.upper(): v for k, v in settings_keys.items()}
|
||||
|
||||
# Extract Python version
|
||||
python_version_full, python_version_short = extract_python_version(
|
||||
dependencies["python"]
|
||||
print("\n📄 Env files:")
|
||||
copy_example_if_missing(
|
||||
src=BASE_DIR / ".env.example",
|
||||
dst=BASE_DIR / ".env.alfred",
|
||||
label="Alfred",
|
||||
)
|
||||
copy_example_if_missing(
|
||||
src=BASE_DIR / "librechat" / ".env.example",
|
||||
dst=BASE_DIR / ".env.librechat",
|
||||
label="LibreChat",
|
||||
)
|
||||
|
||||
# Read .env.example
|
||||
with open(example_path) as f:
|
||||
example_lines = f.readlines()
|
||||
secrets_spec = load_secrets_spec(toml_data)
|
||||
print("\n🔐 Secrets:")
|
||||
generate_secrets_file(BASE_DIR / ".env.secrets", secrets_spec)
|
||||
|
||||
new_lines = []
|
||||
# Process each line from .env.example
|
||||
for raw_line in example_lines:
|
||||
line = raw_line.strip()
|
||||
print("\n🔧 Build config:")
|
||||
write_env_make(toml_data)
|
||||
|
||||
if line and not line.startswith("#") and "=" in line:
|
||||
key, value = line.split("=", 1)
|
||||
key = key.strip()
|
||||
|
||||
# Check if key exists in current .env (update mode)
|
||||
if key in existing_env:
|
||||
# Keep existing value for secrets
|
||||
if key in security_keys_upper:
|
||||
new_lines.append(f"{key}={existing_env[key]}\n")
|
||||
print(f" ↻ Kept existing {key}")
|
||||
# Update build vars from pyproject.toml
|
||||
elif key in settings_keys_upper:
|
||||
new_value = settings_keys_upper[key]
|
||||
if existing_env[key] != new_value:
|
||||
new_lines.append(f"{key}={new_value}\n")
|
||||
print(f" ↻ Updated {key}: {existing_env[key]} → {new_value}")
|
||||
else:
|
||||
new_lines.append(f"{key}={existing_env[key]}\n")
|
||||
print(f" ↻ Kept {key}={existing_env[key]}")
|
||||
# Update Python versions
|
||||
elif key == "PYTHON_VERSION":
|
||||
if existing_env[key] != python_version_full:
|
||||
new_lines.append(f"{key}={python_version_full}\n")
|
||||
print(
|
||||
f" ↻ Updated Python: {existing_env[key]} → {python_version_full}"
|
||||
)
|
||||
else:
|
||||
new_lines.append(f"{key}={existing_env[key]}\n")
|
||||
print(f" ↻ Kept Python: {existing_env[key]}")
|
||||
elif key == "PYTHON_VERSION_SHORT":
|
||||
if existing_env[key] != python_version_short:
|
||||
new_lines.append(f"{key}={python_version_short}\n")
|
||||
print(
|
||||
f" ↻ Updated Python (short): {existing_env[key]} → {python_version_short}"
|
||||
)
|
||||
else:
|
||||
new_lines.append(f"{key}={existing_env[key]}\n")
|
||||
print(f" ↻ Kept Python (short): {existing_env[key]}")
|
||||
elif key == "ALFRED_VERSION":
|
||||
if existing_env.get(key) != alfred_version:
|
||||
new_lines.append(f"{key}={alfred_version}\n")
|
||||
print(
|
||||
f" ↻ Updated Alfred version: {existing_env.get(key, 'N/A')} → {alfred_version}"
|
||||
)
|
||||
else:
|
||||
new_lines.append(f"{key}={alfred_version}\n")
|
||||
print(f" ↻ Kept Alfred version: {alfred_version}")
|
||||
# Keep other existing values
|
||||
else:
|
||||
new_lines.append(f"{key}={existing_env[key]}\n")
|
||||
# Key doesn't exist, generate/add it
|
||||
elif key in security_keys_upper:
|
||||
rule = security_keys_upper[key]
|
||||
secret = generate_secret(rule)
|
||||
new_lines.append(f"{key}={secret}\n")
|
||||
print(f" + Secret generated for {key} ({rule})")
|
||||
elif key in settings_keys_upper:
|
||||
value = settings_keys_upper[key]
|
||||
new_lines.append(f"{key}={value}\n")
|
||||
print(f" + Setting added: {key}={value}")
|
||||
elif key == "PYTHON_VERSION":
|
||||
new_lines.append(f"{key}={python_version_full}\n")
|
||||
print(f" + Python version: {python_version_full}")
|
||||
elif key == "PYTHON_VERSION_SHORT":
|
||||
new_lines.append(f"{key}={python_version_short}\n")
|
||||
print(f" + Python version (short): {python_version_short}")
|
||||
elif key == "ALFRED_VERSION":
|
||||
new_lines.append(f"{key}={alfred_version}\n")
|
||||
print(f" + Alfred version: {alfred_version}")
|
||||
else:
|
||||
new_lines.append(raw_line)
|
||||
else:
|
||||
# Keep comments and empty lines
|
||||
new_lines.append(raw_line)
|
||||
|
||||
# Compute database URIs from the generated values
|
||||
final_env = {}
|
||||
for line in new_lines:
|
||||
if "=" in line and not line.strip().startswith("#"):
|
||||
key, value = line.split("=", 1)
|
||||
final_env[key.strip()] = value.strip()
|
||||
|
||||
# Compute MONGO_URI
|
||||
if "MONGO_USER" in final_env and "MONGO_PASSWORD" in final_env:
|
||||
mongo_uri = (
|
||||
f"mongodb://{final_env.get('MONGO_USER', 'alfred')}:"
|
||||
f"{final_env.get('MONGO_PASSWORD', '')}@"
|
||||
f"{final_env.get('MONGO_HOST', 'mongodb')}:"
|
||||
f"{final_env.get('MONGO_PORT', '27017')}/"
|
||||
f"{final_env.get('MONGO_DB_NAME', 'alfred')}?authSource=admin"
|
||||
)
|
||||
# Update MONGO_URI in new_lines
|
||||
for i, line in enumerate(new_lines):
|
||||
if line.startswith("MONGO_URI="):
|
||||
new_lines[i] = f"MONGO_URI={mongo_uri}\n"
|
||||
print(" ✓ Computed MONGO_URI")
|
||||
break
|
||||
|
||||
# Compute POSTGRES_URI
|
||||
if "POSTGRES_USER" in final_env and "POSTGRES_PASSWORD" in final_env:
|
||||
postgres_uri = (
|
||||
f"postgresql://{final_env.get('POSTGRES_USER', 'alfred')}:"
|
||||
f"{final_env.get('POSTGRES_PASSWORD', '')}@"
|
||||
f"{final_env.get('POSTGRES_HOST', 'vectordb')}:"
|
||||
f"{final_env.get('POSTGRES_PORT', '5432')}/"
|
||||
f"{final_env.get('POSTGRES_DB_NAME', 'alfred')}"
|
||||
)
|
||||
# Update POSTGRES_URI in new_lines
|
||||
for i, line in enumerate(new_lines):
|
||||
if line.startswith("POSTGRES_URI="):
|
||||
new_lines[i] = f"POSTGRES_URI={postgres_uri}\n"
|
||||
print(" ✓ Computed POSTGRES_URI")
|
||||
break
|
||||
|
||||
# Write .env file
|
||||
with open(env_path, "w", encoding="utf-8") as f:
|
||||
f.writelines(new_lines)
|
||||
print(f"\n✅ {env_path.name} generated successfully.")
|
||||
|
||||
# Generate .env.make for Makefile using shared config loader
|
||||
config = load_build_config(base_dir)
|
||||
write_env_make(config, base_dir)
|
||||
print("✅ .env.make generated for Makefile.")
|
||||
print("\n⚠️ Reminder: Please manually add your API keys to the .env file.")
|
||||
print("\n✅ Bootstrap complete!")
|
||||
return 0
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
bootstrap()
|
||||
sys.exit(main())
|
||||
|
||||
+33
-38
@@ -1,4 +1,4 @@
|
||||
"""Shared configuration loader for bootstrap and CI."""
|
||||
"""Shared configuration loader — reads build config from pyproject.toml."""
|
||||
|
||||
import re
|
||||
from pathlib import Path
|
||||
@@ -13,31 +13,25 @@ class BuildConfig(NamedTuple):
|
||||
alfred_version: str
|
||||
python_version: str
|
||||
python_version_short: str
|
||||
runner: str
|
||||
image_name: str
|
||||
service_name: str
|
||||
librechat_version: str
|
||||
rag_version: str
|
||||
uv_version: str
|
||||
|
||||
|
||||
def extract_python_version(version_string: str) -> tuple[str, str]:
|
||||
"""
|
||||
Extract Python version from poetry dependency string.
|
||||
Extract Python version from uv dependency string.
|
||||
Examples:
|
||||
"==3.14.2" -> ("3.14.2", "3.14")
|
||||
"^3.14.2" -> ("3.14.2", "3.14")
|
||||
"~3.14.2" -> ("3.14.2", "3.14")
|
||||
"3.14.2" -> ("3.14.2", "3.14")
|
||||
"^3.14.2" -> ("3.14.2", "3.14")
|
||||
"""
|
||||
clean_version = re.sub(r"^[=^~><]+", "", version_string.strip())
|
||||
parts = clean_version.split(".")
|
||||
|
||||
clean = re.sub(r"^[=^~><]+", "", version_string.strip())
|
||||
parts = clean.split(".")
|
||||
if len(parts) >= 2:
|
||||
full_version = clean_version
|
||||
short_version = f"{parts[0]}.{parts[1]}"
|
||||
return full_version, short_version
|
||||
else:
|
||||
raise ValueError(f"Invalid Python version format: {version_string}")
|
||||
return clean, f"{parts[0]}.{parts[1]}"
|
||||
raise ValueError(f"Invalid Python version format: {version_string}")
|
||||
|
||||
|
||||
def load_build_config(base_dir: Path | None = None) -> BuildConfig:
|
||||
@@ -51,23 +45,21 @@ def load_build_config(base_dir: Path | None = None) -> BuildConfig:
|
||||
|
||||
with open(toml_path, "rb") as f:
|
||||
data = tomllib.load(f)
|
||||
settings_keys = data["tool"]["alfred"]["settings"]
|
||||
dependencies = data["tool"]["poetry"]["dependencies"]
|
||||
alfred_version = data["tool"]["poetry"]["version"]
|
||||
|
||||
python_version_full, python_version_short = extract_python_version(
|
||||
dependencies["python"]
|
||||
)
|
||||
project = data["project"]
|
||||
alfred = data["tool"]["alfred"]
|
||||
|
||||
python_full, python_short = extract_python_version(project["requires-python"])
|
||||
|
||||
return BuildConfig(
|
||||
alfred_version=alfred_version,
|
||||
python_version=python_version_full,
|
||||
python_version_short=python_version_short,
|
||||
runner=settings_keys["runner"],
|
||||
image_name=settings_keys["image_name"],
|
||||
service_name=settings_keys["service_name"],
|
||||
librechat_version=settings_keys["librechat_version"],
|
||||
rag_version=settings_keys["rag_version"],
|
||||
alfred_version=project["version"],
|
||||
python_version=python_full,
|
||||
python_version_short=python_short,
|
||||
image_name=alfred["image_name"],
|
||||
service_name=alfred["service_name"],
|
||||
librechat_version=alfred["librechat_version"],
|
||||
rag_version=alfred["rag_version"],
|
||||
uv_version=alfred["uv_version"],
|
||||
)
|
||||
|
||||
|
||||
@@ -76,14 +68,17 @@ def write_env_make(config: BuildConfig, base_dir: Path | None = None) -> None:
|
||||
if base_dir is None:
|
||||
base_dir = Path(__file__).resolve().parent.parent
|
||||
|
||||
lines = [
|
||||
"# Auto-generated from pyproject.toml — do not edit manually",
|
||||
f"export ALFRED_VERSION={config.alfred_version}",
|
||||
f"export PYTHON_VERSION={config.python_version}",
|
||||
f"export PYTHON_VERSION_SHORT={config.python_version_short}",
|
||||
f"export IMAGE_NAME={config.image_name}",
|
||||
f"export SERVICE_NAME={config.service_name}",
|
||||
f"export LIBRECHAT_VERSION={config.librechat_version}",
|
||||
f"export RAG_VERSION={config.rag_version}",
|
||||
f"export UV_VERSION={config.uv_version}",
|
||||
]
|
||||
|
||||
env_make_path = base_dir / ".env.make"
|
||||
with open(env_make_path, "w", encoding="utf-8") as f:
|
||||
f.write("# Auto-generated from pyproject.toml\n")
|
||||
f.write(f"export ALFRED_VERSION={config.alfred_version}\n")
|
||||
f.write(f"export PYTHON_VERSION={config.python_version}\n")
|
||||
f.write(f"export PYTHON_VERSION_SHORT={config.python_version_short}\n")
|
||||
f.write(f"export RUNNER={config.runner}\n")
|
||||
f.write(f"export IMAGE_NAME={config.image_name}\n")
|
||||
f.write(f"export SERVICE_NAME={config.service_name}\n")
|
||||
f.write(f"export LIBRECHAT_VERSION={config.librechat_version}\n")
|
||||
f.write(f"export RAG_VERSION={config.rag_version}\n")
|
||||
env_make_path.write_text("\n".join(lines) + "\n")
|
||||
|
||||
Reference in New Issue
Block a user