-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-entrypoint.sh
More file actions
79 lines (71 loc) · 3.29 KB
/
docker-entrypoint.sh
File metadata and controls
79 lines (71 loc) · 3.29 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
#!/bin/sh
# Copy read-only credentials to writable HOME so Claude Code can function.
# The host mounts ~/.claude at /claude-auth:ro for security.
if [ -d /claude-auth ]; then
mkdir -p "$HOME/.claude"
cp /claude-auth/settings.json "$HOME/.claude/" 2>/dev/null || true
cp /claude-auth/settings.local.json "$HOME/.claude/" 2>/dev/null || true
cp /claude-auth/.credentials.json "$HOME/.claude/" 2>/dev/null || true
# Copy plugins so Claude Code can discover installed skills (e.g. caveman)
if [ -d /claude-auth/plugins ]; then
cp -r /claude-auth/plugins "$HOME/.claude/plugins"
fi
fi
# Copy Codex login credentials from read-only mount to writable HOME.
# When both auth.json and CODEX_API_KEY env var are present, env var wins
# (the config.toml generation below overrides auth.json settings).
if [ -d /codex-auth ]; then
mkdir -p "$HOME/.codex"
cp /codex-auth/auth.json "$HOME/.codex/" 2>/dev/null || true
cp /codex-auth/config.toml "$HOME/.codex/" 2>/dev/null || true
fi
# Fix worktree .git pointer: the host path doesn't exist inside the container.
# Rewrite to use the mounted /repo-git path so commits land on the correct branch.
# WORKTREE_NAME is set by launch.py (e.g. "agent-abc123" or "review-abc123").
if [ -f /workspace/.git ] && [ -d /repo-git ] && [ -n "$WORKTREE_NAME" ]; then
echo "gitdir: /repo-git/worktrees/${WORKTREE_NAME}" > /workspace/.git
fi
# Create OpenHands conversation persistence directory
mkdir -p "$HOME/.openhands" 2>/dev/null || true
# OpenHands Docker workaround: shadow the openhands binary with a patched launcher.
# Fixes two bugs: condenser crash on startup + inflated max_output_tokens.
# See docs/openhands-docker-investigation.md for details.
if [ "$AGENT_KIND" = "openhands" ]; then
mkdir -p "$HOME/bin"
cat > "$HOME/bin/openhands" << 'OHWRAP'
#!/bin/sh
exec python3 /opt/nightshift/openhands-launcher.py "$@"
OHWRAP
chmod +x "$HOME/bin/openhands"
export PATH="$HOME/bin:$PATH"
fi
# Generate Codex config from env vars.
# CODEX_API_KEY → OPENAI_API_KEY fallback chain.
# If CODEX_BASE_URL is set → generate config.toml with custom provider.
# If CODEX_BASE_URL not set → export OPENAI_API_KEY, Codex uses OpenAI natively.
mkdir -p "$HOME/.codex" 2>/dev/null || true
if [ "$AGENT_KIND" = "codex" ]; then
CODEX_KEY="${CODEX_API_KEY:-$OPENAI_API_KEY}"
if [ -z "$CODEX_KEY" ]; then
echo "WARNING: AGENT_KIND=codex but no CODEX_API_KEY or OPENAI_API_KEY set — Codex CLI will fail" >&2
elif [ -n "$CODEX_BASE_URL" ]; then
# Custom provider: generate config.toml
export CODEX_API_KEY="$CODEX_KEY"
cat > "$HOME/.codex/config.toml" << CODEXCFG
model = "${CODEX_MODEL:-o3}"
model_provider = "custom"
[model_providers.custom]
name = "Custom"
base_url = "${CODEX_BASE_URL}"
env_key = "CODEX_API_KEY"
CODEXCFG
else
# OpenAI native: just export the key, no config.toml needed
export OPENAI_API_KEY="$CODEX_KEY"
fi
# Register MCP signal server so Codex can call nightshift_done/checkpoint/question
codex mcp add nightshift-signals -- python3 /opt/nightshift/nightshift-mcp-server.py
fi
# Note: litellm proxy removed - agents use LLM_*/ANTHROPIC_* env vars directly
# OpenHands uses LLM_* (litellm built-in), Claude Code uses ANTHROPIC_*
exec python3 /opt/nightshift/entrypoint.py "$@"