chore(prettier): reformat gh config aliases indentation#16
Open
technicalpickles wants to merge 8 commits into
Open
chore(prettier): reformat gh config aliases indentation#16technicalpickles wants to merge 8 commits into
technicalpickles wants to merge 8 commits into
Conversation
Commit ee2ff1c ("more personal vs home checks") reverted the rename that e3e5027 had landed, re-breaking the home role per ADR 0035: on a `home` machine gitconfig.sh hit `*) Unexpected role` and exited, and claudeconfig.sh found no roles/home.jsonc so it dropped GIT_CONFIG_GLOBAL (agent commits fell back to the 1Password prompt). Re-applied on top of HEAD, preserving ee2ff1c's unrelated edits: - claude/roles/personal.jsonc -> home.jsonc - home/.gitconfig.d/claude-agent-personal -> claude-agent-home (content already referenced claude-agent-home, so the ref was dangling) - Brewfile.personal -> Brewfile.home - home/.gitconfig.d/personal-identity -> home-identity (mirrors work-identity) - gitconfig.sh: case personal) -> home), include -> home-identity - home/.gitconfig: include path -> home-identity - claudeconfig.sh + config/starship.toml: default personal -> home - doc/comment wording (work.jsonc, CLAUDE.md, claude/README.md, architecture.md, ADR 0034) The agent *identity* (~/.ssh/agents/personal/, joshua.nichols+personal-agent) stays named "personal" on purpose, per ADR 0035's role-vs-identity carve-out. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Running ./gitconfig.sh directly with DOTPICKLES_ROLE unset hit "*) Unexpected role:" (empty) and bailed: unlike claudeconfig.sh it had no default and assumed install.sh had already exported the role. Any setup script run on its own had the same sharp edge. Centralize detection in functions.sh, which all the setup scripts already source: dotpickles_detect_role() runs at source time and detects+exports the role (home/work/container, canonical per ADR 0035) only when it isn't already set, so an env or .env value still wins. install.sh drops its duplicate inline block and relies on the shared detector. Narrower than the full bin/dotpickles-role plan in dotfiles-h7kh (one detector exec'd by all three shells); this covers the bash setup scripts, where the bug actually bit. Verified: unset -> home, preset work respected, empty string -> home, gitconfig.sh now hits the home) branch. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
claudeconfig.sh's agent SSH validation failed for the home role: check-agent-ssh-key derived the key path from the role name (~/.ssh/agents/home), but the home role signs as the personal identity whose key lives at ~/.ssh/agents/personal (ADR 0035). The email already had a --email override read from the role's gitconfig include; the key path did not, so validation looked for a nonexistent key and told the user to run `setup-agent-ssh-key home` -- which would mint a wrong, non-enrolled identity. - check-agent-ssh-key: add --key <path> (private or .pub, strips .pub), derive KEY_DIR/KEY_PATH from it; fall back to ~/.ssh/agents/<role> for standalone runs. Setup hints now name the identity (basename of the key dir), not the role. - claudeconfig.sh: read user.signingkey from the role's gitconfig include and pass it as --key, keeping the include the single source of truth. Works for both roles (work key is under agents/work, home under agents/personal). Verified against the live home identity: the validator now finds the personal key and its perms check passes. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Align the home role's agent SSH key directory with the role name. The email stays joshua.nichols+personal-agent@gmail.com (the GitHub-enrolled, Verified address); only the on-disk key dir moves, which doesn't touch enrollment. This reverses the key-dir half of ADR 0035's role-vs-identity decision; the email half stands. Recorded as ADR 0039. - Moved ~/.ssh/agents/personal -> ~/.ssh/agents/home (key has no passphrase, re-added to the agent/keychain under the new path; stays loaded by fingerprint so nothing breaks live). - claude-agent-home: signingkey + sshCommand + comment -> agents/home. - allowed_signers, agent.toml.home, home.jsonc: path comments -> agents/home (also fixed agent.toml.home's stale "personal role" header -> "home role"). - check-agent-ssh-key / setup-agent-ssh-key: reword --key docs (the key dir now tracks the role; the include stays authoritative because the email still differs), example role personal -> home. - ADR 0039 + README entry + amendment note on ADR 0035. Verified: check-agent-ssh-key passes against agents/home (perms, ssh-agent, GitHub email all green). The gitconfig include is symlinked, so this is live with no re-run needed. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Mark y9zc, i6rc, c4o0, and f8oz completed now that the rename, role detection, key-path validation, and agents/personal->home move are all verified working. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…files
bin/claude-permissions is actively used (permissions-manager skill,
shell.jsonc allowlist, README) but pointed at pre-roles files that no longer
exist: claude/permissions.{,personal.,work.}json under a stale
~/workspace/dotfiles path. The .exists() guards meant it silently scanned
nothing instead of erroring.
- Dotfiles-template sources now glob claude/roles/*.jsonc + claude/stacks/*.jsonc,
located relative to the script (__file__) so it resolves wherever the repo
is cloned.
- Add a string-aware JSONC comment stripper so the role/stack files parse; the
loader previously only stripped trailing commas, so // comments broke
json.loads.
- Project-local scan globbed ~/workspace (nonexistent); now globs
~/github.com/*/*/.claude/settings.local.json (ghq layout), listing only
repos that actually have a local file.
Verified: 27 sources, 453 unique allows parsed, clean stderr, locations/raw/
aggregate/summary all work.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Pre-existing formatting drift flagged by npm run format:check; aliases block was 4-space indented, prettier wants 2. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Pre-existing formatting drift flagged by
npm run format:check— thealiasesblock inconfig/gh/config.ymlwas 4-space indented, prettier wants 2.Unrelated to #15; split out so the qmd doc PR stays focused.
npm run format:checkis clean after this.🤖 Generated with Claude Code