Skip to content

^R D4: extract trusted host-command execution into scripts/lib/launcher/host-exec.sh#395

Merged
omkhar merged 3 commits into
mainfrom
d4/launcher-host-exec
Jul 5, 2026
Merged

^R D4: extract trusted host-command execution into scripts/lib/launcher/host-exec.sh#395
omkhar merged 3 commits into
mainfrom
d4/launcher-host-exec

Conversation

@omkhar

@omkhar omkhar commented Jul 5, 2026

Copy link
Copy Markdown
Owner

D4 (modularize the launcher) — increment 2 of N. Follows #394 (host-detection module, merged). Extracts the trusted-host-command-execution primitives from the 9k-line scripts/workcell into a sourced module.

What

  • New module scripts/lib/launcher/host-exec.sh: resolve_fixed_host_tool, run_clean_host_command, run_clean_host_command_in_dir moved verbatim (byte-identical, md5-confirmed) from scripts/workcell. Contiguous block; nothing left behind. Dependencies (TRUSTED_HOST_PATH, resolve_workcell_real_home from the already-sourced trusted-docker-client.sh) resolve before the source line; first call site is after it.
  • scripts/workcell: block deleted + one source …/host-exec.sh line.
  • internal/metadatautil/core.go: added the module to hostArtifacts so it's inside the signed control-plane manifest (the provenance step Codex flagged on ^R D4: extract host-detection into scripts/lib/launcher/host-detect.sh + launcher-contract.md #394); manifest regenerated.
  • Registered in the shell_files gates (validate-repo.sh, dev-quick-check.sh); added its contract section to docs/launcher-contract.md.

Behavior-preserving

Pure move, zero logic change — the extracted functions are byte-identical (md5 match) and sourcing + calling returns identical results.

Validation

shellcheck -x, shfmt -d, bash -n scripts/workcell, go build/go test ./internal/metadatautil, control-plane manifest verify, markdownlint — all green. 197 lines / 7 files.

🤖 Generated with Claude Code

omkhar and others added 3 commits July 5, 2026 14:29
…ost-exec.sh (byte-identical move, shellcheck/shfmt/bash-n green and module body proven equal via diff/md5; launcher is user-visible but behavior is unchanged) (risk: touches the trusted host-exec primitives the launcher uses to run host tools under env -i, so a subtle change could weaken the runtime boundary; case: pure contiguous move of resolve_fixed_host_tool/run_clean_host_command/run_clean_host_command_in_dir with zero logic change, dependencies TRUSTED_HOST_PATH + resolve_workcell_real_home already sourced before the new module, first call site after the source line)

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
… execution impact; markdownlint green; supporting documentation for the D4 host-exec extraction)

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
…he extracted scripts/lib/launcher/host-exec.sh is now sourced launcher code, but GenerateControlPlaneManifest in internal/metadatautil/core.go only listed the older host artifacts, so the new module was outside the signed/provenance-verified manifest and host-exec changes wouldn't be caught; add it to hostArtifacts and regenerate control-plane-manifest.json) (manifest verify + go test green; supporting the D4 host-exec extraction - closes the provenance gap the move opened)

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@omkhar

omkhar commented Jul 5, 2026

Copy link
Copy Markdown
Owner Author

@codex review

@chatgpt-codex-connector

Copy link
Copy Markdown

Codex Review: Didn't find any major issues. Swish!

Reviewed commit: 471adc12da

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

@omkhar omkhar merged commit 75cd151 into main Jul 5, 2026
13 of 14 checks passed
@omkhar omkhar deleted the d4/launcher-host-exec branch July 5, 2026 18:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant