From 40db80ee2f0a6d9da643b2c8be351525db908913 Mon Sep 17 00:00:00 2001 From: Javi Date: Thu, 12 Mar 2026 17:21:26 -0300 Subject: [PATCH 1/3] feat: migrate k8s scope from cloud-providers to scope-configurations provider Replace direct reads from .providers["cloud-providers"] in scope/build_context with a fetch_scope_configuration script that queries the scope-configurations provider via np provider list, respecting deployment dimensions. REGION now comes from AWS_REGION exported by the fetch script; DOMAIN and PRIVATE_DOMAIN remain as values.yaml defaults since they have no equivalent in the new schema. Co-Authored-By: Claude Sonnet 4.6 --- k8s/scope/build_context | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/k8s/scope/build_context b/k8s/scope/build_context index e60aa4ae..c4031f59 100755 --- a/k8s/scope/build_context +++ b/k8s/scope/build_context @@ -29,22 +29,16 @@ if ! kubectl get namespace "$K8S_NAMESPACE" &> /dev/null; then fi fi -USE_ACCOUNT_SLUG=$(echo "$CONTEXT" | jq -r --arg default "$USE_ACCOUNT_SLUG" ' - .providers["cloud-providers"].networking.application_domain // $default -') +source "$SERVICE_PATH/scope/fetch_scope_configuration" -REGION=$(echo "$CONTEXT" | jq -r '.providers["cloud-providers"].account.region // "us-east-1"') +REGION="${AWS_REGION:-us-east-1}" SCOPE_VISIBILITY=$(echo "$CONTEXT" | jq -r '.scope.capabilities.visibility') if [ "$SCOPE_VISIBILITY" = "public" ]; then - DOMAIN=$(echo "$CONTEXT" | jq -r --arg default "$DOMAIN" ' - .providers["cloud-providers"].networking.domain_name // $default - ') + DOMAIN="${DOMAIN}" else - DOMAIN=$(echo "$CONTEXT" | jq -r --arg private_default "$PRIVATE_DOMAIN" --arg default "$DOMAIN" ' - (.providers["cloud-providers"].networking.private_domain_name // $private_default | if . == "" then empty else . end) // .providers["cloud-providers"].networking.domain_name // $default - ') + DOMAIN="${PRIVATE_DOMAIN:-$DOMAIN}" fi SCOPE_DOMAIN=$(echo "$CONTEXT" | jq .scope.domain -r) From 8a42591459ac3fe94332edfdef17bd4f150d9075 Mon Sep 17 00:00:00 2001 From: Javi Date: Thu, 12 Mar 2026 17:23:13 -0300 Subject: [PATCH 2/3] Revert "feat: migrate k8s scope from cloud-providers to scope-configurations provider" This reverts commit 40db80ee2f0a6d9da643b2c8be351525db908913. --- k8s/scope/build_context | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/k8s/scope/build_context b/k8s/scope/build_context index c4031f59..e60aa4ae 100755 --- a/k8s/scope/build_context +++ b/k8s/scope/build_context @@ -29,16 +29,22 @@ if ! kubectl get namespace "$K8S_NAMESPACE" &> /dev/null; then fi fi -source "$SERVICE_PATH/scope/fetch_scope_configuration" +USE_ACCOUNT_SLUG=$(echo "$CONTEXT" | jq -r --arg default "$USE_ACCOUNT_SLUG" ' + .providers["cloud-providers"].networking.application_domain // $default +') -REGION="${AWS_REGION:-us-east-1}" +REGION=$(echo "$CONTEXT" | jq -r '.providers["cloud-providers"].account.region // "us-east-1"') SCOPE_VISIBILITY=$(echo "$CONTEXT" | jq -r '.scope.capabilities.visibility') if [ "$SCOPE_VISIBILITY" = "public" ]; then - DOMAIN="${DOMAIN}" + DOMAIN=$(echo "$CONTEXT" | jq -r --arg default "$DOMAIN" ' + .providers["cloud-providers"].networking.domain_name // $default + ') else - DOMAIN="${PRIVATE_DOMAIN:-$DOMAIN}" + DOMAIN=$(echo "$CONTEXT" | jq -r --arg private_default "$PRIVATE_DOMAIN" --arg default "$DOMAIN" ' + (.providers["cloud-providers"].networking.private_domain_name // $private_default | if . == "" then empty else . end) // .providers["cloud-providers"].networking.domain_name // $default + ') fi SCOPE_DOMAIN=$(echo "$CONTEXT" | jq .scope.domain -r) From 9af6509a8adbfcf0c3a53ae51b35937ab0850b22 Mon Sep 17 00:00:00 2001 From: Javi Date: Thu, 26 Mar 2026 16:36:04 -0300 Subject: [PATCH 3/3] feat: add mise POC for installing GitHub-hosted tools in agent Adds mise.toml with scim-logs-fetcher, updates entrypoint to install and execute tools via mise, fixes Docker build path, and adds MISE_POC.md runbook. Co-Authored-By: Claude Sonnet 4.6 (1M context) --- .gitignore | 3 ++ MISE_POC.md | 49 ++++++++++++++++++++++++ agent/Dockerfile | 6 +-- agent/start_dev.sh | 6 +-- entrypoint | 95 ++++++++-------------------------------------- mise.toml | 5 +++ 6 files changed, 78 insertions(+), 86 deletions(-) create mode 100644 MISE_POC.md mode change 100644 => 100755 agent/start_dev.sh create mode 100644 mise.toml diff --git a/.gitignore b/.gitignore index 10fe9d5c..6da62c45 100644 --- a/.gitignore +++ b/.gitignore @@ -151,3 +151,6 @@ testing/docker/certs/ # Claude Code .claude/ + +# Visual Studio Code +.vscode/ diff --git a/MISE_POC.md b/MISE_POC.md new file mode 100644 index 00000000..24de5a76 --- /dev/null +++ b/MISE_POC.md @@ -0,0 +1,49 @@ +# MISE POC - Local Agent + +POC para validar el uso de [mise](https://mise.jdx.dev/) en entornos de agente para instalar herramientas definidas en `mise.toml`. + +## Requisitos + +- Docker +- `NP_API_KEY` exportada en tu shell +- Contexto de Kubernetes `test` configurado en `~/.kube/config` + +## Levantar el agente local + +Desde la raíz del repo: + +```bash +./agent/start_dev.sh +``` + +Esto construye la imagen Docker y levanta el agente local conectado a nullplatform. + +## Canal de notificaciones + +El canal configurado para esta POC es: + +https://kwik-e-mart.app.nullplatform.io/settings/notifications/channels/593601403 + +## Disparar una prueba + +1. Ir a la notificación: + https://kwik-e-mart.app.nullplatform.io/settings/notifications/272a3f48-bcc3-4794-8873-55d0d701b78f + +2. Hacer **Resend** para que el agente local la procese. + +## Output esperado + +En los logs del agente deberías ver: + +``` +[DEBUG] Trusting mise config... +[DEBUG] Starting mise install... +[DEBUG] mise install done (exit code: 0) +[DEBUG] mise ls output: +github:kwik-e-mart/scim-logs-fetcher 0.1.0 +[DEBUG] Running scim-logs-fetcher --version... +Hello from scim-logs-fetcher! (OS: linux, Arch: arm64) +[DEBUG] scim-logs-fetcher done (exit code: 0) +``` + +Esto confirma que mise instaló correctamente `scim-logs-fetcher 0.1.0` desde GitHub y lo ejecutó con éxito. diff --git a/agent/Dockerfile b/agent/Dockerfile index f610fcfa..9e6c3627 100644 --- a/agent/Dockerfile +++ b/agent/Dockerfile @@ -1,7 +1,7 @@ FROM alpine # Install essential tools and Go -RUN apk add --no-cache curl ca-certificates bash openssl aws-cli gettext gomplate jq yq go +RUN apk add --no-cache curl ca-certificates bash openssl aws-cli gettext gomplate jq yq go mise # Install Nullplatform tools RUN curl https://cli.nullplatform.com/install.sh | sh @@ -18,9 +18,9 @@ ENV GOPATH=/go ENV PATH=$PATH:/go/bin # Copy files -ADD start.sh /app/start.sh +ADD /agent/start.sh /app/start.sh RUN chmod +x /app/start.sh -ADD .. /root/.np/services +ADD .. /root/.np/scopes # Set PATH ENV PATH=$PATH:/root/.local/bin diff --git a/agent/start_dev.sh b/agent/start_dev.sh old mode 100644 new mode 100755 index 5b9f2e0e..63c519f6 --- a/agent/start_dev.sh +++ b/agent/start_dev.sh @@ -3,12 +3,12 @@ if [[ "$NP_API_KEY" == "" ]]; then echo "NP_API_KEY should be defined" exit 1 fi -docker build . -t agent-local +docker build -f agent/Dockerfile . -t agent-local docker run --rm --name agent-local -it \ -e NP_LOG_LEVEL=DEBUG \ -e NP_API_KEY=$NP_API_KEY \ -e K8S_CONTEXT=test \ - -e TAGS="local:true" \ + -e TAGS="local:true,user:javisolis" \ -v ~/.kube/:/root/.kube \ - -v .:/root/.np/services \ + -v $(pwd):/root/.np/nullplatform/scopes \ agent-local diff --git a/entrypoint b/entrypoint index e97ff34a..a250162e 100755 --- a/entrypoint +++ b/entrypoint @@ -1,82 +1,17 @@ #!/bin/bash -# Check if NP_ACTION_CONTEXT is set -if [ -z "$NP_ACTION_CONTEXT" ]; then - echo "NP_ACTION_CONTEXT is not set. Exiting." - exit 1 -fi - -CLEAN_CONTEXT=$(echo "$NP_ACTION_CONTEXT" | sed "s/^'//;s/'$//") - -export NP_ACTION_CONTEXT="$CLEAN_CONTEXT" - -# Parse the JSON properly - remove the extra quotes -export CONTEXT=$(echo "$CLEAN_CONTEXT" | jq '.notification') - -export SCOPE_ID=$(echo "$CONTEXT" | jq -r '.parameters.scope_id // .tags.scope_id // .arguments.scope_id') - -# If the action has no scope_id update the original context so we can use the np service workflow build-context command -export CONTEXT=$(echo "$CONTEXT" | jq --arg scope_id "$SCOPE_ID" '.parameters.scope_id = $scope_id') -export NP_ACTION_CONTEXT=$(echo "$NP_ACTION_CONTEXT" | jq --arg scope_id "$SCOPE_ID" '.notification.parameters.scope_id = $scope_id') - -export DEPLOYMENT_ID=$(echo $CONTEXT | jq -r '.parameters.deployment_id // "null"') -export SERVICE_ACTION=$(echo $CONTEXT | jq -r '.slug') -export SERVICE_ACTION_TYPE=$(echo $CONTEXT | jq -r '.type') -export NOTIFICATION_ACTION=$(echo $CONTEXT | jq -r '.action') - -export WORKING_DIRECTORY="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -SERVICE_PATH="" -OVERRIDES_PATH="" -DEPLOYMENT_TEMPLATE_PATH="" -BLUE_GREEN_INGRESS_TEMPLATE_PATH="" -INITIAL_INGRESS_TEMPLATE_PATH="" - -for arg in "$@"; do - case $arg in - --service-path=*) - SERVICE_PATH="${arg#*=}" - ;; - --overrides-path=*) - OVERRIDE_VALUE="${arg#*=}" - IFS=',' read -ra SPLIT_PATHS <<< "$OVERRIDE_VALUE" - for path in "${SPLIT_PATHS[@]}"; do - path=$(echo "$path" | xargs) - OVERRIDES_PATHS+=("$path") - done - ;; - *) - echo "Unknown argument: $arg" - exit 1 - ;; - esac -done - -if [[ ${#OVERRIDES_PATHS[@]} -gt 0 ]]; then - OVERRIDES_PATH=$(IFS=','; echo "${OVERRIDES_PATHS[*]}") -fi - - -export SERVICE_PATH -export OVERRIDES_PATH - -# export util functions -source "$WORKING_DIRECTORY/utils" - -if [[ "$NOTIFICATION_ACTION" == "log:read" ]]; then - source "$WORKING_DIRECTORY/service/log/entrypoint" -elif [[ "$NOTIFICATION_ACTION" =~ ^parameter: ]]; then - source "$WORKING_DIRECTORY/service/parameter/entrypoint" -elif [[ "$NOTIFICATION_ACTION" =~ ^metric: ]]; then - source "$WORKING_DIRECTORY/service/metric/entrypoint" -elif [[ "$NOTIFICATION_ACTION" == "instance:data" ]]; then - source "$WORKING_DIRECTORY/service/instance/entrypoint" -elif [[ "$DEPLOYMENT_ID" != "null" && -n "$DEPLOYMENT_ID" ]]; then - echo "Notification action: $NOTIFICATION_ACTION" - - np service-action exec --live-output --live-report --script="$WORKING_DIRECTORY/service/deployment/entrypoint" -else - echo "Notification action: $NOTIFICATION_ACTION" - - np service-action exec --live-output --live-report --script="$WORKING_DIRECTORY/service/scope/entrypoint" -fi +SCOPE_DIR="${SERVICE_PATH:-$(dirname "${BASH_SOURCE[0]}")}" + +echo "[DEBUG] working directory: $SCOPE_DIR" +echo "[DEBUG] mise.toml path: $(ls -la "$SCOPE_DIR/mise.toml" 2>&1)" +echo "[DEBUG] Trusting mise config..." +MISE_YES=1 mise trust "$SCOPE_DIR/mise.toml" +echo "[DEBUG] Starting mise install..." +MISE_YES=1 MISE_CONFIG_FILE="$SCOPE_DIR/mise.toml" mise install +echo "[DEBUG] mise install done (exit code: $?)" +echo "[DEBUG] mise ls output:" +mise ls + +echo "[DEBUG] Running scim-logs-fetcher --version..." +MISE_CONFIG_FILE="$SCOPE_DIR/mise.toml" mise exec -- scim-logs-fetcher --version +echo "[DEBUG] scim-logs-fetcher done (exit code: $?)" diff --git a/mise.toml b/mise.toml new file mode 100644 index 00000000..e74dffa5 --- /dev/null +++ b/mise.toml @@ -0,0 +1,5 @@ +[settings] +experimental = true + +[tools] +"github:kwik-e-mart/scim-logs-fetcher" = "0.1.0"