indifferentketchup/boocode
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8bd32537cf682369b9f49926db71c173b39e8d01
boocode/openspec/changes/boocontrol-ssh-verbmode/specs/ssh-config-editor/spec.md
indifferentketchup b18de2a331 chore: snapshot working tree - pty_exited notifications + in-flight inference WIP 
feat(booterm): structured pty_exited WS notifications. Plan-validated, impl-validated, code-reviewed green (contracts build clean, contracts test 29/29, booterm + web typecheck clean).

wip: in-progress inference/provider refactor (agents.ts, provider.ts, new llama-providers.ts, removed llama-args-validator), plus arena, dispatcher, compaction, schema changes.

openspec: pty-exit-notifications complete; x-agent-flags planned (not yet implemented).
2026-06-14 12:48:47 +00:00

1.7 KiB
Raw Blame History

ssh-config-editor

ADDED Requirements

Requirement: Per-host SSH command mode

The SSH config editor SHALL support a per-host ssh_mode of shell or wrapper. In shell mode it issues raw shell commands as today; in wrapper mode it issues fixed verbs (read, backup, write, restart, pull) so the key can be bound to an authorized_keys forced command. The mode defaults to shell for backward compatibility.

Scenario: Wrapper-mode host receives verbs

  • WHEN a host configured with ssh_mode = wrapper has its config read
  • THEN the editor sends the read verb (not a cat command)

Scenario: Shell-mode host is unchanged

  • WHEN a host configured with ssh_mode = shell (the default) is edited
  • THEN the editor sends the same cat/cp/cat >/restart commands as before

Scenario: Backup precedes write in both modes

  • WHEN a config is applied
  • THEN a timestamped backup is taken before the new config is written, and a write failure leaves the backup intact

Requirement: HuggingFace model pull

The editor SHALL expose a non-blocking endpoint to pull a HuggingFace model repository onto a host into its models directory, validating the repository id and streaming progress over the control_job channel.

Scenario: Valid repo id is accepted and runs as a job

  • WHEN POST /api/hosts/:id/pull is called with a repo id matching org/name
  • THEN the request returns 202 and a control_job (jobType action, detail.kind = pull) reports progress and a terminal status

Scenario: Malformed repo id is rejected

  • WHEN the pull endpoint receives a repo id containing spaces, shell metacharacters, or path traversal
  • THEN the request is rejected before any SSH command is issued
Reference in New Issue View Git Blame Copy Permalink