wylab/claude-hub
1
0
Fork 0
forked from claude-did-this/claude-hub
Code Issues 1 Pull Requests Activity

Initial commit

Browse Source
This commit is contained in:
Jonathan Flatt
2025-05-20 17:01:59 +00:00
commit fc567071dd
106 changed files with 7631 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
scripts/create-aws-profile.sh Executable file
View File

@@ -0,0 +1,42 @@
#!/bin/bash
# Script to create AWS profiles programmatically
# Usage: ./create-aws-profile.sh <profile-name> <access-key-id> <secret-access-key> [region] [output-format]
if [ $# -lt 3 ]; then
echo "Usage: $0 <profile-name> <access-key-id> <secret-access-key> [region] [output-format]"
echo "Example: $0 claude-webhook AKIAIOSFODNN7EXAMPLE wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY us-west-2 json"
exit 1
fi
PROFILE_NAME=$1
ACCESS_KEY_ID=$2
SECRET_ACCESS_KEY=$3
REGION=${4:-us-west-2}
OUTPUT_FORMAT=${5:-json}
echo "Creating AWS profile: $PROFILE_NAME"
# Create the profile
aws configure set aws_access_key_id "$ACCESS_KEY_ID" --profile "$PROFILE_NAME"
aws configure set aws_secret_key "$SECRET_ACCESS_KEY" --profile "$PROFILE_NAME"
aws configure set region "$REGION" --profile "$PROFILE_NAME"
aws configure set output "$OUTPUT_FORMAT" --profile "$PROFILE_NAME"
# Verify the profile
echo "Verifying profile..."
if aws sts get-caller-identity --profile "$PROFILE_NAME" >/dev/null 2>&1; then
echo "✅ Profile '$PROFILE_NAME' created and verified successfully!"
# Show account info
echo "Account info:"
aws sts get-caller-identity --profile "$PROFILE_NAME" --output table
else
echo "❌ Profile created but authentication failed. Please check your credentials."
exit 1
fi
echo
echo "To use this profile, set in your .env file:"
echo "USE_AWS_PROFILE=true"
echo "AWS_PROFILE=$PROFILE_NAME"

24
scripts/ensure-test-dirs.sh Executable file
View File

@@ -0,0 +1,24 @@
#!/bin/bash
# Create required test directories for CI integration
# Define the directories to create
TEST_DIRS=(
"test/unit/controllers"
"test/unit/services"
"test/unit/utils"
"test/integration/github"
"test/integration/claude"
"test/integration/aws"
"test/e2e/scenarios"
"test/e2e/scripts"
"test-results/jest"
"coverage"
)
# Create the directories
for dir in "${TEST_DIRS[@]}"; do
mkdir -p "$dir"
echo "Created directory: $dir"
done
echo "Test directories are ready for CI integration."

119
scripts/migrate-aws-credentials.sh Executable file
View File

@@ -0,0 +1,119 @@
#!/bin/bash
# Migration script to transition from static AWS credentials to best practices
echo "AWS Credential Migration Script"
echo "=============================="
echo
# Function to check if running on EC2
check_ec2() {
if curl -s -m 1 http://169.254.169.254/latest/meta-data/ > /dev/null 2>&1; then
echo "✅ Running on EC2 instance"
return 0
else
echo "❌ Not running on EC2 instance"
return 1
fi
}
# Function to check if running in ECS
check_ecs() {
if [ -n "${AWS_CONTAINER_CREDENTIALS_RELATIVE_URI}" ]; then
echo "✅ Running in ECS with task role"
return 0
else
echo "❌ Not running in ECS"
return 1
fi
}
# Function to check for static credentials
check_static_credentials() {
if [ -n "${AWS_ACCESS_KEY_ID}" ] && [ -n "${AWS_SECRET_ACCESS_KEY}" ]; then
echo "⚠️ Found static AWS credentials in environment"
return 0
else
echo "✅ No static credentials in environment"
return 1
fi
}
# Function to update .env file
update_env_file() {
if [ -f .env ]; then
echo "Updating .env file..."
# Comment out static credentials
sed -i 's/^AWS_ACCESS_KEY_ID=/#AWS_ACCESS_KEY_ID=/' .env
sed -i 's/^AWS_SECRET_ACCESS_KEY=/#AWS_SECRET_ACCESS_KEY=/' .env
# Add migration notes
echo "" >> .env
echo "# AWS Credentials migrated to use IAM roles/instance profiles" >> .env
echo "# See docs/aws-authentication-best-practices.md for details" >> .env
echo "" >> .env
echo "✅ Updated .env file"
fi
}
# Main migration process
echo "1. Checking current environment..."
echo
if check_ec2; then
echo " Recommendation: Use IAM instance profile"
echo " The application will automatically use instance metadata"
elif check_ecs; then
echo " Recommendation: Use ECS task role"
echo " The application will automatically use task credentials"
else
echo " Recommendation: Use temporary credentials with STS AssumeRole"
fi
echo
echo "2. Checking for static credentials..."
echo
if check_static_credentials; then
echo " ⚠️ WARNING: Static credentials should be replaced with temporary credentials"
echo
read -p " Do you want to disable static credentials? (y/n) " -n 1 -r
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
update_env_file
echo
echo " To use temporary credentials, configure:"
echo " - AWS_ROLE_ARN: The IAM role to assume"
echo " - Or use AWS CLI profiles with assume role"
fi
fi
echo
echo "3. Testing new credential provider..."
echo
# Test the credential provider
node test/test-aws-credential-provider.js
echo
echo "Migration complete!"
echo
echo "Next steps:"
echo "1. Review docs/aws-authentication-best-practices.md"
echo "2. Update your deployment configuration"
echo "3. Test the application with new credential provider"
echo "4. Remove update-aws-creds.sh script (no longer needed)"
echo
# Check if update-aws-creds.sh exists and suggest removal
if [ -f update-aws-creds.sh ]; then
echo "⚠️ Found update-aws-creds.sh - this script is no longer needed"
read -p "Do you want to remove it? (y/n) " -n 1 -r
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
rm update-aws-creds.sh
echo "✅ Removed update-aws-creds.sh"
fi
fi

165
scripts/setup-aws-profiles.sh Executable file
View File

@@ -0,0 +1,165 @@
#!/bin/bash
# Script to set up AWS profiles for Claude webhook service
# This avoids storing credentials in environment variables
echo "AWS Profile Setup for Claude Webhook"
echo "===================================="
echo
# Function to create a profile
create_aws_profile() {
local profile_name=$1
local description=$2
echo "Setting up profile: $profile_name ($description)"
echo
# Check if profile already exists
if aws configure list --profile "$profile_name" &>/dev/null; then
echo "Profile '$profile_name' already exists."
read -p "Do you want to update it? (y/n): " update_profile
if [[ $update_profile != "y" ]]; then
echo "Skipping profile '$profile_name'"
return
fi
fi
# Get credentials
read -p "AWS Access Key ID: " access_key
read -s -p "AWS Secret Access Key: " secret_key
echo
read -p "Default region [us-west-2]: " region
region=${region:-us-west-2}
read -p "Output format [json]: " output
output=${output:-json}
# Set the profile using AWS CLI
aws configure set aws_access_key_id "$access_key" --profile "$profile_name"
aws configure set aws_secret_key "$secret_key" --profile "$profile_name"
aws configure set region "$region" --profile "$profile_name"
aws configure set output "$output" --profile "$profile_name"
echo "✅ Profile '$profile_name' created successfully!"
echo
}
# Main menu
echo "Which profiles would you like to set up?"
echo "1. claude-webhook (default profile for the service)"
echo "2. claude-dev (development environment)"
echo "3. claude-prod (production environment)"
echo "4. All of the above"
echo "5. Custom profile name"
echo
read -p "Enter your choice (1-5): " choice
case $choice in
1)
create_aws_profile "claude-webhook" "Default profile for Claude webhook service"
;;
2)
create_aws_profile "claude-dev" "Development environment"
;;
3)
create_aws_profile "claude-prod" "Production environment"
;;
4)
create_aws_profile "claude-webhook" "Default profile for Claude webhook service"
create_aws_profile "claude-dev" "Development environment"
create_aws_profile "claude-prod" "Production environment"
;;
5)
read -p "Enter custom profile name: " custom_name
read -p "Enter description: " custom_desc
create_aws_profile "$custom_name" "$custom_desc"
;;
*)
echo "Invalid choice. Exiting."
exit 1
;;
esac
# Update .env file
echo
echo "Updating .env file configuration..."
ENV_FILE="../.env"
# Backup existing .env
if [ -f "$ENV_FILE" ]; then
cp "$ENV_FILE" "$ENV_FILE.backup"
echo "Backed up existing .env to .env.backup"
fi
# Function to update .env
update_env_file() {
local profile_name=$1
# Remove old AWS credential lines
if [ -f "$ENV_FILE" ]; then
sed -i.tmp '/^AWS_ACCESS_KEY_ID=/d' "$ENV_FILE"
sed -i.tmp '/^AWS_SECRET_ACCESS_KEY=/d' "$ENV_FILE"
rm "$ENV_FILE.tmp"
fi
# Add new profile configuration
if grep -q "^USE_AWS_PROFILE=" "$ENV_FILE" 2>/dev/null; then
sed -i.tmp "s/^USE_AWS_PROFILE=.*/USE_AWS_PROFILE=true/" "$ENV_FILE"
else
echo "USE_AWS_PROFILE=true" >> "$ENV_FILE"
fi
if grep -q "^AWS_PROFILE=" "$ENV_FILE" 2>/dev/null; then
sed -i.tmp "s/^AWS_PROFILE=.*/AWS_PROFILE=$profile_name/" "$ENV_FILE"
else
echo "AWS_PROFILE=$profile_name" >> "$ENV_FILE"
fi
if [ -f "$ENV_FILE.tmp" ]; then
rm "$ENV_FILE.tmp"
fi
echo "✅ Updated .env to use AWS profile: $profile_name"
}
# Ask which profile to use in .env
echo
echo "Which profile should be used in the .env file?"
aws configure list-profiles | nl -v 1
echo
read -p "Enter the number or profile name: " env_choice
if [[ $env_choice =~ ^[0-9]+$ ]]; then
# User entered a number
profile_to_use=$(aws configure list-profiles | sed -n "${env_choice}p")
else
# User entered a profile name
profile_to_use=$env_choice
fi
if [ -n "$profile_to_use" ]; then
update_env_file "$profile_to_use"
fi
# Test the profile
echo
echo "Testing AWS profile configuration..."
if aws sts get-caller-identity --profile "$profile_to_use" &>/dev/null; then
echo "✅ Profile '$profile_to_use' is working correctly!"
aws sts get-caller-identity --profile "$profile_to_use" --output table
else
echo "❌ Failed to authenticate with profile '$profile_to_use'"
echo "Please check your credentials and try again."
fi
echo
echo "Setup complete!"
echo
echo "Next steps:"
echo "1. Rebuild the Docker image: ./build-claudecode.sh"
echo "2. Start the service: npm start"
echo "3. Your AWS credentials are now stored securely in ~/.aws/credentials"
echo
echo "To switch profiles later, update AWS_PROFILE in .env"

32
scripts/setup-precommit.sh Executable file
View File

@@ -0,0 +1,32 @@
#!/bin/bash
echo "Setting up pre-commit hooks for credential scanning..."
# Check if Python is installed
if ! command -v python3 &> /dev/null && ! command -v python &> /dev/null; then
echo "Error: Python is required for pre-commit. Please install Python 3."
exit 1
fi
# Install pre-commit if not already installed
if ! command -v pre-commit &> /dev/null; then
echo "Installing pre-commit..."
pip install pre-commit || pip3 install pre-commit
fi
# Install detect-secrets if not already installed
if ! command -v detect-secrets &> /dev/null; then
echo "Installing detect-secrets..."
pip install detect-secrets || pip3 install detect-secrets
fi
# Install the git hooks
echo "Installing pre-commit hooks..."
pre-commit install
# Run initial scan to populate baseline
echo "Generating secrets baseline..."
detect-secrets scan > .secrets.baseline
echo "Pre-commit hooks installed successfully!"
echo "Run 'pre-commit run --all-files' to test the hooks"

24
scripts/setup.sh Executable file
View File

@@ -0,0 +1,24 @@
#!/bin/bash
set -e
# Create required directories
mkdir -p logs
# Copy environment file if it doesn't exist
if [ ! -f .env ]; then
cp .env.example .env
echo "Created .env file. Please update it with your actual values."
else
echo ".env file already exists."
fi
# Install dependencies
npm install
# Set up pre-commit hooks (for development)
npm run setup:dev
echo "Setup complete! Update your .env file with your GitHub token, webhook secret, and Claude API key."
echo "Pre-commit hooks for credential scanning have been installed."
echo "Then start the server with: npm start"
echo "Or for development: npm run dev"