94 lines
3.3 KiB
Bash
94 lines
3.3 KiB
Bash
#!/usr/bin/env bash
|
|
# check-tokens.sh — valideer credentials VOORDAT de daemon-loop start
|
|
#
|
|
# Tests:
|
|
# 1. CLAUDE_CODE_OAUTH_TOKEN of ANTHROPIC_API_KEY aanwezig
|
|
# 2. SCRUM4ME_TOKEN aanwezig en werkt tegen ${SCRUM4ME_BASE_URL}/api/products
|
|
# 3. DATABASE_URL bereikbaar (best-effort: lege psql-style connect via node)
|
|
#
|
|
# Exit 0 op success, 1 bij elke fout.
|
|
|
|
set -uo pipefail
|
|
|
|
source /opt/agent/bin/_lib.sh
|
|
|
|
ok=true
|
|
|
|
# ----- 1. Anthropic credentials ----------------------------------------
|
|
if [[ -z "${CLAUDE_CODE_OAUTH_TOKEN:-}" && -z "${ANTHROPIC_API_KEY:-}" ]]; then
|
|
log "FAIL: neither CLAUDE_CODE_OAUTH_TOKEN nor ANTHROPIC_API_KEY is set"
|
|
ok=false
|
|
else
|
|
if [[ -n "${CLAUDE_CODE_OAUTH_TOKEN:-}" && -n "${ANTHROPIC_API_KEY:-}" ]]; then
|
|
log "WARN: both CLAUDE_CODE_OAUTH_TOKEN and ANTHROPIC_API_KEY are set; Claude Code will pick one and warn"
|
|
fi
|
|
log "OK: anthropic credential present"
|
|
fi
|
|
|
|
# ----- 2. Scrum4Me API token -------------------------------------------
|
|
if [[ -z "${SCRUM4ME_TOKEN:-}" ]]; then
|
|
log "FAIL: SCRUM4ME_TOKEN is not set"
|
|
ok=false
|
|
elif [[ -z "${SCRUM4ME_BASE_URL:-}" ]]; then
|
|
log "WARN: SCRUM4ME_BASE_URL not set — skipping API token validation"
|
|
else
|
|
log "checking SCRUM4ME_TOKEN against ${SCRUM4ME_BASE_URL}/api/products"
|
|
http_code=$(curl -sS -o /tmp/check-products.out -w '%{http_code}' \
|
|
-H "Authorization: Bearer ${SCRUM4ME_TOKEN}" \
|
|
"${SCRUM4ME_BASE_URL}/api/products" || echo "000")
|
|
case "$http_code" in
|
|
200)
|
|
count=$(jq 'length' /tmp/check-products.out 2>/dev/null || echo "?")
|
|
log "OK: SCRUM4ME_TOKEN works (${count} accessible products)"
|
|
;;
|
|
401)
|
|
log "FAIL: SCRUM4ME_TOKEN returned 401 — token revoked or wrong"
|
|
ok=false
|
|
;;
|
|
403)
|
|
log "FAIL: SCRUM4ME_TOKEN returned 403 — likely a demo-token; create a non-demo agent-user"
|
|
ok=false
|
|
;;
|
|
000)
|
|
log "FAIL: could not reach ${SCRUM4ME_BASE_URL} — network or DNS issue"
|
|
ok=false
|
|
;;
|
|
*)
|
|
log "FAIL: unexpected status ${http_code} from ${SCRUM4ME_BASE_URL}/api/products"
|
|
cat /tmp/check-products.out >&2 || true
|
|
ok=false
|
|
;;
|
|
esac
|
|
rm -f /tmp/check-products.out
|
|
fi
|
|
|
|
# ----- 3. Database bereikbaarheid --------------------------------------
|
|
# We hebben geen psql geinstalleerd om dependency-bloat te vermijden.
|
|
# Best-effort: parse host+port uit DATABASE_URL en doe een TCP-connect.
|
|
if [[ -z "${DATABASE_URL:-}" ]]; then
|
|
log "FAIL: DATABASE_URL not set"
|
|
ok=false
|
|
else
|
|
db_host=$(echo "$DATABASE_URL" | sed -E 's#.*@([^:/?]+).*#\1#')
|
|
db_port=$(echo "$DATABASE_URL" | sed -nE 's#.*@[^:/]+:([0-9]+).*#\1#p')
|
|
db_port=${db_port:-5432}
|
|
if [[ -z "$db_host" ]]; then
|
|
log "WARN: could not parse host from DATABASE_URL — skipping reachability check"
|
|
else
|
|
log "checking TCP connect to ${db_host}:${db_port}"
|
|
if timeout 5 bash -c "</dev/tcp/${db_host}/${db_port}" 2>/dev/null; then
|
|
log "OK: ${db_host}:${db_port} reachable"
|
|
else
|
|
log "FAIL: cannot reach ${db_host}:${db_port}"
|
|
ok=false
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
if $ok; then
|
|
log "all pre-flight checks passed"
|
|
exit 0
|
|
else
|
|
log "pre-flight failed"
|
|
exit 1
|
|
fi
|