scripts/runtime/verify-mini.sh@main

baa-conductor / scripts / runtime
chore: wire conductor D1 sync launchd config
dee2b20
im_wower · 2026-03-29
verify-mini.sh

  1#!/usr/bin/env bash
  2set -euo pipefail
  3
  4SCRIPT_DIR="$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" && pwd)"
  5# shellcheck source=./common.sh
  6source "${SCRIPT_DIR}/common.sh"
  7
  8usage() {
  9  cat <<'EOF'
 10Usage:
 11  scripts/runtime/verify-mini.sh [options]
 12
 13Options:
 14  --node mini                  Optional compatibility flag. Only mini is supported.
 15  --scope agent|daemon         Expected launchd scope. Defaults to agent.
 16  --service NAME               Add one service to the verify set. Repeatable.
 17  --all-services               Verify conductor, codexd, worker-runner, and status-api.
 18  --repo-dir PATH              Repo root used to derive runtime paths.
 19  --home-dir PATH              HOME value expected in installed plist files.
 20  --install-dir PATH           Validate installed copies under this directory.
 21  --shared-token TOKEN         Expect this exact token in installed copies.
 22  --shared-token-file PATH     Read the expected token from a file.
 23  --d1-account-id ID           Expect this exact D1_ACCOUNT_ID in conductor.
 24  --d1-database-id ID          Expect this exact D1_DATABASE_ID in conductor.
 25  --cloudflare-api-token TOKEN
 26                               Expect this exact CLOUDFLARE_API_TOKEN in conductor.
 27  --d1-secrets-env PATH        Read the D1 sync trio from an env file.
 28  --public-api-base URL        Expected conductor BAA_CONDUCTOR_PUBLIC_API_BASE.
 29  --control-api-base URL       Legacy alias for --public-api-base.
 30  --local-api-base URL         Conductor local API base URL.
 31  --local-api-allowed-hosts CSV
 32                               Expected BAA_CONDUCTOR_LOCAL_API_ALLOWED_HOSTS.
 33  --codexd-api-base URL        codexd local API base URL for both static and runtime checks.
 34  --codexd-local-api-base URL  Alias for --codexd-api-base.
 35  --codexd-event-stream-path PATH
 36                               Expected BAA_CODEXD_EVENT_STREAM_PATH.
 37  --codexd-server-command COMMAND
 38                               Expected BAA_CODEXD_SERVER_COMMAND.
 39  --codexd-server-cwd PATH     Expected BAA_CODEXD_SERVER_CWD.
 40  --status-api-base URL        Status API base URL.
 41  --status-api-host HOST       Expected BAA_STATUS_API_HOST in installed copies.
 42  --username NAME              Expected UserName for LaunchDaemons.
 43  --domain TARGET              launchctl domain target for --check-loaded.
 44  --check-loaded               Also require launchctl print to succeed for each service.
 45  --expected-rolez VALUE       Expected conductor /rolez body: leader or any.
 46  --skip-dist-check            Skip dist/index.js existence checks during static verification.
 47  --skip-port-check            Skip local TCP LISTEN checks during runtime verification.
 48  --skip-process-check         Skip host process command-line checks during runtime verification.
 49  --skip-http-check            Skip conductor/codexd/status-api HTTP probes.
 50  --skip-log-check             Skip launchd stdout/stderr file checks during runtime verification.
 51  --help                       Show this help text.
 52
 53Notes:
 54  This wrapper runs check-launchd.sh first, then check-node.sh with
 55  --skip-static-check so the static pass only runs once.
 56  If no service is specified, mini defaults to conductor + codexd.
 57  Use --service status-api to include the optional local read-only observer.
 58  Use the lower-level scripts directly only when you need to isolate static
 59  versus runtime failures.
 60EOF
 61}
 62
 63launchd_args=()
 64node_args=()
 65
 66while [[ $# -gt 0 ]]; do
 67  case "$1" in
 68    --)
 69      shift
 70      ;;
 71    --node)
 72      validate_node "$2"
 73      shift 2
 74      ;;
 75    --scope | --service | --repo-dir | --home-dir | --install-dir | --shared-token | \
 76    --shared-token-file | --d1-account-id | --d1-database-id | --cloudflare-api-token | \
 77    --d1-secrets-env | --public-api-base | --control-api-base | --local-api-base | \
 78    --local-api-allowed-hosts | --status-api-host | --username | --domain)
 79      launchd_args+=("$1" "$2")
 80      if [[ "$1" != "--d1-account-id" && "$1" != "--d1-database-id" \
 81        && "$1" != "--cloudflare-api-token" && "$1" != "--d1-secrets-env" ]]; then
 82        node_args+=("$1" "$2")
 83      fi
 84      shift 2
 85      ;;
 86    --all-services | --check-loaded)
 87      launchd_args+=("$1")
 88      node_args+=("$1")
 89      shift
 90      ;;
 91    --codexd-api-base | --codexd-local-api-base)
 92      launchd_args+=(--codexd-local-api-base "$2")
 93      node_args+=(--codexd-api-base "$2")
 94      shift 2
 95      ;;
 96    --codexd-event-stream-path | --codexd-server-command | --codexd-server-cwd)
 97      launchd_args+=("$1" "$2")
 98      shift 2
 99      ;;
100    --skip-dist-check)
101      launchd_args+=("$1")
102      shift
103      ;;
104    --status-api-base | --expected-rolez)
105      node_args+=("$1" "$2")
106      shift 2
107      ;;
108    --skip-port-check | --skip-process-check | --skip-http-check | --skip-log-check)
109      node_args+=("$1")
110      shift
111      ;;
112    --help)
113      usage
114      exit 0
115      ;;
116    *)
117      die "Unknown option: $1"
118      ;;
119  esac
120done
121
122runtime_log "mini verify: static launchd checks"
123launchd_cmd=("${SCRIPT_DIR}/check-launchd.sh" --node mini)
124if ((${#launchd_args[@]} > 0)); then
125  launchd_cmd+=("${launchd_args[@]}")
126fi
127"${launchd_cmd[@]}"
128
129runtime_log "mini verify: runtime checks"
130node_cmd=("${SCRIPT_DIR}/check-node.sh" --node mini --skip-static-check)
131if ((${#node_args[@]} > 0)); then
132  node_cmd+=("${node_args[@]}")
133fi
134"${node_cmd[@]}"
135
136runtime_log "mini verify passed"