azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: vault path from per-machine identity.json, not hardcoded paths

Browse Source 
- Add .claude/scripts/vault.sh wrapper (reads vault_path from identity.json)
- get-token.sh + patch-tenant-admin-manifest.sh read identity.json for vault root
- syncro.md uses wrapper via CLAUDETOOLS_ROOT
- CLAUDE.md + ONBOARDING.md document the pattern and prompt for vault_path on onboarding
- identity.json now includes vault_path (D:/vault on DESKTOP-0O8A1RL)

Howard and Mac need vault_path added to their identity.json after pulling.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Mike Swanson
2026-04-21 19:01:27 -07:00
parent 0a7cd6b778
commit a86df117d2
6 changed files with 116 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
.claude/scripts/vault.sh Normal file
View File

@@ -0,0 +1,47 @@
#!/usr/bin/env bash
# vault.sh — ClaudeTools wrapper for the SOPS vault.
#
# Reads vault_path from .claude/identity.json (per-machine, gitignored).
# Delegates all arguments to the real vault.sh in that directory.
#
# Usage (from any directory):
# bash "$(git -C "$(dirname "${BASH_SOURCE[0]}")" rev-parse --show-toplevel)/.claude/scripts/vault.sh" get-field <path> <field>
#
# Or set CLAUDETOOLS_ROOT and call directly:
# bash "$CLAUDETOOLS_ROOT/.claude/scripts/vault.sh" get-field <path> <field>
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
CLAUDETOOLS_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
IDENTITY_FILE="$CLAUDETOOLS_ROOT/.claude/identity.json"
if [[ ! -f "$IDENTITY_FILE" ]]; then
echo "[ERROR] .claude/identity.json not found at $IDENTITY_FILE" >&2
echo " Run onboarding to create it, or add vault_path manually." >&2
exit 1
fi
# Extract vault_path from identity.json using python (available on all platforms)
VAULT_ROOT=""
for py in py python3 python; do
if command -v "$py" >/dev/null 2>&1; then
VAULT_ROOT=$("$py" -c "import json,sys; d=json.load(open('$IDENTITY_FILE')); print(d.get('vault_path',''))" 2>/dev/null) && break
fi
done
if [[ -z "$VAULT_ROOT" ]]; then
echo "[ERROR] vault_path not set in $IDENTITY_FILE" >&2
echo " Add: \"vault_path\": \"/path/to/vault\"" >&2
exit 1
fi
REAL_VAULT_SH="$VAULT_ROOT/scripts/vault.sh"
if [[ ! -f "$REAL_VAULT_SH" ]]; then
echo "[ERROR] vault.sh not found at $REAL_VAULT_SH" >&2
echo " Check vault_path in $IDENTITY_FILE" >&2
exit 1
fi
exec bash "$REAL_VAULT_SH" "$@"