mirror of
https://github.com/openclaw/clawdinators.git
synced 2026-07-01 20:24:02 -04:00
fix: move fleet status local
- drop AWS SDK from control api - fetch status via AWS CLI in fleet control - update control plane docs
This commit is contained in:
+1
-33
@@ -1,7 +1,5 @@
|
|||||||
'use strict';
|
'use strict';
|
||||||
|
|
||||||
const AWS = require('aws-sdk');
|
|
||||||
|
|
||||||
const {
|
const {
|
||||||
CONTROL_API_TOKEN,
|
CONTROL_API_TOKEN,
|
||||||
GITHUB_TOKEN,
|
GITHUB_TOKEN,
|
||||||
@@ -51,31 +49,6 @@ async function dispatchWorkflow(inputs) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
async function listInstances() {
|
|
||||||
const ec2 = new AWS.EC2();
|
|
||||||
const resp = await ec2
|
|
||||||
.describeInstances({
|
|
||||||
Filters: [{ Name: 'tag:app', Values: ['clawdinator'] }],
|
|
||||||
})
|
|
||||||
.promise();
|
|
||||||
|
|
||||||
const instances = [];
|
|
||||||
for (const reservation of resp.Reservations || []) {
|
|
||||||
for (const instance of reservation.Instances || []) {
|
|
||||||
const tags = instance.Tags || [];
|
|
||||||
const nameTag = tags.find((tag) => tag.Key === 'Name');
|
|
||||||
instances.push({
|
|
||||||
name: nameTag ? nameTag.Value : 'unknown',
|
|
||||||
id: instance.InstanceId,
|
|
||||||
state: instance.State ? instance.State.Name : 'unknown',
|
|
||||||
ami: instance.ImageId,
|
|
||||||
ip: instance.PublicIpAddress || 'n/a',
|
|
||||||
});
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return instances;
|
|
||||||
}
|
|
||||||
|
|
||||||
exports.handler = async (event) => {
|
exports.handler = async (event) => {
|
||||||
if (!CONTROL_API_TOKEN) {
|
if (!CONTROL_API_TOKEN) {
|
||||||
@@ -115,12 +88,7 @@ exports.handler = async (event) => {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (action === 'status') {
|
if (action === 'status') {
|
||||||
try {
|
return json(400, { ok: false, error: 'status not supported via api' });
|
||||||
const instances = await listInstances();
|
|
||||||
return json(200, { ok: true, instances });
|
|
||||||
} catch (err) {
|
|
||||||
return json(500, { ok: false, error: err.message });
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (action !== 'deploy') {
|
if (action !== 'deploy') {
|
||||||
|
|||||||
@@ -21,10 +21,11 @@ Goal: manage CLAWDINATOR host lifecycle (create/recreate/replace) from **CLAWDIN
|
|||||||
- Infra state must be out‑of‑band and locked.
|
- Infra state must be out‑of‑band and locked.
|
||||||
|
|
||||||
## Control Plane Components (KISS)
|
## Control Plane Components (KISS)
|
||||||
- **Control API (AWS Lambda Function URL)**
|
- **Control API (AWS Lambda)**
|
||||||
- Authenticated by a shared bearer token.
|
- Authenticated by a shared control token.
|
||||||
- Dispatches GitHub Actions workflows.
|
- Dispatches GitHub Actions workflows (deploy only).
|
||||||
- Handles `/fleet status` via AWS DescribeInstances.
|
- **Fleet status**
|
||||||
|
- Fetched locally via AWS CLI using control invoker credentials.
|
||||||
- **Fleet Control Skill** (runs inside CLAWDINATOR)
|
- **Fleet Control Skill** (runs inside CLAWDINATOR)
|
||||||
- Calls the Control API via `scripts/fleet-control.sh` (AWS IAM invoke).
|
- Calls the Control API via `scripts/fleet-control.sh` (AWS IAM invoke).
|
||||||
- Enforces policy (no self‑deploy) before calling.
|
- Enforces policy (no self‑deploy) before calling.
|
||||||
@@ -82,7 +83,7 @@ Example:
|
|||||||
- Also creates new instances if present in desired state.
|
- Also creates new instances if present in desired state.
|
||||||
|
|
||||||
### `/fleet status`
|
### `/fleet status`
|
||||||
- Returns live fleet status (EC2 describe by tag).
|
- Returns live fleet status via AWS CLI (EC2 describe by tag).
|
||||||
|
|
||||||
## Access Control (Policy)
|
## Access Control (Policy)
|
||||||
- Shared control token authorizes calls to the Control API.
|
- Shared control token authorizes calls to the Control API.
|
||||||
|
|||||||
+10
-15
@@ -32,6 +32,16 @@ fi
|
|||||||
control_token="$(cat "${token_file}")"
|
control_token="$(cat "${token_file}")"
|
||||||
caller="$(cat "${caller_file}")"
|
caller="$(cat "${caller_file}")"
|
||||||
|
|
||||||
|
region="${AWS_REGION:-eu-central-1}"
|
||||||
|
export AWS_ACCESS_KEY_ID="$(cat "${access_key_file}")"
|
||||||
|
export AWS_SECRET_ACCESS_KEY="$(cat "${secret_key_file}")"
|
||||||
|
export AWS_REGION="${region}"
|
||||||
|
|
||||||
|
if [ "${action}" = "status" ]; then
|
||||||
|
/var/lib/clawd/repos/clawdinators/scripts/fleet-status.sh
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
if [ "${action}" = "deploy" ]; then
|
if [ "${action}" = "deploy" ]; then
|
||||||
if [ -z "${target}" ]; then
|
if [ -z "${target}" ]; then
|
||||||
echo "Target required. Usage: fleet-control.sh deploy <all|clawdinator-2>" >&2
|
echo "Target required. Usage: fleet-control.sh deploy <all|clawdinator-2>" >&2
|
||||||
@@ -52,10 +62,6 @@ payload="$(jq -n \
|
|||||||
--arg control_token "${control_token}" \
|
--arg control_token "${control_token}" \
|
||||||
'{action: $action, target: $target, caller: $caller, ami_override: $ami_override, control_token: $control_token}')"
|
'{action: $action, target: $target, caller: $caller, ami_override: $ami_override, control_token: $control_token}')"
|
||||||
|
|
||||||
region="${AWS_REGION:-eu-central-1}"
|
|
||||||
export AWS_ACCESS_KEY_ID="$(cat "${access_key_file}")"
|
|
||||||
export AWS_SECRET_ACCESS_KEY="$(cat "${secret_key_file}")"
|
|
||||||
|
|
||||||
response_file="$(mktemp)"
|
response_file="$(mktemp)"
|
||||||
aws lambda invoke \
|
aws lambda invoke \
|
||||||
--function-name "clawdinator-control-api" \
|
--function-name "clawdinator-control-api" \
|
||||||
@@ -67,15 +73,4 @@ aws lambda invoke \
|
|||||||
response="$(cat "${response_file}")"
|
response="$(cat "${response_file}")"
|
||||||
rm -f "${response_file}"
|
rm -f "${response_file}"
|
||||||
|
|
||||||
if [ "${action}" = "status" ]; then
|
|
||||||
ok="$(printf '%s' "${response}" | jq -r '.ok')"
|
|
||||||
if [ "${ok}" != "true" ]; then
|
|
||||||
echo "${response}" >&2
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
echo "Name | InstanceId | State | AMI | Public IP"
|
|
||||||
printf '%s' "${response}" | jq -r '.instances[] | "\(.name) | \(.id) | \(.state) | \(.ami) | \(.ip)"'
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "${response}"
|
echo "${response}"
|
||||||
|
|||||||
Reference in New Issue
Block a user