bytelyst/bytelyst-devops-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Deployment and DevOps tooling for ByteLyst
254 Commits 2 Branches 0 Tags 2.8 MiB
TypeScript 45.5%
Shell 39.5%
Python 9.7%
JavaScript 4.3%
Dockerfile 0.5%
Other 0.5%
efdf41f2bb
Go to file
Hermes VM efdf41f2bb feat(dashboard): Phase 7 — gate /hermes/ops on requireAdmin + Phase 4 brief 
Two threads, one commit because they're both about closing dashboard-
side roadmap items that don't need their own slice.

Phase 7 — auth coverage on hermes routes:
  - `/api/hermes/ops` was the last unauthenticated Hermes endpoint —
    despite revealing instance / gateway / Tailscale-IP / backup-repo /
    warnings state. Now gated on `requireAdmin`, matching the new
    `/api/hermes/telemetry/:instance` from the previous slice and
    every other privileged route in this backend.
  - Privilege-surface table in `dashboard/DEPLOYMENT.md` updated to
    show `requireAdmin` for both Hermes routes; the previous
    "no auth, read-only ops snapshot" carve-out is gone.
  - Roadmap Phase 7 ticks for "require auth on hermes routes" + "keep
    hermes data private-only" with verification notes.

Phase 4 — Bheem/Uma parity (delegation brief):
  - Phase 4 is **VM ops, not codebase work** — it requires sudo on the
    Hostinger VM, Uma-owned GitHub credentials, and Telegram bot
    tokens. None of it is editable in this repo. Wrote
    `docs/prompts/phase4-bheem-uma-parity.md` as a self-contained
    delegation brief covering: Uma persistent-backup repo + timer,
    Uma health watchdog, first restore rehearsal, quarterly drill
    reminder, and the dashboard-side verification (the /hermes/ops +
    /hermes/telemetry/bheem outputs that confirm the gap is closed).
  - Phase 4 section header in the roadmap now points at the brief
    and explains why the checkboxes stay open in this repo.

Verified: backend 57/57 unit tests , web 7/7 E2E  (Playwright
mocks bypass requireAdmin since they fulfill before the request
reaches Fastify; real auth'd users get the same flow as every other
admin route). Lint 0 errors, build green.

Generated with [Devin](https://cli.devin.ai/docs)

Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
2026-05-30 07:59:48 +00:00
_AZURE docs: remove Ollama from VM, switch to openrouter/auto 2026-03-31 01:43:35 -07:00
.gitea/workflows fix(cli): harden bytelyst-cli env loading, pagination, and HTTP checks 2026-05-28 22:30:08 -07:00
.github/workflows ci: add GitHub Actions CI (shellcheck, syntax, preview) 2026-05-29 21:31:00 -07:00
agent-queue docs(agent-queue): add Dependabot dependency-triage prompt for common-plat 2026-05-30 00:56:55 -07:00
aliases feat(aliases): add aq/aqs/aqd agent-queue aliases; scope shell-ci shellcheck 2026-05-28 21:52:36 -07:00
dashboard feat(dashboard): Phase 7 — gate /hermes/ops on requireAdmin + Phase 4 brief 2026-05-30 07:59:48 +00:00
docs feat(dashboard): Phase 7 — gate /hermes/ops on requireAdmin + Phase 4 brief 2026-05-30 07:59:48 +00:00
git-work-safety-tools more scripts and precommit checks 2025-06-25 12:48:48 -07:00
github_access_scripts Move scanner outputs out of repo root 2026-05-05 01:18:10 +00:00
github_repo_scanners Untrack secrets and generated artifacts 2026-05-05 01:19:00 +00:00
scripts feat(vm): Phase 5 closure — GPU/freshness checks, chaos validation, I/O alert 2026-05-30 05:26:49 +00:00
Slack Message Untrack secrets and generated artifacts 2026-05-05 01:19:00 +00:00
supabase monitor Untrack secrets and generated artifacts 2026-05-05 01:19:00 +00:00
systemd feat(vm): Phase 5 closure — GPU/freshness checks, chaos validation, I/O alert 2026-05-30 05:26:49 +00:00
youtube Untrack secrets and generated artifacts 2026-05-05 01:19:00 +00:00
.gitattributes chore(devops): add cross-platform runners and README; normalize EOLs 2026-05-29 21:26:47 -07:00
.gitignore Add live Hermes operations dashboard 2026-05-27 13:04:36 +00:00
.pre-commit-config.yaml precommit & git_repos_rebase_commit_push.sh 2025-06-25 12:29:55 -07:00
accounts.example.json Add safe templates and tooling adoption docs 2026-05-05 01:16:27 +00:00
AGENTS.md docs(devops): document deployment-status.sh in AGENTS.md and README.md 2026-05-12 20:50:14 +00:00
bytelyst-cli.sh chore(cli): make bytelyst-cli.sh executable 2026-05-29 16:42:39 -07:00
check_i_ayushh18_collaborator.sh feat: git commit related 2025-09-16 17:43:59 -07:00
CLAUDE.md Add safe templates and tooling adoption docs 2026-05-05 01:16:27 +00:00
clean_chrome.sh feat: clean up scripts 2025-05-21 21:43:59 -07:00
cleanup.sh feat: clean up scripts 2025-05-21 21:43:59 -07:00
cli-install-report.md chore(devops): update CLI install report and add symlink helper 2026-05-29 21:20:52 -07:00
delete_team_interactive.sh more changes 2025-06-23 21:59:14 -07:00
deploy-all.sh revert(deploy): revert base image changes due to workspace complexity 2026-05-10 00:27:24 +00:00
deploy-clock.sh chore(devops): tighten deployment scripts 2026-05-18 09:01:03 +00:00
deploy-invttrdg.sh chore(deploy): remove debug logging from deployment script 2026-05-13 02:48:54 +00:00
deploy-notes.sh chore(devops): tighten deployment scripts 2026-05-18 09:01:03 +00:00
DEPLOYMENT_GUIDE.md Add production deployment scripts for ByteLyst services 2026-05-09 21:42:58 +00:00
deployment-status.sh feat(devops): add deployment status report script 2026-05-12 20:40:53 +00:00
github_acc_input.json more changes 2025-06-23 21:59:14 -07:00
github_repos.json more changes 2025-06-23 21:59:14 -07:00
install_clis_wsl.sh feat(devops): add interactive WSL CLI installer script 2026-05-29 16:05:01 -07:00
interactive_user_removal.sh feat: git commit related 2025-09-16 17:43:59 -07:00
list_all_public_repos.sh more changes 2025-06-23 21:59:14 -07:00
list_all_repos_tree.sh feat: list repos and prs 2025-06-24 23:22:19 -07:00
list_orgs_teams_members.sh more changes 2025-06-23 21:59:14 -07:00
list_prs_by_user.sh feat: list repos and prs 2025-06-24 23:22:19 -07:00
list_repos_contributors_by_user.sh more changes 2025-06-23 21:59:14 -07:00
list_repos_contributors.sh more changes 2025-06-23 21:59:14 -07:00
make_repos_private.sh ops: add failure reason 2025-02-08 23:56:43 -08:00
make_symlinks_wsl.sh chore(devops): update CLI install report and add symlink helper 2026-05-29 21:20:52 -07:00
README_INSTALL.md chore(devops): add cross-platform runners and README; normalize EOLs 2026-05-29 21:26:47 -07:00
README_interactive_script.md feat: git commit related 2025-09-16 17:43:59 -07:00
README_remove_user_script.md feat: git commit related 2025-09-16 17:43:59 -07:00
README.md docs(devops): document deployment-status.sh in AGENTS.md and README.md 2026-05-12 20:50:14 +00:00
remove_user_from_repos.sh feat: git commit related 2025-09-16 17:43:59 -07:00
remove_user_guided.sh feat: git commit related 2025-09-16 17:43:59 -07:00
remove_user_i-ayushh18.sh feat: git commit related 2025-09-16 17:43:59 -07:00
remove_user_interactive.sh feat: git commit related 2025-09-16 17:43:59 -07:00
REPO_CONTEXT.md docs(devops): add repo context note 2026-05-18 09:01:09 +00:00
repos.json users and repos 2025-06-23 21:11:45 -07:00
repos.txt repos.txt 2025-05-21 21:43:42 -07:00
run_installers.ps1 chore(devops): add cross-platform runners and README; normalize EOLs 2026-05-29 21:26:47 -07:00
run_installers.sh chore(devops): add cross-platform runners and README; normalize EOLs 2026-05-29 21:26:47 -07:00
setup.sh setup: handle managed python pre-commit installs 2026-05-05 03:26:55 +00:00
sync_repos.sh sync_repos.sh 2026-04-13 15:10:02 -07:00
test_interactive.sh feat: git commit related 2025-09-16 17:43:59 -07:00
test.sh feat: clean up scripts 2025-05-21 21:43:59 -07:00
update-dns.sh feat(devops): adopt trading web deployment model with docker-compose 2026-05-11 03:24:11 +00:00
users_black_list.json more changes 2025-06-24 00:14:27 -07:00
users_white_list.json more changes 2025-06-24 00:14:27 -07:00
wsl_path_and_check.sh chore(devops): finalize CLI install report and helper 2026-05-29 21:20:52 -07:00
wsl_test.sh chore(devops): finalize CLI install report and helper 2026-05-29 21:20:52 -07:00

README.md

ByteLyst DevOps Tools

Internal repository for GitHub administration scripts, multi-repo safety helpers, and a few adjacent utility projects used by ByteLyst.

This repo is not a single application. It is a workspace of operational tools with three main characteristics:

  • The primary surface area is Bash scripts for GitHub and repository operations.
  • Some subdirectories are self-contained Python utilities with their own setup and runtime expectations.
  • A number of JSON files and outputs are generated artifacts or operational inputs, not source code to edit casually.

Start Here

If you are new to the repo, read these in order:

  1. docs/getting-started.md
  2. docs/repo-map.md
  3. docs/tooling-status.md
  4. scripts/README.md for supported standalone operational scripts
  5. AGENTS.md if you are working through an AI coding agent
  6. CLAUDE.md if you are using Claude Code specifically

Primary Entry Points

GitHub Operations

  • ./bytelyst-cli.sh
    • Main unified CLI for common GitHub admin operations.
    • Requires curl, jq, and GITHUB_TOKEN.
  • ./remove_user_interactive.sh
    • Interactive collaborator-removal workflow with repository pattern matching.
  • ./remove_user_guided.sh
    • Guided wrapper around the same removal flow with a more opinionated interactive UX.
  • ./remove_user_from_repos.sh
    • Scripted removal flow suitable for repeatable or semi-automated use.

Multi-Repo Git Safety

  • git-work-safety-tools/git_repos_status.sh
  • git-work-safety-tools/git_repos_rebase_commit_push.sh
  • git-work-safety-tools/multi_repo_safe_push.sh
  • git-work-safety-tools/multi_repo_status.sh

These are for scanning many repositories, checking dirty state, and performing safer batch git workflows.

Deployment Operations

  • ./deployment-status.sh
    • Comprehensive deployment status report for ByteLyst Investment Trading
    • Shows container status, deployed commit info, git status, health endpoints, and suggested actions
    • Usage: ./deployment-status.sh
  • ./deploy-invttrdg.sh
    • Production deployment script for ByteLyst Investment Trading
    • Builds and deploys Docker containers to production
    • Usage: ./deploy-invttrdg.sh [options]

Repository Layout

Core Operational Scripts

  • Root *.sh files
    • Main Bash-based GitHub and maintenance utilities.
  • scripts/
    • Named operational scripts that are more self-contained than the older root-level helpers.
  • git-work-safety-tools/
    • Safer multi-repo git helpers.
  • github_access_scripts/
    • Focused access checks and repo listing utilities.
  • github_repo_scanners/
    • Scripts plus generated repo/contributor JSON outputs.

Side Projects

  • Slack Message/
    • Python CLI for Slack posting and AI-assisted chat.
  • youtube/
    • YouTube transcript and summarization helpers.
  • supabase monitor/
    • Separate Python workflow project for YouTube processing despite the directory name.

Documentation

  • docs/
    • Canonical onboarding and repo-orientation docs.
  • scripts/README.md
    • Support and usage conventions for standalone operational scripts.
  • Legacy root docs:
    • README_interactive_script.md
    • README_remove_user_script.md

These older docs are still useful but are no longer the best starting point.

Setup

Root Tooling

./setup.sh

This installs the local development hooks and prepares the shell-based workflow. If pip3 is unavailable or blocked by an externally managed Python environment, install the distro package first:

sudo apt-get install -y pre-commit
./setup.sh

Required Dependencies

  • bash
  • curl
  • jq

Authentication

Most GitHub-facing scripts require:

export GITHUB_TOKEN=your_token_here

Use a token with the minimum permissions required for the task. Many admin flows assume repo and admin:org.

For scripts that require multi-account scanning, start from:

cp accounts.example.json accounts.json

Then fill in real values locally. accounts.json is intentionally ignored from future commits.

Common Commands

./bytelyst-cli.sh help
./bytelyst-cli.sh list-public-repos --user <username>
./bytelyst-cli.sh list-private-repos --org <orgname>
./remove_user_interactive.sh
./git-work-safety-tools/git_repos_status.sh
pre-commit run --all-files

Operational Safety

  • Treat accounts.json, *.json account snapshots, .env files, and generated collaborator data as potentially sensitive.
  • Prefer dry runs or interactive confirmation flows before bulk removal or visibility changes.
  • Do not assume every tracked JSON file is a stable source file; many are data snapshots or inputs.
  • Review scripts before reuse in automation. Some are one-off operational helpers and may encode assumptions about ByteLyst org structure.

Notes On Secrets And Outputs

This repo uses example/template files for local credentials and generated outputs should generally stay out of git. If you need local credentials, create untracked local copies such as accounts.json or .env from the provided examples.

Contributing

  • Keep new docs in docs/ unless they are tightly scoped to a subproject.
  • Prefer adding a short README to a subdirectory instead of expanding the root README with niche workflow details.
  • Validate shell scripts with:
pre-commit run --all-files
  • When adding new operational scripts, document:
    • required environment variables
    • destructive behavior
    • expected input files
    • example usage