update ui-assets.nix

Reviewed-on: #13

.envrc

@@ -3,3 +3,5 @@ if ! has nix_direnv_version || ! nix_direnv_version 2.3.0; then
 fi
 
 use flake
+
+

.gitea/workflows/ui_assets.yaml

@@ -15,7 +15,7 @@ jobs:
         id: changed-files
         uses: tj-actions/changed-files@v32
         with:
-          fetch-depth: 2
+          fetch-depth: 0
 
       - name: Check if UI files are in the list of modified files
         run: |
@@ -35,8 +35,8 @@ jobs:
               export PATH=$PATH:$DEPS
 
               # Setup git config
-              git config --global user.email "ui-asset-bot@clan.lol"
-              git config --global user.name "ui-asset-bot"
+              git config --global user.email "$BOT_EMAIL"
+              git config --global user.name "$BOT_NAME"
 
               ################################################
               #                                              #
@@ -66,3 +66,5 @@ jobs:
         env:
           MODIFIED_FILES: ${{ steps.changed-files.outputs.modified_files }}
           GITEA_TOKEN: ${{ secrets.BOT_ACCESS_TOKEN }}
+          BOT_NAME: "ui-asset-bot"
+          BOT_EMAIL: "ui-asset-bot@gchq.icu"

README.md

@@ -1,9 +1,211 @@
-# clan.lol core
+# Website Template
 
-This is the monorepo of the clan.lol project
-In here are all the packages we use, all the nixosModules we use/expose, the CLI and tests for everything.
+Welcome to our website template repository! This template is designed to help you and your team build high-quality websites efficiently. We've carefully chosen the technologies to make development smooth and enjoyable. Here's what you can expect from this template:
 
-## cLAN config tool
+**Frontend**: Our frontend is powered by [React NextJS](https://nextjs.org/), a popular and versatile framework for building web applications.
 
-- The quickstart guide can be found here: [here](/clan/clan-core/src/branch/main/docs/quickstart.md)
-- Find the docs [here](/clan/clan-core/src/branch/main/docs/clan-config.md)
+**Backend**: For the backend, we use Python along with the [FastAPI framework](https://fastapi.tiangolo.com/). To ensure seamless communication between the frontend and backend, we generate an `openapi.json` file from the Python code, which defines the REST API. This file is then used with [Orval](https://orval.dev/) to generate TypeScript bindings for the REST API. We're committed to code correctness, so we use [mypy](https://mypy-lang.org/) to ensure that our Python code is statically typed correctly. For backend testing, we rely on [pytest](https://docs.pytest.org/en/7.4.x/).
+
+**Continuous Integration (CI)**: We've set up a CI bot that rigorously checks your code using the quality assurance (QA) tools mentioned above. If any errors are detected, it will block pull requests until they're resolved.
+
+**Dependency Management**: We use the [Nix package manager](https://nixos.org/) to manage dependencies and ensure reproducibility, making your development process more robust.
+
+## Supported Operating Systems
+
+- Linux
+- macOS
+
+# Getting Started with the Development Environment
+
+Let's get your development environment up and running:
+
+1. **Install Nix Package Manager**:
+
+   - You can install the Nix package manager by either [downloading the Nix installer](https://github.com/DeterminateSystems/nix-installer/releases) or running this command:
+     ```bash
+     curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install
+     ```
+
+2. **Install direnv**:
+
+   - Download the direnv package from [here](https://direnv.net/docs/installation.html) or run the following command:
+     ```bash
+     curl -sfL https://direnv.net/install.sh | bash
+     ```
+
+3. **Add direnv to your shell**:
+
+   - Direnv needs to [hook into your shell](https://direnv.net/docs/hook.html) to work.
+     You can do this by executing following command:
+
+   ```bash
+   echo 'eval "$(direnv hook zsh)"' >> ~/.zshrc && echo 'eval "$(direnv hook bash)"' >> ~/.bashrc && eval "$SHELL"
+   ```
+
+4. **Clone the Repository and Navigate**:
+
+   - Clone this repository and navigate to it.
+
+5. **Allow .envrc**:
+
+   - When you enter the directory, you'll receive an error message like this:
+     ```bash
+     direnv: error .envrc is blocked. Run `direnv allow` to approve its content
+     ```
+   - Execute `direnv allow` to automatically execute the shell script `.envrc` when entering the directory.
+
+6. **Build the Backend**:
+
+   - Go to the `pkgs/clan-cli` directory and execute:
+     ```bash
+     direnv allow
+     ```
+   - Wait for the backend to build.
+
+7. **Start the Backend Server**:
+
+   - To start the backend server, execute:
+     ```bash
+     clan webui --reload --no-open --log-level debug
+     ```
+   - The server will automatically restart if any Python files change.
+
+8. **Build the Frontend**:
+
+   - In a different shell, navigate to the `pkgs/ui` directory and execute:
+     ```bash
+     direnv allow
+     ```
+   - Wait for the frontend to build.
+
+9. **Start the Frontend**:
+   - To start the frontend, execute:
+     ```bash
+     npm run dev
+     ```
+   - Access the website by going to [http://localhost:3000](http://localhost:3000).
+
+# Setting Up Your Git Workflow
+
+Let's set up your Git workflow to collaborate effectively:
+
+1. **Register Your Gitea Account Locally**:
+
+   - Execute the following command to add your Gitea account locally:
+     ```bash
+     tea login add
+     ```
+   - Fill out the prompt as follows:
+     - URL of Gitea instance: `https://gitea.gchq.icu`
+     - Name of new Login [gitea.gchq.icu]: `gitea.gchq.icu:7171`
+     - Do you have an access token? No
+     - Username: YourUsername
+     - Password: YourPassword
+     - Set Optional settings: No
+
+2. **Git Workflow**:
+
+   1. Add your changes to Git using `git add <file1> <file2>`.
+   2. Run `nix fmt` to lint your files.
+   3. Commit your changes with a descriptive message: `git commit -a -m "My descriptive commit message"`.
+   4. Make sure your branch has the latest changes from upstream by executing:
+      ```bash
+      git fetch && git rebase origin/main --autostash
+      ```
+   5. Use `git status` to check for merge conflicts.
+   6. If conflicts exist, resolve them. Here's a tutorial for resolving conflicts in [VSCode](https://code.visualstudio.com/docs/sourcecontrol/overview#_merge-conflicts).
+   7. After resolving conflicts, execute `git merge --continue` and repeat step 5 until there are no conflicts.
+
+3. **Create a Pull Request**:
+
+   - To automatically open a pull request that gets merged if all tests pass, execute:
+     ```bash
+     merge-after-ci
+     ```
+
+4. **Review Your Pull Request**:
+
+   - Visit https://gitea.gchq.icu and go to the project page. Check under "Pull Requests" for any issues with your pull request.
+
+5. **Push Your Changes**:
+   - If there are issues, fix them and redo step 2. Afterward, execute:
+     ```bash
+     git push origin HEAD:YourUsername-main
+     ```
+   - This will directly push to your open pull request.
+
+# Debugging
+
+When working on the backend of your project, debugging is an essential part of the development process. Here are some methods for debugging and testing the backend of your application:
+
+## Test Backend Locally in Devshell with Breakpoints
+
+To test the backend locally in a development environment and set breakpoints for debugging, follow these steps:
+
+1. Run the following command to execute your tests and allow for debugging with breakpoints:
+   ```bash
+   pytest -n0 -s --maxfail=1
+   ```
+   You can place `breakpoint()` in your Python code where you want to trigger a breakpoint for debugging.
+
+## Test Backend Locally in a Nix Sandbox
+
+To run your backend tests in a Nix sandbox, you have two options depending on whether your test functions have been marked as impure or not:
+
+### Running Tests Marked as Impure
+
+If your test functions need to execute `nix build` and have been marked as impure because you can't execute `nix build` inside a Nix sandbox, use the following command:
+
+```bash
+nix run .#impure-checks
+```
+
+This command will run the impure test functions.
+
+### Running Pure Tests
+
+For test functions that have not been marked as impure and don't require executing `nix build`, you can use the following command:
+
+```bash
+nix build .#checks.x86_64-linux.clan-pytest --rebuild
+```
+
+This command will run all pure test functions.
+
+### Inspecting the Nix Sandbox
+
+If you need to inspect the Nix sandbox while running tests, follow these steps:
+
+1. Insert an endless sleep into your test code where you want to pause the execution. For example:
+
+   ```python
+   import time
+   time.sleep(3600)  # Sleep for one hour
+   ```
+
+2. Use `cntr` and `psgrep` to attach to the Nix sandbox. This allows you to interactively debug your code while it's paused. For example:
+
+   ```bash
+   cntr exec -w your_sandbox_name
+   psgrep -a -x your_python_process_name
+   ```
+
+These debugging and testing methods will help you identify and fix issues in your backend code efficiently, ensuring the reliability and robustness of your application.
+
+# Using this Template
+
+To make the most of this template:
+
+1. Set up a new Gitea account named `ui-asset-bot`. Generate an access token with all access permissions and set it under `settings/actions/secrets` as a secret called `BOT_ACCESS_TOKEN`.
+
+   - Also, edit the file `.gitea/workflows/ui_assets.yaml` and change the `BOT_EMAIL` variable to match the email you set for that account. Gitea matches commits to accounts by their email address, so this step is essential.
+
+2. Create a second Gitea account named `merge-bot`. Edit the file `pkgs/merge-after-ci/default.nix` if the name should be different. Under "Branches," set the main branch to be protected and add `merge-bot` to the whitelisted users for pushing. Set the unprotected file pattern to `**/ui-assets.nix`.
+
+   - Enable the status check for "build / test (pull_request)."
+
+3. Add both `merge-bot` and `ui-asset-bot` as collaborators.
+   - Set the option to "Delete pull request branch after merge by default."
+   - Also, set the default merge style to "Rebase then create merge commit."
+
+With this template, you're well-equipped to build and collaborate on high-quality websites efficiently. Happy coding!.

checks/flake-module.nix

@@ -2,28 +2,16 @@
   imports = [
     ./impure/flake-module.nix
   ];
-  perSystem = { pkgs, lib, self', ... }: {
+  perSystem = { lib, self', ... }: {
     checks =
       let
-        nixosTestArgs = {
-          # reference to nixpkgs for the current system
-          inherit pkgs;
-          # this gives us a reference to our flake but also all flake inputs
-          inherit self;
-        };
-        nixosTests = lib.optionalAttrs (pkgs.stdenv.isLinux) {
-          # import our test
-          secrets = import ./secrets nixosTestArgs;
-        };
-        schemaTests = pkgs.callPackages ./schemas.nix {
-          inherit self;
-        };
+
 
         flakeOutputs = lib.mapAttrs' (name: config: lib.nameValuePair "nixos-${name}" config.config.system.build.toplevel) self.nixosConfigurations
           // lib.mapAttrs' (n: lib.nameValuePair "package-${n}") self'.packages
           // lib.mapAttrs' (n: lib.nameValuePair "devShell-${n}") self'.devShells
           // lib.mapAttrs' (name: config: lib.nameValuePair "home-manager-${name}" config.activation-script) (self'.legacyPackages.homeConfigurations or { });
       in
-      nixosTests // schemaTests // flakeOutputs;
+      flakeOutputs;
   };
 }

checks/schema.nix

@@ -1,54 +0,0 @@
-{ self, lib, inputs, ... }:
-let
-  inherit (builtins)
-    mapAttrs
-    toJSON
-    toFile
-    ;
-  inherit (lib)
-    mapAttrs'
-    ;
-  clanLib = self.lib;
-  clanModules = self.clanModules;
-
-
-in
-{
-  perSystem = { pkgs, ... }:
-    let
-      baseModule = {
-        imports =
-          (import (inputs.nixpkgs + "/nixos/modules/module-list.nix"))
-          ++ [{
-            nixpkgs.hostPlatform = pkgs.system;
-          }];
-      };
-
-      optionsFromModule = module:
-        let
-          evaled = lib.evalModules {
-            modules = [ module baseModule ];
-          };
-        in
-        evaled.options.clan.networking;
-
-      clanModuleSchemas =
-        mapAttrs
-          (_: module: clanLib.jsonschema.parseOptions (optionsFromModule module))
-          clanModules;
-
-      mkTest = name: schema: pkgs.runCommand "schema-${name}" { } ''
-        ${pkgs.check-jsonschema}/bin/check-jsonschema \
-          --check-metaschema ${toFile "schema-${name}" (toJSON schema)}
-        touch $out
-      '';
-    in
-    {
-      checks = mapAttrs'
-        (name: schema: {
-          name = "schema-${name}";
-          value = mkTest name schema;
-        })
-        clanModuleSchemas;
-    };
-}

checks/schemas.nix

@@ -1,34 +0,0 @@
-{ self, runCommand, check-jsonschema, pkgs, lib, ... }:
-let
-  clanModules.clanCore = self.nixosModules.clanCore;
-
-  baseModule = {
-    imports =
-      (import (pkgs.path + "/nixos/modules/module-list.nix"))
-      ++ [{
-        nixpkgs.hostPlatform = "x86_64-linux";
-      }];
-  };
-
-  optionsFromModule = module:
-    let
-      evaled = lib.evalModules {
-        modules = [ module baseModule ];
-      };
-    in
-    evaled.options.clan;
-
-  clanModuleSchemas = lib.mapAttrs (_: module: self.lib.jsonschema.parseOptions (optionsFromModule module)) clanModules;
-
-  mkTest = name: schema: runCommand "schema-${name}" { } ''
-    ${check-jsonschema}/bin/check-jsonschema \
-      --check-metaschema ${builtins.toFile "schema-${name}" (builtins.toJSON schema)}
-      touch $out
-  '';
-in
-lib.mapAttrs'
-  (name: schema: {
-    name = "schema-${name}";
-    value = mkTest name schema;
-  })
-  clanModuleSchemas

checks/secrets/clan-secrets

@@ -1,6 +0,0 @@
-#!/usr/bin/env bash
-
-set -eux -o pipefail
-SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
-export SOPS_AGE_KEY_FILE="${SCRIPT_DIR}/key.age"
-nix run .# -- secrets "$@"

checks/secrets/default.nix

@@ -1,21 +0,0 @@
-(import ../lib/test-base.nix) {
-  name = "secrets";
-
-  nodes.machine = { self, config, ... }: {
-    imports = [
-      (self.nixosModules.clanCore)
-    ];
-    environment.etc."secret".source = config.sops.secrets.secret.path;
-    environment.etc."group-secret".source = config.sops.secrets.group-secret.path;
-    sops.age.keyFile = ./key.age;
-
-    clanCore.clanDir = "${./.}";
-    clanCore.machineName = "machine";
-
-    networking.hostName = "machine";
-  };
-  testScript = ''
-    machine.succeed("cat /etc/secret >&2")
-    machine.succeed("cat /etc/group-secret >&2")
-  '';
-}

checks/secrets/key.age

@@ -1 +0,0 @@
-AGE-SECRET-KEY-1UCXEUJH6JXF8LFKWFHDM4N9AQE2CCGQZGXLUNV4TKR5KY0KC8FDQ2TY4NX

checks/secrets/sops/groups/group/machines/machine

@@ -1 +0,0 @@
-../../../machines/machine

checks/secrets/sops/machines/machine/key.json

@@ -1,4 +0,0 @@
-{
-  "publickey": "age15x8u838dwqflr3t6csf4tlghxm4tx77y379ncqxav7y2n8qp7yzqgrwt00",
-  "type": "age"
-}

checks/secrets/sops/secrets/group-secret/groups/group

@@ -1 +0,0 @@
-../../../groups/group

checks/secrets/sops/secrets/group-secret/secret

@@ -1,20 +0,0 @@
-{
-	"data": "ENC[AES256_GCM,data:FgF3,iv:QBbnqZ6405qmwGKhbolPr9iobngXt8rtfUwCBOnmwRA=,tag:7gqI1zLVnTkZ0xrNn/LEkA==,type:str]",
-	"sops": {
-		"kms": null,
-		"gcp_kms": null,
-		"azure_kv": null,
-		"hc_vault": null,
-		"age": [
-			{
-				"recipient": "age15x8u838dwqflr3t6csf4tlghxm4tx77y379ncqxav7y2n8qp7yzqgrwt00",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArMHcxKzhUZzNHQmQrb28x\nRC9UMlZMeDN3S1l1eHdUWmV4VUVReHhhQ0RnCjAyUXVlY1FmclVmL2lEdFZuTmll\nVENpa3AwbjlDck5zdGdHUTRnNEdEOUkKLS0tIER3ZlNMSVFnRElkRDcxajZnVmFl\nZThyYzcvYUUvaWJYUmlwQ3dsSDdjSjgK+tj34yBzrsIjm6V+T9wTgz5FdNGOR7I/\nVB4fh8meW0vi/PCK/rajC8NbqmK8qq/lwsF/JwfZKDSdG0FOJUB1AA==\n-----END AGE ENCRYPTED FILE-----\n"
-			}
-		],
-		"lastmodified": "2023-09-03T12:44:56Z",
-		"mac": "ENC[AES256_GCM,data:d5a0WfE5ZRLKF1NZkBfOl+cVI8ZZHd2rC+qX/giALjyrzk09rLxBeY4lO827GFfMmVy/oC7ceH9pjv2O7ibUiQtcbGIQVBg/WP+dVn8fRMWtF0jpv9BhYTutkVk3kiddqPGhp3mpwvls2ot5jtCRczTPk3JSxN3B1JSJCmj9GfQ=,iv:YmlkTYFNUaFRWozO8+OpEVKaSQmh+N9zpatwUNMPNyw=,tag:mEGQ4tdo82qlhKWalQuufg==,type:str]",
-		"pgp": null,
-		"unencrypted_suffix": "_unencrypted",
-		"version": "3.7.3"
-	}
-}

checks/secrets/sops/secrets/secret/machines/machine

@@ -1 +0,0 @@
-../../../machines/machine

checks/secrets/sops/secrets/secret/secret

@@ -1,20 +0,0 @@
-{
-	"data": "ENC[AES256_GCM,data:bhxF,iv:iNs+IfSU/7EwssZ0GVTF2raxJkVlddfQEPGIBeUYAy8=,tag:JMOKTMW3/ic3UTj9eT9YFQ==,type:str]",
-	"sops": {
-		"kms": null,
-		"gcp_kms": null,
-		"azure_kv": null,
-		"hc_vault": null,
-		"age": [
-			{
-				"recipient": "age15x8u838dwqflr3t6csf4tlghxm4tx77y379ncqxav7y2n8qp7yzqgrwt00",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxS0g4TEt4S09LQnFKdCtk\nZTlUQWhNUHZmcmZqdGtuZkhhTkMzZDVaWWdNCi9vNnZQeklNaFBBU2x0ditlUDR0\nNGJlRmFFb09WSUFGdEh5TGViTWtacFEKLS0tIE1OMWdQMHhGeFBwSlVEamtHUkcy\ndzI1VHRkZ1o4SStpekVNZmpQSnRkeUkKYmPS9sR6U0NHxd55DjRk29LNFINysOl6\nEM2MTrntLxOHFWZ1QgNx34l4rYIIXx97ONvR0SRpxN0ECL9VonQeZg==\n-----END AGE ENCRYPTED FILE-----\n"
-			}
-		],
-		"lastmodified": "2023-08-23T09:11:08Z",
-		"mac": "ENC[AES256_GCM,data:8z819mP4FJXE/ExWM1+/dhaXIXzCglhBuZwE6ikl/jNLUAnv3jYL9c9vPrPFl2by3wXSNzqB4AOiTKDQoxDx2SBQKxeWaUnOajD6hbzskoLqCCBfVx7qOHrk/BULcBvMSxBca4RnzXXoMFTwKs2A1fXqAPvSQd1X4gX6Xm9VXWM=,iv:3YxZX+gaEcRKDN0Kuf9y1oWL+sT/J5B/5CtCf4iur9Y=,tag:0dwyjpvjCqbm9vIrz6WSWQ==,type:str]",
-		"pgp": null,
-		"unencrypted_suffix": "_unencrypted",
-		"version": "3.7.3"
-	}
-}

checks/secrets/sops/secrets/secret/users/admin

@@ -1 +0,0 @@
-../../../users/admin

checks/secrets/sops/users/admin/key.json

@@ -1,4 +0,0 @@
-{
-  "publickey": "age15x8u838dwqflr3t6csf4tlghxm4tx77y379ncqxav7y2n8qp7yzqgrwt00",
-  "type": "age"
-}

pkgs/clan-cli/.envrc

@@ -1,3 +1,4 @@
+#!/usr/bin/env bash
 # Because we depend on nixpkgs sources, uploading to builders takes a long time
 
 source_up

pkgs/clan-cli/README.md

@@ -56,15 +56,15 @@ Add this `launch.json` to your .vscode directory to have working breakpoints in
 
 ## Run locally single-threaded for debugging
 
-By default tests run in parallel using pytest-parallel.
-pytest-parallel however breaks `breakpoint()`. To disable it, use this:
+By default tests run in parallel using pytest-xdist.
+pytest-xdist however breaks `breakpoint()`. To disable it, use this:
 
 ```console
-pytest --workers "" -s
+pytest -n0 -s
 ```
 
 You can also run a single test like this:
 
 ```console
-pytest --workers "" -s tests/test_secrets_cli.py::test_users
+pytest -n0 -s tests/test_secrets_cli.py::test_users
 ```

pkgs/clan-cli/clan_cli/debug.py

@@ -1,23 +1,27 @@
-from typing import Dict, Optional, Tuple, Callable, Any, Mapping, List
-from pathlib import Path
-import ipdb
+import logging
+import multiprocessing as mp
 import os
+import shlex
 import stat
 import subprocess
-from .dirs import find_git_repo_root
-import multiprocessing as mp
-from .types import FlakeName
-import logging
 import sys
-import shlex
-import time
+from pathlib import Path
+from typing import Any, Callable, Dict, List, Optional
+
+import ipdb
 
 log = logging.getLogger(__name__)
 
-def command_exec(cmd: List[str], work_dir:Path, env: Dict[str, str]) -> None:
+
+def command_exec(cmd: List[str], work_dir: Path, env: Dict[str, str]) -> None:
     subprocess.run(cmd, check=True, env=env, cwd=work_dir.resolve())
 
-def repro_env_break(work_dir: Path, env: Optional[Dict[str, str]] = None, cmd: Optional[List[str]] = None) -> None:
+
+def repro_env_break(
+    work_dir: Path,
+    env: Optional[Dict[str, str]] = None,
+    cmd: Optional[List[str]] = None,
+) -> None:
     if env is None:
         env = os.environ.copy()
     else:
@@ -40,14 +44,16 @@ def repro_env_break(work_dir: Path, env: Optional[Dict[str, str]] = None, cmd: O
     finally:
         proc.terminate()
 
-def write_command(command: str, loc:Path) -> None:
+
+def write_command(command: str, loc: Path) -> None:
     with open(loc, "w") as f:
         f.write("#!/usr/bin/env bash\n")
         f.write(command)
     st = os.stat(loc)
     os.chmod(loc, st.st_mode | stat.S_IEXEC)
 
-def spawn_process(func: Callable, **kwargs:Any) -> mp.Process:
+
+def spawn_process(func: Callable, **kwargs: Any) -> mp.Process:
     mp.set_start_method(method="spawn")
     proc = mp.Process(target=func, kwargs=kwargs)
     proc.start()
@@ -59,7 +65,7 @@ def dump_env(env: Dict[str, str], loc: Path) -> None:
     with open(loc, "w") as f:
         f.write("#!/usr/bin/env bash\n")
         for k, v in cenv.items():
-            if v.count('\n') > 0 or v.count("\"") > 0 or v.count("'") > 0:
+            if v.count("\n") > 0 or v.count('"') > 0 or v.count("'") > 0:
                 continue
             f.write(f"export {k}='{v}'\n")
     st = os.stat(loc)

pkgs/clan-cli/clan_cli/git.py

@@ -1,88 +0,0 @@
-import shlex
-import subprocess
-from pathlib import Path
-from typing import Optional
-
-from clan_cli.dirs import find_git_repo_root
-from clan_cli.errors import ClanError
-from clan_cli.nix import nix_shell
-
-
-# generic vcs agnostic commit function
-def commit_file(
-    file_path: Path,
-    repo_dir: Optional[Path] = None,
-    commit_message: Optional[str] = None,
-) -> None:
-    if repo_dir is None:
-        repo_dir = find_git_repo_root()
-        if repo_dir is None:
-            return
-    # check that the file is in the git repository and exists
-    if not Path(file_path).resolve().is_relative_to(repo_dir.resolve()):
-        raise ClanError(f"File {file_path} is not in the git repository {repo_dir}")
-    if not file_path.exists():
-        raise ClanError(f"File {file_path} does not exist")
-    # generate commit message if not provided
-    if commit_message is None:
-        # ensure that mentioned file path is relative to repo
-        commit_message = f"Add {file_path.relative_to(repo_dir)}"
-    # check if the repo is a git repo and commit
-    if (repo_dir / ".git").exists():
-        _commit_file_to_git(repo_dir, file_path, commit_message)
-    else:
-        return
-
-
-def _commit_file_to_git(repo_dir: Path, file_path: Path, commit_message: str) -> None:
-    """Commit a file to a git repository.
-
-    :param repo_dir: The path to the git repository.
-    :param file_path: The path to the file to commit.
-    :param commit_message: The commit message.
-    :raises ClanError: If the file is not in the git repository.
-    """
-    cmd = nix_shell(
-        ["git"],
-        ["git", "-C", str(repo_dir), "add", str(file_path)],
-    )
-    # add the file to the git index
-    try:
-        subprocess.run(cmd, check=True)
-    except subprocess.CalledProcessError as e:
-        raise ClanError(
-            f"Failed to add {file_path} to git repository {repo_dir}:\n{shlex.join(cmd)}\n exited with {e.returncode}"
-        ) from e
-
-    # check if there is a diff
-    cmd = nix_shell(
-        ["git"],
-        ["git", "-C", str(repo_dir), "diff", "--cached", "--exit-code"],
-    )
-    result = subprocess.run(cmd, cwd=repo_dir)
-    # if there is no diff, return
-    if result.returncode == 0:
-        return
-
-    # commit only that file
-    cmd = nix_shell(
-        ["git"],
-        [
-            "git",
-            "-C",
-            str(repo_dir),
-            "commit",
-            "-m",
-            commit_message,
-            str(file_path.relative_to(repo_dir)),
-        ],
-    )
-    try:
-        subprocess.run(
-            cmd,
-            check=True,
-        )
-    except subprocess.CalledProcessError as e:
-        raise ClanError(
-            f"Failed to commit {file_path} to git repository {repo_dir}:\n{shlex.join(cmd)}\n exited with {e.returncode}"
-        ) from e

pkgs/clan-cli/clan_cli/tty.py

@@ -1,25 +0,0 @@
-import sys
-from typing import IO, Any, Callable
-
-
-def is_interactive() -> bool:
-    """Returns true if the current process is interactive"""
-    return sys.stdin.isatty() and sys.stdout.isatty()
-
-
-def color_text(code: int, file: IO[Any] = sys.stdout) -> Callable[[str], None]:
-    """
-    Print with color if stderr is a tty
-    """
-
-    def wrapper(text: str) -> None:
-        if file.isatty():
-            print(f"\x1b[{code}m{text}\x1b[0m", file=file)
-        else:
-            print(text, file=file)
-
-    return wrapper
-
-
-warn = color_text(91, file=sys.stderr)
-info = color_text(92, file=sys.stderr)

pkgs/clan-cli/clan_cli/webui/api_inputs.py

@@ -3,11 +3,13 @@ from pathlib import Path
 from typing import Any
 
 from pydantic import AnyUrl, BaseModel, validator
+from pydantic.tools import parse_obj_as
 
 from ..dirs import clan_data_dir, clan_flakes_dir
-from ..flakes.create import DEFAULT_URL
 from ..types import validate_path
 
+DEFAULT_URL = parse_obj_as(AnyUrl, "http://localhost:8000")
+
 log = logging.getLogger(__name__)
 
 

pkgs/clan-cli/clan_cli/webui/api_outputs.py

@@ -1,11 +1,6 @@
 from enum import Enum
-from typing import Dict, List
 
-from pydantic import BaseModel, Field
-
-from ..async_cmd import CmdOut
-from ..task_manager import TaskStatus
-from ..vms.inspect import VmConfig
+from pydantic import BaseModel
 
 
 class Status(Enum):
@@ -17,54 +12,3 @@ class Status(Enum):
 class Machine(BaseModel):
     name: str
     status: Status
-
-
-class MachineCreate(BaseModel):
-    name: str
-
-
-class MachinesResponse(BaseModel):
-    machines: list[Machine]
-
-
-class MachineResponse(BaseModel):
-    machine: Machine
-
-
-class ConfigResponse(BaseModel):
-    config: dict
-
-
-class SchemaResponse(BaseModel):
-    schema_: dict = Field(alias="schema")
-
-
-class VmStatusResponse(BaseModel):
-    error: str | None
-    status: TaskStatus
-
-
-class VmCreateResponse(BaseModel):
-    uuid: str
-
-
-class FlakeAttrResponse(BaseModel):
-    flake_attrs: list[str]
-
-
-class VmInspectResponse(BaseModel):
-    config: VmConfig
-
-
-class FlakeAction(BaseModel):
-    id: str
-    uri: str
-
-
-class FlakeCreateResponse(BaseModel):
-    cmd_out: Dict[str, CmdOut]
-
-
-class FlakeResponse(BaseModel):
-    content: str
-    actions: List[FlakeAction]

pkgs/clan-cli/clan_cli/webui/app.py

@@ -29,7 +29,6 @@ def setup_app() -> FastAPI:
 
     app.include_router(health.router)
 
-
     # Needs to be last in register. Because of wildcard route
     app.include_router(root.router)
     app.add_exception_handler(ClanError, clan_error_handler)

pkgs/clan-cli/clan_cli/webui/server.py

@@ -13,6 +13,7 @@ from typing import Iterator
 import uvicorn
 from pydantic import AnyUrl, IPvAnyAddress
 from pydantic.tools import parse_obj_as
+
 from clan_cli.errors import ClanError
 
 log = logging.getLogger(__name__)
@@ -25,9 +26,7 @@ def open_browser(base_url: AnyUrl, sub_url: str) -> None:
             break
         except OSError:
             time.sleep(i)
-    url = parse_obj_as(
-    AnyUrl, f"{base_url}/{sub_url.removeprefix('/')}"
-    )
+    url = parse_obj_as(AnyUrl, f"{base_url}/{sub_url.removeprefix('/')}")
     _open_browser(url)
 
 

pkgs/clan-cli/pyproject.toml

@@ -37,6 +37,10 @@ exclude = "clan_cli.nixpkgs"
 module = "argcomplete.*"
 ignore_missing_imports = true
 
+[[tool.mypy.overrides]]
+module = "ipdb.*"
+ignore_missing_imports = true
+
 [[tool.mypy.overrides]]
 module = "jsonschema.*"
 ignore_missing_imports = true
@@ -52,7 +56,7 @@ ignore_missing_imports = true
 [tool.ruff]
 line-length = 88
 
-select = [ "E", "F", "I", "U", "N"]
+select = [ "E", "F", "I", "N"]
 ignore = [ "E501" ]
 
 [tool.black]

pkgs/clan-cli/tests/test_webui.py

@@ -9,6 +9,11 @@ import pytest
 from ports import PortFunction
 
 
+@pytest.mark.impure
+def test_nothing_much() -> None:
+    pass
+
+
 @pytest.mark.timeout(10)
 def test_start_server(unused_tcp_port: PortFunction, temporary_home: Path) -> None:
     port = unused_tcp_port()

pkgs/flake-module.nix

@@ -10,6 +10,8 @@
     packages = {
       tea-create-pr = pkgs.callPackage ./tea-create-pr { };
 
+      #theme = pkgs.callPackage ./theme { inherit (self.inputs) floco; clanPkgs = self'.packages; };
+
       merge-after-ci = pkgs.callPackage ./merge-after-ci {
         inherit (config.packages) tea-create-pr;
       };

pkgs/merge-after-ci/default.nix

@@ -21,6 +21,6 @@ writeShellApplication {
     remoteName="''${1:-origin}"
     targetBranch="''${2:-main}"
     shift && shift
-    tea-create-pr "$remoteName" "$targetBranch" --assignees clan-bot "$@"
+    tea-create-pr "$remoteName" "$targetBranch" --assignees merge-bot "$@"
   '';
 }

pkgs/tea-create-pr/script.sh

@@ -6,7 +6,7 @@ targetBranch="${2:-main}"
 shift && shift
 TMPDIR="$(mktemp -d)"
 currentBranch="$(git rev-parse --abbrev-ref HEAD)"
-user="$(tea login list -o simple | cut -d" " -f4)"
+user="$(git config --get user.name)"
 tempRemoteBranch="$user-$currentBranch"
 
 nix fmt -- --fail-on-change

pkgs/ui/.vscode/settings.json

@@ -0,0 +1,5 @@
+{
+    "search.exclude": {
+        "**/.direnv": true
+    }
+}

pkgs/ui/flake-module.nix

@@ -8,7 +8,7 @@
     {
       packages = {
         ui = base.pkg.global;
-        theme = base.pkg.theme;
+
         ui-assets = pkgs.callPackage ./nix/ui-assets.nix { };
         # EXAMPLE: GITEA_TOKEN=$(rbw get -f GITEA_TOKEN git.clan.lol) nix run .#update-ui-assets
         update-ui-assets = pkgs.callPackage ./nix/update-ui-assets.nix { };

pkgs/ui/nix/ui-assets.nix

@@ -1,5 +1,5 @@
 { fetchzip }:
 fetchzip {
-  url = "https://git.clan.lol/api/packages/clan/generic/ui/1xk9if1sykv2kcv3zn0dxn7gd7hlqjbhzz6hrsw0yiksf03skg9r/assets.tar.gz";
-  sha256 = "1xk9if1sykv2kcv3zn0dxn7gd7hlqjbhzz6hrsw0yiksf03skg9r";
+  url = "https://gitea.gchq.icu/api/packages/ui-asset-bot/generic/Luis-nextjs-python-web-template/0wq3lxsnsr9jcjqfhmxvjzxr4zz46aimwj1m23n7zzc835b47d70/assets.tar.gz";
+  sha256 = "0wq3lxsnsr9jcjqfhmxvjzxr4zz46aimwj1m23n7zzc835b47d70";
 }

pkgs/ui/nix/update-ui-assets.sh

@@ -3,12 +3,21 @@ set -xeuo pipefail
 
 # GITEA_TOKEN
 if [[ -z "${GITEA_TOKEN:-}" ]]; then
-  echo "GITEA_TOKEN is not set"
-  echo "Go to https://gitea.gchq.icu/user/settings/applications and generate a token"
+  echo "GITEA_TOKEN is not set. Check if the secret BOT_ACCESS_TOKEN is set in the repository settings."
   exit 1
 fi
 
-DEPS=$(nix shell --inputs-from '.#' "nixpkgs#gnutar" "nixpkgs#curl" "nixpkgs#gzip" -c bash -c "echo \$PATH")
+if [[ -z "${BOT_NAME:-}" ]]; then
+  echo "Env var BOT_NAME is not set. Use the name of the bot user here."
+  exit 1
+fi
+
+if [[ -z "${GITHUB_SERVER_URL:-}" ]]; then
+  echo "Env var GITHUB_SERVER_URL is not set. Please use the Gitea base URL here."
+  exit 1
+fi
+
+DEPS=$(nix shell --inputs-from '.#' "nixpkgs#gnutar" "nixpkgs#gnused" "nixpkgs#curl" "nixpkgs#gzip" -c bash -c "echo \$PATH")
 export PATH=$PATH:$DEPS
 
 
@@ -22,10 +31,12 @@ nix build '.#ui' --out-link "$tmpdir/result"
 tar --transform 's,^\.,assets,' -czvf "$tmpdir/assets.tar.gz" -C "$tmpdir"/result/lib/node_modules/*/out .
 NAR_HASH=$(nix-prefetch-url --unpack file://<(cat "$tmpdir/assets.tar.gz"))
 
-owner=Luis
-package_name=consulting-website
+owner=$BOT_NAME
+package_name=$(echo -n "$GITHUB_REPOSITORY" | sed 's/\//-/g')
 package_version=$NAR_HASH
-url="https://gitea.gchq.icu/api/packages/$owner/generic/$package_name/$package_version/assets.tar.gz"
+baseurl=$GITHUB_SERVER_URL
+
+url="$baseurl/api/packages/$owner/generic/$package_name/$package_version/assets.tar.gz"
 set +x
 curl --upload-file "$tmpdir/assets.tar.gz" -X PUT "$url?token=$GITEA_TOKEN"
 set -x

pkgs/ui/shell.nix

@@ -25,7 +25,7 @@ pkgs.mkShell {
 
 
     # re-generate the api code 
-    rm -rf api openapi.json
+    rm -rf src/api openapi.json
     cp ${clanPkgs.clan-openapi}/openapi.json . 
     orval
   '';

pkgs/ui/src/app/layout.tsx

@@ -6,7 +6,7 @@ import {
   CssBaseline,
   IconButton,
   ThemeProvider,
-  useMediaQuery
+  useMediaQuery,
 } from "@mui/material";
 import { StyledEngineProvider } from "@mui/material/styles";
 import axios from "axios";

pkgs/ui/src/components/join/vmBuildLogs.tsx

@@ -1,30 +0,0 @@
-"use client";
-import { useGetVmLogs } from "@/api/default/default";
-import { Log } from "./log";
-import { LoadingOverlay } from "./loadingOverlay";
-
-interface VmBuildLogsProps {
-  vmUuid: string;
-}
-export const VmBuildLogs = (props: VmBuildLogsProps) => {
-  const { vmUuid } = props;
-
-  const { data: logs, isLoading } = useGetVmLogs(vmUuid as string, {
-    swr: {
-      enabled: vmUuid !== null,
-    },
-    axios: {
-      responseType: "stream",
-    },
-  });
-
-  return (
-    <div className="w-full">
-      {isLoading && <LoadingOverlay title="Initializing" subtitle="" />}
-      <Log
-        lines={(logs?.data as string)?.split("\n") || ["..."]}
-        title="Building..."
-      />
-    </div>
-  );
-};