feat(workspaces): implement secure GitHub PAT injection via memory-only mounts

This commit is contained in:
mkorwel
2026-03-19 09:20:52 -07:00
parent a7dd0ac571
commit 1ccd86cfd7
4 changed files with 103 additions and 4 deletions
@@ -8,6 +8,11 @@ set -e
if [ -f /dev/shm/.gh_token ]; then
export GH_TOKEN=$(cat /dev/shm/.gh_token)
echo "GitHub token injected from memory."
# Authenticate gh CLI if possible
if command -v gh >/dev/null 2>&1; then
echo "$GH_TOKEN" | gh auth login --with-token
echo "GitHub CLI authenticated."
fi
fi
# Start shpool daemon in the background and verify it stays up