copier scripts

Author: ejfine

.copier-answers.yml

@@ -1,5 +1,5 @@
 # Changes here will be overwritten by Copier
-_commit: v0.0.7-22-gf36c22e
+_commit: v0.0.7-23-g1d1a72e
 _src_path: gh:LabAutomationAndScreening/copier-base-template.git
 description: Copier template for creating Python libraries and executables
 python_ci_versions:

.devcontainer/manual-setup-deps.sh

@@ -1,27 +1,48 @@
 #!/usr/bin/env sh
 # can pass in the full major.minor.patch version of python as an optional argument
 # can set `--skip-lock` as optional argument to just install dependencies without verifying lock file
+# can set `--optionally-lock` to check for a uv.lock file in the project directory and only respect the lock if it already exists (useful for initially instantiating the repository) (mutually exclusive with --skip-lock)
+
 set -ex
 
 # Ensure that uv won't use the default system Python
 python_version="3.12.7"
 
 # Parse arguments
 skip_lock=false
+optionally_lock=false
 while [ "$#" -gt 0 ]; do
     case $1 in
         --skip-lock) skip_lock=true ;;
+        --optionally-lock) optionally_lock=true ;;
         *) python_version="${1:-$python_version}" ;; # Take the first non-flag argument as the input
     esac
     shift
 done
 
+# Ensure that --skip-lock and --optionally-lock are mutually exclusive
+if [ "$skip_lock" = "true" ] && [ "$optionally_lock" = "true" ]; then
+    echo "Error: --skip-lock and --optionally-lock cannot be used together." >&2
+    exit 1
+fi
+
 export UV_PYTHON="$python_version"
 export UV_PYTHON_PREFERENCE=only-system
 
 SCRIPT_DIR="$(dirname "$0")"
 PROJECT_ROOT_DIR="$(realpath "$SCRIPT_DIR/..")"
 
+# If optionally_lock is set, decide whether to skip locking based on the presence of uv.lock
+if [ "$optionally_lock" = "true" ]; then
+    if [ ! -f "$PROJECT_ROOT_DIR/uv.lock" ]; then
+        skip_lock=true
+    else
+        skip_lock=false
+    fi
+fi
+
+
+
 # Ensure that the lock file is in a good state
 if [ "$skip_lock" = "false" ]; then
     uv lock --check --directory "$PROJECT_ROOT_DIR"

template/.devcontainer/code-artifact-auth.sh.jinja

@@ -0,0 +1,20 @@
+{% if python_package_registry is defined and python_package_registry == "AWS CodeArtifact" %}{% raw %}#!/usr/bin/env bash
+set -e
+
+# If none of these are set we can't possibly continue and should fail so you can fix it
+if [ -z "$AWS_PROFILE" ] && [ -z "$AWS_ACCESS_KEY_ID" ] && [ -z "$CODEARTIFACT_AUTH_TOKEN" ]; then
+    echo "No AWS profile, access key, or auth token found, cannot proceed."
+    exit 1
+else
+    # Only regenerate the token if it doesn't exist or wasn't already set as an environmental variable (e.g. during CI or passed into a docker image build)
+    if [ -z "$CODEARTIFACT_AUTH_TOKEN" ]; then
+        echo "Fetching CodeArtifact token"
+        export CODEARTIFACT_AUTH_TOKEN=$(aws codeartifact get-authorization-token --domain {% endraw %}{{ repo_org_name }}{% raw %} --domain-owner {% endraw %}{{ aws_central_infrastructure_account_id }}{% raw %} --region {% endraw %}{{ aws_org_home_region }}{% raw %} --query authorizationToken --output text --profile {% endraw %}{{ core_infra_base_access_profile_name }}{% raw %})
+    fi
+
+    export UV_INDEX_CODE_ARTIFACT_PRIMARY_USERNAME=aws
+    export UV_INDEX_CODE_ARTIFACT_PRIMARY_PASSWORD="$CODEARTIFACT_AUTH_TOKEN"
+    export UV_INDEX_CODE_ARTIFACT_STAGING_USERNAME=aws
+    export UV_INDEX_CODE_ARTIFACT_STAGING_PASSWORD="$CODEARTIFACT_AUTH_TOKEN"
+
+fi{% endraw %}{% endif %}

template/.devcontainer/manual-setup-deps.sh.jinja

@@ -1,27 +1,50 @@
 {% raw %}#!/usr/bin/env sh
 # can pass in the full major.minor.patch version of python as an optional argument
 # can set `--skip-lock` as optional argument to just install dependencies without verifying lock file
+# can set `--optionally-lock` to check for a uv.lock file in the project directory and only respect the lock if it already exists (useful for initially instantiating the repository) (mutually exclusive with --skip-lock)
+
 set -ex
 
 # Ensure that uv won't use the default system Python
 python_version="{% endraw %}{{ python_version }}{% raw %}"
 
 # Parse arguments
 skip_lock=false
+optionally_lock=false
 while [ "$#" -gt 0 ]; do
     case $1 in
         --skip-lock) skip_lock=true ;;
+        --optionally-lock) optionally_lock=true ;;
         *) python_version="${1:-$python_version}" ;; # Take the first non-flag argument as the input
     esac
     shift
 done
 
+# Ensure that --skip-lock and --optionally-lock are mutually exclusive
+if [ "$skip_lock" = "true" ] && [ "$optionally_lock" = "true" ]; then
+    echo "Error: --skip-lock and --optionally-lock cannot be used together." >&2
+    exit 1
+fi
+
 export UV_PYTHON="$python_version"
 export UV_PYTHON_PREFERENCE=only-system
 
 SCRIPT_DIR="$(dirname "$0")"
 PROJECT_ROOT_DIR="$(realpath "$SCRIPT_DIR/..")"
 
+# If optionally_lock is set, decide whether to skip locking based on the presence of uv.lock
+if [ "$optionally_lock" = "true" ]; then
+    if [ ! -f "$PROJECT_ROOT_DIR/uv.lock" ]; then
+        skip_lock=true
+    else
+        skip_lock=false
+    fi
+fi
+
+{% endraw %}{% if python_package_registry is defined and python_package_registry == "AWS CodeArtifact" %}{% raw %}
+aws sso login --profile={% endraw %}{{ core_infra_base_access_profile_name }}{% raw %}
+. "$SCRIPT_DIR/code-artifact-auth.sh"{% endraw %}{% endif %}{% raw %}
+
 # Ensure that the lock file is in a good state
 if [ "$skip_lock" = "false" ]; then
     uv lock --check --directory "$PROJECT_ROOT_DIR"

template/.devcontainer/post-start-command.sh.jinja

@@ -4,4 +4,4 @@ set -ex
 # For some reason the directory is not setup correctly and causes build of devcontainer to fail since
 # it doesn't have access to the workspace directory. This can normally be done in post-start-command
 git config --global --add safe.directory /workspaces/{% endraw %}{{ repo_name }}{% if python_package_registry is defined and python_package_registry != "PyPI" %}{% raw %}
-echo "!!! In order to install dependencies, you must authenticate into the private registry, so run this script to complete the process: sh .devcontainer/manual-setup-deps.sh"{% endraw %}{% endif %}
+echo "!!! In order to install dependencies, you must authenticate into the private registry, so run this script to complete the process: source .devcontainer/manual-setup-deps.sh"{% endraw %}{% endif %}