Conversation
Co-authored-by: tg123 <170430+tg123@users.noreply.github.com>
Co-authored-by: tg123 <170430+tg123@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
This PR adds a new examples/ directory containing two Docker Compose demonstrations to help new users get started with sshpiper. The examples showcase different routing approaches: a simple username-based routing pattern and a more complex Lua-scripted publickey routing for Git operations.
Changes:
- Added examples directory structure with README index
- Created username-routing demo showing target+username syntax
- Created lua-publickey-git-routing demo with two isolated Git repositories demonstrating deterministic routing
Reviewed changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| examples/README.md | Index page linking to the two demo examples |
| examples/username-routing/docker-compose.yml | Defines sshd and sshpiper services for username routing demo |
| examples/username-routing/README.md | Instructions for running the username routing demo |
| examples/lua-publickey-git-routing/docker-compose.yml | Defines two Git servers, init containers, and sshpiper with Lua plugin |
| examples/lua-publickey-git-routing/lua/routing.lua | Lua script routing repo-a and repo-b users to different Git servers with embedded demo keys |
| examples/lua-publickey-git-routing/README.md | Instructions for running the Lua Git routing demo |
| examples/lua-publickey-git-routing/git-a/authorized_keys | Public key for git-a upstream authentication |
| examples/lua-publickey-git-routing/git-b/authorized_keys | Public key for git-b upstream authentication |
| examples/lua-publickey-git-routing/keys/.gitkeep | Placeholder to track keys directory in git |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| @@ -0,0 +1,86 @@ | |||
| services: | |||
| repo-a-init: | |||
| image: rockstorm/git-server:latest | |||
There was a problem hiding this comment.
The Docker image tag latest can cause reproducibility issues. Consider pinning to a specific version tag (e.g., rockstorm/git-server:2.0 or similar) to ensure the example works consistently over time. The latest tag can change unexpectedly and break the example.
| - repo_a_data:/repo | ||
|
|
||
| repo-b-init: | ||
| image: rockstorm/git-server:latest |
There was a problem hiding this comment.
The Docker image tag latest can cause reproducibility issues. Consider pinning to a specific version tag to ensure the example works consistently over time.
| - repo_b_data:/repo | ||
|
|
||
| git-a: | ||
| image: rockstorm/git-server:latest |
There was a problem hiding this comment.
The Docker image tag latest can cause reproducibility issues. Consider pinning to a specific version tag to ensure the example works consistently over time.
| condition: service_completed_successfully | ||
|
|
||
| git-b: | ||
| image: rockstorm/git-server:latest |
There was a problem hiding this comment.
The Docker image tag latest can cause reproducibility issues. Consider pinning to a specific version tag to ensure the example works consistently over time.
| GIT_SSH_COMMAND='ssh -i ./keys/client_key -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -p 2222' \ | ||
| git clone ssh://repo-b@127.0.0.1:2222/srv/git/repo.git ./clone-repo-b | ||
| ``` | ||
|
|
There was a problem hiding this comment.
The instructions tell users to generate a client key, but the Lua script doesn't actually validate or check the client's public key - it only routes based on username. Any public key will be accepted. Consider clarifying in the README that this example demonstrates username-based routing during publickey authentication, not key-based authorization. For example, add a note: "Note: This example accepts any public key and routes based solely on the SSH username. The client key content is not validated."
| Note: This example accepts any public key during publickey authentication and routes based solely on the SSH username. The client key content is not validated. |
|
@copilot apply changes based on the comments in this thread |
Agent-Logs-Url: https://github.com/tg123/sshpiper/sessions/746123ee-16e2-4b9f-aee5-940fcb1bd7ae Co-authored-by: tg123 <170430+tg123@users.noreply.github.com>
Applied the requested review-thread updates in |
|
@copilot add example link to root readme |
Agent-Logs-Url: https://github.com/tg123/sshpiper/sessions/6c289f5b-bfdc-428e-8d5d-06f58313fbef Co-authored-by: tg123 <170430+tg123@users.noreply.github.com>
Added the root README link to the examples folder in |
This PR adds Docker Compose-based onboarding examples under
examples/and incorporates follow-up fixes from review feedback.What’s included
examples/username-routingexamples/lua-publickey-git-routingrockstorm/git-serverimage references in the Lua Git routing compose file for reproducibility.README.mdto theexamples/folder for discoverability.Validation
docker compose config.✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.