#!/usr/bin/env bash # Phase 3 preview: Proxmox mutations only with production guard + explicit --apply + optional VMID allowlist. # This script NEVER passes apply by default — it prints the SSH command you would run. # # Usage: # ./scripts/it-ops/proxmox-guarded-write-adapter.sh --vmid 6205 --action start [--apply] # Env: # PROXMOX_HOST, PROXMOX_OPS_ALLOWED_VMIDS, PROXMOX_SAFE_DEFAULTS, PROXMOX_OPS_APPLY set -euo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" # shellcheck source=/dev/null source "${PROJECT_ROOT}/scripts/lib/load-project-env.sh" 2>/dev/null || true # shellcheck source=/dev/null source "${PROJECT_ROOT}/scripts/lib/proxmox-production-guard.sh" VMID="" ACTION="" APPLY_CLI=false while [[ $# -gt 0 ]]; do case "$1" in --vmid) VMID="${2:-}"; shift 2 ;; --action) ACTION="${2:-}"; shift 2 ;; --apply) APPLY_CLI=true; shift ;; *) echo "Unknown arg: $1" >&2; exit 2 ;; esac done [[ -n "$VMID" && -n "$ACTION" ]] || { echo "usage: $0 --vmid --action start|stop|reboot [--apply]" >&2 exit 2 } case "$ACTION" in start|stop|reboot) ;; *) echo "action must be start|stop|reboot" >&2; exit 2 ;; esac HOST="${PROXMOX_HOST:-$(get_host_for_vmid "$VMID" 2>/dev/null || true)}" [[ -n "$HOST" ]] || HOST="${PROXMOX_HOST_R630_01:-192.168.11.11}" if ! pguard_vmid_allowed "$VMID"; then exit 1 fi if ! pguard_require_apply_flag "$APPLY_CLI"; then echo "[dry-run] Would run on host $HOST:" echo " ssh root@$HOST -- pct $ACTION $VMID" echo "Opt-in: pass --apply or set PROXMOX_OPS_APPLY=1 (and keep PROXMOX_OPS_ALLOWED_VMIDS scoped)." exit 0 fi echo "[apply] ssh root@$HOST -- pct $ACTION $VMID" exec ssh -o BatchMode=yes -o ConnectTimeout=20 "root@${HOST}" "pct $ACTION $VMID"