samantha/article_feed
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Read Ghost API key from .env instead of pass

Browse source 
Cron jobs can't reach the desktop gpg-agent, so pass-based key
lookup failed unattended. The .env file in the skill directory
works for both cron and interactive runs.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Samantha Atkins 2026-05-13 01:56:04 -04:00
parent 0ce67392a4
commit 497890d157
2 changed files with 21 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
.claude/skills/weekly-review/publish_to_ghost.py
View file

@ -23,13 +23,14 @@ import sys
import time import time
import urllib.request import urllib.request
from pathlib import Path from pathlib import Path
from typing import NoReturn
ADMIN_BASE = "https://blog.the-fulfillment.org/ghost/api/admin" ADMIN_BASE = "https://blog.the-fulfillment.org/ghost/api/admin"
API_VERSION = "v5.0" API_VERSION = "v5.0"
NEWSLETTER_SLUG = "default-newsletter" NEWSLETTER_SLUG = "default-newsletter"
def die(msg: str, code: int = 1) -> None: def die(msg: str, code: int = 1) -> NoReturn:
print(f"error: {msg}", file=sys.stderr) print(f"error: {msg}", file=sys.stderr)
sys.exit(code) sys.exit(code)
@ -59,18 +60,23 @@ def mint_jwt(key_id: str, secret_hex: str) -> str:
def get_api_key() -> tuple[str, str]: def get_api_key() -> tuple[str, str]:
"""Read `pass show fulfillment/api-key`, split on colon.""" """Read GHOST_ADMIN_API_KEY=id:secret from .env in the skill directory."""
try: env_path = Path(__file__).parent / ".env"
out = subprocess.check_output( if not env_path.is_file():
["pass", "show", "fulfillment/api-key"], text=True die(f"missing {env_path}")
).strip() value = None
except FileNotFoundError: for line in env_path.read_text().splitlines():
die("`pass` not found on PATH") line = line.strip()
except subprocess.CalledProcessError as e: if not line or line.startswith("#"):
die(f"`pass show fulfillment/api-key` failed: {e}") continue
if ":" not in out: if line.startswith("GHOST_ADMIN_API_KEY="):
die("API key from pass is not in the expected id:secret form") value = line.split("=", 1)[1].strip().strip('"').strip("'")
key_id, secret_hex = out.split(":", 1) break
if value is None:
die(f"GHOST_ADMIN_API_KEY not found in {env_path}")
if ":" not in value:
die("GHOST_ADMIN_API_KEY is not in the expected id:secret form")
key_id, secret_hex = value.split(":", 1)
return key_id, secret_hex return key_id, secret_hex

2
.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
.env
.cron.log