@aiassesstech/fleet-bus 0.1.5 → 0.1.6

package/package.json

@@ -1,12 +1,13 @@
 {
   "name": "@aiassesstech/fleet-bus",
-  "version": "0.1.5",
+  "version": "0.1.6",
   "description": "Fleet communication infrastructure for AI Assess Tech governance agents — typed messaging, routing rules, audit trail, Agent Cards.",
   "type": "module",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "files": [
     "dist",
+    "scripts",
     "README.md",
     "LICENSE"
   ],

package/scripts/vps-smoke-test.mjs

@@ -0,0 +1,335 @@
+#!/usr/bin/env node
+/**
+ * Fleet-Bus VPS Smoke Test (v2 — fixed for current API)
+ *
+ * Run from any extension directory on the VPS:
+ *   cd /root/.openclaw/extensions/grillo
+ *   node node_modules/@aiassesstech/fleet-bus/scripts/vps-smoke-test.mjs
+ *
+ * Or copy to /tmp and run:
+ *   cd /root/.openclaw/extensions/grillo && node /tmp/vps-smoke-test.mjs
+ */
+
+import {
+  enforceRouting,
+  createFleetMessage,
+  serializeForTransport,
+  deserializeFromTransport,
+  extractFleetMessage,
+  isFleetMessage,
+  AgentCardRegistry,
+  AuditTrailWriter,
+  verifyChain,
+  ROUTING_RULES,
+  GRILLO_CARD,
+  JESSIE_CARD,
+  NOLE_CARD,
+  NOAH_CARD,
+  MIGHTY_MARK_CARD,
+  SAM_CARD,
+} from '@aiassesstech/fleet-bus';
+
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import * as os from 'node:os';
+
+let passed = 0;
+let failed = 0;
+
+function test(name, fn) {
+  try {
+    fn();
+    passed++;
+    console.log(`  ✓ ${name}`);
+  } catch (err) {
+    failed++;
+    console.log(`  ✗ ${name}`);
+    console.log(`    ${err.message}`);
+  }
+}
+
+function assert(condition, msg) {
+  if (!condition) throw new Error(msg || 'Assertion failed');
+}
+
+function routingAllowed(from, to, method) {
+  const msg = createFleetMessage(from, to, method, {});
+  return enforceRouting(msg);
+}
+
+// ── Test Suite 1: Routing Rules ──────────────────────────────────
+console.log('\n╔══════════════════════════════════════════════╗');
+console.log('║  Fleet-Bus VPS Smoke Tests (v2)              ║');
+console.log('╚══════════════════════════════════════════════╝\n');
+
+console.log('1. Routing Rules');
+
+test('Grillo → Jessie (assessment/result) — allowed', () => {
+  const result = routingAllowed('grillo', 'jessie', 'assessment/result');
+  assert(result.allowed === true, `Expected allowed, got: ${JSON.stringify(result)}`);
+});
+
+test('Grillo → Nole (assessment/result) — blocked (unidirectional to Commander only)', () => {
+  const result = routingAllowed('grillo', 'nole', 'assessment/result');
+  assert(result.allowed === false, 'Should be blocked');
+});
+
+test('Jessie → Grillo (fleet/ping) — allowed (Commander unrestricted + Grillo accepts pings)', () => {
+  const result = routingAllowed('jessie', 'grillo', 'fleet/ping');
+  assert(result.allowed === true, `Expected allowed, got: ${JSON.stringify(result)}`);
+});
+
+test('Jessie → Sam (task/assign) — allowed', () => {
+  const result = routingAllowed('jessie', 'sam', 'task/assign');
+  assert(result.allowed === true, `Expected allowed, got: ${JSON.stringify(result)}`);
+});
+
+test('Nole → Jessie (proposal/submit) — allowed', () => {
+  const result = routingAllowed('nole', 'jessie', 'proposal/submit');
+  assert(result.allowed === true, `Expected allowed, got: ${JSON.stringify(result)}`);
+});
+
+test('Nole → Noah (proposal/submit) — blocked (governed, Commander only)', () => {
+  const result = routingAllowed('nole', 'noah', 'proposal/submit');
+  assert(result.allowed === false, 'Should be blocked');
+});
+
+test('Sam → Jessie (task/status) — allowed', () => {
+  const result = routingAllowed('sam', 'jessie', 'task/status');
+  assert(result.allowed === true, `Expected allowed, got: ${JSON.stringify(result)}`);
+});
+
+test('Sam → Grillo (task/status) — blocked (Grillo only accepts fleet/*)', () => {
+  const result = routingAllowed('sam', 'grillo', 'task/status');
+  assert(result.allowed === false, 'Should be blocked');
+});
+
+test('Noah → Jessie (drift/alert) — allowed', () => {
+  const result = routingAllowed('noah', 'jessie', 'drift/alert');
+  assert(result.allowed === true, `Expected allowed, got: ${JSON.stringify(result)}`);
+});
+
+test('Mark → Jessie (health/alert) — allowed', () => {
+  const result = routingAllowed('mighty-mark', 'jessie', 'health/alert');
+  assert(result.allowed === true, `Expected allowed, got: ${JSON.stringify(result)}`);
+});
+
+test('Grillo → Sam (assessment/result) — blocked', () => {
+  const result = routingAllowed('grillo', 'sam', 'assessment/result');
+  assert(result.allowed === false, 'Should be blocked');
+});
+
+// ── Test Suite 2: Message Creation & Serialization ────────────────
+console.log('\n2. Message Creation & Serialization');
+
+test('Create a FleetMessage with all required fields', () => {
+  const msg = createFleetMessage('grillo', 'jessie', 'assessment/result', { score: 85 });
+  assert(msg.from === 'grillo', 'from should be grillo');
+  assert(msg.to === 'jessie', 'to should be jessie');
+  assert(msg.method === 'assessment/result', 'method should be assessment/result');
+  assert(msg.params.score === 85, 'params should include score');
+  assert(typeof msg.id === 'string' && msg.id.length > 0, 'should have an id');
+  assert(typeof msg.timestamp === 'string', 'should have timestamp');
+  assert(typeof msg.nonce === 'string', 'should have nonce');
+  assert(msg.version === '1.0', 'version should be 1.0');
+});
+
+test('Serialize and deserialize preserves message integrity', () => {
+  const original = createFleetMessage('noah', 'jessie', 'drift/alert', { tdi: 0.73, trend: 'rising' });
+  const serialized = serializeForTransport(original);
+  assert(serialized.startsWith('%%FLEET%%'), 'Should have %%FLEET%% prefix');
+  const deserialized = deserializeFromTransport(serialized);
+  assert(deserialized.from === 'noah', 'from preserved');
+  assert(deserialized.to === 'jessie', 'to preserved');
+  assert(deserialized.method === 'drift/alert', 'method preserved');
+  assert(deserialized.params.tdi === 0.73, 'params preserved');
+  assert(deserialized.id === original.id, 'id preserved');
+});
+
+test('isFleetMessage detects %%FLEET%% prefix', () => {
+  assert(isFleetMessage('%%FLEET%%{"id":"x"}') === true, 'Should detect fleet message');
+  assert(isFleetMessage('Hello world') === false, 'Should not detect normal message');
+  assert(isFleetMessage('') === false, 'Should not detect empty string');
+});
+
+test('extractFleetMessage parses embedded fleet messages', () => {
+  const msg = createFleetMessage('grillo', 'jessie', 'fleet/ping', {});
+  const serialized = serializeForTransport(msg);
+  const extracted = extractFleetMessage({ content: serialized });
+  assert(extracted !== null, 'Should extract message');
+  assert(extracted.from === 'grillo', 'from should be grillo');
+});
+
+test('Deserialize rejects malformed messages', () => {
+  assert(deserializeFromTransport('%%FLEET%%{invalid json') === null, 'Should reject bad JSON');
+  assert(deserializeFromTransport('%%FLEET%%{"id":"x"}') === null, 'Should reject missing fields');
+  assert(deserializeFromTransport('not a fleet message') === null, 'Should reject non-fleet');
+});
+
+// ── Test Suite 3: Agent Cards (Live Data) ────────────────────────
+console.log('\n3. Agent Cards (Live from disk)');
+
+const cardsDir = path.join(os.homedir(), '.openclaw', 'workspace', 'fleet-bus', 'cards');
+
+test('Cards directory exists', () => {
+  assert(fs.existsSync(cardsDir), `Cards dir not found at ${cardsDir}`);
+});
+
+const expectedCards = ['grillo', 'noah', 'nole', 'mighty-mark', 'jessie', 'sam'];
+
+test(`All ${expectedCards.length} agent cards exist on disk`, () => {
+  for (const agent of expectedCards) {
+    assert(fs.existsSync(path.join(cardsDir, `${agent}.json`)), `Missing: ${agent}.json`);
+  }
+});
+
+for (const agent of expectedCards) {
+  const cardPath = path.join(cardsDir, `${agent}.json`);
+  if (!fs.existsSync(cardPath)) continue;
+
+  test(`Card ${agent} has valid structure`, () => {
+    const card = JSON.parse(fs.readFileSync(cardPath, 'utf-8'));
+    assert(card.agentId === agent, `agentId should be ${agent}`);
+    assert(typeof card.role === 'string', 'role should be string');
+    assert(typeof card.status === 'string', 'status should be string');
+    assert(typeof card.authLevel === 'string', 'authLevel should be string');
+    assert(typeof card.communicationMode === 'string', 'communicationMode should be string');
+    assert(Array.isArray(card.supportedMethods), 'supportedMethods should be array');
+  });
+}
+
+// ── Test Suite 4: Audit Trail ────────────────────────────────────
+console.log('\n4. Audit Trail (Hash Chain)');
+
+const testAuditDir = path.join(os.tmpdir(), `fleet-bus-smoke-${Date.now()}`);
+
+test('Write audit events and verify hash chain', () => {
+  const writer = new AuditTrailWriter({ agentId: 'grillo', auditDir: testAuditDir });
+
+  writer.record({
+    eventId: 'test-1',
+    eventType: 'message_sent',
+    outcome: 'delivered',
+    message: createFleetMessage('grillo', 'jessie', 'assessment/result', { score: 85 }),
+  });
+
+  writer.record({
+    eventId: 'test-2',
+    eventType: 'message_sent',
+    outcome: 'delivered',
+    message: createFleetMessage('grillo', 'jessie', 'fleet/ping', {}),
+  });
+
+  writer.record({
+    eventId: 'test-3',
+    eventType: 'routing_violation',
+    outcome: 'rejected',
+    details: 'unidirectional constraint',
+  });
+
+  const auditFile = path.join(testAuditDir, 'grillo.audit.jsonl');
+  assert(fs.existsSync(auditFile), 'Audit JSONL file should exist');
+
+  const lines = fs.readFileSync(auditFile, 'utf-8').trim().split('\n');
+  assert(lines.length === 3, `Expected 3 audit events, got ${lines.length}`);
+});
+
+test('Verify hash chain integrity', () => {
+  const writer = new AuditTrailWriter({ agentId: 'grillo', auditDir: testAuditDir });
+  const { verification } = writer.readAndVerify();
+  assert(verification.valid === true, `Chain should be valid, got: ${JSON.stringify(verification)}`);
+});
+
+test('Tampered audit is detected', () => {
+  const auditFile = path.join(testAuditDir, 'grillo.audit.jsonl');
+  const lines = fs.readFileSync(auditFile, 'utf-8').trim().split('\n');
+  const event = JSON.parse(lines[1]);
+  event.outcome = 'TAMPERED';
+  lines[1] = JSON.stringify(event);
+  fs.writeFileSync(auditFile, lines.join('\n') + '\n');
+
+  const allEvents = lines.map(l => JSON.parse(l));
+  const result = verifyChain(allEvents);
+  assert(result.valid === false, 'Tampered chain should fail verification');
+});
+
+// ── Test Suite 5: Pre-defined Cards ──────────────────────────────
+console.log('\n5. Pre-defined Agent Cards');
+
+test('GRILLO_CARD has correct identity', () => {
+  assert(GRILLO_CARD.agentId === 'grillo');
+  assert(GRILLO_CARD.role === 'conscience');
+  assert(GRILLO_CARD.communicationMode === 'unidirectional');
+});
+
+test('JESSIE_CARD has commander role', () => {
+  assert(JESSIE_CARD.agentId === 'jessie');
+  assert(JESSIE_CARD.role === 'commander');
+});
+
+test('NOLE_CARD has governed auth', () => {
+  assert(NOLE_CARD.agentId === 'nole');
+  assert(NOLE_CARD.authLevel === 'governed');
+});
+
+test('NOAH_CARD has read-only auth', () => {
+  assert(NOAH_CARD.agentId === 'noah');
+  assert(NOAH_CARD.authLevel === 'read-only');
+});
+
+test('SAM_CARD has sandboxed auth', () => {
+  assert(SAM_CARD.agentId === 'sam');
+  assert(SAM_CARD.authLevel === 'sandboxed');
+});
+
+test('MIGHTY_MARK_CARD has security-elevated auth', () => {
+  assert(MIGHTY_MARK_CARD.agentId === 'mighty-mark');
+  assert(MIGHTY_MARK_CARD.authLevel === 'security-elevated');
+});
+
+test('ROUTING_RULES covers all 6 agents', () => {
+  const agents = ['jessie', 'grillo', 'noah', 'nole', 'sam', 'mighty-mark'];
+  for (const a of agents) {
+    const rule = ROUTING_RULES.find(r => r.agent === a);
+    assert(rule, `Missing routing rule for ${a}`);
+  }
+});
+
+// ── Test Suite 6: Live Audit Trail Verification ──────────────────
+console.log('\n6. Live Audit Trail (from disk)');
+
+const liveAuditDir = path.join(os.homedir(), '.openclaw', 'workspace', 'fleet-bus', 'audit');
+
+if (fs.existsSync(liveAuditDir)) {
+  const auditFiles = fs.readdirSync(liveAuditDir).filter(f => f.endsWith('.audit.jsonl'));
+
+  test(`Found ${auditFiles.length} audit trail file(s)`, () => {
+    assert(auditFiles.length > 0, 'Should have at least one audit file');
+  });
+
+  for (const file of auditFiles) {
+    const agentId = file.replace('.audit.jsonl', '');
+    const filePath = path.join(liveAuditDir, file);
+    const content = fs.readFileSync(filePath, 'utf-8').trim();
+    if (!content) continue;
+
+    const events = content.split('\n').filter(l => l.trim()).map(l => JSON.parse(l));
+
+    test(`Audit chain: ${agentId} (${events.length} events)`, () => {
+      const result = verifyChain(events);
+      assert(result.valid === true, `Chain broken: ${JSON.stringify(result)}`);
+    });
+  }
+} else {
+  console.log('  (No live audit directory found — skipping)');
+}
+
+// ── Cleanup ──────────────────────────────────────────────────────
+fs.rmSync(testAuditDir, { recursive: true, force: true });
+
+// ── Results ──────────────────────────────────────────────────────
+console.log('\n══════════════════════════════════════════════');
+console.log(`  Results: ${passed} passed, ${failed} failed`);
+console.log('══════════════════════════════════════════════\n');
+
+process.exit(failed > 0 ? 1 : 0);