@deepsql/mcp 0.5.0 → 0.6.0

package/src/commands/setup.js

@@ -0,0 +1,220 @@
+"use strict";
+
+/**
+ * `deepsql setup` — post-install admin config wizard.
+ *
+ * Org name and LLM config are set at install time (env vars / install script /
+ * bootstrap link), so the CLI wizard only covers what's left after that:
+ *
+ *   1. Optionally configure SMTP / email (PUT /admin/settings/email +
+ *      POST /admin/settings/email/test).
+ *   2. Optionally configure Slack — bot token, signing secret, optional app
+ *      token for Socket Mode (PUT /admin/settings/slack). The backend masks
+ *      existing tokens (GET only returns *Configured booleans), so leaving a
+ *      token field blank means "keep current value."
+ *   3. Mark setup complete (POST /setup/complete) so the web-UI first-run
+ *      banner clears. Skipped if already complete or with --skip-complete.
+ *
+ * The wizard is idempotent — re-running picks up current values where the
+ * backend exposes them and prefills the prompts.
+ */
+
+const { ApiError, request } = require("../api/client");
+const { resolveSession } = require("./_session");
+const ui = require("../ui/prompts");
+
+async function run(opts, { stdout = process.stdout, stderr = process.stderr } = {}) {
+  const session = resolveSession(opts);
+  const log = (msg) => stderr.write(`[deepsql] ${msg}\n`);
+
+  log("Checking setup status…");
+  const status = await request(session.baseUrl, "/setup/status", { token: session.token });
+  if (!status?.hasOrganizationInfo || !status?.hasLlmConfig) {
+    stderr.write(
+      "[deepsql] Note: organization or LLM config is not set. Those are configured at install time " +
+        "(env vars, install script, or bootstrap link), not by this wizard.\n",
+    );
+  }
+
+  await stepEmail(session, opts, log);
+  await stepSlack(session, opts, log);
+
+  if (!opts.skipComplete && !status?.setupComplete) {
+    await request(session.baseUrl, "/setup/complete", {
+      method: "POST",
+      token: session.token,
+      json: {},
+    });
+    log("Setup marked complete.");
+  } else if (status?.setupComplete) {
+    log("Setup was already complete.");
+  }
+  stdout.write("Done.\n");
+}
+
+// ─── email ─────────────────────────────────────────────────────────────────
+
+async function stepEmail(session, opts, log) {
+  if (opts.skipEmail) {
+    log("Skipping SMTP setup (--skip-email).");
+    return;
+  }
+  const want = await ui.confirm({
+    message: "Configure SMTP / email now?",
+    default: true,
+  });
+  if (!want) {
+    log("Skipped SMTP.");
+    return;
+  }
+
+  let current = {};
+  try {
+    current = await request(session.baseUrl, "/admin/settings/email", { token: session.token });
+  } catch (err) {
+    if (err instanceof ApiError && err.status === 403) {
+      log("Cannot configure SMTP: requires ADMIN role on the calling token.");
+      return;
+    }
+    throw err;
+  }
+
+  const host = await ui.input({ message: "SMTP host:", default: current?.host || "smtp.gmail.com" });
+  const port = Number(
+    await ui.input({ message: "SMTP port:", default: String(current?.port || 587), required: true }),
+  );
+  const username = await ui.input({ message: "SMTP username:", default: current?.username || "" });
+  const password = await ui.password({ message: "SMTP password / app password:" });
+  const fromAddress = await ui.input({
+    message: "From address:",
+    default: current?.fromAddress || username,
+  });
+  const fromName = await ui.input({
+    message: "From name:",
+    default: current?.fromName || "DeepSQL",
+    required: false,
+  });
+  const startTls = await ui.confirm({ message: "Use STARTTLS?", default: current?.startTls ?? true });
+
+  const body = { host, port, username, password, fromAddress, fromName, startTls };
+  await request(session.baseUrl, "/admin/settings/email", {
+    method: "PUT",
+    token: session.token,
+    json: body,
+  });
+  log("SMTP saved.");
+
+  const sendTest = await ui.confirm({ message: "Send a test email now?", default: true });
+  if (sendTest) {
+    const recipient = await ui.input({
+      message: "Test recipient (your email):",
+      default: fromAddress,
+      required: true,
+    });
+    try {
+      await request(session.baseUrl, "/admin/settings/email/test", {
+        method: "POST",
+        token: session.token,
+        json: { recipient },
+      });
+      log(`Test email sent to ${recipient}.`);
+    } catch (err) {
+      log(`Test send failed: ${err.message}. Settings saved anyway.`);
+    }
+  }
+}
+
+// ─── slack ─────────────────────────────────────────────────────────────────
+
+async function stepSlack(session, opts, log) {
+  if (opts.skipSlack) {
+    log("Skipping Slack setup (--skip-slack).");
+    return;
+  }
+  const want = await ui.confirm({
+    message: "Configure Slack (digests + bot replies) now?",
+    default: false,
+  });
+  if (!want) {
+    log("Skipped Slack.");
+    return;
+  }
+
+  let current = {};
+  try {
+    current = await request(session.baseUrl, "/admin/settings/slack", { token: session.token });
+  } catch (err) {
+    if (err instanceof ApiError && err.status === 403) {
+      log("Cannot configure Slack: requires ADMIN role on the calling token.");
+      return;
+    }
+    throw err;
+  }
+
+  const enabled = await ui.confirm({
+    message: "Enable Slack integration?",
+    default: current?.enabled ?? true,
+  });
+  const socketModeEnabled = await ui.confirm({
+    message:
+      "Use Socket Mode? (Easier for self-hosted — no public webhook needed; requires an App-level token.)",
+    default: current?.socketModeEnabled ?? true,
+  });
+  const deepsqlBotUsername = await ui.input({
+    message: "Bot display name in Slack:",
+    default: current?.deepsqlBotUsername || "DeepSQL",
+  });
+
+  // The backend only echoes *Configured booleans for tokens, so we never have
+  // the existing values to pre-fill. A blank entry means "keep current."
+  const tokenHint = (label, configuredFlag) =>
+    configuredFlag ? `${label} (leave blank to keep current):` : `${label}:`;
+
+  const botToken = await ui.password({
+    message: tokenHint("Bot token (xoxb-…)", current?.botTokenConfigured),
+  });
+  const signingSecret = await ui.password({
+    message: tokenHint("Signing secret", current?.signingSecretConfigured),
+  });
+  const appToken = socketModeEnabled
+    ? await ui.password({
+        message: tokenHint("App-level token (xapp-…)", current?.appTokenConfigured),
+      })
+    : "";
+
+  // Build the PUT body. Empty token strings are intentionally omitted so the
+  // service treats them as "keep current"; non-blank values overwrite.
+  const body = {
+    enabled,
+    socketModeEnabled,
+    deepsqlBotUsername,
+  };
+  if (botToken && botToken.trim()) body.botToken = botToken.trim();
+  if (signingSecret && signingSecret.trim()) body.signingSecret = signingSecret.trim();
+  if (appToken && appToken.trim()) body.appToken = appToken.trim();
+
+  // Reject the case where the user is enabling Slack for the first time but
+  // gave us no tokens — saving would leave the integration broken.
+  const noBot = !current?.botTokenConfigured && !body.botToken;
+  const noSecret = !current?.signingSecretConfigured && !body.signingSecret;
+  const noAppToken = socketModeEnabled && !current?.appTokenConfigured && !body.appToken;
+  if (enabled && (noBot || noSecret || noAppToken)) {
+    const missing = [
+      noBot && "bot token",
+      noSecret && "signing secret",
+      noAppToken && "app-level token",
+    ]
+      .filter(Boolean)
+      .join(", ");
+    throw new Error(`Slack is enabled but missing: ${missing}. Aborting before save.`);
+  }
+
+  await request(session.baseUrl, "/admin/settings/slack", {
+    method: "PUT",
+    token: session.token,
+    json: body,
+  });
+  log("Slack saved.");
+}
+
+module.exports = { run };

package/src/commands/slow-queries.js

@@ -0,0 +1,340 @@
+"use strict";
+
+/**
+ * `deepsql slow-queries` — read slow-query analyses, trigger new ones, stream
+ * AI optimization steps live, and clean up history.
+ *
+ *   deepsql slow-queries latest --connection <name> [--json]
+ *   deepsql slow-queries history --connection <name> [N] [--json]
+ *   deepsql slow-queries analyze --connection <name>
+ *       [--time-range LAST_24_HOURS|LAST_HOUR] [--threshold-ms <ms>] [--limit <n>]
+ *   deepsql slow-queries optimize --connection <name> --query-id <id>
+ *       (streams SSE; use --query-text to skip history lookup)
+ *   deepsql slow-queries delete --history-id <id> [--yes]
+ *
+ * The optimize subcommand follows the SSE protocol from
+ * /slow-queries/optimize/stream — `step` events go to stderr, the final
+ * `result` event prints to stdout. Honours SIGINT.
+ */
+
+const { ApiError, request } = require("../api/client");
+const { streamSse } = require("../ui/sse");
+const { resolveSession } = require("./_session");
+const { resolveConnectionId } = require("./_connections");
+const ui = require("../ui/prompts");
+
+const SUBCOMMANDS = {
+  latest: cmdLatest,
+  history: cmdHistory,
+  analyze: cmdAnalyze,
+  optimize: cmdOptimize,
+  delete: cmdDelete,
+};
+
+async function run(opts, io = {}) {
+  const sub = opts.positional[0];
+  if (!sub) {
+    throw new Error("Usage: deepsql slow-queries <latest|history|analyze|optimize|delete> ...");
+  }
+  const handler = SUBCOMMANDS[sub];
+  if (!handler) throw new Error(`Unknown slow-queries subcommand: ${sub}.`);
+  if (!opts.connection && sub !== "delete") {
+    throw new Error("--connection <name> is required.");
+  }
+  return wrap(handler)({ ...opts, positional: opts.positional.slice(1) }, io);
+}
+
+function wrap(handler) {
+  return async (opts, io) => {
+    try {
+      return await handler(opts, io);
+    } catch (err) {
+      if (err instanceof ApiError && err.status === 403) {
+        throw new Error("Access denied — slow-query operations require permissions on this connection.");
+      }
+      throw err;
+    }
+  };
+}
+
+// ─── latest ────────────────────────────────────────────────────────────────
+
+async function cmdLatest(opts, { stdout = process.stdout } = {}) {
+  const session = resolveSession(opts);
+  const connectionId = await resolveConnectionId(session, opts.connection);
+  const result = await request(
+    session.baseUrl,
+    `/slow-queries/latest/${encodeURIComponent(connectionId)}`,
+    { token: session.token },
+  );
+  stdout.write(`${JSON.stringify(result, null, 2)}\n`);
+}
+
+// ─── history ───────────────────────────────────────────────────────────────
+
+async function cmdHistory(opts, { stdout = process.stdout } = {}) {
+  const session = resolveSession(opts);
+  const connectionId = await resolveConnectionId(session, opts.connection);
+  const summaries = await request(
+    session.baseUrl,
+    `/slow-queries/history/${encodeURIComponent(connectionId)}`,
+    { token: session.token },
+  );
+  const items = Array.isArray(summaries) ? summaries : [];
+  const limitArg = parseCount(opts.positional[0]) || parseCount(opts.count);
+  const trimmed = limitArg ? items.slice(0, limitArg) : items;
+
+  if (opts.json) {
+    stdout.write(`${JSON.stringify(trimmed, null, 2)}\n`);
+    return;
+  }
+  if (trimmed.length === 0) {
+    stdout.write("No history.\n");
+    return;
+  }
+  printHistory(stdout, trimmed);
+}
+
+// ─── analyze ───────────────────────────────────────────────────────────────
+
+async function cmdAnalyze(opts, { stdout = process.stdout, stderr = process.stderr } = {}) {
+  const session = resolveSession(opts);
+  const connectionId = await resolveConnectionId(session, opts.connection);
+  const timeRange = (opts.timeRange || "LAST_24_HOURS").toUpperCase();
+  const thresholdMs = parseNum(opts.thresholdMs) || 100;
+  const limit = parseNum(opts.limit) || 10;
+
+  stderr.write(`Analyzing slow queries on ${opts.connection} (range=${timeRange}, threshold=${thresholdMs}ms)…\n`);
+  const result = await request(session.baseUrl, "/slow-queries/analyze", {
+    method: "POST",
+    token: session.token,
+    timeoutMs: 240000,
+    json: { connectionId, timeRange, thresholdMs, limit },
+  });
+  if (opts.json) {
+    stdout.write(`${JSON.stringify(result, null, 2)}\n`);
+    return;
+  }
+  const queries = (result && (result.queries || result.slowQueries)) || [];
+  if (queries.length === 0) {
+    stdout.write("No slow queries detected in the selected window.\n");
+    return;
+  }
+  printQueries(stdout, queries);
+}
+
+// ─── optimize (SSE) ────────────────────────────────────────────────────────
+
+async function cmdOptimize(opts, { stdout = process.stdout, stderr = process.stderr } = {}) {
+  const session = resolveSession(opts);
+  const connectionId = await resolveConnectionId(session, opts.connection);
+
+  let queryText = opts.queryText;
+  let queryId = opts.queryId;
+
+  // If --query-id is given, look up the queryText from the latest analysis so
+  // the user doesn't have to paste raw SQL into the terminal.
+  if (!queryText) {
+    if (!queryId) throw new Error("Pass --query-id <id> or --query-text \"<sql>\".");
+    queryText = await lookupQueryText(session, connectionId, queryId);
+    if (!queryText) {
+      throw new Error(`Could not find query ${queryId} in the latest analysis. Pass --query-text "<sql>" instead.`);
+    }
+  }
+
+  const controller = new AbortController();
+  const onSigint = () => {
+    stderr.write("\n[deepsql] cancelling optimization…\n");
+    controller.abort();
+  };
+  process.once("SIGINT", onSigint);
+
+  try {
+    const stream = streamSse(session.baseUrl, "/slow-queries/optimize/stream", {
+      token: session.token,
+      query: { connectionId, queryText, queryId, sampleQuery: opts.sampleQuery },
+      signal: controller.signal,
+    });
+    for await (const message of stream) {
+      if (message.event === "step") {
+        const parsed = safeParse(message.data);
+        const status = parsed?.status || "step";
+        const text = parsed?.message || message.data;
+        stderr.write(`[${status}] ${text}\n`);
+      } else if (message.event === "result") {
+        if (opts.json) {
+          stdout.write(`${message.data}\n`);
+        } else {
+          const parsed = safeParse(message.data);
+          if (parsed && parsed.optimizedQuery) {
+            stdout.write(`\n--- Optimized query ---\n${parsed.optimizedQuery}\n`);
+          }
+          if (parsed && parsed.recommendations && parsed.recommendations.length) {
+            stdout.write("\n--- Recommendations ---\n");
+            for (const r of parsed.recommendations) {
+              stdout.write(`• ${r.title || r.summary || JSON.stringify(r)}\n`);
+            }
+          }
+          if (!parsed || (!parsed.optimizedQuery && !(parsed.recommendations || []).length)) {
+            stdout.write(`${message.data}\n`);
+          }
+        }
+      } else if (message.event === "error") {
+        const parsed = safeParse(message.data);
+        throw new Error(`Optimization failed: ${parsed?.message || message.data}`);
+      }
+    }
+  } catch (err) {
+    if (controller.signal.aborted) {
+      process.exitCode = 130; // 128 + SIGINT
+      return;
+    }
+    throw err;
+  } finally {
+    process.removeListener("SIGINT", onSigint);
+  }
+}
+
+async function lookupQueryText(session, connectionId, queryId) {
+  const latest = await request(
+    session.baseUrl,
+    `/slow-queries/latest/${encodeURIComponent(connectionId)}`,
+    { token: session.token },
+  );
+  const data = latest?.analysisData || latest?.analysis || latest || {};
+  const queries = data.queries || data.slowQueries || [];
+  const hit = queries.find((q) => String(q.queryId || q.id) === String(queryId));
+  return hit ? (hit.queryText || hit.normalizedQuery || hit.query) : null;
+}
+
+// ─── delete ────────────────────────────────────────────────────────────────
+
+async function cmdDelete(opts, { stdout = process.stdout, stderr = process.stderr } = {}) {
+  const session = resolveSession(opts);
+
+  if (opts.historyId) {
+    if (!opts.yes) {
+      const ok = await ui.confirm({
+        message: `Delete history entry ${opts.historyId}?`,
+        default: false,
+      });
+      if (!ok) {
+        stderr.write("Aborted.\n");
+        return;
+      }
+    }
+    await request(session.baseUrl, `/slow-queries/history/${encodeURIComponent(opts.historyId)}`, {
+      method: "DELETE",
+      token: session.token,
+    });
+    stdout.write(`Deleted history entry ${opts.historyId}.\n`);
+    return;
+  }
+  if (opts.connection) {
+    if (!opts.yes) {
+      const ok = await ui.confirm({
+        message: `Delete ALL slow-query history for ${opts.connection}? This is destructive.`,
+        default: false,
+      });
+      if (!ok) {
+        stderr.write("Aborted.\n");
+        return;
+      }
+    }
+    const connectionId = await resolveConnectionId(session, opts.connection);
+    await request(
+      session.baseUrl,
+      `/slow-queries/history/connection/${encodeURIComponent(connectionId)}`,
+      { method: "DELETE", token: session.token },
+    );
+    stdout.write(`Deleted all history for ${opts.connection}.\n`);
+    return;
+  }
+  throw new Error("Pass --history-id <id> or --connection <name>.");
+}
+
+// ─── helpers ───────────────────────────────────────────────────────────────
+
+function parseCount(v) {
+  if (v == null) return null;
+  const n = Number.parseInt(v, 10);
+  return Number.isFinite(n) && n > 0 ? n : null;
+}
+
+function parseNum(v) {
+  if (v == null) return null;
+  const n = Number(v);
+  return Number.isFinite(n) ? n : null;
+}
+
+function safeParse(text) {
+  if (!text) return null;
+  try {
+    return JSON.parse(text);
+  } catch {
+    return null;
+  }
+}
+
+function printHistory(stdout, items) {
+  const rows = items.map((h) => ({
+    id: String(h.id ?? h.historyId ?? ""),
+    createdAt: formatTime(h.createdAt || h.timestamp || h.analysisTime),
+    queries: String(h.queryCount ?? h.totalQueries ?? "?"),
+    summary: trim(h.summary || h.headline || "", 70),
+  }));
+  const cols = [
+    { key: "id", label: "ID" },
+    { key: "createdAt", label: "WHEN" },
+    { key: "queries", label: "#" },
+    { key: "summary", label: "SUMMARY" },
+  ];
+  printTable(stdout, cols, rows);
+}
+
+function printQueries(stdout, queries) {
+  const rows = queries.map((q) => ({
+    id: String(q.queryId || q.id || ""),
+    severity: q.severity || "?",
+    avgMs: q.avgExecutionTimeMs != null ? Math.round(q.avgExecutionTimeMs).toString() : "?",
+    calls: String(q.callCount ?? q.executionCount ?? "?"),
+    sample: trim(q.queryText || q.normalizedQuery || q.query || "", 60),
+  }));
+  const cols = [
+    { key: "id", label: "QUERY ID" },
+    { key: "severity", label: "SEVERITY" },
+    { key: "avgMs", label: "AVG MS" },
+    { key: "calls", label: "CALLS" },
+    { key: "sample", label: "QUERY" },
+  ];
+  printTable(stdout, cols, rows);
+}
+
+function printTable(stdout, cols, rows) {
+  const widths = cols.map((c) => Math.max(c.label.length, ...rows.map((r) => r[c.key].length)));
+  const header = cols.map((c, i) => c.label.padEnd(widths[i])).join("  ");
+  const sep = widths.map((w) => "-".repeat(w)).join("  ");
+  stdout.write(`${header}\n${sep}\n`);
+  for (const row of rows) {
+    stdout.write(`${cols.map((c, i) => row[c.key].padEnd(widths[i])).join("  ")}\n`);
+  }
+}
+
+function formatTime(value) {
+  if (!value) return "—";
+  try {
+    const d = new Date(value);
+    if (Number.isNaN(d.getTime())) return String(value);
+    return d.toISOString().replace("T", " ").slice(0, 16) + "Z";
+  } catch {
+    return String(value);
+  }
+}
+
+function trim(text, max) {
+  if (!text) return "";
+  const s = String(text).replace(/\s+/g, " ").trim();
+  return s.length > max ? s.slice(0, max - 1) + "…" : s;
+}
+
+module.exports = { run };