@desplega.ai/agent-swarm 1.80.0 → 1.80.2

package/src/workflows/executors/swarm-script.ts

@@ -0,0 +1,170 @@
+import { z } from "zod";
+import { getScript, getScriptVersion } from "../../be/scripts/db";
+import { runScript } from "../../scripts-runtime/loader";
+import type { ExecutorMeta } from "../../types";
+import { BaseExecutor, type ExecutorResult } from "./base";
+
+export const SwarmScriptConfigSchema = z.object({
+  scriptName: z.string().min(1),
+  scope: z.enum(["global", "agent"]).optional(),
+  pinHash: z.string().min(1).optional(),
+  args: z.record(z.string(), z.unknown()).default({}),
+  fsMode: z.enum(["none", "workspace-rw"]).default("none"),
+});
+
+export const SwarmScriptOutputSchema = z.object({
+  result: z.unknown().optional(),
+  stdout: z.string(),
+  stderr: z.string(),
+  truncated: z.object({ stdout: z.boolean(), stderr: z.boolean() }),
+  durationMs: z.number(),
+  exitCode: z.number(),
+  scriptName: z.string(),
+  contentHash: z.string(),
+  version: z.number(),
+});
+
+type SwarmScriptConfig = z.infer<typeof SwarmScriptConfigSchema>;
+type SwarmScriptOutput = z.infer<typeof SwarmScriptOutputSchema>;
+
+export class SwarmScriptExecutor extends BaseExecutor<
+  typeof SwarmScriptConfigSchema,
+  typeof SwarmScriptOutputSchema
+> {
+  readonly type = "swarm-script";
+  readonly mode = "instant" as const;
+  readonly configSchema = SwarmScriptConfigSchema;
+  readonly outputSchema = SwarmScriptOutputSchema;
+
+  protected async execute(
+    config: SwarmScriptConfig,
+    context: Readonly<Record<string, unknown>>,
+    meta: ExecutorMeta,
+  ): Promise<ExecutorResult<SwarmScriptOutput>> {
+    if (config.fsMode === "workspace-rw") {
+      return {
+        status: "failed",
+        error: "swarm-script: fsMode 'workspace-rw' is v2 only; use 'none' or omit",
+      };
+    }
+
+    const workflow = this.deps.db.getWorkflow(meta.workflowId);
+    const agentId = workflow?.createdByAgentId ?? agentIdFromContext(context);
+    const resolved = resolveScriptSource(config, agentId);
+
+    if (!resolved.ok) {
+      return { status: "failed", error: resolved.error };
+    }
+
+    const output = await runScript({
+      source: resolved.source,
+      args: config.args,
+      fsMode: "none",
+      agentId: agentId ?? "workflow",
+    });
+
+    const workflowOutput = {
+      result: output.result,
+      stdout: output.stdout,
+      stderr: output.stderr,
+      truncated: output.truncated,
+      durationMs: output.durationMs,
+      exitCode: output.exitCode,
+      scriptName: resolved.script.name,
+      contentHash: resolved.contentHash,
+      version: resolved.version,
+    };
+
+    if (output.exitCode !== 0 || output.error) {
+      return {
+        status: "failed",
+        error:
+          output.stderr ||
+          `swarm-script: script exited with code ${output.exitCode}${
+            output.error ? ` (${output.error})` : ""
+          }`,
+        output: workflowOutput,
+      };
+    }
+
+    return {
+      status: "success",
+      output: workflowOutput,
+      nextPort: "success",
+    };
+  }
+}
+
+function agentIdFromContext(context: Readonly<Record<string, unknown>>): string | undefined {
+  const trigger = context.trigger;
+  if (trigger && typeof trigger === "object") {
+    const value = (trigger as Record<string, unknown>).agentId;
+    if (typeof value === "string" && value.length > 0) return value;
+  }
+  return undefined;
+}
+
+function resolveScriptSource(
+  config: SwarmScriptConfig,
+  agentId: string | undefined,
+):
+  | {
+      ok: true;
+      script: NonNullable<ReturnType<typeof getScript>>;
+      source: string;
+      contentHash: string;
+      version: number;
+    }
+  | { ok: false; error: string } {
+  if (config.scope === "agent" && !agentId) {
+    return {
+      ok: false,
+      error:
+        "swarm-script: agent-scoped scripts require the workflow to have createdByAgentId or trigger.agentId",
+    };
+  }
+
+  const script =
+    config.scope === "global"
+      ? getScript({ name: config.scriptName, scope: "global" })
+      : config.scope === "agent"
+        ? getScript({ name: config.scriptName, scope: "agent", scopeId: agentId })
+        : agentId
+          ? (getScript({ name: config.scriptName, scope: "agent", scopeId: agentId }) ??
+            getScript({ name: config.scriptName, scope: "global" }))
+          : getScript({ name: config.scriptName, scope: "global" });
+
+  if (!script) {
+    const scopeHint = config.scope ? ` in ${config.scope} scope` : "";
+    return {
+      ok: false,
+      error: `swarm-script: script '${config.scriptName}' not found${scopeHint}`,
+    };
+  }
+
+  if (!config.pinHash) {
+    return {
+      ok: true,
+      script,
+      source: script.source,
+      contentHash: script.contentHash,
+      version: script.version,
+    };
+  }
+
+  const version = getScriptVersion({ scriptId: script.id, contentHash: config.pinHash });
+  if (!version) {
+    return {
+      ok: false,
+      error: `swarm-script: pinHash '${config.pinHash}' not found for script '${config.scriptName}'`,
+    };
+  }
+
+  return {
+    ok: true,
+    script,
+    source: version.source,
+    contentHash: version.contentHash,
+    version: version.version,
+  };
+}

package/src/workflows/input.ts

@@ -1,4 +1,5 @@
 import { getSwarmConfigs } from "../be/db";
+import { isSensitiveKey } from "../utils/secret-scrubber";
 
 /**
  * Resolve workflow input values.
@@ -44,3 +45,67 @@ function resolveValue(value: string): string {
   // Literal
   return value;
 }
+
+/**
+ * Marker placed in persisted step inputs in place of a secret value.
+ * Kept short and stable so future readers (logs, debug tools) can grep for it.
+ */
+export const REDACTED_SECRET_VALUE = "***REDACTED***";
+
+/**
+ * Determine which keys of a workflow's `input` map carry a secret value once
+ * resolved. A key is treated as a secret iff it references either:
+ *   - `secret.NAME` — always sensitive (DB-stored swarm secrets).
+ *   - `${ENV_VAR}` where ENV_VAR's name matches the secret-scrubber sensitive
+ *     heuristic (`*_TOKEN`, `*_KEY`, `*_SECRET`, etc., or an explicit
+ *     `SENSITIVE_KEY_EXACT` entry).
+ *
+ * Pure function — does NOT resolve values. Safe to call during recovery
+ * without DB lookups.
+ */
+export function getSecretInputKeys(input: Record<string, string> | undefined): Set<string> {
+  const keys = new Set<string>();
+  if (!input) return keys;
+  for (const [key, value] of Object.entries(input)) {
+    if (typeof value !== "string") continue;
+    if (value.startsWith("secret.")) {
+      keys.add(key);
+      continue;
+    }
+    const envMatch = /^\$\{(.+)\}$/.exec(value);
+    if (envMatch?.[1] && isSensitiveKey(envMatch[1])) {
+      keys.add(key);
+    }
+  }
+  return keys;
+}
+
+/**
+ * Return a shallow clone of `ctx` suitable for persistence to
+ * `workflow_run_steps.input`, with `ctx.input[k]` replaced by
+ * `REDACTED_SECRET_VALUE` for every k in `secretKeys`.
+ *
+ * The live `ctx` is not mutated — executors continue to see real values.
+ * Only the persisted record is redacted, eliminating the leak surface that
+ * `get-workflow-run` and any other reader of `workflow_run_steps` exposes.
+ *
+ * Empty secretKeys → returns `ctx` unchanged (no allocation).
+ */
+export function redactSecretsForStorage(
+  ctx: Record<string, unknown>,
+  secretKeys: Set<string>,
+): Record<string, unknown> {
+  if (secretKeys.size === 0) return ctx;
+  const inputBlock = ctx.input;
+  if (!inputBlock || typeof inputBlock !== "object") return ctx;
+  const redactedInput: Record<string, unknown> = { ...(inputBlock as Record<string, unknown>) };
+  let touched = false;
+  for (const key of secretKeys) {
+    if (key in redactedInput) {
+      redactedInput[key] = REDACTED_SECRET_VALUE;
+      touched = true;
+    }
+  }
+  if (!touched) return ctx;
+  return { ...ctx, input: redactedInput };
+}

package/src/workflows/recovery.ts

@@ -14,6 +14,7 @@ import { checkpointStep } from "./checkpoint";
 import { getSuccessors } from "./definition";
 import { findReadyNodes, walkGraph } from "./engine";
 import type { ExecutorRegistry } from "./executors/registry";
+import { getSecretInputKeys } from "./input";
 import { finalizeOrWait, resumeWaitState } from "./resume";
 
 /**
@@ -78,7 +79,16 @@ async function recoverRunningRuns(registry: ExecutorRegistry): Promise<number> {
           finishedAt: new Date().toISOString(),
         });
       } else {
-        await walkGraph(workflow.definition, runId, ctx, readyNodes, registry, workflow.id);
+        const secretKeys = getSecretInputKeys(workflow.input);
+        await walkGraph(
+          workflow.definition,
+          runId,
+          ctx,
+          readyNodes,
+          registry,
+          workflow.id,
+          secretKeys,
+        );
       }
       recovered++;
     } catch (err) {
@@ -112,7 +122,16 @@ async function recoverWaitingRuns(registry: ExecutorRegistry): Promise<number> {
         updateWorkflowRun(stuck.runId, { status: "running" });
 
         const successors = getSuccessors(workflow.definition, stuck.nodeId, "default");
-        await walkGraph(workflow.definition, stuck.runId, ctx, successors, registry, workflow.id);
+        const secretKeys = getSecretInputKeys(workflow.input);
+        await walkGraph(
+          workflow.definition,
+          stuck.runId,
+          ctx,
+          successors,
+          registry,
+          workflow.id,
+          secretKeys,
+        );
       } else {
         // Task failed or cancelled — mark run failed
         const reason =
@@ -191,7 +210,16 @@ async function recoverApprovalWaitingRuns(registry: ExecutorRegistry): Promise<n
       const successors = getSuccessors(workflow.definition, stuck.nodeId, nextPort);
 
       if (successors.length > 0) {
-        await walkGraph(workflow.definition, stuck.runId, ctx, successors, registry, workflow.id);
+        const secretKeys = getSecretInputKeys(workflow.input);
+        await walkGraph(
+          workflow.definition,
+          stuck.runId,
+          ctx,
+          successors,
+          registry,
+          workflow.id,
+          secretKeys,
+        );
       } else {
         finalizeOrWait(stuck.runId);
       }

package/src/workflows/resume.ts

@@ -20,6 +20,7 @@ import type { WorkflowEventBus } from "./event-bus";
 import { workflowEventBus } from "./event-bus";
 import type { ExecutorRegistry } from "./executors/registry";
 import { computeNextPort } from "./executors/wait";
+import { getSecretInputKeys } from "./input";
 import { matchesFilter } from "./wait-filter";
 
 interface TaskEvent {
@@ -137,7 +138,16 @@ async function resumeFromTaskCompletion(
   const successors = getSuccessors(workflow.definition, step.nodeId);
 
   if (successors.length > 0) {
-    await walkGraph(workflow.definition, run.id, ctx, successors, registry, workflow.id);
+    const secretKeys = getSecretInputKeys(workflow.input);
+    await walkGraph(
+      workflow.definition,
+      run.id,
+      ctx,
+      successors,
+      registry,
+      workflow.id,
+      secretKeys,
+    );
   } else {
     finalizeOrWait(run.id);
   }
@@ -201,7 +211,16 @@ async function handleTaskFailure(
   const successors = getSuccessors(workflow.definition, step.nodeId);
 
   if (successors.length > 0) {
-    await walkGraph(workflow.definition, run.id, ctx, successors, registry, workflow.id);
+    const secretKeys = getSecretInputKeys(workflow.input);
+    await walkGraph(
+      workflow.definition,
+      run.id,
+      ctx,
+      successors,
+      registry,
+      workflow.id,
+      secretKeys,
+    );
   } else {
     finalizeOrWait(run.id);
   }
@@ -254,7 +273,8 @@ export async function retryFailedRun(runId: string, registry: ExecutorRegistry):
   const nodesToRun = readyNodes.some((n) => n.id === failedNode.id)
     ? readyNodes
     : [failedNode, ...readyNodes];
-  await walkGraph(workflow.definition, runId, ctx, nodesToRun, registry, workflow.id);
+  const secretKeys = getSecretInputKeys(workflow.input);
+  await walkGraph(workflow.definition, runId, ctx, nodesToRun, registry, workflow.id, secretKeys);
 }
 
 /**
@@ -343,7 +363,16 @@ async function resumeFromApprovalResolution(
   const successors = getSuccessors(workflow.definition, step.nodeId, nextPort);
 
   if (successors.length > 0) {
-    await walkGraph(workflow.definition, run.id, ctx, successors, registry, workflow.id);
+    const secretKeys = getSecretInputKeys(workflow.input);
+    await walkGraph(
+      workflow.definition,
+      run.id,
+      ctx,
+      successors,
+      registry,
+      workflow.id,
+      secretKeys,
+    );
   } else {
     finalizeOrWait(run.id);
   }
@@ -423,7 +452,16 @@ export async function resumeWaitState(
 
   const successors = getSuccessors(workflow.definition, step.nodeId, nextPort);
   if (successors.length > 0) {
-    await walkGraph(workflow.definition, run.id, ctx, successors, registry, workflow.id);
+    const secretKeys = getSecretInputKeys(workflow.input);
+    await walkGraph(
+      workflow.definition,
+      run.id,
+      ctx,
+      successors,
+      registry,
+      workflow.id,
+      secretKeys,
+    );
   } else {
     finalizeOrWait(run.id);
   }