@geminixiang/mama 0.1.10 → 0.2.0-beta.1

package/dist/main.js

@@ -1,17 +1,31 @@
 #!/usr/bin/env node
+import "./instrument.js";
 import { join, resolve } from "path";
-import { readFileSync } from "fs";
+import { homedir } from "os";
+import { mkdirSync, readFileSync, statSync } from "fs";
 import { fileURLToPath } from "url";
 import { dirname, join as pathJoin } from "path";
 import { DiscordBot } from "./adapters/discord/index.js";
 import { TelegramBot } from "./adapters/telegram/index.js";
 import { SlackBot as SlackBotClass } from "./adapters/slack/index.js";
 import { createRunner } from "./agent.js";
+import { createManagedSessionFile, createManagedSessionFileAtPath, getChannelSessionDir, getThreadSessionFile, } from "./session-store.js";
 import { downloadChannel } from "./download.js";
 import { createEventsWatcher } from "./events.js";
 import * as log from "./log.js";
-import { parseSandboxArg, validateSandbox } from "./sandbox.js";
+import { FileUserBindingStore } from "./bindings.js";
+import { startLinkServer } from "./link-server.js";
+import { parseLoginCommand } from "./login.js";
+import { InMemoryLinkTokenStore } from "./link-token.js";
+import { DockerContainerManager } from "./provisioner.js";
+import { SandboxError, parseSandboxArg, validateSandbox } from "./sandbox.js";
+import { formatNothingRunning, formatStopping } from "./ui-copy.js";
+import { FileVaultManager } from "./vault.js";
+import { ensureSettingsFile } from "./config.js";
+import { createManagedVaultEntry, ensureSandboxVaultEntry, resolveActorVaultKey, } from "./vault-routing.js";
+import { addLifecycleBreadcrumb, applyRunScope } from "./sentry.js";
 import { ChannelStore } from "./store.js";
+import * as Sentry from "@sentry/node";
 // ============================================================================
 // Config
 // ============================================================================
@@ -39,10 +53,23 @@ const MOM_SLACK_APP_TOKEN = process.env.MOM_SLACK_APP_TOKEN;
 const MOM_SLACK_BOT_TOKEN = process.env.MOM_SLACK_BOT_TOKEN;
 const MOM_TELEGRAM_BOT_TOKEN = process.env.MOM_TELEGRAM_BOT_TOKEN;
 const MOM_DISCORD_BOT_TOKEN = process.env.MOM_DISCORD_BOT_TOKEN;
+/** Base URL of the web login portal, e.g. https://platform.trygemini.xyz */
+const MOM_LINK_URL = process.env.MOM_LINK_URL;
+/**
+ * Port for the link callback HTTP server.
+ * Defaults to 8181 when MOM_LINK_URL is set (behind a reverse proxy).
+ * If neither is set, the server is not started.
+ */
+const MOM_LINK_PORT = process.env.MOM_LINK_PORT
+    ? parseInt(process.env.MOM_LINK_PORT, 10)
+    : MOM_LINK_URL
+        ? 8181
+        : undefined;
 function parseArgs() {
     const args = process.argv.slice(2);
     let sandbox = { type: "host" };
     let workingDir;
+    let stateDirArg;
     let downloadChannelId;
     let showVersion = false;
     for (let i = 0; i < args.length; i++) {
@@ -56,6 +83,12 @@ function parseArgs() {
         else if (arg === "--sandbox") {
             sandbox = parseSandboxArg(args[++i] || "");
         }
+        else if (arg.startsWith("--state-dir=")) {
+            stateDirArg = arg.slice("--state-dir=".length);
+        }
+        else if (arg === "--state-dir") {
+            stateDirArg = args[++i];
+        }
         else if (arg.startsWith("--download=")) {
             downloadChannelId = arg.slice("--download=".length);
         }
@@ -68,12 +101,66 @@ function parseArgs() {
     }
     return {
         workingDir: workingDir ? resolve(workingDir) : undefined,
+        stateDir: stateDirArg ? resolve(stateDirArg) : undefined,
         sandbox,
         downloadChannel: downloadChannelId,
         showVersion,
     };
 }
-const parsedArgs = parseArgs();
+const WORLD_WRITABLE_MODE = 0o002;
+/**
+ * Create stateDir if missing and refuse to use it if another local user could
+ * tamper with its contents. stateDir holds vaults, bindings, and settings —
+ * a world-writable or foreign-owned directory there would let a local attacker
+ * swap in credentials or change routing.
+ */
+function ensureSecureStateDir(path) {
+    let stat;
+    try {
+        stat = statSync(path);
+    }
+    catch (err) {
+        const code = err.code;
+        if (code === "ENOENT") {
+            mkdirSync(path, { recursive: true, mode: 0o700 });
+            return;
+        }
+        console.error(`Error: cannot access --state-dir ${path}: ${err.message}`);
+        process.exit(1);
+    }
+    if (!stat.isDirectory()) {
+        console.error(`Error: --state-dir ${path} exists but is not a directory`);
+        process.exit(1);
+    }
+    if (stat.mode & WORLD_WRITABLE_MODE) {
+        console.error(`Error: --state-dir ${path} is world-writable (mode ${(stat.mode & 0o777).toString(8)}). ` +
+            `Credentials stored there would be exposed to other local users. ` +
+            `Fix with: chmod 0700 ${path}`);
+        process.exit(1);
+    }
+    const euid = typeof process.geteuid === "function" ? process.geteuid() : undefined;
+    if (euid !== undefined && stat.uid !== euid) {
+        console.error(`Error: --state-dir ${path} is owned by uid ${stat.uid} but mama is running as uid ${euid}. ` +
+            `Run mama as the directory owner or point --state-dir at a directory you own.`);
+        process.exit(1);
+    }
+}
+function handleStartupError(error) {
+    if (error instanceof SandboxError) {
+        for (const line of error.formatForCli()) {
+            console.error(line);
+        }
+        process.exit(1);
+    }
+    throw error;
+}
+let parsedArgs;
+try {
+    parsedArgs = parseArgs();
+}
+catch (error) {
+    handleStartupError(error);
+}
 // Handle --version
 if (parsedArgs.showVersion) {
     console.log(getVersion());
@@ -90,11 +177,27 @@ if (parsedArgs.downloadChannel) {
 }
 // Normal bot mode - require working dir
 if (!parsedArgs.workingDir) {
-    console.error("Usage: mama [--sandbox=host|docker:<name>|firecracker:<vm-id>:<host-path>] <working-directory>");
+    console.error("Usage: mama [--sandbox=host|container:<name>|image:<image>|firecracker:<vm-id>:<host-path>] [--state-dir=<path>] <working-directory>");
     console.error("       mama --download <channel-id>");
     process.exit(1);
 }
 const { workingDir, sandbox } = { workingDir: parsedArgs.workingDir, sandbox: parsedArgs.sandbox };
+// stateDir holds operator-managed files (vaults, settings, bindings).
+// Defaults to ~/.mama to keep secrets outside the project workspace mounted into sandboxes.
+const stateDir = parsedArgs.stateDir ?? join(homedir(), ".mama");
+ensureSecureStateDir(stateDir);
+// Share stateDir with instrument.ts (for Sentry config loading)
+process.env.MAMA_STATE_DIR = stateDir;
+// Ensure settings.json exists; create a template if first run.
+const { created: settingsCreated, config: agentSettings } = ensureSettingsFile(stateDir);
+if (settingsCreated) {
+    console.log(`Created default settings: ${join(stateDir, "settings.json")}`);
+    console.log("Review and update provider/model before starting.");
+}
+if (!agentSettings.provider || !agentSettings.model) {
+    console.error(`Error: 'provider' and 'model' must be set in ${join(stateDir, "settings.json")}`);
+    process.exit(1);
+}
 // Validate platform tokens
 const hasSlack = !!(MOM_SLACK_APP_TOKEN && MOM_SLACK_BOT_TOKEN);
 const hasTelegram = !!MOM_TELEGRAM_BOT_TOKEN;
@@ -106,36 +209,74 @@ if (!hasSlack && !hasTelegram && !hasDiscord) {
         "  Discord:  MOM_DISCORD_BOT_TOKEN");
     process.exit(1);
 }
-await validateSandbox(sandbox);
-const channelStates = new Map();
-/**
- * Maps "channel:botReplyTs" → sessionKey.
- * When the bot posts a top-level reply, the Slack thread anchors to that ts.
- * Users replying in that thread will have thread_ts = botReplyTs, which differs
- * from the original sessionKey (channel:userMessageTs). This alias map lets
- * stop commands resolve the correct session even when the ts doesn't match.
- */
-const threadAliases = new Map();
+try {
+    await validateSandbox(sandbox);
+}
+catch (error) {
+    handleStartupError(error);
+}
+const vaultManager = new FileVaultManager(stateDir);
+if (vaultManager.isEnabled()) {
+    console.log(sandbox.type === "container"
+        ? "  Vault system enabled. Shared container vault active."
+        : "  Vault system enabled. Per-user credential routing active.");
+}
+const bindingStore = new FileUserBindingStore(stateDir);
+if (bindingStore.isEnabled()) {
+    console.log(sandbox.type === "container"
+        ? "  Binding store enabled. Shared container mode ignores per-user vault bindings."
+        : "  Binding store enabled. Platform user → vault routing active.");
+}
+const provisioner = sandbox.type === "image" ? new DockerContainerManager(sandbox.image, workingDir) : undefined;
+const linkTokenStore = new InMemoryLinkTokenStore();
+// Purge expired link tokens every 5 minutes
+setInterval(() => linkTokenStore.purge(), 5 * 60 * 1000).unref();
+const conversationStates = new Map();
 /** Track in-flight runs for graceful shutdown */
 const inFlightRuns = new Set();
 /** Flag to stop accepting new events during shutdown */
 let isShuttingDown = false;
 /** Maximum number of cached sessions */
 const MAX_SESSIONS = 500;
-/** Idle timeout before a non-running session can be evicted (1 hour) */
-const IDLE_TIMEOUT_MS = 3600000;
-async function getState(channelId, sessionKey) {
-    const key = sessionKey ?? channelId;
-    let state = channelStates.get(key);
+/** Idle timeout before a non-running session can be evicted (10 minutes) */
+const IDLE_TIMEOUT_MS = 600000;
+if (provisioner) {
+    await provisioner.reconcile();
+    await provisioner.stopIdle(IDLE_TIMEOUT_MS);
+}
+// Stop idle containers every hour (same cadence as session eviction)
+if (provisioner) {
+    setInterval(() => provisioner.stopIdle(IDLE_TIMEOUT_MS), IDLE_TIMEOUT_MS).unref();
+}
+function normalizeLoginBaseUrl() {
+    if (MOM_LINK_URL) {
+        return MOM_LINK_URL.replace(/\/+$/, "");
+    }
+    if (MOM_LINK_PORT) {
+        return `http://localhost:${MOM_LINK_PORT}`;
+    }
+    return undefined;
+}
+function ensureLoginVault(platform, platformUserId) {
+    const vaultId = resolveActorVaultKey(sandbox, vaultManager, bindingStore, platform, platformUserId);
+    ensureSandboxVaultEntry(sandbox, vaultManager, platform, platformUserId, vaultId);
+    if (sandbox.type !== "image" && sandbox.type !== "container") {
+        vaultManager.addEntry(vaultId, createManagedVaultEntry(platform, platformUserId, vaultId, false));
+    }
+    return vaultId;
+}
+async function getState(conversationId, sessionKey) {
+    const key = sessionKey ?? conversationId;
+    let state = conversationStates.get(key);
     if (!state) {
-        const channelDir = join(workingDir, channelId);
+        const conversationDir = join(workingDir, conversationId);
         state = {
             running: false,
-            runner: await createRunner(sandbox, key, channelId, channelDir, workingDir),
+            runner: await createRunner(sandbox, key, conversationId, conversationDir, workingDir, vaultManager, bindingStore, provisioner, stateDir),
             stopRequested: false,
             lastAccessedAt: Date.now(),
         };
-        channelStates.set(key, state);
+        conversationStates.set(key, state);
     }
     else {
         state.lastAccessedAt = Date.now();
@@ -143,37 +284,27 @@ async function getState(channelId, sessionKey) {
     return state;
 }
 /**
- * Evict idle sessions from channelStates to bound memory usage.
+ * Evict idle sessions from conversationStates to bound memory usage.
  * Called after each handleEvent completes.
  */
 function evictIdleSessions() {
     const now = Date.now();
-    for (const [key, state] of channelStates) {
+    for (const [key, state] of conversationStates) {
         if (!state.running && now - state.lastAccessedAt > IDLE_TIMEOUT_MS) {
-            channelStates.delete(key);
-            // Clean up aliases pointing to this session
-            for (const [alias, target] of threadAliases) {
-                if (target === key)
-                    threadAliases.delete(alias);
-            }
+            conversationStates.delete(key);
         }
     }
-    if (channelStates.size > MAX_SESSIONS) {
+    if (conversationStates.size > MAX_SESSIONS) {
         const idleSessions = [];
-        for (const [key, state] of channelStates) {
+        for (const [key, state] of conversationStates) {
             if (!state.running) {
                 idleSessions.push({ key, lastAccessedAt: state.lastAccessedAt });
             }
         }
         idleSessions.sort((a, b) => a.lastAccessedAt - b.lastAccessedAt);
-        const toEvict = channelStates.size - MAX_SESSIONS;
+        const toEvict = conversationStates.size - MAX_SESSIONS;
         for (let i = 0; i < toEvict && i < idleSessions.length; i++) {
-            const evictedKey = idleSessions[i].key;
-            channelStates.delete(evictedKey);
-            for (const [alias, target] of threadAliases) {
-                if (target === evictedKey)
-                    threadAliases.delete(alias);
-            }
+            conversationStates.delete(idleSessions[i].key);
         }
     }
 }
@@ -182,12 +313,12 @@ function evictIdleSessions() {
 // ============================================================================
 const handler = {
     isRunning(sessionKey) {
-        const state = channelStates.get(sessionKey);
+        const state = conversationStates.get(sessionKey);
         return !!state?.running;
     },
     getRunningSessions() {
         const sessions = [];
-        for (const [sessionKey, state] of channelStates) {
+        for (const [sessionKey, state] of conversationStates) {
             if (state.running && state.startedAt) {
                 // Get current step from runner
                 const currentStep = state.runner.getCurrentStep();
@@ -201,20 +332,20 @@ const handler = {
         }
         return sessions;
     },
-    async handleStop(sessionKey, channelId, bot) {
-        const state = channelStates.get(sessionKey);
+    async handleStop(sessionKey, conversationId, bot) {
+        const state = conversationStates.get(sessionKey);
         if (state?.running) {
             state.stopRequested = true;
             state.runner.abort();
-            const ts = await bot.postMessage(channelId, "_Stopping..._");
+            const ts = await bot.postMessage(conversationId, formatStopping(bot));
             state.stopMessageTs = ts;
         }
         else {
-            await bot.postMessage(channelId, "_Nothing running_");
+            await bot.postMessage(conversationId, formatNothingRunning(bot));
         }
     },
     forceStop(sessionKey) {
-        const state = channelStates.get(sessionKey);
+        const state = conversationStates.get(sessionKey);
         if (state?.running) {
             log.logInfo(`[Force Stop] Force stopping session: ${sessionKey}`);
             state.stopRequested = true;
@@ -222,55 +353,153 @@ const handler = {
             state.running = false;
         }
     },
-    resolveSessionKey(rawKey) {
-        return threadAliases.get(rawKey) ?? rawKey;
+    async handleNew(sessionKey, conversationId, bot) {
+        const state = conversationStates.get(sessionKey);
+        if (state?.running) {
+            state.stopRequested = true;
+            state.runner.abort();
+        }
+        // Channel sessions rotate via current pointer. Thread sessions reset in place.
+        const conversationDir = join(workingDir, conversationId);
+        if (sessionKey.includes(":")) {
+            createManagedSessionFileAtPath(getThreadSessionFile(conversationDir, sessionKey), conversationDir);
+        }
+        else {
+            createManagedSessionFile(getChannelSessionDir(conversationDir), conversationDir);
+        }
+        // Remove from in-memory cache
+        conversationStates.delete(sessionKey);
+        log.logInfo(`[${conversationId}] Session reset: ${sessionKey}`);
+        await bot.postMessage(conversationId, "Conversation reset. Send a new message to start fresh.");
     },
-    registerThreadAlias(aliasKey, sessionKey) {
-        threadAliases.set(aliasKey, sessionKey);
+    async handleLogin(platform, platformUserId, conversationId, bot, commandText, isPrivateConversation) {
+        const parsed = parseLoginCommand(commandText);
+        if (!parsed) {
+            return;
+        }
+        if (!isPrivateConversation) {
+            await bot.postMessage(conversationId, "为了保护你的凭证，`/login` 只能在与机器人的私聊中使用。请先私信机器人，再重新执行 `/login`。");
+            return;
+        }
+        const baseUrl = normalizeLoginBaseUrl();
+        if (!baseUrl) {
+            await bot.postMessage(conversationId, "Login is not configured. Set `MOM_LINK_URL` or `MOM_LINK_PORT` on the server.");
+            return;
+        }
+        let vaultId;
+        try {
+            vaultId = ensureLoginVault(platform, platformUserId);
+        }
+        catch (error) {
+            log.logWarning(`[${conversationId}] Failed to prepare login vault for ${platform}/${platformUserId}`, error instanceof Error ? error.message : String(error));
+            await bot.postMessage(conversationId, "Login setup failed on the server. 请稍后重试，或联系管理员检查 vault 存储权限。");
+            return;
+        }
+        const loginLabel = "credential";
+        const vaultLabel = sandbox.type === "container" ? "the shared container vault" : "your vault";
+        await bot.postMessage(conversationId, `Open this link to store ${loginLabel} in ${vaultLabel} ` +
+            `(expires in 15 minutes):\n${baseUrl}/link?token=${linkTokenStore.create(platform, platformUserId, conversationId, vaultId, "").token}`);
     },
     async handleEvent(event, bot, adapters, _isEvent) {
         // Don't accept new events during shutdown
         if (isShuttingDown) {
-            log.logInfo(`[${event.channel}] Rejected event during shutdown: ${event.text.substring(0, 50)}`);
+            log.logInfo(`[${event.conversationId}] Rejected event during shutdown: ${event.text.substring(0, 50)}`);
             return;
         }
-        const rawSessionKey = `${event.channel}:${event.thread_ts ?? event.ts}`;
-        const sessionKey = this.resolveSessionKey(rawSessionKey);
-        const state = await getState(event.channel, sessionKey);
+        const sessionKey = event.sessionKey ?? `${event.conversationId}:${event.thread_ts ?? event.ts}`;
+        const state = await getState(event.conversationId, sessionKey);
         // Start run
         state.running = true;
         state.stopRequested = false;
         state.startedAt = Date.now();
         state.lastActivityAt = Date.now();
-        log.logInfo(`[${event.channel}] Starting run: ${event.text.substring(0, 50)}`);
+        log.logInfo(`[${event.conversationId}] Starting run: ${event.text.substring(0, 50)}`);
         // Wrap in-flight run tracking
-        const runPromise = (async () => {
-            try {
+        Sentry.metrics.count("agent.run.started", 1, {
+            attributes: { channel: event.conversationId },
+        });
+        Sentry.metrics.gauge("agent.sessions.active", inFlightRuns.size + 1);
+        const runPromise = Sentry.startSpan({
+            name: "agent.run",
+            op: "agent",
+            attributes: { channelId: event.conversationId, sessionKey },
+        }, async () => {
+            return Sentry.withScope(async (scope) => {
                 const { message, responseCtx, platform } = adapters;
-                // Run the agent
-                await responseCtx.setTyping(true);
-                await responseCtx.setWorking(true);
-                const result = await state.runner.run(message, responseCtx, platform);
-                await responseCtx.setWorking(false);
-                if (result.stopReason === "aborted" && state.stopRequested) {
-                    if (state.stopMessageTs) {
-                        await bot.updateMessage(event.channel, state.stopMessageTs, "_Stopped_");
-                        state.stopMessageTs = undefined;
-                    }
-                    else {
-                        await bot.postMessage(event.channel, "_Stopped_");
+                applyRunScope(scope, {
+                    conversationId: event.conversationId,
+                    sessionKey,
+                    messageId: message.id,
+                    platform: platform.name,
+                    userId: message.userId,
+                    userName: message.userName,
+                    threadTs: message.threadTs,
+                    isEvent: _isEvent,
+                });
+                addLifecycleBreadcrumb("agent.run.started", {
+                    channel_id: event.conversationId,
+                    platform: platform.name,
+                    has_attachments: (message.attachments?.length ?? 0) > 0,
+                });
+                try {
+                    await responseCtx.setTyping(true);
+                    await responseCtx.setWorking(true);
+                    const result = await state.runner.run(message, responseCtx, platform);
+                    await responseCtx.setWorking(false);
+                    const durationMs = Date.now() - state.startedAt;
+                    Sentry.metrics.distribution("agent.run.duration", durationMs, {
+                        unit: "millisecond",
+                        attributes: {
+                            channel: event.conversationId,
+                            platform: platform.name,
+                            stop_reason: result.stopReason,
+                        },
+                    });
+                    Sentry.metrics.count("agent.run.completed", 1, {
+                        attributes: {
+                            channel: event.conversationId,
+                            platform: platform.name,
+                            stop_reason: result.stopReason,
+                        },
+                    });
+                    addLifecycleBreadcrumb("agent.run.completed", {
+                        channel_id: event.conversationId,
+                        platform: platform.name,
+                        stop_reason: result.stopReason,
+                        duration_ms: durationMs,
+                    });
+                    if (result.stopReason === "aborted" && state.stopRequested) {
+                        if (state.stopMessageTs) {
+                            await bot.updateMessage(event.conversationId, state.stopMessageTs, "_Stopped_");
+                            state.stopMessageTs = undefined;
+                        }
+                        else {
+                            await bot.postMessage(event.conversationId, "_Stopped_");
+                        }
                     }
                 }
-            }
-            catch (err) {
-                log.logWarning(`[${event.channel}] Run error`, err instanceof Error ? err.message : String(err));
-            }
-            finally {
-                state.running = false;
-                state.lastAccessedAt = Date.now();
-                evictIdleSessions();
-            }
-        })();
+                catch (err) {
+                    scope.setContext("agent_run_error", {
+                        conversationId: event.conversationId,
+                        sessionKey,
+                        platform: adapters.platform.name,
+                        messageId: adapters.message.id,
+                        threadTs: adapters.message.threadTs,
+                    });
+                    Sentry.captureException(err);
+                    Sentry.metrics.count("agent.run.errors", 1, {
+                        attributes: { channel: event.conversationId, platform: adapters.platform.name },
+                    });
+                    log.logWarning(`[${event.conversationId}] Run error`, err instanceof Error ? err.message : String(err));
+                }
+                finally {
+                    state.running = false;
+                    state.lastAccessedAt = Date.now();
+                    Sentry.metrics.gauge("agent.sessions.active", inFlightRuns.size - 1);
+                    evictIdleSessions();
+                }
+            });
+        });
         inFlightRuns.add(runPromise);
         try {
             await runPromise;
@@ -285,10 +514,20 @@ const handler = {
 // ============================================================================
 const sandboxDesc = sandbox.type === "host"
     ? "host"
-    : sandbox.type === "docker"
-        ? `docker:${sandbox.container}`
-        : `firecracker:${sandbox.vmId}`;
+    : sandbox.type === "container"
+        ? `container:${sandbox.container}`
+        : sandbox.type === "image"
+            ? `image:${sandbox.image}`
+            : `firecracker:${sandbox.vmId}`;
 log.logStartup(workingDir, sandboxDesc);
+// Start link callback server if port is configured
+if (MOM_LINK_PORT) {
+    startLinkServer(MOM_LINK_PORT, linkTokenStore, vaultManager, async (platform, conversationId, msg) => {
+        const bot = botsByPlatform[platform];
+        if (bot)
+            await bot.postMessage(conversationId, msg);
+    });
+}
 // Create platform bots
 const bots = [];
 const botsByPlatform = {};
@@ -343,6 +582,7 @@ async function shutdown() {
         log.logWarning(`Forcing exit with ${inFlightRuns.size} runs still in progress`);
     }
     eventsWatcher.stop();
+    await Sentry.close(5000);
     process.exit(0);
 }
 process.on("SIGINT", shutdown);