@geminixiang/mama 0.2.0-beta.1 → 0.2.0-beta.3

package/dist/main.js

@@ -1,30 +1,34 @@
 #!/usr/bin/env node
 import "./instrument.js";
 import { join, resolve } from "path";
-import { homedir } from "os";
 import { mkdirSync, readFileSync, statSync } from "fs";
+import { homedir } from "os";
 import { fileURLToPath } from "url";
 import { dirname, join as pathJoin } from "path";
 import { DiscordBot } from "./adapters/discord/index.js";
 import { TelegramBot } from "./adapters/telegram/index.js";
 import { SlackBot as SlackBotClass } from "./adapters/slack/index.js";
 import { createRunner } from "./agent.js";
-import { createManagedSessionFile, createManagedSessionFileAtPath, getChannelSessionDir, getThreadSessionFile, } from "./session-store.js";
+import { createManagedSessionFile, createManagedSessionFileAtPath, getChannelSessionDir, getThreadSessionFile, resolveGenericSessionScope, } from "./session-store.js";
 import { downloadChannel } from "./download.js";
 import { createEventsWatcher } from "./events.js";
 import * as log from "./log.js";
 import { FileUserBindingStore } from "./bindings.js";
-import { startLinkServer } from "./link-server.js";
-import { parseLoginCommand } from "./login.js";
-import { InMemoryLinkTokenStore } from "./link-token.js";
+import { parseLoginCommand } from "./login/index.js";
+import { startLinkServer } from "./login/portal.js";
+import { InMemoryLinkTokenStore } from "./login/session.js";
+import { parseSessionViewCommand } from "./session-view/command.js";
+import { resolveExistingSessionFile } from "./session-view/service.js";
+import { InMemorySessionViewTokenStore } from "./session-view/store.js";
 import { DockerContainerManager } from "./provisioner.js";
+import { loadAgentConfig } from "./config.js";
 import { SandboxError, parseSandboxArg, validateSandbox } from "./sandbox.js";
-import { formatNothingRunning, formatStopping } from "./ui-copy.js";
 import { FileVaultManager } from "./vault.js";
-import { ensureSettingsFile } from "./config.js";
 import { createManagedVaultEntry, ensureSandboxVaultEntry, resolveActorVaultKey, } from "./vault-routing.js";
 import { addLifecycleBreadcrumb, applyRunScope } from "./sentry.js";
 import { ChannelStore } from "./store.js";
+import { formatNothingRunning, formatStopped, formatStopping } from "./ui-copy.js";
+import { hasMaterializedSlackBranchSession, resolveSlackSessionScope, waitForSlackBranchBootstrap, } from "./adapters/slack/branch-manager.js";
 import * as Sentry from "@sentry/node";
 // ============================================================================
 // Config
@@ -53,13 +57,7 @@ const MOM_SLACK_APP_TOKEN = process.env.MOM_SLACK_APP_TOKEN;
 const MOM_SLACK_BOT_TOKEN = process.env.MOM_SLACK_BOT_TOKEN;
 const MOM_TELEGRAM_BOT_TOKEN = process.env.MOM_TELEGRAM_BOT_TOKEN;
 const MOM_DISCORD_BOT_TOKEN = process.env.MOM_DISCORD_BOT_TOKEN;
-/** Base URL of the web login portal, e.g. https://platform.trygemini.xyz */
 const MOM_LINK_URL = process.env.MOM_LINK_URL;
-/**
- * Port for the link callback HTTP server.
- * Defaults to 8181 when MOM_LINK_URL is set (behind a reverse proxy).
- * If neither is set, the server is not started.
- */
 const MOM_LINK_PORT = process.env.MOM_LINK_PORT
     ? parseInt(process.env.MOM_LINK_PORT, 10)
     : MOM_LINK_URL
@@ -108,12 +106,6 @@ function parseArgs() {
     };
 }
 const WORLD_WRITABLE_MODE = 0o002;
-/**
- * Create stateDir if missing and refuse to use it if another local user could
- * tamper with its contents. stateDir holds vaults, bindings, and settings —
- * a world-writable or foreign-owned directory there would let a local attacker
- * swap in credentials or change routing.
- */
 function ensureSecureStateDir(path) {
     let stat;
     try {
@@ -177,27 +169,14 @@ if (parsedArgs.downloadChannel) {
 }
 // Normal bot mode - require working dir
 if (!parsedArgs.workingDir) {
-    console.error("Usage: mama [--sandbox=host|container:<name>|image:<image>|firecracker:<vm-id>:<host-path>] [--state-dir=<path>] <working-directory>");
+    console.error("Usage: mama [--state-dir=<dir>] [--sandbox=host|container:<name>|image:<image>|firecracker:<vm-id>:<host-path>] <working-directory>");
     console.error("       mama --download <channel-id>");
     process.exit(1);
 }
 const { workingDir, sandbox } = { workingDir: parsedArgs.workingDir, sandbox: parsedArgs.sandbox };
-// stateDir holds operator-managed files (vaults, settings, bindings).
-// Defaults to ~/.mama to keep secrets outside the project workspace mounted into sandboxes.
 const stateDir = parsedArgs.stateDir ?? join(homedir(), ".mama");
-ensureSecureStateDir(stateDir);
-// Share stateDir with instrument.ts (for Sentry config loading)
 process.env.MAMA_STATE_DIR = stateDir;
-// Ensure settings.json exists; create a template if first run.
-const { created: settingsCreated, config: agentSettings } = ensureSettingsFile(stateDir);
-if (settingsCreated) {
-    console.log(`Created default settings: ${join(stateDir, "settings.json")}`);
-    console.log("Review and update provider/model before starting.");
-}
-if (!agentSettings.provider || !agentSettings.model) {
-    console.error(`Error: 'provider' and 'model' must be set in ${join(stateDir, "settings.json")}`);
-    process.exit(1);
-}
+ensureSecureStateDir(stateDir);
 // Validate platform tokens
 const hasSlack = !!(MOM_SLACK_APP_TOKEN && MOM_SLACK_BOT_TOKEN);
 const hasTelegram = !!MOM_TELEGRAM_BOT_TOKEN;
@@ -218,37 +197,31 @@ catch (error) {
 const vaultManager = new FileVaultManager(stateDir);
 if (vaultManager.isEnabled()) {
     console.log(sandbox.type === "container"
-        ? "  Vault system enabled. Shared container vault active."
-        : "  Vault system enabled. Per-user credential routing active.");
+        ? "  Vault system enabled. Container vault active."
+        : sandbox.type === "image" || sandbox.type === "firecracker"
+            ? "  Vault system enabled. Per-user credential routing active."
+            : "  Vault system enabled. Host mode will not inject vault env.");
 }
 const bindingStore = new FileUserBindingStore(stateDir);
 if (bindingStore.isEnabled()) {
     console.log(sandbox.type === "container"
-        ? "  Binding store enabled. Shared container mode ignores per-user vault bindings."
-        : "  Binding store enabled. Platform user → vault routing active.");
+        ? "  Binding store enabled. Container mode uses the container vault."
+        : sandbox.type === "image" || sandbox.type === "firecracker"
+            ? "  Binding store enabled. Platform user → vault routing active."
+            : "  Binding store enabled. Host mode will not inject vault env.");
 }
-const provisioner = sandbox.type === "image" ? new DockerContainerManager(sandbox.image, workingDir) : undefined;
+const startupConfig = loadAgentConfig(workingDir);
+const sandboxLimits = startupConfig.sandboxCpus || startupConfig.sandboxMemory
+    ? { cpus: startupConfig.sandboxCpus, memory: startupConfig.sandboxMemory }
+    : undefined;
+const provisioner = sandbox.type === "image"
+    ? new DockerContainerManager(sandbox.image, workingDir, { limits: sandboxLimits })
+    : undefined;
 const linkTokenStore = new InMemoryLinkTokenStore();
-// Purge expired link tokens every 5 minutes
+const sessionViewTokenStore = new InMemorySessionViewTokenStore();
 setInterval(() => linkTokenStore.purge(), 5 * 60 * 1000).unref();
-const conversationStates = new Map();
-/** Track in-flight runs for graceful shutdown */
-const inFlightRuns = new Set();
-/** Flag to stop accepting new events during shutdown */
-let isShuttingDown = false;
-/** Maximum number of cached sessions */
-const MAX_SESSIONS = 500;
-/** Idle timeout before a non-running session can be evicted (10 minutes) */
-const IDLE_TIMEOUT_MS = 600000;
-if (provisioner) {
-    await provisioner.reconcile();
-    await provisioner.stopIdle(IDLE_TIMEOUT_MS);
-}
-// Stop idle containers every hour (same cadence as session eviction)
-if (provisioner) {
-    setInterval(() => provisioner.stopIdle(IDLE_TIMEOUT_MS), IDLE_TIMEOUT_MS).unref();
-}
-function normalizeLoginBaseUrl() {
+setInterval(() => sessionViewTokenStore.purge(), 5 * 60 * 1000).unref();
+function normalizePortalBaseUrl() {
     if (MOM_LINK_URL) {
         return MOM_LINK_URL.replace(/\/+$/, "");
     }
@@ -257,22 +230,118 @@ function normalizeLoginBaseUrl() {
     }
     return undefined;
 }
+function isPrivateConversation(event) {
+    return event.conversationKind === "direct" || event.type === "dm";
+}
 function ensureLoginVault(platform, platformUserId) {
     const vaultId = resolveActorVaultKey(sandbox, vaultManager, bindingStore, platform, platformUserId);
     ensureSandboxVaultEntry(sandbox, vaultManager, platform, platformUserId, vaultId);
-    if (sandbox.type !== "image" && sandbox.type !== "container") {
-        vaultManager.addEntry(vaultId, createManagedVaultEntry(platform, platformUserId, vaultId, false));
+    if (sandbox.type !== "container" && sandbox.type !== "image") {
+        vaultManager.addEntry(vaultId, createManagedVaultEntry(platform, platformUserId, vaultId));
     }
     return vaultId;
 }
-async function getState(conversationId, sessionKey) {
+async function replyWithContext(responseCtx, text) {
+    await responseCtx.setTyping(false);
+    await responseCtx.setWorking(false);
+    await responseCtx.respond(text);
+}
+async function handleLoginCommand(platform, platformUserId, conversationId, responseCtx, commandText, privateConversation) {
+    const parsed = parseLoginCommand(commandText);
+    if (!parsed)
+        return false;
+    if (!privateConversation) {
+        await replyWithContext(responseCtx, "為了保護你的憑證，`/login` 只能在與機器人的私訊中使用。請先私訊機器人，再重新執行 `/login`。");
+        return true;
+    }
+    const baseUrl = normalizePortalBaseUrl();
+    if (!baseUrl) {
+        await replyWithContext(responseCtx, "Login is not configured. Set `MOM_LINK_URL` or `MOM_LINK_PORT` on the server.");
+        return true;
+    }
+    let vaultId;
+    try {
+        vaultId = ensureLoginVault(platform, platformUserId);
+    }
+    catch (error) {
+        log.logWarning(`[${conversationId}] Failed to prepare login vault for ${platform}/${platformUserId}`, error instanceof Error ? error.message : String(error));
+        await replyWithContext(responseCtx, "Login setup failed on the server. 請稍後重試，或聯絡管理員檢查 vault 儲存權限。");
+        return true;
+    }
+    const token = linkTokenStore.create(platform, platformUserId, conversationId, vaultId, "");
+    const vaultLabel = sandbox.type === "container" ? `container vault (${vaultId})` : "your vault";
+    await replyWithContext(responseCtx, `Open this link to store credentials in ${vaultLabel} (expires in 15 minutes):\n${baseUrl}/link?token=${token.token}`);
+    return true;
+}
+async function handleSessionViewCommand(platform, platformUserId, conversationId, sessionKey, bot, responseCtx, commandText, privateConversation) {
+    if (!parseSessionViewCommand(commandText))
+        return false;
+    const allowSharedPrivateDelivery = platform === "slack" || platform === "discord";
+    const sendSessionViewReply = async (text) => {
+        if (privateConversation) {
+            await replyWithContext(responseCtx, text);
+            return;
+        }
+        if (platform === "slack" && bot instanceof SlackBotClass) {
+            await bot.postEphemeral(conversationId, platformUserId, text);
+            return;
+        }
+        if (platform === "discord" && bot instanceof DiscordBot) {
+            await bot.sendDirectMessage(platformUserId, text);
+            return;
+        }
+        await replyWithContext(responseCtx, text);
+    };
+    if (!privateConversation && !allowSharedPrivateDelivery) {
+        await sendSessionViewReply("為了保護對話內容，`/session` 目前只能在與機器人的私訊 / DM 中使用。");
+        return true;
+    }
+    const baseUrl = normalizePortalBaseUrl();
+    if (!baseUrl) {
+        await sendSessionViewReply("Session viewer is not configured. Set `MOM_LINK_URL` or `MOM_LINK_PORT` on the server.");
+        return true;
+    }
+    const sessionFile = resolveExistingSessionFile(workingDir, conversationId, sessionKey);
+    if (!sessionFile) {
+        await sendSessionViewReply("目前還沒有可查看的 session。先和機器人對話一次，建立 session 後再試。");
+        return true;
+    }
+    const token = sessionViewTokenStore.create(platform, platformUserId, conversationId, sessionKey, sessionFile);
+    const linkText = `Open this read-only session link (expires in 24 hours):\n${baseUrl}/session?token=${token.token}`;
+    await sendSessionViewReply(linkText);
+    return true;
+}
+const conversationStates = new Map();
+/** Track in-flight runs for graceful shutdown */
+const inFlightRuns = new Set();
+/** Flag to stop accepting new events during shutdown */
+let isShuttingDown = false;
+/** Maximum number of cached sessions */
+const MAX_SESSIONS = 500;
+/** Idle timeout before a non-running session can be evicted (1 hour) */
+const IDLE_TIMEOUT_MS = 3600000;
+/** Idle timeout for managed image containers (10 minutes) */
+const IMAGE_IDLE_TIMEOUT_MS = 10 * 60 * 1000;
+if (provisioner) {
+    await provisioner.reconcile();
+    await provisioner.stopIdle(IMAGE_IDLE_TIMEOUT_MS);
+    setInterval(() => provisioner.stopIdle(IMAGE_IDLE_TIMEOUT_MS), IMAGE_IDLE_TIMEOUT_MS).unref();
+}
+async function resolveSessionScope(platformName, conversationDir, sessionKey) {
+    if (platformName === "slack") {
+        return resolveSlackSessionScope({ conversationDir, sessionKey });
+    }
+    return resolveGenericSessionScope({ conversationDir, sessionKey });
+}
+async function getState(conversationId, platformName, sessionKey) {
     const key = sessionKey ?? conversationId;
     let state = conversationStates.get(key);
     if (!state) {
         const conversationDir = join(workingDir, conversationId);
+        const sessionScope = await resolveSessionScope(platformName, conversationDir, key);
         state = {
             running: false,
-            runner: await createRunner(sandbox, key, conversationId, conversationDir, workingDir, vaultManager, bindingStore, provisioner, stateDir),
+            runner: await createRunner(sandbox, key, conversationId, conversationDir, workingDir, sessionScope, vaultManager, bindingStore, provisioner),
             stopRequested: false,
             lastAccessedAt: Date.now(),
         };
@@ -359,7 +428,7 @@ const handler = {
             state.stopRequested = true;
             state.runner.abort();
         }
-        // Channel sessions rotate via current pointer. Thread sessions reset in place.
+        // Conversation sessions rotate via current pointer. Thread sessions reset in place.
         const conversationDir = join(workingDir, conversationId);
         if (sessionKey.includes(":")) {
             createManagedSessionFileAtPath(getThreadSessionFile(conversationDir, sessionKey), conversationDir);
@@ -372,62 +441,50 @@ const handler = {
         log.logInfo(`[${conversationId}] Session reset: ${sessionKey}`);
         await bot.postMessage(conversationId, "Conversation reset. Send a new message to start fresh.");
     },
-    async handleLogin(platform, platformUserId, conversationId, bot, commandText, isPrivateConversation) {
-        const parsed = parseLoginCommand(commandText);
-        if (!parsed) {
-            return;
-        }
-        if (!isPrivateConversation) {
-            await bot.postMessage(conversationId, "为了保护你的凭证，`/login` 只能在与机器人的私聊中使用。请先私信机器人，再重新执行 `/login`。");
-            return;
-        }
-        const baseUrl = normalizeLoginBaseUrl();
-        if (!baseUrl) {
-            await bot.postMessage(conversationId, "Login is not configured. Set `MOM_LINK_URL` or `MOM_LINK_PORT` on the server.");
-            return;
-        }
-        let vaultId;
-        try {
-            vaultId = ensureLoginVault(platform, platformUserId);
-        }
-        catch (error) {
-            log.logWarning(`[${conversationId}] Failed to prepare login vault for ${platform}/${platformUserId}`, error instanceof Error ? error.message : String(error));
-            await bot.postMessage(conversationId, "Login setup failed on the server. 请稍后重试，或联系管理员检查 vault 存储权限。");
-            return;
-        }
-        const loginLabel = "credential";
-        const vaultLabel = sandbox.type === "container" ? "the shared container vault" : "your vault";
-        await bot.postMessage(conversationId, `Open this link to store ${loginLabel} in ${vaultLabel} ` +
-            `(expires in 15 minutes):\n${baseUrl}/link?token=${linkTokenStore.create(platform, platformUserId, conversationId, vaultId, "").token}`);
-    },
     async handleEvent(event, bot, adapters, _isEvent) {
+        const conversationId = event.conversationId;
         // Don't accept new events during shutdown
         if (isShuttingDown) {
-            log.logInfo(`[${event.conversationId}] Rejected event during shutdown: ${event.text.substring(0, 50)}`);
+            log.logInfo(`[${conversationId}] Rejected event during shutdown: ${event.text.substring(0, 50)}`);
+            return;
+        }
+        const sessionKey = event.sessionKey ?? `${conversationId}:${event.thread_ts ?? event.ts}`;
+        const privateConversation = isPrivateConversation(event);
+        const handledLogin = await handleLoginCommand(adapters.platform.name, event.user, conversationId, adapters.responseCtx, event.text, privateConversation);
+        if (handledLogin)
             return;
+        const handledSessionView = await handleSessionViewCommand(adapters.platform.name, event.user, conversationId, sessionKey, bot, adapters.responseCtx, event.text, privateConversation);
+        if (handledSessionView)
+            return;
+        const conversationDir = join(workingDir, conversationId);
+        const waitedForParent = adapters.platform.name === "slack"
+            ? await waitForSlackBranchBootstrap({
+                parentSessionKey: conversationId,
+                sessionKey,
+                hasThreadSession: () => hasMaterializedSlackBranchSession(conversationDir, sessionKey),
+                isParentRunning: () => conversationStates.get(conversationId)?.running === true,
+            })
+            : false;
+        if (waitedForParent) {
+            log.logInfo(`[${conversationId}] Delayed thread bootstrap until parent session sealed: ${sessionKey}`);
         }
-        const sessionKey = event.sessionKey ?? `${event.conversationId}:${event.thread_ts ?? event.ts}`;
-        const state = await getState(event.conversationId, sessionKey);
+        const state = await getState(conversationId, adapters.platform.name, sessionKey);
         // Start run
         state.running = true;
         state.stopRequested = false;
         state.startedAt = Date.now();
         state.lastActivityAt = Date.now();
-        log.logInfo(`[${event.conversationId}] Starting run: ${event.text.substring(0, 50)}`);
+        log.logInfo(`[${conversationId}] Starting run: ${event.text.substring(0, 50)}`);
         // Wrap in-flight run tracking
         Sentry.metrics.count("agent.run.started", 1, {
-            attributes: { channel: event.conversationId },
+            attributes: { channel: conversationId },
         });
         Sentry.metrics.gauge("agent.sessions.active", inFlightRuns.size + 1);
-        const runPromise = Sentry.startSpan({
-            name: "agent.run",
-            op: "agent",
-            attributes: { channelId: event.conversationId, sessionKey },
-        }, async () => {
+        const runPromise = Sentry.startSpan({ name: "agent.run", op: "agent", attributes: { conversationId, sessionKey } }, async () => {
             return Sentry.withScope(async (scope) => {
                 const { message, responseCtx, platform } = adapters;
                 applyRunScope(scope, {
-                    conversationId: event.conversationId,
+                    conversationId,
                     sessionKey,
                     messageId: message.id,
                     platform: platform.name,
@@ -437,7 +494,7 @@ const handler = {
                     isEvent: _isEvent,
                 });
                 addLifecycleBreadcrumb("agent.run.started", {
-                    channel_id: event.conversationId,
+                    channel_id: conversationId,
                     platform: platform.name,
                     has_attachments: (message.attachments?.length ?? 0) > 0,
                 });
@@ -450,37 +507,37 @@ const handler = {
                     Sentry.metrics.distribution("agent.run.duration", durationMs, {
                         unit: "millisecond",
                         attributes: {
-                            channel: event.conversationId,
+                            channel: conversationId,
                             platform: platform.name,
                             stop_reason: result.stopReason,
                         },
                     });
                     Sentry.metrics.count("agent.run.completed", 1, {
                         attributes: {
-                            channel: event.conversationId,
+                            channel: conversationId,
                             platform: platform.name,
                             stop_reason: result.stopReason,
                         },
                     });
                     addLifecycleBreadcrumb("agent.run.completed", {
-                        channel_id: event.conversationId,
+                        channel_id: conversationId,
                         platform: platform.name,
                         stop_reason: result.stopReason,
                         duration_ms: durationMs,
                     });
                     if (result.stopReason === "aborted" && state.stopRequested) {
                         if (state.stopMessageTs) {
-                            await bot.updateMessage(event.conversationId, state.stopMessageTs, "_Stopped_");
+                            await bot.updateMessage(conversationId, state.stopMessageTs, formatStopped(bot));
                             state.stopMessageTs = undefined;
                         }
                         else {
-                            await bot.postMessage(event.conversationId, "_Stopped_");
+                            await bot.postMessage(conversationId, formatStopped(bot));
                         }
                     }
                 }
                 catch (err) {
                     scope.setContext("agent_run_error", {
-                        conversationId: event.conversationId,
+                        conversationId,
                         sessionKey,
                         platform: adapters.platform.name,
                         messageId: adapters.message.id,
@@ -488,9 +545,9 @@ const handler = {
                     });
                     Sentry.captureException(err);
                     Sentry.metrics.count("agent.run.errors", 1, {
-                        attributes: { channel: event.conversationId, platform: adapters.platform.name },
+                        attributes: { channel: conversationId, platform: adapters.platform.name },
                     });
-                    log.logWarning(`[${event.conversationId}] Run error`, err instanceof Error ? err.message : String(err));
+                    log.logWarning(`[${conversationId}] Run error`, err instanceof Error ? err.message : String(err));
                 }
                 finally {
                     state.running = false;
@@ -520,14 +577,6 @@ const sandboxDesc = sandbox.type === "host"
             ? `image:${sandbox.image}`
             : `firecracker:${sandbox.vmId}`;
 log.logStartup(workingDir, sandboxDesc);
-// Start link callback server if port is configured
-if (MOM_LINK_PORT) {
-    startLinkServer(MOM_LINK_PORT, linkTokenStore, vaultManager, async (platform, conversationId, msg) => {
-        const bot = botsByPlatform[platform];
-        if (bot)
-            await bot.postMessage(conversationId, msg);
-    });
-}
 // Create platform bots
 const bots = [];
 const botsByPlatform = {};
@@ -561,6 +610,13 @@ if (hasDiscord) {
     botsByPlatform.discord = discordBot;
     log.logInfo("Platform: Discord");
 }
+if (MOM_LINK_PORT) {
+    startLinkServer(MOM_LINK_PORT, linkTokenStore, vaultManager, async (platform, conversationId, message) => {
+        const bot = botsByPlatform[platform];
+        if (bot)
+            await bot.postMessage(conversationId, message);
+    }, sessionViewTokenStore);
+}
 // Start events watcher with explicit platform routing
 const eventsWatcher = createEventsWatcher(workingDir, botsByPlatform);
 const slackBot = botsByPlatform.slack;