@growthub/cli 0.14.2 → 0.14.3

package/assets/worker-kits/growthub-custom-workspace-starter-v1/apps/workspace/app/api/workspace/sandbox-run/route.js

@@ -50,6 +50,7 @@
  */
 
 import { NextResponse } from "next/server";
+import { createHash } from "node:crypto";
 import { promises as fs } from "node:fs";
 import os from "node:os";
 import path from "node:path";
@@ -78,6 +79,9 @@ import {
 } from "@/lib/adapters/sandboxes";
 import { runOrchestrationGraphIfPresent } from "@/lib/orchestration-graph-runner";
 import { parseOrchestrationGraph } from "@/lib/orchestration-graph";
+import { stableStringify } from "@/lib/workspace-patch-policy";
+import { appendOutcomeReceipt } from "@/lib/workspace-outcome-receipts";
+import { requireAppScope, checkScopedWorkflowAccess } from "@/lib/workspace-app-registry";
 import {
   discoverRunInputSchema,
   normalizeRunInputsEnvelope,
@@ -470,6 +474,11 @@ async function executeSandboxRun(body, { emit } = {}) {
   const draftGraph = useDraft
     ? parseOrchestrationGraph(body?.draftGraph || row.orchestrationDraftConfig || row.orchestrationDraftGraph)
     : null;
+  // Hash the draft BEFORE execution (the graph runner may annotate the object
+  // in place). This is the lineage anchor the workflow publish gate verifies.
+  const draftSha256 = draftGraph
+    ? createHash("sha256").update(stableStringify(draftGraph), "utf8").digest("hex")
+    : null;
   const rowForRun = draftGraph
     ? { ...row, orchestrationGraph: draftGraph, orchestrationConfig: draftGraph }
     : row;
@@ -699,6 +708,16 @@ async function executeSandboxRun(body, { emit } = {}) {
     runInputs: normalizedRunInputs
   });
 
+  // Draft-run lineage anchor: the sha256 of the exact graph that executed,
+  // persisted into the run record. The sidecar is only writable by server
+  // routes (PATCH is policy-blocked from it), so the workflow publish gate
+  // can verify "this saved draft is what actually ran" against this hash —
+  // the PATCH-writable draft attestation fields alone are never trusted.
+  if (useDraft && draftSha256) {
+    response.useDraft = true;
+    response.draftSha256 = draftSha256;
+  }
+
   const sourceId = sandboxRunSourceId(objectId, row.Name || name);
   const persistence = describePersistenceMode();
   const status = response.exitCode === 0 && !response.error ? "connected" : "failed";
@@ -754,8 +773,29 @@ async function executeSandboxRun(body, { emit } = {}) {
     }
   }
 
+  // Agent Outcome Loop V1: every execution emits the same canonical receipt
+  // (kind "sandbox-run", lane "execution-proof") into workspace:agent-outcomes,
+  // linking the run record so publish gates and future agents can cite it.
+  const runOk = response.exitCode === 0 && !response.error;
+  await appendOutcomeReceipt({
+    kind: "sandbox-run",
+    lane: "execution-proof",
+    outcomeStatus: runOk ? "tested" : "failed",
+    intent: typeof body?.intent === "string" ? body.intent : undefined,
+    actor: typeof body?.actor === "string" ? body.actor : undefined,
+    objectRefs: [{ objectId, rowName: rowForRun.Name || name, objectType: "sandbox-environment" }],
+    runId,
+    sourceId: sourceId || undefined,
+    ...(useDraft && draftSha256 ? { draftSha256 } : {}),
+    summary: `${useDraft ? "draft " : ""}run ${runOk ? "passed" : "failed"} (exit ${response.exitCode}, ${effectiveAdapterId}/${runtime}) — ${String(response.stdout || response.stderr || response.error || "").slice(0, 160)}`,
+    ...(runOk && useDraft
+      ? { nextActions: ["Attest the tested draft (orchestrationDraftTestPassed + orchestrationDraftTestedConfig), then POST /api/workspace/workflow/publish"] }
+      : {}),
+    rollbackRef: sourceId ? { objectId, rowName: rowForRun.Name || name, sourceId } : undefined
+  });
+
   return NextResponse.json({
-    ok: response.exitCode === 0 && !response.error,
+    ok: runOk,
     status,
     runId,
     adapter: effectiveAdapterId,
@@ -771,6 +811,37 @@ async function executeSandboxRun(body, { emit } = {}) {
 
 async function POST(request) {
   const accept = request.headers.get("accept") || "";
+  // Unified app-scope gate: with x-growthub-app-scope, this run must target
+  // a workflow inside the app's governed scope (route-shopping closed).
+  let scopedAppId = null;
+  {
+    const cfgForScope = await readWorkspaceConfig().catch(() => ({}));
+    const scope = requireAppScope(request, cfgForScope);
+    if (scope.scoped && scope.violation) {
+      await appendOutcomeReceipt({
+        kind: "sandbox-run", lane: "execution-proof", outcomeStatus: "blocked",
+        appId: scope.violation.appScope,
+        summary: `sandbox-run rejected (422 app scope): ${scope.violation.violationType}`,
+        nextActions: [scope.violation.suggestedAction]
+      });
+      return NextResponse.json(scope.violation, { status: 422 });
+    }
+    if (scope.scoped) {
+      let peek = null;
+      try { peek = await request.clone().json(); } catch { peek = null; }
+      const violation = checkScopedWorkflowAccess(scope.context, peek?.objectId, peek?.name);
+      if (violation) {
+        await appendOutcomeReceipt({
+          kind: "sandbox-run", lane: "execution-proof", outcomeStatus: "blocked",
+          appId: scope.appId,
+          summary: `sandbox-run rejected (422 app scope): workflow ${peek?.objectId}:${peek?.name} outside app ${scope.appId}`,
+          nextActions: [violation.suggestedAction]
+        });
+        return NextResponse.json(violation, { status: 422 });
+      }
+      scopedAppId = scope.appId;
+    }
+  }
   let body;
   try {
     body = await request.json();

package/assets/worker-kits/growthub-custom-workspace-starter-v1/apps/workspace/app/api/workspace/swarm-condition/route.js

@@ -11,8 +11,8 @@
  *
  * Optional query parameter:
  *   - lensId: "activation" (default) | "persistence" | "observability" |
- *             "deploy" | "tasks" | "app-build". Unknown ids fall back to
- *             "activation".
+ *             "deploy" | "tasks" | "app-build" | "fleet". Unknown ids fall
+ *             back to "activation".
  *
  * Authority invariants:
  *   - GET only. PATCH / POST / PUT / DELETE are not exposed. Writes still flow

package/assets/worker-kits/growthub-custom-workspace-starter-v1/apps/workspace/app/api/workspace/test-source/route.js

@@ -35,6 +35,9 @@
  */
 
 import { NextResponse } from "next/server";
+import { requireAppScope, checkScopedRegistryAccess } from "@/lib/workspace-app-registry";
+import { readWorkspaceConfig as readCfgForScope } from "@/lib/workspace-config";
+import { appendOutcomeReceipt } from "@/lib/workspace-outcome-receipts";
 import { readAdapterConfig } from "@/lib/adapters/env";
 import { listGovernedWorkspaceIntegrations } from "@/lib/adapters/integrations";
 import { loadAllResolvers } from "@/lib/adapters/integrations/resolver-loader";
@@ -61,6 +64,24 @@ async function POST(request) {
   }
 
   const { integrationId, binding } = body || {};
+  // App-scope gate: a scoped agent may only test integrations on its
+  // registry-row registryIds (data-plane isolation, Attio-style object scope).
+  {
+    const cfgForScope = await readCfgForScope().catch(() => ({}));
+    const scope = requireAppScope(request, cfgForScope);
+    if (scope.scoped) {
+      const violation = scope.violation || checkScopedRegistryAccess(scope.context, integrationId);
+      if (violation) {
+        await appendOutcomeReceipt({
+          kind: "agent-outcome", lane: "untrusted-direct", outcomeStatus: "blocked",
+          appId: violation.appScope || scope.appId,
+          summary: `test-source rejected (422 app scope): ${violation.violationType}`,
+          nextActions: violation.repairPlan
+        });
+        return NextResponse.json(violation, { status: 422 });
+      }
+    }
+  }
   if (typeof integrationId !== "string" || !integrationId.trim()) {
     return NextResponse.json({ ok: false, reason: "bad-request", error: "integrationId must be a non-empty string" }, { status: 400 });
   }

package/assets/worker-kits/growthub-custom-workspace-starter-v1/apps/workspace/app/api/workspace/workflow/publish/route.js

@@ -0,0 +1,338 @@
+/**
+ * POST /api/workspace/workflow/publish
+ *
+ * Server-authoritative publish for sandbox-environment workflow rows.
+ * This route is the ONLY transition from draft to live: direct
+ * `PATCH /api/workspace` is policy-blocked (workspace-patch-policy.js) from
+ * changing `orchestrationGraph` / `orchestrationConfig` / `version` /
+ * `orchestrationPublishedAt` / `orchestrationDeltas` or setting
+ * `lifecycleStatus: "live"`.
+ *
+ * Publish gates (all server-verified against the persisted row — the client
+ * cannot vouch for itself):
+ *   1. The row exists (object id + objectType "sandbox-environment" +
+ *      capital-N `Name`).
+ *   2. A saved draft exists (`orchestrationDraftConfig` / `orchestrationDraftGraph`).
+ *   3. The draft was test-run successfully: `orchestrationDraftTestPassed === true`
+ *      (set by POST /api/workspace/sandbox-run with `useDraft: true`).
+ *   4. The tested config is byte-identical to the saved draft
+ *      (`orchestrationDraftTestedConfig` === draft) — a draft edited after
+ *      its successful test must be re-tested.
+ *   5. The draft parses as a structurally valid orchestration graph.
+ *
+ * On success: bumps `version`, moves the draft into the live field, clears
+ * draft state, stamps `orchestrationPublishedAt`, appends an
+ * `orchestrationDeltas` record (with the sha256 of the published config),
+ * sets `lifecycleStatus: "live"`, and persists via writeWorkspaceConfig.
+ *
+ * Request:  { objectId: string, name: string }
+ * Response: { ok, objectId, name, version, publishedAt, liveField,
+ *             publishedSha256, workspaceConfig }
+ *           or { ok: false, code, error, ... } with 4xx/5xx status.
+ */
+
+import { NextResponse } from "next/server";
+import { createHash } from "node:crypto";
+import {
+  readWorkspaceConfig,
+  readWorkspaceSourceRecords,
+  writeWorkspaceConfig
+} from "@/lib/workspace-config";
+import { sandboxRunSourceId } from "@/lib/workspace-data-model";
+import { parseOrchestrationGraph, validateOrchestrationGraph } from "@/lib/orchestration-graph";
+import { stableStringify } from "@/lib/workspace-patch-policy";
+import {
+  getNodeDeltaRecords,
+  normalizeDeltaTags,
+  patchSandboxRowInConfig,
+  resolveWorkflowFieldNames
+} from "@/lib/orchestration-publish";
+import { appendOutcomeReceipt } from "@/lib/workspace-outcome-receipts";
+import { requireAppScope, checkScopedWorkflowAccess } from "@/lib/workspace-app-registry";
+
+function sha256(text) {
+  return createHash("sha256").update(String(text), "utf8").digest("hex");
+}
+
+function findSandboxRow(workspaceConfig, objectId, name) {
+  const objects = Array.isArray(workspaceConfig?.dataModel?.objects) ? workspaceConfig.dataModel.objects : [];
+  const object = objects.find((entry) => entry?.id === objectId && entry?.objectType === "sandbox-environment");
+  if (!object) return { object: null, row: null, rowIndex: -1 };
+  const wantedName = String(name || "").trim();
+  const rows = Array.isArray(object.rows) ? object.rows : [];
+  const rowIndex = rows.findIndex((row) => String(row?.Name || "").trim() === wantedName);
+  if (rowIndex === -1) return { object, row: null, rowIndex: -1 };
+  return { object, row: rows[rowIndex], rowIndex };
+}
+
+/**
+ * Gate failures are governance signal: emit a blocked outcome receipt
+ * (non-fatal) and return the structured failure envelope.
+ */
+async function publishBlocked(httpStatus, body, refs) {
+  await appendOutcomeReceipt({
+    kind: "workflow-publish",
+    lane: "server-authoritative",
+    outcomeStatus: "blocked",
+    ...(refs ? { objectRefs: [refs] } : {}),
+    summary: `publish blocked (${body.code}): ${body.error}`,
+    nextActions: body.code === "no_draft" || body.code === "draft_not_tested" || body.code === "draft_run_not_verified" || body.code === "draft_changed_after_test"
+      ? ["Save the draft, run POST /api/workspace/sandbox-run {useDraft:true} to a passing result, attest, then publish"]
+      : []
+  });
+  return NextResponse.json(body, { status: httpStatus });
+}
+
+async function POST(request) {
+  let body;
+  try {
+    body = await request.json();
+  } catch {
+    return NextResponse.json({ ok: false, code: "invalid_body", error: "invalid json body" }, { status: 400 });
+  }
+  const objectId = typeof body?.objectId === "string" ? body.objectId.trim() : "";
+  const name = typeof body?.name === "string" ? body.name.trim() : "";
+  const requestedField = typeof body?.field === "string" ? body.field.trim() : "";
+  if (!objectId || !name) {
+    return NextResponse.json(
+      { ok: false, code: "invalid_body", error: "objectId and name are required" },
+      { status: 400 }
+    );
+  }
+  if (requestedField && requestedField !== "orchestrationConfig" && requestedField !== "orchestrationGraph") {
+    return NextResponse.json(
+      { ok: false, code: "invalid_body", error: 'field must be "orchestrationConfig" or "orchestrationGraph" when provided' },
+      { status: 400 }
+    );
+  }
+
+  const workspaceConfig = await readWorkspaceConfig();
+
+  // Unified app-scope gate (route-shopping closed): with x-growthub-app-scope,
+  // publish may only promote a workflow inside the app's governed scope.
+  // NB: publish is deliberately NOT blocked when the app's health is
+  // "blocked" — publishing is how the "workflow not live" blocker is cleared.
+  const scope = requireAppScope(request, workspaceConfig);
+  if (scope.scoped) {
+    const violation = scope.violation || checkScopedWorkflowAccess(scope.context, objectId, name);
+    if (violation) {
+      await appendOutcomeReceipt({
+        kind: "workflow-publish", lane: "server-authoritative", outcomeStatus: "blocked",
+        appId: violation.appScope || scope.appId,
+        summary: `publish rejected (422 app scope): ${violation.violationType}`,
+        nextActions: violation.repairPlan
+      });
+      return NextResponse.json(violation, { status: 422 });
+    }
+  }
+
+  const { object, row, rowIndex } = findSandboxRow(workspaceConfig, objectId, name);
+  if (!object) {
+    return NextResponse.json(
+      { ok: false, code: "object_not_found", error: `no sandbox-environment object with id ${objectId}` },
+      { status: 404 }
+    );
+  }
+  if (!row) {
+    return NextResponse.json(
+      { ok: false, code: "row_not_found", error: `no sandbox row named ${name} in object ${objectId}` },
+      { status: 404 }
+    );
+  }
+
+  const { liveField, draftField } = resolveWorkflowFieldNames(row, requestedField || undefined);
+  const draft = String(row[draftField] ?? "").trim();
+  if (!draft) {
+    return publishBlocked(409, {
+      ok: false,
+      code: "no_draft",
+      error: `no saved draft in ${draftField} — save the draft, test it with sandbox-run useDraft:true, then publish`
+    }, { objectId, rowName: name, objectType: "sandbox-environment" });
+  }
+
+  const draftPassed = row.orchestrationDraftTestPassed === true
+    || String(row.orchestrationDraftTestPassed ?? "") === "true";
+  if (!draftPassed) {
+    return publishBlocked(409, {
+      ok: false,
+      code: "draft_not_tested",
+      error: "publish blocked — the saved draft has no successful test run; " +
+        "run POST /api/workspace/sandbox-run with useDraft:true and a passing result first"
+    }, { objectId, rowName: name, objectType: "sandbox-environment" });
+  }
+
+  const testedConfig = String(row.orchestrationDraftTestedConfig ?? "");
+  if (testedConfig !== draft) {
+    return publishBlocked(409, {
+      ok: false,
+      code: "draft_changed_after_test",
+      error: "publish blocked — the draft changed after its successful test; re-test this exact draft",
+      // Diagnostic raw-STRING hashes (the equality above is byte-level);
+      // the canonical graph hash everywhere else is sha256(stableStringify(parsedGraph)).
+      draftStringSha256: sha256(draft),
+      testedStringSha256: sha256(testedConfig)
+    }, { objectId, rowName: name, objectType: "sandbox-environment" });
+  }
+
+  // Lineage gate — the draft-field attestation (`orchestrationDraftTestPassed`,
+  // `orchestrationDraftTestedConfig`) is PATCH-writable, so it is not trusted
+  // alone. The claimed draft run must exist in the source-record run history
+  // (which only sandbox-run writes; PATCH is policy-blocked from sidecar
+  // writes), must have passed (exitCode 0, no error), and the graph it
+  // actually executed must equal this draft.
+  const draftRunId = String(row.orchestrationDraftLastRunId ?? "").trim();
+  if (!draftRunId) {
+    return publishBlocked(409, {
+      ok: false,
+      code: "draft_run_not_verified",
+      error: "publish blocked — no server-recorded draft run on this row; " +
+        "run POST /api/workspace/sandbox-run with useDraft:true first"
+    }, { objectId, rowName: name, objectType: "sandbox-environment" });
+  }
+  const sourceId = sandboxRunSourceId(objectId, row.Name || name);
+  const history = sourceId ? await readWorkspaceSourceRecords(sourceId) : null;
+  const records = Array.isArray(history?.records) ? history.records : [];
+  const runRecord = records.find((record) => String(record?.runId ?? "") === draftRunId);
+  if (!runRecord) {
+    return publishBlocked(409, {
+      ok: false,
+      code: "draft_run_not_verified",
+      error: `publish blocked — draft run ${draftRunId} has no record in the sandbox run history (${sourceId})`
+    }, { objectId, rowName: name, objectType: "sandbox-environment" });
+  }
+  if (runRecord.exitCode !== 0 || runRecord.error) {
+    return publishBlocked(409, {
+      ok: false,
+      code: "draft_run_not_verified",
+      error: `publish blocked — draft run ${draftRunId} did not pass (exitCode ${runRecord.exitCode})`
+    }, { objectId, rowName: name, objectType: "sandbox-environment" });
+  }
+  // The record's draftSha256 is stamped by sandbox-run from the exact graph
+  // it executed, before execution. It must match this saved draft.
+  const draftGraphParsed = parseOrchestrationGraph(draft);
+  const expectedSha256 = createHash("sha256")
+    .update(stableStringify(draftGraphParsed), "utf8")
+    .digest("hex");
+  if (runRecord.useDraft !== true || runRecord.draftSha256 !== expectedSha256) {
+    return publishBlocked(409, {
+      ok: false,
+      code: "draft_run_not_verified",
+      error: `publish blocked — draft run ${draftRunId} executed a different graph than the saved draft ` +
+        "(or was not a draft run); re-test this exact draft with sandbox-run useDraft:true"
+    }, { objectId, rowName: name, objectType: "sandbox-environment" });
+  }
+
+  const parsedDraft = draftGraphParsed;
+  const validation = validateOrchestrationGraph(parsedDraft);
+  if (!validation?.ok) {
+    return publishBlocked(400, {
+      ok: false,
+      code: "invalid_graph",
+      error: "publish blocked — the draft does not parse as a valid orchestration graph",
+      details: validation?.errors ?? []
+    }, { objectId, rowName: name, objectType: "sandbox-environment" });
+  }
+
+  const publishedAt = new Date().toISOString();
+  const currentVersion = Number(row.version || 1);
+  const nextVersion = Number.isFinite(currentVersion) ? String(currentVersion + 1) : "1";
+  const previousDeltas = Array.isArray(row.orchestrationDeltas) ? row.orchestrationDeltas : [];
+  const previousPublishedGraph = parseOrchestrationGraph(row[liveField]);
+  const nodeDeltas = getNodeDeltaRecords(previousPublishedGraph, parsedDraft);
+  const deltaTags = normalizeDeltaTags(nodeDeltas.flatMap((delta) => delta.deltaTags));
+  const changeReason = nodeDeltas.map((delta) => delta.changeReason).filter(Boolean).join("\n");
+  // One canonical draft/graph hash everywhere: sha256(stableStringify(parsedGraph)).
+  // This is the same value sandbox-run stamped as the record's draftSha256,
+  // so the lineage record and the publish delta are directly comparable.
+  const publishedSha256 = expectedSha256;
+
+  const next = patchSandboxRowInConfig(workspaceConfig, objectId, rowIndex, {
+    [liveField]: draft,
+    [draftField]: "",
+    version: nextVersion,
+    lifecycleStatus: "live",
+    orchestrationDraftStatus: "published",
+    orchestrationDraftTestPassed: false,
+    orchestrationDraftTestedConfig: "",
+    orchestrationPublishedAt: publishedAt,
+    orchestrationDeltas: [
+      ...previousDeltas,
+      {
+        at: publishedAt,
+        version: nextVersion,
+        field: liveField,
+        action: "publish",
+        previousVersion: String(row.version || "1"),
+        draftTestedAt: row.orchestrationDraftLastTested || "",
+        draftRunId: row.orchestrationDraftLastRunId || "",
+        publishedSha256,
+        changeReason,
+        deltaTags,
+        nodeDeltas,
+        nodeCount: Array.isArray(parsedDraft?.nodes) ? parsedDraft.nodes.length : 0,
+        edgeCount: Array.isArray(parsedDraft?.edges) ? parsedDraft.edges.length : 0
+      }
+    ]
+  });
+
+  try {
+    const persisted = await writeWorkspaceConfig({ dataModel: next.dataModel });
+    const { receipt } = await appendOutcomeReceipt({
+      kind: "workflow-publish",
+      lane: "server-authoritative",
+      outcomeStatus: "published",
+      ...(scope.scoped ? { appId: scope.appId } : {}),
+      objectRefs: [{ objectId, rowName: name, objectType: "sandbox-environment" }],
+      changedFields: ["dataModel"],
+      runId: draftRunId,
+      sourceId,
+      draftSha256: expectedSha256,
+      publishedSha256,
+      version: nextVersion,
+      summary: `published ${liveField} v${nextVersion} for ${objectId}/${name} (${nodeDeltas.length} node delta(s), verified draft run ${draftRunId})`,
+      rollbackRef: {
+        objectId,
+        rowName: name,
+        liveField,
+        previousVersion: String(row.version || "1"),
+        deltaIndex: previousDeltas.length,
+        sourceId
+      }
+    });
+    return NextResponse.json({
+      ok: true,
+      objectId,
+      name,
+      version: nextVersion,
+      publishedAt,
+      liveField,
+      publishedSha256,
+      receiptId: receipt.receiptId,
+      workspaceConfig: persisted
+    });
+  } catch (error) {
+    if (error.code === "WORKSPACE_PERSISTENCE_READ_ONLY") {
+      return NextResponse.json(
+        {
+          ok: false,
+          code: "read_only",
+          error: "workspace config is read-only in this runtime",
+          guidance: error.guidance || null
+        },
+        { status: 409 }
+      );
+    }
+    if (error.code === "INVALID_WORKSPACE_CONFIG") {
+      return NextResponse.json(
+        { ok: false, code: "invalid_config", error: error.message, details: error.details },
+        { status: 400 }
+      );
+    }
+    return NextResponse.json(
+      { ok: false, code: "write_failed", error: error?.message || "failed to write workspace config" },
+      { status: 500 }
+    );
+  }
+}
+
+export { POST };

package/assets/worker-kits/growthub-custom-workspace-starter-v1/apps/workspace/app/components/WorkspaceLensPanel.jsx

@@ -92,6 +92,7 @@ const FILTERS = [
   { id: "deploy", label: "Deploy" },
   { id: "tasks", label: "Tasks" },
   { id: "app-build", label: "App build" },
+  { id: "fleet", label: "Fleet" },
 ];
 
 export function WorkspaceLensPanel({ workspaceConfig, workspaceSourceRecords, metadataGraph }) {