@h-rig/server 0.0.6-alpha.0

package/dist/src/server-helpers/project-registry.js

@@ -0,0 +1,124 @@
+// @bun
+// packages/server/src/server-helpers/project-registry.ts
+import { createHash } from "crypto";
+import { spawnSync } from "child_process";
+import { existsSync, mkdirSync, readFileSync, readdirSync, writeFileSync } from "fs";
+import { dirname, resolve } from "path";
+function normalizeRepoSlug(value) {
+  const trimmed = value.trim();
+  return /^[^/\s]+\/[^/\s]+$/.test(trimmed) ? trimmed : null;
+}
+function registryPath(projectRoot) {
+  return resolve(projectRoot, ".rig", "state", "projects.json");
+}
+function readRegistry(projectRoot) {
+  const path = registryPath(projectRoot);
+  if (!existsSync(path))
+    return {};
+  try {
+    const payload = JSON.parse(readFileSync(path, "utf8"));
+    if (!payload || typeof payload !== "object" || Array.isArray(payload))
+      return {};
+    const projects = payload.projects;
+    return projects && typeof projects === "object" && !Array.isArray(projects) ? projects : {};
+  } catch {
+    return {};
+  }
+}
+function writeRegistry(projectRoot, projects) {
+  const path = registryPath(projectRoot);
+  mkdirSync(dirname(path), { recursive: true });
+  writeFileSync(path, `${JSON.stringify({ projects }, null, 2)}
+`, "utf8");
+}
+function resolveConfigPath(projectRoot) {
+  for (const name of ["rig.config.ts", "rig.config.mts", "rig.config.json"]) {
+    const path = resolve(projectRoot, name);
+    if (existsSync(path))
+      return path;
+  }
+  return null;
+}
+function hashFile(path) {
+  if (!path)
+    return null;
+  try {
+    return createHash("sha256").update(readFileSync(path)).digest("hex");
+  } catch {
+    return null;
+  }
+}
+function buildConfigStatus(projectRoot) {
+  return resolveConfigPath(projectRoot) ? "valid" : "missing";
+}
+function readDefaultBranch(projectRoot) {
+  const origin = spawnSync("git", ["-C", projectRoot, "symbolic-ref", "--short", "refs/remotes/origin/HEAD"], { encoding: "utf8", timeout: 5000 });
+  if (origin.status === 0 && origin.stdout.trim())
+    return origin.stdout.trim().replace(/^origin\//, "");
+  const head = spawnSync("git", ["-C", projectRoot, "rev-parse", "--abbrev-ref", "HEAD"], { encoding: "utf8", timeout: 5000 });
+  return head.status === 0 && head.stdout.trim() && head.stdout.trim() !== "HEAD" ? head.stdout.trim() : null;
+}
+function buildRunSummary(projectRoot) {
+  const runsDir = resolve(projectRoot, ".rig", "runs");
+  try {
+    const runs = readdirSync(runsDir, { withFileTypes: true }).filter((entry) => entry.isDirectory()).flatMap((entry) => {
+      try {
+        const run = JSON.parse(readFileSync(resolve(runsDir, entry.name, "run.json"), "utf8"));
+        return [{ runId: typeof run.runId === "string" ? run.runId : entry.name, status: typeof run.status === "string" ? run.status : "unknown", updatedAt: typeof run.updatedAt === "string" ? run.updatedAt : "" }];
+      } catch {
+        return [];
+      }
+    });
+    const active = runs.filter((run) => !["completed", "failed", "cancelled", "canceled", "stopped", "closed", "merged", "needs_attention"].includes(run.status.toLowerCase())).length;
+    const latest = runs.toSorted((left, right) => right.updatedAt.localeCompare(left.updatedAt))[0]?.runId ?? null;
+    return { total: runs.length, active, latestRunId: latest };
+  } catch {
+    return { total: 0, active: 0, latestRunId: null };
+  }
+}
+function getProjectRecord(projectRoot, repoSlug) {
+  const normalized = normalizeRepoSlug(repoSlug);
+  if (!normalized)
+    return null;
+  return readRegistry(projectRoot)[normalized] ?? null;
+}
+function upsertProjectRecord(projectRoot, input) {
+  const repoSlug = normalizeRepoSlug(input.repoSlug);
+  if (!repoSlug)
+    throw new Error(`Invalid repo slug: ${input.repoSlug}`);
+  const now = new Date().toISOString();
+  const projects = readRegistry(projectRoot);
+  const existing = projects[repoSlug];
+  const checkout = input.checkout ? { ...input.checkout, createdAt: input.checkout.createdAt ?? now } : null;
+  const checkouts = checkout ? [...(existing?.checkouts ?? []).filter((entry) => !(entry.kind === checkout.kind && entry.path === checkout.path)), checkout] : existing?.checkouts ?? [];
+  const configPath = resolveConfigPath(projectRoot);
+  const configStatus = buildConfigStatus(projectRoot);
+  const authStatus = input.githubAuthStatus ?? existing?.github.authStatus ?? "unauthenticated";
+  const record = {
+    repoSlug,
+    defaultBranch: readDefaultBranch(projectRoot) ?? existing?.defaultBranch ?? null,
+    checkouts,
+    configStatus,
+    config: { status: configStatus, hash: hashFile(configPath), path: configPath },
+    github: { authStatus },
+    taskSource: existing?.taskSource ?? { health: "unknown", lastCheckedAt: null },
+    runs: buildRunSummary(projectRoot),
+    workers: existing?.workers ?? { localAvailable: true, remoteAvailable: false, remoteCount: 0 },
+    operatorPermissions: existing?.operatorPermissions ?? { canRead: true, canRun: authStatus === "authenticated", canControl: authStatus === "authenticated" },
+    createdAt: existing?.createdAt ?? now,
+    updatedAt: now
+  };
+  projects[repoSlug] = record;
+  writeRegistry(projectRoot, projects);
+  return record;
+}
+function linkProjectCheckout(projectRoot, repoSlug, checkout) {
+  return upsertProjectRecord(projectRoot, { repoSlug, checkout });
+}
+export {
+  upsertProjectRecord,
+  normalizeRepoSlug,
+  linkProjectCheckout,
+  getProjectRecord,
+  buildConfigStatus
+};

package/dist/src/server-helpers/queue-state.js

@@ -0,0 +1,78 @@
+// @bun
+// packages/server/src/server-helpers/queue-state.ts
+import { resolve as resolve2 } from "path";
+import { readJsonFile, writeJsonFile } from "@rig/runtime/control-plane/authority-files";
+
+// packages/server/src/server-helpers/normalizers.ts
+function normalizeString(value) {
+  return typeof value === "string" && value.trim().length > 0 ? value.trim() : null;
+}
+
+// packages/server/src/server-helpers/server-paths.ts
+import { dirname, resolve } from "path";
+import { resolveMonorepoRoot } from "@rig/runtime/control-plane/native/utils";
+function resolveServerAuthorityPaths(projectRoot) {
+  const taskWorkspace = process.env.RIG_TASK_WORKSPACE?.trim();
+  const explicitStateDir = process.env.RIG_STATE_DIR?.trim();
+  const explicitLogsDir = process.env.RIG_LOGS_DIR?.trim();
+  const explicitSessionFile = process.env.RIG_SESSION_FILE?.trim();
+  const monorepoRoot = resolveMonorepoRoot(projectRoot);
+  const stateRoot = taskWorkspace ? resolve(taskWorkspace, ".rig") : explicitStateDir ? dirname(resolve(explicitStateDir)) : explicitLogsDir ? dirname(resolve(explicitLogsDir)) : explicitSessionFile ? dirname(dirname(resolve(explicitSessionFile))) : resolve(monorepoRoot, ".rig");
+  const stateDir = explicitStateDir ? resolve(explicitStateDir) : resolve(stateRoot, "state");
+  const logsDir = explicitLogsDir ? resolve(explicitLogsDir) : resolve(stateRoot, "logs");
+  const sessionFile = explicitSessionFile ? resolve(explicitSessionFile) : resolve(stateRoot, "session", "session.json");
+  const artifactsDir = taskWorkspace ? resolve(taskWorkspace, "artifacts") : resolve(monorepoRoot, "artifacts");
+  return {
+    stateRoot,
+    stateDir,
+    logsDir,
+    controlPlaneEventsFile: resolve(logsDir, "control-plane.events.jsonl"),
+    sessionFile,
+    artifactsDir
+  };
+}
+
+// packages/server/src/server-helpers/queue-state.ts
+function resolveQueueStatePath(projectRoot) {
+  return resolve2(resolveServerAuthorityPaths(projectRoot).stateDir, "task-queue.json");
+}
+function readQueueState(projectRoot) {
+  const queue = readJsonFile(resolveQueueStatePath(projectRoot), null);
+  if (!Array.isArray(queue))
+    return [];
+  return queue.filter((entry) => entry && typeof entry === "object").map((entry, index) => ({
+    taskId: normalizeString(entry.taskId),
+    score: typeof entry.score === "number" ? Math.max(0, Math.trunc(entry.score)) : 0,
+    unblockCount: typeof entry.unblockCount === "number" ? Math.max(0, Math.trunc(entry.unblockCount)) : 0,
+    position: typeof entry.position === "number" ? Math.max(0, Math.trunc(entry.position)) : index
+  })).filter((entry) => Boolean(entry.taskId)).sort((left, right) => right.score - left.score || left.position - right.position).map((entry, index) => ({ ...entry, position: index }));
+}
+function writeQueueState(projectRoot, queue) {
+  writeJsonFile(resolveQueueStatePath(projectRoot), queue);
+}
+function enqueueTaskState(projectRoot, taskId, score) {
+  const queue = readQueueState(projectRoot).filter((entry) => entry.taskId !== taskId);
+  const next = [
+    ...queue,
+    {
+      taskId,
+      score: Math.max(0, Math.trunc(score)),
+      unblockCount: 0,
+      position: queue.length
+    }
+  ].sort((left, right) => right.score - left.score || left.position - right.position).map((entry, index) => ({ ...entry, position: index }));
+  writeQueueState(projectRoot, next);
+  return next;
+}
+function dequeueTaskState(projectRoot, taskId) {
+  const next = readQueueState(projectRoot).filter((entry) => entry.taskId !== taskId).map((entry, index) => ({ ...entry, position: index }));
+  writeQueueState(projectRoot, next);
+  return next;
+}
+export {
+  writeQueueState,
+  resolveQueueStatePath,
+  readQueueState,
+  enqueueTaskState,
+  dequeueTaskState
+};

package/dist/src/server-helpers/remote-checkout.js

@@ -0,0 +1,140 @@
+// @bun
+// packages/server/src/server-helpers/remote-checkout.ts
+import { existsSync, mkdirSync, writeFileSync } from "fs";
+import { dirname, isAbsolute, relative, resolve } from "path";
+function safeSlugSegments(repoSlug) {
+  const segments = repoSlug.split("/").map((part) => part.trim()).filter(Boolean);
+  if (segments.length !== 2 || segments.some((segment) => segment === "." || segment === ".." || segment.includes("\\"))) {
+    throw new Error("repoSlug must be owner/repo");
+  }
+  return segments;
+}
+function safeCheckoutKey(value) {
+  const raw = value?.trim();
+  if (!raw)
+    return null;
+  const safe = raw.replace(/[^a-zA-Z0-9._-]/g, "-").replace(/^-+|-+$/g, "");
+  return safe || null;
+}
+function repoSlugPath(baseDir, repoSlug, checkoutKey) {
+  const key = safeCheckoutKey(checkoutKey);
+  return resolve(baseDir, ...key ? [key] : [], ...safeSlugSegments(repoSlug));
+}
+function sanitizeSnapshotId(value, fallback) {
+  const raw = (value ?? fallback).trim();
+  const safe = raw.replace(/[^a-zA-Z0-9._-]/g, "-").replace(/^-+|-+$/g, "");
+  return safe || fallback;
+}
+function assertWithinRoot(root, relativePath) {
+  if (!relativePath || isAbsolute(relativePath) || relativePath.includes("\x00")) {
+    throw new Error(`Invalid snapshot file path: ${relativePath}`);
+  }
+  const normalizedRelative = relativePath.replace(/\\/g, "/");
+  const segments = normalizedRelative.split("/");
+  if (segments.some((segment) => segment === "" || segment === "." || segment === "..")) {
+    throw new Error(`Unsafe snapshot file path: ${relativePath}`);
+  }
+  const target = resolve(root, ...segments);
+  const rel = relative(root, target);
+  if (rel === ".." || rel.split(/[\\/]/)[0] === ".." || isAbsolute(rel)) {
+    throw new Error(`Snapshot file path escapes checkout root: ${relativePath}`);
+  }
+  return target;
+}
+function decodeSnapshotArchive(archive) {
+  if (!archive || typeof archive !== "object" || archive.version !== 1 || !Array.isArray(archive.files)) {
+    throw new Error("Unsupported snapshot archive payload");
+  }
+  return archive;
+}
+function parseSnapshotArchiveContentBase64(contentBase64) {
+  const json = Buffer.from(contentBase64, "base64").toString("utf8");
+  return decodeSnapshotArchive(JSON.parse(json));
+}
+function extractUploadedSnapshotArchive(input) {
+  const archive = decodeSnapshotArchive(input.archive);
+  const snapshotId = sanitizeSnapshotId(input.snapshotId, `snapshot-${(input.now?.() ?? new Date).toISOString().replace(/[:.]/g, "-")}`);
+  const checkoutPath = resolve(repoSlugPath(input.baseDir, input.repoSlug, input.checkoutKey), snapshotId);
+  mkdirSync(checkoutPath, { recursive: true });
+  for (const file of archive.files) {
+    if (!file || typeof file.path !== "string" || typeof file.contentBase64 !== "string") {
+      throw new Error("Invalid snapshot archive file entry");
+    }
+    const target = assertWithinRoot(checkoutPath, file.path);
+    mkdirSync(dirname(target), { recursive: true });
+    writeFileSync(target, Buffer.from(file.contentBase64, "base64"));
+  }
+  writeFileSync(resolve(checkoutPath, ".rig-uploaded-snapshot.json"), `${JSON.stringify({
+    repoSlug: input.repoSlug,
+    snapshotId,
+    fileCount: archive.files.length,
+    archiveCreatedAt: archive.createdAt ?? null,
+    extractedAt: (input.now?.() ?? new Date).toISOString()
+  }, null, 2)}
+`, "utf8");
+  return { kind: "uploaded-snapshot", path: checkoutPath, fileCount: archive.files.length, snapshotId };
+}
+async function runChecked(command, args, cwd, env) {
+  const result = await command(args, cwd || env ? { ...cwd ? { cwd } : {}, ...env ? { env } : {} } : undefined);
+  if (result.exitCode !== 0) {
+    throw new Error(`${args.join(" ")} failed (${result.exitCode}): ${result.stderr ?? result.stdout ?? ""}`.trim());
+  }
+  return result;
+}
+function gitCredentialConfig(token) {
+  const clean = token?.trim();
+  if (!clean)
+    return { args: [] };
+  return {
+    args: [
+      "-c",
+      "credential.helper=",
+      "-c",
+      'credential.helper=!f() { test "$1" = get && echo username=x-access-token && echo password="$RIG_GIT_CREDENTIAL_TOKEN"; }; f'
+    ],
+    env: {
+      RIG_GIT_CREDENTIAL_TOKEN: clean,
+      GIT_TERMINAL_PROMPT: "0"
+    }
+  };
+}
+async function prepareRemoteCheckout(input) {
+  const exists = input.exists ?? existsSync;
+  const strategy = input.strategy;
+  if (strategy.kind === "uploaded-snapshot") {
+    return extractUploadedSnapshotArchive({
+      repoSlug: strategy.repoSlug,
+      baseDir: strategy.baseDir,
+      archive: strategy.archive,
+      snapshotId: strategy.snapshotId,
+      checkoutKey: strategy.checkoutKey
+    });
+  }
+  if (strategy.kind === "existing-path") {
+    const checkoutPath2 = resolve(strategy.path);
+    if (!exists(checkoutPath2)) {
+      throw new Error(`Existing remote checkout path does not exist: ${checkoutPath2}`);
+    }
+    await runChecked(input.command, ["git", "-C", checkoutPath2, "rev-parse", "--is-inside-work-tree"]);
+    return { kind: "existing-path", path: checkoutPath2 };
+  }
+  const checkoutPath = repoSlugPath(strategy.baseDir, strategy.repoSlug, strategy.checkoutKey);
+  const credentials = gitCredentialConfig(strategy.credentialToken);
+  if (!exists(checkoutPath)) {
+    await runChecked(input.command, ["git", ...credentials.args, "clone", strategy.repoUrl, checkoutPath], undefined, credentials.env);
+  }
+  if (strategy.kind === "current-ref") {
+    const ref = strategy.ref.trim();
+    if (!ref)
+      throw new Error("current-ref checkout requires a ref");
+    await runChecked(input.command, ["git", "-C", checkoutPath, ...credentials.args, "fetch", "origin", ref], undefined, credentials.env);
+    await runChecked(input.command, ["git", "-C", checkoutPath, "checkout", ref]);
+    return { kind: "current-ref", path: checkoutPath, ref };
+  }
+  return { kind: "managed-clone", path: checkoutPath };
+}
+export {
+  prepareRemoteCheckout,
+  parseSnapshotArchiveContentBase64,
+  extractUploadedSnapshotArchive
+};

package/dist/src/server-helpers/remote-snapshots.js

@@ -0,0 +1,119 @@
+// @bun
+// packages/server/src/server-helpers/remote-snapshots.ts
+import { listAuthorityRemoteEndpoints } from "@rig/runtime/control-plane/authority-files";
+
+// packages/server/src/server-helpers/normalizers.ts
+function normalizeString(value) {
+  return typeof value === "string" && value.trim().length > 0 ? value.trim() : null;
+}
+
+// packages/server/src/server-helpers/remote-snapshots.ts
+function toRemoteConnectionStatus(status) {
+  switch (status) {
+    case "connected":
+    case "connecting":
+    case "authenticating":
+    case "reconnecting":
+    case "error":
+    case "disconnected":
+      return status;
+    case "ready":
+    case "busy":
+    case "degraded":
+    case "draining":
+      return "connected";
+    case "registering":
+      return "connecting";
+    case "offline":
+    case "quarantined":
+      return "error";
+    default:
+      return "disconnected";
+  }
+}
+function hostToRemoteEndpoint(host) {
+  let hostName = "127.0.0.1";
+  let port = 7890;
+  try {
+    const url = new URL(host.baseUrl);
+    hostName = url.hostname || hostName;
+    port = Number.parseInt(url.port || "80", 10) || port;
+  } catch {}
+  return {
+    id: host.hostId,
+    alias: host.name,
+    host: hostName,
+    port,
+    token: "",
+    tokenConfigured: false,
+    autoConnect: true,
+    addedAt: host.registeredAt,
+    lastConnectedAt: host.lastHeartbeatAt
+  };
+}
+function buildRemoteEndpointSnapshot(projectRoot, remoteHosts) {
+  const authorityEndpoints = listAuthorityRemoteEndpoints(projectRoot).map((entry) => ({
+    id: entry.id,
+    alias: entry.alias,
+    host: entry.host,
+    port: entry.port,
+    token: "",
+    tokenConfigured: entry.token.trim().length > 0,
+    autoConnect: entry.autoConnect,
+    addedAt: entry.addedAt,
+    lastConnectedAt: entry.lastConnectedAt
+  }));
+  const hostEndpoints = Array.from(remoteHosts.values()).map(hostToRemoteEndpoint);
+  const deduped = new Map;
+  for (const entry of [...authorityEndpoints, ...hostEndpoints]) {
+    deduped.set(entry.id, entry);
+  }
+  return Array.from(deduped.values()).sort((left, right) => left.alias.localeCompare(right.alias));
+}
+function buildRemoteConnectionSnapshot(remoteHosts, remoteConnections, endpoints) {
+  const connections = new Map;
+  for (const [endpointId, summary] of remoteConnections.entries()) {
+    connections.set(endpointId, summary);
+  }
+  for (const host of remoteHosts.values()) {
+    if (connections.has(host.hostId))
+      continue;
+    connections.set(host.hostId, {
+      endpointId: host.hostId,
+      status: toRemoteConnectionStatus(host.status),
+      error: host.status === "offline" || host.status === "quarantined" ? host.status : null,
+      connectedAt: host.lastHeartbeatAt,
+      tokenExpiresAt: null,
+      latencyMs: null,
+      subscribedEvents: []
+    });
+  }
+  for (const endpoint of endpoints) {
+    if (connections.has(endpoint.id))
+      continue;
+    connections.set(endpoint.id, {
+      endpointId: endpoint.id,
+      status: "disconnected",
+      error: null,
+      connectedAt: endpoint.lastConnectedAt,
+      tokenExpiresAt: null,
+      latencyMs: null,
+      subscribedEvents: []
+    });
+  }
+  return Array.from(connections.values()).sort((left, right) => String(left.endpointId).localeCompare(String(right.endpointId)));
+}
+function normalizeIsoTimestamp(value) {
+  const normalized = normalizeString(value);
+  if (!normalized)
+    return null;
+  const timestamp = Date.parse(normalized);
+  return Number.isFinite(timestamp) ? new Date(timestamp).toISOString() : null;
+}
+export {
+  toRemoteConnectionStatus,
+  normalizeIsoTimestamp,
+  hostToRemoteEndpoint,
+  buildRemoteEndpointSnapshot,
+  buildRemoteConnectionSnapshot
+};