npm - @invokehq/cli - Versions diffs - 0.2.7 → 0.2.9 - Mend

@invokehq/cli 0.2.7 → 0.2.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md CHANGED Viewed

@@ -30,7 +30,7 @@ invoke init support-agent --template crm-guardrail
 cd support-agent
 # 4. Run its local MCP server
-invoke dev
+invoke dev install
 # 5. Register its tools with Invoke
 invoke deploy

package/agentify.py CHANGED Viewed

@@ -1236,12 +1236,18 @@ def read_project_config(root: Path) -> dict[str, Any]:
     return config
-def is_agent_project(config: dict[str, Any]) -> bool:
+def is_agent_project(root: Path, config: dict[str, Any]) -> bool:
     runtime = str(config.get("runtime") or "").lower()
     agent_type = str(config.get("agent_type") or config.get("type") or "").lower()
-    return bool(config.get("entrypoint")) and (
+    has_entrypoint = bool(config.get("entrypoint")) or any(
+        (root / candidate).exists() for candidate in ("src/index.ts", "src/index.js", "index.ts", "index.js")
+    )
+    tools = config.get("tools")
+    empty_tools = tools is None or tools == []
+    return has_entrypoint and (
         runtime in {"node", "python", "claude-agent-sdk"}
         or agent_type in {"agent", "claude-agent", "claude-agent-sdk"}
+        or empty_tools
     )
@@ -1403,7 +1409,7 @@ def save_deployment(record: dict[str, Any]) -> None:
 def deploy_command(args: argparse.Namespace) -> int:
     root = Path(args.path)
     raw_config = read_project_config(root)
-    if is_agent_project(raw_config):
+    if is_agent_project(root, raw_config):
         from dataclasses import asdict
         from invoke.deploy import deploy_claude_agent
@@ -1418,7 +1424,8 @@ def deploy_command(args: argparse.Namespace) -> int:
             "name": result.plan.app_name,
             "provider_id": result.deployment_id,
             "slug": result.plan.app_name,
-            "gateway_url": result.modal_app_name,
+            "gateway_url": result.endpoint_url,
+            "dashboard_url": result.dashboard_url,
             "base_url": "modal",
             "tools": ["agent.run"],
             "deployed_at": dt.datetime.now(dt.timezone.utc).isoformat(),

package/invoke/deploy.py CHANGED Viewed

@@ -34,6 +34,7 @@ class DeployPlan:
     modal_volume: str
     modal_image: str = DEFAULT_MODAL_IMAGE
     env: dict[str, str] = field(default_factory=dict)
+    endpoint_name: str = "invoke"
     tracing_enabled: bool = True
     persistence: dict[str, str] = field(default_factory=dict)
     robustness: dict[str, bool] = field(default_factory=dict)
@@ -49,7 +50,10 @@ class DeployResult:
     status: str
     message: str
     modal_app_name: str | None = None
+    endpoint_url: str | None = None
+    dashboard_url: str | None = None
     trace_path: str | None = None
+    modal_source_path: str | None = None
     onyx_suggestions: list[OnyxSuggestion] = field(default_factory=list)
@@ -175,6 +179,11 @@ def deploy_claude_agent(
     suggestions = analyze_traces(trace_store.recent(limit=100)) if run_onyx else []
+    from .sandbox import write_modal_source
+    modal_source_path = write_modal_source(plan)
+    dashboard_url = f"https://modal.com/apps/{plan.app_name}"
     if dry_run:
         result = DeployResult(
             success=True,
@@ -182,7 +191,9 @@ def deploy_claude_agent(
             deployment_id=deployment_id,
             status="planned",
             message="Deployment plan generated. Modal deploy was not executed.",
+            dashboard_url=dashboard_url,
             trace_path=str(trace_store.path),
+            modal_source_path=str(modal_source_path),
             onyx_suggestions=suggestions,
         )
         write_local_deploy_record(result)
@@ -198,7 +209,10 @@ def deploy_claude_agent(
         status="deployed",
         message="Agent deployed to Modal with Invoke tracing and persistence enabled.",
         modal_app_name=modal_result.get("app_name", plan.app_name),
+        endpoint_url=modal_result.get("endpoint_url"),
+        dashboard_url=modal_result.get("dashboard_url", dashboard_url),
         trace_path=str(trace_store.path),
+        modal_source_path=str(modal_source_path),
         onyx_suggestions=suggestions,
     )
     write_local_deploy_record(result)

package/invoke/sandbox.py CHANGED Viewed

@@ -1,106 +1,388 @@
-"""Modal sandbox definitions for hosted Invoke agents."""
+"""Modal sandbox generation for hosted Invoke agents."""
 from __future__ import annotations
-from dataclasses import asdict
+import json
+import re
+import shutil
+import subprocess
+import textwrap
 from pathlib import Path
 from typing import Any
 from .deploy import DeployPlan
-def _import_modal():
-    try:
-        import modal  # type: ignore
-    except ImportError as exc:
-        raise RuntimeError(
-            "Modal is required for hosted agent deployment. Install it with `pip install modal` "
-            "and run `modal setup`, or use `--dry-run` to inspect the deployment plan."
-        ) from exc
-    return modal
+ENDPOINT_RE = re.compile(r"https://[^\s\"']+modal\.run[^\s\"']*")
-def modal_objects(plan: DeployPlan):
-    """Return Modal app/image/volume objects for a deployment plan."""
-    modal = _import_modal()
-    app = modal.App(plan.app_name)
-    image = (
-        modal.Image.debian_slim(python_version="3.11")
-        .apt_install("nodejs", "npm")
-        .pip_install("anthropic", "httpx")
-        .env(plan.env)
+def _require_modal_cli() -> None:
+    if shutil.which("modal"):
+        return
+    raise RuntimeError(
+        "Modal CLI is required for `invoke deploy` agent deployments. "
+        "Install and authenticate it with `pip install modal` and `modal setup`, "
+        "or run `invoke deploy --dry-run` to inspect the generated deployment first."
     )
-    volume = modal.Volume.from_name(plan.modal_volume, create_if_missing=True)
-    return modal, app, image, volume
-def deploy_modal_app(plan: DeployPlan) -> dict[str, Any]:
-    """Deploy the Modal app skeleton for one Invoke agent.
-    The actual Modal CLI invocation happens outside this module. This function
-    validates that Modal is importable and returns the deployable object names,
-    which lets the Python CLI remain deterministic in tests.
-    """
-    modal, app, image, volume = modal_objects(plan)
-    project_root = Path(plan.project_root)
-    entrypoint = plan.entrypoint
-    @app.function(
-        image=image,
-        volumes={"/state": volume},
-        timeout=60 * 20,
-        secrets=[],
+def _remote_entrypoint_command(entrypoint: str) -> str:
+    quoted = json.dumps(entrypoint)
+    return textwrap.dedent(
+        f"""\
+        def agent_command(prompt):
+            entrypoint = {quoted}
+            source = Path("/workspace") / entrypoint
+            if entrypoint.endswith(".ts"):
+                compiled = Path("/workspace/dist") / Path(entrypoint).with_suffix(".js").name
+                if compiled.exists():
+                    return ["node", str(compiled), prompt]
+                return ["npx", "tsx", str(source), prompt]
+            return ["node", str(source), prompt]
+        """
     )
-    def run_agent(prompt: str, context: dict[str, Any] | None = None) -> dict[str, Any]:
-        """Run one agent task inside the Modal sandbox."""
+def modal_source(plan: DeployPlan) -> str:
+    """Build the deployable Modal source file for one agent project."""
+    app_name = json.dumps(plan.app_name)
+    volume_name = json.dumps(plan.modal_volume)
+    project_root = json.dumps(plan.project_root)
+    env = json.dumps(plan.env, sort_keys=True)
+    endpoint_name = json.dumps(plan.endpoint_name)
+    agent_command_source = _remote_entrypoint_command(plan.entrypoint).rstrip()
+    template = textwrap.dedent(
+        f"""\
+        # Generated by Invoke. Do not edit by hand; rerun `invoke deploy`.
+        from __future__ import annotations
         import json
+        import os
         import subprocess
         import time
         import uuid
+        from pathlib import Path
+        from typing import Any
+        import modal
+        from fastapi import Request
-        execution_id = "exec_" + uuid.uuid4().hex[:12]
-        started_at = time.time()
-        trace = {
-            "execution_id": execution_id,
-            "event": "agent_run_started",
-            "prompt": prompt,
-            "context": context or {},
-            "entrypoint": entrypoint,
-            "started_at": started_at,
-        }
-        with open("/state/traces.jsonl", "a", encoding="utf-8") as fh:
-            fh.write(json.dumps(trace, sort_keys=True) + "\n")
-        command = ["node", entrypoint, prompt]
-        completed = subprocess.run(
-            command,
-            cwd="/workspace",
-            text=True,
-            capture_output=True,
-            timeout=60 * 15,
-            check=False,
+        APP_NAME = {app_name}
+        VOLUME_NAME = {volume_name}
+        PROJECT_ROOT = {project_root}
+        INVOKE_ENV = {env}
+        app = modal.App(APP_NAME)
+        volume = modal.Volume.from_name(VOLUME_NAME, create_if_missing=True)
+        image = (
+            modal.Image.debian_slim(python_version="3.11")
+            .apt_install("nodejs", "npm")
+            .pip_install("fastapi[standard]")
+            .add_local_dir(
+                PROJECT_ROOT,
+                remote_path="/workspace",
+                copy=True,
+                ignore=[
+                    ".git",
+                    ".invoke",
+                    "node_modules",
+                    "dist",
+                    ".next",
+                    "__pycache__",
+                    "*.tgz",
+                ],
+            )
+            .run_commands(
+                "cd /workspace && if [ -f package-lock.json ]; then npm ci; elif [ -f package.json ]; then npm install; fi",
+                "cd /workspace && if [ -f package.json ]; then npm run build --if-present; fi",
+            )
+            .env(INVOKE_ENV)
         )
-        final = {
-            "execution_id": execution_id,
-            "event": "agent_run_completed",
-            "returncode": completed.returncode,
-            "stdout": completed.stdout[-8000:],
-            "stderr": completed.stderr[-8000:],
-            "latency_ms": round((time.time() - started_at) * 1000, 2),
-        }
-        with open("/state/traces.jsonl", "a", encoding="utf-8") as fh:
-            fh.write(json.dumps(final, sort_keys=True) + "\n")
-        return final
+        def utc_ms():
+            return int(time.time() * 1000)
+        def append_jsonl(path, payload):
+            path.parent.mkdir(parents=True, exist_ok=True)
+            with path.open("a", encoding="utf-8") as fh:
+                fh.write(json.dumps(payload, sort_keys=True) + "\\n")
+        def read_jsonl(path):
+            if not path.exists():
+                return []
+            rows = []
+            for line in path.read_text(encoding="utf-8").splitlines():
+                try:
+                    rows.append(json.loads(line))
+                except json.JSONDecodeError:
+                    continue
+            return rows
+        def evaluate_policy(action, params):
+            lowered = str(action).lower()
+            sql = str(params.get("sql", "")).lower() if isinstance(params, dict) else ""
+            if action == "database.execute" or "disable row level security" in sql or "drop table" in sql:
+                return {{
+                    "effect": "block",
+                    "risk": "high",
+                    "reason": "Direct database execution can bypass application policy or row-level security.",
+                    "guardrails": ["policy_block", "sandbox_required"],
+                }}
+            if any(word in lowered for word in ("delete", "refund", "charge", "transfer")):
+                return {{
+                    "effect": "require_approval",
+                    "risk": "high",
+                    "reason": "Financial or destructive action requires approval and reconciliation.",
+                    "guardrails": ["approval", "idempotency_key", "state_reconciliation"],
+                }}
+            return {{
+                "effect": "allow",
+                "risk": "low",
+                "reason": "No blocking policy matched.",
+                "guardrails": ["trace"],
+            }}
+        def reconcile_state(expected, live):
+            drift = []
+            if isinstance(expected, dict) and isinstance(live, dict):
+                for key, expected_value in expected.items():
+                    if live.get(key) != expected_value:
+                        drift.append({{"key": key, "expected": expected_value, "live": live.get(key)}})
+            return {{"status": "changed" if drift else "valid", "drift": drift, "checked_at_ms": utc_ms()}}
+        def extract_action(payload):
+            raw = payload.get("action") or {{}}
+            if isinstance(raw, str):
+                return raw, payload.get("params") or {{}}
+            if isinstance(raw, dict):
+                return raw.get("action") or raw.get("name") or "agent.run", raw.get("params") or {{}}
+            return "agent.run", {{}}
+        def checkpoint_path():
+            return Path("/state/checkpoints.jsonl")
+        def trace_path():
+            return Path("/state/traces.jsonl")
+        def freeze_execution(execution_id, action, params, context):
+            checkpoint = {{
+                "checkpoint_id": "freeze_" + uuid.uuid4().hex[:12],
+                "execution_id": execution_id,
+                "action": action,
+                "params": params,
+                "context_snapshot": context,
+                "created_at_ms": utc_ms(),
+            }}
+            append_jsonl(checkpoint_path(), checkpoint)
+            return checkpoint
+        def find_checkpoint(checkpoint_id):
+            for checkpoint in reversed(read_jsonl(checkpoint_path())):
+                if checkpoint.get("checkpoint_id") == checkpoint_id:
+                    return checkpoint
+            return None
+        __AGENT_COMMAND_SOURCE__
+        @app.function(image=image, volumes={{"/state": volume}}, timeout=60 * 20)
+        @modal.fastapi_endpoint(method="POST", label={endpoint_name})
+        async def invoke(request: Request):
+            started = utc_ms()
+            payload = await request.json()
+            execution_id = payload.get("execution_id") or "exec_" + uuid.uuid4().hex[:12]
+            prompt = payload.get("prompt") or payload.get("input") or ""
+            agent_id = payload.get("agent_id") or APP_NAME
+            action, params = extract_action(payload)
+            events = []
+            def event(step, status, detail=None):
+                item = {{"step": step, "status": status, "timestamp_ms": utc_ms(), "detail": detail or {{}}}}
+                events.append(item)
+                return item
+            event("request_received", "ok", {{"agent_id": agent_id, "action": action}})
+            if not isinstance(params, dict):
+                event("schema_checked", "failed", {{"reason": "params must be an object"}})
+                trace = {{
+                    "execution_id": execution_id,
+                    "agent_id": agent_id,
+                    "action": action,
+                    "status": "blocked",
+                    "risk": "medium",
+                    "final_outcome": "blocked_by_schema",
+                    "events": events,
+                    "latency_ms": utc_ms() - started,
+                }}
+                append_jsonl(trace_path(), trace)
+                return {{"success": False, "execution": trace, "error": "params must be an object"}}
+            event("schema_checked", "ok")
+            if payload.get("resume_checkpoint_id"):
+                checkpoint = find_checkpoint(payload["resume_checkpoint_id"])
+                if not checkpoint:
+                    event("checkpoint_loaded", "missing", {{"checkpoint_id": payload["resume_checkpoint_id"]}})
+                    return {{"success": False, "execution_id": execution_id, "error": "checkpoint not found", "events": events}}
+                event("checkpoint_loaded", "ok", {{"checkpoint_id": checkpoint["checkpoint_id"]}})
+                revalidation = reconcile_state(checkpoint.get("context_snapshot") or {{}}, payload.get("live_context") or {{}})
+                event("state_revalidated", revalidation["status"], revalidation)
+                if revalidation["status"] == "changed":
+                    trace = {{
+                        "execution_id": execution_id,
+                        "agent_id": agent_id,
+                        "action": action,
+                        "status": "requeued",
+                        "risk": "high",
+                        "final_outcome": "requeued_due_to_state_drift",
+                        "events": events,
+                        "latency_ms": utc_ms() - started,
+                    }}
+                    append_jsonl(trace_path(), trace)
+                    return {{"success": True, "status": "requeued", "execution": trace}}
+            policy = evaluate_policy(action, params)
+            event("policy_evaluated", "ok", policy)
+            if policy["effect"] == "block":
+                trace = {{
+                    "execution_id": execution_id,
+                    "agent_id": agent_id,
+                    "action": action,
+                    "status": "blocked",
+                    "risk": policy["risk"],
+                    "policy": policy,
+                    "final_outcome": "blocked_by_policy",
+                    "events": events,
+                    "latency_ms": utc_ms() - started,
+                }}
+                append_jsonl(trace_path(), trace)
+                return {{"success": True, "status": "blocked", "execution": trace, "certificate_returned": True}}
+            if policy["effect"] == "require_approval" and not payload.get("approved"):
+                checkpoint = freeze_execution(
+                    execution_id,
+                    action,
+                    params,
+                    payload.get("context_snapshot") or payload.get("expected_state") or {{}},
+                )
+                event("execution_frozen", "pending_approval", {{"checkpoint_id": checkpoint["checkpoint_id"]}})
+                trace = {{
+                    "execution_id": execution_id,
+                    "agent_id": agent_id,
+                    "action": action,
+                    "status": "pending_approval",
+                    "risk": policy["risk"],
+                    "policy": policy,
+                    "checkpoint": checkpoint,
+                    "final_outcome": "frozen_for_human_review",
+                    "events": events,
+                    "latency_ms": utc_ms() - started,
+                }}
+                append_jsonl(trace_path(), trace)
+                return {{"success": True, "status": "pending_approval", "execution": trace, "certificate_returned": True}}
+            if payload.get("expected_state") is not None or payload.get("live_state") is not None:
+                reconciliation = reconcile_state(payload.get("expected_state") or {{}}, payload.get("live_state") or {{}})
+                event("state_reconciled", reconciliation["status"], reconciliation)
+                if reconciliation["status"] == "changed":
+                    trace = {{
+                        "execution_id": execution_id,
+                        "agent_id": agent_id,
+                        "action": action,
+                        "status": "blocked",
+                        "risk": "high",
+                        "policy": policy,
+                        "reconciliation": reconciliation,
+                        "final_outcome": "blocked_due_to_state_drift",
+                        "events": events,
+                        "latency_ms": utc_ms() - started,
+                    }}
+                    append_jsonl(trace_path(), trace)
+                    return {{"success": True, "status": "blocked", "execution": trace, "certificate_returned": True}}
+            event("agent_execution_started", "ok")
+            completed = subprocess.run(
+                agent_command(str(prompt)),
+                cwd="/workspace",
+                text=True,
+                capture_output=True,
+                timeout=int(payload.get("timeout_seconds") or 60 * 15),
+                check=False,
+            )
+            status = "succeeded" if completed.returncode == 0 else "failed"
+            event("agent_execution_completed", status, {{"returncode": completed.returncode}})
+            trace = {{
+                "execution_id": execution_id,
+                "agent_id": agent_id,
+                "action": action,
+                "status": status,
+                "risk": policy["risk"],
+                "policy": policy,
+                "final_outcome": status,
+                "events": events,
+                "latency_ms": utc_ms() - started,
+                "stdout": completed.stdout[-8000:],
+                "stderr": completed.stderr[-8000:],
+                "certificate_returned": True,
+            }}
+            append_jsonl(trace_path(), trace)
+            return {{"success": completed.returncode == 0, "execution": trace, "certificate_returned": True}}
+        """
+    )
+    return template.replace("__AGENT_COMMAND_SOURCE__", agent_command_source)
+def write_modal_source(plan: DeployPlan) -> Path:
+    state_dir = Path(plan.project_root) / ".invoke"
+    state_dir.mkdir(parents=True, exist_ok=True)
+    path = state_dir / "modal_app.py"
+    path.write_text(modal_source(plan), encoding="utf-8")
+    return path
+def _parse_endpoint(output: str) -> str | None:
+    match = ENDPOINT_RE.search(output)
+    return match.group(0).rstrip(".,)")
+def deploy_modal_app(plan: DeployPlan) -> dict[str, Any]:
+    """Deploy the generated Modal app and return endpoint metadata."""
+    _require_modal_cli()
+    source_path = write_modal_source(plan)
+    completed = subprocess.run(
+        ["modal", "deploy", str(source_path)],
+        cwd=plan.project_root,
+        text=True,
+        capture_output=True,
+        timeout=60 * 10,
+        check=False,
+    )
+    output = (completed.stdout or "") + "\n" + (completed.stderr or "")
+    if completed.returncode != 0:
+        raise RuntimeError(f"Modal deploy failed with exit code {completed.returncode}:\n{output.strip()}")
+    endpoint_url = _parse_endpoint(output)
     return {
         "app_name": plan.app_name,
         "volume": plan.modal_volume,
-        "entrypoint": plan.entrypoint,
-        "project_root": str(project_root),
-        "plan": asdict(plan),
-        "modal_app": app,
-        "modal_run_function": run_agent,
+        "endpoint_url": endpoint_url,
+        "dashboard_url": f"https://modal.com/apps/{plan.app_name}",
+        "source_path": str(source_path),
+        "deploy_output": output.strip(),
     }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@invokehq/cli",
-  "version": "0.2.7",
+  "version": "0.2.9",
   "description": "CLI for Invoke, execution reliability infrastructure for AI agents.",
   "license": "Apache-2.0",
   "bin": {