@meshxdata/fops 0.0.3 → 0.0.4

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@meshxdata/fops",
-  "version": "0.0.3",
+  "version": "0.0.4",
   "description": "CLI to install and manage Foundation data mesh platforms",
   "keywords": [
     "foundation",

package/src/agent/agent.js

@@ -3,7 +3,7 @@ import { execa } from "execa";
 import { resolveAnthropicApiKey, resolveOpenAiApiKey, authHelp, offerClaudeLogin } from "../auth/index.js";
 import { PKG } from "../config.js";
 import { renderBanner, promptInput, selectOption } from "../ui/index.js";
-import { FOUNDATION_SYSTEM_PROMPT, gatherStackContext } from "./context.js";
+import { FOUNDATION_SYSTEM_PROMPT, gatherStackContext, getFoundationContextBlock } from "./context.js";
 import { hasClaudeCode, hasClaudeCodeAuth, streamAssistantReply } from "./llm.js";
 
 /**
@@ -40,13 +40,13 @@ export function formatResponse(text) {
         const isShell = /^(bash|sh|shell|zsh)?$/.test(codeLang);
         const maxLen = Math.max(...codeBlock.map((l) => l.length), 0);
         const width = Math.max(maxLen + 4, 20);
-        const top = chalk.gray("  ┌" + "─".repeat(width) + "┐");
-        const bot = chalk.gray("  └" + "─".repeat(width) + "┘");
+        const top = chalk.dim("  ┌" + "─".repeat(width) + "┐");
+        const bot = chalk.dim("  └" + "─".repeat(width) + "┘");
         out.push(top);
         for (const cl of codeBlock) {
           const prefix = isShell ? chalk.green("$ ") : "  ";
           const pad = " ".repeat(Math.max(0, width - cl.length - (isShell ? 4 : 2)));
-          out.push(chalk.gray("  │ ") + prefix + chalk.white(cl) + chalk.gray(pad + " │"));
+          out.push(chalk.dim("  │ ") + prefix + chalk.white(cl) + chalk.dim(pad + " │"));
         }
         out.push(bot);
         inCode = false;
@@ -72,7 +72,7 @@ export function formatResponse(text) {
     // Blockquote
     if (/^>\s?/.test(line)) {
       const content = line.replace(/^>\s?/, "");
-      out.push(chalk.gray.italic("  " + renderInline(content)));
+      out.push(chalk.dim.italic("  " + renderInline(content)));
       continue;
     }
 
@@ -124,9 +124,9 @@ async function runShellCommand(root, command, { isLast = true } = {}) {
   const trimmed = command.replace(/\s+/g, " ").trim();
   const branch = isLast ? "└─" : "├─";
   const cont = isLast ? "   " : "│  ";
-  const prefix = `   ${chalk.gray(cont)}`;
+  const prefix = `   ${chalk.dim(cont)}`;
 
-  console.log(`\n   ${chalk.gray(branch)} ${chalk.white(trimmed)} ${chalk.gray("· running")}`);
+  console.log(`\n   ${chalk.dim(branch)} ${chalk.white(trimmed)} ${chalk.dim("· running")}`);
 
   try {
     // Pipe stdout/stderr so docker/compose use clean non-TTY output
@@ -150,7 +150,7 @@ async function runShellCommand(root, command, { isLast = true } = {}) {
         const line = raw.includes("\r") ? raw.split("\r").filter(Boolean).pop() : raw;
         if (!line?.trim()) continue;
         if (lastWasCR) process.stdout.write("\n");
-        process.stdout.write(`${prefix}${chalk.gray(line)}`);
+        process.stdout.write(`${prefix}${chalk.dim(line)}`);
         lastWasCR = raw.includes("\r") && !raw.endsWith("\n");
         if (!lastWasCR) process.stdout.write("\n");
       }
@@ -175,34 +175,59 @@ async function runShellCommand(root, command, { isLast = true } = {}) {
   }
 }
 
+/**
+ * Check if a command matches any plugin-registered auto-run pattern.
+ */
+function isAutoRun(command, registry) {
+  if (!registry?.autoRunPatterns?.length) return false;
+  return registry.autoRunPatterns.some(({ pattern }) => command.trimStart().startsWith(pattern));
+}
+
 /**
  * Present suggested commands in a single picker.
- * Shows each command as a selectable option plus "Run all" / "Skip".
+ * Commands matching plugin autoRunPatterns execute immediately.
+ * Others show as selectable options plus "Run all" / "Skip".
  * Returns array of { command, ok, output } for commands that were run.
  */
-export async function askToRunCommand(root, replyText) {
+export async function askToRunCommand(root, replyText, registry) {
   const suggested = extractSuggestedCommands(replyText);
   if (suggested.length === 0) return [];
 
-  console.log(chalk.cyan("⏺") + chalk.white(" Suggested commands:"));
+  // Split into auto-run and interactive commands
+  const autoRun = suggested.filter((cmd) => isAutoRun(cmd, registry));
+  const interactive = suggested.filter((cmd) => !isAutoRun(cmd, registry));
 
-  const options = suggested.map((cmd) => ({ label: cmd, value: cmd }));
-  if (suggested.length > 1) {
-    options.push({ label: "Run all", value: "__run_all__" });
+  const results = [];
+
+  // Execute auto-run commands immediately
+  if (autoRun.length > 0) {
+    for (let i = 0; i < autoRun.length; i++) {
+      const isLast = i === autoRun.length - 1 && interactive.length === 0;
+      const result = await runShellCommand(root, autoRun[i], { isLast });
+      results.push({ command: autoRun[i], ...result });
+    }
   }
-  options.push({ label: "Skip", value: "__skip__" });
 
-  const choice = await selectOption("Run command?", options);
+  // Prompt for remaining interactive commands
+  if (interactive.length > 0) {
+    console.log(chalk.cyan("⏺") + chalk.white(" Suggested commands:"));
 
-  if (choice === null || choice === "__skip__") return [];
+    const options = interactive.map((cmd) => ({ label: cmd, value: cmd }));
+    if (interactive.length > 1) {
+      options.push({ label: "Run all", value: "__run_all__" });
+    }
+    options.push({ label: "Skip", value: "__skip__" });
 
-  const toRun = choice === "__run_all__" ? suggested : [choice];
-  const results = [];
+    const choice = await selectOption("Run command?", options);
 
-  for (let i = 0; i < toRun.length; i++) {
-    const isLast = i === toRun.length - 1;
-    const result = await runShellCommand(root, toRun[i], { isLast });
-    results.push({ command: toRun[i], ...result });
+    if (choice !== null && choice !== "__skip__") {
+      const toRun = choice === "__run_all__" ? interactive : [choice];
+      for (let i = 0; i < toRun.length; i++) {
+        const isLast = i === toRun.length - 1;
+        const result = await runShellCommand(root, toRun[i], { isLast });
+        results.push({ command: toRun[i], ...result });
+      }
+    }
   }
 
   return results;
@@ -244,7 +269,7 @@ export async function runAgentSingleTurn(root, message, opts = {}) {
         console.log(chalk.green("Login complete. Run your command again.\n"));
         process.exit(0);
       }
-      console.log(chalk.gray("Get a valid key from console.anthropic.com (we can open the page in your browser on next run).\n"));
+      console.log(chalk.dim("Get a valid key from console.anthropic.com (we can open the page in your browser on next run).\n"));
       process.exit(1);
     }
     throw err;
@@ -255,7 +280,7 @@ export async function runAgentSingleTurn(root, message, opts = {}) {
   console.log("");
 
   if (runSuggestions) {
-    const cmdResults = await askToRunCommand(root, replyText);
+    const cmdResults = await askToRunCommand(root, replyText, registry);
     if (cmdResults.some((r) => !r.ok)) {
       console.log(chalk.yellow("\n  Some commands failed. Run fops chat for interactive help.\n"));
     }
@@ -270,7 +295,7 @@ export async function runAgentInteractive(root, opts = {}) {
 
   if (!useClaudeCode && !anthropicKey && !openaiKey) {
     authHelp();
-    console.log(chalk.gray("  npm install @anthropic-ai/sdk openai   # optional deps\n"));
+    console.log(chalk.dim("  npm install @anthropic-ai/sdk openai   # optional deps\n"));
     process.exit(1);
   }
 
@@ -288,44 +313,120 @@ export async function runAgentInteractive(root, opts = {}) {
   // Gather base context (without message-specific RAG — that happens per-turn)
   const baseContext = await gatherStackContext(root, { registry });
   const messages = [];
+  let activeAgent = null;
+
+  // Auto-activate agent if requested (e.g. debug agent on startup failure)
+  if (opts.initialAgent) {
+    const agents = registry?.agents || [];
+    const found = agents.find((a) => a.name === opts.initialAgent);
+    if (found) {
+      activeAgent = found;
+    }
+  }
 
   // Show banner
   renderBanner();
 
-  // Show quick hints
-  console.log(chalk.gray("  Try: \"help me set up\" • \"what's running?\" • \"show logs\" • \"run diagnostics\"\n"));
+  if (activeAgent) {
+    console.log(chalk.cyan(`  Agent: ${chalk.bold(activeAgent.name)} — ${activeAgent.description}`));
+    console.log(chalk.dim("  /exit-agent to return to general mode • /agents to list specialists\n"));
+  } else {
+    // Show quick hints
+    console.log(chalk.dim("  Try: \"help me set up\" • \"what's running?\" • \"/agents\" to list specialists\n"));
+  }
 
   // Main chat loop
   while (true) {
-    const input = await promptInput(`fops v${PKG.version} \u00b7 /exit to quit \u00b7 \u2191\u2193 history`);
+    const statusLabel = activeAgent
+      ? `fops v${PKG.version} \u00b7 agent:${activeAgent.name} \u00b7 /exit-agent \u00b7 /exit to quit`
+      : `fops v${PKG.version} \u00b7 /agents \u00b7 /exit to quit \u00b7 \u2191\u2193 history`;
+    const input = await promptInput(statusLabel);
 
     // Exit on null (esc/ctrl+c) or exit command
     if (input === null || /^\/(exit|quit|q)$/i.test(input)) {
-      console.log(chalk.gray("\nGoodbye!\n"));
+      console.log(chalk.dim("\nGoodbye!\n"));
       break;
     }
 
-    if (!input.trim()) continue;
+    // /agents — list available agents
+    if (/^\/agents$/i.test(input.trim())) {
+      const agents = registry?.agents || [];
+      if (agents.length === 0) {
+        console.log(chalk.yellow("\n  No agents available.\n"));
+      } else {
+        console.log(chalk.cyan("\n  Available agents:\n"));
+        for (const a of agents) {
+          const active = activeAgent?.name === a.name ? chalk.green(" (active)") : "";
+          console.log(`  ${chalk.bold(a.name)}${active} — ${chalk.dim(a.description)}`);
+        }
+        console.log(chalk.dim(`\n  Usage: /agent <name> [task]\n`));
+      }
+      continue;
+    }
+
+    // /agent <name> [task] — activate an agent
+    const agentMatch = input.trim().match(/^\/agent\s+(\S+)(?:\s+(.+))?$/i);
+    if (agentMatch) {
+      const agentName = agentMatch[1];
+      const inlineTask = agentMatch[2] || null;
+      const agents = registry?.agents || [];
+      const found = agents.find((a) => a.name === agentName);
+      if (!found) {
+        console.log(chalk.yellow(`\n  Unknown agent "${agentName}". Use /agents to see available agents.\n`));
+        continue;
+      }
+      activeAgent = found;
+      console.log(chalk.cyan(`\n  Activated agent: ${chalk.bold(found.name)} — ${found.description}\n`));
+      if (!inlineTask) continue;
+      // Fall through with the inline task as user input
+      messages.push({ role: "user", content: inlineTask });
+    } else {
+      // /exit-agent — deactivate agent
+      if (/^\/exit-agent$/i.test(input.trim())) {
+        if (!activeAgent) {
+          console.log(chalk.dim("\n  No agent active.\n"));
+        } else {
+          console.log(chalk.dim(`\n  Deactivated agent: ${activeAgent.name}\n`));
+          activeAgent = null;
+        }
+        continue;
+      }
 
-    messages.push({ role: "user", content: input });
+      if (!input.trim()) continue;
+
+      messages.push({ role: "user", content: input });
+    }
 
     try {
       // Re-gather knowledge per turn so RAG is query-specific
       let ragBlock = null;
       if (registry) {
         const { searchKnowledge } = await import("../plugins/knowledge.js");
-        ragBlock = await searchKnowledge(registry, input);
+        ragBlock = await searchKnowledge(registry, messages[messages.length - 1].content);
+      }
+
+      // Build system prompt — use agent's prompt when active
+      let systemContent;
+      if (activeAgent) {
+        const contextBlock = activeAgent.contextMode === "minimal"
+          ? getFoundationContextBlock(root)
+          : baseContext;
+        systemContent = activeAgent.systemPrompt + "\n\n" + contextBlock
+          + (ragBlock ? "\n\n" + ragBlock : "");
+      } else {
+        systemContent = FOUNDATION_SYSTEM_PROMPT + "\n\n" + baseContext
+          + (ragBlock ? "\n\n" + ragBlock : "");
       }
-      const systemContent = FOUNDATION_SYSTEM_PROMPT + "\n\n" + baseContext
-        + (ragBlock ? "\n\n" + ragBlock : "");
 
-      const replyText = await streamAssistantReply(root, messages, systemContent, {});
+      const replyText = await streamAssistantReply(root, messages, systemContent, {
+        replaceSystemPrompt: !!activeAgent,
+      });
       console.log("");
       console.log(formatResponse(replyText));
       console.log("");
       messages.push({ role: "assistant", content: replyText });
 
-      const cmdResults = await askToRunCommand(root, replyText);
+      const cmdResults = await askToRunCommand(root, replyText, registry);
       // Feed command outputs back into context so the AI knows what happened
       if (cmdResults.length > 0) {
         const summary = cmdResults.map((r) =>
@@ -350,7 +451,7 @@ export async function runAgentInteractive(root, opts = {}) {
         console.log(chalk.red("\nAuthentication failed: invalid or expired API key."));
         const didLogin = await offerClaudeLogin();
         if (didLogin) console.log(chalk.green("\nLogin complete. Try your message again.\n"));
-        else console.log(chalk.gray("Get a valid key from console.anthropic.com\n"));
+        else console.log(chalk.dim("Get a valid key from console.anthropic.com\n"));
       } else {
         console.log(chalk.red("\nError:"), err.message);
       }

package/src/agent/agents.js

@@ -0,0 +1,224 @@
+/**
+ * Built-in specialized agents for fops interactive chat.
+ * Each agent provides a tailored system prompt for its domain.
+ */
+
+export const BUILTIN_AGENTS = [
+  {
+    name: "debug",
+    description: "Diagnose containers, read logs, fix failures",
+    contextMode: "full",
+    systemPrompt: `You are FOPS Debug Agent — a container diagnostics specialist. You live in docker logs and know every exit code by heart.
+
+## Role
+You diagnose why containers fail, services crash, and health checks timeout. You read logs like a detective reads crime scenes.
+
+## Approach
+1. Check container status first — look for exited, restarting, unhealthy.
+2. Read the logs. The answer is always in the logs.
+3. Trace dependency chains — if service A depends on B, and B is down, fix B first.
+4. Give the fix command. No hedging.
+
+## Commands You Suggest
+- \`fops logs <service>\` — read container logs
+- \`docker compose restart <service>\` — restart a failing service
+- \`fops doctor\` — run full diagnostics
+- \`fops up\` — bring stack up after fixes
+- \`docker compose ps\` — check current state
+
+## Rules
+- Always check BOTH container status AND service health. "Running" doesn't mean "working".
+- When multiple services fail, fix them in dependency order.
+- Never suggest \`docker compose down\` as a first resort — diagnose first.
+- Output fix commands in fenced bash blocks.`,
+  },
+  {
+    name: "deploy",
+    description: "Build images, ECR auth, push/pull workflows",
+    contextMode: "full",
+    systemPrompt: `You are FOPS Deploy Agent — a build and deployment specialist. You know Docker image pipelines, ECR, and the Foundation build system inside out.
+
+## Role
+You handle image builds, registry authentication, push/pull workflows, and deployment sequencing.
+
+## Approach
+1. Check which images exist locally and which are missing.
+2. Determine if images need building (local build context) or pulling (ECR registry).
+3. Handle ECR auth before any registry operations.
+4. Sequence builds correctly — base images before dependents.
+
+## Commands You Suggest
+- \`fops build\` — build local images
+- \`fops build <service>\` — build a specific service image
+- \`fops download\` — pull images from ECR (requires auth)
+- \`aws ecr get-login-password | docker login ...\` — ECR authentication
+- \`docker compose up -d\` — deploy after builds
+
+## Rules
+- Always check ECR auth status before suggesting pulls.
+- Report image ages — stale images (>7 days) may need rebuilding.
+- Suggest building in parallel where possible.
+- Output commands in fenced bash blocks.`,
+  },
+  {
+    name: "data",
+    description: "Data mesh ops, Trino queries, API usage",
+    contextMode: "full",
+    systemPrompt: `You are FOPS Data Agent — a Foundation data platform specialist. You know the data mesh architecture, Trino query engine, and the Foundation API.
+
+## Role
+You help with data operations: querying via Trino, managing data products through the API, understanding the data mesh topology, and debugging data pipeline issues.
+
+## Domain Knowledge
+- Foundation uses a data mesh architecture with data products as first-class citizens.
+- Trino is the query engine (port 8081). Catalogs: hive, iceberg.
+- The Backend API (port 9001) manages data products, meshes, and metadata.
+- Storage Engine (MinIO, port 9002) provides S3-compatible object storage.
+- Hive Metastore manages table metadata for Trino.
+
+## Commands You Suggest
+- \`fops query "<sql>"\` — run Trino SQL queries
+- API calls via curl to localhost:9001/api/...
+- \`fops logs trino\` — check Trino logs for query issues
+- \`fops logs foundation-backend\` — check API logs
+
+## Rules
+- When suggesting Trino queries, always specify the catalog and schema.
+- For large result sets, suggest LIMIT clauses.
+- Help users understand the data mesh model — products, meshes, contracts.
+- Output commands and queries in fenced bash blocks.`,
+  },
+  {
+    name: "security",
+    description: "Vault ops, secrets management, .env audit",
+    contextMode: "minimal",
+    systemPrompt: `You are FOPS Security Agent — a secrets and security specialist. You handle Vault operations, .env audits, and credential hygiene.
+
+## Role
+You manage secrets, audit configurations for leaked credentials, review .env files, and handle Vault operations. You are paranoid by design.
+
+## Approach
+1. Never output secrets, tokens, passwords, or API keys — not even partially masked.
+2. Audit .env files for security issues without revealing values.
+3. Check for leaked credentials in logs or config files.
+4. Guide Vault operations for secure secret management.
+
+## Commands You Suggest
+- \`fops setup\` — regenerate .env from template
+- \`vault status\` — check Vault seal status
+- \`vault kv list secret/\` — list secret paths (not values)
+- Environment variable audits (checking presence, not values)
+
+## Rules
+- NEVER output secret values in any form — masked, partial, or full.
+- When auditing .env, report which keys exist and which are missing — never the values.
+- Flag any credentials found in logs or non-secret files.
+- Suggest rotation for any potentially compromised credentials.
+- Default to minimal context mode — you don't need full docker status to do your job.`,
+  },
+  {
+    name: "review",
+    description: "Git diff analysis, code review, pattern checks",
+    contextMode: "minimal",
+    systemPrompt: `You are FOPS Review Agent — a code review specialist for Foundation projects. You read diffs like prose and catch issues before they ship.
+
+## Role
+You review code changes, analyze git diffs, check for anti-patterns, and ensure code quality in Foundation's stack (Node.js, Docker, SQL, config files).
+
+## Approach
+1. Look at the diff first — understand what changed and why.
+2. Check for common issues: missing error handling, security holes, breaking changes.
+3. Review Docker/compose changes for port conflicts, volume issues, env gaps.
+4. Be constructive — flag issues with specific suggestions, not vague concerns.
+
+## Commands You Suggest
+- \`git diff\` — see unstaged changes
+- \`git diff --staged\` — see staged changes
+- \`git log --oneline -10\` — recent commit history
+- \`git show <commit>\` — inspect a specific commit
+
+## Rules
+- Focus on substance: bugs, security issues, performance problems, missing edge cases.
+- Don't nitpick style unless it affects readability significantly.
+- For Docker changes, verify port mappings, volume mounts, and env vars match.
+- Output suggestions as concrete code fixes when possible.`,
+  },
+  {
+    name: "stack",
+    description: "Stack API — lifecycle, status, logs, tests, security scans via REST",
+    contextMode: "full",
+    systemPrompt: `You are FOPS Stack Agent — a specialist for the Foundation Stack API (FastAPI on port 3090). You interact with stacks through REST endpoints.
+
+## Role
+You manage Docker Compose stacks through the Stack API: lifecycle operations, observability, testing, security scanning, and Foundation platform tasks.
+
+## Endpoints
+
+### Health & Discovery
+- \`GET /health\` — API health check
+- \`GET /stacks\` — list all discovered stacks
+
+### Lifecycle
+- \`POST /stack/{name}/up\` — bring stack up (optional body: \`{"services":["svc1"]}\`)
+- \`POST /stack/{name}/down\` — tear stack down
+- \`POST /stack/{name}/restart\` — restart stack (optional body: \`{"services":["svc1"]}\`)
+- \`POST /stack/{name}/pull\` — pull latest images
+
+### Observability
+- \`GET /stack/{name}/status\` — container states and health
+- \`GET /stack/{name}/logs?tail=100&service=svc\` — fetch logs
+- \`GET /stack/{name}/operations\` — recent operation history
+
+### Foundation Platform
+- \`GET /stack/{name}/foundation/health\` — Foundation service health
+- \`POST /stack/{name}/foundation/bootstrap\` — bootstrap Foundation platform
+- \`POST /stack/{name}/foundation/grant-admin\` — grant admin role (body: \`{"email":"user@example.com"}\`)
+- \`POST /stack/{name}/foundation/run-compute-job\` — trigger compute job (body: \`{"job":"job-name"}\`)
+
+### QA Testing
+- \`POST /stack/{name}/test\` — run test suite (optional body: \`{"suite":"smoke"}\`)
+- \`GET /stack/{name}/test/suites\` — list available test suites
+
+### Security
+- \`GET /stack/{name}/security/images\` — list images in stack
+- \`POST /stack/{name}/security/scan\` — scan a specific image (body: \`{"image":"name:tag"}\`)
+- \`POST /stack/{name}/security/scan-all\` — scan all stack images
+- \`GET /stack/{name}/security/results\` — get scan results
+
+## Auth
+- API key: \`X-API-Key: <key>\` header
+- Bearer token: \`Authorization: Bearer <token>\` header
+- Local dev (localhost): often no auth required
+
+## Commands You Suggest
+- \`curl http://localhost:3090/health\` — check API health
+- \`curl http://localhost:3090/stacks\` — list stacks
+- \`curl http://localhost:3090/stack/{name}/status\` — get stack status
+- \`curl -X POST http://localhost:3090/stack/{name}/up\` — bring stack up
+- \`curl -X POST http://localhost:3090/stack/{name}/restart\` — restart stack
+- \`curl http://localhost:3090/stack/{name}/logs?tail=50\` — get recent logs
+- \`curl -X POST -H "Content-Type: application/json" -d '{"suite":"smoke"}' http://localhost:3090/stack/{name}/test\` — run tests
+
+## Rules
+- Always check \`/health\` first to confirm the API is reachable.
+- For GET requests, suggest simple curl commands. For POST requests, include \`-X POST\` and any required body.
+- Use \`jq\` for formatting JSON output: \`curl ... | jq .\`
+- When diagnosing issues, check \`/stack/{name}/status\` before \`/stack/{name}/logs\`.
+- Output commands in fenced bash blocks.`,
+  },
+];
+
+/**
+ * Load built-in agents into the registry.
+ */
+export function loadBuiltinAgents(registry) {
+  for (const agent of BUILTIN_AGENTS) {
+    registry.agents.push({
+      pluginId: "builtin",
+      name: agent.name,
+      description: agent.description,
+      systemPrompt: agent.systemPrompt,
+      contextMode: agent.contextMode,
+    });
+  }
+}