@meshxdata/fops 0.0.5 → 0.0.7

package/src/plugins/bundled/fops-plugin-ecr/lib/setup.js

@@ -0,0 +1,180 @@
+import fs from "node:fs";
+import os from "node:os";
+import path from "node:path";
+import chalk from "chalk";
+import {
+  awsVersion,
+  detectEcrRegistry,
+  detectSsoProfiles,
+  stsIdentity,
+  ssoLogin,
+  ecrLogin,
+} from "./aws.js";
+import { getInquirer } from "../../../../lazy.js";
+
+/**
+ * Read ~/.fops.json config (full file).
+ */
+function readFopsConfig() {
+  const configPath = path.join(os.homedir(), ".fops.json");
+  try {
+    if (fs.existsSync(configPath)) {
+      return JSON.parse(fs.readFileSync(configPath, "utf8"));
+    }
+  } catch {}
+  return {};
+}
+
+/**
+ * Save plugin config into ~/.fops.json (deep-merged).
+ */
+function saveFopsConfig(updates) {
+  const configPath = path.join(os.homedir(), ".fops.json");
+  const existing = readFopsConfig();
+  const merged = { ...existing, ...updates };
+  if (updates.plugins) {
+    merged.plugins = { ...existing.plugins, ...updates.plugins };
+    merged.plugins.entries = {
+      ...existing?.plugins?.entries,
+      ...updates.plugins.entries,
+    };
+  }
+  fs.writeFileSync(configPath, JSON.stringify(merged, null, 2) + "\n");
+}
+
+/**
+ * Interactive setup wizard for the ECR plugin.
+ */
+export async function runSetupWizard(root) {
+  console.log(chalk.bold.cyan("\n  ECR Plugin Setup\n"));
+
+  // Step 1: Check AWS CLI
+  console.log(chalk.dim("  Checking AWS CLI..."));
+  let version = await awsVersion();
+  if (!version) {
+    console.log(chalk.red("  ✗ AWS CLI not found."));
+    const { install } = await (await getInquirer()).prompt([{
+      type: "confirm", name: "install", message: "Install via Homebrew?", default: true,
+    }]);
+    if (install) {
+      console.log(chalk.cyan("  ▶ brew install awscli"));
+      const { execa: execaFn } = await import("execa");
+      try {
+        await execaFn("brew", ["install", "awscli"], { stdio: "inherit", timeout: 120000 });
+        version = await awsVersion();
+      } catch (err) {
+        console.log(chalk.red(`  Install failed: ${err.message}`));
+        return;
+      }
+    } else {
+      console.log(chalk.dim("  Install manually: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html"));
+      return;
+    }
+  }
+  console.log(chalk.green(`  ✓ AWS CLI v${version}`));
+
+  // Step 2: Check for existing SSO profiles
+  console.log(chalk.dim("\n  Checking SSO profiles..."));
+  let profiles = detectSsoProfiles();
+  let selectedProfile;
+
+  if (profiles.length > 0) {
+    console.log(chalk.green(`  ✓ Found ${profiles.length} SSO profile(s)`));
+    if (profiles.length === 1) {
+      selectedProfile = profiles[0].name;
+      console.log(chalk.dim(`    Using profile: ${selectedProfile}`));
+    } else {
+      const choices = profiles.map((p) => ({ name: p.name, value: p.name }));
+      const { profile } = await (await getInquirer()).prompt([{
+        type: "list", name: "profile", message: "Select AWS profile:", choices,
+      }]);
+      selectedProfile = profile;
+    }
+  } else {
+    // No profiles — prompt for SSO config
+    console.log(chalk.yellow("  No SSO profiles found. Let's configure one."));
+
+    const answers = await (await getInquirer()).prompt([
+      { type: "input", name: "sessionName", message: "SSO session name:", default: "me-central-1" },
+      { type: "input", name: "ssoStartUrl", message: "SSO start URL:", validate: (v) => v?.trim() ? true : "Required." },
+      { type: "input", name: "ssoRegion", message: "SSO region:", default: "us-east-1" },
+      { type: "input", name: "accountId", message: "AWS account ID:", validate: (v) => /^\d{12}$/.test(v?.trim()) ? true : "Must be 12 digits." },
+      { type: "input", name: "roleName", message: "SSO role name:", default: "AdministratorAccess" },
+      { type: "input", name: "profileName", message: "Profile name:", default: "dev" },
+      { type: "input", name: "region", message: "Default region:", default: (a) => a.ssoRegion },
+    ]);
+
+    // Ensure ~/.aws directory exists
+    const awsDir = path.join(os.homedir(), ".aws");
+    if (!fs.existsSync(awsDir)) fs.mkdirSync(awsDir, { mode: 0o700 });
+
+    const configPath = path.join(awsDir, "config");
+    const block = `[sso-session ${answers.sessionName.trim()}]
+sso_start_url = ${answers.ssoStartUrl.trim()}
+sso_region = ${answers.ssoRegion.trim()}
+sso_registration_scopes = sso:account:access
+
+[profile ${answers.profileName.trim()}]
+sso_session = ${answers.sessionName.trim()}
+sso_account_id = ${answers.accountId.trim()}
+sso_role_name = ${answers.roleName.trim()}
+region = ${answers.region.trim()}
+output = json
+`;
+    fs.writeFileSync(configPath, block);
+    console.log(chalk.green(`  ✓ Written to ~/.aws/config (profile: ${answers.profileName})`));
+    selectedProfile = answers.profileName.trim();
+  }
+
+  // Step 3: SSO login
+  console.log(chalk.dim("\n  Checking AWS session..."));
+  const sts = await stsIdentity(selectedProfile);
+  if (!sts.valid) {
+    console.log(chalk.yellow("  Session expired — logging in..."));
+    await ssoLogin(selectedProfile);
+
+    const retry = await stsIdentity(selectedProfile);
+    if (!retry.valid) {
+      console.log(chalk.red("  ✗ SSO login failed."));
+      return;
+    }
+  }
+  console.log(chalk.green("  ✓ AWS session valid"));
+
+  // Step 4: ECR docker login
+  const ecr = detectEcrRegistry(root);
+  if (ecr) {
+    console.log(chalk.dim("\n  Logging in to ECR..."));
+    const login = await ecrLogin(ecr.accountId, ecr.region, selectedProfile);
+    if (login.success) {
+      console.log(chalk.green(`  ✓ ECR authenticated (${login.url})`));
+    } else {
+      console.log(chalk.red(`  ✗ ECR login failed for ${login.url}`));
+    }
+  }
+
+  // Step 5: Auto-login preference
+  const { autoLogin } = await (await getInquirer()).prompt([{
+    type: "confirm", name: "autoLogin", message: "Auto-login to ECR before `fops up`?", default: true,
+  }]);
+
+  // Step 6: Save config
+  saveFopsConfig({
+    plugins: {
+      entries: {
+        "fops-plugin-ecr": {
+          enabled: true,
+          config: {
+            profile: selectedProfile,
+            autoLogin,
+          },
+        },
+      },
+    },
+  });
+
+  console.log(chalk.green("\n  ✓ Config saved to ~/.fops.json"));
+  console.log(chalk.dim(`    profile:   ${selectedProfile}`));
+  console.log(chalk.dim(`    autoLogin: ${autoLogin}`));
+  console.log(chalk.bold.green("\n  Setup complete! Run: fops ecr sync\n"));
+}

package/src/plugins/bundled/fops-plugin-ecr/lib/sync.js

@@ -0,0 +1,74 @@
+import chalk from "chalk";
+import { execa } from "execa";
+import {
+  detectEcrRegistry,
+  detectSsoProfiles,
+  stsIdentity,
+  ssoLogin,
+  ecrLogin,
+} from "./aws.js";
+
+/**
+ * Authenticate to ECR and pull latest images.
+ *
+ * 1. Detect ECR registry from compose file
+ * 2. Verify SSO session (auto-login if expired)
+ * 3. ECR docker login
+ * 4. docker compose pull from project root
+ * 5. Report results
+ */
+export async function syncImages(root, config = {}) {
+  // 1. Detect registry
+  const ecr = detectEcrRegistry(root);
+  if (!ecr) {
+    console.log(chalk.yellow("  No ECR images found in docker-compose.yaml."));
+    return { success: false, reason: "no-ecr-images" };
+  }
+
+  const ecrUrl = `${ecr.accountId}.dkr.ecr.${ecr.region}.amazonaws.com`;
+  console.log(chalk.dim(`  Registry: ${ecrUrl}`));
+
+  // 2. Determine profile
+  const profile = config.profile || detectSsoProfiles()[0]?.name || null;
+  if (profile) {
+    console.log(chalk.dim(`  Profile:  ${profile}`));
+  }
+
+  // 3. Verify SSO session
+  const sts = await stsIdentity(profile);
+  if (!sts.valid) {
+    console.log(chalk.yellow("  AWS session expired — logging in via SSO..."));
+    await ssoLogin(profile);
+
+    const retry = await stsIdentity(profile);
+    if (!retry.valid) {
+      console.log(chalk.red("  ✗ SSO login failed. Run: aws sso login"));
+      return { success: false, reason: "sso-failed" };
+    }
+  }
+  console.log(chalk.green("  ✓ AWS session valid"));
+
+  // 4. ECR docker login
+  const login = await ecrLogin(ecr.accountId, ecr.region, profile);
+  if (!login.success) {
+    console.log(chalk.red("  ✗ ECR docker login failed"));
+    return { success: false, reason: "ecr-login-failed" };
+  }
+  console.log(chalk.green(`  ✓ ECR authenticated`));
+
+  // 5. Pull images
+  console.log(chalk.cyan("\n  Pulling images...\n"));
+  const { exitCode } = await execa(
+    "docker",
+    ["compose", "pull"],
+    { cwd: root, stdio: "inherit", reject: false, timeout: 600_000 },
+  );
+
+  if (exitCode === 0) {
+    console.log(chalk.green("\n  ✓ All images pulled successfully."));
+    return { success: true };
+  } else {
+    console.log(chalk.yellow("\n  ⚠ Some images may have failed to pull."));
+    return { success: false, reason: "pull-failed" };
+  }
+}

package/src/plugins/bundled/fops-plugin-ecr/package.json

@@ -0,0 +1 @@
+{ "type": "module" }

package/src/plugins/bundled/fops-plugin-ecr/skills/ecr/SKILL.md

@@ -0,0 +1,105 @@
+---
+name: ecr
+description: AWS ECR authentication and container image management
+requires: aws
+---
+
+## ECR Plugin for fops
+
+Manages AWS ECR authentication and container image pulls for the Foundation stack.
+
+## Commands
+
+```bash
+fops ecr setup     # Interactive wizard: install AWS CLI, configure SSO, ECR login
+fops ecr sync      # Authenticate to ECR and pull latest images
+fops ecr status    # Show AWS CLI, SSO session, ECR auth, image freshness
+```
+
+## Auth Flow
+
+ECR authentication uses AWS SSO:
+
+1. **SSO login**: `aws sso login --profile <name>` — opens browser for authentication
+2. **Get ECR password**: `aws ecr get-login-password --region <region>`
+3. **Docker login**: `docker login --username AWS --password-stdin <registry-url>`
+
+The `before:up` hook handles this automatically when `autoLogin: true`.
+
+## Config
+
+Stored in `~/.fops.json`:
+
+```json
+{
+  "plugins": {
+    "entries": {
+      "fops-plugin-ecr": {
+        "enabled": true,
+        "config": {
+          "profile": "dev",
+          "autoLogin": true
+        }
+      }
+    }
+  }
+}
+```
+
+- `profile` — AWS CLI profile name (must have `sso_session` in `~/.aws/config`)
+- `autoLogin` — When true, auto-authenticate to ECR before `fops up`
+
+## AWS SSO Configuration
+
+The plugin reads `~/.aws/config` for SSO profiles. A typical setup:
+
+```ini
+[sso-session meshx]
+sso_start_url = https://myorg.awsapps.com/start
+sso_region = us-east-1
+sso_registration_scopes = sso:account:access
+
+[profile dev]
+sso_session = meshx
+sso_account_id = 676206939231
+sso_role_name = AdministratorAccess
+region = me-central-1
+output = json
+```
+
+## ECR Registry
+
+Images in `docker-compose.yaml` follow the pattern:
+
+```
+676206939231.dkr.ecr.me-central-1.amazonaws.com/foundation/<service>:<tag>
+```
+
+The plugin auto-detects the account ID and region from compose image references.
+
+## Setup
+
+Run `fops ecr setup` to:
+
+1. Check/install AWS CLI (offers Homebrew install)
+2. Detect or create SSO profile in `~/.aws/config`
+3. Authenticate via SSO
+4. Docker login to ECR
+5. Set auto-login preference
+6. Save config to `~/.fops.json`
+
+## Image Freshness
+
+`fops ecr status` checks local Docker images against ECR references. Images older than 7 days are flagged as stale. Run `fops ecr sync` to pull fresh copies.
+
+## Troubleshooting
+
+**AWS CLI not found**: Install via `brew install awscli` or see https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html
+
+**SSO session expired**: Run `fops ecr sync` (auto-logins) or `aws sso login --profile dev`
+
+**ECR login failed**: Check that your SSO profile has permission to access ECR. Verify with `aws sts get-caller-identity --profile dev`
+
+**Images not pulling**: Ensure Docker is running and you're authenticated. Run `fops ecr status` to diagnose. Check that the registry URL matches the images in `docker-compose.yaml`.
+
+**Auto-login not firing**: Check `~/.fops.json` has `autoLogin: true` under the plugin config.

package/src/plugins/bundled/fops-plugin-memory/fops.plugin.json

@@ -0,0 +1,7 @@
+{
+  "id": "fops-plugin-memory",
+  "name": "Agent Memory",
+  "version": "0.1.0",
+  "description": "Persistent memory for the fops agent across sessions",
+  "skills": ["skills/memory"]
+}

package/src/plugins/bundled/fops-plugin-memory/index.js

@@ -0,0 +1,148 @@
+import chalk from "chalk";
+import { loadMemories, addMemory, removeMemory, clearMemories } from "./lib/store.js";
+import { searchMemories } from "./lib/relevance.js";
+
+export function register(api) {
+  // ── Command: fops memory ───────────────────────────
+  api.registerCommand((program) => {
+    const cmd = program
+      .command("memory")
+      .alias("mem")
+      .description("Manage agent memory across sessions");
+
+    // fops memory save <text> [--tag <tag>...]
+    cmd
+      .command("save <text...>")
+      .description("Save a memory")
+      .option("-t, --tag <tags...>", "tags for categorization")
+      .action((textParts, opts) => {
+        const text = textParts.join(" ");
+        const tags = opts.tag || [];
+        const entry = addMemory(text, tags);
+        console.log(chalk.green(`  ✓ Saved memory ${entry.id}`));
+        console.log(chalk.gray(`    "${entry.text}"`));
+        if (tags.length) console.log(chalk.gray(`    tags: ${tags.join(", ")}`));
+      });
+
+    // fops memory list
+    cmd
+      .command("list")
+      .description("List all memories")
+      .action(() => {
+        const memories = loadMemories();
+        if (memories.length === 0) {
+          console.log(chalk.gray("  No memories saved."));
+          return;
+        }
+        console.log(chalk.bold.cyan(`\n  Agent Memory (${memories.length})\n`));
+        for (const m of memories) {
+          const age = daysSince(m.createdAt);
+          const tags = m.tags?.length ? chalk.blue(` [${m.tags.join(", ")}]`) : "";
+          console.log(chalk.gray(`  ${m.id}`) + `  ${m.text}` + tags + chalk.gray(` — ${age}`));
+        }
+        console.log("");
+      });
+
+    // fops memory search <query>
+    cmd
+      .command("search <query...>")
+      .description("Search memories by relevance")
+      .action((queryParts) => {
+        const query = queryParts.join(" ");
+        const memories = loadMemories();
+        const results = searchMemories(memories, query);
+        if (results.length === 0) {
+          console.log(chalk.gray("  No matching memories."));
+          return;
+        }
+        console.log(chalk.bold.cyan(`\n  Search: "${query}" (${results.length} match${results.length > 1 ? "es" : ""})\n`));
+        for (const { memory: m, score } of results) {
+          const tags = m.tags?.length ? chalk.blue(` [${m.tags.join(", ")}]`) : "";
+          const pct = Math.round(score * 100);
+          console.log(chalk.gray(`  ${m.id} (${pct}%)`) + `  ${m.text}` + tags);
+        }
+        console.log("");
+      });
+
+    // fops memory forget <id>
+    cmd
+      .command("forget <id>")
+      .description("Remove a memory by ID")
+      .action((id) => {
+        const removed = removeMemory(id);
+        if (removed) {
+          console.log(chalk.green(`  ✓ Removed: "${removed.text}"`));
+        } else {
+          console.log(chalk.red(`  ✗ No memory found with ID: ${id}`));
+        }
+      });
+
+    // fops memory clear
+    cmd
+      .command("clear")
+      .description("Clear all memories")
+      .action(() => {
+        const count = clearMemories();
+        console.log(chalk.green(`  ✓ Cleared ${count} memory(s).`));
+      });
+  });
+
+  // ── Knowledge source — inject relevant memories ────
+  api.registerKnowledgeSource({
+    name: "Agent Memory",
+    description: "Persistent memories from past sessions",
+    search(query) {
+      const memories = loadMemories();
+      if (memories.length === 0) return [];
+
+      const results = searchMemories(memories, query, { maxResults: 5, threshold: 0.15 });
+      if (results.length === 0) return [];
+
+      const lines = results.map(({ memory: m, score }) => {
+        const tags = m.tags?.length ? ` [${m.tags.join(", ")}]` : "";
+        const age = daysSince(m.createdAt);
+        return `- ${m.text}${tags} (${age})`;
+      });
+
+      return [
+        {
+          title: "Memories from past sessions",
+          content: [
+            "## Agent Memory",
+            "",
+            "These are things you remembered from previous sessions:",
+            "",
+            ...lines,
+            "",
+            "Use these memories to inform your responses. If a memory is outdated or wrong, suggest `fops memory forget <id>` to remove it.",
+          ].join("\n"),
+          score: 0.85,
+        },
+      ];
+    },
+  });
+
+  // ── Auto-run pattern — let agent save memories without confirmation ──
+  api.registerAutoRunPattern("fops memory");
+  api.registerAutoRunPattern("fops mem");
+
+  // ── Doctor check ───────────────────────────────────
+  api.registerDoctorCheck({
+    name: "Agent Memory",
+    fn: async (ok, warn) => {
+      const memories = loadMemories();
+      if (memories.length > 0) {
+        ok(`Agent memory`, `${memories.length} memory(s) stored`);
+      } else {
+        ok("Agent memory", "empty — agent will save learnings over time");
+      }
+    },
+  });
+}
+
+function daysSince(isoDate) {
+  const days = Math.floor((Date.now() - new Date(isoDate).getTime()) / 86400000);
+  if (days === 0) return "today";
+  if (days === 1) return "1d ago";
+  return `${days}d ago`;
+}

package/src/plugins/bundled/fops-plugin-memory/lib/relevance.js

@@ -0,0 +1,72 @@
+const STOP_WORDS = new Set([
+  "a", "an", "the", "is", "are", "was", "were", "be", "been", "being",
+  "have", "has", "had", "do", "does", "did", "will", "would", "could",
+  "should", "may", "might", "shall", "can", "need", "must",
+  "i", "me", "my", "we", "our", "you", "your", "he", "she", "it",
+  "they", "them", "this", "that", "these", "those", "what", "which",
+  "who", "whom", "how", "when", "where", "why",
+  "and", "or", "but", "not", "no", "if", "then", "so", "than",
+  "to", "of", "in", "for", "on", "with", "at", "by", "from", "up",
+  "about", "into", "through", "after", "before", "between",
+  "all", "any", "some", "each", "every", "both", "few", "more",
+  "just", "also", "very", "too", "quite", "really", "only",
+]);
+
+/**
+ * Tokenize text into meaningful words.
+ */
+function tokenize(text) {
+  return text
+    .toLowerCase()
+    .replace(/[^a-z0-9\-_/.]+/g, " ")
+    .split(/\s+/)
+    .filter((w) => w.length > 1 && !STOP_WORDS.has(w));
+}
+
+/**
+ * Score a memory against a query.
+ * Returns 0-1 score based on word overlap + tag boost.
+ */
+function scoreMemory(memory, queryTokens) {
+  const memTokens = new Set(tokenize(memory.text));
+  // Add tags as tokens too
+  for (const tag of memory.tags || []) {
+    for (const t of tokenize(tag)) memTokens.add(t);
+  }
+
+  if (queryTokens.length === 0 || memTokens.size === 0) return 0;
+
+  let matches = 0;
+  for (const qt of queryTokens) {
+    // Exact match or substring match for compound terms
+    if (memTokens.has(qt)) {
+      matches++;
+    } else {
+      for (const mt of memTokens) {
+        if (mt.includes(qt) || qt.includes(mt)) {
+          matches += 0.5;
+          break;
+        }
+      }
+    }
+  }
+
+  return matches / queryTokens.length;
+}
+
+/**
+ * Search memories by relevance to a query.
+ * Returns top-K memories sorted by score, filtered by threshold.
+ */
+export function searchMemories(memories, query, { maxResults = 5, threshold = 0.2 } = {}) {
+  const queryTokens = tokenize(query);
+  if (queryTokens.length === 0) return [];
+
+  const scored = memories
+    .map((m) => ({ memory: m, score: scoreMemory(m, queryTokens) }))
+    .filter((r) => r.score >= threshold)
+    .sort((a, b) => b.score - a.score)
+    .slice(0, maxResults);
+
+  return scored;
+}

package/src/plugins/bundled/fops-plugin-memory/lib/store.js

@@ -0,0 +1,75 @@
+import fs from "node:fs";
+import os from "node:os";
+import path from "node:path";
+import crypto from "node:crypto";
+
+const MEMORY_DIR = path.join(os.homedir(), ".fops", "memory");
+const MEMORY_FILE = path.join(MEMORY_DIR, "memories.json");
+
+function ensureDir() {
+  if (!fs.existsSync(MEMORY_DIR)) {
+    fs.mkdirSync(MEMORY_DIR, { recursive: true });
+  }
+}
+
+/**
+ * Load all memories from disk.
+ * Returns [] if file doesn't exist.
+ */
+export function loadMemories() {
+  try {
+    if (fs.existsSync(MEMORY_FILE)) {
+      return JSON.parse(fs.readFileSync(MEMORY_FILE, "utf8"));
+    }
+  } catch {}
+  return [];
+}
+
+/**
+ * Save full memories array to disk.
+ */
+function saveMemories(memories) {
+  ensureDir();
+  fs.writeFileSync(MEMORY_FILE, JSON.stringify(memories, null, 2) + "\n");
+}
+
+/**
+ * Add a new memory.
+ * Returns the created memory object.
+ */
+export function addMemory(text, tags = []) {
+  const memories = loadMemories();
+  const entry = {
+    id: crypto.randomUUID().split("-")[0],
+    text: text.trim(),
+    tags: tags.map((t) => t.trim().toLowerCase()).filter(Boolean),
+    createdAt: new Date().toISOString(),
+  };
+  memories.push(entry);
+  saveMemories(memories);
+  return entry;
+}
+
+/**
+ * Remove a memory by id (prefix match).
+ * Returns the removed entry or null.
+ */
+export function removeMemory(id) {
+  const memories = loadMemories();
+  const idx = memories.findIndex((m) => m.id === id || m.id.startsWith(id));
+  if (idx === -1) return null;
+  const [removed] = memories.splice(idx, 1);
+  saveMemories(memories);
+  return removed;
+}
+
+/**
+ * Clear all memories.
+ * Returns the count of removed entries.
+ */
+export function clearMemories() {
+  const memories = loadMemories();
+  const count = memories.length;
+  saveMemories([]);
+  return count;
+}

package/src/plugins/bundled/fops-plugin-memory/package.json

@@ -0,0 +1 @@
+{ "type": "module" }