@misterhuydo/sentinel 1.0.12 → 1.0.13

package/.cairn/session.json

@@ -1,6 +1,6 @@
 {
-  "message": "Auto-checkpoint at 2026-03-21T17:02:51.501Z",
-  "checkpoint_at": "2026-03-21T17:02:51.502Z",
+  "message": "Auto-checkpoint at 2026-03-21T17:16:10.950Z",
+  "checkpoint_at": "2026-03-21T17:16:10.951Z",
   "active_files": [],
   "notes": [],
   "mtime_snapshot": {}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@misterhuydo/sentinel",
-  "version": "1.0.12",
+  "version": "1.0.13",
   "description": "Sentinel — Autonomous DevOps Agent installer and manager",
   "bin": {
     "sentinel": "./bin/sentinel.js"

package/python/sentinel/config_loader.py

@@ -51,7 +51,11 @@ class SentinelConfig:
     fix_confidence_threshold: float = 0.7
     log_retention_hours: int = 48
     anthropic_api_key: str = ""
-    marker_confirm_hours: int = 24  # quiet period before confirming a fix
+    marker_confirm_hours: int = 24   # quiet period before confirming a fix
+    config_poll_interval: int = 60   # seconds between config repo git pulls
+    auto_upgrade: bool = True        # auto-upgrade on new patch versions
+    version_pin: str = ""            # if set, never upgrade beyond this version
+    upgrade_check_hours: int = 6     # hours between npm upgrade checks
 
 
 @dataclass
@@ -137,6 +141,10 @@ class ConfigLoader:
         c.log_retention_hours = int(d.get("LOG_RETENTION_HOURS", 48))
         c.anthropic_api_key = d.get("ANTHROPIC_API_KEY", "")
         c.marker_confirm_hours = int(d.get("MARKER_CONFIRM_HOURS", 24))
+        c.config_poll_interval = int(d.get("CONFIG_POLL_INTERVAL", 60))
+        c.auto_upgrade = d.get("AUTO_UPGRADE", "true").lower() != "false"
+        c.version_pin = d.get("VERSION_PIN", "")
+        c.upgrade_check_hours = int(d.get("UPGRADE_CHECK_HOURS", 6))
         self.sentinel = c
 
     def _load_log_sources(self):

package/python/sentinel/main.py

@@ -8,7 +8,10 @@ Usage:
 
 import argparse
 import asyncio
+import json
 import logging
+import os
+import shutil
 import signal
 import subprocess
 import sys
@@ -24,7 +27,7 @@ from .log_fetcher import fetch_all
 from .log_parser import parse_all, scan_all_for_markers, ErrorEvent
 from .issue_watcher import scan_issues, mark_done, IssueEvent
 from .repo_router import route
-from .reporter import build_and_send, send_fix_notification, send_failure_notification, send_confirmed_notification, send_regression_notification, send_startup_notification
+from .reporter import build_and_send, send_fix_notification, send_failure_notification, send_confirmed_notification, send_regression_notification, send_startup_notification, send_upgrade_notification
 from .state_store import StateStore
 
 logging.basicConfig(
@@ -383,6 +386,160 @@ async def _send_startup_email_delayed(cfg, results: dict, delay: int = 300):
         logger.error("Failed to send startup notification: %s", e)
 
 
+# ── Config repo polling ──────────────────────────────────────────────────────────────────────────
+
+def _poll_config_repo(cfg_loader: ConfigLoader) -> bool:
+    """git pull the project directory if it is a git repo. Returns True if changes were pulled."""
+    project_dir = Path(".")
+    git_dir = project_dir / ".git"
+    if not git_dir.exists():
+        return False
+    try:
+        result = subprocess.run(
+            ["git", "pull", "--rebase", "--autostash"],
+            cwd=str(project_dir),
+            capture_output=True, text=True, timeout=30,
+        )
+        if result.returncode != 0:
+            logger.warning("Config repo git pull failed: %s", result.stderr.strip())
+            return False
+        changed = "Already up to date." not in result.stdout
+        if changed:
+            logger.info("Config repo updated — reloading config\n%s", result.stdout.strip())
+            cfg_loader.load()
+        return changed
+    except Exception as e:
+        logger.warning("Config repo poll error: %s", e)
+        return False
+
+
+async def _config_poll_loop(cfg_loader: ConfigLoader):
+    """Background task: poll config repo for changes every config_poll_interval seconds."""
+    while True:
+        interval = cfg_loader.sentinel.config_poll_interval
+        await asyncio.sleep(interval)
+        try:
+            _poll_config_repo(cfg_loader)
+        except Exception as e:
+            logger.warning("Config poll loop error: %s", e)
+
+
+# ── Auto-upgrade ─────────────────────────────────────────────────────────────────────────────────
+
+def _find_sentinel_code_dir() -> Path | None:
+    """Locate the sentinel/code dir relative to the project working directory."""
+    # Project dir is cwd; code dir is at ../code or ../../code depending on layout
+    for candidate in [
+        Path("../code"),
+        Path("../../code"),
+        Path.home() / "sentinel" / "code",
+    ]:
+        if candidate.exists() and (candidate / "sentinel").exists():
+            return candidate.resolve()
+    return None
+
+
+def _parse_version(v: str) -> tuple:
+    try:
+        return tuple(int(x) for x in v.strip().lstrip("v").split(".")[:3])
+    except Exception:
+        return (0, 0, 0)
+
+
+def _check_and_upgrade(cfg: SentinelConfig) -> bool:
+    """
+    Check npm registry for a newer patch/minor version of @misterhuydo/sentinel.
+    If found (and not blocked by VERSION_PIN), install it, copy Python source to
+    the code dir, then restart via os.execv.
+    Returns True if an upgrade was initiated (process will restart).
+    """
+    try:
+        result = subprocess.run(
+            ["npm", "show", "@misterhuydo/sentinel", "version"],
+            capture_output=True, text=True, timeout=30,
+        )
+        if result.returncode != 0:
+            logger.warning("npm show failed: %s", result.stderr.strip())
+            return False
+        latest = result.stdout.strip()
+    except Exception as e:
+        logger.warning("Upgrade check failed: %s", e)
+        return False
+
+    # Determine current version from package installed globally
+    try:
+        cur_result = subprocess.run(
+            ["npm", "list", "-g", "--depth=0", "--json"],
+            capture_output=True, text=True, timeout=30,
+        )
+        pkg_data = json.loads(cur_result.stdout or "{}")
+        deps = pkg_data.get("dependencies", {})
+        current = deps.get("@misterhuydo/sentinel", {}).get("version", "0.0.0")
+    except Exception:
+        current = "0.0.0"
+
+    current_t = _parse_version(current)
+    latest_t  = _parse_version(latest)
+
+    if cfg.version_pin:
+        pin_t = _parse_version(cfg.version_pin)
+        if latest_t > pin_t:
+            logger.info("Upgrade available (%s → %s) but pinned to %s — skipping",
+                        current, latest, cfg.version_pin)
+            return False
+
+    if latest_t <= current_t:
+        logger.debug("No upgrade available (current=%s, latest=%s)", current, latest)
+        return False
+
+    logger.info("Upgrading @misterhuydo/sentinel %s → %s", current, latest)
+    install = subprocess.run(
+        ["npm", "install", "-g", f"@misterhuydo/sentinel@{latest}"],
+        capture_output=True, text=True, timeout=120,
+    )
+    if install.returncode != 0:
+        logger.error("npm install failed: %s", install.stderr.strip())
+        return False
+
+    # Copy updated Python source from newly installed npm package to code dir
+    code_dir = _find_sentinel_code_dir()
+    if code_dir:
+        try:
+            npm_prefix_result = subprocess.run(
+                ["npm", "root", "-g"], capture_output=True, text=True, timeout=10,
+            )
+            npm_root = npm_prefix_result.stdout.strip()
+            new_src = Path(npm_root) / "@misterhuydo" / "sentinel" / "sentinel"
+            if new_src.exists():
+                dst = code_dir / "sentinel"
+                shutil.copytree(str(new_src), str(dst), dirs_exist_ok=True)
+                logger.info("Python source updated at %s", dst)
+        except Exception as e:
+            logger.warning("Failed to copy updated Python source: %s", e)
+
+    logger.info("Upgrade complete — restarting Sentinel")
+    try:
+        from .reporter import send_upgrade_notification
+        send_upgrade_notification(cfg, current, latest)
+    except Exception:
+        pass
+
+    os.execv(sys.executable, [sys.executable] + sys.argv)
+    return True  # unreachable after execv
+
+
+async def _upgrade_check_loop(cfg_loader: ConfigLoader):
+    """Background task: check for upgrades every upgrade_check_hours hours."""
+    # Wait one full interval before first check so startup isn't slowed
+    await asyncio.sleep(cfg_loader.sentinel.upgrade_check_hours * 3600)
+    while True:
+        try:
+            _check_and_upgrade(cfg_loader.sentinel)
+        except Exception as e:
+            logger.warning("Upgrade check loop error: %s", e)
+        await asyncio.sleep(cfg_loader.sentinel.upgrade_check_hours * 3600)
+
+
 # ── Entry point ──────────────────────────────────────────────────────────────────────────────────
 
 async def run_loop(cfg_loader: ConfigLoader, store: StateStore):
@@ -403,6 +560,9 @@ async def run_loop(cfg_loader: ConfigLoader, store: StateStore):
         logger.info("Startup checks passed — startup email in 5 minutes")
 
     asyncio.ensure_future(_send_startup_email_delayed(cfg_loader.sentinel, results))
+    asyncio.ensure_future(_config_poll_loop(cfg_loader))
+    if cfg_loader.sentinel.auto_upgrade:
+        asyncio.ensure_future(_upgrade_check_loop(cfg_loader))
 
     while True:
         try:

package/python/sentinel/reporter.py

@@ -345,3 +345,32 @@ def send_startup_notification(cfg: SentinelConfig, results: dict):
     subject = f'[Sentinel] {status_label} — {ts}'
     _send_email(cfg, subject, html)
     logger.info('Startup notification sent to %d recipient(s)', len(cfg.mails))
+
+
+def send_upgrade_notification(cfg: SentinelConfig, old_version: str, new_version: str):
+    if not cfg.mails:
+        return
+    ts = datetime.now(timezone.utc).strftime('%Y-%m-%d %H:%M UTC')
+    subject = f'[Sentinel] Upgraded {old_version} → {new_version}'
+    html = (
+        '<!DOCTYPE html><html><head><meta charset="utf-8">'
+        '<style>'
+        'body{font-family:Arial,sans-serif;font-size:14px;color:#222}'
+        'h2{color:#1a73e8}'
+        'table{border-collapse:collapse;width:100%;margin-bottom:16px}'
+        'td{padding:5px 10px;border-bottom:1px solid #eee}'
+        '.label{font-weight:bold;width:160px}'
+        '.mono{font-family:monospace;font-size:12px}'
+        '</style></head><body>'
+        '<h2>Sentinel auto-upgraded and restarted</h2>'
+        f'<p>{ts}</p>'
+        '<table>'
+        f'<tr><td class="label">Previous version</td><td class="mono">{old_version}</td></tr>'
+        f'<tr><td class="label">New version</td><td class="mono">{new_version}</td></tr>'
+        '</table>'
+        '<p>Sentinel has restarted automatically with the new version. No action required.</p>'
+        '<hr><small>Sentinel &mdash; Autonomous DevOps Agent</small>'
+        '</body></html>'
+    )
+    _send_email(cfg, subject, html)
+    logger.info('Upgrade notification sent: %s → %s', old_version, new_version)

package/templates/workspace-sentinel.properties

@@ -18,3 +18,11 @@ LOG_RETENTION_HOURS=48
 
 # Claude Code binary path
 CLAUDE_CODE_BIN=claude
+
+# Auto-upgrade: check npm for a newer @misterhuydo/sentinel every N hours and restart
+AUTO_UPGRADE=true
+UPGRADE_CHECK_HOURS=6
+# VERSION_PIN=1.0.12   # uncomment to prevent upgrades past this version
+
+# Config repo polling: if the project dir is a git repo, pull for config changes every N seconds
+CONFIG_POLL_INTERVAL=60