npm - @misterhuydo/sentinel - Versions diffs - 1.4.66 → 1.4.68 - Mend

@misterhuydo/sentinel 1.4.66 → 1.4.68

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/package.json +21 -21
package/python/sentinel/dependency_manager.py +206 -0
package/python/sentinel/git_manager.py +113 -0
package/python/sentinel/main.py +32 -4
package/python/sentinel/notify.py +376 -331
package/python/sentinel/sentinel_boss.py +306 -1

package/python/sentinel/sentinel_boss.py CHANGED Viewed

@@ -985,6 +985,11 @@ _TOOLS = [
                     "description": "Optional 8-char fingerprint to target a specific fix PR. "
                                    "If omitted, merges the most recent open PR for the repo.",
                 },
+                "pr_number": {
+                    "type": "integer",
+                    "description": "Merge a specific PR by number (e.g. a Renovate PR). "
+                                   "When set, repo_name is still required but fingerprint is ignored.",
+                },
             },
             "required": ["repo_name"],
         },
@@ -1008,6 +1013,72 @@ _TOOLS = [
             "required": ["tool_name"],
         },
     },
+    {
+        "name": "list_renovate_prs",
+        "description": (
+            "List all open Renovate bot pull requests across all managed repos. "
+            "Shows package name, version change, Renovate confidence, CI status, age, and merge-readiness. "
+            "Use before deciding which Renovate PRs to merge. "
+            "e.g. 'show renovate PRs', 'what dependency upgrades are pending?', "
+            "'list open renovate pull requests', 'any renovate PRs ready to merge?'"
+        ),
+        "input_schema": {
+            "type": "object",
+            "properties": {
+                "repo_name": {
+                    "type": "string",
+                    "description": "Filter to a specific repo. Omit to scan all managed repos.",
+                },
+                "ready_only": {
+                    "type": "boolean",
+                    "description": "If true, only show PRs where CI passes and there are no conflicts.",
+                    "default": False,
+                },
+            },
+        },
+    },
+    {
+        "name": "manage_release",
+        "description": (
+            "Plan and execute repository operations: build, Maven release, dependency updates, "
+            "or a full release-and-cascade (release one repo then bump its version in all dependents). "
+            "Always presents a confirmation plan before acting. "
+            "Examples: 'build Whydah-TypeLib', 'release Whydah-TypeLib', "
+            "'update Whydah-Java-SDK to use the latest Whydah-TypeLib', "
+            "'trigger a release for Whydah-TypeLib and update all dependents', "
+            "'update all repos to use the latest whydah-typelib release'"
+        ),
+        "input_schema": {
+            "type": "object",
+            "properties": {
+                "operation": {
+                    "type": "string",
+                    "enum": ["build", "release", "update_deps", "release_and_cascade"],
+                    "description": (
+                        "build: trigger Jenkins build only. "
+                        "release: trigger Maven Release; auto-cascades if AUTO_PUBLISH=true. "
+                        "update_deps: update dependency version in target repos (source already released). "
+                        "release_and_cascade: release source_repo then cascade to all dependents."
+                    ),
+                },
+                "source_repo": {
+                    "type": "string",
+                    "description": "Repo to build/release, or the repo whose artifact is being updated.",
+                },
+                "target_repos": {
+                    "type": "array",
+                    "items": {"type": "string"},
+                    "description": "Repos to update. Empty = auto-detect all dependents.",
+                },
+                "confirmed": {
+                    "type": "boolean",
+                    "description": "false = show plan and ask for confirmation. true = execute.",
+                    "default": False,
+                },
+            },
+            "required": ["operation", "source_repo"],
+        },
+    },
     {
         "name": "set_maintenance",
         "description": (
@@ -2329,7 +2400,7 @@ async def _run_tool(name: str, inputs: dict, cfg_loader, store, slack_client=Non
         return json.dumps({"error": "cannot determine user — not clearing"})
     # ── Admin-only tools ──────────────────────────────────────────────────────
-    _ADMIN_TOOLS = {"list_all_users", "clear_user_history", "reset_fingerprint", "list_all_errors", "export_db", "merge_pr", "install_tool"}
+    _ADMIN_TOOLS = {"list_all_users", "clear_user_history", "reset_fingerprint", "list_all_errors", "export_db", "merge_pr", "install_tool", "manage_release"}
     if name in _ADMIN_TOOLS:
         if not is_admin:
             return json.dumps({"error": "Admin access required. You are not in SLACK_ADMIN_USERS."})
@@ -2554,6 +2625,240 @@ async def _run_tool(name: str, inputs: dict, cfg_loader, store, slack_client=Non
         except _sp.TimeoutExpired:
             return json.dumps({"error": f"Install timed out for '{tool_name}'"})
+    if name == "list_renovate_prs":
+        import requests as _req
+        from datetime import datetime, timezone
+        github_token = cfg_loader.sentinel.github_token
+        if not github_token:
+            return json.dumps({"error": "GITHUB_TOKEN not configured — cannot query GitHub API"})
+        filter_repo = inputs.get("repo_name", "").strip()
+        ready_only  = bool(inputs.get("ready_only", False))
+        headers = {
+            "Authorization": f"Bearer {github_token}",
+            "Accept": "application/vnd.github+json",
+        }
+        def _owner_repo_from_url(url):
+            if url.startswith("git@"):
+                return url.split(":")[-1].removesuffix(".git")
+            return "/".join(url.rstrip("/").split("/")[-2:]).removesuffix(".git")
+        def _ci_status(owner_repo, sha):
+            r = _req.get(
+                f"https://api.github.com/repos/{owner_repo}/commits/{sha}/check-runs",
+                headers=headers, params={"per_page": 20}, timeout=10,
+            )
+            if r.status_code != 200:
+                return "unknown"
+            runs = r.json().get("check_runs", [])
+            if not runs:
+                return "no checks"
+            statuses = {run["conclusion"] for run in runs if run["status"] == "completed"}
+            if "failure" in statuses or "cancelled" in statuses:
+                return "failing"
+            if all(s == "success" for s in statuses) and len(statuses) > 0:
+                return "passing"
+            return "pending"
+        def _parse_renovate_body(body):
+            """Extract package change table and confidence from Renovate PR body."""
+            if not body:
+                return [], "unknown"
+            # Confidence line: "| ... | Confidence |" table header, data follows
+            conf = "unknown"
+            conf_m = __import__("re").search(r"\| *(low|moderate|high|neutral|very high) *\|", body, __import__("re").IGNORECASE)
+            if conf_m:
+                conf = conf_m.group(1).lower()
+            # Package table rows: | package | X.Y → A.B |
+            changes = __import__("re").findall(r"\[([^\]]+)\].*?(\d+[\.\d]*)\s*[→\-]+\s*(\d+[\.\d]*)", body)
+            pkgs = [{"package": p, "from": f, "to": t} for p, f, t in changes[:5]]
+            return pkgs, conf
+        all_prs = []
+        repos_to_scan = {
+            name: repo for name, repo in cfg_loader.repos.items()
+            if (not filter_repo) or (filter_repo.lower() in name.lower())
+        }
+        for repo_name_k, repo in repos_to_scan.items():
+            if not repo.repo_url:
+                continue
+            owner_repo = _owner_repo_from_url(repo.repo_url)
+            try:
+                r = _req.get(
+                    f"https://api.github.com/repos/{owner_repo}/pulls",
+                    headers=headers,
+                    params={"state": "open", "per_page": 50},
+                    timeout=15,
+                )
+                if r.status_code != 200:
+                    continue
+                for pr in r.json():
+                    labels = [l["name"] for l in pr.get("labels", [])]
+                    if "renovate" not in labels:
+                        continue
+                    sha = pr["head"]["sha"]
+                    ci = _ci_status(owner_repo, sha)
+                    mergeable = pr.get("mergeable")
+                    conflict = (mergeable is False)
+                    pkgs, conf = _parse_renovate_body(pr.get("body", ""))
+                    created = pr.get("created_at", "")
+                    age_days = 0
+                    if created:
+                        try:
+                            dt = datetime.fromisoformat(created.replace("Z", "+00:00"))
+                            age_days = (datetime.now(timezone.utc) - dt).days
+                        except Exception:
+                            pass
+                    ready = (ci == "passing" and not conflict)
+                    if ready_only and not ready:
+                        continue
+                    all_prs.append({
+                        "repo": repo_name_k,
+                        "pr_number": pr["number"],
+                        "title": pr["title"],
+                        "url": pr["html_url"],
+                        "packages": pkgs,
+                        "confidence": conf,
+                        "ci": ci,
+                        "conflict": conflict,
+                        "age_days": age_days,
+                        "ready_to_merge": ready,
+                    })
+            except Exception as exc:
+                logger.warning("list_renovate_prs: error scanning %s: %s", repo_name_k, exc)
+        all_prs.sort(key=lambda p: (0 if p["ready_to_merge"] else 1, p["repo"]))
+        return json.dumps({
+            "total": len(all_prs),
+            "ready_count": sum(1 for p in all_prs if p["ready_to_merge"]),
+            "prs": all_prs,
+            "note": "Use merge_pr with repo_name + pr_number to merge a specific PR." if all_prs else "No open Renovate PRs found.",
+        })
+    if name == "manage_release":
+        from .dependency_manager import plan_cascade, execute_cascade, get_artifact_id, get_release_version
+        from .cicd_trigger import trigger as cicd_trigger, _trigger_jenkins, _trigger_jenkins_release
+        from .notify import notify_cascade_started, notify_cascade_result
+        operation   = inputs.get("operation", "").strip()
+        source_repo = inputs.get("source_repo", "").strip()
+        target_repos = inputs.get("target_repos") or []
+        confirmed   = bool(inputs.get("confirmed", False))
+        repo = cfg_loader.repos.get(source_repo)
+        if not repo:
+            # fuzzy match
+            for rname in cfg_loader.repos:
+                if source_repo.lower() in rname.lower():
+                    repo = cfg_loader.repos[rname]
+                    source_repo = rname
+                    break
+        if not repo:
+            return json.dumps({"error": f"Repo not found: {source_repo}. Known repos: {list(cfg_loader.repos.keys())}"})
+        # ── Plan phase (confirmed=false) ──────────────────────────────────────
+        if not confirmed:
+            if operation == "build":
+                return json.dumps({
+                    "plan": f"Trigger Jenkins build for {source_repo}",
+                    "job_url": repo.cicd_job_url,
+                    "note": "This triggers a regular build, not a release.",
+                    "confirm_prompt": "Reply with confirmed=true to proceed.",
+                })
+            if operation in ("release", "release_and_cascade"):
+                cascade_plan = plan_cascade(source_repo, cfg_loader.repos, target_repos or None)
+                if "error" in cascade_plan:
+                    return json.dumps(cascade_plan)
+                cascade_note = (
+                    f"After release, will update {len(cascade_plan['dependents'])} dependent repo(s)."
+                    if cascade_plan["dependents"] else "No dependent repos found in config."
+                )
+                return json.dumps({
+                    "plan": f"Trigger Maven Release for {source_repo}",
+                    "release_version": cascade_plan["new_version"],
+                    "dev_version_after": cascade_plan.get("new_version", ""),
+                    "job_url": repo.cicd_job_url,
+                    "cascade": cascade_plan["dependents"],
+                    "cascade_note": cascade_note,
+                    "auto_publish_source": repo.auto_publish,
+                    "confirm_prompt": "Reply with confirmed=true to proceed.",
+                })
+            if operation == "update_deps":
+                cascade_plan = plan_cascade(source_repo, cfg_loader.repos, target_repos or None)
+                if "error" in cascade_plan:
+                    return json.dumps(cascade_plan)
+                if not cascade_plan["dependents"]:
+                    return json.dumps({"note": f"No repos depend on {cascade_plan['artifact_id']} — nothing to update."})
+                return json.dumps({
+                    "plan": f"Update {cascade_plan['artifact_id']} to {cascade_plan['new_version']} in dependent repos",
+                    "artifact_id": cascade_plan["artifact_id"],
+                    "new_version": cascade_plan["new_version"],
+                    "targets": cascade_plan["dependents"],
+                    "confirm_prompt": "Reply with confirmed=true to proceed.",
+                })
+        # ── Execute phase (confirmed=true) ────────────────────────────────────
+        if operation == "build":
+            success = _trigger_jenkins(repo)
+            logger.info("Boss manage_release: build triggered for %s by %s", source_repo, user_id)
+            return json.dumps({"status": "triggered" if success else "failed", "repo": source_repo, "job_url": repo.cicd_job_url})
+        if operation in ("release", "release_and_cascade"):
+            success = _trigger_jenkins_release(repo)
+            logger.info("Boss manage_release: release triggered for %s by %s (success=%s)", source_repo, user_id, success)
+            if not success:
+                return json.dumps({"status": "failed", "repo": source_repo, "error": "Jenkins release trigger failed — check logs"})
+            # Cascade immediately if release_and_cascade, or if AUTO_PUBLISH=true
+            do_cascade = (operation == "release_and_cascade") or repo.auto_publish
+            if do_cascade:
+                artifact_id = get_artifact_id(repo.local_path)
+                new_version = get_release_version(repo.local_path)
+                if artifact_id and new_version:
+                    target_names = target_repos or None
+                    cascade_plan = plan_cascade(source_repo, cfg_loader.repos, target_names)
+                    target_repo_names = [d["repo"] for d in cascade_plan.get("dependents", [])]
+                    if target_repo_names:
+                        notify_cascade_started(cfg_loader.sentinel, artifact_id, new_version, target_repo_names, user_id)
+                        results = execute_cascade(source_repo, new_version, artifact_id, cfg_loader.repos, cfg_loader.sentinel, target_names)
+                        notify_cascade_result(cfg_loader.sentinel, artifact_id, new_version, results, user_id)
+                        return json.dumps({
+                            "status": "released_and_cascaded",
+                            "repo": source_repo,
+                            "version": new_version,
+                            "cascade": [{"repo": r.repo_name, "success": r.success, "pr_url": r.pr_url, "error": r.error} for r in results],
+                        })
+            return json.dumps({"status": "released", "repo": source_repo, "note": "Cascade will run automatically on next poll if AUTO_PUBLISH=true."})
+        if operation == "update_deps":
+            artifact_id = get_artifact_id(repo.local_path)
+            new_version = get_release_version(repo.local_path)
+            if not artifact_id or not new_version:
+                return json.dumps({"error": f"Could not read artifact/version from {source_repo}/pom.xml"})
+            target_names = target_repos or None
+            cascade_plan = plan_cascade(source_repo, cfg_loader.repos, target_names)
+            target_repo_names = [d["repo"] for d in cascade_plan.get("dependents", [])]
+            if not target_repo_names:
+                return json.dumps({"note": f"No repos depend on {artifact_id} — nothing to update."})
+            notify_cascade_started(cfg_loader.sentinel, artifact_id, new_version, target_repo_names, user_id)
+            results = execute_cascade(source_repo, new_version, artifact_id, cfg_loader.repos, cfg_loader.sentinel, target_names)
+            notify_cascade_result(cfg_loader.sentinel, artifact_id, new_version, results, user_id)
+            return json.dumps({
+                "status": "updated",
+                "artifact_id": artifact_id,
+                "version": new_version,
+                "results": [{"repo": r.repo_name, "success": r.success, "pr_url": r.pr_url, "error": r.error} for r in results],
+            })
+        return json.dumps({"error": f"Unknown operation: {operation}"})
     return json.dumps({"error": f"unknown tool: {name}"})