@misterhuydo/sentinel 1.4.90 → 1.4.91

package/python/sentinel/repo_task_engine.py

@@ -0,0 +1,381 @@
+"""
+repo_task_engine.py — Run human-requested tasks (features, fixes, refactors)
+against managed repos via Claude Code.
+
+Unlike fix_engine.py which handles error-triggered fixes, this handles explicit
+human requests routed through Boss after full requirement gathering.
+
+Task files live in <project_dir>/repo-tasks/<repo_name>-<uuid>-<ts>.txt
+
+File format:
+    REPO: elprint-connector-service
+    TYPE: feature|fix|refactor|chore
+    SUBMITTED_BY: <@UXXX> (UXXX)
+    SUBMITTED_AT: 2026-03-27T10:00:00+00:00
+    NOTIFY: U1234567,U7654321          # optional
+
+    Full task description — what to implement, fix, or refactor.
+"""
+from __future__ import annotations
+
+import hashlib
+import logging
+import re
+import subprocess
+import time
+from dataclasses import dataclass, field
+from datetime import datetime, timezone
+from pathlib import Path
+
+from .config_loader import RepoConfig, SentinelConfig
+from .fix_engine import _claude_cmd, _run_claude_attempt, _is_auth_error, _progress_from_line
+from .git_manager import _git_env
+
+logger = logging.getLogger(__name__)
+
+_META_PREFIXES = ("REPO:", "TYPE:", "SUBMITTED_BY:", "SUBMITTED_AT:", "NOTIFY:")
+_TASK_TIMEOUT = 900  # 15 minutes
+
+
+@dataclass
+class RepoTask:
+    task_file: Path
+    repo_name: str
+    task_type: str          # feature|fix|refactor|chore
+    description: str        # full task body
+    message: str            # first non-blank line (shown in Slack)
+    submitter_user_id: str = ""
+    notify_user_ids: list = field(default_factory=list)
+    fingerprint: str = ""
+    timestamp: str = ""
+
+    def __post_init__(self):
+        if not self.fingerprint:
+            raw = f"repo-task:{self.repo_name}:{self.task_type}:{self.message[:200]}"
+            self.fingerprint = hashlib.sha1(raw.encode()).hexdigest()[:16]
+        if not self.timestamp:
+            self.timestamp = datetime.now(timezone.utc).isoformat()
+
+
+def _build_repo_prompt(task: RepoTask, repo: RepoConfig) -> str:
+    submitted = f"Requested by: <@{task.submitter_user_id}>" if task.submitter_user_id else ""
+    return (
+        f"You are implementing a requested change in the repository at {repo.local_path}.\n"
+        f"Repository: {repo.repo_name}\n"
+        f"{submitted}\n"
+        f"\n"
+        f"TASK TYPE: {task.task_type}\n"
+        f"TASK:\n{task.description}\n\n"
+        f"━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n"
+        f"INSTRUCTIONS\n"
+        f"━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n"
+        f"1. Explore the codebase first — understand structure, patterns, and conventions\n"
+        f"   before making any changes.\n"
+        f"2. Implement the requested change following the repo's existing code style.\n"
+        f"3. Syntax/compile check modified files.\n"
+        f"4. Run tests if available (Maven, Gradle, npm test) — commit only if passing.\n"
+        f"5. Commit all changes:\n"
+        f"   git add -A\n"
+        f"   git commit -m \"{task.task_type}(<scope>): <concise summary> [sentinel-task]\"\n"
+        f"6. End with a brief summary (max 10 lines) of what changed and why.\n"
+        f"\n"
+        f"BOUNDARIES:\n"
+        f"- Never modify CI/CD config files (.github/, Jenkinsfile, pom.xml build sections)\n"
+        f"- Implement exactly what was requested — no extra scope\n"
+        f"- If the task requires information you don't have:\n"
+        f"  output exactly: NEEDS_HUMAN: <what is missing>\n"
+        f"- If implementing this requires changing Sentinel itself (not this repo):\n"
+        f"  output exactly: BOSS_ESCALATE: <description>\n"
+    )
+
+
+def _get_head(local_path: str, env: dict) -> str:
+    r = subprocess.run(
+        ["git", "rev-parse", "HEAD"],
+        cwd=local_path, capture_output=True, text=True, env=env, timeout=10,
+    )
+    return r.stdout.strip() if r.returncode == 0 else ""
+
+
+def _open_task_pr(repo: RepoConfig, cfg: SentinelConfig, branch: str, task: RepoTask, commit_hash: str) -> str:
+    """Open a GitHub PR for a human-requested task."""
+    if not cfg.github_token:
+        logger.warning("GITHUB_TOKEN not set — cannot open PR for repo task")
+        return ""
+    url = repo.repo_url
+    owner_repo = (
+        url.split(":")[-1].removesuffix(".git") if url.startswith("git@")
+        else "/".join(url.rstrip("/").split("/")[-2:]).removesuffix(".git")
+    )
+    title = f"[Sentinel] {task.task_type}({repo.repo_name}): {task.message[:60]}"
+    submitter_line = f"**Requested by:** <@{task.submitter_user_id}>\n" if task.submitter_user_id else ""
+    body = (
+        f"## Human-requested task via Sentinel Boss\n\n"
+        f"**Task type:** `{task.task_type}`\n"
+        f"{submitter_line}"
+        f"**Commit:** `{commit_hash[:8]}`\n\n"
+        f"### Description\n{task.description[:1000]}\n\n"
+        f"---\n_Implemented by Sentinel. Review and merge when satisfied._"
+    )
+    import requests as _req
+    resp = _req.post(
+        f"https://api.github.com/repos/{owner_repo}/pulls",
+        json={"title": title, "body": body, "head": branch, "base": repo.branch},
+        headers={"Authorization": f"Bearer {cfg.github_token}", "Accept": "application/vnd.github+json"},
+        timeout=30,
+    )
+    if resp.status_code == 201:
+        pr_url = resp.json().get("html_url", "")
+        logger.info("Task PR opened: %s", pr_url)
+        return pr_url
+    logger.error("Failed to open task PR (%s): %s", resp.status_code, resp.text[:300])
+    return ""
+
+
+def run_repo_task(
+    task: RepoTask,
+    repo: RepoConfig,
+    cfg: SentinelConfig,
+    store=None,
+    on_progress=None,
+) -> tuple[str, str | None]:
+    """
+    Run Claude Code against a managed repo for a human-requested task.
+
+    Returns (status, detail):
+      "done"         → detail is pr_url (str | None)
+      "needs_human"  → detail is reason string
+      "skip"         → detail is reason string
+      "error"        → detail is error string
+    """
+    local_path = repo.local_path
+    if not local_path or not Path(local_path).exists():
+        return "error", f"Local clone not found at {local_path!r} — run `sentinel init` first"
+
+    env = _git_env(repo)
+
+    # Pull latest
+    r = subprocess.run(
+        ["git", "pull", "--rebase", "origin", repo.branch],
+        cwd=local_path, capture_output=True, text=True, env=env, timeout=60,
+    )
+    if r.returncode != 0:
+        logger.warning("git pull failed before repo task for %s: %s", repo.repo_name, r.stderr[:200])
+
+    before_hash = _get_head(local_path, env)
+
+    prompt = _build_repo_prompt(task, repo)
+    claude_log = Path(local_path).parent / "logs" / f"repo-task-{task.fingerprint[:8]}.log"
+    claude_log.parent.mkdir(parents=True, exist_ok=True)
+
+    if on_progress:
+        on_progress(f":mag: Exploring `{repo.repo_name}`...")
+
+    try:
+        output, timed_out = _run_claude_attempt(
+            cfg.claude_code_bin, prompt, env,
+            cwd=local_path,
+            claude_log_path=claude_log,
+            on_progress=on_progress,
+        )
+    except FileNotFoundError:
+        return "error", f"Claude binary not found: {cfg.claude_code_bin}"
+
+    if timed_out:
+        return "error", "Claude timed out after 15 minutes."
+
+    stripped = output.strip()
+
+    if _is_auth_error(stripped):
+        return "error", "Claude authentication error — check API key or run `claude login`."
+
+    if stripped.upper().startswith("SKIP:"):
+        reason = stripped[5:].strip()
+        logger.info("Repo task skipped for %s: %s", repo.repo_name, reason[:200])
+        return "skip", reason
+
+    if stripped.upper().startswith("NEEDS_HUMAN:"):
+        reason = stripped[12:].strip()
+        logger.info("Repo task needs human for %s: %s", repo.repo_name, reason[:200])
+        return "needs_human", reason
+
+    if stripped.upper().startswith("BOSS_ESCALATE:"):
+        description = stripped[14:].strip()
+        try:
+            from .sentinel_dev import drop_escalation
+            drop_escalation(
+                Path(local_path).parent,
+                description,
+                source="repo_task/BOSS_ESCALATE",
+                source_fingerprint=task.fingerprint,
+            )
+            logger.info("Repo task escalated to Patch for %s: %s", repo.repo_name, description[:200])
+        except Exception as _e:
+            logger.error("Failed to drop BOSS_ESCALATE from repo task: %s", _e)
+        return "skip", f"Escalated to Patch: {description[:200]}"
+
+    # Check if Claude committed anything
+    after_hash = _get_head(local_path, env)
+    if after_hash == before_hash:
+        # Claude ran but didn't commit — check for staged/unstaged changes
+        diff_r = subprocess.run(
+            ["git", "status", "--porcelain"],
+            cwd=local_path, capture_output=True, text=True, env=env, timeout=10,
+        )
+        if diff_r.stdout.strip():
+            commit_msg = f"{task.task_type}(sentinel-task): {task.message[:60]} [sentinel-task]"
+            subprocess.run(["git", "add", "-A"], cwd=local_path, env=env, timeout=30, capture_output=True)
+            cr = subprocess.run(
+                ["git", "commit", "-m", commit_msg],
+                cwd=local_path, env=env, timeout=30, capture_output=True, text=True,
+            )
+            if cr.returncode != 0:
+                logger.error("Auto-commit failed for %s: %s", repo.repo_name, cr.stderr[:200])
+                subprocess.run(["git", "checkout", "."], cwd=local_path, env=env, timeout=30, capture_output=True)
+                return "error", "Claude made changes but commit failed."
+            after_hash = _get_head(local_path, env)
+        else:
+            logger.warning("Repo task: Claude ran but made no changes for %s", repo.repo_name)
+            return "skip", "Claude completed but made no changes to the codebase."
+
+    commit_hash = after_hash
+
+    if on_progress:
+        on_progress(f":arrow_up: Pushing to `{repo.repo_name}`...")
+
+    if repo.auto_publish:
+        r = subprocess.run(
+            ["git", "push", "origin", repo.branch],
+            cwd=local_path, capture_output=True, text=True, env=env, timeout=60,
+        )
+        if r.returncode != 0:
+            logger.error("git push failed for %s: %s", repo.repo_name, r.stderr[:300])
+            return "error", f"git push failed: {r.stderr.strip()[:200]}"
+        logger.info("Repo task: pushed to %s/%s sha=%s", repo.repo_name, repo.branch, commit_hash[:8])
+        return "done", None
+    else:
+        branch = f"sentinel/task-{task.fingerprint[:8]}"
+        subprocess.run(["git", "checkout", "-B", branch], cwd=local_path, env=env,
+                       timeout=30, capture_output=True)
+        r = subprocess.run(
+            ["git", "push", "-u", "origin", branch],
+            cwd=local_path, capture_output=True, text=True, env=env, timeout=60,
+        )
+        if r.returncode != 0:
+            logger.error("git push branch failed for %s: %s", repo.repo_name, r.stderr[:300])
+            subprocess.run(["git", "checkout", repo.branch], cwd=local_path, env=env,
+                           timeout=30, capture_output=True)
+            return "error", f"git push failed: {r.stderr.strip()[:200]}"
+        subprocess.run(["git", "checkout", repo.branch], cwd=local_path, env=env,
+                       timeout=30, capture_output=True)
+        pr_url = _open_task_pr(repo, cfg, branch, task, commit_hash)
+        logger.info("Repo task: PR opened for %s: %s", repo.repo_name, pr_url)
+        return "done", pr_url or None
+
+
+def drop_repo_task(
+    project_dir: Path,
+    repo_name: str,
+    task_type: str,
+    description: str,
+    submitter_user_id: str = "",
+    notify_user_ids: list | None = None,
+) -> Path:
+    """Drop a repo task file into <project_dir>/repo-tasks/."""
+    tasks_dir = project_dir / "repo-tasks"
+    tasks_dir.mkdir(exist_ok=True)
+    import uuid as _uuid
+    ts = int(time.time())
+    fname = f"{repo_name}-{_uuid.uuid4().hex[:8]}-{ts}.txt"
+    fpath = tasks_dir / fname
+    lines = [
+        f"REPO: {repo_name}",
+        f"TYPE: {task_type}",
+        (f"SUBMITTED_BY: <@{submitter_user_id}> ({submitter_user_id})"
+         if submitter_user_id else "SUBMITTED_BY: system"),
+        f"SUBMITTED_AT: {datetime.now(timezone.utc).isoformat()}",
+    ]
+    if notify_user_ids:
+        lines.append(f"NOTIFY: {','.join(notify_user_ids)}")
+    lines += ["", description]
+    fpath.write_text("\n".join(lines), encoding="utf-8")
+    logger.info("Dropped repo task: %s", fname)
+    return fpath
+
+
+def scan_repo_tasks(project_dir: Path) -> list[RepoTask]:
+    """Return all pending repo task files from <project_dir>/repo-tasks/."""
+    tasks_dir = project_dir / "repo-tasks"
+    if not tasks_dir.exists():
+        return []
+    tasks = []
+    for f in sorted(tasks_dir.iterdir()):
+        if not f.is_file() or f.name.startswith(".") or f.suffix.lower() not in (".txt", ".md", ""):
+            continue
+        try:
+            content = f.read_text(encoding="utf-8", errors="replace").strip()
+        except OSError:
+            continue
+        if not content:
+            continue
+
+        lines = content.splitlines()
+        repo_name = ""
+        task_type = "feature"
+        submitter_user_id = ""
+        notify_user_ids: list = []
+        body_start = 0
+
+        for i, line in enumerate(lines):
+            stripped = line.strip()
+            upper = stripped.upper()
+            if upper.startswith("REPO:"):
+                repo_name = stripped[5:].strip()
+                body_start = i + 1
+            elif upper.startswith("TYPE:"):
+                raw = stripped[5:].strip().lower()
+                task_type = raw if raw in ("feature", "fix", "refactor", "chore") else "feature"
+                body_start = i + 1
+            elif upper.startswith("SUBMITTED_BY:"):
+                m = re.search(r'\(([UW][A-Z0-9]+)\)', stripped)
+                if m:
+                    submitter_user_id = m.group(1)
+                body_start = i + 1
+            elif upper.startswith("NOTIFY:"):
+                notify_user_ids = [u.strip() for u in stripped[7:].split(",") if u.strip()]
+                body_start = i + 1
+            elif any(upper.startswith(p) for p in _META_PREFIXES) or not stripped:
+                body_start = i + 1
+            else:
+                break
+
+        description = "\n".join(lines[body_start:]).strip() or content
+        message = next((l.strip() for l in lines[body_start:] if l.strip()), f.name)
+
+        if not repo_name:
+            logger.warning("Repo task %s has no REPO: header — skipping", f.name)
+            continue
+
+        tasks.append(RepoTask(
+            task_file=f,
+            repo_name=repo_name,
+            task_type=task_type,
+            description=description,
+            message=message,
+            submitter_user_id=submitter_user_id,
+            notify_user_ids=notify_user_ids,
+        ))
+        logger.info("Found repo task: %s → %s (type=%s)", f.name, repo_name, task_type)
+
+    return tasks
+
+
+def mark_repo_task_done(task_file: Path) -> None:
+    """Archive a processed repo task to repo-tasks/.done/."""
+    done_dir = task_file.parent / ".done"
+    done_dir.mkdir(exist_ok=True)
+    dest = done_dir / task_file.name
+    if dest.exists():
+        dest = done_dir / f"{task_file.stem}-{int(time.time())}{task_file.suffix}"
+    task_file.rename(dest)
+    logger.info("Repo task archived: %s -> .done/%s", task_file.name, dest.name)