@opengeni/db 0.4.0 → 0.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +2 -2
- package/dist/index.js +26 -0
- package/dist/index.js.map +1 -1
- package/dist/provision-roles.d.ts +4 -2
- package/dist/{schema-DuRsrmzD.d.ts → schema-C7Wvjwge.d.ts} +1 -1
- package/dist/schema.d.ts +1 -1
- package/drizzle/0038_observability_counts.sql +32 -0
- package/package.json +3 -3
- package/src/index.ts +26 -0
|
@@ -2,7 +2,7 @@ import { SessionEventType, Permission, CapabilityKind, CapabilitySource, Schedul
|
|
|
2
2
|
import { environmentsEncryptionKeyBytes, Settings } from '@opengeni/config';
|
|
3
3
|
import { refreshCodexToken, CodexTokenSnapshot, CodexUsagePayload } from '@opengeni/codex';
|
|
4
4
|
import { PgDatabase } from 'drizzle-orm/pg-core';
|
|
5
|
-
import { s as schema, e as enrollmentOsValues, a as enrollmentExposureValues, d as deviceEnrollmentStatusValues, b as enrollmentStatusValues, c as sandboxKindValues, f as sessionRecordingCodecValues, g as sessionRecordingModeValues, h as sessionRecordingStateValues } from './schema-
|
|
5
|
+
import { s as schema, e as enrollmentOsValues, a as enrollmentExposureValues, d as deviceEnrollmentStatusValues, b as enrollmentStatusValues, c as sandboxKindValues, f as sessionRecordingCodecValues, g as sessionRecordingModeValues, h as sessionRecordingStateValues } from './schema-C7Wvjwge.js';
|
|
6
6
|
import 'drizzle-orm';
|
|
7
7
|
import './migrate.js';
|
|
8
8
|
|
|
@@ -1559,6 +1559,8 @@ interface MeterableWarmLease {
|
|
|
1559
1559
|
backend: string;
|
|
1560
1560
|
}
|
|
1561
1561
|
declare function listMeterableWarmLeases(db: Database): Promise<MeterableWarmLease[]>;
|
|
1562
|
+
declare function countQueuedTurns(db: Database): Promise<number>;
|
|
1563
|
+
declare function countSandboxLeasesByLiveness(db: Database): Promise<Record<SandboxLeaseLiveness, number>>;
|
|
1562
1564
|
declare function listLiveModalSandboxLeaseAttributions(db: Database): Promise<LiveModalSandboxLeaseAttribution[]>;
|
|
1563
1565
|
declare function reArmDrainingLease(db: Database, input: {
|
|
1564
1566
|
accountId: string;
|
|
@@ -2142,4 +2144,4 @@ type LockedSessionUpdateResult = {
|
|
|
2142
2144
|
declare function appendSessionEventsWithLockedSessionUpdate(db: Database, workspaceId: string, sessionId: string, build: (session: Session, context: LockedSessionUpdateContext) => LockedSessionUpdateResult | Promise<LockedSessionUpdateResult>): Promise<SessionEvent[]>;
|
|
2143
2145
|
declare function sessionSubject(workspaceId: string, sessionId: string): string;
|
|
2144
2146
|
|
|
2145
|
-
export { SandboxLeaseSupersededError as $, type AccrueWarmSecondsResult as A, type BootstrapWorkspaceInput as B, CLEARED_RUN_STATE as C, type Database as D, type EnableCapabilityInstallationInput as E, type EnrollmentExposure as F, type EnrollmentOs as G, type EnrollmentRecord as H, type EnrollmentStatus as I, type ForceDrainResult as J, type GitHubInstallation as K, type GoalContinuationDecision as L, type LeaseHolderKind as M, type LeaseSnapshot as N, type ListSessionEventsOptions as O, type LiveModalSandboxLeaseAttribution as P, type ProvisionResult, type ProvisionRolesOptions, MACHINE_METRICS_SERIES_INTERVAL_MS as Q, type MachineMetricsRow as R, type MachineMetricsSample as S, type MeterableWarmLease as T, type ReapDrainable as U, type RegisterWorkspacePackInput as V, type RlsContext as W, type RlsStrategy as X, SandboxImageConflictError as Y, type SandboxKind as Z, type SandboxLeaseLiveness as _, type AcquireLeaseInput as a,
|
|
2147
|
+
export { SandboxLeaseSupersededError as $, type AccrueWarmSecondsResult as A, type BootstrapWorkspaceInput as B, CLEARED_RUN_STATE as C, type Database as D, type EnableCapabilityInstallationInput as E, type EnrollmentExposure as F, type EnrollmentOs as G, type EnrollmentRecord as H, type EnrollmentStatus as I, type ForceDrainResult as J, type GitHubInstallation as K, type GoalContinuationDecision as L, type LeaseHolderKind as M, type LeaseSnapshot as N, type ListSessionEventsOptions as O, type LiveModalSandboxLeaseAttribution as P, type ProvisionResult, type ProvisionRolesOptions, MACHINE_METRICS_SERIES_INTERVAL_MS as Q, type MachineMetricsRow as R, type MachineMetricsSample as S, type MeterableWarmLease as T, type ReapDrainable as U, type RegisterWorkspacePackInput as V, type RlsContext as W, type RlsStrategy as X, SandboxImageConflictError as Y, type SandboxKind as Z, type SandboxLeaseLiveness as _, type AcquireLeaseInput as a, createSessionGoal as a$, type SandboxPtySessionRow as a0, type SandboxRecord as a1, type SessionCodexState as a2, type SessionMcpServerForRun as a3, type SessionRecordingCodec as a4, type SessionRecordingMode as a5, type SessionRecordingRow as a6, type SessionRecordingState as a7, type StreamAcknowledgment as a8, type UpdateQueuedSessionTurnInput as a9, commitWarmingToWarm as aA, completeFileUpload as aB, confirmDrainCold as aC, consumeDeviceEnrollmentRequest as aD, consumeSessionCompactionRequest as aE, countActiveApiKeysForWorkspace as aF, countActiveSessionHistoryItems as aG, countActiveSessionsForWorkspace as aH, countActiveSessionsUsingEnvironment as aI, countConsecutiveReactiveRotations as aJ, countQueuedTurns as aK, countSandboxLeasesByLiveness as aL, countScheduledTasksForWorkspace as aM, countScheduledTasksUsingEnvironment as aN, countSessionHistoryItems as aO, countTurnSessionHistoryItems as aP, countWorkspaceEnvironments as aQ, countWorkspacesForAccount as aR, createApiKey as aS, createDb as aT, createDeviceEnrollmentRequest as aU, createEnrollment as aV, createFileUpload as aW, createSandbox as aX, createScheduledTask as aY, createScheduledTaskRun as aZ, createSession as a_, type UpdateScheduledTaskInput as aa, type UpdateSessionMcpServerCredentialsInput as ab, type UpdateSessionMcpServerCredentialsResult as ac, type UserLookup as ad, type WakeParentForChildCompletionInput as ae, type WakeParentForChildCompletionResult as af, type WorkspaceEnvironmentForRun as ag, accrueWarmSeconds as ah, acquireLease as ai, allAccountPermissions as aj, allWorkspacePermissions as ak, appendSessionEvents as al, appendSessionEventsAndUpdateSession as am, appendSessionEventsWithLockedSessionUpdate as an, appendSessionHistoryItems as ao, applyContextCompaction as ap, applyCreditDebitUpToBalance as aq, applyCreditLedgerEntry as ar, approveDeviceEnrollmentRequest as as, bootstrapWorkspace as at, buildCodexTokenResolver as au, cancelQueuedSessionTurn as av, claimNextQueuedTurn as aw, clearSessionContext as ax, clearedContextMarkerItem as ay, closePtySession as az, type AcquireLeaseResult as b, getStoredCapabilityHeaderCiphertext as b$, createSessionMcpServers as b0, createSessionWithIdempotencyKey as b1, createSocialConnection as b2, createSocialPost as b3, createTurn as b4, createWorkspace as b5, createWorkspaceEnvironment as b6, decryptEnvironmentValue as b7, decryptedCapabilityHeaders as b8, deleteRecording as b9, getCapabilityCatalogItem as bA, getCapabilityInstallation as bB, getCodexCredentialStatus as bC, getCodexRotationSettings as bD, getDeviceEnrollmentRequestByDeviceCode as bE, getEnrollment as bF, getFile as bG, getFileUpload as bH, getLatestRunState as bI, getManagedAccount as bJ, getManagedUserByEmail as bK, getOpenPtySession as bL, getPackInstallation as bM, getPendingDeviceEnrollmentRequestByUserCode as bN, getPendingDeviceEnrollmentRequestByUserCodeGlobal as bO, getRecording as bP, getSandbox as bQ, getSandboxSessionEnvelope as bR, getScheduledTask as bS, getSession as bT, getSessionByCreateIdempotencyKey as bU, getSessionCodexState as bV, getSessionEvent as bW, getSessionGoal as bX, getSessionHistoryItems as bY, getSessionTurn as bZ, getSocialConnection as b_, deleteScheduledTask as ba, deleteWorkspace as bb, deleteWorkspaceEnvironment as bc, deleteWorkspaceEnvironmentVariable as bd, deleteWorkspacePack as be, denyDeviceEnrollmentRequest as bf, disableCapabilityInstallation as bg, disconnectAllCodexAccounts as bh, disconnectCodexAccount as bi, enableCapabilityInstallation as bj, enablePackInstallation as bk, encryptEnvironmentValue as bl, enqueueSessionTurn as bm, ensureCodexRotationSettings as bn, ensureManagedAccessForUser as bo, evaluateGoalContinuation as bp, failWarmingToCold as bq, fetchCodexUsageForAccount as br, finalizeEnrollmentByToken as bs, findActiveApiKeyByHash as bt, finishTurn as bu, forceDrainOverLimitViewerOnlyBoxes as bv, getActiveSessionHistoryItems as bw, getAnySessionInGroup as bx, getBillingBalance as by, getBillingCustomer as bz, type ActiveSandboxPointer as c, recordAuditEvent as c$, getStreamAcknowledgment as c0, getWorkspace as c1, getWorkspaceEnvironment as c2, getWorkspaceEnvironmentByName as c3, getWorkspaceEnvironmentValuesForRun as c4, getWorkspaceGrant as c5, getWorkspacePack as c6, grantWorkspaceAccess as c7, hasCreditLedgerEntry as c8, heartbeatLeaseHolder as c9, listSessionMcpServerMetadata as cA, listSessionMcpServersForRun as cB, listSessionTurns as cC, listSessions as cD, listSocialConnections as cE, listSocialPosts as cF, listUsageEvents as cG, listWorkspaceEnvironments as cH, listWorkspaceMembers as cI, listWorkspacePacks as cJ, listWorkspacesForSubject as cK, loadCodexCredentialForRun as cL, loadWorkspaceEnvironmentForRun as cM, markFileUploadFailed as cN, markStripeWebhookProcessed as cO, mcpServerIdForCapability as cP, nextSessionHistoryPosition as cQ, orphanedResultRowIndicesForRepair as cR, persistDrainSnapshot as cS, reArmDrainingLease as cT, readActiveSandbox as cU, readLease as cV, readMachineMetricsLatest as cW, readMachineMetricsLatestForWorkspace as cX, readMachineMetricsSeries as cY, reapStaleLeaseHolders as cZ, reapStaleLeaseHoldersGlobal as c_, incrementTurnWorkerDeathRedispatches as ca, ingestMachineMetricsSample as cb, insertMachineMetricsSeries as cc, insertPtySession as cd, insertRecording as ce, isCodexBilledTurn as cf, isStripeWebhookProcessed as cg, listApiKeys as ch, listCapabilityCatalogItems as ci, listCapabilityInstallations as cj, listCodexAccountStatuses as ck, listDistinctEnvironmentIdsInGroup as cl, listEnabledMcpCapabilityServers as cm, listEnrollments as cn, listGitHubInstallationIdsForWorkspace as co, listGitHubInstallationsForWorkspace as cp, listLiveModalSandboxLeaseAttributions as cq, listMeterableWarmLeases as cr, listOpenPtySessions as cs, listPackInstallations as ct, listRecordings as cu, listSandboxes as cv, listScheduledTaskRuns as cw, listScheduledTasks as cx, listSessionEvents as cy, listSessionIdsInGroup as cz, type AppendEventInput as d, upsertGitHubInstallation as d$, recordCodexAccountConnectors as d0, recordCodexAccountUsage as d1, recordCodexTokenRefresh as d2, recordLeaseDataPlaneUrl as d3, recordLeaseTerminalDataPlaneUrl as d4, recordSessionActiveCodexCredential as d5, recordStreamAcknowledgment as d6, recordStripeWebhookEvent as d7, recordUsageEvent as d8, recordWarmingSandboxCreated as d9, setCodexCredentialStatus as dA, setEnrollmentHasDisplay as dB, setRlsContext as dC, setSessionCodexPin as dD, setSessionGoalLastContinuationTurn as dE, setSessionGoalStatus as dF, setSessionLastInputTokens as dG, setSessionStatus as dH, setTemporalWorkflowId as dI, setWorkspaceEnvironmentVariable as dJ, sumUsageQuantity as dK, touchEnrollmentLastSeen as dL, updateCodexRotationSettings as dM, updatePackInstallationStatus as dN, updatePtySessionActivity as dO, updateQueuedSessionTurn as dP, updateRecording as dQ, updateScheduledTask as dR, updateScheduledTaskRun as dS, updateSessionGoal as dT, updateSessionMcpServerCredentials as dU, updateSessionTitle as dV, updateWorkspace as dW, updateWorkspaceEnvironment as dX, upsertBillingCustomer as dY, upsertCapabilityCatalogItem as dZ, upsertCodexSubscriptionCredential as d_, registerDbBinding as da, registerWorkspacePack as db, releaseLeaseHolder as dc, removeWorkspaceMember as dd, renameCodexAccount as de, reorderQueuedSessionTurns as df, requestSessionCompaction as dg, requeuePreemptedTurn as dh, requireFile as di, requireScheduledTask as dj, requireSession as dk, requireSocialConnection as dl, requireWorkspace as dm, revokeApiKey as dn, revokeEnrollment as dp, revokeViewer as dq, rlsContextForWorkspace as dr, rlsStrategyFor as ds, sanitizeEventPayload as dt, sanitizeEventString as du, saveRunState as dv, sessionSubject as dw, setActiveCodexCredential as dx, setActiveSandbox as dy, setCodexCredentialExhausted as dz, CODEX_ROTATION_STRATEGIES as e, upsertMachineMetricsLatest as e0, upsertSandboxSessionEnvelope as e1, upsertSessionGoal as e2, wakeParentSessionForChildCompletion as e3, withAccountRls as e4, withRlsContext as e5, withWorkspaceRls as e6, withWorkspaceUsageLock as e7, workspaceCodexSubscriptionActive as e8, type ClearSessionContextResult as f, type CodexAccountStatus as g, type CodexAccountUsageSnapshot as h, type CodexAuthDeps as i, type CodexCredentialForRun as j, type CodexCredentialTokens as k, type CodexRotationSettings as l, type CodexRotationStrategy as m, type CreateCapabilityCatalogItemInput as n, type CreateDbOptions as o, type CreatePackInstallationInput as p, provisionRoles, type CreateScheduledTaskInput as q, type CreateSessionGoalInput as r, type CreateSessionMcpServerInput as s, type CreateSocialConnectionInput as t, type CreateSocialPostInput as u, type DbClient as v, type DeviceEnrollmentRequestRecord as w, type DeviceEnrollmentStatus as x, type EnabledMcpCapabilityServer as y, type EnqueueSessionTurnInput as z };
|
|
@@ -5339,7 +5339,7 @@ declare const sessionRecordings: drizzle_orm_pg_core.PgTableWithColumns<{
|
|
|
5339
5339
|
tableName: "session_recordings";
|
|
5340
5340
|
dataType: "string";
|
|
5341
5341
|
columnType: "PgText";
|
|
5342
|
-
data: "
|
|
5342
|
+
data: "recording" | "finalizing" | "available" | "failed";
|
|
5343
5343
|
driverParam: string;
|
|
5344
5344
|
notNull: true;
|
|
5345
5345
|
hasDefault: false;
|
package/dist/schema.d.ts
CHANGED
|
@@ -1,3 +1,3 @@
|
|
|
1
1
|
import 'drizzle-orm';
|
|
2
2
|
import 'drizzle-orm/pg-core';
|
|
3
|
-
export { i as agentRunStates, j as apiKeys, k as auditEvents, l as billingCustomers, m as capabilityCatalogItems, n as capabilityInstallations, o as codexRotationSettings, p as codexSubscriptionCredentials, q as creditLedgerEntries, r as deviceEnrollmentRequests, d as deviceEnrollmentStatusValues, t as documentBases, u as documentChunks, v as documents, a as enrollmentExposureValues, e as enrollmentOsValues, b as enrollmentStatusValues, w as enrollments, x as fileUploads, y as files, z as githubInstallations, A as machineMetricsLatest, B as machineMetricsSeries, C as managedAccounts, D as packInstallations, c as sandboxKindValues, E as sandboxLeaseHolders, F as sandboxLeaseLivenessValues, G as sandboxLeases, H as sandboxPtySessions, I as sandboxSessionEnvelopes, J as sandboxes, K as scheduledTaskRuns, L as scheduledTasks, M as sessionEvents, N as sessionGoals, O as sessionHistoryItems, P as sessionMcpServers, f as sessionRecordingCodecValues, g as sessionRecordingModeValues, h as sessionRecordingStateValues, Q as sessionRecordings, R as sessionTurns, S as sessions, T as socialConnections, U as socialPosts, V as stripeWebhookEvents, W as usageEvents, X as workspaceEnvironmentVariables, Y as workspaceEnvironments, Z as workspaceMemberships, _ as workspacePacks, $ as workspaces } from './schema-
|
|
3
|
+
export { i as agentRunStates, j as apiKeys, k as auditEvents, l as billingCustomers, m as capabilityCatalogItems, n as capabilityInstallations, o as codexRotationSettings, p as codexSubscriptionCredentials, q as creditLedgerEntries, r as deviceEnrollmentRequests, d as deviceEnrollmentStatusValues, t as documentBases, u as documentChunks, v as documents, a as enrollmentExposureValues, e as enrollmentOsValues, b as enrollmentStatusValues, w as enrollments, x as fileUploads, y as files, z as githubInstallations, A as machineMetricsLatest, B as machineMetricsSeries, C as managedAccounts, D as packInstallations, c as sandboxKindValues, E as sandboxLeaseHolders, F as sandboxLeaseLivenessValues, G as sandboxLeases, H as sandboxPtySessions, I as sandboxSessionEnvelopes, J as sandboxes, K as scheduledTaskRuns, L as scheduledTasks, M as sessionEvents, N as sessionGoals, O as sessionHistoryItems, P as sessionMcpServers, f as sessionRecordingCodecValues, g as sessionRecordingModeValues, h as sessionRecordingStateValues, Q as sessionRecordings, R as sessionTurns, S as sessions, T as socialConnections, U as socialPosts, V as stripeWebhookEvents, W as usageEvents, X as workspaceEnvironmentVariables, Y as workspaceEnvironments, Z as workspaceMemberships, _ as workspacePacks, $ as workspaces } from './schema-C7Wvjwge.js';
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
-- 0038_observability_counts.sql
|
|
2
|
+
-- Cross-workspace aggregate reads for Prometheus gauges. These mirror the
|
|
3
|
+
-- sandbox reaper's SECURITY DEFINER pattern so workers can refresh global
|
|
4
|
+
-- process metrics without disabling FORCE RLS on workspace-scoped tables.
|
|
5
|
+
|
|
6
|
+
CREATE OR REPLACE FUNCTION opengeni_private.count_queued_turns()
|
|
7
|
+
RETURNS bigint
|
|
8
|
+
LANGUAGE sql
|
|
9
|
+
SECURITY DEFINER
|
|
10
|
+
AS $$
|
|
11
|
+
SELECT count(*)::bigint
|
|
12
|
+
FROM session_turns
|
|
13
|
+
WHERE status = 'queued';
|
|
14
|
+
$$;
|
|
15
|
+
|
|
16
|
+
CREATE OR REPLACE FUNCTION opengeni_private.count_sandbox_leases_by_liveness()
|
|
17
|
+
RETURNS TABLE (liveness text, count bigint)
|
|
18
|
+
LANGUAGE sql
|
|
19
|
+
SECURITY DEFINER
|
|
20
|
+
AS $$
|
|
21
|
+
SELECT L.liveness, count(*)::bigint
|
|
22
|
+
FROM sandbox_leases L
|
|
23
|
+
GROUP BY L.liveness;
|
|
24
|
+
$$;
|
|
25
|
+
|
|
26
|
+
DO $$
|
|
27
|
+
BEGIN
|
|
28
|
+
IF EXISTS (SELECT 1 FROM pg_roles WHERE rolname = 'opengeni_app') THEN
|
|
29
|
+
GRANT EXECUTE ON FUNCTION opengeni_private.count_queued_turns() TO opengeni_app;
|
|
30
|
+
GRANT EXECUTE ON FUNCTION opengeni_private.count_sandbox_leases_by_liveness() TO opengeni_app;
|
|
31
|
+
END IF;
|
|
32
|
+
END $$;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@opengeni/db",
|
|
3
|
-
"version": "0.4.
|
|
3
|
+
"version": "0.4.1",
|
|
4
4
|
"description": "OpenGeni persistence: Drizzle schema, RLS-scoped query layer, the SQL migration runner, and role provisioning.",
|
|
5
5
|
"license": "Apache-2.0",
|
|
6
6
|
"repository": {
|
|
@@ -52,8 +52,8 @@
|
|
|
52
52
|
},
|
|
53
53
|
"dependencies": {
|
|
54
54
|
"@opengeni/codex": "^0.2.1",
|
|
55
|
-
"@opengeni/config": "^0.2.
|
|
56
|
-
"@opengeni/contracts": "^0.
|
|
55
|
+
"@opengeni/config": "^0.2.5",
|
|
56
|
+
"@opengeni/contracts": "^0.7.0",
|
|
57
57
|
"drizzle-orm": "^0.45.2",
|
|
58
58
|
"postgres": "^3.4.7"
|
|
59
59
|
},
|
package/src/index.ts
CHANGED
|
@@ -5113,6 +5113,32 @@ export async function listMeterableWarmLeases(db: Database): Promise<MeterableWa
|
|
|
5113
5113
|
}));
|
|
5114
5114
|
}
|
|
5115
5115
|
|
|
5116
|
+
export async function countQueuedTurns(db: Database): Promise<number> {
|
|
5117
|
+
const rows = await rawRows<{ count: number | string }>(db, sql`
|
|
5118
|
+
select opengeni_private.count_queued_turns() as count
|
|
5119
|
+
`);
|
|
5120
|
+
return Number(rows[0]?.count ?? 0);
|
|
5121
|
+
}
|
|
5122
|
+
|
|
5123
|
+
export async function countSandboxLeasesByLiveness(db: Database): Promise<Record<SandboxLeaseLiveness, number>> {
|
|
5124
|
+
const counts: Record<SandboxLeaseLiveness, number> = {
|
|
5125
|
+
cold: 0,
|
|
5126
|
+
warming: 0,
|
|
5127
|
+
warm: 0,
|
|
5128
|
+
draining: 0,
|
|
5129
|
+
};
|
|
5130
|
+
const rows = await rawRows<{ liveness: SandboxLeaseLiveness; count: number | string }>(db, sql`
|
|
5131
|
+
select liveness, count
|
|
5132
|
+
from opengeni_private.count_sandbox_leases_by_liveness()
|
|
5133
|
+
`);
|
|
5134
|
+
for (const row of rows) {
|
|
5135
|
+
if (row.liveness in counts) {
|
|
5136
|
+
counts[row.liveness] = Number(row.count);
|
|
5137
|
+
}
|
|
5138
|
+
}
|
|
5139
|
+
return counts;
|
|
5140
|
+
}
|
|
5141
|
+
|
|
5116
5142
|
// Cross-workspace live Modal lease read for the provider-side orphan sweep. The
|
|
5117
5143
|
// SECURITY DEFINER function is the sanctioned RLS bypass; see migration 0036.
|
|
5118
5144
|
export async function listLiveModalSandboxLeaseAttributions(db: Database): Promise<LiveModalSandboxLeaseAttribution[]> {
|