@openpalm/lib 0.10.1 → 0.11.0-beta.1

package/src/control-plane/host-opencode.test.ts

@@ -0,0 +1,263 @@
+/**
+ * Tests for detectHostOpenCode() and importHostOpenCode().
+ *
+ * Uses real temp directories — no network, no Docker, no akm CLI.
+ */
+import { describe, expect, it, beforeEach, afterEach } from "bun:test";
+import { existsSync, mkdirSync, mkdtempSync, rmSync, readFileSync, writeFileSync, statSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { detectHostOpenCode, importHostOpenCode } from "./host-opencode.js";
+import type { ControlPlaneState } from "./types.js";
+
+// ── helpers ──────────────────────────────────────────────────────────────────
+
+function makeState(homeDir: string): ControlPlaneState {
+  return {
+    adminToken: "test-admin",
+    assistantToken: "test-assistant",
+    homeDir,
+    configDir: join(homeDir, "config"),
+    stashDir: join(homeDir, "stash"),
+    workspaceDir: join(homeDir, "workspace"),
+    cacheDir: join(homeDir, "cache"),
+    stateDir: join(homeDir, "state"),
+    stackDir: join(homeDir, "config/stack"),
+    services: {},
+    artifacts: { compose: "" },
+    artifactMeta: [],
+    audit: [],
+  };
+}
+
+/** Snapshot of env vars so tests can override XDG paths and restore after. */
+function withXdgEnv(configHome: string, dataHome: string, fn: () => void) {
+  const prevConfig = process.env.XDG_CONFIG_HOME;
+  const prevData = process.env.XDG_DATA_HOME;
+  process.env.XDG_CONFIG_HOME = configHome;
+  process.env.XDG_DATA_HOME = dataHome;
+  try {
+    fn();
+  } finally {
+    if (prevConfig === undefined) delete process.env.XDG_CONFIG_HOME;
+    else process.env.XDG_CONFIG_HOME = prevConfig;
+    if (prevData === undefined) delete process.env.XDG_DATA_HOME;
+    else process.env.XDG_DATA_HOME = prevData;
+  }
+}
+
+// ── detectHostOpenCode ────────────────────────────────────────────────────────
+
+describe("detectHostOpenCode", () => {
+  let xdgRoot: string;
+
+  beforeEach(() => {
+    xdgRoot = mkdtempSync(join(tmpdir(), "op-host-detect-"));
+  });
+
+  afterEach(() => {
+    rmSync(xdgRoot, { recursive: true, force: true });
+  });
+
+  it("returns zero counts when no host config exists", () => {
+    withXdgEnv(`${xdgRoot}/config`, `${xdgRoot}/data`, () => {
+      const status = detectHostOpenCode();
+      expect(status.providerCount).toBe(0);
+      expect(status.credentialCount).toBe(0);
+      expect(status.configPath).toBeUndefined();
+      expect(status.authPath).toBeUndefined();
+    });
+  });
+
+  it("counts providers from opencode.json", () => {
+    const configDir = join(xdgRoot, "config", "opencode");
+    mkdirSync(configDir, { recursive: true });
+    writeFileSync(join(configDir, "opencode.json"), JSON.stringify({
+      provider: { anthropic: {}, openai: {}, groq: {} },
+    }));
+    withXdgEnv(`${xdgRoot}/config`, `${xdgRoot}/data`, () => {
+      const status = detectHostOpenCode();
+      expect(status.providerCount).toBe(3);
+      expect(status.credentialCount).toBe(0);
+      expect(status.configPath).toContain("opencode.json");
+    });
+  });
+
+  it("counts credentials from auth.json", () => {
+    const dataDir = join(xdgRoot, "data", "opencode");
+    mkdirSync(dataDir, { recursive: true });
+    writeFileSync(join(dataDir, "auth.json"), JSON.stringify({
+      anthropic: { token: "sk-ant" },
+      groq: { token: "gsk_" },
+    }));
+    withXdgEnv(`${xdgRoot}/config`, `${xdgRoot}/data`, () => {
+      const status = detectHostOpenCode();
+      expect(status.credentialCount).toBe(2);
+      expect(status.providerCount).toBe(0);
+      expect(status.authPath).toContain("auth.json");
+    });
+  });
+
+  it("handles malformed opencode.json gracefully", () => {
+    const configDir = join(xdgRoot, "config", "opencode");
+    mkdirSync(configDir, { recursive: true });
+    writeFileSync(join(configDir, "opencode.json"), "{ invalid json {{");
+    withXdgEnv(`${xdgRoot}/config`, `${xdgRoot}/data`, () => {
+      const status = detectHostOpenCode();
+      expect(status.providerCount).toBe(0);
+    });
+  });
+});
+
+// ── importHostOpenCode ────────────────────────────────────────────────────────
+
+describe("importHostOpenCode", () => {
+  let xdgRoot: string;
+  let opHome: string;
+
+  beforeEach(() => {
+    xdgRoot = mkdtempSync(join(tmpdir(), "op-host-import-xdg-"));
+    opHome = mkdtempSync(join(tmpdir(), "op-host-import-home-"));
+  });
+
+  afterEach(() => {
+    rmSync(xdgRoot, { recursive: true, force: true });
+    rmSync(opHome, { recursive: true, force: true });
+  });
+
+  it("imports providers and credentials from a fresh state", () => {
+    // Set up host opencode files
+    const hostConfigDir = join(xdgRoot, "config", "opencode");
+    const hostDataDir = join(xdgRoot, "data", "opencode");
+    mkdirSync(hostConfigDir, { recursive: true });
+    mkdirSync(hostDataDir, { recursive: true });
+
+    writeFileSync(join(hostConfigDir, "opencode.json"), JSON.stringify({
+      provider: { anthropic: { name: "Anthropic" }, groq: {} },
+      model: "anthropic/claude-3-5-sonnet",
+      // These should be stripped:
+      plugin: [{ module: "some-plugin" }],
+      mcp: { server: {} },
+    }));
+    writeFileSync(join(hostDataDir, "auth.json"), JSON.stringify({
+      anthropic: { token: "sk-ant-token" },
+    }));
+
+    const state = makeState(opHome);
+
+    withXdgEnv(`${xdgRoot}/config`, `${xdgRoot}/data`, () => {
+      const result = importHostOpenCode(state);
+      expect(result.imported.providers).toBe(2);
+      expect(result.imported.credentials).toBe(1);
+      expect(result.conflicts).toHaveLength(0);
+    });
+
+    // Verify opencode.json was written and plugin key was stripped
+    const destConfig = JSON.parse(readFileSync(join(opHome, "config", "assistant", "opencode.json"), "utf-8"));
+    expect(destConfig.provider).toEqual({ anthropic: { name: "Anthropic" }, groq: {} });
+    expect(destConfig.model).toBe("anthropic/claude-3-5-sonnet");
+    expect(destConfig.plugin).toBeUndefined();
+    expect(destConfig.mcp).toBeUndefined();
+
+    // Verify auth.json was written
+    expect(existsSync(join(opHome, "config", "auth.json"))).toBe(true);
+
+    // Verify auth.json permissions are 0o600
+    const authStat = statSync(join(opHome, "config", "auth.json"));
+    // On Linux, mode & 0o777 extracts permission bits
+    expect(authStat.mode & 0o777).toBe(0o600);
+  });
+
+  it("preserves existing providers on conflict when overwriteConflicts is false", () => {
+    const hostConfigDir = join(xdgRoot, "config", "opencode");
+    mkdirSync(hostConfigDir, { recursive: true });
+    writeFileSync(join(hostConfigDir, "opencode.json"), JSON.stringify({
+      provider: { anthropic: { name: "Host Anthropic" }, openai: { name: "Host OpenAI" } },
+    }));
+
+    const state = makeState(opHome);
+    const destDir = join(opHome, "config", "assistant");
+    mkdirSync(destDir, { recursive: true });
+    // Pre-existing OP_HOME config with anthropic already configured
+    writeFileSync(join(destDir, "opencode.json"), JSON.stringify({
+      provider: { anthropic: { name: "Existing Anthropic" } },
+    }));
+
+    withXdgEnv(`${xdgRoot}/config`, `${xdgRoot}/data`, () => {
+      const result = importHostOpenCode(state, { overwriteConflicts: false });
+      expect(result.conflicts).toEqual(["anthropic"]);
+      expect(result.imported.providers).toBe(1); // only openai imported
+    });
+
+    const written = JSON.parse(readFileSync(join(destDir, "opencode.json"), "utf-8"));
+    // Existing anthropic is preserved
+    expect(written.provider.anthropic.name).toBe("Existing Anthropic");
+    // Host openai was merged in
+    expect(written.provider.openai.name).toBe("Host OpenAI");
+  });
+
+  it("overwrites existing providers when overwriteConflicts is true", () => {
+    const hostConfigDir = join(xdgRoot, "config", "opencode");
+    mkdirSync(hostConfigDir, { recursive: true });
+    writeFileSync(join(hostConfigDir, "opencode.json"), JSON.stringify({
+      provider: { anthropic: { name: "Host Anthropic" } },
+    }));
+
+    const state = makeState(opHome);
+    const destDir = join(opHome, "config", "assistant");
+    mkdirSync(destDir, { recursive: true });
+    writeFileSync(join(destDir, "opencode.json"), JSON.stringify({
+      provider: { anthropic: { name: "Old Anthropic" } },
+    }));
+
+    withXdgEnv(`${xdgRoot}/config`, `${xdgRoot}/data`, () => {
+      const result = importHostOpenCode(state, { overwriteConflicts: true });
+      expect(result.conflicts).toHaveLength(0);
+      expect(result.imported.providers).toBe(1);
+    });
+
+    const written = JSON.parse(readFileSync(join(opHome, "config", "assistant", "opencode.json"), "utf-8"));
+    expect(written.provider.anthropic.name).toBe("Host Anthropic");
+  });
+
+  it("returns zero counts when no host config is present", () => {
+    const state = makeState(opHome);
+    withXdgEnv(`${xdgRoot}/config`, `${xdgRoot}/data`, () => {
+      const result = importHostOpenCode(state);
+      expect(result.imported.providers).toBe(0);
+      expect(result.imported.credentials).toBe(0);
+      expect(result.conflicts).toHaveLength(0);
+    });
+  });
+
+  it("partial-merge auth: does not overwrite existing credential, adds new one", () => {
+    // Pre-seed OP_HOME/config/auth.json with one existing credential
+    const opConfigDir = join(opHome, "config");
+    mkdirSync(opConfigDir, { recursive: true });
+    writeFileSync(join(opConfigDir, "auth.json"), JSON.stringify({
+      azure: { type: "api", key: "existing" },
+    }));
+
+    // Set up host auth.json with azure (conflict) + groq (new)
+    const hostDataDir = join(xdgRoot, "data", "opencode");
+    mkdirSync(hostDataDir, { recursive: true });
+    writeFileSync(join(hostDataDir, "auth.json"), JSON.stringify({
+      azure: { type: "api", key: "host-override" },
+      groq: { type: "api", key: "gsk-host" },
+    }));
+
+    const state = makeState(opHome);
+
+    withXdgEnv(`${xdgRoot}/config`, `${xdgRoot}/data`, () => {
+      const result = importHostOpenCode(state, { overwriteConflicts: false });
+      // Only groq was new — azure is a conflict and must NOT be overwritten
+      expect(result.imported.credentials).toBe(1);
+    });
+
+    // Verify azure key was NOT overwritten
+    const written = JSON.parse(readFileSync(join(opConfigDir, "auth.json"), "utf-8")) as Record<string, { key: string }>;
+    expect(written.azure.key).toBe("existing");
+    // Verify groq was added
+    expect(written.groq.key).toBe("gsk-host");
+  });
+});

package/src/control-plane/host-opencode.ts

@@ -0,0 +1,229 @@
+/**
+ * Host OpenCode detection and import.
+ *
+ * Reads the host user's existing OpenCode installation (XDG standard paths)
+ * and provides a one-shot import into OP_HOME.
+ *
+ * Linux only — macOS/Windows paths are documented but not implemented here;
+ * extend behind the same API contract in a follow-up.
+ *
+ * Security:
+ *   - auth.json is copied byte-for-byte and chmodded 0o600. Its contents
+ *     are never parsed, logged, or returned to callers.
+ *   - opencode.json is parsed to strip plugin/mcp/permission keys before
+ *     writing; only provider/model/small_model/disabled_providers are kept.
+ *   - Conflict detection compares provider IDs; existing credentials are
+ *     preserved unless overwriteConflicts=true.
+ */
+import { existsSync, mkdirSync, readFileSync, writeFileSync, chmodSync, copyFileSync } from "node:fs";
+import { homedir } from "node:os";
+import type { ControlPlaneState } from "./types.js";
+import { authJsonPath, assistantConfigDir } from "./paths.js";
+
+// ── Types ────────────────────────────────────────────────────────────────────
+
+export type HostOpenCodeStatus = {
+  /** Absolute path to opencode.json if found, undefined otherwise */
+  configPath?: string;
+  /** Absolute path to auth.json if found, undefined otherwise */
+  authPath?: string;
+  /** Number of provider entries in opencode.json (0 when not found) */
+  providerCount: number;
+  /** Number of credential entries in auth.json (0 when not found) */
+  credentialCount: number;
+};
+
+export type HostImportResult = {
+  imported: {
+    providers: number;
+    credentials: number;
+  };
+  /** Provider IDs that already existed in OP_HOME and were NOT overwritten */
+  conflicts: string[];
+};
+
+// ── XDG path resolution ──────────────────────────────────────────────────────
+
+function xdgConfigHome(): string {
+  return process.env.XDG_CONFIG_HOME ?? `${homedir()}/.config`;
+}
+
+function xdgDataHome(): string {
+  return process.env.XDG_DATA_HOME ?? `${homedir()}/.local/share`;
+}
+
+/** ~/.config/opencode/opencode.json */
+function hostConfigJsonPath(): string {
+  return `${xdgConfigHome()}/opencode/opencode.json`;
+}
+
+/** ~/.local/share/opencode/auth.json */
+function hostAuthJsonPath(): string {
+  return `${xdgDataHome()}/opencode/auth.json`;
+}
+
+// ── opencode.json parsing ────────────────────────────────────────────────────
+
+/** Keys that are safe to import from host opencode.json into OP_HOME config */
+const ALLOWED_CONFIG_KEYS = new Set(["$schema", "provider", "model", "small_model", "disabled_providers"]);
+
+type OpenCodeJson = Record<string, unknown>;
+
+function readJsonFileSafe(path: string): OpenCodeJson | null {
+  try {
+    return JSON.parse(readFileSync(path, "utf-8")) as OpenCodeJson;
+  } catch {
+    return null;
+  }
+}
+
+function stripDisallowedKeys(obj: OpenCodeJson): OpenCodeJson {
+  return Object.fromEntries(
+    Object.entries(obj).filter(([k]) => ALLOWED_CONFIG_KEYS.has(k))
+  );
+}
+
+function countProviders(obj: OpenCodeJson): number {
+  const provider = obj.provider;
+  if (!provider || typeof provider !== "object" || Array.isArray(provider)) return 0;
+  return Object.keys(provider as Record<string, unknown>).length;
+}
+
+// ── auth.json credential counting ───────────────────────────────────────────
+
+function countCredentials(path: string): number {
+  const raw = readJsonFileSafe(path);
+  if (!raw) return 0;
+  // auth.json shape: { "providerID": { ... }, ... } — count top-level keys
+  return Object.keys(raw).length;
+}
+
+// ── Public API ───────────────────────────────────────────────────────────────
+
+/**
+ * Detect whether a host OpenCode installation is present.
+ * Never returns credential values — only counts.
+ */
+export function detectHostOpenCode(): HostOpenCodeStatus {
+  const configPath = hostConfigJsonPath();
+  const authPath = hostAuthJsonPath();
+
+  const configExists = existsSync(configPath);
+  const authExists = existsSync(authPath);
+
+  if (!configExists && !authExists) {
+    return { providerCount: 0, credentialCount: 0 };
+  }
+
+  let providerCount = 0;
+  if (configExists) {
+    const parsed = readJsonFileSafe(configPath);
+    providerCount = parsed ? countProviders(parsed) : 0;
+  }
+
+  let credentialCount = 0;
+  if (authExists) {
+    credentialCount = countCredentials(authPath);
+  }
+
+  return {
+    configPath: configExists ? configPath : undefined,
+    authPath: authExists ? authPath : undefined,
+    providerCount,
+    credentialCount,
+  };
+}
+
+/**
+ * Import host OpenCode config + auth into OP_HOME.
+ *
+ * - Strips plugin/mcp/permission keys from opencode.json before writing.
+ * - Copies auth.json byte-for-byte and chmods it to 0o600.
+ * - On conflict: existing OP_HOME provider entries are preserved unless
+ *   overwriteConflicts is true.
+ *
+ * @param state             ControlPlaneState (for OP_HOME path resolution)
+ * @param overwriteConflicts  When true, host providers replace existing ones
+ */
+export function importHostOpenCode(
+  state: ControlPlaneState,
+  options: { overwriteConflicts?: boolean } = {}
+): HostImportResult {
+  const { overwriteConflicts = false } = options;
+  const status = detectHostOpenCode();
+
+  let importedProviders = 0;
+  let importedCredentials = 0;
+  const conflicts: string[] = [];
+
+  // ── opencode.json ──────────────────────────────────────────────────────
+  if (status.configPath) {
+    const hostConfig = readJsonFileSafe(status.configPath);
+    if (hostConfig) {
+      const sanitized = stripDisallowedKeys(hostConfig);
+      const destDir = assistantConfigDir(state);
+      const destPath = `${destDir}/opencode.json`;
+
+      mkdirSync(destDir, { recursive: true });
+
+      // Merge with existing OP_HOME config if it exists
+      const existing = existsSync(destPath) ? (readJsonFileSafe(destPath) ?? {}) : {};
+      const existingProviders = (existing.provider ?? {}) as Record<string, unknown>;
+      const hostProviders = (sanitized.provider ?? {}) as Record<string, unknown>;
+
+      const mergedProviders: Record<string, unknown> = { ...existingProviders };
+      for (const [id, entry] of Object.entries(hostProviders)) {
+        if (Object.prototype.hasOwnProperty.call(existingProviders, id) && !overwriteConflicts) {
+          conflicts.push(id);
+        } else {
+          mergedProviders[id] = entry;
+          importedProviders++;
+        }
+      }
+
+      const merged: OpenCodeJson = {
+        ...existing,
+        ...sanitized,
+        ...(Object.keys(mergedProviders).length > 0 ? { provider: mergedProviders } : {}),
+      };
+
+      writeFileSync(destPath, JSON.stringify(merged, null, 2) + "\n");
+    }
+  }
+
+  // ── auth.json ──────────────────────────────────────────────────────────
+  if (status.authPath) {
+    const destPath = authJsonPath(state);
+    const destDir = state.configDir;
+    mkdirSync(destDir, { recursive: true });
+
+    if (existsSync(destPath) && !overwriteConflicts) {
+      // Merge: copy only keys that do not already exist in OP_HOME auth.json
+      const hostAuth = readJsonFileSafe(status.authPath) ?? {};
+      const existingAuth = readJsonFileSafe(destPath) ?? {};
+      const merged: Record<string, unknown> = { ...existingAuth };
+      for (const [id, value] of Object.entries(hostAuth)) {
+        if (!Object.prototype.hasOwnProperty.call(existingAuth, id)) {
+          merged[id] = value;
+          importedCredentials++;
+        }
+      }
+      writeFileSync(destPath, JSON.stringify(merged, null, 2) + "\n");
+    } else {
+      // No existing file or overwrite requested — byte-copy
+      copyFileSync(status.authPath, destPath);
+      importedCredentials = status.credentialCount;
+    }
+
+    try {
+      chmodSync(destPath, 0o600);
+    } catch {
+      // best-effort chmod — may fail on some filesystems
+    }
+  }
+
+  return {
+    imported: { providers: importedProviders, credentials: importedCredentials },
+    conflicts,
+  };
+}