@pellux/goodvibes-daemon-sdk 0.18.3

package/dist/system-routes.js

@@ -0,0 +1,327 @@
+import { jsonErrorResponse } from './error-response.js';
+export function createDaemonSystemRouteHandlers(context, request) {
+    return {
+        getWatchers: () => Response.json({ watchers: context.watcherRegistry.list() }),
+        postWatcher: (req) => {
+            const admin = context.requireAdmin(req);
+            if (admin)
+                return admin;
+            return handleRegisterWatcher(context, req);
+        },
+        patchWatcher: (watcherId, req) => {
+            const admin = context.requireAdmin(req);
+            if (admin)
+                return admin;
+            return handleUpdateWatcher(context, watcherId, req);
+        },
+        watcherAction: (watcherId, action) => {
+            const admin = context.requireAdmin(request);
+            if (admin)
+                return admin;
+            return handleWatcherAction(context, watcherId, action);
+        },
+        deleteWatcher: (watcherId) => {
+            const admin = context.requireAdmin(request);
+            if (admin)
+                return admin;
+            const removed = context.watcherRegistry.removeWatcher(watcherId);
+            return removed
+                ? Response.json({ removed: true, id: watcherId })
+                : Response.json({ error: 'Unknown watcher' }, { status: 404 });
+        },
+        getServiceStatus: () => Response.json({
+            ...context.platformServiceManager.status(),
+            network: {
+                controlPlane: context.inspectInboundTls('controlPlane'),
+                httpListener: context.inspectInboundTls('httpListener'),
+                outbound: context.inspectOutboundTls(),
+            },
+        }),
+        installService: () => {
+            const admin = context.requireAdmin(request);
+            if (admin)
+                return admin;
+            return Response.json(context.platformServiceManager.install());
+        },
+        startService: () => {
+            const admin = context.requireAdmin(request);
+            if (admin)
+                return admin;
+            return Response.json(context.platformServiceManager.start());
+        },
+        stopService: () => {
+            const admin = context.requireAdmin(request);
+            if (admin)
+                return admin;
+            return Response.json(context.platformServiceManager.stop());
+        },
+        restartService: () => {
+            const admin = context.requireAdmin(request);
+            if (admin)
+                return admin;
+            return Response.json(context.platformServiceManager.restart());
+        },
+        uninstallService: () => {
+            const admin = context.requireAdmin(request);
+            if (admin)
+                return admin;
+            return Response.json(context.platformServiceManager.uninstall());
+        },
+        getRouteBindings: () => Response.json({ bindings: context.routeBindings.listBindings() }),
+        postRouteBinding: async (req) => {
+            const admin = context.requireAdmin(req);
+            if (admin)
+                return admin;
+            const body = await context.parseJsonBody(req);
+            if (body instanceof Response)
+                return body;
+            const surfaceKind = typeof body.surfaceKind === 'string' ? body.surfaceKind : '';
+            const kind = typeof body.kind === 'string' ? body.kind : '';
+            const surfaceId = typeof body.surfaceId === 'string' ? body.surfaceId : '';
+            const externalId = typeof body.externalId === 'string' ? body.externalId : '';
+            if (!surfaceKind || !kind || !surfaceId || !externalId) {
+                return Response.json({ error: 'Missing required route binding fields' }, { status: 400 });
+            }
+            const binding = await context.routeBindings.upsertBinding({
+                id: typeof body.id === 'string' ? body.id : undefined,
+                kind: kind,
+                surfaceKind: surfaceKind,
+                surfaceId,
+                externalId,
+                sessionPolicy: typeof body.sessionPolicy === 'string' ? body.sessionPolicy : undefined,
+                threadPolicy: typeof body.threadPolicy === 'string' ? body.threadPolicy : undefined,
+                deliveryGuarantee: typeof body.deliveryGuarantee === 'string' ? body.deliveryGuarantee : undefined,
+                threadId: typeof body.threadId === 'string' ? body.threadId : undefined,
+                channelId: typeof body.channelId === 'string' ? body.channelId : undefined,
+                sessionId: typeof body.sessionId === 'string' ? body.sessionId : undefined,
+                jobId: typeof body.jobId === 'string' ? body.jobId : undefined,
+                runId: typeof body.runId === 'string' ? body.runId : undefined,
+                title: typeof body.title === 'string' ? body.title : undefined,
+                metadata: typeof body.metadata === 'object' && body.metadata !== null ? body.metadata : {},
+            });
+            return Response.json(binding, { status: 201 });
+        },
+        patchRouteBinding: async (bindingId, req) => {
+            const admin = context.requireAdmin(req);
+            if (admin)
+                return admin;
+            const body = await context.parseJsonBody(req);
+            if (body instanceof Response)
+                return body;
+            const updated = await context.routeBindings.patchBinding(bindingId, {
+                ...(body.sessionPolicy !== undefined ? { sessionPolicy: typeof body.sessionPolicy === 'string' ? body.sessionPolicy : undefined } : {}),
+                ...(body.threadPolicy !== undefined ? { threadPolicy: typeof body.threadPolicy === 'string' ? body.threadPolicy : undefined } : {}),
+                ...(body.deliveryGuarantee !== undefined ? { deliveryGuarantee: typeof body.deliveryGuarantee === 'string' ? body.deliveryGuarantee : undefined } : {}),
+                ...(body.threadId !== undefined ? { threadId: typeof body.threadId === 'string' ? body.threadId : undefined } : {}),
+                ...(body.channelId !== undefined ? { channelId: typeof body.channelId === 'string' ? body.channelId : undefined } : {}),
+                ...(body.sessionId !== undefined ? { sessionId: body.sessionId === null ? null : typeof body.sessionId === 'string' ? body.sessionId : undefined } : {}),
+                ...(body.jobId !== undefined ? { jobId: body.jobId === null ? null : typeof body.jobId === 'string' ? body.jobId : undefined } : {}),
+                ...(body.runId !== undefined ? { runId: body.runId === null ? null : typeof body.runId === 'string' ? body.runId : undefined } : {}),
+                ...(typeof body.title === 'string' ? { title: body.title } : {}),
+                ...(typeof body.metadata === 'object' && body.metadata !== null ? { metadata: body.metadata } : {}),
+            });
+            return updated
+                ? Response.json(updated)
+                : Response.json({ error: 'Unknown route binding' }, { status: 404 });
+        },
+        deleteRouteBinding: async (bindingId) => {
+            const admin = context.requireAdmin(request);
+            if (admin)
+                return admin;
+            const removed = await context.routeBindings.removeBinding(bindingId);
+            return removed
+                ? Response.json({ removed: true, id: bindingId })
+                : Response.json({ error: 'Unknown route binding' }, { status: 404 });
+        },
+        getApprovals: () => {
+            if (!context.integrationHelpers) {
+                return Response.json({ error: 'Integration helper service unavailable' }, { status: 503 });
+            }
+            return Response.json(context.integrationHelpers.getApprovalSnapshot());
+        },
+        approvalAction: (approvalId, action, req) => handleApprovalAction(context, approvalId, action, req),
+        getConfig: () => {
+            const admin = context.requireAdmin(request);
+            if (admin)
+                return admin;
+            return Response.json(context.configManager.getAll());
+        },
+        postConfig: async (req) => {
+            const admin = context.requireAdmin(req);
+            if (admin)
+                return admin;
+            const payload = await context.parseJsonBody(req);
+            if (payload instanceof Response)
+                return payload;
+            const { key, value } = payload;
+            if (!key || typeof key !== 'string') {
+                return Response.json({ error: 'Missing or invalid key' }, { status: 400 });
+            }
+            if (!context.isValidConfigKey(key)) {
+                return Response.json({ error: 'Invalid config key' }, { status: 400 });
+            }
+            try {
+                context.configManager.setDynamic(key, value);
+            }
+            catch (error) {
+                return jsonErrorResponse(error, { status: 400, fallbackMessage: 'Failed to set config' });
+            }
+            return Response.json({ success: true, key, value });
+        },
+    };
+}
+async function handleRegisterWatcher(context, req) {
+    const body = await context.parseJsonBody(req);
+    if (body instanceof Response)
+        return body;
+    const label = typeof body.label === 'string' && body.label.trim().length > 0 ? body.label.trim() : '';
+    const id = typeof body.id === 'string' && body.id.trim().length > 0
+        ? body.id.trim()
+        : label
+            ? `watcher-${label.toLowerCase().replace(/[^a-z0-9]+/g, '-').replace(/(^-|-$)/g, '')}`
+            : `watcher-${Date.now()}`;
+    const kind = typeof body.kind === 'string'
+        ? body.kind
+        : typeof body.sourceKind === 'string'
+            ? body.sourceKind === 'webhook'
+                ? 'webhook'
+                : body.sourceKind === 'file'
+                    ? 'filesystem'
+                    : body.sourceKind === 'stream'
+                        ? 'socket'
+                        : body.sourceKind === 'api'
+                            ? 'integration'
+                            : 'polling'
+            : 'polling';
+    const intervalMs = Number(body.intervalMs ?? context.configManager.get('watchers.pollIntervalMs') ?? 60_000);
+    if (!label) {
+        return Response.json({ error: 'Missing watcher label' }, { status: 400 });
+    }
+    const metadata = typeof body.metadata === 'object' && body.metadata !== null
+        ? body.metadata
+        : {};
+    const sourceMetadata = {
+        ...metadata,
+        ...(typeof body.url === 'string' ? { url: body.url } : {}),
+        ...(typeof body.method === 'string' ? { method: body.method.toUpperCase() } : {}),
+        ...(typeof body.path === 'string' ? { path: body.path } : {}),
+        ...(typeof body.endpoint === 'string' ? { endpoint: body.endpoint } : {}),
+        ...(typeof body.address === 'string' ? { address: body.address } : {}),
+        ...(typeof body.headers === 'object' && body.headers !== null ? { headers: body.headers } : {}),
+    };
+    const record = context.watcherRegistry.registerWatcher({
+        id,
+        label,
+        kind,
+        source: {
+            id: typeof body.sourceId === 'string' && body.sourceId.trim() ? body.sourceId.trim() : `source:${id}`,
+            kind: typeof body.sourceKind === 'string'
+                ? body.sourceKind === 'webhook'
+                    ? 'webhook'
+                    : body.sourceKind === 'file' || body.sourceKind === 'stream' || body.sourceKind === 'api'
+                        ? 'hook'
+                        : 'watcher'
+                : 'watcher',
+            label,
+            enabled: true,
+            createdAt: Date.now(),
+            updatedAt: Date.now(),
+            metadata: sourceMetadata,
+        },
+        intervalMs,
+        metadata: sourceMetadata,
+        ...(typeof body.run === 'string' ? { run: () => body.run } : {}),
+    });
+    return Response.json(record, { status: 201 });
+}
+async function handleUpdateWatcher(context, watcherId, req) {
+    const body = await context.parseJsonBody(req);
+    if (body instanceof Response)
+        return body;
+    const current = context.watcherRegistry.getWatcher(watcherId);
+    if (!current) {
+        return Response.json({ error: 'Unknown watcher' }, { status: 404 });
+    }
+    const nextSourceKind = typeof body.sourceKind === 'string'
+        ? body.sourceKind === 'webhook'
+            ? 'webhook'
+            : body.sourceKind === 'file' || body.sourceKind === 'stream' || body.sourceKind === 'api'
+                ? 'hook'
+                : 'watcher'
+        : current.source.kind;
+    const updated = context.watcherRegistry.registerWatcher({
+        id: watcherId,
+        label: typeof body.label === 'string' ? body.label : current.label,
+        kind: typeof body.kind === 'string'
+            ? body.kind
+            : current.kind,
+        source: {
+            ...current.source,
+            ...(typeof body.source === 'object' && body.source !== null ? body.source : {}),
+            kind: nextSourceKind,
+            ...(typeof body.sourceId === 'string' && body.sourceId.trim().length > 0 ? { id: body.sourceId.trim() } : {}),
+            ...(typeof body.label === 'string' && body.label.trim().length > 0 ? { label: body.label.trim() } : {}),
+            ...(typeof body.enabled === 'boolean' ? { enabled: body.enabled } : {}),
+            metadata: {
+                ...current.source.metadata,
+                ...(typeof body.url === 'string' ? { url: body.url } : {}),
+                ...(typeof body.method === 'string' ? { method: body.method.toUpperCase() } : {}),
+                ...(typeof body.path === 'string' ? { path: body.path } : {}),
+                ...(typeof body.endpoint === 'string' ? { endpoint: body.endpoint } : {}),
+                ...(typeof body.address === 'string' ? { address: body.address } : {}),
+                ...(typeof body.headers === 'object' && body.headers !== null ? { headers: body.headers } : {}),
+                ...(typeof body.metadata === 'object' && body.metadata !== null ? body.metadata : {}),
+            },
+            updatedAt: Date.now(),
+        },
+        intervalMs: typeof body.intervalMs === 'number' ? body.intervalMs : (current.intervalMs ?? 60_000),
+        metadata: typeof body.metadata === 'object' && body.metadata !== null ? body.metadata : current.metadata,
+    });
+    return Response.json(updated);
+}
+async function handleWatcherAction(context, watcherId, action) {
+    if (action === 'start') {
+        const watcher = context.watcherRegistry.startWatcher(watcherId);
+        return watcher
+            ? Response.json(watcher)
+            : Response.json({ error: 'Unknown watcher' }, { status: 404 });
+    }
+    if (action === 'stop') {
+        const watcher = context.watcherRegistry.stopWatcher(watcherId, 'operator-stop');
+        return watcher
+            ? Response.json(watcher)
+            : Response.json({ error: 'Unknown watcher' }, { status: 404 });
+    }
+    const watcher = await context.watcherRegistry.runWatcherNow(watcherId);
+    return watcher
+        ? Response.json(watcher)
+        : Response.json({ error: 'Unknown watcher' }, { status: 404 });
+}
+async function handleApprovalAction(context, approvalId, action, req) {
+    const body = await context.parseOptionalJsonBody(req);
+    const payload = body instanceof Response || body === null ? {} : body;
+    const actor = context.requireAuthenticatedSession(req)?.username ?? 'operator';
+    const note = typeof payload.note === 'string' ? payload.note : undefined;
+    if (action === 'claim') {
+        const approval = await context.approvalBroker.claimApproval(approvalId, actor, 'web', note);
+        return approval
+            ? context.recordApiResponse(req, `/api/approvals/${approvalId}/${action}`, Response.json({ approval }))
+            : context.recordApiResponse(req, `/api/approvals/${approvalId}/${action}`, Response.json({ error: 'Unknown approval' }, { status: 404 }));
+    }
+    if (action === 'cancel') {
+        const approval = await context.approvalBroker.cancelApproval(approvalId, actor, 'web', note);
+        return approval
+            ? context.recordApiResponse(req, `/api/approvals/${approvalId}/${action}`, Response.json({ approval }))
+            : context.recordApiResponse(req, `/api/approvals/${approvalId}/${action}`, Response.json({ error: 'Unknown approval' }, { status: 404 }));
+    }
+    const approval = await context.approvalBroker.resolveApproval(approvalId, {
+        approved: action === 'approve',
+        remember: typeof payload.remember === 'boolean' ? payload.remember : false,
+        actor,
+        actorSurface: 'web',
+        note,
+    });
+    return approval
+        ? context.recordApiResponse(req, `/api/approvals/${approvalId}/${action}`, Response.json({ approval }))
+        : context.recordApiResponse(req, `/api/approvals/${approvalId}/${action}`, Response.json({ error: 'Unknown approval' }, { status: 404 }));
+}

package/dist/tasks.d.ts

@@ -0,0 +1,3 @@
+import type { DaemonApiRouteHandlers } from './context.js';
+export declare function dispatchTaskRoutes(req: Request, handlers: Pick<DaemonApiRouteHandlers, 'getIntegrationTasks' | 'getRuntimeTask' | 'runtimeTaskAction' | 'getTaskStatus' | 'postTask'>): Promise<Response | null>;
+//# sourceMappingURL=tasks.d.ts.map

package/dist/tasks.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tasks.d.ts","sourceRoot":"","sources":["../src/tasks.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,cAAc,CAAC;AAE3D,wBAAsB,kBAAkB,CACtC,GAAG,EAAE,OAAO,EACZ,QAAQ,EAAE,IAAI,CACZ,sBAAsB,EACpB,qBAAqB,GACrB,gBAAgB,GAChB,mBAAmB,GACnB,eAAe,GACf,UAAU,CACb,GACA,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAqB1B"}

package/dist/tasks.js

@@ -0,0 +1,22 @@
+export async function dispatchTaskRoutes(req, handlers) {
+    const url = new URL(req.url);
+    const { pathname } = url;
+    const method = req.method;
+    if (pathname === '/task' && method === 'POST')
+        return handlers.postTask(req);
+    if (pathname === '/task' && method === 'GET')
+        return null;
+    if (pathname === '/api/tasks' && method === 'GET')
+        return handlers.getIntegrationTasks();
+    const taskDetailMatch = pathname.match(/^\/api\/tasks\/([^/]+)$/);
+    if (taskDetailMatch && method === 'GET')
+        return handlers.getRuntimeTask(taskDetailMatch[1]);
+    const taskActionMatch = pathname.match(/^\/api\/tasks\/([^/]+)\/(cancel|retry)$/);
+    if (taskActionMatch && method === 'POST') {
+        return handlers.runtimeTaskAction(taskActionMatch[1], taskActionMatch[2], req);
+    }
+    const taskStatusMatch = pathname.match(/^\/task\/([^/]+)$/);
+    if (taskStatusMatch && method === 'GET')
+        return handlers.getTaskStatus(taskStatusMatch[1]);
+    return null;
+}

package/dist/telemetry-routes.d.ts

@@ -0,0 +1,44 @@
+import type { DaemonApiRouteHandlers } from './context.js';
+import { type AuthenticatedPrincipal } from './http-policy.js';
+import type { RuntimeEventDomain } from '@pellux/goodvibes-contracts';
+type TelemetrySeverity = 'debug' | 'info' | 'warn' | 'error';
+type TelemetryViewMode = 'safe' | 'raw';
+interface TelemetryFilter {
+    readonly limit?: number;
+    readonly since?: number;
+    readonly until?: number;
+    readonly domains?: readonly RuntimeEventDomain[];
+    readonly eventTypes?: readonly string[];
+    readonly severity?: TelemetrySeverity;
+    readonly traceId?: string;
+    readonly sessionId?: string;
+    readonly turnId?: string;
+    readonly agentId?: string;
+    readonly taskId?: string;
+    readonly cursor?: string;
+    readonly view?: TelemetryViewMode;
+}
+interface TelemetryApiLike {
+    getSnapshot(filter: TelemetryFilter, view: TelemetryViewMode, rawAccessible: boolean): {
+        readonly generatedAt: number;
+        readonly view: TelemetryViewMode;
+        readonly rawAccessible: boolean;
+        readonly runtime: unknown;
+        readonly sessionMetrics: unknown;
+        readonly aggregates: unknown;
+    };
+    listEventPage(filter: TelemetryFilter, view: TelemetryViewMode, rawAccessible: boolean): unknown;
+    listErrorPage(filter: TelemetryFilter, view: TelemetryViewMode, rawAccessible: boolean): unknown;
+    listSpanPage(filter: TelemetryFilter, view: TelemetryViewMode, rawAccessible: boolean): unknown;
+    createStream(req: Request, filter: TelemetryFilter, view: TelemetryViewMode, rawAccessible: boolean): Response;
+    buildOtlpTraceDocument(filter: TelemetryFilter, view: TelemetryViewMode): unknown;
+    buildOtlpLogDocument(filter: TelemetryFilter, view: TelemetryViewMode): unknown;
+    buildOtlpMetricDocument(): unknown;
+}
+interface TelemetryRouteContext {
+    readonly telemetryApi: TelemetryApiLike | null;
+    readonly resolveAuthenticatedPrincipal: (req: Request) => AuthenticatedPrincipal | null;
+}
+export declare function createDaemonTelemetryRouteHandlers(context: TelemetryRouteContext): Pick<DaemonApiRouteHandlers, 'getTelemetrySnapshot' | 'getTelemetryEvents' | 'getTelemetryErrors' | 'getTelemetryTraces' | 'getTelemetryMetrics' | 'createTelemetryEventStream' | 'getTelemetryOtlpTraces' | 'getTelemetryOtlpLogs' | 'getTelemetryOtlpMetrics'>;
+export {};
+//# sourceMappingURL=telemetry-routes.d.ts.map

package/dist/telemetry-routes.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"telemetry-routes.d.ts","sourceRoot":"","sources":["../src/telemetry-routes.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,cAAc,CAAC;AAC3D,OAAO,EAAyB,KAAK,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AACtF,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AAEtE,KAAK,iBAAiB,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;AAC7D,KAAK,iBAAiB,GAAG,MAAM,GAAG,KAAK,CAAC;AAExC,UAAU,eAAe;IACvB,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,OAAO,CAAC,EAAE,SAAS,kBAAkB,EAAE,CAAC;IACjD,QAAQ,CAAC,UAAU,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACxC,QAAQ,CAAC,QAAQ,CAAC,EAAE,iBAAiB,CAAC;IACtC,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,IAAI,CAAC,EAAE,iBAAiB,CAAC;CACnC;AAED,UAAU,gBAAgB;IACxB,WAAW,CAAC,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,EAAE,aAAa,EAAE,OAAO,GAAG;QACrF,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;QAC7B,QAAQ,CAAC,IAAI,EAAE,iBAAiB,CAAC;QACjC,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC;QAChC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;QAC1B,QAAQ,CAAC,cAAc,EAAE,OAAO,CAAC;QACjC,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC;KAC9B,CAAC;IACF,aAAa,CAAC,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,EAAE,aAAa,EAAE,OAAO,GAAG,OAAO,CAAC;IACjG,aAAa,CAAC,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,EAAE,aAAa,EAAE,OAAO,GAAG,OAAO,CAAC;IACjG,YAAY,CAAC,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,EAAE,aAAa,EAAE,OAAO,GAAG,OAAO,CAAC;IAChG,YAAY,CAAC,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,EAAE,aAAa,EAAE,OAAO,GAAG,QAAQ,CAAC;IAC/G,sBAAsB,CAAC,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,GAAG,OAAO,CAAC;IAClF,oBAAoB,CAAC,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,GAAG,OAAO,CAAC;IAChF,uBAAuB,IAAI,OAAO,CAAC;CACpC;AAED,UAAU,qBAAqB;IAC7B,QAAQ,CAAC,YAAY,EAAE,gBAAgB,GAAG,IAAI,CAAC;IAC/C,QAAQ,CAAC,6BAA6B,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,sBAAsB,GAAG,IAAI,CAAC;CACzF;AAyHD,wBAAgB,kCAAkC,CAChD,OAAO,EAAE,qBAAqB,GAC7B,IAAI,CACL,sBAAsB,EACpB,sBAAsB,GACtB,oBAAoB,GACpB,oBAAoB,GACpB,oBAAoB,GACpB,qBAAqB,GACrB,4BAA4B,GAC5B,wBAAwB,GACxB,sBAAsB,GAClB,yBAAyB,CAChC,CAiGA"}

package/dist/telemetry-routes.js

@@ -0,0 +1,227 @@
+import { buildMissingScopeBody } from './http-policy.js';
+function parseNumber(value) {
+    if (value === null || value.trim().length === 0)
+        return undefined;
+    const parsed = Number(value);
+    return Number.isFinite(parsed) ? parsed : undefined;
+}
+function parseCsv(value) {
+    if (!value)
+        return undefined;
+    const parsed = value
+        .split(',')
+        .map((entry) => entry.trim())
+        .filter(Boolean);
+    return parsed.length > 0 ? parsed : undefined;
+}
+function parseSeverity(value) {
+    return value === 'debug' || value === 'info' || value === 'warn' || value === 'error'
+        ? value
+        : undefined;
+}
+function parseView(value) {
+    return value === 'safe' || value === 'raw' ? value : undefined;
+}
+function buildFilter(url) {
+    return {
+        ...(parseNumber(url.searchParams.get('limit')) !== undefined ? { limit: parseNumber(url.searchParams.get('limit')) } : {}),
+        ...(parseNumber(url.searchParams.get('since')) !== undefined ? { since: parseNumber(url.searchParams.get('since')) } : {}),
+        ...(parseNumber(url.searchParams.get('until')) !== undefined ? { until: parseNumber(url.searchParams.get('until')) } : {}),
+        ...(parseCsv(url.searchParams.get('domains')) ? { domains: parseCsv(url.searchParams.get('domains')) } : {}),
+        ...(parseCsv(url.searchParams.get('types')) ? { eventTypes: parseCsv(url.searchParams.get('types')) } : {}),
+        ...(parseSeverity(url.searchParams.get('severity')) ? { severity: parseSeverity(url.searchParams.get('severity')) } : {}),
+        ...(url.searchParams.get('traceId') ? { traceId: url.searchParams.get('traceId') ?? undefined } : {}),
+        ...(url.searchParams.get('sessionId') ? { sessionId: url.searchParams.get('sessionId') ?? undefined } : {}),
+        ...(url.searchParams.get('turnId') ? { turnId: url.searchParams.get('turnId') ?? undefined } : {}),
+        ...(url.searchParams.get('agentId') ? { agentId: url.searchParams.get('agentId') ?? undefined } : {}),
+        ...(url.searchParams.get('taskId') ? { taskId: url.searchParams.get('taskId') ?? undefined } : {}),
+        ...(url.searchParams.get('cursor') ? { cursor: url.searchParams.get('cursor') ?? undefined } : {}),
+        ...(parseView(url.searchParams.get('view')) ? { view: parseView(url.searchParams.get('view')) } : {}),
+    };
+}
+function unavailable() {
+    return Response.json({
+        error: 'Telemetry API unavailable',
+        code: 'TELEMETRY_UNAVAILABLE',
+        category: 'service',
+        source: 'runtime',
+        recoverable: true,
+        hint: 'Start the daemon runtime and ensure the runtime store is available before reading telemetry.',
+        status: 503,
+    }, { status: 503 });
+}
+function invalidCursor(error) {
+    return Response.json({
+        error: error instanceof Error ? error.message : 'Invalid telemetry cursor',
+        code: 'INVALID_CURSOR',
+        category: 'bad_request',
+        source: 'runtime',
+        recoverable: false,
+        hint: 'Use the nextCursor returned by the previous telemetry page, or omit cursor to start from the newest records.',
+        status: 400,
+    }, { status: 400 });
+}
+function authenticateTelemetryRequest(context, req, requestedView) {
+    const principal = context.resolveAuthenticatedPrincipal(req);
+    if (!principal) {
+        return Response.json({
+            error: 'Authentication required for telemetry access',
+            code: 'AUTH_REQUIRED',
+            category: 'authentication',
+            source: 'runtime',
+            recoverable: false,
+            hint: 'Authenticate with the operator shared token or an authenticated user session before calling telemetry APIs.',
+            status: 401,
+        }, { status: 401 });
+    }
+    const missingRead = buildMissingScopeBody('telemetry access', ['read:telemetry'], principal.scopes);
+    if (missingRead) {
+        return Response.json({
+            error: missingRead.error,
+            code: 'MISSING_SCOPE',
+            category: 'authorization',
+            source: 'permission',
+            recoverable: false,
+            hint: 'Use a token or session with the read:telemetry scope, or elevate to an admin/shared-token session.',
+            status: 403,
+            detail: JSON.stringify(missingRead),
+        }, { status: 403 });
+    }
+    const rawAccessible = principal.admin || principal.scopes.includes('read:telemetry-sensitive');
+    if (requestedView === 'raw' && !rawAccessible) {
+        return Response.json({
+            error: 'Raw telemetry view requires elevated telemetry scope',
+            code: 'MISSING_SCOPE',
+            category: 'authorization',
+            source: 'permission',
+            recoverable: false,
+            hint: 'Use an admin/shared-token session or a token granted read:telemetry-sensitive to access raw telemetry payloads.',
+            status: 403,
+        }, { status: 403 });
+    }
+    return {
+        principal,
+        view: requestedView,
+        rawAccessible,
+    };
+}
+export function createDaemonTelemetryRouteHandlers(context) {
+    return {
+        getTelemetrySnapshot: (req) => {
+            if (!context.telemetryApi)
+                return unavailable();
+            const url = new URL(req.url);
+            const filter = buildFilter(url);
+            const access = authenticateTelemetryRequest(context, req, filter.view ?? 'safe');
+            if (access instanceof Response)
+                return access;
+            return Response.json(context.telemetryApi.getSnapshot(filter, access.view, access.rawAccessible));
+        },
+        getTelemetryEvents: (req) => {
+            if (!context.telemetryApi)
+                return unavailable();
+            const url = new URL(req.url);
+            const filter = buildFilter(url);
+            const access = authenticateTelemetryRequest(context, req, filter.view ?? 'safe');
+            if (access instanceof Response)
+                return access;
+            try {
+                return Response.json(context.telemetryApi.listEventPage(filter, access.view, access.rawAccessible));
+            }
+            catch (error) {
+                return invalidCursor(error);
+            }
+        },
+        getTelemetryErrors: (req) => {
+            if (!context.telemetryApi)
+                return unavailable();
+            const url = new URL(req.url);
+            const filter = buildFilter(url);
+            const access = authenticateTelemetryRequest(context, req, filter.view ?? 'safe');
+            if (access instanceof Response)
+                return access;
+            try {
+                return Response.json(context.telemetryApi.listErrorPage(filter, access.view, access.rawAccessible));
+            }
+            catch (error) {
+                return invalidCursor(error);
+            }
+        },
+        getTelemetryTraces: (req) => {
+            if (!context.telemetryApi)
+                return unavailable();
+            const url = new URL(req.url);
+            const filter = buildFilter(url);
+            const access = authenticateTelemetryRequest(context, req, filter.view ?? 'safe');
+            if (access instanceof Response)
+                return access;
+            try {
+                return Response.json(context.telemetryApi.listSpanPage(filter, access.view, access.rawAccessible));
+            }
+            catch (error) {
+                return invalidCursor(error);
+            }
+        },
+        getTelemetryMetrics: (req) => {
+            if (!context.telemetryApi)
+                return unavailable();
+            const url = new URL(req.url);
+            const filter = buildFilter(url);
+            const access = authenticateTelemetryRequest(context, req, filter.view ?? 'safe');
+            if (access instanceof Response)
+                return access;
+            const snapshot = context.telemetryApi.getSnapshot(filter, access.view, access.rawAccessible);
+            return Response.json({
+                version: 1,
+                generatedAt: snapshot.generatedAt,
+                view: snapshot.view,
+                rawAccessible: snapshot.rawAccessible,
+                runtime: snapshot.runtime,
+                sessionMetrics: snapshot.sessionMetrics,
+                aggregates: snapshot.aggregates,
+            });
+        },
+        createTelemetryEventStream: (req) => {
+            if (!context.telemetryApi)
+                return unavailable();
+            const filter = buildFilter(new URL(req.url));
+            const access = authenticateTelemetryRequest(context, req, filter.view ?? 'safe');
+            if (access instanceof Response)
+                return access;
+            try {
+                return context.telemetryApi.createStream(req, filter, access.view, access.rawAccessible);
+            }
+            catch (error) {
+                return invalidCursor(error);
+            }
+        },
+        getTelemetryOtlpTraces: (req) => {
+            if (!context.telemetryApi)
+                return unavailable();
+            const url = new URL(req.url);
+            const filter = buildFilter(url);
+            const access = authenticateTelemetryRequest(context, req, filter.view ?? 'safe');
+            if (access instanceof Response)
+                return access;
+            return Response.json(context.telemetryApi.buildOtlpTraceDocument(filter, access.view));
+        },
+        getTelemetryOtlpLogs: (req) => {
+            if (!context.telemetryApi)
+                return unavailable();
+            const url = new URL(req.url);
+            const filter = buildFilter(url);
+            const access = authenticateTelemetryRequest(context, req, filter.view ?? 'safe');
+            if (access instanceof Response)
+                return access;
+            return Response.json(context.telemetryApi.buildOtlpLogDocument(filter, access.view));
+        },
+        getTelemetryOtlpMetrics: (req) => {
+            if (!context.telemetryApi)
+                return unavailable();
+            const access = authenticateTelemetryRequest(context, req, 'safe');
+            if (access instanceof Response)
+                return access;
+            return Response.json(context.telemetryApi.buildOtlpMetricDocument());
+        },
+    };
+}