@pleri/olam-cli 0.1.186 → 0.1.195

package/host-cp/src/planning-sessions.mjs

@@ -175,6 +175,216 @@ export async function setCrystallizeStatus({ pool, sessionId, status, worldId =
   );
 }
 
+/**
+ * Create a new multi-turn DISPATCH session (multi-turn-cloud-sandbox-dispatch
+ * Phase A2 — distinct from createPlanningSession which is for planning-flow
+ * crystallization sessions under world_id='_planning').
+ *
+ * Allocates a UUID session_id, INSERTs a planning_sessions row with
+ * session_type='dispatch' + caller-supplied world_id, applies operator-supplied
+ * budget_usd_cap / allow_unpriced_models defaults, returns the session_id.
+ *
+ * No seed chunk: dispatch sessions accumulate chunks from the agent runtime
+ * (via /v1/chunks); we don't pre-seed a system chunk because Electric shape
+ * subscribers for dispatch sessions can wait for the first real agent chunk.
+ *
+ * @param {object} opts
+ * @param {object} opts.pool
+ * @param {string} opts.actorId
+ * @param {string} opts.worldId — operator-supplied; identifies the dispatch
+ *   target world (NOT the '_planning' sentinel used by createPlanningSession).
+ * @param {number | null} [opts.budgetUsdCap=null] — per-session budget cap;
+ *   null = uncapped. When null AND `OLAM_SESSION_BUDGET_DEFAULT_USD` is set,
+ *   the env-default applies at /v1/dispatch-turn check time (Phase D); here
+ *   we record the row exactly as supplied.
+ * @param {boolean} [opts.allowUnpricedModels=false] — opt session into the
+ *   pricingForModel-returns-null fallback (Plan A T11 mitigation; default
+ *   refuses unknown models with 502).
+ * @returns {Promise<{ session_id: string }>}
+ */
+export async function createDispatchSession({
+  pool,
+  actorId,
+  worldId,
+  budgetUsdCap = null,
+  allowUnpricedModels = false,
+  sessionId: providedSessionId = null,
+}) {
+  if (!actorId || typeof actorId !== 'string') {
+    throw new Error('createDispatchSession: actorId required');
+  }
+  if (!worldId || typeof worldId !== 'string') {
+    throw new Error('createDispatchSession: worldId required');
+  }
+  // A6 (Decision 9 always-on threading): callers MAY supply session_id to
+  // upsert an existing planning_sessions row (e.g. /api/cloud-dispatch
+  // pre-creating the thread before forwarding to plan-DO). When omitted,
+  // we generate a UUID. ON CONFLICT DO NOTHING handles the race where
+  // the SPA called /v1/sessions/create concurrently AND server-side
+  // cloud-dispatch tried to pre-create the same row.
+  const sessionId = providedSessionId ?? randomUUID();
+  await pool.query(
+    `INSERT INTO planning_sessions
+       (session_id, actor_id, session_type, world_id, budget_usd_cap, allow_unpriced_models)
+     VALUES ($1, $2, 'dispatch', $3, $4, $5)
+     ON CONFLICT (session_id) DO NOTHING`,
+    [sessionId, actorId, worldId, budgetUsdCap, allowUnpricedModels],
+  );
+  return { session_id: sessionId };
+}
+
+/**
+ * Atomic test-and-set lock claim on a dispatch session
+ * (multi-turn-cloud-sandbox-dispatch Phase A3 — Decision 4 + T5 mitigation).
+ *
+ * Pattern: single-statement UPDATE ... WHERE in_flight_turn_id IS NULL RETURNING.
+ * Two concurrent attempts: first claim wins (RETURNING yields 1 row); second
+ * sees empty result + must return 409 to caller. Matches the established
+ * planning-sessions.mjs:169 setCrystallizeStatus atomic-write idiom.
+ *
+ * @param {object} opts
+ * @param {object} opts.pool
+ * @param {string} opts.sessionId
+ * @param {string} opts.turnId — operator-or-server-generated turn UUID
+ * @returns {Promise<boolean>} true if lock claimed, false if already held
+ */
+export async function claimDispatchTurnLock({ pool, sessionId, turnId }) {
+  const result = await pool.query(
+    `UPDATE planning_sessions
+     SET in_flight_turn_id = $1,
+         in_flight_turn_started_at = NOW(),
+         last_turn_at = NOW()
+     WHERE session_id = $2
+       AND session_type = 'dispatch'
+       AND in_flight_turn_id IS NULL
+     RETURNING session_id`,
+    [turnId, sessionId],
+  );
+  return (result.rows?.length ?? 0) > 0;
+}
+
+/**
+ * Clear the in-flight turn lock after dispatch completes (success OR failure).
+ *
+ * @param {object} opts
+ * @param {object} opts.pool
+ * @param {string} opts.sessionId
+ */
+export async function clearDispatchTurnLock({ pool, sessionId }) {
+  await pool.query(
+    `UPDATE planning_sessions
+     SET in_flight_turn_id = NULL,
+         in_flight_turn_started_at = NULL
+     WHERE session_id = $1
+       AND session_type = 'dispatch'`,
+    [sessionId],
+  );
+}
+
+/**
+ * Halt a dispatch session — operator-driven "block next turn" state (T13).
+ *
+ * Sets halted_at to NOW() AND clears in_flight_turn_id. Future /v1/dispatch-turn
+ * calls return 409 'session_halted' until reactivateDispatchSession clears
+ * halted_at. Does NOT stop an in-flight container — the running container
+ * completes its current turn naturally. UX is "Block next turn" not "Stop"
+ * (Plan A Phase C C6).
+ *
+ * Scoped by actor_id for ownership isolation.
+ *
+ * @param {object} opts
+ * @param {object} opts.pool
+ * @param {string} opts.sessionId
+ * @param {string} opts.actorId
+ * @returns {Promise<boolean>} true if a session row was updated; false if
+ *   the session_id was not found / not owned by actorId.
+ */
+export async function haltDispatchSession({ pool, sessionId, actorId }) {
+  const result = await pool.query(
+    `UPDATE planning_sessions
+     SET halted_at = NOW(),
+         in_flight_turn_id = NULL,
+         in_flight_turn_started_at = NULL
+     WHERE session_id = $1
+       AND session_type = 'dispatch'
+       AND actor_id = $2
+     RETURNING session_id`,
+    [sessionId, actorId],
+  );
+  return (result.rows?.length ?? 0) > 0;
+}
+
+/**
+ * Reactivate a halted dispatch session — clears halted_at so subsequent
+ * /v1/dispatch-turn calls can claim the lock again. Idempotent (clearing an
+ * already-null halted_at is a no-op).
+ *
+ * @param {object} opts
+ * @param {object} opts.pool
+ * @param {string} opts.sessionId
+ * @param {string} opts.actorId
+ * @returns {Promise<boolean>} true if a session row was updated; false if
+ *   the session_id was not found / not owned by actorId.
+ */
+export async function reactivateDispatchSession({ pool, sessionId, actorId }) {
+  const result = await pool.query(
+    `UPDATE planning_sessions
+     SET halted_at = NULL
+     WHERE session_id = $1
+       AND session_type = 'dispatch'
+       AND actor_id = $2
+     RETURNING session_id`,
+    [sessionId, actorId],
+  );
+  return (result.rows?.length ?? 0) > 0;
+}
+
+/**
+ * Read a dispatch session by session_id + scope to caller's actor_id
+ * (ownership check). Returns the session metadata needed for budget check
+ * + plan-DO forward, OR null when not found / not owned.
+ *
+ * @param {object} opts
+ * @param {object} opts.pool
+ * @param {string} opts.sessionId
+ * @param {string} opts.actorId
+ * @returns {Promise<null | {
+ *   session_id: string,
+ *   world_id: string | null,
+ *   actor_id: string,
+ *   total_usd: number,
+ *   budget_usd_cap: number | null,
+ *   allow_unpriced_models: boolean,
+ *   halted_at: string | null,
+ * }>}
+ */
+export async function getDispatchSession({ pool, sessionId, actorId }) {
+  const result = await pool.query(
+    `SELECT session_id, world_id, actor_id,
+            total_usd, budget_usd_cap, allow_unpriced_models,
+            halted_at
+     FROM planning_sessions
+     WHERE session_id = $1
+       AND session_type = 'dispatch'
+       AND actor_id = $2`,
+    [sessionId, actorId],
+  );
+  const row = result.rows?.[0];
+  if (!row) return null;
+  return {
+    session_id: row.session_id,
+    world_id: row.world_id ?? null,
+    actor_id: row.actor_id,
+    total_usd: Number(row.total_usd ?? 0),
+    budget_usd_cap:
+      row.budget_usd_cap === null || row.budget_usd_cap === undefined
+        ? null
+        : Number(row.budget_usd_cap),
+    allow_unpriced_models: Boolean(row.allow_unpriced_models),
+    halted_at: row.halted_at ?? null,
+  };
+}
+
 /**
  * List planning sessions for a given actorId, ordered by created_at DESC.
  *
@@ -204,6 +414,48 @@ export async function listPlanningSessions({ pool, actorId, limit = 50 }) {
   return result.rows;
 }
 
+/**
+ * List multi-turn DISPATCH sessions for a given actorId, ordered by
+ * last_turn_at DESC (most recently active first), excluding archived sessions.
+ *
+ * Distinct from listPlanningSessions: this returns only `session_type='dispatch'`
+ * rows + projects the multi-turn-specific columns (total_usd, in_flight_turn_id,
+ * halted_at, etc.) that the SPA's SessionsListView (Phase C C3) renders.
+ *
+ * @param {object} opts
+ * @param {object} opts.pool
+ * @param {string} opts.actorId
+ * @param {number} [opts.limit=50]
+ * @returns {Promise<Array<{
+ *   session_id: string,
+ *   world_id: string | null,
+ *   total_usd: string,
+ *   budget_usd_cap: string | null,
+ *   in_flight_turn_id: string | null,
+ *   halted_at: string | null,
+ *   last_turn_at: string | null,
+ *   created_at: string,
+ *   summary: string | null,
+ * }>>}
+ */
+export async function listDispatchSessions({ pool, actorId, limit = 50 }) {
+  const result = await pool.query(
+    `SELECT session_id, world_id,
+            total_usd, budget_usd_cap,
+            in_flight_turn_id, halted_at,
+            last_turn_at, created_at,
+            summary
+     FROM planning_sessions
+     WHERE actor_id = $1
+       AND session_type = 'dispatch'
+       AND archived_at IS NULL
+     ORDER BY last_turn_at DESC NULLS LAST, created_at DESC
+     LIMIT $2`,
+    [actorId, limit],
+  );
+  return result.rows;
+}
+
 /**
  * Load lightweight metadata for an existing in-flight planning session.
  *

package/host-cp/src/pr-cache.mjs

@@ -127,7 +127,7 @@ async function fetchPrData(prUrl, getToken) {
 /**
  * Create a PR data cache with TTL and concurrent-fetch coalescing.
  *
- * @returns {{ getPr: (prUrl: string, getToken: () => Promise<string|null>) => Promise<PrData|null> }}
+ * @returns {{ getPr: (prUrl: string, getToken: () => Promise<string|null>) => Promise<PrData|null>, deletePr: (prUrl: string) => void }}
  */
 export function createPrCache() {
   /** @type {Map<string, PrCacheEntry>} */
@@ -197,5 +197,14 @@ export function createPrCache() {
     }
   }
 
-  return { getPr };
+  /**
+   * Evict a PR entry from the cache (call on world destroy).
+   *
+   * @param {string} prUrl
+   */
+  function deletePr(prUrl) {
+    cache.delete(prUrl);
+  }
+
+  return { getPr, deletePr };
 }

package/host-cp/src/server.mjs

@@ -354,6 +354,50 @@ function readDogfoodRepoUrl() {
   return '';
 }
 
+/**
+ * Resolve the cloud-kg-mirror classifier proxy URL the runner forwards
+ * into spawned CF Sandbox child worlds. When set, host-cp enriches
+ * cloud-dispatch bodies with `kgProxyUrl` + `kgProxyBearer`; the runner
+ * injects those into the sandbox env so the PreToolUse hook's
+ * cloud-sandbox flavor can POST /v1/classify against the
+ * kg-mirror-worker. Source order: OLAM_KG_PROXY_URL env, then
+ * ~/.olam/kg-proxy-url file. Absent → no injection (dispatched worlds
+ * see no proxy URL → hook falls through to grep via existing fail-open).
+ * Mirrors readAnthropicBaseUrl() — operators have ONE pattern.
+ *
+ * Phase 1 (cloud-kg-mirror): docs/plans/cloud-kg-mirror/README.md §6-7.
+ */
+function readKgProxyUrl() {
+  const fromOlamEnv = process.env['OLAM_KG_PROXY_URL'];
+  if (fromOlamEnv && fromOlamEnv.length > 0) return fromOlamEnv.trim();
+  try {
+    const file = path.join(os.homedir(), '.olam', 'kg-proxy-url');
+    const content = fs.readFileSync(file, 'utf-8').trim();
+    if (content.length > 0) return content;
+  } catch {
+    // file absent — fall through
+  }
+  return '';
+}
+
+/**
+ * Bearer that pairs with readKgProxyUrl(). Stored in
+ * ~/.olam/kg-proxy-bearer (chmod 600 by operator). Mirrors the
+ * source-order convention; absent → no injection.
+ */
+function readKgProxyBearer() {
+  const fromOlamEnv = process.env['OLAM_KG_PROXY_BEARER'];
+  if (fromOlamEnv && fromOlamEnv.length > 0) return fromOlamEnv.trim();
+  try {
+    const file = path.join(os.homedir(), '.olam', 'kg-proxy-bearer');
+    const content = fs.readFileSync(file, 'utf-8').trim();
+    if (content.length > 0) return content;
+  } catch {
+    // file absent — fall through
+  }
+  return '';
+}
+
 /** @type {Record<string, number>} */
 let WORLDS = {};
 
@@ -510,6 +554,9 @@ const prPoller = createPrMergePoller({
       WORLDS = next;
       persistRegistry();
     }
+    const prState = prStateStore.get(worldId);
+    if (prState?.pr_url) prCache.deletePr(prState.pr_url);
+    progressCache.delete(worldId);
   },
   pollIntervalMs: PR_POLL_INTERVAL_MS,
   gracePeriodMs: MERGE_GRACE_MS,
@@ -1366,6 +1413,9 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
       WORLDS = next;
       persistRegistry();
     }
+    const prStateForDelete = prStateStore.get(id);
+    if (prStateForDelete?.pr_url) prCache.deletePr(prStateForDelete.pr_url);
+    progressCache.delete(id);
     return jsonReply(res, 200, { worlds: WORLDS });
   }
 
@@ -1526,7 +1576,7 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
   if (url.pathname === '/api/repos' && req.method === 'GET') {
     const config = loadGlobalConfig();
     if ('error' in config) {
-      return jsonReply(res, 500, { error: config.error });
+      return jsonReply(res, 500, { error: config.error, message: config.error });
     }
     return jsonReply(res, 200, { repos: config.repos });
   }
@@ -1536,7 +1586,7 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
   if (url.pathname === '/api/runbooks' && req.method === 'GET') {
     const config = loadGlobalConfig();
     if ('error' in config) {
-      return jsonReply(res, 500, { error: config.error });
+      return jsonReply(res, 500, { error: config.error, message: config.error });
     }
     return jsonReply(res, 200, { runbooks: config.runbooks });
   }
@@ -1679,7 +1729,7 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
       const body = await readRequestBody(req);
       const provider = body && typeof body === 'object' && body.provider ? String(body.provider) : 'claude';
       const label = body && typeof body === 'object' && body.label ? String(body.label) : '';
-      if (!label) return jsonReply(res, 400, { error: 'label_required' });
+      if (!label) return jsonReply(res, 400, { error: 'label_required', message: 'label field is required' });
       const upstream = await authServiceFetch('POST', '/credentials/add', { provider, label });
       const data = await upstream.json();
       return jsonReply(res, upstream.status, data);
@@ -1996,9 +2046,9 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
     req.on('data', (c) => { body += c; });
     req.on('end', () => {
       let parsed;
-      try { parsed = JSON.parse(body || '{}'); } catch { return jsonReply(res, 400, { error: 'invalid_json' }); }
+      try { parsed = JSON.parse(body || '{}'); } catch (e) { return jsonReply(res, 400, { error: 'invalid_json', message: e.message }); }
       const { worldId, prUrl, prNumber, prRepo } = parsed ?? {};
-      if (!worldId || !prUrl) return jsonReply(res, 400, { error: 'worldId and prUrl required' });
+      if (!worldId || !prUrl) return jsonReply(res, 400, { error: 'missing_fields', message: 'worldId and prUrl required' });
       prStateStore.set(worldId, {
         pr_url: prUrl,
         pr_number: prNumber ?? null,
@@ -2023,9 +2073,9 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
     req.on('data', (c) => { body += c; });
     req.on('end', () => {
       let parsed;
-      try { parsed = JSON.parse(body || '{}'); } catch { return jsonReply(res, 400, { error: 'invalid_json' }); }
+      try { parsed = JSON.parse(body || '{}'); } catch (e) { return jsonReply(res, 400, { error: 'invalid_json', message: e.message }); }
       const existing = prStateStore.get(worldId);
-      if (!existing) return jsonReply(res, 404, { error: 'world not in PR state store' });
+      if (!existing) return jsonReply(res, 404, { error: 'not_found', message: 'world not in PR state store' });
       const updates = {};
       if (typeof parsed.autoDestroyOnMerge === 'boolean') updates.auto_destroy_on_merge = parsed.autoDestroyOnMerge;
       prStateStore.set(worldId, updates);
@@ -2108,7 +2158,7 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
     const id = decodeURIComponent(planConvMatch[1]);
     try {
       const conv = planOrchestrator.getConversation(id);
-      if (!conv) return jsonReply(res, 404, { error: 'not_found', id });
+      if (!conv) return jsonReply(res, 404, { error: 'not_found', id, message: 'conversation not found' });
       // Return persisted turns alongside conversation metadata.
       const turns = planOrchestrator.getTurns(id);
       return jsonReply(res, 200, { ...conv, turns });
@@ -2128,7 +2178,7 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
     const content = (body && typeof body === 'object' && typeof body.content === 'string')
       ? body.content.trim()
       : '';
-    if (!content) return jsonReply(res, 400, { error: 'content_required' });
+    if (!content) return jsonReply(res, 400, { error: 'content_required', message: 'turn content must be a non-empty string' });
     const personaOverride = (body && typeof body === 'object' && typeof body.personaOverride === 'string')
       ? body.personaOverride
       : undefined;
@@ -2139,7 +2189,7 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
       const result = await planOrchestrator.submitTurn({ conversationId, content, personaOverride, mentionedPersonas });
       return jsonReply(res, 202, result);
     } catch (err) {
-      if (err.code === 'NOT_FOUND') return jsonReply(res, 404, { error: 'not_found', id: conversationId });
+      if (err.code === 'NOT_FOUND') return jsonReply(res, 404, { error: 'not_found', id: conversationId, message: 'conversation not found' });
       return jsonReply(res, 500, { error: 'submit_failed', message: err.message });
     }
   }
@@ -2154,7 +2204,7 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
     }
     const toPersona = body?.toPersona;
     if (typeof toPersona !== 'string' || !toPersona) {
-      return jsonReply(res, 400, { error: 'toPersona_required' });
+      return jsonReply(res, 400, { error: 'toPersona_required', message: 'toPersona field is required' });
     }
     const mode = ['full', 'distilled', 'quoted'].includes(body?.mode) ? body.mode : 'full';
     const selectedTurnIds = Array.isArray(body?.selectedTurnIds) ? body.selectedTurnIds : [];
@@ -2164,7 +2214,7 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
       });
       return jsonReply(res, 200, result);
     } catch (err) {
-      if (err.code === 'NOT_FOUND') return jsonReply(res, 404, { error: 'not_found', id: conversationId });
+      if (err.code === 'NOT_FOUND') return jsonReply(res, 404, { error: 'not_found', id: conversationId, message: 'conversation not found' });
       return jsonReply(res, 500, { error: 'handoff_failed', message: err.message });
     }
   }
@@ -2174,7 +2224,7 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
     if (!await requirePlanCredential(res)) return;
     const conversationId = decodeURIComponent(planStreamMatch[1]);
     const conv = planOrchestrator.getConversation(conversationId);
-    if (!conv) return jsonReply(res, 404, { error: 'not_found', id: conversationId });
+    if (!conv) return jsonReply(res, 404, { error: 'not_found', id: conversationId, message: 'conversation not found' });
 
     res.writeHead(200, {
       'Content-Type': 'text/event-stream; charset=utf-8',
@@ -2214,7 +2264,7 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
     const conversationId = decodeURIComponent(planAgentInviteMatch[1]);
     const personaId = decodeURIComponent(planAgentInviteMatch[2]);
     const conv = planOrchestrator.getConversation(conversationId);
-    if (!conv) return jsonReply(res, 404, { error: 'not_found', id: conversationId });
+    if (!conv) return jsonReply(res, 404, { error: 'not_found', id: conversationId, message: 'conversation not found' });
     const agent = planOrchestrator.inviteLookout(conversationId, personaId);
     return jsonReply(res, 200, agent);
   }
@@ -2232,7 +2282,7 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
     if (typeof body?.muted === 'boolean') updates.muted = body.muted;
     if (typeof body?.mode === 'string') updates.mode = body.mode;
     const agent = planOrchestrator.updateLookout(conversationId, personaId, updates);
-    if (!agent) return jsonReply(res, 404, { error: 'not_found' });
+    if (!agent) return jsonReply(res, 404, { error: 'not_found', message: 'lookout agent not found' });
     return jsonReply(res, 200, agent);
   }
 
@@ -2253,7 +2303,7 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
     const changed = action === 'dismiss'
       ? planOrchestrator.dismissSignal(conversationId, signalId)
       : planOrchestrator.useSignal(conversationId, signalId);
-    if (!changed) return jsonReply(res, 404, { error: 'not_found' });
+    if (!changed) return jsonReply(res, 404, { error: 'not_found', message: 'signal not found' });
     return jsonReply(res, 200, { ok: true });
   }
 
@@ -2578,6 +2628,35 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
         // Keep `messages` too — plan-DO may use it for multi-turn fidelity later.
       }
 
+      // multi-turn-cloud-sandbox-dispatch Phase A6 (Decision 9 always-on
+      // threading): pre-create the planning_sessions row server-side so
+      // EVERY cloud dispatch surfaces as a SPA thread — including pre-PR
+      // #1182-style one-shot calls that never invoked /v1/sessions/create
+      // directly. Idempotent (ON CONFLICT DO NOTHING in createDispatchSession).
+      // Fail-soft: thread-creation failure does NOT block the dispatch
+      // (the operator's task still ships); we log + continue.
+      try {
+        if (parsed.world_id && parsed.session_id) {
+          const planChatBearer = readPlanChatSecret();
+          const planChatBase = process.env.PLAN_CHAT_SERVICE_URL || 'http://127.0.0.1:3200';
+          await fetch(`${planChatBase}/v1/sessions/create`, {
+            method: 'POST',
+            headers: {
+              'content-type': 'application/json',
+              authorization: `Bearer ${planChatBearer}`,
+            },
+            body: JSON.stringify({
+              world_id: parsed.world_id,
+              session_id: parsed.session_id,
+            }),
+          });
+        }
+      } catch (threadErr) {
+        console.warn(
+          `[cloud-dispatch] thread pre-create failed (continuing): ${threadErr?.message ?? threadErr}`,
+        );
+      }
+
       // Gap 3: enrich the dispatch body with the operator's anthropicBaseUrl
       // so plan-DO can propagate it to spawned CF Sandbox child worlds.
       // Only injected when not already set by the SPA (SPA has no auth-worker
@@ -2590,9 +2669,18 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
       // ~/.olam/dogfood-repo-url file. Absent → no injection (the dispatch
       // runs text-only, like before this change).
       const dogfoodRepoUrl = readDogfoodRepoUrl();
+      // cloud-kg-mirror Phase 1: propagate the classifier Worker URL +
+      // bearer so the runner can inject them into the sandbox env. When
+      // either is missing the dispatched world's PreToolUse hook falls
+      // through to grep via the existing fail-open path. Operator opts
+      // in by writing ~/.olam/kg-proxy-url + ~/.olam/kg-proxy-bearer.
+      const kgProxyUrl = readKgProxyUrl();
+      const kgProxyBearer = readKgProxyBearer();
       let enrichedObj = null;
       if (anthropicBaseUrl && !parsed.anthropicBaseUrl) enrichedObj = { ...(enrichedObj ?? parsed), anthropicBaseUrl };
       if (dogfoodRepoUrl && !parsed.repoUrl) enrichedObj = { ...(enrichedObj ?? parsed), repoUrl: dogfoodRepoUrl };
+      if (kgProxyUrl && !parsed.kgProxyUrl) enrichedObj = { ...(enrichedObj ?? parsed), kgProxyUrl };
+      if (kgProxyBearer && !parsed.kgProxyBearer) enrichedObj = { ...(enrichedObj ?? parsed), kgProxyBearer };
       // Use `parsed` (not raw `body`) as the no-enrichment fallback so that the
       // messages→prompt normalisation above is always forwarded even when no
       // env-var enrichments are applied.
@@ -2661,10 +2749,18 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
         // bearer registration without additional plan metadata.
       }
 
-      // Enrich with anthropicBaseUrl from the host config.
+      // Enrich with anthropicBaseUrl + kgProxy from the host config.
       const anthropicBaseUrl = readAnthropicBaseUrl();
+      const kgProxyUrl = readKgProxyUrl();
+      const kgProxyBearer = readKgProxyBearer();
       const planId = parsed.planId ?? parsed.session_id ?? `plan-${Date.now()}`;
-      const requestBody = { ...parsed, planId, ...(anthropicBaseUrl ? { anthropicBaseUrl } : {}) };
+      const requestBody = {
+        ...parsed,
+        planId,
+        ...(anthropicBaseUrl ? { anthropicBaseUrl } : {}),
+        ...(kgProxyUrl ? { kgProxyUrl } : {}),
+        ...(kgProxyBearer ? { kgProxyBearer } : {}),
+      };
 
       const basicAuth = Buffer.from(`operator:${showcasePw}`).toString('base64');
       // Phase H h2: attach CF Access service-token headers when configured.
@@ -2717,7 +2813,7 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
   if (serversMatch && req.method === 'GET') {
     const worldId = decodeURIComponent(serversMatch[1]);
     if (!(worldId in WORLDS)) {
-      return jsonReply(res, 404, { error: 'unknown_world', worldId });
+      return jsonReply(res, 404, { error: 'unknown_world', worldId, message: 'world not in registry' });
     }
     return handleListServers(req, res, worldId);
   }
@@ -2727,7 +2823,7 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
     const worldId = decodeURIComponent(bridgesMatch[1]);
     const portSegment = bridgesMatch[3] ? parseInt(bridgesMatch[3], 10) : null;
     if (!(worldId in WORLDS)) {
-      return jsonReply(res, 404, { error: 'unknown_world', worldId });
+      return jsonReply(res, 404, { error: 'unknown_world', worldId, message: 'world not in registry' });
     }
     return handleServerBridges(req, res, worldId, portSegment);
   }
@@ -2798,7 +2894,7 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
   if (v1WorldsStatusMatch && req.method === 'GET') {
     const worldId = decodeURIComponent(v1WorldsStatusMatch[1]);
     if (!V1_WORLD_ID.test(worldId)) {
-      return jsonReply(res, 400, { error: 'invalid_world_id', worldId });
+      return jsonReply(res, 400, { error: 'invalid_world_id', worldId, message: 'worldId contains invalid characters' });
     }
     try {
       const report = await hostCpEngine.getWorldStatus(worldId);
@@ -2816,7 +2912,7 @@ const server = http.createServer(instrumentHandler('host-cp', async (req, res) =
   if (v1WorldsLogsMatch && req.method === 'GET') {
     const worldId = decodeURIComponent(v1WorldsLogsMatch[1]);
     if (!V1_WORLD_ID.test(worldId)) {
-      return jsonReply(res, 400, { error: 'invalid_world_id', worldId });
+      return jsonReply(res, 400, { error: 'invalid_world_id', worldId, message: 'worldId contains invalid characters' });
     }
     const tailParam = url.searchParams.get('tail');
     const followParam = url.searchParams.get('follow');
@@ -3466,6 +3562,7 @@ async function renderSpaShell(filePath, pathname) {
   // block comment above (Phase E5 cutover).
   void skipBootstrap; // wildcard invariant: always true; documents intent
   html = html.replace(/<head>/i, `<head>\n    ${bearerInjection}${cloudInjection}`);
+  if (_spaCacheByKey.size > 10) _spaCacheByKey.clear();
   _spaCacheByKey.set(cacheKey, html);
   return html;
 }
@@ -3660,6 +3757,15 @@ server.listen(PORT, '0.0.0.0', () => {
   } else if (AUTH_SERVICE_URL) {
     console.log(`  auth-service=${AUTH_SERVICE_URL} (X-Olam-Secret configured)`);
   }
+  // Warn when only one of the two cloud env vars is set — the most common
+  // misconfiguration that silently disables the Cloud toggle in the SPA.
+  const hasCloudUrl = Boolean(process.env.OLAM_CLOUD_URL);
+  const hasShowcasePw = Boolean(process.env.OLAM_SHOWCASE_PASSWORD);
+  if (hasCloudUrl && !hasShowcasePw) {
+    console.warn('  [cloud] OLAM_CLOUD_URL set but OLAM_SHOWCASE_PASSWORD missing — cloud_enabled will be false');
+  } else if (hasShowcasePw && !hasCloudUrl) {
+    console.warn('  [cloud] OLAM_SHOWCASE_PASSWORD set but OLAM_CLOUD_URL missing — cloud_enabled will be false');
+  }
 });
 
 // Graceful shutdown so docker compose down → SIGTERM → flush + close.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@pleri/olam-cli",
-  "version": "0.1.186",
+  "version": "0.1.195",
   "type": "module",
   "bin": {
     "olam": "./bin/olam.cjs"
@@ -32,6 +32,7 @@
     "test": "vitest run --passWithNoTests",
     "test:ci": "vitest run --reporter=basic --passWithNoTests",
     "test:docker": "vitest run --config vitest.config.docker.ts",
+    "test:e2e:k3d-https": "node e2e/k3d-https-e2e.spec.mjs",
     "audit:publish-deps": "node scripts/audit-publish-deps.mjs",
     "audit:cli-bundle-k8s": "node scripts/audit-cli-bundle-k8s.mjs",
     "audit:cli-package-contents": "node scripts/audit-cli-package-contents.mjs"