@resolveio/server-lib 22.3.154 → 22.3.156

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@resolveio/server-lib",
-  "version": "22.3.154",
+  "version": "22.3.156",
   "description": "",
   "scripts": {
     "package": "./build_package.sh",

package/util/ai-runner-manager-policy.d.ts

@@ -165,6 +165,61 @@ export interface ResolveIOAIManagerHotfixFirstReleasePolicy {
     forbiddenActions: string[];
     requiredEvidence: string[];
 }
+export type ResolveIOAIManagerHotfixEvidenceStatus = 'missing' | 'incomplete' | 'passed' | 'blocked';
+export interface ResolveIOAIManagerHotfixEvidenceTarget {
+    surface?: string;
+    host?: string;
+    path?: string;
+    artifactPath?: string;
+    bucket?: string;
+    distributionId?: string;
+    processName?: string;
+    configKey?: string;
+    cacheKey?: string;
+    seedKey?: string;
+}
+export interface ResolveIOAIManagerHotfixEvidence {
+    channel: ResolveIOAIManagerHotfixChannel;
+    status?: ResolveIOAIManagerHotfixEvidenceStatus | string;
+    target: ResolveIOAIManagerHotfixEvidenceTarget;
+    compiledArtifactPath?: string;
+    builtDistPath?: string;
+    remoteChecksumBefore?: string;
+    remoteChecksumAfter?: string;
+    remoteChecksum?: string;
+    restartEvidence?: string;
+    healthCheckStatus?: string;
+    selfTestStatus?: string;
+    releaseGateStatus?: string;
+    s3UploadResult?: string;
+    cloudfrontInvalidationId?: string;
+    publicProof?: string;
+    configChangeEvidence?: string;
+    seedDataEvidence?: string;
+    cacheInvalidationEvidence?: string;
+    serviceRestartEvidence?: string;
+    releaseArtifactFingerprint?: string;
+    lastReleaseArtifactFingerprint?: string;
+    forceDeployReason?: string;
+    hotfixCannotResolveReason?: string;
+    fullDeployRequested?: boolean;
+    recordedAt?: Date | string;
+}
+export interface ResolveIOAIManagerHotfixEvidenceValidation {
+    valid: boolean;
+    status: ResolveIOAIManagerHotfixEvidenceStatus;
+    channel: ResolveIOAIManagerHotfixChannel | '';
+    blockers: string[];
+    warnings: string[];
+    fullDeployAllowed: boolean;
+    fullDeployBlocked: boolean;
+    hotfixSatisfied: boolean;
+    requiredEvidence: string[];
+    successEvidence: string[];
+    normalized?: ResolveIOAIManagerHotfixEvidence;
+    policy?: ResolveIOAIManagerHotfixFirstReleasePolicy;
+    nextAction: 'record_hotfix_evidence' | 'rerun_release_gate' | 'request_force_deploy_reason' | 'allow_one_full_deploy' | 'park_manual';
+}
 export interface ResolveIOAIManagerRecoveryActionPacket {
     actionId: string;
     checkpointId: string;
@@ -385,6 +440,10 @@ export interface ResolveIOAIManagerRecoveryReplayCase {
     fullDeployAllowed?: boolean;
     details?: Record<string, any>;
 }
+export declare function normalizeResolveIOAIManagerHotfixEvidence(value: any, policy?: ResolveIOAIManagerHotfixFirstReleasePolicy): ResolveIOAIManagerHotfixEvidence | undefined;
+export declare function validateResolveIOAIManagerHotfixEvidence(value: any, options?: {
+    policy?: ResolveIOAIManagerHotfixFirstReleasePolicy;
+}): ResolveIOAIManagerHotfixEvidenceValidation;
 export declare function buildResolveIOAIManagerHotfixFirstReleasePolicy(input?: ResolveIOAIManagerHotfixFirstReleasePolicyInput): ResolveIOAIManagerHotfixFirstReleasePolicy;
 export declare function isResolveIOAIManagerSafeAutoDispatch(input: ResolveIOAIManagerAutoDispatchPolicyInput | ResolveIOAIManagerRecoveryActionDispatchAction | string | undefined): boolean;
 export declare function normalizeResolveIOAIManagerFailureClass(value: any): string;

package/util/ai-runner-manager-policy.js

@@ -47,6 +47,8 @@ var __spreadArray = (this && this.__spreadArray) || function (to, from, pack) {
     return to.concat(ar || Array.prototype.slice.call(from));
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.normalizeResolveIOAIManagerHotfixEvidence = normalizeResolveIOAIManagerHotfixEvidence;
+exports.validateResolveIOAIManagerHotfixEvidence = validateResolveIOAIManagerHotfixEvidence;
 exports.buildResolveIOAIManagerHotfixFirstReleasePolicy = buildResolveIOAIManagerHotfixFirstReleasePolicy;
 exports.isResolveIOAIManagerSafeAutoDispatch = isResolveIOAIManagerSafeAutoDispatch;
 exports.normalizeResolveIOAIManagerFailureClass = normalizeResolveIOAIManagerFailureClass;
@@ -96,6 +98,240 @@ function cleanList(values, limit, max) {
     }
     return result;
 }
+var HOTFIX_CHANNELS = new Set([
+    'static_ui',
+    'backend_js',
+    'config',
+    'seed_data',
+    'cache_invalidation',
+    'service_restart',
+    'release_artifact',
+    'force_deploy_review',
+    'new_artifact_deploy',
+    'artifact_build'
+]);
+function cleanObject(value) {
+    return value && typeof value === 'object' && !Array.isArray(value) ? value : {};
+}
+function normalizeHotfixChannel(value) {
+    var normalized = cleanText(value, 120).toLowerCase().replace(/[\s-]+/g, '_');
+    return HOTFIX_CHANNELS.has(normalized) ? normalized : '';
+}
+function normalizeHotfixStatus(value) {
+    var normalized = cleanText(value, 120).toLowerCase().replace(/[\s-]+/g, '_');
+    if (/^(pass|passed|success|succeeded|complete|completed|accepted)$/.test(normalized)) {
+        return 'passed';
+    }
+    if (/^(block|blocked|failed|fail|error|denied)$/.test(normalized)) {
+        return 'blocked';
+    }
+    if (/^(missing|none)$/.test(normalized)) {
+        return 'missing';
+    }
+    return 'incomplete';
+}
+function hotfixStatusPassed(value) {
+    return normalizeHotfixStatus(value) === 'passed';
+}
+function normalizeHotfixEvidenceTarget(value) {
+    var source = cleanObject(value);
+    return {
+        surface: cleanText(source.surface, 160),
+        host: cleanText(source.host || source.hostname || source.domain, 240),
+        path: cleanText(source.path || source.remotePath || source.remote_path, 500),
+        artifactPath: cleanText(source.artifactPath || source.artifact_path || source.localPath || source.local_path, 500),
+        bucket: cleanText(source.bucket || source.s3Bucket || source.s3_bucket, 240),
+        distributionId: cleanText(source.distributionId || source.distribution_id || source.cloudfrontDistributionId || source.cloudfront_distribution_id, 240),
+        processName: cleanText(source.processName || source.process_name || source.service || source.serviceName, 160),
+        configKey: cleanText(source.configKey || source.config_key || source.key, 240),
+        cacheKey: cleanText(source.cacheKey || source.cache_key, 240),
+        seedKey: cleanText(source.seedKey || source.seed_key || source.fixture, 240)
+    };
+}
+function normalizeResolveIOAIManagerHotfixEvidence(value, policy) {
+    var _a;
+    var source = cleanObject(value);
+    if (!Object.keys(source).length) {
+        return undefined;
+    }
+    var channel = normalizeHotfixChannel(source.channel || source.hotfixChannel || source.hotfix_channel || ((_a = policy === null || policy === void 0 ? void 0 : policy.hotfixPlan) === null || _a === void 0 ? void 0 : _a.recommendedChannel));
+    if (!channel) {
+        return undefined;
+    }
+    var target = normalizeHotfixEvidenceTarget(source.target || source);
+    return {
+        channel: channel,
+        status: normalizeHotfixStatus(source.status),
+        target: target,
+        compiledArtifactPath: cleanText(source.compiledArtifactPath || source.compiled_artifact_path || target.artifactPath, 500),
+        builtDistPath: cleanText(source.builtDistPath || source.built_dist_path || target.artifactPath, 500),
+        remoteChecksumBefore: cleanText(source.remoteChecksumBefore || source.remote_checksum_before || source.checksumBefore || source.checksum_before, 160),
+        remoteChecksumAfter: cleanText(source.remoteChecksumAfter || source.remote_checksum_after || source.checksumAfter || source.checksum_after, 160),
+        remoteChecksum: cleanText(source.remoteChecksum || source.remote_checksum || source.checksum, 160),
+        restartEvidence: cleanText(source.restartEvidence || source.restart_evidence, 1000),
+        healthCheckStatus: cleanText(source.healthCheckStatus || source.health_check_status || source.health, 160),
+        selfTestStatus: cleanText(source.selfTestStatus || source.self_test_status || source.selfTest || source.self_test, 160),
+        releaseGateStatus: cleanText(source.releaseGateStatus || source.release_gate_status || source.releaseGate || source.release_gate, 160),
+        s3UploadResult: cleanText(source.s3UploadResult || source.s3_upload_result || source.uploadResult || source.upload_result, 1000),
+        cloudfrontInvalidationId: cleanText(source.cloudfrontInvalidationId || source.cloudfront_invalidation_id || source.invalidationId || source.invalidation_id, 240),
+        publicProof: cleanText(source.publicProof || source.public_proof || source.publicUrl || source.public_url, 1000),
+        configChangeEvidence: cleanText(source.configChangeEvidence || source.config_change_evidence, 1000),
+        seedDataEvidence: cleanText(source.seedDataEvidence || source.seed_data_evidence, 1000),
+        cacheInvalidationEvidence: cleanText(source.cacheInvalidationEvidence || source.cache_invalidation_evidence, 1000),
+        serviceRestartEvidence: cleanText(source.serviceRestartEvidence || source.service_restart_evidence, 1000),
+        releaseArtifactFingerprint: cleanText(source.releaseArtifactFingerprint || source.release_artifact_fingerprint || source.artifactFingerprint || source.artifact_fingerprint, 240),
+        lastReleaseArtifactFingerprint: cleanText(source.lastReleaseArtifactFingerprint || source.last_release_artifact_fingerprint || source.lastArtifactFingerprint || source.last_artifact_fingerprint, 240),
+        forceDeployReason: cleanText(source.forceDeployReason || source.force_deploy_reason, 1000),
+        hotfixCannotResolveReason: cleanText(source.hotfixCannotResolveReason || source.hotfix_cannot_resolve_reason, 1000),
+        fullDeployRequested: source.fullDeployRequested === true || source.full_deploy_requested === true,
+        recordedAt: source.recordedAt || source.recorded_at
+    };
+}
+function matchingHotfixPlanStep(policy, channel) {
+    var _a;
+    return (((_a = policy === null || policy === void 0 ? void 0 : policy.hotfixPlan) === null || _a === void 0 ? void 0 : _a.steps) || []).find(function (step) { return step.channel === channel; });
+}
+function pushMissing(blockers, condition, message) {
+    if (!condition) {
+        blockers.push(message);
+    }
+}
+function validateResolveIOAIManagerHotfixEvidence(value, options) {
+    var _a, _b, _c, _d;
+    if (options === void 0) { options = {}; }
+    var normalized = normalizeResolveIOAIManagerHotfixEvidence(value, options.policy);
+    var policy = options.policy;
+    if (!normalized) {
+        return {
+            valid: false,
+            status: 'missing',
+            channel: '',
+            blockers: ['Hotfix evidence is missing or channel is unsupported.'],
+            warnings: [],
+            fullDeployAllowed: false,
+            fullDeployBlocked: true,
+            hotfixSatisfied: false,
+            requiredEvidence: ((_b = (_a = policy === null || policy === void 0 ? void 0 : policy.hotfixPlan) === null || _a === void 0 ? void 0 : _a.steps) === null || _b === void 0 ? void 0 : _b.flatMap(function (step) { return step.requiredEvidence; })) || [],
+            successEvidence: ((_d = (_c = policy === null || policy === void 0 ? void 0 : policy.hotfixPlan) === null || _c === void 0 ? void 0 : _c.steps) === null || _d === void 0 ? void 0 : _d.flatMap(function (step) { return step.successEvidence; })) || [],
+            policy: policy,
+            nextAction: 'record_hotfix_evidence'
+        };
+    }
+    var blockers = [];
+    var warnings = [];
+    var target = normalized.target || {};
+    var channel = normalized.channel;
+    var step = matchingHotfixPlanStep(policy, channel);
+    var requiredEvidence = (step === null || step === void 0 ? void 0 : step.requiredEvidence) || [];
+    var successEvidence = (step === null || step === void 0 ? void 0 : step.successEvidence) || [];
+    var policyAllowsFullDeploy = (policy === null || policy === void 0 ? void 0 : policy.fullDeployAllowed) === true;
+    var policyBlocksDuplicate = (policy === null || policy === void 0 ? void 0 : policy.duplicateDeployBlocked) === true || (policy === null || policy === void 0 ? void 0 : policy.duplicatePublishBlocked) === true;
+    if (normalized.fullDeployRequested && !policyAllowsFullDeploy && channel !== 'force_deploy_review' && channel !== 'new_artifact_deploy') {
+        blockers.push('Full deploy requested but hotfix-first policy does not allow a full deploy for this release state.');
+    }
+    if (normalized.fullDeployRequested && policyBlocksDuplicate && !normalized.forceDeployReason && channel !== 'force_deploy_review') {
+        blockers.push('Duplicate deploy/publish fingerprint requires force deploy/publish evidence before any full deploy.');
+    }
+    if (channel === 'backend_js') {
+        pushMissing(blockers, !!normalized.compiledArtifactPath, 'Backend JS hotfix requires compiledArtifactPath.');
+        pushMissing(blockers, !!target.host, 'Backend JS hotfix requires target.host.');
+        pushMissing(blockers, !!target.path, 'Backend JS hotfix requires target.path.');
+        pushMissing(blockers, !!(normalized.remoteChecksumAfter || normalized.remoteChecksum), 'Backend JS hotfix requires remote checksum after replacement.');
+        pushMissing(blockers, !!(normalized.restartEvidence || normalized.serviceRestartEvidence), 'Backend JS hotfix requires restart evidence.');
+        pushMissing(blockers, hotfixStatusPassed(normalized.healthCheckStatus), 'Backend JS hotfix requires passed healthCheckStatus.');
+        pushMissing(blockers, hotfixStatusPassed(normalized.selfTestStatus), 'Backend JS hotfix requires passed selfTestStatus.');
+        if (normalized.remoteChecksumBefore && normalized.remoteChecksumAfter && normalized.remoteChecksumBefore === normalized.remoteChecksumAfter) {
+            blockers.push('Backend JS hotfix checksum did not change; record force/no-op evidence or do not claim a hotfix.');
+        }
+    }
+    else if (channel === 'static_ui') {
+        pushMissing(blockers, !!normalized.builtDistPath, 'Static UI hotfix requires builtDistPath.');
+        pushMissing(blockers, !!target.bucket, 'Static UI hotfix requires target.bucket.');
+        pushMissing(blockers, !!target.distributionId, 'Static UI hotfix requires target.distributionId.');
+        pushMissing(blockers, !!normalized.s3UploadResult, 'Static UI hotfix requires s3UploadResult.');
+        pushMissing(blockers, !!normalized.cloudfrontInvalidationId, 'Static UI hotfix requires cloudfrontInvalidationId.');
+        pushMissing(blockers, !!normalized.publicProof, 'Static UI hotfix requires publicProof.');
+    }
+    else if (channel === 'config') {
+        pushMissing(blockers, !!target.configKey, 'Config hotfix requires target.configKey.');
+        pushMissing(blockers, !!normalized.configChangeEvidence, 'Config hotfix requires configChangeEvidence.');
+        pushMissing(blockers, hotfixStatusPassed(normalized.releaseGateStatus), 'Config hotfix requires passed releaseGateStatus.');
+    }
+    else if (channel === 'seed_data') {
+        pushMissing(blockers, !!target.seedKey, 'Seed-data hotfix requires target.seedKey.');
+        pushMissing(blockers, !!normalized.seedDataEvidence, 'Seed-data hotfix requires seedDataEvidence.');
+        pushMissing(blockers, hotfixStatusPassed(normalized.releaseGateStatus), 'Seed-data hotfix requires passed releaseGateStatus.');
+    }
+    else if (channel === 'cache_invalidation') {
+        pushMissing(blockers, !!target.cacheKey, 'Cache invalidation hotfix requires target.cacheKey.');
+        pushMissing(blockers, !!normalized.cacheInvalidationEvidence, 'Cache invalidation hotfix requires cacheInvalidationEvidence.');
+        pushMissing(blockers, hotfixStatusPassed(normalized.releaseGateStatus) || hotfixStatusPassed(normalized.healthCheckStatus), 'Cache invalidation hotfix requires passed releaseGateStatus or healthCheckStatus.');
+    }
+    else if (channel === 'service_restart') {
+        pushMissing(blockers, !!target.processName, 'Service restart hotfix requires target.processName.');
+        pushMissing(blockers, !!(normalized.serviceRestartEvidence || normalized.restartEvidence), 'Service restart hotfix requires restart evidence.');
+        pushMissing(blockers, hotfixStatusPassed(normalized.healthCheckStatus), 'Service restart hotfix requires passed healthCheckStatus.');
+        pushMissing(blockers, hotfixStatusPassed(normalized.selfTestStatus), 'Service restart hotfix requires passed selfTestStatus.');
+    }
+    else if (channel === 'release_artifact') {
+        pushMissing(blockers, !!normalized.releaseArtifactFingerprint, 'Release artifact hotfix requires releaseArtifactFingerprint.');
+        pushMissing(blockers, hotfixStatusPassed(normalized.releaseGateStatus), 'Release artifact hotfix requires passed releaseGateStatus.');
+    }
+    else if (channel === 'force_deploy_review') {
+        pushMissing(blockers, !!normalized.forceDeployReason, 'Force deploy review requires forceDeployReason.');
+        pushMissing(blockers, !!normalized.hotfixCannotResolveReason, 'Force deploy review requires hotfixCannotResolveReason.');
+    }
+    else if (channel === 'new_artifact_deploy') {
+        pushMissing(blockers, !!normalized.releaseArtifactFingerprint, 'New artifact deploy requires releaseArtifactFingerprint.');
+        pushMissing(blockers, !!normalized.lastReleaseArtifactFingerprint, 'New artifact deploy requires lastReleaseArtifactFingerprint.');
+        if (normalized.releaseArtifactFingerprint && normalized.lastReleaseArtifactFingerprint && normalized.releaseArtifactFingerprint === normalized.lastReleaseArtifactFingerprint) {
+            blockers.push('New artifact deploy requires a fingerprint different from the last deployed artifact.');
+        }
+        pushMissing(blockers, hotfixStatusPassed(normalized.releaseGateStatus), 'New artifact deploy requires passed releaseGateStatus.');
+    }
+    else if (channel === 'artifact_build') {
+        pushMissing(blockers, !!normalized.releaseArtifactFingerprint, 'Artifact build requires releaseArtifactFingerprint.');
+        if (normalized.fullDeployRequested) {
+            blockers.push('Artifact build evidence cannot request a full deploy in the same step.');
+        }
+    }
+    if (!step && policy) {
+        warnings.push("Hotfix channel ".concat(channel, " is not the recommended channel in the current release policy."));
+    }
+    var forceDeployReviewValid = channel === 'force_deploy_review' && blockers.length === 0;
+    var newArtifactDeployValid = channel === 'new_artifact_deploy' && blockers.length === 0;
+    var fullDeployAllowed = forceDeployReviewValid || newArtifactDeployValid || (policyAllowsFullDeploy && blockers.length === 0 && normalized.fullDeployRequested === true);
+    var hotfixSatisfied = blockers.length === 0 && !fullDeployAllowed;
+    var status = blockers.length
+        ? (normalizeHotfixStatus(normalized.status) === 'blocked' ? 'blocked' : 'incomplete')
+        : 'passed';
+    var fullDeployBlocked = !fullDeployAllowed && (normalized.fullDeployRequested === true || (policy === null || policy === void 0 ? void 0 : policy.fullDeployAllowed) !== true);
+    var nextAction = blockers.some(function (blocker) { return /force deploy/i.test(blocker); })
+        ? 'request_force_deploy_reason'
+        : fullDeployAllowed
+            ? 'allow_one_full_deploy'
+            : hotfixSatisfied
+                ? 'rerun_release_gate'
+                : blockers.length
+                    ? 'record_hotfix_evidence'
+                    : 'park_manual';
+    normalized.status = status;
+    return {
+        valid: blockers.length === 0,
+        status: status,
+        channel: channel,
+        blockers: blockers,
+        warnings: warnings,
+        fullDeployAllowed: fullDeployAllowed,
+        fullDeployBlocked: fullDeployBlocked,
+        hotfixSatisfied: hotfixSatisfied,
+        requiredEvidence: requiredEvidence,
+        successEvidence: successEvidence,
+        normalized: normalized,
+        policy: policy,
+        nextAction: nextAction
+    };
+}
 function releaseStatusIsBlocked(value) {
     return /fail|error|blocked|missing|empty|not ready|not_ready|denied|invalid|timeout|stale/i.test(value);
 }