@rubixkube/rubix 0.0.1

package/README.md

@@ -0,0 +1,41 @@
+# Rubix CLI
+
+Chat with your infrastructure from the terminal. **RubixKube** CLI for Site Reliability Intelligence—predict, prevent, and fix failures with AI.
+
+![Rubix CLI](https://raw.githubusercontent.com/rubixkube-io/rubixkube-ai/main/public/assets/rubix-cli.png)
+
+## Install
+
+```bash
+npm install -g @rubixkube/rubix
+```
+
+Or run without installing:
+
+```bash
+npx @rubixkube/rubix
+```
+
+## Quick Start
+
+1. Run `rubix` to start the chat UI
+2. On first run, choose **Login** and complete the Auth0 device flow
+3. Start asking questions about your infrastructure
+
+## Features
+
+- **Auth** — Auth0 device code flow; credentials stored in `~/.rubix/auth.json`
+- **Chat** — Real-time streaming to RubixKube; session resume; cluster-aware
+- **Slash commands** — `/login`, `/logout`, `/status`, `/sessions`, `/cluster`, `/new`, `/clear`, `/console`, `/help`, `/exit`
+- **Shortcuts** — `?` help, `Tab` autocomplete, `Ctrl+X` then `H/C/Q` for help/clear/quit
+
+## Requirements
+
+- Node.js 18+
+- [RubixKube account](https://console.rubixkube.ai) (free signup)
+
+## Links
+
+- [RubixKube](https://rubixkube.ai) — Site Reliability Intelligence platform
+- [Documentation](https://docs.rubixkube.ai)
+- [Console](https://console.rubixkube.ai)

package/dist/cli.js

@@ -0,0 +1,50 @@
+#!/usr/bin/env node
+import { Command } from "commander";
+import { runChatCommand } from "./commands/chat.js";
+import { VERSION } from "./version.js";
+import { runLoginCommand } from "./commands/login.js";
+import { runLogoutCommand } from "./commands/logout.js";
+import { runSessionsCommand } from "./commands/sessions.js";
+async function main() {
+    if (process.argv.length <= 2) {
+        await runChatCommand({});
+        return;
+    }
+    const program = new Command();
+    program
+        .name("rubix")
+        .description("Rubix terminal client")
+        .version(VERSION);
+    program
+        .command("chat")
+        .description("Start interactive chat UI")
+        .option("-s, --session-id <id>", "Use an existing session id")
+        .option("-p, --prompt <text>", "Send a prompt immediately after launch")
+        .action(async (options) => {
+        await runChatCommand(options);
+    });
+    program
+        .command("login")
+        .description("Authenticate with device code flow")
+        .action(async () => {
+        await runLoginCommand();
+    });
+    program
+        .command("logout")
+        .description("Clear local authentication")
+        .action(async () => {
+        await runLogoutCommand();
+    });
+    program
+        .command("sessions")
+        .description("List sessions")
+        .action(async () => {
+        await runSessionsCommand();
+    });
+    await program.parseAsync(process.argv);
+}
+main().catch((error) => {
+    const message = error instanceof Error ? error.message : String(error);
+    console.error(`Fatal: ${message}`);
+    process.exit(1);
+});

package/dist/commands/chat.js

@@ -0,0 +1,17 @@
+import React from "react";
+import { render } from "ink";
+import { ThemeProvider } from "@inkjs/ui";
+import { App } from "../ui/App.js";
+import { inkTheme } from "../ui/ink-theme.js";
+export async function runChatCommand(options) {
+    const instance = render(React.createElement(ThemeProvider, {
+        theme: inkTheme,
+        children: React.createElement(App, {
+            initialSessionId: options.sessionId,
+            seedPrompt: options.prompt,
+        }),
+    }), {
+        exitOnCtrlC: true,
+    });
+    await instance.waitUntilExit();
+}

package/dist/commands/login.js

@@ -0,0 +1,17 @@
+import { saveAuthConfig } from "../core/auth-store.js";
+import { authenticateWithDeviceFlow } from "../core/device-auth.js";
+export async function runLoginCommand() {
+    console.log("Starting Rubix device authentication...");
+    try {
+        const authConfig = await authenticateWithDeviceFlow((message) => {
+            console.log(message);
+        });
+        await saveAuthConfig(authConfig);
+        console.log(`Authentication successful for ${authConfig.userName ?? authConfig.userEmail ?? "user"}.`);
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        console.error(`Login not completed: ${message}`);
+        process.exitCode = 1;
+    }
+}

package/dist/commands/logout.js

@@ -0,0 +1,5 @@
+import { clearAuthConfig } from "../core/auth-store.js";
+export async function runLogoutCommand() {
+    await clearAuthConfig();
+    console.log("Logged out. Local auth config cleared.");
+}

package/dist/commands/sessions.js

@@ -0,0 +1,26 @@
+import { loadAuthConfig } from "../core/auth-store.js";
+import { listSessions } from "../core/rubix-api.js";
+export async function runSessionsCommand() {
+    try {
+        const auth = await loadAuthConfig();
+        if (!auth?.isAuthenticated) {
+            console.error("Not authenticated. Run `rubix login` first.");
+            process.exitCode = 1;
+            return;
+        }
+        const sessions = await listSessions(auth);
+        if (sessions.length === 0) {
+            console.log("No sessions found.");
+            return;
+        }
+        for (const session of sessions) {
+            const title = session.title ? `  ${session.title}` : "";
+            console.log(`${session.id}  ${session.appName}  ${session.updatedAt}${title}`);
+        }
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        console.error(`Failed to list sessions: ${message}`);
+        process.exitCode = 1;
+    }
+}

package/dist/config/env.js

@@ -0,0 +1,46 @@
+import dotenv from "dotenv";
+dotenv.config({ quiet: true });
+/** Production defaults — baked in for installable binary. Override via env for dev/staging/self-hosted. */
+const DEFAULTS = {
+    RUBIXKUBE_AUTH0_DOMAIN: "rubixkube.us.auth0.com",
+    RUBIXKUBE_AUTH0_CLIENT_ID: "l732txhrSBbcieX2WgZuaRC8nTZBteVh",
+    RUBIXKUBE_AUTH0_AUDIENCE: "",
+    RUBIXKUBE_AUTH_API_BASE: "https://console.rubixkube.ai/api/orchestrator",
+    RUBIXKUBE_OPEL_API_BASE: "https://console.rubixkube.ai/api/opel",
+    RUBIXKUBE_STREAM_TIMEOUT_MS: "600000",
+};
+export const REQUIRED_ENV = [
+    "RUBIXKUBE_AUTH0_DOMAIN",
+    "RUBIXKUBE_AUTH0_CLIENT_ID",
+    "RUBIXKUBE_AUTH_API_BASE",
+    "RUBIXKUBE_OPEL_API_BASE",
+];
+export const AUTH_REQUIRED_ENV = [
+    "RUBIXKUBE_AUTH0_DOMAIN",
+    "RUBIXKUBE_AUTH0_CLIENT_ID",
+    "RUBIXKUBE_AUTH_API_BASE",
+];
+export function getConfig() {
+    return {
+        auth0Domain: process.env.RUBIXKUBE_AUTH0_DOMAIN ?? DEFAULTS.RUBIXKUBE_AUTH0_DOMAIN,
+        auth0ClientId: process.env.RUBIXKUBE_AUTH0_CLIENT_ID ?? DEFAULTS.RUBIXKUBE_AUTH0_CLIENT_ID,
+        auth0Audience: (process.env.RUBIXKUBE_AUTH0_AUDIENCE ?? DEFAULTS.RUBIXKUBE_AUTH0_AUDIENCE) || undefined,
+        authApiBase: process.env.RUBIXKUBE_AUTH_API_BASE ?? DEFAULTS.RUBIXKUBE_AUTH_API_BASE,
+        opelApiBase: process.env.RUBIXKUBE_OPEL_API_BASE ?? DEFAULTS.RUBIXKUBE_OPEL_API_BASE,
+        streamTimeoutMs: Number(process.env.RUBIXKUBE_STREAM_TIMEOUT_MS ?? DEFAULTS.RUBIXKUBE_STREAM_TIMEOUT_MS) || 600000,
+    };
+}
+export function getMissingEnv(names) {
+    const config = getConfig();
+    const keyMap = {
+        RUBIXKUBE_AUTH0_DOMAIN: config.auth0Domain,
+        RUBIXKUBE_AUTH0_CLIENT_ID: config.auth0ClientId,
+        RUBIXKUBE_AUTH0_AUDIENCE: config.auth0Audience ?? "",
+        RUBIXKUBE_AUTH_API_BASE: config.authApiBase,
+        RUBIXKUBE_OPEL_API_BASE: config.opelApiBase,
+    };
+    return names.filter((name) => !keyMap[name]?.trim());
+}
+export function getMissingRequiredEnv() {
+    return getMissingEnv(REQUIRED_ENV);
+}

package/dist/core/auth-store.js

@@ -0,0 +1,39 @@
+import fs from "node:fs/promises";
+import os from "node:os";
+import path from "node:path";
+const CONFIG_DIR = ".rubix";
+const AUTH_FILE = "auth.json";
+export function getAuthPath() {
+    return path.join(os.homedir(), CONFIG_DIR, AUTH_FILE);
+}
+async function ensureConfigDir() {
+    await fs.mkdir(path.join(os.homedir(), CONFIG_DIR), { recursive: true, mode: 0o700 });
+}
+export async function loadAuthConfig() {
+    try {
+        const data = await fs.readFile(getAuthPath(), "utf8");
+        return JSON.parse(data);
+    }
+    catch (error) {
+        const asNodeError = error;
+        if (asNodeError.code === "ENOENT") {
+            return null;
+        }
+        throw error;
+    }
+}
+export async function saveAuthConfig(config) {
+    await ensureConfigDir();
+    await fs.writeFile(getAuthPath(), JSON.stringify(config, null, 2), { mode: 0o600 });
+}
+export async function clearAuthConfig() {
+    try {
+        await fs.unlink(getAuthPath());
+    }
+    catch (error) {
+        const asNodeError = error;
+        if (asNodeError.code !== "ENOENT") {
+            throw error;
+        }
+    }
+}

package/dist/core/device-auth.js

@@ -0,0 +1,155 @@
+import { spawn } from "child_process";
+import { AUTH_REQUIRED_ENV, getConfig, getMissingEnv } from "../config/env.js";
+function isLocalDomain(domain) {
+    return domain.startsWith("localhost") || domain.startsWith("127.0.0.1");
+}
+function auth0BaseUrl() {
+    const domain = getConfig().auth0Domain;
+    const protocol = isLocalDomain(domain) ? "http" : "https";
+    return `${protocol}://${domain}`;
+}
+function decodeJwtClaims(token) {
+    const parts = token.split(".");
+    if (parts.length < 2) {
+        throw new Error("Invalid JWT token format.");
+    }
+    const payload = parts[1];
+    const normalized = payload.replace(/-/g, "+").replace(/_/g, "/");
+    const padded = normalized.padEnd(Math.ceil(normalized.length / 4) * 4, "=");
+    const decoded = Buffer.from(padded, "base64").toString("utf8");
+    return JSON.parse(decoded);
+}
+export async function startDeviceAuth() {
+    const missing = getMissingEnv(AUTH_REQUIRED_ENV);
+    if (missing.length > 0) {
+        throw new Error(`Missing required environment variables: ${missing.join(", ")}`);
+    }
+    const { auth0ClientId, auth0Audience } = getConfig();
+    const body = new URLSearchParams();
+    body.set("client_id", auth0ClientId);
+    body.set("scope", "openid profile email");
+    if (auth0Audience) {
+        body.set("audience", auth0Audience);
+    }
+    const response = await fetch(`${auth0BaseUrl()}/oauth/device/code`, {
+        method: "POST",
+        headers: { "Content-Type": "application/x-www-form-urlencoded" },
+        body,
+    });
+    if (!response.ok) {
+        const text = await response.text();
+        throw new Error(`Device authorization request failed (${response.status}): ${text}`);
+    }
+    const payload = (await response.json());
+    return {
+        deviceCode: payload.device_code,
+        userCode: payload.user_code,
+        verificationUrl: payload.verification_uri_complete ?? payload.verification_uri ?? "",
+        expiresIn: payload.expires_in,
+        interval: payload.interval ?? 5,
+    };
+}
+async function pollForTokens(start, log) {
+    const body = new URLSearchParams();
+    body.set("grant_type", "urn:ietf:params:oauth:grant-type:device_code");
+    body.set("device_code", start.deviceCode);
+    body.set("client_id", getConfig().auth0ClientId);
+    const expiresAt = Date.now() + start.expiresIn * 1000;
+    const intervalMs = Math.max(1, start.interval) * 1000;
+    let waitingLogged = false;
+    while (Date.now() < expiresAt) {
+        const response = await fetch(`${auth0BaseUrl()}/oauth/token`, {
+            method: "POST",
+            headers: { "Content-Type": "application/x-www-form-urlencoded" },
+            body,
+        });
+        const raw = (await response.json());
+        if (response.ok && raw.id_token && raw.access_token) {
+            return raw;
+        }
+        if (raw.error === "authorization_pending" || raw.error === "slow_down") {
+            if (!waitingLogged) {
+                waitingLogged = true;
+                log?.("Waiting for authorization in browser...");
+            }
+            await new Promise((resolve) => setTimeout(resolve, intervalMs));
+            continue;
+        }
+        throw new Error(`Token polling failed: ${JSON.stringify(raw)}`);
+    }
+    throw new Error("Device authorization timed out.");
+}
+async function validateAuth0Token(idToken) {
+    const authBase = getConfig().authApiBase;
+    const claims = decodeJwtClaims(idToken);
+    const response = await fetch(`${authBase}/auth/auth0-login`, {
+        method: "POST",
+        headers: {
+            Authorization: `Bearer ${idToken}`,
+            "Content-Type": "application/json",
+        },
+        body: JSON.stringify({
+            auth0_user: {
+                sub: claims.sub,
+                email: claims.email,
+                name: claims.name,
+                picture: claims.picture,
+                email_verified: claims.email_verified,
+            },
+        }),
+    });
+    if (!response.ok) {
+        const text = await response.text();
+        throw new Error(`auth0-login failed (${response.status}): ${text}`);
+    }
+    return (await response.json());
+}
+async function getUserProfile(idToken) {
+    const authBase = getConfig().authApiBase;
+    const response = await fetch(`${authBase}/users/me`, {
+        headers: {
+            Authorization: `Bearer ${idToken}`,
+            "Content-Type": "application/json",
+        },
+    });
+    if (!response.ok) {
+        return null;
+    }
+    return (await response.json());
+}
+function openUrlInBrowser(url) {
+    const urlStr = String(url).trim();
+    if (!urlStr.startsWith("http://") && !urlStr.startsWith("https://"))
+        return;
+    if (process.platform === "darwin") {
+        spawn("open", [urlStr], { stdio: "ignore" });
+    }
+    else if (process.platform === "win32") {
+        spawn("cmd", ["/c", "start", "", urlStr], { stdio: "ignore" });
+    }
+    else {
+        spawn("xdg-open", [urlStr], { stdio: "ignore" });
+    }
+}
+export async function authenticateWithDeviceFlow(log) {
+    const start = await startDeviceAuth();
+    openUrlInBrowser(start.verificationUrl);
+    log?.(`Opening ${start.verificationUrl} in browser`);
+    log?.(`Enter code: ${start.userCode}`);
+    const tokens = await pollForTokens(start, log);
+    const validation = await validateAuth0Token(tokens.id_token);
+    const profile = await getUserProfile(tokens.id_token);
+    return {
+        authToken: tokens.access_token,
+        idToken: tokens.id_token,
+        refreshToken: tokens.refresh_token,
+        tenantId: profile?.tenant?.tenant_id ?? validation.tenant_id,
+        userEmail: profile?.email ?? validation.user?.email,
+        userId: profile?.user_id,
+        userName: profile?.full_name ?? validation.user?.name,
+        userRole: profile?.roles?.[0],
+        tenantPlan: profile?.tenant?.plan_tier,
+        isAuthenticated: true,
+        timestamp: Date.now(),
+    };
+}

package/dist/core/file-context.js

@@ -0,0 +1,71 @@
+import fs from "node:fs/promises";
+import path from "node:path";
+const MAX_FILE_SIZE = 256 * 1024; // 256KB
+const MAX_URL_SIZE = 512 * 1024; // 512KB
+export async function readFileContext(filePath, cwd) {
+    const resolved = path.isAbsolute(filePath) ? filePath : path.resolve(cwd, filePath);
+    const label = path.basename(resolved);
+    const stat = await fs.stat(resolved);
+    if (!stat.isFile()) {
+        throw new Error(`Not a file: ${filePath}`);
+    }
+    if (stat.size > MAX_FILE_SIZE) {
+        throw new Error(`File too large (max ${MAX_FILE_SIZE / 1024}KB): ${filePath}`);
+    }
+    const content = await fs.readFile(resolved, "utf8");
+    let truncated = false;
+    let out = content;
+    if (content.length > MAX_FILE_SIZE) {
+        out = content.slice(0, MAX_FILE_SIZE);
+        truncated = true;
+    }
+    return { content: out, label, truncated };
+}
+export async function fetchUrlContext(url) {
+    const trimmed = url.trim();
+    if (!trimmed.startsWith("http://") && !trimmed.startsWith("https://")) {
+        throw new Error(`Invalid URL (must be http or https): ${url}`);
+    }
+    const controller = new AbortController();
+    const timeout = setTimeout(() => controller.abort(), 15000);
+    const response = await fetch(trimmed, {
+        signal: controller.signal,
+        headers: { "User-Agent": "Rubix-CLI/1.0" },
+    });
+    clearTimeout(timeout);
+    if (!response.ok) {
+        throw new Error(`HTTP ${response.status}: ${trimmed}`);
+    }
+    const contentType = response.headers.get("content-type") ?? "";
+    if (!contentType.includes("text/") && !contentType.includes("application/json")) {
+        throw new Error(`Unsupported content type: ${contentType}`);
+    }
+    const text = await response.text();
+    let label;
+    try {
+        const u = new URL(trimmed);
+        label = u.hostname + (u.pathname.replace(/\/$/, "") || "");
+        if (!label)
+            label = trimmed;
+    }
+    catch {
+        label = trimmed;
+    }
+    let truncated = false;
+    let out = text;
+    if (text.length > MAX_URL_SIZE) {
+        out = text.slice(0, MAX_URL_SIZE);
+        truncated = true;
+    }
+    return { content: out, label, truncated };
+}
+/**
+ * Format context block to match console's context message format.
+ * Console: [CONTEXT] **label** (type){: description}:\ncontent
+ * Parsed by: ^\[CONTEXT\]\s*\*\*([^*]+)\*\*
+ */
+export function formatContextBlock(result, kind, description) {
+    const desc = description ?? (result.truncated ? "truncated" : undefined);
+    const header = `[CONTEXT] **${result.label}** (${kind})${desc ? ": " + desc : ""}`;
+    return `${header}:\n${result.content}`;
+}