@ruifung/codemode-bridge 1.0.3-1

package/dist/cli/index.js

@@ -0,0 +1,165 @@
+#!/usr/bin/env node
+/**
+ * Code Mode Bridge CLI
+ *
+ * Main entry point for the command-line interface
+ *
+ * Usage:
+ *   codemode-bridge run [options]            - Start the bridge server
+ *   codemode-bridge config list [options]    - List configured servers
+ *   codemode-bridge config show <name>       - Show a server configuration
+ *   codemode-bridge config add <name>        - Add a new server
+ *   codemode-bridge config remove <name>     - Remove a server
+ *   codemode-bridge config edit <name>       - Edit a server
+ *   codemode-bridge config info              - Show config file information
+ *   codemode-bridge auth list [options]      - List OAuth-enabled servers and status
+ *   codemode-bridge auth login <name>        - Prepare to login to an OAuth server
+ *   codemode-bridge auth logout <name>       - Logout from an OAuth server
+ */
+import { Command } from "commander";
+import { runServer, listServersCommand, showServerCommand, addServerCommand, removeServerCommand, editServerCommand, configInfoCommand, authLoginCommand, authLogoutCommand, authListCommand, } from "./commands.js";
+import * as fs from "fs";
+const pkg = JSON.parse(fs.readFileSync(new URL("../../package.json", import.meta.url), "utf-8"));
+const program = new Command();
+program.name("codemode-bridge").description("Code Mode Bridge CLI").version(pkg.version);
+// Main 'run' command
+program
+    .command("run")
+    .description("Start the bridge MCP server (default command)")
+    .option("-c, --config <path>", "Path to mcp.json configuration file (default: ~/.config/codemode-bridge/mcp.json)")
+    .option("-s, --servers <names>", "Comma-separated list of servers to connect to")
+    .option("-d, --debug", "Enable debug logging")
+    .action(async (options) => {
+    const servers = options.servers ? options.servers.split(",").map((s) => s.trim()) : undefined;
+    await runServer(options.config, servers, options.debug);
+});
+// Config command group
+const config = program.command("config").description("Manage bridge configuration");
+config
+    .command("list")
+    .description("List all configured servers")
+    .option("-c, --config <path>", "Path to mcp.json configuration file")
+    .action((options) => {
+    listServersCommand(options.config);
+});
+config
+    .command("show <name>")
+    .description("Show a server configuration")
+    .option("-c, --config <path>", "Path to mcp.json configuration file")
+    .action((name, options) => {
+    showServerCommand(name, options.config);
+});
+config
+    .command("add <name> [commandAndArgs...]")
+    .description("Add a new server configuration")
+    .requiredOption("-t, --type <type>", "Server type (stdio or http)")
+    .option("--url <url>", "Server URL (required for http servers)")
+    .option("--env <env...>", 'Environment variables as KEY=VALUE pairs')
+    .option("-c, --config <path>", "Path to mcp.json configuration file")
+    .action((name, commandAndArgs, options) => {
+    let command;
+    let args;
+    // Parse command and args from positional arguments
+    if (commandAndArgs && commandAndArgs.length > 0) {
+        command = commandAndArgs[0];
+        if (commandAndArgs.length > 1) {
+            args = commandAndArgs.slice(1);
+        }
+    }
+    const env = {};
+    if (options.env) {
+        for (const pair of options.env) {
+            const [key, value] = pair.split("=");
+            if (key && value) {
+                env[key] = value;
+            }
+        }
+    }
+    addServerCommand(name, {
+        type: options.type,
+        command,
+        args,
+        url: options.url,
+        env: Object.keys(env).length > 0 ? env : undefined,
+    }, options.config);
+});
+config
+    .command("remove <name>")
+    .description("Remove a server configuration")
+    .option("-c, --config <path>", "Path to mcp.json configuration file")
+    .action((name, options) => {
+    removeServerCommand(name, options.config);
+});
+config
+    .command("edit <name> [commandAndArgs...]")
+    .description("Edit a server configuration")
+    .option("-t, --type <type>", "Server type (stdio or http)")
+    .option("--url <url>", "Server URL (for http servers)")
+    .option("--env <env...>", 'Environment variables as KEY=VALUE pairs')
+    .option("-c, --config <path>", "Path to mcp.json configuration file")
+    .action((name, commandAndArgs, options) => {
+    let command;
+    let args;
+    // Parse command and args from positional arguments
+    if (commandAndArgs && commandAndArgs.length > 0) {
+        command = commandAndArgs[0];
+        if (commandAndArgs.length > 1) {
+            args = commandAndArgs.slice(1);
+        }
+    }
+    const env = {};
+    if (options.env) {
+        for (const pair of options.env) {
+            const [key, value] = pair.split("=");
+            if (key && value) {
+                env[key] = value;
+            }
+        }
+    }
+    editServerCommand(name, {
+        type: options.type,
+        command,
+        args,
+        url: options.url,
+        env: Object.keys(env).length > 0 ? env : undefined,
+    }, options.config);
+});
+config
+    .command("info")
+    .description("Show configuration file information")
+    .option("-c, --config <path>", "Path to mcp.json configuration file")
+    .action((options) => {
+    configInfoCommand(options.config);
+});
+// Auth command group
+const auth = program.command("auth").description("Manage OAuth authentication");
+auth
+    .command("list")
+    .description("List all OAuth-enabled servers and their authentication status")
+    .option("-c, --config <path>", "Path to mcp.json configuration file")
+    .action((options) => {
+    authListCommand(options.config);
+});
+auth
+    .command("login <server-name>")
+    .description("Initiate OAuth login for a server")
+    .option("-c, --config <path>", "Path to mcp.json configuration file")
+    .action(async (serverName, options) => {
+    await authLoginCommand(serverName, options.config);
+});
+auth
+    .command("logout <server-name>")
+    .description("Logout from an OAuth server (clears all authentication data)")
+    .option("-c, --config <path>", "Path to mcp.json configuration file")
+    .action((serverName, options) => {
+    authLogoutCommand(serverName, options.config);
+});
+// Default command: run if no command specified
+program.action(async () => {
+    // If no command is specified, run the bridge
+    const args = process.argv.slice(2);
+    if (args.length === 0) {
+        await runServer(undefined, undefined, false);
+    }
+});
+program.parse();

package/dist/executor/container-executor.d.ts

@@ -0,0 +1,81 @@
+/**
+ * Container-based Executor — maximum isolation.
+ *
+ * Runs LLM-generated code inside a Docker/Podman container with:
+ *   --network=none   (no network access)
+ *   --read-only      (immutable root filesystem, /tmp is writable)
+ *   --cap-drop=ALL   (no Linux capabilities)
+ *
+ * Communication uses a line-delimited JSON protocol over the container's
+ * stdin/stdout.  Tool calls are proxied: the runner script inside the
+ * container sends tool-call requests, the host dispatches them to the
+ * real tool functions, and writes results back.
+ *
+ * The container is session-scoped — created once and reused across
+ * execute() calls.  State is cleaned up between calls by the runner.
+ */
+import type { Executor, ExecuteResult } from '@cloudflare/codemode';
+export interface ContainerExecutorOptions {
+    /** Execution timeout per call in ms (default 30000) */
+    timeout?: number;
+    /** Container image (default 'node:22-slim') */
+    image?: string;
+    /** Container runtime command — 'docker' | 'podman' | auto-detect */
+    runtime?: string;
+    /** Memory limit (default '256m') */
+    memoryLimit?: string;
+    /** CPU quota as fractional CPUs (default 1.0) */
+    cpuLimit?: number;
+}
+export declare class ContainerExecutor implements Executor {
+    private runtime;
+    private image;
+    private timeout;
+    private memoryLimit;
+    private cpuLimit;
+    private containerId;
+    private process;
+    private readline;
+    private ready;
+    /** Resolved when the container sends { type: 'ready' } */
+    private readyResolve;
+    /** Pending execution — only one at a time */
+    private pendingExecution;
+    private initPromise;
+    constructor(options?: ContainerExecutorOptions);
+    /**
+     * Start the container and wait for the runner to signal readiness.
+     * Called lazily on first execute().
+     */
+    private init;
+    /**
+     * Pull the container image if not already present.
+     * Runs synchronously so the image is ready before we start the container.
+     */
+    private pullImage;
+    private _init;
+    /**
+     * Handle a line of JSON from the container's stdout.
+     */
+    private handleMessage;
+    /**
+     * Dispatch a tool call from the container to the host-side tool function.
+     */
+    private handleToolCall;
+    /**
+     * Send a message to the container via stdin.
+     */
+    private send;
+    /**
+     * Execute code inside the container.
+     */
+    execute(code: string, fns: Record<string, (...args: unknown[]) => Promise<unknown>>): Promise<ExecuteResult>;
+    /**
+     * Stop and clean up the container.
+     */
+    dispose(): void;
+}
+/**
+ * Factory function matching the pattern of other executors.
+ */
+export declare function createContainerExecutor(options?: ContainerExecutorOptions): ContainerExecutor;

package/dist/executor/container-executor.js

@@ -0,0 +1,351 @@
+/**
+ * Container-based Executor — maximum isolation.
+ *
+ * Runs LLM-generated code inside a Docker/Podman container with:
+ *   --network=none   (no network access)
+ *   --read-only      (immutable root filesystem, /tmp is writable)
+ *   --cap-drop=ALL   (no Linux capabilities)
+ *
+ * Communication uses a line-delimited JSON protocol over the container's
+ * stdin/stdout.  Tool calls are proxied: the runner script inside the
+ * container sends tool-call requests, the host dispatches them to the
+ * real tool functions, and writes results back.
+ *
+ * The container is session-scoped — created once and reused across
+ * execute() calls.  State is cleaned up between calls by the runner.
+ */
+import { spawn, execFileSync } from 'node:child_process';
+import { randomBytes } from 'node:crypto';
+import { createInterface } from 'node:readline';
+import { fileURLToPath } from 'node:url';
+import { dirname, join } from 'node:path';
+import { wrapCode } from './wrap-code.js';
+// ── Runtime detection ───────────────────────────────────────────────
+function detectRuntime(requested) {
+    if (requested)
+        return requested;
+    // Try docker first, then podman
+    for (const cmd of ['docker', 'podman']) {
+        try {
+            execFileSync(cmd, ['--version'], { stdio: 'ignore', timeout: 5000 });
+            return cmd;
+        }
+        catch {
+            // not available
+        }
+    }
+    throw new Error('No container runtime found. Install Docker or Podman, ' +
+        'or set CONTAINER_RUNTIME environment variable.');
+}
+// ── Resolve runner script path ──────────────────────────────────────
+function getScriptPaths() {
+    // Works in both ESM and CJS contexts
+    let dir;
+    try {
+        // ESM
+        dir = dirname(fileURLToPath(import.meta.url));
+    }
+    catch {
+        // CJS fallback
+        dir = __dirname;
+    }
+    return {
+        runner: join(dir, 'container-runner.mjs'),
+        worker: join(dir, 'container-worker.mjs'),
+    };
+}
+// ── ContainerExecutor ───────────────────────────────────────────────
+export class ContainerExecutor {
+    constructor(options = {}) {
+        this.containerId = null;
+        this.process = null;
+        this.readline = null;
+        this.ready = false;
+        /** Resolved when the container sends { type: 'ready' } */
+        this.readyResolve = null;
+        /** Pending execution — only one at a time */
+        this.pendingExecution = null;
+        this.initPromise = null;
+        this.timeout = options.timeout ?? 30000;
+        this.image = options.image ?? 'node:24-slim';
+        this.memoryLimit = options.memoryLimit ?? '256m';
+        this.cpuLimit = options.cpuLimit ?? 1.0;
+        this.runtime = detectRuntime(options.runtime);
+    }
+    /**
+     * Start the container and wait for the runner to signal readiness.
+     * Called lazily on first execute().
+     */
+    async init() {
+        if (this.ready)
+            return;
+        if (this.initPromise)
+            return this.initPromise;
+        this.initPromise = this._init();
+        return this.initPromise;
+    }
+    /**
+     * Pull the container image if not already present.
+     * Runs synchronously so the image is ready before we start the container.
+     */
+    async pullImage() {
+        // Check if image exists locally first
+        try {
+            execFileSync(this.runtime, ['image', 'inspect', this.image], {
+                stdio: 'ignore',
+                timeout: 10000,
+            });
+            return; // image already present
+        }
+        catch {
+            // image not found locally, pull it
+        }
+        // Pull the image — this can take a while on first run
+        return new Promise((resolve, reject) => {
+            const pull = spawn(this.runtime, ['pull', this.image], {
+                stdio: ['ignore', 'pipe', 'pipe'],
+            });
+            pull.stderr?.on('data', (data) => {
+                process.stderr.write(`[container] ${data.toString()}`);
+            });
+            pull.stdout?.on('data', (data) => {
+                process.stderr.write(`[container] ${data.toString()}`);
+            });
+            pull.on('close', (code) => {
+                if (code === 0) {
+                    resolve();
+                }
+                else {
+                    reject(new Error(`Failed to pull image '${this.image}' (exit code ${code})`));
+                }
+            });
+            pull.on('error', (err) => {
+                reject(new Error(`Failed to pull image '${this.image}': ${err.message}`));
+            });
+        });
+    }
+    async _init() {
+        const scripts = getScriptPaths();
+        // Pull the image first (no-op if already present)
+        await this.pullImage();
+        // Start a long-lived container with the runner + worker scripts
+        const suffix = randomBytes(4).toString('hex');
+        const containerName = `codemode-executor-${suffix}`;
+        const args = [
+            'run',
+            '--rm',
+            '-i', // keep stdin open
+            '--name', containerName, // identifiable container name
+            '--network=none', // no network
+            '--read-only', // immutable rootfs
+            '--tmpfs', '/tmp:rw,noexec,nosuid,size=64m', // writable /tmp
+            '--cap-drop=ALL', // drop all capabilities
+            '--user', 'node', // run as non-root user
+            '--memory', this.memoryLimit,
+            `--cpus=${this.cpuLimit}`,
+            '--pids-limit=64', // limit process spawning
+            '-v', `${scripts.runner}:/app/container-runner.mjs:ro`, // mount runner script
+            '-v', `${scripts.worker}:/app/container-worker.mjs:ro`, // mount worker script
+            '-w', '/app',
+            this.image,
+            'node', '/app/container-runner.mjs',
+        ];
+        this.process = spawn(this.runtime, args, {
+            stdio: ['pipe', 'pipe', 'pipe'],
+        });
+        // Forward stderr for debugging
+        this.process.stderr?.on('data', (data) => {
+            process.stderr.write(`[container] ${data.toString()}`);
+        });
+        this.process.on('exit', (code) => {
+            this.ready = false;
+            this.containerId = null;
+            // Reject any pending execution
+            if (this.pendingExecution) {
+                clearTimeout(this.pendingExecution.timeoutHandle);
+                this.pendingExecution.reject(new Error(`Container exited unexpectedly with code ${code}`));
+                this.pendingExecution = null;
+            }
+        });
+        // Set up line reader on stdout
+        this.readline = createInterface({
+            input: this.process.stdout,
+            terminal: false,
+        });
+        this.readline.on('line', (line) => this.handleMessage(line));
+        // Wait for the "ready" message (generous timeout to allow image pull)
+        await new Promise((resolve, reject) => {
+            const timeout = setTimeout(() => {
+                reject(new Error('Container failed to become ready within 120s'));
+            }, 120000);
+            // Store resolve so handleMessage can call it when ready arrives
+            this.readyResolve = () => {
+                clearTimeout(timeout);
+                this.ready = true;
+                this.readyResolve = null;
+                resolve();
+            };
+            // Handle startup failure
+            this.process.on('error', (err) => {
+                clearTimeout(timeout);
+                this.readyResolve = null;
+                reject(new Error(`Failed to start container: ${err.message}`));
+            });
+        });
+    }
+    /**
+     * Handle a line of JSON from the container's stdout.
+     */
+    handleMessage(line) {
+        if (!line.trim())
+            return;
+        let msg;
+        try {
+            msg = JSON.parse(line);
+        }
+        catch {
+            process.stderr.write(`[container-executor] bad JSON from container: ${line}\n`);
+            return;
+        }
+        switch (msg.type) {
+            case 'tool-call':
+                this.handleToolCall(msg);
+                break;
+            case 'result':
+                if (this.pendingExecution && this.pendingExecution.id === msg.id) {
+                    clearTimeout(this.pendingExecution.timeoutHandle);
+                    this.pendingExecution.resolve({
+                        result: msg.result,
+                        logs: msg.logs,
+                    });
+                    this.pendingExecution = null;
+                }
+                break;
+            case 'error':
+                if (this.pendingExecution && this.pendingExecution.id === msg.id) {
+                    clearTimeout(this.pendingExecution.timeoutHandle);
+                    this.pendingExecution.resolve({
+                        result: undefined,
+                        error: msg.error,
+                        logs: msg.logs,
+                    });
+                    this.pendingExecution = null;
+                }
+                break;
+            case 'ready':
+                if (this.readyResolve) {
+                    this.readyResolve();
+                }
+                break;
+        }
+    }
+    /**
+     * Dispatch a tool call from the container to the host-side tool function.
+     */
+    async handleToolCall(msg) {
+        if (!this.pendingExecution) {
+            this.send({ type: 'tool-error', id: msg.id, error: 'No active execution context' });
+            return;
+        }
+        const fns = this.pendingExecution.fns;
+        const fn = fns[msg.name];
+        if (!fn) {
+            this.send({
+                type: 'tool-error',
+                id: msg.id,
+                error: `Tool '${msg.name}' not found. Available tools: ${Object.keys(fns).join(', ')}`,
+            });
+            return;
+        }
+        try {
+            const args = msg.args;
+            const result = await fn(...(Array.isArray(args) ? args : [args]));
+            this.send({ type: 'tool-result', id: msg.id, result });
+        }
+        catch (err) {
+            this.send({
+                type: 'tool-error',
+                id: msg.id,
+                error: err instanceof Error ? err.message : String(err),
+            });
+        }
+    }
+    /**
+     * Send a message to the container via stdin.
+     */
+    send(msg) {
+        if (!this.process?.stdin?.writable) {
+            throw new Error('Container stdin is not writable');
+        }
+        this.process.stdin.write(JSON.stringify(msg) + '\n');
+    }
+    /**
+     * Execute code inside the container.
+     */
+    async execute(code, fns) {
+        await this.init();
+        if (this.pendingExecution) {
+            return {
+                result: undefined,
+                error: 'Another execution is already in progress',
+            };
+        }
+        const id = `exec-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+        const wrappedCode = wrapCode(code);
+        return new Promise((resolve, reject) => {
+            const timeoutHandle = setTimeout(() => {
+                if (this.pendingExecution?.id === id) {
+                    this.pendingExecution = null;
+                    resolve({
+                        result: undefined,
+                        error: `Code execution timeout after ${this.timeout}ms`,
+                    });
+                }
+            }, this.timeout);
+            this.pendingExecution = { id, resolve, reject, fns, timeoutHandle };
+            this.send({ type: 'execute', id, code: wrappedCode });
+        });
+    }
+    /**
+     * Stop and clean up the container.
+     */
+    dispose() {
+        if (this.pendingExecution) {
+            clearTimeout(this.pendingExecution.timeoutHandle);
+            this.pendingExecution.reject(new Error('Executor disposed'));
+            this.pendingExecution = null;
+        }
+        if (this.process?.stdin?.writable) {
+            try {
+                this.send({ type: 'shutdown' });
+            }
+            catch {
+                // ignore
+            }
+        }
+        if (this.readline) {
+            this.readline.close();
+            this.readline = null;
+        }
+        if (this.process) {
+            this.process.kill('SIGTERM');
+            // Force kill after 5 seconds if still alive
+            const proc = this.process;
+            setTimeout(() => {
+                try {
+                    proc.kill('SIGKILL');
+                }
+                catch { /* already dead */ }
+            }, 5000);
+            this.process = null;
+        }
+        this.ready = false;
+        this.initPromise = null;
+    }
+}
+/**
+ * Factory function matching the pattern of other executors.
+ */
+export function createContainerExecutor(options) {
+    return new ContainerExecutor(options);
+}

package/dist/executor/executor-test-suite.d.ts

@@ -0,0 +1,22 @@
+import type { Executor } from '@cloudflare/codemode';
+/**
+ * Universal executor test suite
+ *
+ * This suite can be run against any Executor implementation to verify
+ * compliance with the standard interface and behavior expectations.
+ *
+ * Usage:
+ * ```typescript
+ * import { createVM2Executor } from './vm2-executor';
+ * import { createExecutorTestSuite } from './executor.test';
+ *
+ * createExecutorTestSuite('vm2', () => createVM2Executor());
+ * ```
+ */
+export interface ExecutorTestSuiteOptions {
+    /** Test names to skip (exact match against it() description) */
+    skipTests?: string[];
+    /** Per-test timeout in ms (default: vitest default) */
+    testTimeout?: number;
+}
+export declare function createExecutorTestSuite(name: string, createExecutor: () => Executor, options?: ExecutorTestSuiteOptions): void;