@samahlstrom/forge-cli 0.1.0

package/templates/core/pipeline/orchestrator.sh.hbs

@@ -0,0 +1,361 @@
+#!/usr/bin/env bash
+# forge pipeline orchestrator — main state machine
+# Generated by: forge init
+# Uses bd (steveyegge/beads) for task tracking
+set -euo pipefail
+
+FORGE_DIR=".forge"
+PIPELINE_DIR="${FORGE_DIR}/pipeline"
+CONFIG_FILE="${FORGE_DIR}/forge.yaml"
+INTAKE="${PIPELINE_DIR}/intake.sh"
+CLASSIFY="${PIPELINE_DIR}/classify.sh"
+VERIFY="${PIPELINE_DIR}/verify.sh"
+DELIVER="${PIPELINE_DIR}/deliver.sh"
+PROMPTS_DIR="${PIPELINE_DIR}"
+
+# --- Helpers ---
+
+emit_json() {
+  echo "$1"
+}
+
+emit_pause() {
+  local task="$1" prompt_file="$2" output_file="$3" resume_stage="$4" task_id="$5"
+  shift 5
+  local ctx_files=("$@")
+  local ctx_json
+  ctx_json=$(printf '%s\n' "${ctx_files[@]}" | jq -R . | jq -s .)
+  jq -n \
+    --arg status "PAUSE" \
+    --arg task "$task" \
+    --arg prompt_file "$prompt_file" \
+    --arg output_file "$output_file" \
+    --argjson context "$ctx_json" \
+    --arg resume "bash ${PIPELINE_DIR}/orchestrator.sh --resume ${task_id} --stage ${resume_stage}" \
+    '{status:$status, task:$task, prompt_file:$prompt_file, output_file:$output_file, context:$context, resume:$resume}'
+}
+
+emit_human_input() {
+  local question="$1" task_id="$2"
+  shift 2
+  local options=("$@")
+  local opts_json
+  opts_json=$(printf '%s\n' "${options[@]}" | jq -R . | jq -s .)
+  jq -n \
+    --arg status "HUMAN_INPUT" \
+    --arg question "$question" \
+    --argjson options "$opts_json" \
+    --arg resume "bash ${PIPELINE_DIR}/orchestrator.sh --resume ${task_id} --answer \"\${idx}\"" \
+    '{status:$status, question:$question, options:$options, resume:$resume}'
+}
+
+emit_done() {
+  local pr_url="$1" branch="$2" summary="$3"
+  jq -n \
+    --arg status "DONE" \
+    --arg pr_url "$pr_url" \
+    --arg branch "$branch" \
+    --arg summary "$summary" \
+    '{status:$status, pr_url:$pr_url, branch:$branch, summary:$summary}'
+}
+
+emit_error() {
+  local stage="$1" error="$2" debug_file="${3:-}" action="${4:-}"
+  jq -n \
+    --arg status "ERROR" \
+    --arg stage "$stage" \
+    --arg error "$error" \
+    --arg debug_file "$debug_file" \
+    --arg action "$action" \
+    '{status:$status, stage:$stage, error:$error, debug_file:$debug_file, action:$action}'
+}
+
+read_config() {
+  local key="$1"
+  local file="$CONFIG_FILE"
+  if [[ ! -f "$file" ]]; then
+    echo ""
+    return
+  fi
+  if [[ "$key" == *.* ]]; then
+    local section="${key%%.*}"
+    local subkey="${key#*.}"
+    sed -n "/^${section}:/,/^[^ ]/p" "$file" | grep "^  ${subkey}:" | head -1 | sed 's/^[^:]*: *//' | sed 's/^ *"//' | sed 's/" *$//'
+  else
+    grep "^${key}:" "$file" | head -1 | sed 's/^[^:]*: *//' | sed 's/^ *"//' | sed 's/" *$//'
+  fi
+}
+
+# --- bd helpers ---
+
+bd_get_field() {
+  local task_id="$1" field="$2"
+  bd show "$task_id" --json 2>/dev/null | jq -r ".${field} // empty"
+}
+
+bd_get_label() {
+  local task_id="$1" label_prefix="$2"
+  bd show "$task_id" --json 2>/dev/null | jq -r ".labels[]? // empty" | grep "^${label_prefix}:" | head -1 | sed "s/^${label_prefix}://"
+}
+
+# --- Stage Functions ---
+
+stage_intake() {
+  local args=("$@")
+  local intake_result
+  intake_result=$(bash "$INTAKE" "${args[@]}") || {
+    emit_error "intake" "Intake parsing failed" "" "bash ${INTAKE} ${args[*]}"
+    exit 1
+  }
+
+  local title description source mode quality_score
+  title=$(echo "$intake_result" | jq -r '.title')
+  description=$(echo "$intake_result" | jq -r '.description')
+  source=$(echo "$intake_result" | jq -r '.source')
+  mode=$(echo "$intake_result" | jq -r '.mode')
+  quality_score=$(echo "$intake_result" | jq -r '.quality_score')
+
+  # Create task in bd
+  local task_id
+  task_id=$(echo "$description" | bd create "$title" --stdin -l "mode:${mode},source:${source}" --json 2>/dev/null | jq -r '.id') || {
+    emit_error "intake" "Failed to create task in bd" "" ""
+    exit 1
+  }
+
+  # Store intake result alongside the task
+  local task_dir="${FORGE_DIR}/pipeline/runs/${task_id}"
+  mkdir -p "$task_dir"
+  echo "$intake_result" > "${task_dir}/intake.json"
+
+  echo "$task_id|$quality_score|$mode"
+}
+
+stage_quality_gate() {
+  local task_id="$1" quality_score="$2"
+  local threshold
+  threshold=$(read_config "quality_threshold")
+  threshold="${threshold:-0.4}"
+
+  if (( $(echo "$quality_score < $threshold" | bc -l) )); then
+    emit_human_input \
+      "Work description scored ${quality_score} (threshold: ${threshold}). The description may be too vague. Would you like to:" \
+      "$task_id" \
+      "Continue anyway" \
+      "Provide more detail" \
+      "Cancel"
+    exit 0
+  fi
+}
+
+stage_classify() {
+  local task_id="$1"
+  local description
+  description=$(bd_get_field "$task_id" "description")
+
+  local classify_result
+  classify_result=$(bash "$CLASSIFY" "$description") || {
+    emit_error "classify" "Classification failed" "" ""
+    exit 1
+  }
+
+  local tier reason
+  tier=$(echo "$classify_result" | jq -r '.tier')
+  reason=$(echo "$classify_result" | jq -r '.reason')
+
+  # Add tier as a label
+  bd update "$task_id" -l "tier:${tier}" 2>/dev/null
+
+  echo "$tier"
+}
+
+stage_decompose_check() {
+  local task_id="$1" tier="$2" mode="$3"
+  local decompose_threshold
+  decompose_threshold=$(read_config "decompose_threshold")
+  decompose_threshold="${decompose_threshold:-T2}"
+
+  if [[ "$mode" == "quick" || "$mode" == "hotfix" ]]; then
+    echo "skip"
+    return
+  fi
+
+  if [[ "$tier" == "T1" && "$decompose_threshold" != "T1" ]]; then
+    echo "skip"
+    return
+  fi
+
+  echo "decompose"
+}
+
+stage_decompose() {
+  local task_id="$1"
+  local task_dir="${FORGE_DIR}/pipeline/runs/${task_id}"
+  local output_file="${task_dir}/decomposition.json"
+  mkdir -p "$task_dir"
+
+  # Claim the task
+  bd update "$task_id" --claim 2>/dev/null
+
+  emit_pause \
+    "decompose" \
+    "${PROMPTS_DIR}/decompose.md" \
+    "$output_file" \
+    "execute" \
+    "$task_id" \
+    "{{stackFile}}" "{{projectFile}}"
+  exit 0
+}
+
+stage_execute() {
+  local task_id="$1"
+  local task_dir="${FORGE_DIR}/pipeline/runs/${task_id}"
+  local output_file="${task_dir}/execution.json"
+  mkdir -p "$task_dir"
+
+  # Ensure task is claimed/in-progress
+  bd update "$task_id" --claim 2>/dev/null
+
+  emit_pause \
+    "execute" \
+    "${PROMPTS_DIR}/execute.md" \
+    "$output_file" \
+    "verify" \
+    "$task_id" \
+    "{{stackFile}}" "{{projectFile}}"
+  exit 0
+}
+
+stage_verify() {
+  local task_id="$1" tier="$2"
+
+  local verify_result
+  verify_result=$(bash "$VERIFY" "$task_id" "$tier") || true
+
+  local passed
+  passed=$(echo "$verify_result" | jq -r '.passed // false')
+
+  if [[ "$passed" != "true" ]]; then
+    local failed_check
+    failed_check=$(echo "$verify_result" | jq -r '.failed_check // "unknown"')
+
+    local task_dir="${FORGE_DIR}/pipeline/runs/${task_id}"
+    local debug_file="${task_dir}/verify-failure.json"
+    mkdir -p "$task_dir"
+    echo "$verify_result" > "$debug_file"
+
+    emit_error "verify" "Check failed: ${failed_check}" "$debug_file" \
+      "bash ${PIPELINE_DIR}/orchestrator.sh --resume ${task_id} --stage verify"
+    exit 1
+  fi
+}
+
+stage_deliver() {
+  local task_id="$1"
+
+  local deliver_result
+  deliver_result=$(bash "$DELIVER" "$task_id") || {
+    emit_error "deliver" "Delivery failed" "" ""
+    exit 1
+  }
+
+  local pr_url branch
+  pr_url=$(echo "$deliver_result" | jq -r '.pr_url // ""')
+  branch=$(echo "$deliver_result" | jq -r '.branch // ""')
+
+  if [[ -z "$pr_url" ]]; then
+    echo "$deliver_result"
+    exit 0
+  fi
+
+  local title
+  title=$(bd_get_field "$task_id" "title")
+
+  # Close the task in bd
+  bd close "$task_id" --reason "Delivered: PR ${pr_url}" 2>/dev/null
+  emit_done "$pr_url" "$branch" "Delivered: ${title}"
+}
+
+# --- Main ---
+
+RESUME_ID=""
+RESUME_STAGE=""
+ANSWER=""
+INPUT_ARGS=()
+
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    --resume)
+      RESUME_ID="$2"; shift 2 ;;
+    --stage)
+      RESUME_STAGE="$2"; shift 2 ;;
+    --answer)
+      ANSWER="$2"; shift 2 ;;
+    *)
+      INPUT_ARGS+=("$1"); shift ;;
+  esac
+done
+
+# Resume mode
+if [[ -n "$RESUME_ID" && -n "$RESUME_STAGE" ]]; then
+  task_id="$RESUME_ID"
+  tier=$(bd_get_label "$task_id" "tier")
+  tier="${tier:-T1}"
+  mode=$(bd_get_label "$task_id" "mode")
+  mode="${mode:-normal}"
+
+  case "$RESUME_STAGE" in
+    execute)    stage_execute "$task_id" ;;
+    verify)     stage_verify "$task_id" "$tier" ;;
+    deliver)    stage_deliver "$task_id" ;;
+    *)          emit_error "resume" "Unknown stage: ${RESUME_STAGE}" "" ""; exit 1 ;;
+  esac
+  exit 0
+fi
+
+# Handle quality gate answer
+if [[ -n "$RESUME_ID" && -n "$ANSWER" ]]; then
+  task_id="$RESUME_ID"
+  case "$ANSWER" in
+    0) ;; # Continue anyway
+    1) emit_error "quality-gate" "User chose to provide more detail" "" ""; exit 0 ;;
+    2) bd close "$task_id" --reason "Cancelled by user" 2>/dev/null; emit_error "quality-gate" "Cancelled by user" "" ""; exit 0 ;;
+  esac
+  tier=$(stage_classify "$task_id")
+  mode=$(bd_get_label "$task_id" "mode")
+  mode="${mode:-normal}"
+  decompose_decision=$(stage_decompose_check "$task_id" "$tier" "$mode")
+  if [[ "$decompose_decision" == "decompose" ]]; then
+    stage_decompose "$task_id"
+  fi
+  stage_execute "$task_id"
+  exit 0
+fi
+
+# Fresh run
+if [[ ${#INPUT_ARGS[@]} -eq 0 ]]; then
+  emit_error "intake" "No work description provided" "" "forge work \"<description>\""
+  exit 1
+fi
+
+# Stage: intake
+intake_output=$(stage_intake "${INPUT_ARGS[@]}")
+task_id=$(echo "$intake_output" | cut -d'|' -f1)
+quality_score=$(echo "$intake_output" | cut -d'|' -f2)
+mode=$(echo "$intake_output" | cut -d'|' -f3)
+
+# Stage: quality-gate
+stage_quality_gate "$task_id" "$quality_score"
+
+# Stage: classify
+tier=$(stage_classify "$task_id")
+
+# Stage: decompose-check
+decompose_decision=$(stage_decompose_check "$task_id" "$tier" "$mode")
+
+# Stage: decompose (if needed)
+if [[ "$decompose_decision" == "decompose" ]]; then
+  stage_decompose "$task_id"
+fi
+
+# Stage: execute
+stage_execute "$task_id"

package/templates/core/pipeline/verify.sh.hbs

@@ -0,0 +1,160 @@
+#!/usr/bin/env bash
+# forge pipeline — verify: run verification checks against task
+# Generated by: forge init
+set -euo pipefail
+
+FORGE_DIR=".forge"
+CONFIG_FILE="${FORGE_DIR}/forge.yaml"
+
+TASK_ID="${1:-}"
+TIER="${2:-T1}"
+
+if [[ -z "$TASK_ID" ]]; then
+  echo '{"error":"Usage: verify.sh <task-id> <tier>"}' >&2
+  exit 1
+fi
+
+# --- Config reading ---
+
+read_config() {
+  local key="$1"
+  local file="$CONFIG_FILE"
+  if [[ ! -f "$file" ]]; then
+    echo ""
+    return
+  fi
+  if [[ "$key" == *.* ]]; then
+    local section="${key%%.*}"
+    local subkey="${key#*.}"
+    sed -n "/^${section}:/,/^[^ ]/p" "$file" | grep "^  ${subkey}:" | head -1 | sed 's/^[^:]*: *//' | sed 's/^ *"//' | sed 's/" *$//'
+  else
+    grep "^${key}:" "$file" | head -1 | sed 's/^[^:]*: *//' | sed 's/^ *"//' | sed 's/" *$//'
+  fi
+}
+
+read_config_bool() {
+  local val
+  val=$(read_config "$1")
+  [[ "$val" == "true" || "$val" == "yes" || "$val" == "1" ]]
+}
+
+# --- Check definitions ---
+
+CMD_TYPECHECK="{{commands.typecheck}}"
+CMD_LINT="{{commands.lint}}"
+CMD_TEST="{{commands.test}}"
+
+# Fallbacks if template vars are empty
+CMD_TYPECHECK="${CMD_TYPECHECK:-npm run check}"
+CMD_LINT="${CMD_LINT:-npm run lint}"
+CMD_TEST="${CMD_TEST:-npx vitest run}"
+
+# Optional checks from config
+CMD_COVERAGE=$(read_config "commands.coverage")
+CMD_SECURITY=$(read_config "commands.security")
+CMD_ANTIPATTERN=$(read_config "commands.antipatterns")
+
+ENABLE_COVERAGE=$(read_config "verify.coverage")
+ENABLE_SECURITY=$(read_config "verify.security")
+ENABLE_ANTIPATTERN=$(read_config "verify.antipatterns")
+
+# --- Run a single check ---
+
+RESULTS=()
+PASSED=true
+FAILED_CHECK=""
+FAILED_STDERR=""
+
+run_check() {
+  local name="$1"
+  local cmd="$2"
+  local required="${3:-true}"
+
+  if [[ -z "$cmd" ]]; then
+    RESULTS+=("{\"check\":\"${name}\",\"status\":\"skipped\",\"reason\":\"no command configured\"}")
+    return 0
+  fi
+
+  local start_time
+  start_time=$(date +%s)
+
+  local stderr_file
+  stderr_file=$(mktemp)
+  local exit_code=0
+  eval "$cmd" 2>"$stderr_file" >/dev/null || exit_code=$?
+
+  local end_time
+  end_time=$(date +%s)
+  local duration=$((end_time - start_time))
+
+  if [[ $exit_code -eq 0 ]]; then
+    RESULTS+=("{\"check\":\"${name}\",\"status\":\"passed\",\"duration_s\":${duration}}")
+    rm -f "$stderr_file"
+    return 0
+  else
+    local stderr_content
+    stderr_content=$(cat "$stderr_file" | head -50 | jq -Rs .)
+    rm -f "$stderr_file"
+
+    RESULTS+=("{\"check\":\"${name}\",\"status\":\"failed\",\"exit_code\":${exit_code},\"duration_s\":${duration},\"stderr\":${stderr_content}}")
+
+    if [[ "$required" == "true" ]]; then
+      PASSED=false
+      FAILED_CHECK="$name"
+      FAILED_STDERR=$(echo "$stderr_content" | jq -r .)
+      return 1
+    fi
+    return 0
+  fi
+}
+
+# --- Execute checks sequentially ---
+
+# 1. Typecheck (always required)
+run_check "typecheck" "$CMD_TYPECHECK" "true" || true
+
+# 2. Lint (always required)
+if [[ "$PASSED" == "true" ]]; then
+  run_check "lint" "$CMD_LINT" "true" || true
+fi
+
+# 3. Tests (always required)
+if [[ "$PASSED" == "true" ]]; then
+  run_check "test" "$CMD_TEST" "true" || true
+fi
+
+# 4. Coverage (optional, T2+ only)
+if [[ "$PASSED" == "true" && "$ENABLE_COVERAGE" == "true" && ("$TIER" == "T2" || "$TIER" == "T3") ]]; then
+  run_check "coverage" "$CMD_COVERAGE" "false" || true
+fi
+
+# 5. Security scan (optional, T3 only)
+if [[ "$PASSED" == "true" && "$ENABLE_SECURITY" == "true" && "$TIER" == "T3" ]]; then
+  run_check "security" "$CMD_SECURITY" "true" || true
+fi
+
+# 6. Anti-pattern check (optional)
+if [[ "$PASSED" == "true" && "$ENABLE_ANTIPATTERN" == "true" ]]; then
+  run_check "antipatterns" "$CMD_ANTIPATTERN" "false" || true
+fi
+
+# --- Build results JSON ---
+
+RESULTS_JSON=$(printf '%s\n' "${RESULTS[@]}" | jq -s '.')
+
+if [[ "$PASSED" == "true" ]]; then
+  jq -n \
+    --argjson passed true \
+    --argjson checks "$RESULTS_JSON" \
+    --arg tier "$TIER" \
+    '{passed:$passed, tier:$tier, checks:$checks}'
+else
+
+  jq -n \
+    --argjson passed false \
+    --arg failed_check "$FAILED_CHECK" \
+    --arg stderr "$FAILED_STDERR" \
+    --argjson checks "$RESULTS_JSON" \
+    --arg tier "$TIER" \
+    '{passed:$passed, failed_check:$failed_check, stderr:$stderr, tier:$tier, checks:$checks}'
+fi

package/templates/core/settings.json.hbs

@@ -0,0 +1,55 @@
+{
+	"permissions": {
+		"allow": [
+			"Read",
+			"Edit",
+			"Write",
+			"Glob",
+			"Grep",
+			"WebFetch",
+			"Bash(npm run *)",
+			"Bash(npx *)",
+			"Bash(git *)",
+			"Bash(gh *)",
+			"Bash(bash .forge/*)",
+			"Bash(ls *)",
+			"Bash(mkdir *)",
+			"Bash(cat *)",
+			"Bash(head *)",
+			"Bash(tail *)",
+			"Bash(wc *)",
+			"Bash(find *)",
+			"Bash(which *)",
+			"Bash(echo *)",
+			"Bash(sort *)",
+			"Bash(diff *)",
+			"Bash(cp *)",
+			"Bash(mv *)",
+			"Bash(touch *)",
+			"Bash(chmod *)",
+			"Bash(jq *)"
+		]
+	},
+	"hooks": {
+		"SessionStart": [
+			{
+				"command": "bash .forge/hooks/session-start.sh",
+				"timeout": 10000
+			}
+		],
+		"PreToolUse": [
+			{
+				"matcher": "Edit|Write",
+				"command": "bash .forge/hooks/pre-edit.sh",
+				"timeout": 5000
+			}
+		],
+		"PostToolUse": [
+			{
+				"matcher": "Edit|Write",
+				"command": "bash .forge/hooks/post-edit.sh",
+				"timeout": 5000
+			}
+		]
+	}
+}