@simonfestl/husky-cli 1.0.0 → 1.3.0

package/dist/commands/config.js

@@ -46,12 +46,86 @@ function saveConfig(config) {
     }
     writeFileSync(CONFIG_FILE, JSON.stringify(config, null, 2));
 }
+/**
+ * Fetch role and permissions from /api/auth/whoami
+ * Caches the result in config for 1 hour
+ */
+export async function fetchAndCacheRole() {
+    const config = getConfig();
+    // Check if we have cached role that's less than 1 hour old
+    if (config.role && config.roleLastChecked) {
+        const lastChecked = new Date(config.roleLastChecked);
+        const oneHourAgo = new Date(Date.now() - 60 * 60 * 1000);
+        if (lastChecked > oneHourAgo) {
+            return { role: config.role, permissions: config.permissions };
+        }
+    }
+    // Fetch fresh role/permissions
+    if (!config.apiUrl || !config.apiKey) {
+        return {};
+    }
+    try {
+        const url = new URL("/api/auth/whoami", config.apiUrl);
+        const res = await fetch(url.toString(), {
+            headers: { "x-api-key": config.apiKey },
+        });
+        if (res.ok) {
+            const data = await res.json();
+            // Update config cache
+            config.role = data.role;
+            config.permissions = data.permissions;
+            config.roleLastChecked = new Date().toISOString();
+            saveConfig(config);
+            return { role: data.role, permissions: data.permissions };
+        }
+    }
+    catch {
+        // Ignore fetch errors, return cached or empty
+    }
+    return { role: config.role, permissions: config.permissions };
+}
+/**
+ * Check if current config has a specific permission
+ */
+export function hasPermission(permission) {
+    const config = getConfig();
+    if (!config.permissions)
+        return false;
+    // Direct match
+    if (config.permissions.includes(permission))
+        return true;
+    // Wildcard match (e.g., "task:*" matches "task:read")
+    const [resource] = permission.split(":");
+    if (config.permissions.includes(`${resource}:*`))
+        return true;
+    return false;
+}
+/**
+ * Get current role from config (may be undefined if not fetched)
+ */
+export function getRole() {
+    return getConfig().role;
+}
+/**
+ * Clear the role cache to force a refresh on next fetchAndCacheRole call
+ */
+export function clearRoleCache() {
+    const config = getConfig();
+    delete config.roleLastChecked;
+    saveConfig(config);
+}
 // Helper to set a single config value (used by interactive mode and worker identity)
 export function setConfig(key, value) {
     const config = getConfig();
     config[key] = value;
     saveConfig(config);
 }
+export function setGotessConfig(token, bookId) {
+    const config = getConfig();
+    config.gotessToken = token;
+    config.gotessBookId = bookId;
+    saveConfig(config);
+}
 export const configCommand = new Command("config")
     .description("Manage CLI configuration");
 // husky config set <key> <value>
@@ -82,6 +156,8 @@ configCommand
         // GCP
         "gcp-project-id": "gcpProjectId",
         "gcp-location": "gcpLocation",
+        "gotess-token": "gotessToken",
+        "gotess-book-id": "gotessBookId",
     };
     const configKey = keyMappings[key];
     if (!configKey) {
@@ -93,6 +169,7 @@ configCommand
         console.log("  SeaTable: seatable-api-token, seatable-server-url");
         console.log("  Qdrant:   qdrant-url, qdrant-api-key");
         console.log("  GCP:      gcp-project-id, gcp-location");
+        console.log("  Gotess:   gotess-token, gotess-book-id");
         process.exit(1);
     }
     // Validation for specific keys
@@ -107,7 +184,7 @@ configCommand
     config[configKey] = value;
     saveConfig(config);
     // Mask sensitive values in output
-    const sensitiveKeys = ["api-key", "billbee-api-key", "billbee-password", "zendesk-api-token", "seatable-api-token"];
+    const sensitiveKeys = ["api-key", "billbee-api-key", "billbee-password", "zendesk-api-token", "seatable-api-token", "gotess-token"];
     const displayValue = sensitiveKeys.includes(key) ? "***" : value;
     console.log(`✓ Set ${key} = ${displayValue}`);
 });
@@ -155,37 +232,49 @@ configCommand
     }
     console.log("Testing API connection...");
     try {
-        const url = new URL("/api/tasks", config.apiUrl);
-        const res = await fetch(url.toString(), {
-            headers: {
-                "x-api-key": config.apiKey,
-            },
+        // First test basic connectivity with /api/tasks
+        const tasksUrl = new URL("/api/tasks", config.apiUrl);
+        const tasksRes = await fetch(tasksUrl.toString(), {
+            headers: { "x-api-key": config.apiKey },
         });
-        if (res.ok) {
-            console.log(`API connection successful (API URL: ${config.apiUrl})`);
-        }
-        else if (res.status === 401) {
-            console.error(`API connection failed: Unauthorized (HTTP 401)`);
-            console.error("  Check your API key with: husky config set api-key <key>");
-            process.exit(1);
-        }
-        else if (res.status === 403) {
-            console.error(`API connection failed: Forbidden (HTTP 403)`);
-            console.error("  Your API key may not have the required permissions");
-            process.exit(1);
+        if (!tasksRes.ok) {
+            if (tasksRes.status === 401) {
+                console.error(`API connection failed: Unauthorized (HTTP 401)`);
+                console.error("  Check your API key with: husky config set api-key <key>");
+                process.exit(1);
+            }
+            else if (tasksRes.status === 403) {
+                console.error(`API connection failed: Forbidden (HTTP 403)`);
+                console.error("  Your API key may not have the required permissions");
+                process.exit(1);
+            }
+            else {
+                console.error(`API connection failed: HTTP ${tasksRes.status}`);
+                process.exit(1);
+            }
         }
-        else {
-            console.error(`API connection failed: HTTP ${res.status}`);
-            try {
-                const body = await res.json();
-                if (body.error) {
-                    console.error(`  Error: ${body.error}`);
-                }
+        console.log(`API connection successful (API URL: ${config.apiUrl})`);
+        // Now fetch role/permissions from whoami
+        const whoamiUrl = new URL("/api/auth/whoami", config.apiUrl);
+        const whoamiRes = await fetch(whoamiUrl.toString(), {
+            headers: { "x-api-key": config.apiKey },
+        });
+        if (whoamiRes.ok) {
+            const data = await whoamiRes.json();
+            // Cache the role/permissions
+            const updatedConfig = getConfig();
+            updatedConfig.role = data.role;
+            updatedConfig.permissions = data.permissions;
+            updatedConfig.roleLastChecked = new Date().toISOString();
+            saveConfig(updatedConfig);
+            console.log(`\nRBAC Info:`);
+            console.log(`  Role: ${data.role || "(not assigned)"}`);
+            if (data.permissions && data.permissions.length > 0) {
+                console.log(`  Permissions: ${data.permissions.join(", ")}`);
             }
-            catch {
-                // Ignore JSON parse errors
+            if (data.agentId) {
+                console.log(`  Agent ID: ${data.agentId}`);
             }
-            process.exit(1);
         }
     }
     catch (error) {

package/dist/commands/init.d.ts

@@ -0,0 +1,2 @@
+import { Command } from "commander";
+export declare const initCommand: Command;

package/dist/commands/init.js

@@ -0,0 +1,91 @@
+import { Command } from "commander";
+import { existsSync, writeFileSync } from "fs";
+import { join } from "path";
+import { createRequire } from "module";
+import { generateLLMContext } from "./llm-context.js";
+const require = createRequire(import.meta.url);
+const packageJson = require("../../package.json");
+const HUSKY_MD_FILENAME = "HUSKY.md";
+function generateHuskyMdContent() {
+    const timestamp = new Date().toISOString();
+    const cliRef = generateLLMContext();
+    return `<!-- 
+  Auto-generated by husky init (v${packageJson.version})
+  Generated: ${timestamp}
+  
+  This file instructs AI coding agents to use the Husky CLI.
+  Update with: husky init --force
+-->
+
+${cliRef}
+
+---
+
+## Standard Workflow for AI Agents
+
+### On Session Start
+\`\`\`bash
+husky config test    # Verify API connection
+husky worker whoami  # Confirm worker identity
+\`\`\`
+
+### When Working on a Task
+\`\`\`bash
+# 1. Get task details
+husky task get <id>
+
+# 2. Start the task (creates isolated worktree)
+husky task start <id>
+
+# 3. CD into the worktree directory (MANDATORY)
+cd <worktree-path>  # Path shown in task start output
+
+# 4. Report progress as you work
+husky task message <id> "Analyzing codebase..."
+husky task message <id> "Implementing feature X..."
+
+# 5. When done, create PR and complete
+husky worktree pr <worktree-name> -t "feat: description"
+husky task done <id> --pr <pr-url>
+\`\`\`
+
+**IMPORTANT:** After \`husky task start\`, you MUST \`cd\` into the worktree directory before making any code changes.
+
+### When Handling Customer Support
+\`\`\`bash
+# 1. Get full customer context
+husky biz customers 360 <email>
+
+# 2. Check relevant tickets
+husky biz tickets search "<customer-email>"
+
+# 3. Check order history if needed
+husky biz orders search "<order-id-or-email>"
+
+# 4. Reply with context
+husky biz tickets reply <ticket-id> "Your response..."
+\`\`\`
+`;
+}
+export const initCommand = new Command("init")
+    .description("Initialize Husky in the current directory (creates HUSKY.md)")
+    .option("-f, --force", "Overwrite existing HUSKY.md")
+    .option("-q, --quiet", "Suppress output")
+    .action((options) => {
+    const targetPath = join(process.cwd(), HUSKY_MD_FILENAME);
+    if (existsSync(targetPath) && !options.force) {
+        console.error(`Error: ${HUSKY_MD_FILENAME} already exists.`);
+        console.error("Use --force to overwrite.");
+        process.exit(1);
+    }
+    const content = generateHuskyMdContent();
+    writeFileSync(targetPath, content);
+    if (!options.quiet) {
+        console.log(`✓ Created ${HUSKY_MD_FILENAME}`);
+        console.log("");
+        console.log("  This file instructs AI agents to use the Husky CLI.");
+        console.log("  Commit it to your repository so all agents see it.");
+        console.log("");
+        console.log("  Update with: husky init --force");
+    }
+});

package/dist/commands/interactive/vm-sessions.js

@@ -140,7 +140,6 @@ async function createVMSession(config) {
             choices: [
                 { name: "Claude Code", value: "claude-code" },
                 { name: "Gemini CLI", value: "gemini-cli" },
-                { name: "Aider", value: "aider" },
                 { name: "Custom", value: "custom" },
             ],
             default: "claude-code",

package/dist/commands/llm-context.js

@@ -11,6 +11,7 @@ export function generateLLMContext() {
 > 
 > **DO NOT:**
 > - Make direct API calls to Billbee, Zendesk, or other services
+> - Make direct API calls to husky-api (use CLI instead)
 > - Bypass Husky CLI for task management
 > - Create custom integrations when Husky commands exist
 > 
@@ -18,6 +19,7 @@ export function generateLLMContext() {
 > - Use \`husky biz\` commands for business operations
 > - Use \`husky task\` commands for task lifecycle
 > - Use \`husky worktree\` for Git isolation
+> - Use \`husky chat\` commands for Google Chat communication
 > - Check \`husky config test\` before operations
 
 ---
@@ -153,6 +155,31 @@ husky worker sessions                   # List active sessions
 husky worker activity                   # Who is working on what
 \`\`\`
 
+### Chat (Google Chat Integration)
+\`\`\`bash
+husky chat reply-chat --space <space-id> "<message>"  # Send message to Google Chat
+husky chat inbox                        # Get messages from Google Chat
+husky chat inbox --unread               # Only unread messages
+husky chat pending                      # Get pending messages from user
+husky chat send "<message>"             # Send message as supervisor
+husky chat reply <messageId> "<response>"  # Reply to specific message
+husky chat review "<question>"          # Request human review via Google Chat
+husky chat review-status <reviewId>     # Check review status
+husky chat watch                        # Watch for new messages (blocking)
+\`\`\`
+
+### Agent Messaging (agent-to-agent communication)
+\`\`\`bash
+husky agent-msg send --type <type> --title "<title>"  # Send message (types: approval_request, status_update, error_report, completion, query)
+husky agent-msg list                    # List messages
+husky agent-msg list --status pending   # Filter by status
+husky agent-msg pending                 # List pending messages (for supervisor)
+husky agent-msg respond <id> --approve  # Approve request
+husky agent-msg respond <id> --reject   # Reject request
+husky agent-msg get <id>                # Get message details
+husky agent-msg wait <id>               # Wait for response (blocking)
+\`\`\`
+
 ### Utility Commands
 \`\`\`bash
 husky explain <command>                 # Explain CLI commands

package/dist/commands/preview.d.ts

@@ -0,0 +1,2 @@
+import { Command } from "commander";
+export declare const previewCommand: Command;

package/dist/commands/preview.js

@@ -0,0 +1,161 @@
+import { Command } from "commander";
+import { getConfig } from "./config.js";
+const PREVIEW_DEPLOY_TRIGGER_ID = "80b3ba55-ae74-41cd-b7d0-a477ecc357b1";
+const PREVIEW_CLEANUP_TRIGGER_ID = "965c3e86-677f-4063-b391-43019f621ea2";
+const GCP_PROJECT = process.env.GCP_PROJECT_ID || process.env.GOOGLE_CLOUD_PROJECT || "tigerv0";
+async function apiRequest(method, path, body) {
+    const config = getConfig();
+    const url = `${config.apiUrl}${path}`;
+    const response = await fetch(url, {
+        method,
+        headers: {
+            "Content-Type": "application/json",
+            "x-api-key": config.apiKey || "",
+        },
+        body: body ? JSON.stringify(body) : undefined,
+    });
+    return response;
+}
+async function triggerCloudBuild(triggerId, substitutions) {
+    const { execSync } = await import("child_process");
+    const subsArgs = Object.entries(substitutions)
+        .map(([k, v]) => `${k}=${v}`)
+        .join(",");
+    try {
+        const cmd = `gcloud builds triggers run ${triggerId} --project=${GCP_PROJECT} --branch=main --substitutions=${subsArgs} --format="value(metadata.build.id)" 2>&1`;
+        const output = execSync(cmd, { encoding: "utf-8" }).trim();
+        const buildId = output.split("\n").pop() || "";
+        return { success: true, buildId };
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        return { success: false, error: message };
+    }
+}
+export const previewCommand = new Command("preview")
+    .description("Manage PR preview deployments");
+previewCommand
+    .command("list")
+    .description("List active preview deployments")
+    .option("--json", "Output as JSON")
+    .action(async (options) => {
+    try {
+        const response = await apiRequest("GET", "/api/previews");
+        if (!response.ok) {
+            console.error(`Error: ${response.status} ${response.statusText}`);
+            process.exit(1);
+        }
+        const previews = await response.json();
+        if (options.json) {
+            console.log(JSON.stringify(previews, null, 2));
+            return;
+        }
+        if (!previews.length) {
+            console.log("No active previews");
+            return;
+        }
+        console.log("\nActive Previews:\n");
+        for (const p of previews) {
+            console.log(`  PR #${p.prNumber}${p.prTitle ? `: ${p.prTitle}` : ""}`);
+            console.log(`    Status: ${p.status}`);
+            console.log(`    Dashboard: ${p.dashboardUrl}`);
+            console.log(`    Terminal: ${p.terminalUrl}`);
+            console.log(`    Commit: ${p.commitSha.slice(0, 7)}`);
+            console.log("");
+        }
+    }
+    catch (error) {
+        console.error("Failed to fetch previews:", error);
+        process.exit(1);
+    }
+});
+previewCommand
+    .command("deploy <pr-number>")
+    .description("Deploy a preview for a PR")
+    .option("--branch <branch>", "Branch to deploy (default: from PR)")
+    .action(async (prNumber, options) => {
+    const prNum = parseInt(prNumber, 10);
+    if (isNaN(prNum) || prNum <= 0) {
+        console.error("Error: PR number must be a positive integer");
+        process.exit(1);
+    }
+    console.log(`Triggering preview deployment for PR #${prNum}...`);
+    const result = await triggerCloudBuild(PREVIEW_DEPLOY_TRIGGER_ID, {
+        _PR_NUMBER: String(prNum),
+    });
+    if (result.success) {
+        console.log(`Build started: ${result.buildId}`);
+        console.log(`\nMonitor at: https://console.cloud.google.com/cloud-build/builds/${result.buildId}?project=${GCP_PROJECT}`);
+        console.log("\nPreview URLs will be available once build completes (~5-10 min)");
+    }
+    else {
+        console.error(`Failed to trigger build: ${result.error}`);
+        process.exit(1);
+    }
+});
+previewCommand
+    .command("cleanup [pr-number]")
+    .description("Cleanup preview deployments (specific PR or all merged)")
+    .action(async (prNumber) => {
+    const substitutions = {};
+    if (prNumber) {
+        const prNum = parseInt(prNumber, 10);
+        if (isNaN(prNum) || prNum <= 0) {
+            console.error("Error: PR number must be a positive integer");
+            process.exit(1);
+        }
+        substitutions._PR_NUMBER = String(prNum);
+        console.log(`Cleaning up preview for PR #${prNum}...`);
+    }
+    else {
+        console.log("Cleaning up all merged/closed PR previews...");
+    }
+    const result = await triggerCloudBuild(PREVIEW_CLEANUP_TRIGGER_ID, substitutions);
+    if (result.success) {
+        console.log(`Cleanup started: ${result.buildId}`);
+        console.log(`\nMonitor at: https://console.cloud.google.com/cloud-build/builds/${result.buildId}?project=${GCP_PROJECT}`);
+    }
+    else {
+        console.error(`Failed to trigger cleanup: ${result.error}`);
+        process.exit(1);
+    }
+});
+previewCommand
+    .command("status <pr-number>")
+    .description("Get status of a specific preview")
+    .option("--json", "Output as JSON")
+    .action(async (prNumber, options) => {
+    const prNum = parseInt(prNumber, 10);
+    if (isNaN(prNum) || prNum <= 0) {
+        console.error("Error: PR number must be a positive integer");
+        process.exit(1);
+    }
+    try {
+        const response = await apiRequest("GET", `/api/previews/${prNum}`);
+        if (response.status === 404) {
+            console.log(`No preview found for PR #${prNum}`);
+            process.exit(0);
+        }
+        if (!response.ok) {
+            console.error(`Error: ${response.status} ${response.statusText}`);
+            process.exit(1);
+        }
+        const preview = await response.json();
+        if (options.json) {
+            console.log(JSON.stringify(preview, null, 2));
+            return;
+        }
+        console.log(`\nPreview for PR #${preview.prNumber}`);
+        if (preview.prTitle)
+            console.log(`  Title: ${preview.prTitle}`);
+        console.log(`  Status: ${preview.status}`);
+        console.log(`  Dashboard: ${preview.dashboardUrl}`);
+        console.log(`  Terminal: ${preview.terminalUrl}`);
+        console.log(`  Commit: ${preview.commitSha}`);
+        console.log(`  Created: ${new Date(preview.createdAt).toLocaleString()}`);
+    }
+    catch (error) {
+        console.error("Failed to fetch preview:", error);
+        process.exit(1);
+    }
+});

package/dist/commands/task.js

@@ -7,6 +7,7 @@ import { ensureWorkerRegistered, generateSessionId, registerSession } from "../l
 import { WorktreeManager } from "../lib/worktree.js";
 import { execSync } from "child_process";
 import { resolveProject, fetchProjects, formatProjectList } from "../lib/project-resolver.js";
+import { requirePermission } from "../lib/permissions.js";
 export const taskCommand = new Command("task")
     .description("Manage tasks");
 // Helper: Get task ID from --id flag or HUSKY_TASK_ID env var
@@ -284,6 +285,8 @@ taskCommand
     .option("--pr <url>", "Link to PR")
     .option("--skip-qa", "Skip QA review and mark as done directly")
     .action(async (id, options) => {
+    // RBAC: Only supervisor and pr_agent can set tasks to done
+    requirePermission("task:done");
     const config = getConfig();
     if (!config.apiUrl) {
         console.error("Error: API URL not configured.");

package/dist/commands/vm.js

@@ -4,6 +4,7 @@ import * as readline from "readline";
 import * as fs from "fs";
 import * as path from "path";
 import { DEFAULT_AGENT_CONFIGS, generateStartupScript, listDefaultAgentTypes, getDefaultAgentConfig, } from "../lib/agent-templates.js";
+import { requirePermission } from "../lib/permissions.js";
 export const vmCommand = new Command("vm").description("Manage VM sessions");
 // Helper: Ensure API is configured
 function ensureConfig() {
@@ -80,7 +81,7 @@ vmCommand
     .description("List all VM sessions")
     .option("--json", "Output as JSON")
     .option("--status <status>", "Filter by status (pending, starting, running, completed, failed, terminated)")
-    .option("--agent <agent>", "Filter by agent type (claude-code, gemini-cli, aider, custom)")
+    .option("--agent <agent>", "Filter by agent type (claude-code, gemini-cli, custom)")
     .action(async (options) => {
     const config = ensureConfig();
     try {
@@ -117,7 +118,7 @@ vmCommand
     .command("create <name>")
     .description("Create a new VM session")
     .option("-p, --prompt <prompt>", "Initial prompt for the agent")
-    .option("--agent <agent>", "Agent type (claude-code, gemini-cli, aider, custom)", "gemini-cli")
+    .option("--agent <agent>", "Agent type (claude-code, gemini-cli, custom)", "gemini-cli")
     .option("-t, --type <type>", "Business agent type (support, accounting, marketing, research)")
     .option("--config <configId>", "VM config to use")
     .option("--project <projectId>", "Link to project")
@@ -128,6 +129,8 @@ vmCommand
     .option("--zone <zone>", "GCP zone", "europe-west1-b")
     .option("--json", "Output as JSON")
     .action(async (name, options) => {
+    // RBAC: Only supervisor and devops can create VMs
+    requirePermission("vm:create");
     const config = ensureConfig();
     const validBusinessTypes = [
         "support",
@@ -356,6 +359,8 @@ vmCommand
     .description("Start/provision the VM")
     .option("--json", "Output as JSON")
     .action(async (id, options) => {
+    // RBAC: Only supervisor and devops can start VMs
+    requirePermission("vm:manage");
     const config = ensureConfig();
     console.log("Starting VM provisioning...");
     console.log("This may take a few minutes...\n");

package/dist/index.js

@@ -21,9 +21,12 @@ import { worktreeCommand } from "./commands/worktree.js";
 import { workerCommand } from "./commands/worker.js";
 import { bizCommand } from "./commands/biz.js";
 import { printLLMContext, llmCommand } from "./commands/llm-context.js";
+import { agentMsgCommand } from "./commands/agent-msg.js";
 import { runInteractiveMode } from "./commands/interactive.js";
 import { serviceAccountCommand } from "./commands/service-account.js";
 import { chatCommand } from "./commands/chat.js";
+import { previewCommand } from "./commands/preview.js";
+import { initCommand } from "./commands/init.js";
 // Read version from package.json
 const require = createRequire(import.meta.url);
 const packageJson = require("../package.json");
@@ -54,7 +57,10 @@ program.addCommand(workerCommand);
 program.addCommand(bizCommand);
 program.addCommand(serviceAccountCommand);
 program.addCommand(chatCommand);
+program.addCommand(previewCommand);
 program.addCommand(llmCommand);
+program.addCommand(initCommand);
+program.addCommand(agentMsgCommand);
 // Handle --llm flag specially
 if (process.argv.includes("--llm")) {
     printLLMContext();