@zibby/cli 0.1.5

package/src/config/config.js

@@ -0,0 +1,117 @@
+/**
+ * Configuration management for Zibby CLI
+ * Stores user session and settings in ~/.zibby/config.json
+ */
+
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'fs';
+import { homedir } from 'os';
+import { join } from 'path';
+
+function getConfigDir() {
+  return process.env.ZIBBY_CONFIG_DIR || join(homedir(), '.zibby');
+}
+
+function getConfigFile() {
+  return join(getConfigDir(), 'config.json');
+}
+
+const CONFIG_DIR = join(homedir(), '.zibby');
+const CONFIG_FILE = join(CONFIG_DIR, 'config.json');
+
+/**
+ * Ensure config directory exists
+ */
+function ensureConfigDir() {
+  const dir = getConfigDir();
+  if (!existsSync(dir)) {
+    mkdirSync(dir, { recursive: true });
+  }
+}
+
+/**
+ * Load configuration from file
+ */
+export function loadConfig() {
+  try {
+    const file = getConfigFile();
+    if (existsSync(file)) {
+      const data = readFileSync(file, 'utf-8');
+      return JSON.parse(data);
+    }
+  } catch {
+    // Config file corrupt or unreadable
+  }
+  return {};
+}
+
+/**
+ * Save configuration to file
+ */
+export function saveConfig(config) {
+  ensureConfigDir();
+  writeFileSync(getConfigFile(), JSON.stringify(config, null, 2));
+}
+
+/**
+ * Get saved session token
+ */
+export function getSessionToken() {
+  const config = loadConfig();
+  return config.sessionToken || null;
+}
+
+/**
+ * Save session token to config file
+ */
+export function saveSessionToken(token) {
+  const config = loadConfig();
+  config.sessionToken = token;
+  saveConfig(config);
+}
+
+/**
+ * Get saved user info
+ */
+export function getUserInfo() {
+  const config = loadConfig();
+  return config.user || null;
+}
+
+/**
+ * Save user info to config file
+ */
+export function saveUserInfo(user) {
+  const config = loadConfig();
+  config.user = user;
+  saveConfig(config);
+}
+
+/**
+ * Check if user is logged in
+ */
+export function isLoggedIn() {
+  return getSessionToken() !== null;
+}
+
+/**
+ * Clear session (logout)
+ */
+export function clearSession() {
+  const config = loadConfig();
+  delete config.sessionToken;
+  delete config.user;
+  saveConfig(config);
+}
+
+export default {
+  loadConfig,
+  saveConfig,
+  getSessionToken,
+  saveSessionToken,
+  getUserInfo,
+  saveUserInfo,
+  isLoggedIn,
+  clearSession,
+  CONFIG_DIR,
+  CONFIG_FILE
+};

package/src/config/environments.js

@@ -0,0 +1,145 @@
+/**
+ * Environment Configuration
+ * Determines which backend API to use
+ */
+
+const ENVIRONMENTS = {
+  local: {
+    name: 'Local Development',
+    apiUrl: 'http://localhost:3001',
+    accountApiUrl: 'http://localhost:3001',
+    frontendUrl: 'http://localhost:3000',
+    description: 'Local backend running on port 3001'
+  },
+  prod: {
+    name: 'Production',
+    apiUrl: process.env.ZIBBY_PROD_API_URL || 'https://api-prod.zibby.app',
+    accountApiUrl: process.env.ZIBBY_PROD_ACCOUNT_API_URL || 'https://account-api-prod.zibby.app',
+    frontendUrl: process.env.ZIBBY_PROD_FRONTEND_URL || 'https://studio.zibby.app',
+    description: 'Production environment'
+  }
+};
+
+/**
+ * Get API URL based on environment
+ * Priority: ENV var > config > default
+ */
+function getApiUrl() {
+  let url;
+  
+  // 1. Check explicit environment variable
+  if (process.env.ZIBBY_API_URL) {
+    url = process.env.ZIBBY_API_URL;
+  } else {
+    // 2. Check environment mode
+    const env = process.env.ZIBBY_ENV || 'prod';
+    
+    if (ENVIRONMENTS[env]) {
+      url = ENVIRONMENTS[env].apiUrl;
+    } else {
+      // 3. Default to production
+      url = ENVIRONMENTS.prod.apiUrl;
+    }
+  }
+  
+  // Validate URL format for security
+  try {
+    const parsed = new URL(url);
+    
+    if (parsed.protocol !== 'http:' && parsed.protocol !== 'https:') {
+      console.error(`⚠️  Invalid API URL protocol: ${parsed.protocol} (only http/https allowed)`);
+      return ENVIRONMENTS.prod.apiUrl;
+    }
+    
+    return url;
+  } catch (_error) {
+    console.error(`⚠️  Invalid API URL: ${url}`);
+    return ENVIRONMENTS.prod.apiUrl;
+  }
+}
+
+/**
+ * Get Account API URL (collections, billing, user tokens)
+ * Separate API Gateway due to CloudFormation resource limits.
+ */
+function getAccountApiUrl() {
+  if (process.env.ZIBBY_ACCOUNT_API_URL) {
+    return process.env.ZIBBY_ACCOUNT_API_URL;
+  }
+
+  const env = process.env.ZIBBY_ENV || 'prod';
+  const config = ENVIRONMENTS[env] || ENVIRONMENTS.prod;
+  return config.accountApiUrl;
+}
+
+/**
+ * Get current environment info
+ */
+function getCurrentEnvironment() {
+  const env = process.env.ZIBBY_ENV || 'prod';
+  return ENVIRONMENTS[env] || ENVIRONMENTS.prod;
+}
+
+/**
+ * Get frontend URL based on environment
+ * Priority: ENV var > config > default
+ */
+function getFrontendUrl() {
+  let url;
+  
+  // 1. Check explicit environment variable
+  if (process.env.ZIBBY_FRONTEND_URL) {
+    url = process.env.ZIBBY_FRONTEND_URL;
+  } else {
+    // 2. Check environment mode
+    const env = process.env.ZIBBY_ENV || 'prod';
+    
+    if (ENVIRONMENTS[env]) {
+      url = ENVIRONMENTS[env].frontendUrl;
+    } else {
+      // 3. Default to production
+      url = ENVIRONMENTS.prod.frontendUrl;
+    }
+  }
+  
+  // Validate URL format for security
+  try {
+    const parsed = new URL(url);
+    
+    // Only allow http/https protocols
+    if (parsed.protocol !== 'http:' && parsed.protocol !== 'https:') {
+      console.error(`⚠️  Invalid frontend URL protocol: ${parsed.protocol} (only http/https allowed)`);
+      return ENVIRONMENTS.local.frontendUrl;
+    }
+    
+    // In production, only allow known Zibby domains or localhost
+    const isProd = process.env.NODE_ENV === 'production' || process.env.ZIBBY_ENV === 'prod';
+    if (isProd) {
+      const allowedDomains = ['zibby.app', 'studio.zibby.app', 'studio-staging.zibby.app'];
+      const hostname = parsed.hostname;
+      
+      const isAllowed = allowedDomains.some(domain => 
+        hostname === domain || hostname.endsWith(`.${domain}`)
+      );
+      
+      if (!isAllowed && !hostname.includes('localhost') && hostname !== '127.0.0.1') {
+        console.error(`⚠️  Untrusted frontend URL in production: ${hostname}`);
+        return 'https://studio.zibby.app';
+      }
+    }
+    
+    return url;
+  } catch (_error) {
+    console.error(`⚠️  Invalid frontend URL: ${url}`);
+    return ENVIRONMENTS.local.frontendUrl;
+  }
+}
+
+export {
+  ENVIRONMENTS,
+  getApiUrl,
+  getAccountApiUrl,
+  getCurrentEnvironment,
+  getFrontendUrl
+};
+

package/src/utils/execution-context.js

@@ -0,0 +1,25 @@
+export async function fetchExecutionContext(_executionId, _projectId) {
+  const presignedUrl = process.env.CONTEXT_PRESIGNED_URL;
+  if (!presignedUrl) {
+    throw new Error('CONTEXT_PRESIGNED_URL env var is required');
+  }
+
+  console.log(`📦 Fetching execution context via pre-signed URL`);
+  const response = await fetch(presignedUrl);
+  if (!response.ok) {
+    throw new Error(`Failed to fetch execution context: ${response.status}`);
+  }
+  const data = await response.json();
+
+  console.log(`   ✅ Got ticketContext (${JSON.stringify(data.ticketContext || {}).length} chars)`);
+  if (data.nodeConfigs && Object.keys(data.nodeConfigs).length > 0) {
+    console.log(`   ✅ Got nodeConfigs (${Object.keys(data.nodeConfigs).length} nodes configured)`);
+  }
+
+  return {
+    ticketContext: data.ticketContext || {},
+    nodeConfigs: data.nodeConfigs || {},
+    graphConfig: data.graphConfig || null,
+    repos: data.repos || []
+  };
+}

package/src/utils/progress-reporter.js

@@ -0,0 +1,155 @@
+import { SQSClient, SendMessageCommand } from '@aws-sdk/client-sqs';
+
+let sqsClient = null;
+
+function getSqsClient() {
+  if (!sqsClient) {
+    sqsClient = new SQSClient({ region: process.env.AWS_REGION || 'ap-southeast-2' });
+  }
+  return sqsClient;
+}
+
+export async function reportProgress(stepName, status, logs, state) {
+  const { EXECUTION_ID, SQS_AUTH_TOKEN, PROGRESS_API_URL, PROGRESS_QUEUE_URL, PROJECT_API_TOKEN } = state;
+
+  if (!EXECUTION_ID) return;
+
+  const message = {
+    executionId: EXECUTION_ID,
+    ...(SQS_AUTH_TOKEN && { sqsAuthToken: SQS_AUTH_TOKEN }),
+    step: {
+      name: stepName,
+      status,
+      logs,
+      timestamp: new Date().toISOString(),
+      ...(status === 'success' && { completedAt: new Date().toISOString() })
+    },
+    status: status === 'failed' ? 'failed' : 'running'
+  };
+
+  try {
+    if (PROGRESS_API_URL) {
+      await reportViaHttp(PROGRESS_API_URL, EXECUTION_ID, message, PROJECT_API_TOKEN);
+    } else if (PROGRESS_QUEUE_URL) {
+      await reportViaSqs(PROGRESS_QUEUE_URL, EXECUTION_ID, message);
+    }
+  } catch (error) {
+    console.error(`⚠️  Failed to send progress: ${error.message}`);
+  }
+}
+
+/**
+ * Send a single artifact (e.g. 'analysis', 'codeImplementation', 'report').
+ * Called after each node finishes so artifacts persist even if later nodes fail.
+ */
+export async function reportArtifact(state, artifactKey, artifactValue) {
+  const { EXECUTION_ID, SQS_AUTH_TOKEN, PROGRESS_API_URL, PROGRESS_QUEUE_URL, PROJECT_API_TOKEN } = state;
+  if (!EXECUTION_ID || !artifactValue) return;
+
+  const size = JSON.stringify(artifactValue).length;
+  console.log(`📦 Sending artifact: ${artifactKey} (${(size / 1024).toFixed(1)}KB)`);
+
+  const message = {
+    executionId: EXECUTION_ID,
+    ...(SQS_AUTH_TOKEN && { sqsAuthToken: SQS_AUTH_TOKEN }),
+    artifacts: { [artifactKey]: artifactValue },
+    timestamp: new Date().toISOString()
+  };
+
+  const transport = PROGRESS_API_URL ? 'HTTP' : PROGRESS_QUEUE_URL ? 'SQS' : 'NONE';
+  const msgBytes = JSON.stringify(message).length;
+  try {
+    if (PROGRESS_API_URL) {
+      await reportViaHttp(PROGRESS_API_URL, EXECUTION_ID, message, PROJECT_API_TOKEN);
+    } else if (PROGRESS_QUEUE_URL) {
+      await reportViaSqs(PROGRESS_QUEUE_URL, EXECUTION_ID, message);
+    } else {
+      console.warn(`⚠️  No transport configured for artifact ${artifactKey} — neither PROGRESS_API_URL nor PROGRESS_QUEUE_URL set`);
+      return;
+    }
+    console.log(`✅ Artifact ${artifactKey} sent via ${transport} (payload=${(msgBytes / 1024).toFixed(1)}KB, value=${(size / 1024).toFixed(1)}KB)`);
+  } catch (err) {
+    console.error(`❌ Failed to send artifact ${artifactKey} via ${transport}:`);
+    console.error(`   Payload size: ${(msgBytes / 1024).toFixed(1)}KB, Value size: ${(size / 1024).toFixed(1)}KB`);
+    console.error(`   Error: ${err.message}`);
+    if (err.name) console.error(`   Error type: ${err.name}`);
+    if (err.code) console.error(`   Error code: ${err.code}`);
+    if (msgBytes > 256 * 1024) {
+      console.error(`   ⚠️  Message exceeds SQS 256KB limit! Consider splitting or compressing.`);
+    }
+  }
+}
+
+/**
+ * Send the final execution status (completed/failed/blocked). No artifacts — those are sent per-node.
+ */
+export async function reportFinalStatus(state, { status, error }) {
+  const { EXECUTION_ID, SQS_AUTH_TOKEN, PROGRESS_API_URL, PROGRESS_QUEUE_URL, PROJECT_API_TOKEN } = state;
+
+  if (!EXECUTION_ID) return;
+
+  const message = {
+    executionId: EXECUTION_ID,
+    ...(SQS_AUTH_TOKEN && { sqsAuthToken: SQS_AUTH_TOKEN }),
+    status,
+    ...(error && { error }),
+    timestamp: new Date().toISOString()
+  };
+
+  const transport = PROGRESS_API_URL ? 'HTTP' : PROGRESS_QUEUE_URL ? 'SQS' : 'NONE';
+  const msgBytes = JSON.stringify(message).length;
+  console.log(`📊 Sending final status: ${status} via ${transport} (${(msgBytes / 1024).toFixed(1)}KB)`);
+  try {
+    if (PROGRESS_API_URL) {
+      await reportViaHttp(PROGRESS_API_URL, EXECUTION_ID, message, PROJECT_API_TOKEN);
+    } else if (PROGRESS_QUEUE_URL) {
+      const msgType = ['completed', 'failed', 'insufficient_context', 'blocked'].includes(status)
+        ? 'execution_completed' : 'progress_update';
+      await reportViaSqs(PROGRESS_QUEUE_URL, EXECUTION_ID, message, msgType);
+    } else {
+      console.warn(`⚠️  No transport configured for final status — neither PROGRESS_API_URL nor PROGRESS_QUEUE_URL set`);
+      return;
+    }
+    console.log(`✅ Final status ${status} sent via ${transport}`);
+  } catch (err) {
+    console.error(`❌ Failed to send final status (${status}) via ${transport}:`);
+    console.error(`   Payload: ${(msgBytes / 1024).toFixed(1)}KB`);
+    console.error(`   Error: ${err.message}`);
+    if (err.name) console.error(`   Error type: ${err.name}`);
+    if (err.code) console.error(`   Error code: ${err.code}`);
+  }
+}
+
+async function reportViaHttp(apiUrl, executionId, message, apiToken) {
+  const url = `${apiUrl}/${executionId}/progress`;
+  const headers = { 'Content-Type': 'application/json' };
+  if (apiToken) {
+    headers['Authorization'] = `Bearer ${apiToken}`;
+  }
+  const res = await fetch(url, {
+    method: 'POST',
+    headers,
+    body: JSON.stringify(message)
+  });
+  if (!res.ok) {
+    const body = await res.text();
+    throw new Error(`HTTP ${res.status}: ${body}`);
+  }
+}
+
+async function reportViaSqs(queueUrl, executionId, message, messageType = 'progress_update') {
+  const body = JSON.stringify(message);
+  const bodyKB = (body.length / 1024).toFixed(1);
+  if (body.length > 256 * 1024) {
+    console.error(`❌ SQS message too large: ${bodyKB}KB (limit 256KB) for ${executionId} [${messageType}]`);
+  }
+  await getSqsClient().send(new SendMessageCommand({
+    QueueUrl: queueUrl,
+    MessageBody: body,
+    MessageGroupId: executionId,
+    MessageAttributes: {
+      executionId: { DataType: 'String', StringValue: executionId },
+      messageType: { DataType: 'String', StringValue: messageType }
+    }
+  }));
+}