abapgit-agent 1.10.1 → 1.11.1

package/src/config.js

@@ -34,7 +34,8 @@ function loadConfig() {
       language: process.env.ABAP_LANGUAGE || 'EN',
       gitUsername: process.env.GIT_USERNAME,
       gitPassword: process.env.GIT_PASSWORD,
-      transport: process.env.ABAP_TRANSPORT
+      transport: process.env.ABAP_TRANSPORT,
+      protocol: process.env.ABAP_PROTOCOL || 'https'
     };
   }
 
@@ -51,7 +52,8 @@ function getAbapConfig() {
     password: cfg.password,
     language: cfg.language || 'EN',
     gitUsername: cfg.gitUsername || process.env.GIT_USERNAME,
-    gitPassword: cfg.gitPassword || process.env.GIT_PASSWORD
+    gitPassword: cfg.gitPassword || process.env.GIT_PASSWORD,
+    protocol: cfg.protocol || process.env.ABAP_PROTOCOL || 'https'
   };
 }
 
@@ -141,6 +143,62 @@ function getProjectInfo() {
   return projectConfig?.project || null;
 }
 
+/**
+ * Get conflict detection configuration from project-level config
+ * Precedence: CLI flag > project config > default ('abort')
+ * @returns {Object} Conflict detection config with mode and reason
+ */
+function getConflictSettings() {
+  const projectConfig = loadProjectConfig();
+
+  if (projectConfig?.conflictDetection) {
+    const validModes = ['ignore', 'abort'];
+    const mode = projectConfig.conflictDetection.mode;
+    if (mode && !validModes.includes(mode)) {
+      console.warn(`⚠️  Warning: Invalid conflictDetection.mode '${mode}' in .abapgit-agent.json. Must be one of: ${validModes.join(', ')}. Falling back to 'abort'.`);
+      return { mode: 'abort', reason: null };
+    }
+    return {
+      mode: mode || 'abort',
+      reason: projectConfig.conflictDetection.reason || null
+    };
+  }
+
+  // Default: abort (conflict detection on by default)
+  return { mode: 'abort', reason: null };
+}
+
+/**
+ * Get transport hook configuration from project-level config
+ * @returns {{ hook: string|null, description: string|null }}
+ */
+function getTransportHookConfig() {
+  const projectConfig = loadProjectConfig();
+  if (projectConfig?.transports?.hook) {
+    return {
+      hook: projectConfig.transports.hook.path || null,
+      description: projectConfig.transports.hook.description || null
+    };
+  }
+  return { hook: null, description: null };
+}
+
+/**
+ * Get transport operation settings from project-level config
+ * @returns {{ allowCreate: boolean, allowRelease: boolean, reason: string|null }}
+ */
+function getTransportSettings() {
+  const projectConfig = loadProjectConfig();
+  if (projectConfig?.transports) {
+    return {
+      allowCreate:  projectConfig.transports.allowCreate  !== false,
+      allowRelease: projectConfig.transports.allowRelease !== false,
+      reason:       projectConfig.transports.reason || null
+    };
+  }
+  return { allowCreate: true, allowRelease: true, reason: null };
+}
+
 module.exports = {
   loadConfig,
   getAbapConfig,
@@ -150,5 +208,8 @@ module.exports = {
   getWorkflowConfig,
   getSafeguards,
   getProjectInfo,
-  loadProjectConfig
+  getConflictSettings,
+  loadProjectConfig,
+  getTransportHookConfig,
+  getTransportSettings
 };

package/src/utils/abap-http.js

@@ -129,7 +129,7 @@ class AbapHttp {
    * @returns {Promise<string>} CSRF token
    */
   async fetchCsrfToken() {
-    const url = new URL(`/sap/bc/z_abapgit_agent/health`, `https://${this.config.host}:${this.config.sapport}`);
+    const url = new URL(`/sap/bc/z_abapgit_agent/health`, `${this.config.protocol || 'https'}://${this.config.host}:${this.config.sapport}`);
 
     return new Promise((resolve, reject) => {
       const options = {
@@ -144,10 +144,10 @@ class AbapHttp {
           'X-CSRF-Token': 'fetch',
           'Content-Type': 'application/json'
         },
-        agent: new https.Agent({ rejectUnauthorized: false })
+        agent: this.config.protocol === 'http' ? undefined : new https.Agent({ rejectUnauthorized: false })
       };
 
-      const req = https.request(options, (res) => {
+      const req = (this.config.protocol === 'http' ? http : https).request(options, (res) => {
         const csrfToken = res.headers['x-csrf-token'];
 
         // Save cookies from response
@@ -222,7 +222,7 @@ class AbapHttp {
    */
   async _makeRequest(method, urlPath, data = null, options = {}) {
     return new Promise((resolve, reject) => {
-      const url = new URL(urlPath, `https://${this.config.host}:${this.config.sapport}`);
+      const url = new URL(urlPath, `${this.config.protocol || 'https'}://${this.config.host}:${this.config.sapport}`);
 
       const headers = {
         'Content-Type': 'application/json',
@@ -250,7 +250,7 @@ class AbapHttp {
         path: url.pathname + url.search,
         method,
         headers,
-        agent: new https.Agent({ rejectUnauthorized: false })
+        agent: this.config.protocol === 'http' ? undefined : new https.Agent({ rejectUnauthorized: false })
       };
 
       const req = (url.protocol === 'https:' ? https : http).request(reqOptions, (res) => {

package/src/utils/adt-http.js

@@ -75,7 +75,7 @@ class AdtHttp {
    */
   async fetchCsrfToken() {
     return new Promise((resolve, reject) => {
-      const url = new URL('/sap/bc/adt/discovery', `https://${this.config.host}:${this.config.sapport}`);
+      const url = new URL('/sap/bc/adt/discovery', `${this.config.protocol || 'https'}://${this.config.host}:${this.config.sapport}`);
       const options = {
         hostname: url.hostname,
         port: url.port,
@@ -88,10 +88,10 @@ class AdtHttp {
           'X-CSRF-Token': 'fetch',
           'Accept': 'application/atomsvc+xml'
         },
-        agent: new https.Agent({ rejectUnauthorized: false })
+        agent: this.config.protocol === 'http' ? undefined : new https.Agent({ rejectUnauthorized: false })
       };
 
-      const req = https.request(options, (res) => {
+      const req = (this.config.protocol === 'http' ? http : https).request(options, (res) => {
         const csrfToken = res.headers['x-csrf-token'];
         const setCookie = res.headers['set-cookie'];
         if (setCookie) {
@@ -140,7 +140,7 @@ class AdtHttp {
 
   async _makeRequest(method, urlPath, body = null, options = {}) {
     return new Promise((resolve, reject) => {
-      const url = new URL(urlPath, `https://${this.config.host}:${this.config.sapport}`);
+      const url = new URL(urlPath, `${this.config.protocol || 'https'}://${this.config.host}:${this.config.sapport}`);
 
       const headers = {
         'Content-Type': options.contentType || 'application/atom+xml',
@@ -169,7 +169,7 @@ class AdtHttp {
         path: url.pathname + url.search,
         method,
         headers,
-        agent: new https.Agent({ rejectUnauthorized: false })
+        agent: this.config.protocol === 'http' ? undefined : new https.Agent({ rejectUnauthorized: false })
       };
 
       const req = (url.protocol === 'https:' ? https : http).request(reqOptions, (res) => {
@@ -272,7 +272,7 @@ class AdtHttp {
    */
   async postFire(urlPath, body = null, options = {}) {
     return new Promise((resolve, reject) => {
-      const url = new URL(urlPath, `https://${this.config.host}:${this.config.sapport}`);
+      const url = new URL(urlPath, `${this.config.protocol || 'https'}://${this.config.host}:${this.config.sapport}`);
 
       const headers = {
         'Content-Type': options.contentType || 'application/atom+xml',
@@ -301,7 +301,7 @@ class AdtHttp {
         path: url.pathname + url.search,
         method: 'POST',
         headers,
-        agent: new https.Agent({ rejectUnauthorized: false })
+        agent: this.config.protocol === 'http' ? undefined : new https.Agent({ rejectUnauthorized: false })
       };
 
       const req = (url.protocol === 'https:' ? https : http).request(reqOptions, (_res) => {

package/src/utils/debug-daemon.js

@@ -67,6 +67,17 @@ async function startDaemon(config, sessionId, socketPath, snapshot) {
 
   const session = new DebugSession(adt, sessionId);
 
+  // Pin the SAP_SESSIONID so _restorePinnedSession() works inside the daemon.
+  // DebugSession.attach() normally sets pinnedSessionId, but the daemon skips
+  // attach() and reconstructs the session from the snapshot.  Without this,
+  // any CSRF refresh that AdtHttp performs internally (401/403 retry → HEAD
+  // request → new Set-Cookie) silently overwrites the session cookie and routes
+  // subsequent IPC calls to the wrong ABAP work process → HTTP 400.
+  if (snapshot && snapshot.cookies) {
+    const m = snapshot.cookies.match(/SAP_SESSIONID=([^;]*)/);
+    if (m) session.pinnedSessionId = m[1];
+  }
+
   // Remove stale socket file from a previous crash
   try { fs.unlinkSync(socketPath); } catch (e) { /* ignore ENOENT */ }
 
@@ -85,6 +96,17 @@ async function startDaemon(config, sessionId, socketPath, snapshot) {
     process.exit(code || 0);
   }
 
+  // On SIGTERM (e.g. pkill from ensure_breakpoint cleanup), attempt to release
+  // the frozen ABAP work process before exiting.  Without this, killing the
+  // daemon leaves the work process paused at the breakpoint until SAP's own
+  // session-timeout fires (up to several minutes).
+  process.once('SIGTERM', async () => {
+    try {
+      await session.terminate();
+    } catch (e) { /* ignore — best effort */ }
+    cleanupAndExit(0);
+  });
+
   const server = net.createServer((socket) => {
     resetIdle();
     let buf = '';

package/src/utils/debug-repl.js

@@ -76,6 +76,11 @@ async function startRepl(session, initialState, onBeforeExit) {
 
   renderState(position, source, variables);
 
+  // Keep the ADT stateful session alive with periodic getStack() pings.
+  // SAP's ICM drops session affinity after ~60 s of idle, causing stepContinue
+  // to route to the wrong work process (HTTP 400) when the user eventually quits.
+  session.startKeepalive();
+
   const rl = readline.createInterface({
     input: process.stdin,
     output: process.stdout,
@@ -178,6 +183,7 @@ async function startRepl(session, initialState, onBeforeExit) {
 
       } else if (cmd === 'q' || cmd === 'quit') {
         console.log('\n  Detaching debugger — program will continue running...');
+        session.stopKeepalive();
         try {
           await session.detach();
         } catch (e) {
@@ -190,6 +196,7 @@ async function startRepl(session, initialState, onBeforeExit) {
 
       } else if (cmd === 'kill') {
         console.log('\n  Terminating program (hard abort)...');
+        session.stopKeepalive();
         try {
           await session.terminate();
         } catch (e) {
@@ -213,7 +220,23 @@ async function startRepl(session, initialState, onBeforeExit) {
   });
 
   rl.on('close', async () => {
+    // stdin closed (EOF or Ctrl+D) without an explicit 'q' or 'kill' command.
+    // Detach so the ABAP work process is released — without this the WP stays
+    // frozen in SM50 (e.g. when attach is started with </dev/null stdin and
+    // readline gets immediate EOF before the user can type a command).
+    if (!exitCleanupDone) {
+      session.stopKeepalive();
+      try { await session.detach(); } catch (e) { /* ignore */ }
+    }
     await runExitCleanup();
+    // Drain stdout/stderr before exiting so the OS TCP stack has flushed the
+    // outbound stepContinue request bytes. process.exit() tears down file
+    // descriptors immediately — without this the WP can stay frozen if the
+    // socket buffer hasn't been written to the NIC yet.
+    await new Promise(resolve => {
+      if (process.stdout.writableEnded) return resolve();
+      process.stdout.write('', resolve);
+    });
     process.exit(0);
   });
 

package/src/utils/debug-session.js

@@ -38,7 +38,7 @@ const STATEFUL_HEADER = { 'X-sap-adt-sessiontype': 'stateful' };
  * @param {number}   maxRetries - Max additional attempts after the first (default 3)
  * @param {number}   delayMs    - Wait between retries in ms (default 1000)
  */
-async function retryOnIcmError(fn, maxRetries = 3, delayMs = 1000) {
+async function retryOnIcmError(fn, maxRetries = 12, delayMs = 2000) {
   let lastErr;
   for (let attempt = 0; attempt <= maxRetries; attempt++) {
     try {
@@ -64,6 +64,56 @@ class DebugSession {
   constructor(adtHttp, sessionId) {
     this.http = adtHttp;
     this.sessionId = sessionId;
+    this.pinnedSessionId = null;
+    this._keepaliveTimer = null;
+  }
+
+  /**
+   * Start a periodic keepalive that pings ADT every 30 seconds.
+   * SAP's ICM drops stateful session affinity after ~60 s of idle, causing
+   * subsequent debug requests to route to the wrong work process (HTTP 400).
+   * Calling getStack() regularly keeps the connection warm.
+   * Call stopKeepalive() before detach/terminate to avoid racing the close.
+   */
+  startKeepalive() {
+    if (this._keepaliveTimer) return;
+    this._keepaliveTimer = setInterval(async () => {
+      try { await this.getStack(); } catch (e) { /* best-effort */ }
+    }, 30000);
+    if (this._keepaliveTimer.unref) this._keepaliveTimer.unref();
+  }
+
+  stopKeepalive() {
+    if (this._keepaliveTimer) {
+      clearInterval(this._keepaliveTimer);
+      this._keepaliveTimer = null;
+    }
+  }
+
+  /**
+   * Restore the pinned SAP_SESSIONID into the HTTP client's cookie jar.
+   *
+   * SAP ADT debug sessions are bound to a specific frozen ABAP work process
+   * via the SAP_SESSIONID cookie.  AdtHttp updates this cookie automatically
+   * from every response's Set-Cookie header and replaces it on CSRF refresh
+   * (401/403 retry).  When the cookie rotates mid-session the next request
+   * routes to a different ABAP session that has no debug state, causing
+   * HTTP 400 "Service cannot be reached".
+   *
+   * This method reverts any rotation that occurred since attach() by replacing
+   * the current SAP_SESSIONID value with the one captured at attach time.
+   * It is a no-op when called before attach() (pinnedSessionId is null).
+   */
+  _restorePinnedSession() {
+    if (!this.pinnedSessionId || !this.http.cookies) return;
+
+    // Replace whatever SAP_SESSIONID= value is currently in the cookie jar
+    // with the pinned one.  The cookie jar is a semicolon-separated string,
+    // e.g. "SAP_SESSIONID=ABC123; sap-usercontext=xyz".
+    this.http.cookies = this.http.cookies.replace(
+      /SAP_SESSIONID=[^;]*/,
+      `SAP_SESSIONID=${this.pinnedSessionId}`
+    );
   }
 
   /**
@@ -95,6 +145,14 @@ class DebugSession {
       this.sessionId = debugSessionId;
     }
 
+    // Pin the SAP_SESSIONID cookie that was active when we attached.
+    // All subsequent stateful operations must present this exact cookie so
+    // that SAP routes them to the same frozen ABAP work process.
+    if (this.http.cookies) {
+      const match = this.http.cookies.match(/SAP_SESSIONID=([^;]*)/);
+      if (match) this.pinnedSessionId = match[1];
+    }
+
     return this.sessionId;
   }
 
@@ -126,6 +184,7 @@ class DebugSession {
     // (no suspended session left).  Treat both 200 and 500 as "continued".
     if (method === 'stepContinue') {
       return retryOnIcmError(async () => {
+        this._restorePinnedSession();
         try {
           await this.http.post(`/sap/bc/adt/debugger?method=${method}`, '', {
             contentType: 'application/vnd.sap.as+xml',
@@ -146,6 +205,7 @@ class DebugSession {
     }
 
     return retryOnIcmError(async () => {
+      this._restorePinnedSession();
       await this.http.post(`/sap/bc/adt/debugger?method=${method}`, '', {
         contentType: 'application/vnd.sap.as+xml',
         headers: { ...STATEFUL_HEADER, 'Accept': 'application/xml' }
@@ -173,6 +233,8 @@ class DebugSession {
    * @returns {Promise<Array<{ name: string, type: string, value: string }>>}
    */
   async getVariables(name = null) {
+    this._restorePinnedSession();
+
     const CT_CHILD = 'application/vnd.sap.as+xml; charset=UTF-8; dataname=com.sap.adt.debugger.ChildVariables';
     const CT_VARS  = 'application/vnd.sap.as+xml; charset=UTF-8; dataname=com.sap.adt.debugger.Variables';
 
@@ -254,6 +316,8 @@ class DebugSession {
    * @returns {Promise<Array<{ id: string, name: string, type: string, value: string }>>}
    */
   async getVariableChildren(parentId, meta = {}) {
+    this._restorePinnedSession();
+
     const CT_VARS  = 'application/vnd.sap.as+xml; charset=UTF-8; dataname=com.sap.adt.debugger.Variables';
     const CT_CHILD = 'application/vnd.sap.as+xml; charset=UTF-8; dataname=com.sap.adt.debugger.ChildVariables';
 
@@ -372,6 +436,7 @@ class DebugSession {
    */
   async getStack() {
     return retryOnIcmError(async () => {
+      this._restorePinnedSession();
       // Try newer dedicated stack endpoint first (abap-adt-api v7+ approach)
       try {
         const { body } = await this.http.get(
@@ -383,9 +448,8 @@ class DebugSession {
         const frames = parseStack(body);
         if (frames.length > 0) return frames;
       } catch (e) {
-        // Re-throw ICM errors so the outer retryOnIcmError can catch them
-        if (e && e.statusCode === 400 && e.body && e.body.includes('Service cannot be reached')) throw e;
-        // Otherwise fall through to POST approach
+        // Fall through to POST approach for any GET failure (including 400 on systems
+        // that don't support the dedicated /debugger/stack endpoint)
       }
       // Fallback: POST approach (older ADT versions)
       const { body } = await this.http.post(
@@ -583,32 +647,38 @@ class DebugSession {
 
   /**
    * Terminate the debug session.
+   * Retries on transient ICM 400 errors so the ABAP work process is reliably
+   * released even when the system is under load (e.g. during test:all).
    */
   async terminate() {
-    await this.http.post('/sap/bc/adt/debugger?method=terminateDebuggee', '', {
-      contentType: 'application/vnd.sap.as+xml',
-      headers: STATEFUL_HEADER
+    await retryOnIcmError(async () => {
+      this._restorePinnedSession();
+      await this.http.post('/sap/bc/adt/debugger?method=terminateDebuggee', '', {
+        contentType: 'application/vnd.sap.as+xml',
+        headers: STATEFUL_HEADER
+      });
     });
   }
 
   /**
    * Detach from the debuggee without killing it.
-   * Issues a stepContinue so the ABAP program resumes running.
+   * Issues a single stepContinue so the ABAP program resumes running.
+   *
+   * ADT returns HTTP 200 when the WP resumes (regardless of whether it
+   * later hits another breakpoint — there is no way to distinguish "still
+   * running" from "re-hit breakpoint" in the stepContinue response alone).
+   * Sending a second stepContinue to an already-running WP races with the
+   * program's own execution and can stall the WP mid-run (e.g. while a
+   * Code Inspector job is in flight), so we issue exactly one request.
    *
-   * stepContinue is a long-poll in ADT — it only responds when the program
-   * hits another breakpoint (200) or finishes (500), which may be never.
-   * We use postFire() which resolves as soon as the request bytes are
-   * flushed to the TCP send buffer — no need to wait for a response.
-   * The existing session cookies are used so ADT recognises the request.
+   * Callers (e.g. the REPL 'q' handler) must delete all breakpoints before
+   * calling detach() to prevent an immediate re-hit on the same line.
    */
   async detach() {
     try {
-      await this.http.postFire('/sap/bc/adt/debugger?method=stepContinue', '', {
-        contentType: 'application/vnd.sap.as+xml',
-        headers: STATEFUL_HEADER
-      });
+      await this.step('stepContinue');
     } catch (e) {
-      // Ignore — fire-and-forget; errors here mean the session already closed.
+      // Ignore — session may have already closed.
     }
   }
 }