agent-relay-server 0.10.7 → 0.10.8

package/src/config-store.ts

@@ -0,0 +1,380 @@
+import { getDb, ValidationError } from "./db";
+import type {
+  ConfigEntry,
+  ConfigHistoryEntry,
+  ManagedAgentState,
+  ManagedAgentStatus,
+  SpawnPolicy,
+  SpawnProvider,
+} from "./types";
+
+const CONFIG_HISTORY_LIMIT = 50;
+const SPAWN_POLICY_NAMESPACE = "spawn-policy";
+const VALID_PROVIDERS = ["claude", "codex"] as const;
+const VALID_PERMISSION_MODES = ["open", "guarded", "read-only"] as const;
+const VALID_POLICY_MODES = ["always-on", "on-demand"] as const;
+const VALID_MANAGED_STATUSES = ["stopped", "starting", "running", "stopping", "backoff"] as const;
+
+interface ConfigRow {
+  namespace: string;
+  key: string;
+  value: string;
+  version: number;
+  updated_at: string;
+  updated_by: string | null;
+}
+
+interface ConfigHistoryRow {
+  id: number;
+  namespace: string;
+  key: string;
+  value: string;
+  version: number;
+  changed_at: string;
+  changed_by: string | null;
+}
+
+interface ManagedAgentStateRow {
+  policy_name: string;
+  status: ManagedAgentStatus;
+  agent_id: string | null;
+  orchestrator_id: string;
+  provider: SpawnProvider;
+  tmux_session: string | null;
+  spawn_request_id: string | null;
+  last_spawn_at: number | null;
+  last_stop_at: number | null;
+  healthy_since: number | null;
+  restart_count: number;
+  consecutive_failures: number;
+  backoff_until: number | null;
+  last_error: string | null;
+  updated_at: number;
+}
+
+export type ManagedAgentStateInput = Omit<ManagedAgentState, "updatedAt" | "restartCount" | "consecutiveFailures"> &
+  Partial<Pick<ManagedAgentState, "updatedAt" | "restartCount" | "consecutiveFailures">>;
+
+export type ManagedAgentStatePatch = Partial<Omit<ManagedAgentState, "policyName" | "orchestratorId" | "provider">> &
+  Partial<Pick<ManagedAgentState, "orchestratorId" | "provider">>;
+
+function parseJsonValue(raw: string): unknown {
+  try {
+    return JSON.parse(raw);
+  } catch {
+    return null;
+  }
+}
+
+function rowToConfigEntry<T>(row: ConfigRow): ConfigEntry<T> {
+  return {
+    namespace: row.namespace,
+    key: row.key,
+    value: parseJsonValue(row.value) as T,
+    version: row.version,
+    updatedAt: row.updated_at,
+    updatedBy: row.updated_by ?? undefined,
+  };
+}
+
+function rowToConfigHistoryEntry<T>(row: ConfigHistoryRow): ConfigHistoryEntry<T> {
+  return {
+    id: row.id,
+    namespace: row.namespace,
+    key: row.key,
+    value: parseJsonValue(row.value) as T,
+    version: row.version,
+    changedAt: row.changed_at,
+    changedBy: row.changed_by ?? undefined,
+  };
+}
+
+function rowToManagedAgentState(row: ManagedAgentStateRow): ManagedAgentState {
+  return {
+    policyName: row.policy_name,
+    status: row.status,
+    agentId: row.agent_id ?? undefined,
+    orchestratorId: row.orchestrator_id,
+    provider: row.provider,
+    tmuxSession: row.tmux_session ?? undefined,
+    spawnRequestId: row.spawn_request_id ?? undefined,
+    lastSpawnAt: row.last_spawn_at ?? undefined,
+    lastStopAt: row.last_stop_at ?? undefined,
+    healthySince: row.healthy_since ?? undefined,
+    restartCount: row.restart_count,
+    consecutiveFailures: row.consecutive_failures,
+    backoffUntil: row.backoff_until ?? undefined,
+    lastError: row.last_error ?? undefined,
+    updatedAt: row.updated_at,
+  };
+}
+
+function isRecord(value: unknown): value is Record<string, unknown> {
+  return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+
+function cleanString(value: unknown, field: string, opts: { required?: boolean; max?: number } = {}): string | undefined {
+  if (value === undefined || value === null) {
+    if (opts.required) throw new ValidationError(`${field} required`);
+    return undefined;
+  }
+  if (typeof value !== "string") throw new ValidationError(`${field} must be a string`);
+  const trimmed = value.trim();
+  if (opts.required && !trimmed) throw new ValidationError(`${field} required`);
+  if (opts.max && trimmed.length > opts.max) throw new ValidationError(`${field} must be ${opts.max} characters or fewer`);
+  return trimmed || undefined;
+}
+
+function cleanStringArray(value: unknown, field: string, opts: { required?: boolean } = {}): string[] {
+  if (value === undefined || value === null) {
+    if (opts.required) throw new ValidationError(`${field} required`);
+    return [];
+  }
+  if (!Array.isArray(value)) throw new ValidationError(`${field} must be an array of strings`);
+  const cleaned = value.map((item) => cleanString(item, `${field} item`, { max: 120 })).filter(Boolean) as string[];
+  if (cleaned.length > 100) throw new ValidationError(`${field} can contain at most 100 values`);
+  return [...new Set(cleaned)];
+}
+
+function cleanBoolean(value: unknown, field: string): boolean {
+  if (typeof value !== "boolean") throw new ValidationError(`${field} must be a boolean`);
+  return value;
+}
+
+function cleanNumber(value: unknown, field: string, opts: { min: number; max: number }): number {
+  if (typeof value !== "number" || !Number.isSafeInteger(value) || value < opts.min || value > opts.max) {
+    throw new ValidationError(`${field} must be an integer between ${opts.min} and ${opts.max}`);
+  }
+  return value;
+}
+
+function cleanEnum<T extends readonly string[]>(value: unknown, field: string, valid: T): T[number] {
+  if (typeof value !== "string" || !valid.includes(value)) {
+    throw new ValidationError(`${field} must be one of: ${valid.join(", ")}`);
+  }
+  return value as T[number];
+}
+
+export function validateSpawnPolicy(key: string, value: unknown): SpawnPolicy {
+  if (!isRecord(value)) throw new ValidationError("spawn-policy value must be an object");
+  const name = cleanString(value.name, "name", { required: true, max: 120 })!;
+  if (name !== key) throw new ValidationError("spawn-policy name must match config key");
+  const mode = cleanEnum(value.mode, "mode", VALID_POLICY_MODES);
+  const policy: SpawnPolicy = {
+    name,
+    description: cleanString(value.description, "description", { max: 1000 }),
+    orchestratorId: cleanString(value.orchestratorId, "orchestratorId", { required: true, max: 200 })!,
+    cwd: cleanString(value.cwd, "cwd", { required: true, max: 1000 })!,
+    provider: cleanEnum(value.provider, "provider", VALID_PROVIDERS) as SpawnProvider,
+    providerArgs: cleanStringArray(value.providerArgs, "providerArgs"),
+    prompt: cleanString(value.prompt, "prompt", { max: 16_000 }),
+    tags: cleanStringArray(value.tags, "tags"),
+    capabilities: cleanStringArray(value.capabilities, "capabilities"),
+    label: cleanString(value.label, "label", { max: 120 }),
+    mode,
+    permissionMode: cleanEnum(value.permissionMode, "permissionMode", VALID_PERMISSION_MODES),
+    restartOnUpdate: cleanBoolean(value.restartOnUpdate, "restartOnUpdate"),
+    scheduledDailyRestart: cleanBoolean(value.scheduledDailyRestart, "scheduledDailyRestart"),
+    backoff: cleanBackoff(value.backoff),
+  };
+  if (mode === "on-demand") policy.onDemand = cleanOnDemand(value.onDemand);
+  if (value.binding !== undefined && value.binding !== null) policy.binding = cleanBinding(value.binding);
+  return policy;
+}
+
+function cleanBackoff(value: unknown): SpawnPolicy["backoff"] {
+  if (!isRecord(value)) throw new ValidationError("backoff must be an object");
+  if (!Array.isArray(value.schedule) || value.schedule.length === 0) {
+    throw new ValidationError("backoff.schedule must be a non-empty array");
+  }
+  if (value.schedule.length > 20) throw new ValidationError("backoff.schedule can contain at most 20 values");
+  return {
+    schedule: value.schedule.map((item, index) => cleanNumber(item, `backoff.schedule[${index}]`, { min: 1, max: 86_400 })),
+    resetAfterSeconds: cleanNumber(value.resetAfterSeconds, "backoff.resetAfterSeconds", { min: 1, max: 86_400 }),
+  };
+}
+
+function cleanOnDemand(value: unknown): NonNullable<SpawnPolicy["onDemand"]> {
+  if (!isRecord(value)) throw new ValidationError("onDemand must be an object when mode is on-demand");
+  const idleDefinition = cleanEnum(value.idleDefinition, "onDemand.idleDefinition", ["no-activity"] as const);
+  return {
+    keepaliveSeconds: cleanNumber(value.keepaliveSeconds, "onDemand.keepaliveSeconds", { min: 0, max: 2_592_000 }),
+    idleDefinition,
+  };
+}
+
+function cleanBinding(value: unknown): NonNullable<SpawnPolicy["binding"]> {
+  if (!isRecord(value)) throw new ValidationError("binding must be an object");
+  return {
+    type: cleanEnum(value.type, "binding.type", ["channel"] as const),
+    channelId: cleanString(value.channelId, "binding.channelId", { required: true, max: 200 })!,
+  };
+}
+
+function normalizeValue(namespace: string, key: string, value: unknown): unknown {
+  if (value === undefined) throw new ValidationError("value required");
+  if (namespace === SPAWN_POLICY_NAMESPACE) return validateSpawnPolicy(key, value);
+  if (JSON.stringify(value) === undefined) throw new ValidationError("value must be valid JSON");
+  return value;
+}
+
+export function getConfig<T = unknown>(namespace: string, key: string): ConfigEntry<T> | null {
+  const row = getDb().prepare("SELECT * FROM config WHERE namespace = ? AND key = ?").get(namespace, key) as ConfigRow | undefined;
+  return row ? rowToConfigEntry<T>(row) : null;
+}
+
+export function listConfig<T = unknown>(namespace: string): ConfigEntry<T>[] {
+  const rows = getDb()
+    .prepare("SELECT * FROM config WHERE namespace = ? ORDER BY key ASC")
+    .all(namespace) as ConfigRow[];
+  return rows.map(rowToConfigEntry<T>);
+}
+
+export function setConfig<T = unknown>(namespace: string, key: string, value: T, updatedBy?: string): ConfigEntry<T> {
+  const normalized = normalizeValue(namespace, key, value) as T;
+  const existing = getConfig(namespace, key);
+  const now = new Date().toISOString();
+  const nextVersion = existing ? existing.version + 1 : 1;
+
+  getDb().transaction(() => {
+    if (existing) {
+      getDb().prepare(`
+        INSERT INTO config_history (namespace, key, value, version, changed_at, changed_by)
+        VALUES (?, ?, ?, ?, ?, ?)
+      `).run(existing.namespace, existing.key, JSON.stringify(existing.value), existing.version, now, updatedBy ?? null);
+    }
+    getDb().prepare(`
+      INSERT INTO config (namespace, key, value, version, updated_at, updated_by)
+      VALUES (?, ?, ?, ?, ?, ?)
+      ON CONFLICT(namespace, key) DO UPDATE SET
+        value = excluded.value,
+        version = excluded.version,
+        updated_at = excluded.updated_at,
+        updated_by = excluded.updated_by
+    `).run(namespace, key, JSON.stringify(normalized), nextVersion, now, updatedBy ?? null);
+    pruneConfigHistory(namespace, key);
+  })();
+
+  return getConfig<T>(namespace, key)!;
+}
+
+export function deleteConfig(namespace: string, key: string, updatedBy?: string): boolean {
+  const existing = getConfig(namespace, key);
+  if (!existing) return false;
+  const now = new Date().toISOString();
+  getDb().transaction(() => {
+    getDb().prepare(`
+      INSERT INTO config_history (namespace, key, value, version, changed_at, changed_by)
+      VALUES (?, ?, ?, ?, ?, ?)
+    `).run(existing.namespace, existing.key, JSON.stringify(existing.value), existing.version, now, updatedBy ?? null);
+    getDb().prepare("DELETE FROM config WHERE namespace = ? AND key = ?").run(namespace, key);
+    pruneConfigHistory(namespace, key);
+  })();
+  return true;
+}
+
+export function getConfigHistory<T = unknown>(namespace: string, key: string, limit = CONFIG_HISTORY_LIMIT): ConfigHistoryEntry<T>[] {
+  const safeLimit = Math.min(Math.max(limit, 1), 500);
+  const rows = getDb()
+    .prepare("SELECT * FROM config_history WHERE namespace = ? AND key = ? ORDER BY version DESC, id DESC LIMIT ?")
+    .all(namespace, key, safeLimit) as ConfigHistoryRow[];
+  return rows.map(rowToConfigHistoryEntry<T>);
+}
+
+function pruneConfigHistory(namespace: string, key: string): void {
+  getDb().prepare(`
+    DELETE FROM config_history
+    WHERE namespace = ? AND key = ? AND id NOT IN (
+      SELECT id FROM config_history
+      WHERE namespace = ? AND key = ?
+      ORDER BY version DESC, id DESC
+      LIMIT ?
+    )
+  `).run(namespace, key, namespace, key, CONFIG_HISTORY_LIMIT);
+}
+
+export function getSpawnPolicy(name: string): ConfigEntry<SpawnPolicy> | null {
+  return getConfig<SpawnPolicy>(SPAWN_POLICY_NAMESPACE, name);
+}
+
+export function listSpawnPolicies(): ConfigEntry<SpawnPolicy>[] {
+  return listConfig<SpawnPolicy>(SPAWN_POLICY_NAMESPACE);
+}
+
+export function setSpawnPolicy(policy: SpawnPolicy, updatedBy?: string): ConfigEntry<SpawnPolicy> {
+  return setConfig(SPAWN_POLICY_NAMESPACE, policy.name, policy, updatedBy);
+}
+
+export function getManagedAgentState(policyName: string): ManagedAgentState | null {
+  const row = getDb().prepare("SELECT * FROM managed_agent_state WHERE policy_name = ?").get(policyName) as ManagedAgentStateRow | undefined;
+  return row ? rowToManagedAgentState(row) : null;
+}
+
+export function listManagedAgentStates(): ManagedAgentState[] {
+  const rows = getDb()
+    .prepare("SELECT * FROM managed_agent_state ORDER BY policy_name ASC")
+    .all() as ManagedAgentStateRow[];
+  return rows.map(rowToManagedAgentState);
+}
+
+export function upsertManagedAgentState(input: ManagedAgentStateInput): ManagedAgentState {
+  if (!VALID_MANAGED_STATUSES.includes(input.status)) throw new ValidationError("status must be a managed-agent status");
+  if (!VALID_PROVIDERS.includes(input.provider)) throw new ValidationError("provider must be claude or codex");
+  const now = input.updatedAt ?? Date.now();
+  getDb().prepare(`
+    INSERT INTO managed_agent_state (
+      policy_name, status, agent_id, orchestrator_id, provider, tmux_session, spawn_request_id,
+      last_spawn_at, last_stop_at, healthy_since, restart_count, consecutive_failures,
+      backoff_until, last_error, updated_at
+    )
+    VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+    ON CONFLICT(policy_name) DO UPDATE SET
+      status = excluded.status,
+      agent_id = excluded.agent_id,
+      orchestrator_id = excluded.orchestrator_id,
+      provider = excluded.provider,
+      tmux_session = excluded.tmux_session,
+      spawn_request_id = excluded.spawn_request_id,
+      last_spawn_at = excluded.last_spawn_at,
+      last_stop_at = excluded.last_stop_at,
+      healthy_since = excluded.healthy_since,
+      restart_count = excluded.restart_count,
+      consecutive_failures = excluded.consecutive_failures,
+      backoff_until = excluded.backoff_until,
+      last_error = excluded.last_error,
+      updated_at = excluded.updated_at
+  `).run(
+    input.policyName,
+    input.status,
+    input.agentId ?? null,
+    input.orchestratorId,
+    input.provider,
+    input.tmuxSession ?? null,
+    input.spawnRequestId ?? null,
+    input.lastSpawnAt ?? null,
+    input.lastStopAt ?? null,
+    input.healthySince ?? null,
+    input.restartCount ?? 0,
+    input.consecutiveFailures ?? 0,
+    input.backoffUntil ?? null,
+    input.lastError ?? null,
+    now,
+  );
+  return getManagedAgentState(input.policyName)!;
+}
+
+export function updateManagedAgentState(policyName: string, patch: ManagedAgentStatePatch): ManagedAgentState | null {
+  const existing = getManagedAgentState(policyName);
+  if (!existing) return null;
+  return upsertManagedAgentState({
+    ...existing,
+    ...patch,
+    policyName,
+    updatedAt: patch.updatedAt ?? Date.now(),
+  });
+}
+
+export function deleteManagedAgentState(policyName: string): boolean {
+  const result = getDb().prepare("DELETE FROM managed_agent_state WHERE policy_name = ?").run(policyName);
+  return result.changes > 0;
+}