cdk-local 0.135.0 → 0.137.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +4 -4
- package/dist/cli.js +2 -2
- package/dist/index.d.ts +1 -1
- package/dist/index.js +1 -1
- package/dist/internal.d.ts +2 -19
- package/dist/internal.d.ts.map +1 -1
- package/dist/internal.js +2 -2
- package/dist/{local-studio-DEKg7YDa.d.ts → local-studio-CVnRJb-b.d.ts} +29 -2
- package/dist/local-studio-CVnRJb-b.d.ts.map +1 -0
- package/dist/{local-studio-CdpdUbIA.js → local-studio-DxzjQZJu.js} +202 -86
- package/dist/local-studio-DxzjQZJu.js.map +1 -0
- package/package.json +1 -1
- package/dist/local-studio-CdpdUbIA.js.map +0 -1
- package/dist/local-studio-DEKg7YDa.d.ts.map +0 -1
|
@@ -3448,10 +3448,14 @@ function scanByType(stacks, type) {
|
|
|
3448
3448
|
/**
|
|
3449
3449
|
* Enumerate `AWS::BedrockAgentCore::Runtime` targets, marking each with
|
|
3450
3450
|
* {@link TargetEntry.agentCoreHasWs} — true for HTTP / AGUI runtimes (which
|
|
3451
|
-
* expose a `/ws` WebSocket endpoint), false for MCP / A2A (which do not)
|
|
3452
|
-
*
|
|
3453
|
-
*
|
|
3454
|
-
*
|
|
3451
|
+
* expose a `/ws` WebSocket endpoint), false for MCP / A2A (which do not) — and
|
|
3452
|
+
* {@link TargetEntry.agentCoreContractPath}, the POST path the runtime's
|
|
3453
|
+
* protocol contract is served on (`/invocations` / `/mcp` / `/`). `cdkl
|
|
3454
|
+
* start-agentcore` serves every protocol (issue #454), so the studio serve
|
|
3455
|
+
* group lists every runtime; the `hasWs` marker decides only whether to render
|
|
3456
|
+
* the WebSocket console too, and the contract path seeds the HTTP composer. The
|
|
3457
|
+
* protocol is read the same way the resolver reads it
|
|
3458
|
+
* (`Properties.ProtocolConfiguration`, default HTTP).
|
|
3455
3459
|
*/
|
|
3456
3460
|
function scanAgentCoreRuntimes(stacks) {
|
|
3457
3461
|
const entries = [];
|
|
@@ -3462,6 +3466,7 @@ function scanAgentCoreRuntimes(stacks) {
|
|
|
3462
3466
|
const entry = makeEntry(stack.stackName, logicalId, readCdkPathOrUndefined(resource));
|
|
3463
3467
|
const protocol = resource.Properties?.["ProtocolConfiguration"];
|
|
3464
3468
|
entry.agentCoreHasWs = protocol !== "MCP" && protocol !== "A2A";
|
|
3469
|
+
entry.agentCoreContractPath = protocol === "MCP" ? "/mcp" : protocol === "A2A" ? "/" : "/invocations";
|
|
3465
3470
|
entries.push(entry);
|
|
3466
3471
|
}
|
|
3467
3472
|
}
|
|
@@ -18469,8 +18474,8 @@ function defaultFetchObject$1(options) {
|
|
|
18469
18474
|
* plain HTTP. `cdkl invoke-agentcore` runs the container, waits for `/ping`,
|
|
18470
18475
|
* then POSTs one event to `/invocations` (invoke-once).
|
|
18471
18476
|
*/
|
|
18472
|
-
const PING_PATH
|
|
18473
|
-
const INVOCATIONS_PATH
|
|
18477
|
+
const PING_PATH = "/ping";
|
|
18478
|
+
const INVOCATIONS_PATH = "/invocations";
|
|
18474
18479
|
/**
|
|
18475
18480
|
* Header AgentCore Runtime uses to carry the session id to the container.
|
|
18476
18481
|
* Real AgentCore always sends it; we generate one (or pass the user's
|
|
@@ -18507,7 +18512,7 @@ async function waitForAgentCorePing(host, port, timeoutMs = 3e4) {
|
|
|
18507
18512
|
await setTimeout$1(150);
|
|
18508
18513
|
}
|
|
18509
18514
|
const tail = lastDetail ? `: ${lastDetail}` : "";
|
|
18510
|
-
throw new Error(`AgentCore agent did not become ready on ${host}:${port} within ${timeoutMs}ms${tail}. The container may have exited early or may not serve GET ${PING_PATH
|
|
18515
|
+
throw new Error(`AgentCore agent did not become ready on ${host}:${port} within ${timeoutMs}ms${tail}. The container may have exited early or may not serve GET ${PING_PATH} — check 'docker logs' output.`);
|
|
18511
18516
|
}
|
|
18512
18517
|
/**
|
|
18513
18518
|
* Issue `GET /ping`. Returns the HTTP status on any response, undefined on
|
|
@@ -18518,7 +18523,7 @@ async function pingProbe(host, port, timeoutMs) {
|
|
|
18518
18523
|
const controller = new AbortController();
|
|
18519
18524
|
const timer = setTimeout(() => controller.abort(), timeoutMs);
|
|
18520
18525
|
try {
|
|
18521
|
-
const response = await fetch(`http://${host}:${port}${PING_PATH
|
|
18526
|
+
const response = await fetch(`http://${host}:${port}${PING_PATH}`, {
|
|
18522
18527
|
method: "GET",
|
|
18523
18528
|
signal: controller.signal
|
|
18524
18529
|
});
|
|
@@ -18532,6 +18537,47 @@ async function pingProbe(host, port, timeoutMs) {
|
|
|
18532
18537
|
}
|
|
18533
18538
|
}
|
|
18534
18539
|
/**
|
|
18540
|
+
* Wait until the container's HTTP server on `host:port` answers a probe `POST`
|
|
18541
|
+
* at `path` with ANY HTTP status, or throw after `timeoutMs`. This is the
|
|
18542
|
+
* readiness gate for the MCP / A2A warm serve (`cdkl start-agentcore`), which —
|
|
18543
|
+
* unlike the HTTP / AGUI protocol — have no `GET /ping`: an HTTP response (even
|
|
18544
|
+
* a 4xx for the probe's empty body) proves the app's HTTP server is bound and
|
|
18545
|
+
* routing the protocol path, so the warm serve can advertise its endpoint
|
|
18546
|
+
* without racing container boot. Only transient connect failures (the
|
|
18547
|
+
* container still coming up) are retried; the probe does NOT interpret the
|
|
18548
|
+
* protocol — the real client drives the MCP handshake / A2A JSON-RPC through
|
|
18549
|
+
* the serve.
|
|
18550
|
+
*
|
|
18551
|
+
* A TCP-only probe would be too early (Docker's port forwarder accepts the
|
|
18552
|
+
* connection before the agent's HTTP server binds); an HTTP response is the
|
|
18553
|
+
* honest "the app is up" signal.
|
|
18554
|
+
*/
|
|
18555
|
+
async function waitForAgentCoreHttpReady(host, port, path, timeoutMs = 3e4) {
|
|
18556
|
+
const deadline = Date.now() + timeoutMs;
|
|
18557
|
+
let lastDetail = "";
|
|
18558
|
+
while (Date.now() < deadline) {
|
|
18559
|
+
const controller = new AbortController();
|
|
18560
|
+
const timer = setTimeout(() => controller.abort(), 1e3);
|
|
18561
|
+
try {
|
|
18562
|
+
await (await fetch(`http://${host}:${port}${path}`, {
|
|
18563
|
+
method: "POST",
|
|
18564
|
+
headers: { "content-type": "application/json" },
|
|
18565
|
+
body: "{}",
|
|
18566
|
+
signal: controller.signal
|
|
18567
|
+
})).text().catch(() => void 0);
|
|
18568
|
+
return;
|
|
18569
|
+
} catch (err) {
|
|
18570
|
+
if (!isTransientNetworkError$2(err)) throw err;
|
|
18571
|
+
lastDetail = err instanceof Error ? err.message : String(err);
|
|
18572
|
+
} finally {
|
|
18573
|
+
clearTimeout(timer);
|
|
18574
|
+
}
|
|
18575
|
+
await setTimeout$1(150);
|
|
18576
|
+
}
|
|
18577
|
+
const tail = lastDetail ? `: ${lastDetail}` : "";
|
|
18578
|
+
throw new Error(`AgentCore agent did not become ready on ${host}:${port} within ${timeoutMs}ms${tail}. The container may have exited early or may not serve POST ${path} — check 'docker logs' output.`);
|
|
18579
|
+
}
|
|
18580
|
+
/**
|
|
18535
18581
|
* `fetch()` failures during container boot manifest as a generic
|
|
18536
18582
|
* `TypeError: fetch failed` whose `.cause` carries the underlying Node
|
|
18537
18583
|
* `ECONNRESET` / `ECONNREFUSED` / `UND_ERR_SOCKET`. Treat all of those —
|
|
@@ -18557,7 +18603,7 @@ function isTransientNetworkError$2(err) {
|
|
|
18557
18603
|
* a missing sink) is buffered into `raw` and returned verbatim.
|
|
18558
18604
|
*/
|
|
18559
18605
|
async function invokeAgentCore(host, port, event, options) {
|
|
18560
|
-
const url = `http://${host}:${port}${INVOCATIONS_PATH
|
|
18606
|
+
const url = `http://${host}:${port}${INVOCATIONS_PATH}`;
|
|
18561
18607
|
const body = JSON.stringify(event ?? {});
|
|
18562
18608
|
const controller = new AbortController();
|
|
18563
18609
|
const timer = setTimeout(() => controller.abort(), options.timeoutMs);
|
|
@@ -31010,33 +31056,14 @@ function startAgentCoreWsBridge(config) {
|
|
|
31010
31056
|
|
|
31011
31057
|
//#endregion
|
|
31012
31058
|
//#region src/local/agentcore-http-server.ts
|
|
31013
|
-
/**
|
|
31014
|
-
|
|
31015
|
-
|
|
31016
|
-
|
|
31017
|
-
|
|
31018
|
-
|
|
31019
|
-
|
|
31020
|
-
|
|
31021
|
-
* `InvokeAgentRuntime` calls on the same `runtimeSessionId` reuse one warm
|
|
31022
|
-
* microVM.
|
|
31023
|
-
*
|
|
31024
|
-
* One host `http.Server` serves all three:
|
|
31025
|
-
* - `GET /ping` -> proxied to the container's `/ping`
|
|
31026
|
-
* - `POST /invocations` -> proxied to the container's `/invocations`
|
|
31027
|
-
* (request body streamed up, response — JSON or SSE — streamed back)
|
|
31028
|
-
* - `/ws` upgrade -> the existing header-injecting bridge
|
|
31029
|
-
* ({@link attachAgentCoreWsBridge}) on the same port, so a header-less
|
|
31030
|
-
* browser `WebSocket` still works exactly as before.
|
|
31031
|
-
*
|
|
31032
|
-
* Auth parity: the boot-resolved `authorization` (the `--bearer-token`
|
|
31033
|
-
* validated once at boot under a `customJwtAuthorizer`, or the `--sigv4`
|
|
31034
|
-
* header set) is injected on every forwarded request — the same model the
|
|
31035
|
-
* `/ws` bridge uses. Per-request inbound JWT verification is out of scope for
|
|
31036
|
-
* this slice.
|
|
31037
|
-
*/
|
|
31038
|
-
const PING_PATH = "/ping";
|
|
31039
|
-
const INVOCATIONS_PATH = "/invocations";
|
|
31059
|
+
/** Default routing table — the HTTP / AGUI contract (POST /invocations + GET /ping). */
|
|
31060
|
+
const DEFAULT_ROUTES = [{
|
|
31061
|
+
method: "POST",
|
|
31062
|
+
path: "/invocations"
|
|
31063
|
+
}, {
|
|
31064
|
+
method: "GET",
|
|
31065
|
+
path: "/ping"
|
|
31066
|
+
}];
|
|
31040
31067
|
/**
|
|
31041
31068
|
* Proxy one inbound HTTP request to the warm container, injecting the
|
|
31042
31069
|
* session-id + Authorization (+ any extra) headers, and stream the response
|
|
@@ -31077,22 +31104,25 @@ function proxyToContainer(clientReq, clientRes, config, upstreamPath) {
|
|
|
31077
31104
|
*/
|
|
31078
31105
|
function startAgentCoreHttpServer(config) {
|
|
31079
31106
|
const host = config.host ?? "127.0.0.1";
|
|
31107
|
+
const routes = config.routes ?? DEFAULT_ROUTES;
|
|
31108
|
+
const attachWs = config.attachWs ?? true;
|
|
31109
|
+
const notFoundHint = buildNotFoundHint(routes, attachWs);
|
|
31080
31110
|
const httpServer = createServer$1((req, res) => {
|
|
31081
31111
|
const path = (req.url ?? "/").split("?")[0];
|
|
31082
|
-
|
|
31083
|
-
if (
|
|
31112
|
+
const match = routes.find((r) => r.method === req.method && r.path === path);
|
|
31113
|
+
if (match) return proxyToContainer(req, res, config, match.path);
|
|
31084
31114
|
res.writeHead(404, { "content-type": "application/json" });
|
|
31085
31115
|
res.end(JSON.stringify({
|
|
31086
31116
|
error: "not found",
|
|
31087
|
-
hint:
|
|
31117
|
+
hint: notFoundHint
|
|
31088
31118
|
}));
|
|
31089
31119
|
});
|
|
31090
|
-
const bridge = attachAgentCoreWsBridge(httpServer, {
|
|
31120
|
+
const bridge = attachWs ? attachAgentCoreWsBridge(httpServer, {
|
|
31091
31121
|
containerHost: config.containerHost,
|
|
31092
31122
|
containerPort: config.containerPort,
|
|
31093
31123
|
...config.sessionId && { sessionId: config.sessionId },
|
|
31094
31124
|
...config.authorization && { authorization: config.authorization }
|
|
31095
|
-
});
|
|
31125
|
+
}) : void 0;
|
|
31096
31126
|
return new Promise((resolve, reject) => {
|
|
31097
31127
|
httpServer.once("error", reject);
|
|
31098
31128
|
httpServer.listen(config.port ?? 0, host, () => {
|
|
@@ -31101,15 +31131,26 @@ function startAgentCoreHttpServer(config) {
|
|
|
31101
31131
|
const port = httpServer.address().port;
|
|
31102
31132
|
resolve({
|
|
31103
31133
|
httpUrl: `http://${host}:${port}`,
|
|
31104
|
-
wsUrl: `ws://${host}:${port}${bridge.path}
|
|
31134
|
+
...bridge && { wsUrl: `ws://${host}:${port}${bridge.path}` },
|
|
31105
31135
|
port,
|
|
31106
31136
|
close: () => new Promise((res) => {
|
|
31107
|
-
bridge.close().then(() => httpServer.close(() => res()));
|
|
31137
|
+
if (bridge) bridge.close().then(() => httpServer.close(() => res()));
|
|
31138
|
+
else httpServer.close(() => res());
|
|
31108
31139
|
})
|
|
31109
31140
|
});
|
|
31110
31141
|
});
|
|
31111
31142
|
});
|
|
31112
31143
|
}
|
|
31144
|
+
/**
|
|
31145
|
+
* Build the 404 hint from the served routes, appending the `/ws` pointer when
|
|
31146
|
+
* the WebSocket bridge is attached. e.g. HTTP / AGUI ->
|
|
31147
|
+
* `POST /invocations or GET /ping (WebSocket: connect to /ws)`; MCP ->
|
|
31148
|
+
* `POST /mcp`.
|
|
31149
|
+
*/
|
|
31150
|
+
function buildNotFoundHint(routes, attachWs) {
|
|
31151
|
+
const base = routes.map((r) => `${r.method} ${r.path}`).join(" or ");
|
|
31152
|
+
return attachWs ? `${base} (WebSocket: connect to /ws)` : base;
|
|
31153
|
+
}
|
|
31113
31154
|
|
|
31114
31155
|
//#endregion
|
|
31115
31156
|
//#region src/cli/commands/local-start-agentcore.ts
|
|
@@ -31122,31 +31163,66 @@ function parsePort(raw) {
|
|
|
31122
31163
|
return n;
|
|
31123
31164
|
}
|
|
31124
31165
|
/**
|
|
31125
|
-
*
|
|
31126
|
-
*
|
|
31127
|
-
*
|
|
31128
|
-
*
|
|
31129
|
-
* pipeline.
|
|
31166
|
+
* Map a resolved runtime's protocol to its warm-serve plan. All four protocols
|
|
31167
|
+
* are served (issue #454): HTTP / AGUI on 8080 (`POST /invocations` + `GET
|
|
31168
|
+
* /ping` + the `/ws` bridge), MCP on 8000 (`POST /mcp`), A2A on 9000
|
|
31169
|
+
* (`POST /`). MCP / A2A are pure request/response pass-through with no `/ws`.
|
|
31130
31170
|
*/
|
|
31131
|
-
function
|
|
31132
|
-
if (
|
|
31171
|
+
function resolveAgentCoreServePlan(protocol) {
|
|
31172
|
+
if (protocol === "MCP") return {
|
|
31173
|
+
containerPort: MCP_CONTAINER_PORT,
|
|
31174
|
+
containerPortLabel: `${MCP_CONTAINER_PORT}${MCP_PATH}`,
|
|
31175
|
+
routes: [{
|
|
31176
|
+
method: "POST",
|
|
31177
|
+
path: MCP_PATH
|
|
31178
|
+
}],
|
|
31179
|
+
attachWs: false,
|
|
31180
|
+
readyPath: MCP_PATH
|
|
31181
|
+
};
|
|
31182
|
+
if (protocol === "A2A") return {
|
|
31183
|
+
containerPort: A2A_CONTAINER_PORT,
|
|
31184
|
+
containerPortLabel: `${A2A_CONTAINER_PORT}${"/"}`,
|
|
31185
|
+
routes: [{
|
|
31186
|
+
method: "POST",
|
|
31187
|
+
path: "/"
|
|
31188
|
+
}],
|
|
31189
|
+
attachWs: false,
|
|
31190
|
+
readyPath: "/"
|
|
31191
|
+
};
|
|
31192
|
+
return {
|
|
31193
|
+
containerPort: void 0,
|
|
31194
|
+
containerPortLabel: "8080",
|
|
31195
|
+
routes: [{
|
|
31196
|
+
method: "POST",
|
|
31197
|
+
path: "/invocations"
|
|
31198
|
+
}, {
|
|
31199
|
+
method: "GET",
|
|
31200
|
+
path: "/ping"
|
|
31201
|
+
}],
|
|
31202
|
+
attachWs: true,
|
|
31203
|
+
readyPath: void 0
|
|
31204
|
+
};
|
|
31133
31205
|
}
|
|
31134
31206
|
/**
|
|
31135
31207
|
* `cdkl start-agentcore <target>` — boot a Bedrock AgentCore Runtime container
|
|
31136
|
-
* locally and serve its
|
|
31137
|
-
*
|
|
31138
|
-
*
|
|
31139
|
-
*
|
|
31140
|
-
*
|
|
31141
|
-
*
|
|
31142
|
-
* `
|
|
31143
|
-
*
|
|
31144
|
-
*
|
|
31145
|
-
*
|
|
31208
|
+
* locally ONCE, keep it warm, and serve its native contract on one host port
|
|
31209
|
+
* until SIGINT / SIGTERM, so a client can hit the agent repeatedly against the
|
|
31210
|
+
* SAME warm container (issue #454).
|
|
31211
|
+
*
|
|
31212
|
+
* All four protocols are served (the proxy is protocol-agnostic; only the
|
|
31213
|
+
* routing + readiness differ per {@link resolveAgentCoreServePlan}):
|
|
31214
|
+
* - HTTP / AGUI (8080): `POST /invocations` + `GET /ping`, plus the
|
|
31215
|
+
* bidirectional `/ws` endpoint behind a host bridge. The `/ws` upgrade
|
|
31216
|
+
* requires the session-id (and, under a `customJwtAuthorizer`,
|
|
31217
|
+
* `Authorization`) header a browser `WebSocket` cannot set, so the bridge
|
|
31218
|
+
* accepts a header-less client and injects those headers on the container
|
|
31219
|
+
* leg.
|
|
31220
|
+
* - MCP (8000): `POST /mcp`. A2A (9000): `POST /`. No `/ws` — pure
|
|
31221
|
+
* request/response pass-through (the client drives the handshake).
|
|
31146
31222
|
*
|
|
31147
31223
|
* The container is booted once via the SAME image / env / auth resolution as
|
|
31148
31224
|
* `cdkl invoke-agentcore`; the process then blocks until SIGINT / SIGTERM,
|
|
31149
|
-
* tearing down the
|
|
31225
|
+
* tearing down the serve and the container.
|
|
31150
31226
|
*/
|
|
31151
31227
|
async function localStartAgentCoreCommand(target, options, extraStateProviders) {
|
|
31152
31228
|
const logger = getLogger();
|
|
@@ -31218,7 +31294,7 @@ async function localStartAgentCoreCommand(target, options, extraStateProviders)
|
|
|
31218
31294
|
};
|
|
31219
31295
|
const resolved = resolveAgentCoreTarget(resolvedTarget, stacks, imageContext);
|
|
31220
31296
|
logger.info(`Target: ${resolved.stack.stackName}/${resolved.logicalId} (${resolved.protocol})`);
|
|
31221
|
-
|
|
31297
|
+
const plan = resolveAgentCoreServePlan(resolved.protocol);
|
|
31222
31298
|
const authorization = await resolveInboundAuthorization(resolved, options);
|
|
31223
31299
|
await resolveFromS3BucketIntrinsic(resolved, stateProvider, loadedState, imageContext);
|
|
31224
31300
|
const image = await resolveAgentCoreImage(resolved, options, loadedState, stateProvider);
|
|
@@ -31226,7 +31302,7 @@ async function localStartAgentCoreCommand(target, options, extraStateProviders)
|
|
|
31226
31302
|
const containerHostPort = await pickFreePort();
|
|
31227
31303
|
const containerHost = options.containerHost;
|
|
31228
31304
|
const containerName = `${getEmbedConfig().resourceNamePrefix}-agentcore-${process.pid}-${Math.random().toString(36).slice(2, 8)}`;
|
|
31229
|
-
logger.info(`Starting agent container (image=${image}, port=${containerHostPort} ->
|
|
31305
|
+
logger.info(`Starting agent container (image=${image}, port=${containerHostPort} -> ${plan.containerPortLabel})...`);
|
|
31230
31306
|
containerId = await runDetached({
|
|
31231
31307
|
image,
|
|
31232
31308
|
mounts: [],
|
|
@@ -31236,6 +31312,7 @@ async function localStartAgentCoreCommand(target, options, extraStateProviders)
|
|
|
31236
31312
|
host: containerHost,
|
|
31237
31313
|
platform: options.platform,
|
|
31238
31314
|
name: containerName,
|
|
31315
|
+
...plan.containerPort !== void 0 && { containerPort: plan.containerPort },
|
|
31239
31316
|
...sensitiveEnvKeys.size > 0 && { sensitiveEnvKeys }
|
|
31240
31317
|
});
|
|
31241
31318
|
stopLogs = streamLogs(containerId);
|
|
@@ -31249,12 +31326,15 @@ async function localStartAgentCoreCommand(target, options, extraStateProviders)
|
|
|
31249
31326
|
process.on("SIGINT", () => void shutdown("SIGINT", 130));
|
|
31250
31327
|
process.on("SIGTERM", () => void shutdown("SIGTERM", 0));
|
|
31251
31328
|
try {
|
|
31252
|
-
await waitForAgentCorePing(containerHost, containerHostPort, options.timeout);
|
|
31329
|
+
if (plan.readyPath === void 0) await waitForAgentCorePing(containerHost, containerHostPort, options.timeout);
|
|
31330
|
+
else await waitForAgentCoreHttpReady(containerHost, containerHostPort, plan.readyPath, options.timeout);
|
|
31253
31331
|
server = await startAgentCoreHttpServer({
|
|
31254
31332
|
containerHost,
|
|
31255
31333
|
containerPort: containerHostPort,
|
|
31256
31334
|
host: options.host,
|
|
31257
31335
|
port: options.port,
|
|
31336
|
+
routes: plan.routes,
|
|
31337
|
+
attachWs: plan.attachWs,
|
|
31258
31338
|
...authorization && { authorization },
|
|
31259
31339
|
...options.sessionId && { sessionId: options.sessionId }
|
|
31260
31340
|
});
|
|
@@ -31262,21 +31342,30 @@ async function localStartAgentCoreCommand(target, options, extraStateProviders)
|
|
|
31262
31342
|
await teardown();
|
|
31263
31343
|
throw err;
|
|
31264
31344
|
}
|
|
31265
|
-
|
|
31266
|
-
|
|
31345
|
+
if (server.wsUrl) {
|
|
31346
|
+
logger.info(`Server listening on ${server.wsUrl} (${resolved.logicalId} (AgentCore WebSocket))`);
|
|
31347
|
+
logger.info(`HTTP contract served on ${server.httpUrl} — POST ${server.httpUrl}/invocations, GET ${server.httpUrl}/ping`);
|
|
31348
|
+
} else {
|
|
31349
|
+
const contractPath = plan.routes[0]?.path ?? "/";
|
|
31350
|
+
const contractUrl = `${server.httpUrl}${contractPath}`;
|
|
31351
|
+
logger.info(`Server listening on ${server.httpUrl} (${resolved.logicalId})`);
|
|
31352
|
+
logger.info(`${resolved.protocol} contract served on ${contractUrl} — POST ${contractUrl}`);
|
|
31353
|
+
}
|
|
31267
31354
|
logger.info("Press ^C to shut down.");
|
|
31268
31355
|
await new Promise(() => void 0);
|
|
31269
31356
|
}
|
|
31270
31357
|
/**
|
|
31271
|
-
* `cdkl start-agentcore <target>` — long-running serve for a Bedrock
|
|
31272
|
-
* Runtime
|
|
31273
|
-
*
|
|
31274
|
-
*
|
|
31358
|
+
* `cdkl start-agentcore <target>` — long-running warm serve for a Bedrock
|
|
31359
|
+
* AgentCore Runtime. Boots the container once and serves its native contract on
|
|
31360
|
+
* one host port: HTTP / AGUI get `POST /invocations` + `GET /ping` plus the
|
|
31361
|
+
* `/ws` bridge (which injects the session-id / Authorization upgrade headers a
|
|
31362
|
+
* browser `WebSocket` cannot set), MCP gets `POST /mcp`, A2A gets `POST /`. The
|
|
31363
|
+
* serve counterpart of the single-shot `cdkl invoke-agentcore`; the studio
|
|
31275
31364
|
* `agentcore-ws` serve kind spawns this command.
|
|
31276
31365
|
*/
|
|
31277
31366
|
function createLocalStartAgentCoreCommand(opts = {}) {
|
|
31278
31367
|
setEmbedConfig(opts.embedConfig);
|
|
31279
|
-
const cmd = new Command("start-agentcore").description("Serve a Bedrock AgentCore Runtime's
|
|
31368
|
+
const cmd = new Command("start-agentcore").description("Serve a Bedrock AgentCore Runtime's contract locally against a warm container. Boots the AWS::BedrockAgentCore::Runtime container ONCE (same image / env / credential resolution as invoke-agentcore) and keeps it warm, so a client can hit it repeatedly. HTTP / AGUI runtimes serve POST /invocations + GET /ping plus the bidirectional /ws endpoint behind a host bridge (injects the AgentCore session-id, and Authorization under a customJwtAuthorizer, so a header-less client like a browser can connect); MCP runtimes serve POST /mcp, A2A POST /. Target accepts a CDK display path (MyStack/MyAgent) or stack-qualified logical ID; single-stack apps may omit the prefix. Omit <target> in a TTY to pick from a list. Runs until ^C.").argument("[target]", "CDK display path or stack-qualified logical ID of the AgentCore Runtime to serve (omit to pick interactively in a TTY)").action(withErrorHandling(async (target, options) => {
|
|
31280
31369
|
await localStartAgentCoreCommand(target, options, opts.extraStateProviders);
|
|
31281
31370
|
}));
|
|
31282
31371
|
addStartAgentCoreSpecificOptions(cmd);
|
|
@@ -31296,7 +31385,7 @@ function createLocalStartAgentCoreCommand(opts = {}) {
|
|
|
31296
31385
|
* `.addOption(...)` blocks. Chainable: returns `cmd`.
|
|
31297
31386
|
*/
|
|
31298
31387
|
function addStartAgentCoreSpecificOptions(cmd) {
|
|
31299
|
-
return cmd.addOption(new Option("--port <n>", "
|
|
31388
|
+
return cmd.addOption(new Option("--port <n>", "Serve bind port the client connects to (HTTP contract + /ws on the same port). Default 0 (OS-assigned).").default(0).argParser(parsePort)).addOption(new Option("--host <ip>", "Serve bind host. Default 127.0.0.1.").default("127.0.0.1")).addOption(new Option("--session-id <id>", "Pin one AgentCore runtime session id header value for every forwarded request / /ws connection (default: a fresh random UUID each, so each is its own session).")).addOption(new Option("--bearer-token <jwt>", "Bearer JWT to present when the runtime declares a customJwtAuthorizer. Verified against the runtime's OIDC discovery URL before the container starts, then injected as Authorization: Bearer <jwt> on every forwarded request and the container /ws upgrade.")).addOption(new Option("--no-verify-auth", "Skip inbound JWT verification even when the runtime declares a customJwtAuthorizer (local-dev escape hatch). A --bearer-token, if given, is still forwarded.")).addOption(new Option("--env-vars <file>", "JSON env-var overrides (SAM-compatible: {\"LogicalId\":{\"KEY\":\"VALUE\"}, \"Parameters\": {...}})")).addOption(new Option("--platform <platform>", "docker --platform for the agent container (linux/amd64 or linux/arm64). Defaults to linux/arm64 because the cloud AgentCore Runtime requires arm64.").choices(["linux/amd64", "linux/arm64"]).default("linux/arm64")).addOption(new Option("--no-pull", "Skip docker pull (use cached image) — no-op for the local-build path")).addOption(new Option("--no-build", "Skip docker build on the local-asset path (use the previously-built tag). No-op for the ECR / registry pull paths.")).addOption(new Option("--container-host <host>", "Host IP used to bind the agent container port. Must be a numeric IP. Defaults to 127.0.0.1.").default("127.0.0.1")).addOption(new Option("--timeout <ms>", "Maximum time in milliseconds to wait for the container to become ready (the GET /ping readiness deadline). Default 120000.").default(12e4).argParser(parseTimeoutMs)).addOption(new Option("--assume-role [arn]", "Assume the runtime's execution role and forward STS-issued temp credentials to the container. (1) `--assume-role <arn>` assumes the explicit ARN; (2) `--assume-role` (bare) uses the runtime's literal RoleArn; (3) `--no-assume-role` opts out. Off by default.")).addOption(new Option("--ecr-role-arn <arn>", "Role ARN to assume before authenticating against ECR for cross-account / centralized registries.")).addOption(new Option("--from-cfn-stack [cfn-stack-name]", "Read a deployed CloudFormation stack and substitute Ref / Fn::ImportValue in env vars / image URIs with the deployed physical IDs / exports. Bare form uses the resolved stack name.")).addOption(new Option("--stack-region <region>", "Region of the state record to read. Used with --from-cfn-stack as the CFn client region."));
|
|
31300
31389
|
}
|
|
31301
31390
|
|
|
31302
31391
|
//#endregion
|
|
@@ -32314,8 +32403,8 @@ const STUDIO_CSS = `
|
|
|
32314
32403
|
font: 12px ui-monospace, Menlo, monospace; }
|
|
32315
32404
|
`;
|
|
32316
32405
|
const STUDIO_SCRIPT = `
|
|
32317
|
-
const KIND_LABEL = { lambda: 'Lambda', api: 'API', alb: 'ALB', ecs: 'ECS Service', 'ecs-task': 'ECS Task', cloudfront: 'CloudFront', agentcore: 'AgentCore', 'agentcore-ws': 'AgentCore
|
|
32318
|
-
const SERVE_KINDS = ['api', 'alb', 'ecs', 'ecs-task', 'cloudfront', 'agentcore-ws']; // long-running serve targets (ecs-task = run-task; agentcore-ws = start-agentcore
|
|
32406
|
+
const KIND_LABEL = { lambda: 'Lambda', api: 'API', alb: 'ALB', ecs: 'ECS Service', 'ecs-task': 'ECS Task', cloudfront: 'CloudFront', agentcore: 'AgentCore', 'agentcore-ws': 'AgentCore serve' };
|
|
32407
|
+
const SERVE_KINDS = ['api', 'alb', 'ecs', 'ecs-task', 'cloudfront', 'agentcore-ws']; // long-running serve targets (ecs-task = run-task; agentcore-ws = start-agentcore warm serve)
|
|
32319
32408
|
const INVOKE_KINDS = ['lambda', 'agentcore']; // single-shot invoke targets (event composer)
|
|
32320
32409
|
const rowsById = new Map(); // invocationId -> timeline row element
|
|
32321
32410
|
const invById = new Map(); // invocationId -> latest invocation event
|
|
@@ -32856,6 +32945,8 @@ const STUDIO_SCRIPT = `
|
|
|
32856
32945
|
kind: group.kind,
|
|
32857
32946
|
pinned: entry.pinned === true,
|
|
32858
32947
|
backingPinnedServices: entry.backingPinnedServices || [],
|
|
32948
|
+
agentCoreHasWs: entry.agentCoreHasWs === true,
|
|
32949
|
+
agentCoreContractPath: entry.agentCoreContractPath || null,
|
|
32859
32950
|
});
|
|
32860
32951
|
updateServeRow(entry.id);
|
|
32861
32952
|
}
|
|
@@ -33293,13 +33384,25 @@ const STUDIO_SCRIPT = `
|
|
|
33293
33384
|
: null;
|
|
33294
33385
|
if (httpBase) {
|
|
33295
33386
|
const captured = (st.endpoints || []).indexOf(httpBase) >= 0;
|
|
33296
|
-
|
|
33387
|
+
// An agentcore serve's contract is POST-only on a fixed path
|
|
33388
|
+
// (/invocations | /mcp | /), so seed the composer with that method + path
|
|
33389
|
+
// instead of the generic GET / (issue #454). Other serves default to GET /.
|
|
33390
|
+
const composerDefaults =
|
|
33391
|
+
meta && meta.kind === 'agentcore-ws'
|
|
33392
|
+
? { method: 'POST', path: meta.agentCoreContractPath || '/invocations' }
|
|
33393
|
+
: null;
|
|
33394
|
+
ws.appendChild(renderRequestComposer(id, httpBase, captured, composerDefaults));
|
|
33297
33395
|
}
|
|
33298
33396
|
|
|
33299
|
-
// A served WebSocket API
|
|
33300
|
-
//
|
|
33397
|
+
// A served WebSocket endpoint (an API Gateway WebSocket API, or an HTTP /
|
|
33398
|
+
// AGUI AgentCore runtime's /ws bridge) gets a WebSocket console so the
|
|
33399
|
+
// browser can connect + exchange frames (issue #303). For an agentcore
|
|
33400
|
+
// serve the console is gated on agentCoreHasWs (HTTP / AGUI expose /ws;
|
|
33401
|
+
// MCP / A2A do not — issue #454); the ws:// endpoint the serve advertises
|
|
33402
|
+
// already encodes that, so this guard is belt-and-suspenders with the spec.
|
|
33301
33403
|
const wsEndpoint = running ? (st.endpoints || []).find((u) => /^wss?:/.test(u)) : null;
|
|
33302
|
-
|
|
33404
|
+
const wsServable = !meta || meta.kind !== 'agentcore-ws' || meta.agentCoreHasWs === true;
|
|
33405
|
+
if (wsEndpoint && wsServable) {
|
|
33303
33406
|
ws.appendChild(renderWsConsole(wsEndpoint));
|
|
33304
33407
|
}
|
|
33305
33408
|
|
|
@@ -33514,7 +33617,7 @@ const STUDIO_SCRIPT = `
|
|
|
33514
33617
|
return sec;
|
|
33515
33618
|
}
|
|
33516
33619
|
|
|
33517
|
-
function renderRequestComposer(id, baseUrl, captured) {
|
|
33620
|
+
function renderRequestComposer(id, baseUrl, captured, defaults) {
|
|
33518
33621
|
const sec = el('div', 'section req-composer');
|
|
33519
33622
|
sec.appendChild(el('h3', null, 'Request'));
|
|
33520
33623
|
const row = el('div', 'req-row');
|
|
@@ -33524,9 +33627,12 @@ const STUDIO_SCRIPT = `
|
|
|
33524
33627
|
o.value = m;
|
|
33525
33628
|
method.appendChild(o);
|
|
33526
33629
|
});
|
|
33630
|
+
// Per-kind defaults (issue #454): an agentcore serve seeds POST + the
|
|
33631
|
+
// protocol contract path; otherwise GET / (the generic default).
|
|
33632
|
+
if (defaults && defaults.method) method.value = defaults.method;
|
|
33527
33633
|
row.appendChild(method);
|
|
33528
33634
|
const path = el('input', 'req-path');
|
|
33529
|
-
path.value = '/';
|
|
33635
|
+
path.value = defaults && defaults.path ? defaults.path : '/';
|
|
33530
33636
|
path.placeholder = '/path?query';
|
|
33531
33637
|
row.appendChild(path);
|
|
33532
33638
|
sec.appendChild(row);
|
|
@@ -34508,8 +34614,13 @@ function toStudioTargetGroups(listing) {
|
|
|
34508
34614
|
},
|
|
34509
34615
|
{
|
|
34510
34616
|
kind: "agentcore-ws",
|
|
34511
|
-
title: "AgentCore
|
|
34512
|
-
entries: map(listing.agentCoreRuntimes.
|
|
34617
|
+
title: "AgentCore (serve)",
|
|
34618
|
+
entries: map(listing.agentCoreRuntimes).map((t, i) => {
|
|
34619
|
+
const src = listing.agentCoreRuntimes[i];
|
|
34620
|
+
if (src?.agentCoreHasWs !== void 0) t.agentCoreHasWs = src.agentCoreHasWs;
|
|
34621
|
+
if (src?.agentCoreContractPath !== void 0) t.agentCoreContractPath = src.agentCoreContractPath;
|
|
34622
|
+
return t;
|
|
34623
|
+
})
|
|
34513
34624
|
},
|
|
34514
34625
|
{
|
|
34515
34626
|
kind: "alb",
|
|
@@ -35638,8 +35749,9 @@ const SERVE_SPECS = {
|
|
|
35638
35749
|
"--host",
|
|
35639
35750
|
"127.0.0.1"
|
|
35640
35751
|
],
|
|
35641
|
-
readyRe: /Server listening on (
|
|
35642
|
-
capturesHttp:
|
|
35752
|
+
readyRe: /Server listening on (\S+)/,
|
|
35753
|
+
capturesHttp: true,
|
|
35754
|
+
extraEndpointRe: /HTTP contract served on (https?:\/\/\S+)/
|
|
35643
35755
|
}
|
|
35644
35756
|
};
|
|
35645
35757
|
/**
|
|
@@ -35851,6 +35963,10 @@ function createStudioServeManager(config) {
|
|
|
35851
35963
|
streamLines(child.stdout, (line) => {
|
|
35852
35964
|
const m = spec.readyRe.exec(line);
|
|
35853
35965
|
if (m) onReady(m[1]);
|
|
35966
|
+
if (spec.extraEndpointRe) {
|
|
35967
|
+
const me = spec.extraEndpointRe.exec(line);
|
|
35968
|
+
if (me) onReady(me[1]);
|
|
35969
|
+
}
|
|
35854
35970
|
if (req.kind === "ecs" && entry.hostUrl === void 0) {
|
|
35855
35971
|
const endpoint = parsePublishedHostEndpoint(line);
|
|
35856
35972
|
if (endpoint) {
|
|
@@ -36848,5 +36964,5 @@ function addStudioSpecificOptions(cmd) {
|
|
|
36848
36964
|
}
|
|
36849
36965
|
|
|
36850
36966
|
//#endregion
|
|
36851
|
-
export { edgeHeadersToHttp as $,
|
|
36852
|
-
//# sourceMappingURL=local-studio-
|
|
36967
|
+
export { edgeHeadersToHttp as $, verifyJwtAuthorizer as $n, resolveSingleTarget as $r, SOFT_RELOAD_COMPLETION_LOG_SUFFIX as $t, startAgentCoreWsBridge as A, addStartApiSpecificOptions as An, buildDisconnectEvent as Ar, addCommonEcsServiceOptions as At, resolveDeployedKvsArnByName as B, availableApiIdentifiers as Bn, substituteEnvVarsFromState as Br, ImageOverrideError as Bt, addListSpecificOptions as C, LocalInvokeBuildError as Ci, buildAgentCoreCodeImage as Cn, probeHostGatewaySupport as Cr, resolveAlbFrontDoor as Ct, createLocalStartAgentCoreCommand as D, classifySourceChange as Dn, handleConnectionsRequest as Dr, addRunTaskSpecificOptions as Dt, addStartAgentCoreSpecificOptions as E, toCmdArgv as En, buildMgmtEndpointEnvUrl as Er, serviceStrategy as Et, parseOriginOverrides as F, createFileWatcher as Fn, resolveRuntimeFileExtension as Fr, parseMaxTasks as Ft, startCloudFrontServer as G, startApiServer as Gn, rejectExplicitCfnStackWithMultipleStacks as Gr, resolveImageOverrides as Gt, classifyS3Error as H, filterRoutesByApiIdentifiers as Hn, LocalStateSourceError as Hr, enforceImageOverrideOrphans as Ht, resolveCloudFrontTarget as I, attachStageContext as In, resolveRuntimeImage as Ir, parseRestartPolicy as It, serveLambdaUrlOrigin as J, defaultCredentialsLoader as Jn, resolveCfnStackName as Jr, isLocalCdkAssetImage as Jt, resolveErrorResponseCandidates as K, resolveSelectionExpression as Kn, resolveCfnFallbackRegion as Kr, runImageOverrideBuilds as Kt, idFromArn as L, buildStageMap as Ln, EcsTaskResolutionError as Lr, resolveEcsAssumeRoleOption as Lt, addStartCloudFrontSpecificOptions as M, createWatchPredicates as Mn, architectureToPlatform as Mr, addImageOverrideOptions as Mt, createLocalStartCloudFrontCommand as N, resolveApiTargetSubset as Nn, buildContainerImage as Nr, buildEcsImageResolutionContext$1 as Nt, startAgentCoreHttpServer as O, addInvokeSpecificOptions as On, parseConnectionsPath as Or, createLocalRunTaskCommand as Ot, parseKvsFileOverrides as P, createAuthorizerCache as Pn, resolveRuntimeCodeMountPath as Pr, ecsClusterOption as Pt, buildEdgeResponseEvent as Q, verifyCognitoJwt as Qn, resolveWatchConfig as Qr, DEFAULT_SHADOW_READY_TIMEOUT_MS as Qt, resolveKvsModulesForDistribution as R, materializeLayerFromArn as Rn, substituteAgainstState as Rr, resolveSharedSidecarCredentials as Rt, StudioEventBus as S, tryResolveImageFnJoin as Si, SUPPORTED_CODE_RUNTIMES as Sn, HOST_GATEWAY_MIN_VERSION as Sr, isApplicationLoadBalancer as St, formatTargetListing as T, resolveProfileCredentials as Ti, renderCodeDockerfile as Tn, ConnectionRegistry as Tr, createLocalStartServiceCommand as Tt, createS3OriginReader as U, groupRoutesByServer as Un, createLocalStateProvider as Ur, mergeForService as Ut, resolveDeployedOriginBucket as V, filterRoutesByApiIdentifier as Vn, substituteEnvVarsFromStateAsync as Vr, buildImageOverrideTag as Vt, matchBehavior as W, readMtlsMaterialsFromDisk as Wn, isCfnFlagPresent as Wr, parseImageOverrideFlags as Wt, applyEdgeResponseResult as X, buildJwksUrlFromIssuer as Xn, collectSsmParameterRefs as Xr, buildCloudMapIndex as Xt, applyEdgeRequestResult as Y, buildCognitoJwksUrl as Yn, CfnLocalStateProvider as Yr, listPinnedTargets as Yt, buildEdgeRequestEvent as Z, createJwksCache as Zn, resolveSsmParameters as Zr, CloudMapRegistry as Zt, filterStudioTargetGroups as _, pickAgentCoreCandidateStack as _i, AGENTCORE_SESSION_ID_HEADER as _n, evaluateResponseParameters as _r, addAlbSpecificOptions as _t, createLocalStudioCommand as a, filterWebSocketApisByIdentifiers as ai, bridgeAgentCoreWs as an, invokeTokenAuthorizer as ar, pickFunctionUrlLogicalIdFromOrigin as at, renderStudioHtml as b, formatStateRemedy as bi, waitForAgentCorePing as bn, tryParseStatus as br, parseLbPortOverrides as bt, startStudioProxy as c, discoverRoutes as ci, A2A_PATH as cn, buildCorsConfigByApiId as cr, pickTargetFunctionLogicalId as ct, createStudioDispatcher as d, AGENTCORE_A2A_PROTOCOL as di, MCP_PATH as dn, matchPreflight as dr, runViewerRequest as dt, countTargets as ei, setShadowReadyTimeoutMs as en, verifyJwtViaDiscovery as er, httpHeadersToEdge as et, filterStudioCustomResources as f, AGENTCORE_AGUI_PROTOCOL as fi, MCP_PROTOCOL_VERSION as fn, matchRoute as fr, runViewerResponse as ft, annotatePinnedEcsTargets as g, AgentCoreResolutionError as gi, signAgentCoreInvocation as gn, buildRestV1Event as gr, createUnboundCloudFrontModule as gt, annotateEcsTaskPinnedTargets as h, AGENTCORE_RUNTIME_TYPE as hi, AGENTCORE_SIGV4_SERVICE as hn, buildHttpApiV2Event as hr, createLocalFileKvsDataSource as ht, coerceStopRequest as i, discoverWebSocketApisOrThrow as ii, createLocalInvokeAgentCoreCommand as in, invokeRequestAuthorizer as ir, isCloudFrontDistribution as it, LocalStartCloudFrontError as j, createLocalStartApiCommand as jn, buildMessageEvent as jr, addEcsAssumeRoleOptions as jt, attachAgentCoreWsBridge as k, createLocalInvokeCommand as kn, buildConnectEvent as kr, MAX_TASKS_SUBNET_RANGE_CAP as kt, relayServeRequest as l, pickRefLogicalId as li, a2aInvokeOnce as ln, buildCorsConfigFromCloudFrontChain as lr, resolveCloudFrontDistribution as lt, annotateAlbPinnedBackingServices as m, AGENTCORE_MCP_PROTOCOL as mi, parseSseForJsonRpc as mn, applyAuthorizerOverlay as mr, createCloudFrontModule as mt, coerceRunRequest as n, availableWebSocketApiIdentifiers as ni, attachContainerLogStreamer as nn, computeRequestIdentityHash as nr, describeS3OriginDomain as nt, resolveServeBaseUrl as o, parseSelectionExpressionPath as oi, invokeAgentCoreWs as on, attachAuthorizers as or, pickKvsLogicalIdFromArn as ot, isCustomResourceLambdaTarget as p, AGENTCORE_HTTP_PROTOCOL as pi, mcpInvokeOnce as pn, translateLambdaResponse as pr, stripCloudFrontImport as pt, serveFromStaticOrigin as q, resolveServiceIntegrationParameters as qn, resolveCfnRegion as qr, describePinnedImageUri as qt, coerceServeRequest as r, discoverWebSocketApis as ri, addInvokeAgentCoreSpecificOptions as rn, evaluateCachedLambdaPolicy as rr, extractKvsAssociations as rt, createStudioServeManager as s, webSocketApiMatchesIdentifier as si, A2A_CONTAINER_PORT as sn, applyCorsResponseHeaders as sr, pickLambdaEdgeFunctionLogicalId as st, addStudioSpecificOptions as t, listTargets as ti, getContainerNetworkIp as tn, buildMethodArn as tr, CLOUDFRONT_DISTRIBUTION_TYPE as tt, reinvoke as u, resolveLambdaArnIntrinsic as ui, MCP_CONTAINER_PORT as un, isFunctionUrlOacFronted as ur, compileCloudFrontFunction as ut, startStudioServer as v, resolveAgentCoreTarget as vi, invokeAgentCore as vn, pickResponseTemplate as vr, albStrategy as vt, createLocalListCommand as w, buildStsClientConfig as wi, computeCodeImageTag as wn, bufferToBody as wr, addStartServiceSpecificOptions as wt, createStudioStore as x, substituteImagePlaceholders as xi, downloadAndExtractS3Bundle as xn, VtlEvaluationError as xr, resolveAlbTarget as xt, toStudioTargetGroups as y, derivePseudoParametersFromRegion as yi, waitForAgentCoreHttpReady as yn, selectIntegrationResponse as yr, createLocalStartAlbCommand as yt, createDeployedKvsDataSource as z, resolveEnvVars$1 as zn, substituteAgainstStateAsync as zr, runEcsServiceEmulator as zt };
|
|
36968
|
+
//# sourceMappingURL=local-studio-DxzjQZJu.js.map
|