cicy-desktop 2.1.113 → 2.1.115

package/src/backends/homepage-react/index.html

@@ -6,7 +6,7 @@
   <link rel="icon" type="image/svg+xml" href="./favicon.svg" />
   <link rel="icon" type="image/png" sizes="256x256" href="./favicon-256.png" />
   <title>CiCy Desktop</title>
-  <script type="module" crossorigin src="./assets/index-CgqXmbpX.js"></script>
+  <script type="module" crossorigin src="./assets/index-C6Wa2I-i.js"></script>
   <link rel="stylesheet" crossorigin href="./assets/index-BcVFakIC.css">
 </head>
 <body>

package/src/backends/local-teams.js

@@ -219,12 +219,14 @@ async function list({ refresh = false } = {}) {
 // dom-ready electronRPC injection — bare `new BrowserWindow` strips
 // the SPA of every desktop tool, which was the regression in the
 // previous implementation.
-async function openTeam(id) {
+async function openTeam(id, opts = {}) {
   const node = readNodes()[id];
   if (!node) return { ok: false, error: "team not found" };
   const baseUrl = (node.base_url || "").replace(/\/$/, "");
   if (!baseUrl) return { ok: false, error: "no base_url" };
-  const token = node.api_token || "";
+  // opts.token (a LIVE-read token, e.g. the :8009 container's own) takes
+  // precedence over any stored token — the Docker team stores none.
+  const token = (opts && opts.token) || node.api_token || "";
   const url = token ? `${baseUrl}/?token=${encodeURIComponent(token)}` : baseUrl;
 
   // Compare by origin+pathname only — token + hash both vary per
@@ -512,7 +514,11 @@ async function addTeam(spec) {
   // pass it, leaving the swap URL with no `?token=` and stranding the user
   // at a login screen. Auto-fill from local global.json (top-level api_token)
   // so the common case "Just Works", even when spec.api_token is empty.
-  if (!spec.api_token) {
+  // skipTokenAutofill: the :8009 Docker team must NEVER store a token — its token
+  // is read LIVE from the container on every open (主人: teams.json 不存 8009 的
+  // token / docker 的 token 是实时拿的). Without this guard the auto-fill below
+  // back-fills the HOST 8008 token, which 8009 rejects → endless login screen.
+  if (!spec.api_token && !spec.skipTokenAutofill) {
     try {
       const host = new URL(baseUrl).hostname;
       if (host === "127.0.0.1" || host === "localhost" || host === "::1") {
@@ -550,7 +556,8 @@ async function addTeam(spec) {
   const patch = {
     name:           spec.name           !== undefined ? String(spec.name || unnamedName()) : undefined,
     base_url:       baseUrl,
-    api_token:      spec.api_token      !== undefined ? String(spec.api_token || "") : undefined,
+    // skipTokenAutofill → force-clear any stored token (Docker :8009 reads live).
+    api_token:      spec.skipTokenAutofill ? "" : (spec.api_token !== undefined ? String(spec.api_token || "") : undefined),
     install_source: spec.install_source ?? undefined,
     install_os:     spec.install_os     ?? undefined,
     install_arch:   spec.install_arch   ?? undefined,

package/src/backends/sidecar-ipc.js

@@ -32,15 +32,22 @@ const APP_PORT = Number(process.env.CICY_DOCKER_APP_PORT || 8009);
 const APP_CONTAINER = process.env.CICY_DOCKER_APP_CONTAINER || "cicy-code-docker";
 const APP_VOLUME = process.env.CICY_DOCKER_APP_VOLUME || "cicy-team";
 const APP_MOUNT = process.env.CICY_DOCKER_APP_MOUNT || "/home/cicy";
-// The Docker-版 instance reaches the LLM through the cicy gateway, authenticated
-// with the LOCAL 8008 team's api_token (主人: "key 用 local team 8008 的"). 8008
-// is started by default on Windows and its token is already minted by the time
-// the user opens the Docker card.
+// 8008 and 8009 are ONE team (主人), so :8009 reaches the LLM through the cicy
+// gateway using 8008's TEAM key — the `sk-cicy-…` apiKey already minted in 8008's
+// global.json providers (NOT the api_token, which is only the local access
+// credential). 8008 is up by the time the Docker card is used, so the key is
+// ready — we just read it and pass it to the container. Same key ⇒ same billing.
 const GATEWAY_ENDPOINT = process.env.CICY_AI_GATEWAY_LLM_ENDPOINT || "https://gateway.cicy-ai.com";
-function readLocalApiToken() {
+function readLocalGatewayKey() {
   try {
     const p = path.join(os.homedir(), "cicy-ai", "global.json");
-    return String(JSON.parse(fs.readFileSync(p, "utf8")).api_token || "");
+    const g = JSON.parse(fs.readFileSync(p, "utf8"));
+    const items = (g.providers && g.providers.items) || [];
+    const pick =
+      items.find((it) => it && it.apiKey && String(it.url || "").includes("gateway.cicy-ai.com")) ||
+      items.find((it) => it && it.key === "defaultAnthropic" && it.apiKey) ||
+      items.find((it) => it && it.apiKey);
+    return pick ? String(pick.apiKey || "") : "";
   } catch { return ""; }
 }
 
@@ -123,20 +130,42 @@ function register({ sidecarLogPath } = {}) {
   // LLM gateway env keyed by the 8008 team's token. (WSL: whole-home mount via
   // -v <volume>:/home/cicy inside wsl-docker.)
   const appOpts = () => {
-    const token = readLocalApiToken();
+    const gwKey = readLocalGatewayKey(); // 8008's team gateway key (sk-cicy-…)
     const env = { CICY_AI_GATEWAY_LLM_ENDPOINT: GATEWAY_ENDPOINT };
-    if (token) env.CICY_AI_GATEWAY_LLM_API_KEY = token;
+    if (gwKey) env.CICY_AI_GATEWAY_LLM_API_KEY = gwKey;
     return { port: APP_PORT, container: APP_CONTAINER, volume: APP_VOLUME, env };
   };
   // Register the running :8009 instance as a (custom) team so the card's "打开"
   // reuses the token-injected open/reload flow. addTeam dedups by host:port.
+  // Upsert the :8009 team with the CONTAINER's OWN live token. Critical: never
+  // fall back to the host 8008 token (addTeam auto-fills global.json on an empty
+  // api_token — that's the host credential, which 8009 rejects → login screen).
+  // Returns the team id, or {ok:false} when the container token can't be read.
+  // Register the :8009 team WITHOUT a token. 主人: teams.json 不存 8009 的 token;
+  // docker 的 token 是实时拿的. skipTokenAutofill stops addTeam from back-filling
+  // the HOST 8008 token (the bug that made 8009 verify with 8008's token → login).
   const registerAppTeam = async () => {
+    const lt = require("./local-teams");
+    const r = await lt.addTeam({ base_url: `http://127.0.0.1:${APP_PORT}`, name: "Docker cicy-code", skipTokenAutofill: true });
+    return { ok: true, id: r && r.id };
+  };
+
+  // Card「打开」→ read the container's OWN token LIVE from its volume right now,
+  // then open the tab with THAT token. Never a stored/host token (主人: 打开前去
+  // docker 里实时拿 token 再 open tab). Refuse to open if it can't be read —
+  // opening tokenless / with the host token just strands the user at login.
+  ipcMain.handle("docker:app-open", async () => {
+    if (process.platform !== "win32") return { ok: false, error: "windows_only" };
     try {
+      const tok = await wslDocker.readContainerToken(APP_PORT, APP_CONTAINER, APP_VOLUME);
+      if (!tok) return { ok: false, error: "no_token" };
+      const reg = await registerAppTeam();
+      if (!reg.id) return { ok: false, error: "register_failed" };
       const lt = require("./local-teams");
-      const tok = await wslDocker.readContainerToken(APP_PORT);
-      await lt.addTeam({ base_url: `http://127.0.0.1:${APP_PORT}`, name: "Docker cicy-code", ...(tok ? { api_token: tok } : {}) });
-    } catch { /* best-effort — the container itself is up */ }
-  };
+      const r = await lt.openTeam(reg.id, { token: tok }); // open with the LIVE token
+      return r && r.ok ? { ok: true } : { ok: false, error: (r && r.error) || "open_failed" };
+    } catch (e) { return { ok: false, error: e.message }; }
+  });
 
   // One-click bootstrap (方案 A): ensure WSL2 → Ubuntu → Docker Engine → load
   // image → start :8009 container → health. Streams phase/progress on
@@ -155,13 +184,25 @@ function register({ sidecarLogPath } = {}) {
     }
   });
 
-  // ⋯ menu → 重启 the :8009 container, wait for health.
+  // ⋯ menu → 重启 cicy-code (supervisorctl restart cicy-code; daemons stay up).
   ipcMain.handle("docker:app-restart", async () => {
-    try { const ok = await wslDocker.restart({ container: APP_CONTAINER, port: APP_PORT }); return { ok: !!ok }; }
+    try { const ok = await wslDocker.restart({ container: APP_CONTAINER, port: APP_PORT, volume: APP_VOLUME }); return { ok: !!ok }; }
     catch (e) { return { ok: false, error: e.message }; }
   });
 
-  // ⋯ menu → 停止: graceful `docker stop` (data persists in the named volume).
+  // ⋯ menu → 更新 cicy-code: pull the latest cicy-code into the container +
+  // restart it (no container recreate). Streams progress to the drawer.
+  ipcMain.handle("docker:app-update", async (e) => {
+    if (process.platform !== "win32") return { ok: false, error: "Docker cicy-code is Windows-only" };
+    try {
+      return await wslDocker.update({
+        container: APP_CONTAINER, port: APP_PORT,
+        onProgress: (ev) => { try { e.sender.send("docker:app-progress", ev); } catch {} },
+      });
+    } catch (err) { return { ok: false, error: err.message }; }
+  });
+
+  // ⋯ menu → 停止 cicy-code.
   ipcMain.handle("docker:app-stop", async () => {
     try { await wslDocker.stop({ container: APP_CONTAINER }); return { ok: true }; }
     catch (e) { return { ok: false, error: e.message }; }

package/src/sidecar/wsl-docker.js

@@ -262,17 +262,31 @@ async function runContainer({ port = 8009, container = "cicy-code-docker", volum
   return { started: true };
 }
 
-// Read the container's own api_token (its volume-persisted global.json) for the
-// team registration — the host token is a different credential.
-async function readContainerToken(port = 8009, container = "cicy-code-docker") {
-  try {
-    // Look the container up by name and read the token from inside it.
-    const { stdout } = await wslRun(`docker ps --filter "name=${container}" --format '{{.Names}}'`, { timeout: 10000 });
-    const name = stdout.trim().split("\n")[0];
-    if (!name) return "";
-    const r = await wslRun(`docker exec ${name} cat /home/cicy/cicy-ai/global.json`, { timeout: 10000 });
-    return JSON.parse(r.stdout).api_token || "";
-  } catch { return ""; }
+// Read the container's OWN api_token (its volume-persisted global.json). This is
+// the ONLY correct credential for :8009 — the host's 8008 token is different and
+// 8009 rejects it. Retries because right after start the entrypoint may not have
+// written global.json yet; returns "" only if it truly can't be read (callers
+// must then NOT open with a wrong/host token — that strands the user at login).
+async function readContainerToken(port = 8009, container = "cicy-code-docker", volume = "cicy-team") {
+  for (let attempt = 1; attempt <= 5; attempt++) {
+    // 1) Fast + reliable: read the volume-backed global.json straight from the
+    //    distro fs. `docker exec` into a just-loaded/busy container is slow and
+    //    frequently times out — and a timeout here was returning "" → callers
+    //    fell back to the stale host token. The bind volume read never does that.
+    try {
+      const { stdout } = await wslRun(`cat /var/lib/docker/volumes/${volume}/_data/cicy-ai/global.json 2>/dev/null`, { timeout: 8000 });
+      const m = String(stdout).match(/"api_token"\s*:\s*"(cicy_[A-Za-z0-9]+)"/);
+      if (m) return m[1];
+    } catch { /* not ready yet — retry */ }
+    // 2) Fallback: exec into the container.
+    try {
+      const { stdout } = await wslRun(`docker exec ${container} cat /home/cicy/cicy-ai/global.json`, { timeout: 10000 });
+      const tok = JSON.parse(stdout).api_token || "";
+      if (tok) return tok;
+    } catch { /* retry */ }
+    await new Promise((r) => setTimeout(r, 2000));
+  }
+  return "";
 }
 
 // Register a Windows logon task that starts dockerd in our distro on every
@@ -289,6 +303,27 @@ function ensureAutostart() {
   });
 }
 
+// Drop a desktop shortcut (folder icon) to the container's /home/cicy — i.e. the
+// cicy-team volume on the distro — so the user can browse :8009's files from
+// Windows Explorer. \\wsl$\<distro>\… is the UNC view of the WSL filesystem.
+// Idempotent: CreateShortcut overwrites. Best-effort (errors swallowed).
+function ensureDesktopShortcut(volume = "cicy-team") {
+  if (process.platform !== "win32") return Promise.resolve();
+  return new Promise((res) => {
+    const lnk = path.join(os.homedir(), "Desktop", "cicy-8009 文件.lnk");
+    const target = `\\\\wsl$\\${DISTRO}\\var\\lib\\docker\\volumes\\${volume}\\_data`;
+    const ps =
+      `$w=New-Object -ComObject WScript.Shell;` +
+      `$s=$w.CreateShortcut(${JSON.stringify(lnk)});` +
+      `$s.TargetPath='explorer.exe';` +
+      `$s.Arguments=${JSON.stringify(target)};` +
+      `$s.IconLocation='shell32.dll,3';` +          // 3 = standard folder icon
+      `$s.Description='cicy-code :8009 /home/cicy';` +
+      `$s.Save()`;
+    execFile("powershell", ["-NoProfile", "-Command", ps], { windowsHide: true, timeout: 15000 }, () => res());
+  });
+}
+
 // Composite status for the card.
 async function status(port = 8009) {
   const wsl = !docker.wslMissing();
@@ -373,16 +408,45 @@ async function _bootstrap({ onProgress, port = 8009, container = "cicy-code-dock
   // 7) Health — the ONLY path to ok:true.
   emit({ phase: "container", status: "running", message: "等待 cicy-code 就绪…" });
   const healthy = await docker.waitUntil(() => probeHealth(port), { totalMs: 120000, everyMs: 3000 });
-  if (healthy) await ensureAutostart(); // survive Windows reboot
+  if (healthy) { await ensureAutostart(); await ensureDesktopShortcut(volume); } // survive reboot + desktop shortcut
   emit({ phase: healthy ? "done" : "container", status: healthy ? "done" : "error", message: healthy ? "Docker cicy-code 已就绪 🎉" : `服务起来了但 :${port} 还没响应——稍等或点「重试」` });
   return { ok: healthy, container };
 }
 
 // Lifecycle (card ⋯ menu).
-async function restart({ container = "cicy-code-docker", port = 8009 } = {}) {
+// Restart ONLY cicy-code via supervisor — cron / sshd / user daemons keep
+// running (that's the whole point of the supervisor layout). Falls back to a
+// full container restart on the pre-supervisor image.
+async function restart({ container = "cicy-code-docker", port = 8009, volume = "cicy-team" } = {}) {
   await startEngine();
-  await wslRun(`docker restart ${container}`, { timeout: 60000 });
-  return await docker.waitUntil(() => probeHealth(port), { totalMs: 60000, everyMs: 2000 });
+  try {
+    await wslRun(`docker exec ${container} supervisorctl -c /etc/supervisor/supervisord.conf restart cicy-code`, { timeout: 30000 });
+  } catch {
+    try { await wslRun(`docker restart ${container}`, { timeout: 60000 }); } catch {}
+  }
+  const ok = await docker.waitUntil(() => probeHealth(port), { totalMs: 60000, everyMs: 2000 });
+  if (ok) await ensureDesktopShortcut(volume);
+  return ok;
+}
+
+// Update cicy-code IN PLACE: the supervisor image ships cicy-code-update.sh,
+// which installs the latest version side-by-side, repoints the symlink, and
+// `supervisorctl restart cicy-code` — no container recreate, daemons untouched.
+// Streamed to the drawer so the user sees the npm pull + restart.
+async function update({ onProgress, container = "cicy-code-docker", port = 8009 } = {}) {
+  const emit = (ev) => { try { onProgress && onProgress(ev); } catch {} };
+  await startEngine();
+  emit({ phase: "image", status: "running", message: "更新 cicy-code（拉取最新版）…" });
+  try {
+    await wslRunStream(`docker exec ${container} bash -lc "command -v cicy-code-update.sh >/dev/null && cicy-code-update.sh || /usr/local/bin/cicy-code-update.sh"`,
+      { emit, phase: "image", timeout: 300000 });
+  } catch (e) {
+    emit({ phase: "done", status: "error", message: `更新失败：${e.message}（此镜像可能不支持，试试「升级」重装）` });
+    return { ok: false, reason: "update_failed" };
+  }
+  const healthy = await docker.waitUntil(() => probeHealth(port), { totalMs: 120000, everyMs: 3000 });
+  emit({ phase: "done", status: healthy ? "done" : "error", message: healthy ? "cicy-code 已更新到最新 🎉" : "更新了但 :8009 还没响应——稍等或点重试" });
+  return { ok: healthy };
 }
 async function stop({ container = "cicy-code-docker" } = {}) {
   try { await wslRun(`docker stop ${container}`, { timeout: 30000 }); } catch {}
@@ -411,6 +475,6 @@ async function upgrade({ onProgress, port = 8009, container = "cicy-code-docker"
 }
 
 module.exports = {
-  bootstrap, status, restart, stop, upgrade, runContainer, readContainerToken,
+  bootstrap, status, restart, stop, update, upgrade, runContainer, readContainerToken,
   distroInstalled, dockerInstalled, dockerEngineUp, imagePresent, probeHealth, wslRun,
 };

package/workers/render/src/App.jsx

@@ -740,7 +740,15 @@ export default function App() {
           {showLocal && (
             <DockerCard
               dockerTeam={dockerTeam}
-              onOpen={(id) => { if (id) openLocalTeam(id); else window.cicy?.tabs?.open?.("http://127.0.0.1:8009", "Docker cicy-code"); }}
+              onOpen={async () => {
+                // Always open via the live-token path: re-reads the container's
+                // own api_token and refuses to open a tokenless/host-token page
+                // (主人: 必须拿到 token 才能打开,否则被卡在登录页).
+                try {
+                  const r = await window.cicy?.docker?.appOpen?.();
+                  if (!r?.ok) window.alert("拿不到容器 token,无法打开 :8009。请确认服务已就绪(或用卡片菜单「重启」)后再试。");
+                } catch (e) { console.warn("[DockerCard] open", e); }
+              }}
               onRefresh={fetchLocalTeams}
             />
           )}
@@ -1735,6 +1743,24 @@ function DockerCard({ dockerTeam, onOpen, onRefresh }) {
     }
   }, [checkStatus, onRefresh]);
 
+  // Update cicy-code (in-place: pull latest + supervisorctl restart). Drawer so
+  // the user sees the npm pull + restart log.
+  const runUpdate = useCallback(async () => {
+    setMenuOpen(false); setBusy("update");
+    dockerDrawer.open({ onRetry: runUpdate });
+    const unsub = window.cicy?.docker?.onAppProgress?.((ev) => dockerDrawer.push(ev));
+    try {
+      const r = await window.cicy?.docker?.appUpdate?.();
+      dockerDrawer.finish({ ok: !!r?.ok, message: r?.ok ? tr("docker.updated", "cicy-code 已更新到最新") : (r?.error || tr("docker.updateFailed", "更新失败")) });
+      if (r?.ok) onRefresh?.();
+    } catch (e) {
+      dockerDrawer.finish({ ok: false, message: e.message });
+    } finally {
+      try { unsub && unsub(); } catch {}
+      setBusy(""); checkStatus();
+    }
+  }, [checkStatus, onRefresh]);
+
   // Restart / stop: quick lifecycle ops with a toast (no full drawer needed).
   const runOp = useCallback(async (op, fn, okMsg) => {
     setMenuOpen(false); setBusy(op);
@@ -1818,21 +1844,25 @@ function DockerCard({ dockerTeam, onOpen, onRefresh }) {
                 ref={menuRef}
                 style={{ position: "fixed", top: menuPos.top, left: menuPos.left, width: MENU_W }}
                 onClick={(e) => e.stopPropagation()}>
-                {running && (
-                  <button type="button" data-id="DockerCard-restart" className="bcard__menu-item"
-                    onClick={() => runOp("restart", () => window.cicy.docker.appRestart(), tr("docker.restarted", "已重启"))}>
-                    {tr("docker.restart", "重启")}
-                  </button>
-                )}
-                <button type="button" data-id="DockerCard-upgrade" className="bcard__menu-item is-accent" onClick={runUpgrade}>
-                  {tr("docker.upgrade", "升级（拉取最新镜像）")}
+                <button type="button" data-id="DockerCard-restart" className="bcard__menu-item"
+                  onClick={() => runOp("restart", () => window.cicy.docker.appRestart(), tr("docker.restarted", "已重启 cicy-code"))}>
+                  {tr("docker.restart", "重启")}
+                </button>
+                <button type="button" data-id="DockerCard-update" className="bcard__menu-item is-accent" onClick={runUpdate}>
+                  {tr("docker.update", "更新")}
+                </button>
+                <button type="button" data-id="DockerCard-reload" className="bcard__menu-item"
+                  onClick={() => { setMenuOpen(false); onOpen?.(dockerTeam?.id); }}>
+                  {tr("docker.reloadWindow", "刷新窗口")}
+                </button>
+                <button type="button" data-id="DockerCard-stop" className="bcard__menu-item is-danger"
+                  onClick={() => runOp("stop", () => window.cicy.docker.appStop(), tr("docker.stopped", "已停止 cicy-code"))}>
+                  {tr("docker.stop", "停止")}
+                </button>
+                <button type="button" data-id="DockerCard-billing" className="bcard__menu-item"
+                  onClick={() => { setMenuOpen(false); openCloudPage("?view=usage"); }}>
+                  {tr("docker.billing", "帐单")}
                 </button>
-                {running && (
-                  <button type="button" data-id="DockerCard-stop" className="bcard__menu-item is-danger"
-                    onClick={() => runOp("stop", () => window.cicy.docker.appStop(), tr("docker.stopped", "已停止"))}>
-                    {tr("docker.stop", "停止")}
-                  </button>
-                )}
               </div>,
               document.body
             )}