npm - create-ekka-desktop-app - Versions diffs - 0.3.13 → 0.4.0 - Mend

create-ekka-desktop-app 0.3.13 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/package.json +1 -1
package/template/src-tauri/Cargo.toml +19 -1
package/template/src-tauri/resources/ekka-engine-bootstrap +0 -0
package/template/src-tauri/src/commands.rs +150 -35
package/template/src-tauri/src/config.rs +33 -0
package/template/src-tauri/src/engine_process.rs +123 -125
package/template/src-tauri/src/main.rs +270 -369
package/template/src-tauri/src/node_runner.rs +283 -140
package/template/src-tauri/src/state.rs +0 -15
package/template/src-tauri/src/well_known.rs +6 -1

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "create-ekka-desktop-app",
-  "version": "0.3.13",
+  "version": "0.4.0",
   "description": "Create an EKKA desktop app with built-in demo backend. No setup required.",
   "type": "module",
   "bin": {

package/template/src-tauri/Cargo.toml CHANGED Viewed

@@ -18,8 +18,26 @@ tauri-plugin-dialog = "2"
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
 chrono = { version = "0.4", features = ["serde"] }
+ekka-sdk-core = { path = "../../ekka-execution-node-sdk-rust/crates/framework/ekka-sdk-core" }
+ekka-runner-core = { path = "../../ekka-execution-node-sdk-rust/crates/framework/ekka-runner-core" }
+ekka-runner-local = { path = "../../ekka-execution-node-sdk-rust/crates/apps/ekka-runner-local" }
+reqwest = { version = "0.11", features = ["blocking", "json"] }
 uuid = { version = "1.0", features = ["v4"] }
-dirs = "5"
+tokio = { version = "1", features = ["sync"] }
+tracing = "0.1"
+tracing-subscriber = { version = "0.3", features = ["env-filter"] }
+ed25519-dalek = { version = "2.1", features = ["rand_core"] }
+rand = "0.8"
+base64 = "0.22"
+zeroize = { version = "1.7", features = ["derive"] }
+dotenvy = "0.15"
+hex = "0.4"
+anyhow = "1.0"
+regex = "1"
+lazy_static = "1.4"
+[dev-dependencies]
+tempfile = "3"
 [features]
 default = ["custom-protocol"]

package/template/src-tauri/resources/ekka-engine-bootstrap CHANGED Viewed

Binary file

package/template/src-tauri/src/commands.rs CHANGED Viewed

@@ -4,7 +4,6 @@
 use crate::bootstrap::initialize_home;
 use crate::config;
-use crate::engine_process;
 use crate::grants::require_home_granted;
 use crate::handlers;
 use crate::node_auth;
@@ -64,39 +63,133 @@ pub fn engine_disconnect(state: State<EngineState>) {
     }
 }
-/// Main RPC dispatcher - routes all operations to handlers
+/// Main RPC dispatcher - routes all operations to local handlers
 ///
 /// ═══════════════════════════════════════════════════════════════════════════════════════════
-/// DRIFT GUARD - ARCHITECTURE FREEZE
+/// EXECUTION MODES
 /// ═══════════════════════════════════════════════════════════════════════════════════════════
-/// DO NOT extend this without revisiting the Desktop–Engine architecture decision.
+/// Cloud Mode (config::REMOTE_ONLY = true):
+/// - Studio features return placeholder or explicit error
+/// - API calls go directly to api.ekka.ai
 ///
-/// The routing switch below (engine vs stub) is FROZEN as of Phase 3G.
-/// Engine routing is one-way: once disabled for a session, it stays disabled.
-/// The stub path handles all operations locally via SDK handlers.
-///
-/// Any changes to routing logic require explicit architecture review.
+/// Studio Mode (config::REMOTE_ONLY = false):
+/// - Full local + cloud execution
+/// - All commands go directly to local handlers + cloud API
+/// - The spawned engine is a runner runtime (for task execution), NOT a request router
 /// ═══════════════════════════════════════════════════════════════════════════════════════════
 #[tauri::command]
 pub fn engine_request(req: EngineRequest, state: State<EngineState>) -> EngineResponse {
-    // LOCAL-ONLY OPERATIONS: Never route to engine
-    // These are desktop-specific operations that must be handled locally
-    let local_only = matches!(
-        req.op.as_str(),
-        "setup.status" | "nodeCredentials.set" | "nodeCredentials.status" | "nodeCredentials.clear"
-    );
+    // Cloud Mode: Handle Studio-only operations specially
+    if config::REMOTE_ONLY {
+        // CATEGORY 1: Operations that return placeholders (UI calls these but doesn't need real data in Cloud Mode)
+        match req.op.as_str() {
+            // Home status - return Cloud Mode placeholder (UI expects state field)
+            "home.status" => {
+                tracing::info!(op = "mode.cloud.placeholder", operation = "home.status", "Returning Cloud Mode placeholder");
+                return EngineResponse::ok(serde_json::json!({
+                    "state": "HOME_GRANTED",  // Pretend home is granted so UI proceeds
+                    "mode": "cloud",
+                    "home_path": null,
+                    "marker_exists": false
+                }));
+            }
+            // Node session bootstrap - no-op success (runner not needed in Cloud Mode)
+            "nodeSession.bootstrap" => {
+                tracing::info!(op = "mode.cloud.placeholder", operation = "nodeSession.bootstrap", "Returning Cloud Mode no-op");
+                return EngineResponse::ok(serde_json::json!({
+                    "ok": true,
+                    "mode": "cloud",
+                    "runner_started": false
+                }));
+            }
+            // Node session status - return Cloud Mode placeholder
+            "nodeSession.status" => {
+                tracing::info!(op = "mode.cloud.placeholder", operation = "nodeSession.status", "Returning Cloud Mode placeholder");
+                return EngineResponse::ok(serde_json::json!({
+                    "hasIdentity": false,
+                    "hasSession": false,
+                    "sessionValid": false,
+                    "mode": "cloud"
+                }));
+            }
+            // Node session ensure identity - return Cloud Mode placeholder
+            "nodeSession.ensureIdentity" => {
+                tracing::info!(op = "mode.cloud.placeholder", operation = "nodeSession.ensureIdentity", "Returning Cloud Mode placeholder");
+                return EngineResponse::ok(serde_json::json!({
+                    "ok": true,
+                    "mode": "cloud",
+                    "node_id": null
+                }));
+            }
+            // Node credentials status - return not configured (no keychain in Cloud Mode)
+            "nodeCredentials.status" => {
+                tracing::info!(op = "mode.cloud.placeholder", operation = "nodeCredentials.status", "Returning Cloud Mode placeholder");
+                return EngineResponse::ok(serde_json::json!({
+                    "hasCredentials": false,
+                    "nodeId": null,
+                    "isAuthenticated": false,
+                    "mode": "cloud"
+                }));
+            }
+            // Runner status - return stopped (no local runner in Cloud Mode)
+            "runner.status" => {
+                tracing::info!(op = "mode.cloud.placeholder", operation = "runner.status", "Returning Cloud Mode placeholder");
+                return EngineResponse::ok(serde_json::json!({
+                    "enabled": false,
+                    "state": "stopped",
+                    "mode": "cloud"
+                }));
+            }
+            _ => {}
+        }
+        // CATEGORY 2: Studio features unavailable in Cloud Mode
+        let is_studio_only = matches!(
+            req.op.as_str(),
+            // Node credentials mutations
+            "nodeCredentials.set" | "nodeCredentials.clear" |
+            // Home grant (requires local folder)
+            "home.grant" |
+            // Paths operations (local grants)
+            "paths.check" | "paths.list" | "paths.get" | "paths.request" | "paths.remove" |
+            // Vault operations (local encrypted storage)
+            "vault.status" | "vault.capabilities" |
+            "vault.secrets.list" | "vault.secrets.get" | "vault.secrets.create" |
+            "vault.secrets.update" | "vault.secrets.delete" | "vault.secrets.upsert" |
+            "vault.bundles.list" | "vault.bundles.get" | "vault.bundles.create" |
+            "vault.bundles.rename" | "vault.bundles.delete" | "vault.bundles.listSecrets" |
+            "vault.bundles.addSecret" | "vault.bundles.removeSecret" |
+            "vault.files.writeText" | "vault.files.writeBytes" | "vault.files.readText" |
+            "vault.files.readBytes" | "vault.files.list" | "vault.files.exists" |
+            "vault.files.delete" | "vault.files.mkdir" | "vault.files.move" |
+            "vault.attachSecretsToConnector" | "vault.injectSecretsIntoRun" | "vault.audit.list" |
+            // Runner task stats (requires node auth)
+            "runner.taskStats" |
+            // Database/Queue/Pipeline (Studio-only)
+            "db.get" | "db.put" | "db.delete" |
+            "queue.enqueue" | "queue.claim" | "queue.ack" | "queue.nack" | "queue.heartbeat" |
+            "pipeline.submit" | "pipeline.events" |
+            // Debug utilities
+            "debug.openFolder" | "debug.resolveVaultPath"
+        );
-    // ROUTING SWITCH: If real engine is available and not local-only, route to it
-    if !local_only && state.is_engine_available() {
-        if let Some(response) = engine_process::route_to_engine(&req) {
-            return response;
+        if is_studio_only {
+            tracing::info!(
+                op = "mode.cloud.studio_feature_unavailable",
+                operation = %req.op,
+                "Studio feature unavailable in Cloud Mode"
+            );
+            return EngineResponse::err("CLOUD_MODE", config::CLOUD_MODE_FEATURE_ERROR);
         }
-        // Engine failed - permanently disable for this session
-        state.disable_engine();
-        tracing::warn!(op = "engine.disabled.session", "Engine routing disabled for session, using stub");
+        // Cloud Mode: Never route to local engine, fall through to handler dispatch
     }
-    // STUB PATH: Handle locally via SDK handlers
+    // Studio Mode: All commands go directly to local handlers + cloud API.
+    // The spawned engine is a runner runtime (for task execution), not a request router.
+    // No engine routing is performed - this eliminates 404s and fallback spam.
+    // HANDLER DISPATCH: Handle operations locally or proxy to remote API
     // Check connected (except for status operations and setup)
     if !matches!(req.op.as_str(), "runtime.info" | "home.status" | "vault.status" | "setup.status" | "nodeCredentials.set" | "nodeCredentials.status" | "nodeCredentials.clear") {
@@ -116,7 +209,19 @@ pub fn engine_request(req: EngineRequest, state: State<EngineState>) -> EngineRe
     // Dispatch based on operation
     match req.op.as_str() {
         // Setup Status (pre-login, no connection required)
-        "setup.status" => handle_setup_status(&state),
+        // In Cloud Mode, skip node identity requirement
+        "setup.status" => {
+            if config::REMOTE_ONLY {
+                tracing::info!(op = "mode.cloud.setup_status", "Setup status in Cloud Mode");
+                return EngineResponse::ok(serde_json::json!({
+                    "nodeIdentity": "cloud",
+                    "setupComplete": true,
+                    "mode": "cloud",
+                    "apiBase": config::REMOTE_API_BASE
+                }));
+            }
+            handle_setup_status(&state)
+        }
         // Auth
         "auth.set" => auth::handle_set(&req.payload, &state),
@@ -450,8 +555,8 @@ fn handle_node_credentials_clear() -> EngineResponse {
 // Runner Task Stats (Proxied HTTP)
 // =============================================================================
-/// Fetch runner task stats from engine API.
-/// Proxies GET /engine/runner-tasks/stats through Rust to avoid CORS.
+/// Fetch runner task stats from engine API (V2).
+/// Proxies GET /engine/runner-tasks-v2/stats through Rust to avoid CORS.
 /// Auto-authenticates from keychain if token is missing (single-flight, no retry on failure).
 fn handle_runner_task_stats(state: &EngineState) -> EngineResponse {
     use crate::state::NodeAuthState;
@@ -532,15 +637,15 @@ fn handle_runner_task_stats(state: &EngineState) -> EngineResponse {
     let request_id = uuid::Uuid::new_v4().to_string();
-    // Make request with security envelope headers
+    // Make request with security envelope headers (V2 endpoint)
     let response = client
-        .get(format!("{}/engine/runner-tasks/stats", engine_url))
+        .get(format!("{}/engine/runner-tasks-v2/stats", engine_url))
         .header("Content-Type", "application/json")
         .header("Authorization", format!("Bearer {}", node_token.token))
         .header("X-EKKA-PROOF-TYPE", "jwt")
         .header("X-REQUEST-ID", &request_id)
         .header("X-EKKA-CORRELATION-ID", &request_id)
-        .header("X-EKKA-MODULE", "engine.runner_tasks")
+        .header("X-EKKA-MODULE", "engine.runner_tasks_v2")
         .header("X-EKKA-ACTION", "stats")
         .header("X-EKKA-CLIENT", config::app_slug())
         .header("X-EKKA-CLIENT-VERSION", "0.2.0")
@@ -947,9 +1052,14 @@ fn build_security_headers(jwt: Option<&str>, module: &str, action: &str) -> Vec<
 /// Create a workflow run (POST /engine/workflow-runs)
 fn handle_workflow_runs_create(payload: &Value) -> EngineResponse {
-    let engine_url = option_env!("EKKA_ENGINE_URL")
-        .unwrap_or("http://localhost:3200")
-        .to_string();
+    // Cloud Mode: Use remote API base
+    let engine_url = if config::REMOTE_ONLY {
+        config::REMOTE_API_BASE.to_string()
+    } else {
+        option_env!("EKKA_ENGINE_URL")
+            .unwrap_or("http://localhost:3200")
+            .to_string()
+    };
     // Extract request body
     let request = match payload.get("request") {
@@ -1009,9 +1119,14 @@ fn handle_workflow_runs_create(payload: &Value) -> EngineResponse {
 /// Get a workflow run (GET /engine/workflow-runs/{id})
 fn handle_workflow_runs_get(payload: &Value) -> EngineResponse {
-    let engine_url = option_env!("EKKA_ENGINE_URL")
-        .unwrap_or("http://localhost:3200")
-        .to_string();
+    // Cloud Mode: Use remote API base
+    let engine_url = if config::REMOTE_ONLY {
+        config::REMOTE_API_BASE.to_string()
+    } else {
+        option_env!("EKKA_ENGINE_URL")
+            .unwrap_or("http://localhost:3200")
+            .to_string()
+    };
     // Extract workflow run ID
     let id = match payload.get("id").and_then(|v| v.as_str()) {

package/template/src-tauri/src/config.rs CHANGED Viewed

@@ -33,3 +33,36 @@ baked_config!(keychain_service, "EKKA_KEYCHAIN_SERVICE");
 // EKKA Engine URL (e.g., "https://api.ekka.ai")
 baked_config!(engine_url, "EKKA_ENGINE_URL");
+// =============================================================================
+// EXECUTION MODES
+// =============================================================================
+// Cloud Mode (REMOTE_ONLY=true):
+//   - Cloud-connected, no local execution
+//   - All API calls go directly to api.ekka.ai
+//   - Studio features (vault, paths, local runner) unavailable
+//
+// Studio Mode (REMOTE_ONLY=false):
+//   - Cloud + local execution (full power)
+//   - Local engine/runner spawning enabled
+//   - All features available
+//
+// Offline Mode (future):
+//   - Local-only, no cloud calls
+// =============================================================================
+/// Cloud Mode flag - when true, only cloud features are available
+/// Internal constant name kept for compatibility
+pub const REMOTE_ONLY: bool = false;
+/// API base URL for Cloud Mode
+pub const REMOTE_API_BASE: &str = "https://api.ekka.ai";
+/// User-visible mode name
+pub const MODE_NAME: &str = if REMOTE_ONLY { "Cloud Mode" } else { "Studio Mode" };
+/// Error message for Studio features unavailable in Cloud Mode
+pub const CLOUD_MODE_FEATURE_ERROR: &str = "This feature requires EKKA Studio. Cloud Mode is enabled — local execution is not available.";
+/// Legacy alias (internal use only)
+pub const REMOTE_ONLY_ERROR: &str = CLOUD_MODE_FEATURE_ERROR;