create-ironclaws 1.0.0

package/template/src/container-runtime.test.ts

@@ -0,0 +1,149 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+
+// Mock logger
+vi.mock('./logger.js', () => ({
+  logger: {
+    debug: vi.fn(),
+    info: vi.fn(),
+    warn: vi.fn(),
+    error: vi.fn(),
+  },
+}));
+
+// Mock child_process — store the mock fn so tests can configure it
+const mockExecSync = vi.fn();
+vi.mock('child_process', () => ({
+  execSync: (...args: unknown[]) => mockExecSync(...args),
+}));
+
+import {
+  CONTAINER_RUNTIME_BIN,
+  readonlyMountArgs,
+  stopContainer,
+  ensureContainerRuntimeRunning,
+  cleanupOrphans,
+} from './container-runtime.js';
+import { logger } from './logger.js';
+
+beforeEach(() => {
+  vi.clearAllMocks();
+});
+
+// --- Pure functions ---
+
+describe('readonlyMountArgs', () => {
+  it('returns -v flag with :ro suffix', () => {
+    const args = readonlyMountArgs('/host/path', '/container/path');
+    expect(args).toEqual(['-v', '/host/path:/container/path:ro']);
+  });
+});
+
+describe('stopContainer', () => {
+  it('returns stop command using CONTAINER_RUNTIME_BIN', () => {
+    expect(stopContainer('nanoclaw-test-123')).toBe(
+      `${CONTAINER_RUNTIME_BIN} stop -t 1 nanoclaw-test-123`,
+    );
+  });
+});
+
+// --- ensureContainerRuntimeRunning ---
+
+describe('ensureContainerRuntimeRunning', () => {
+  it('does nothing when runtime is already running', () => {
+    mockExecSync.mockReturnValueOnce('');
+
+    ensureContainerRuntimeRunning();
+
+    expect(mockExecSync).toHaveBeenCalledTimes(1);
+    expect(mockExecSync).toHaveBeenCalledWith(`${CONTAINER_RUNTIME_BIN} info`, {
+      stdio: 'pipe',
+      timeout: 10000,
+    });
+    expect(logger.debug).toHaveBeenCalledWith(
+      'Container runtime already running',
+    );
+  });
+
+  it('throws when docker info fails', () => {
+    mockExecSync.mockImplementationOnce(() => {
+      throw new Error('Cannot connect to the Docker daemon');
+    });
+
+    expect(() => ensureContainerRuntimeRunning()).toThrow(
+      'Container runtime is required but failed to start',
+    );
+    expect(logger.error).toHaveBeenCalled();
+  });
+});
+
+// --- cleanupOrphans ---
+
+describe('cleanupOrphans', () => {
+  it('stops orphaned nanoclaw containers', () => {
+    // docker ps returns container names, one per line
+    mockExecSync.mockReturnValueOnce(
+      'nanoclaw-group1-111\nnanoclaw-group2-222\n',
+    );
+    // stop calls succeed
+    mockExecSync.mockReturnValue('');
+
+    cleanupOrphans();
+
+    // ps + 2 stop calls
+    expect(mockExecSync).toHaveBeenCalledTimes(3);
+    expect(mockExecSync).toHaveBeenNthCalledWith(
+      2,
+      `${CONTAINER_RUNTIME_BIN} stop -t 1 nanoclaw-group1-111`,
+      { stdio: 'pipe' },
+    );
+    expect(mockExecSync).toHaveBeenNthCalledWith(
+      3,
+      `${CONTAINER_RUNTIME_BIN} stop -t 1 nanoclaw-group2-222`,
+      { stdio: 'pipe' },
+    );
+    expect(logger.info).toHaveBeenCalledWith(
+      { count: 2, names: ['nanoclaw-group1-111', 'nanoclaw-group2-222'] },
+      'Stopped orphaned containers',
+    );
+  });
+
+  it('does nothing when no orphans exist', () => {
+    mockExecSync.mockReturnValueOnce('');
+
+    cleanupOrphans();
+
+    expect(mockExecSync).toHaveBeenCalledTimes(1);
+    expect(logger.info).not.toHaveBeenCalled();
+  });
+
+  it('warns and continues when ps fails', () => {
+    mockExecSync.mockImplementationOnce(() => {
+      throw new Error('docker not available');
+    });
+
+    cleanupOrphans(); // should not throw
+
+    expect(logger.warn).toHaveBeenCalledWith(
+      expect.objectContaining({ err: expect.any(Error) }),
+      'Failed to clean up orphaned containers',
+    );
+  });
+
+  it('continues stopping remaining containers when one stop fails', () => {
+    mockExecSync.mockReturnValueOnce('nanoclaw-a-1\nnanoclaw-b-2\n');
+    // First stop fails
+    mockExecSync.mockImplementationOnce(() => {
+      throw new Error('already stopped');
+    });
+    // Second stop succeeds
+    mockExecSync.mockReturnValueOnce('');
+
+    cleanupOrphans(); // should not throw
+
+    expect(mockExecSync).toHaveBeenCalledTimes(3);
+    expect(logger.info).toHaveBeenCalledWith(
+      { count: 2, names: ['nanoclaw-a-1', 'nanoclaw-b-2'] },
+      'Stopped orphaned containers',
+    );
+  });
+});

package/template/src/container-runtime.ts

@@ -0,0 +1,124 @@
+/**
+ * Container runtime abstraction for NanoClaw.
+ * All runtime-specific logic lives here so swapping runtimes means changing one file.
+ */
+import { execSync } from 'child_process';
+import os from 'os';
+
+const IPTABLES_SUPPORTED = os.platform() === 'linux';
+
+import { logger } from './logger.js';
+
+/** The container runtime binary name. */
+export const CONTAINER_RUNTIME_BIN = 'docker';
+
+/** CLI args needed for the container to resolve the host gateway. */
+export function hostGatewayArgs(): string[] {
+  // On Linux, host.docker.internal isn't built-in — add it explicitly
+  if (os.platform() === 'linux') {
+    return ['--add-host=host.docker.internal:host-gateway'];
+  }
+  return [];
+}
+
+/** Returns CLI args for a readonly bind mount. */
+export function readonlyMountArgs(
+  hostPath: string,
+  containerPath: string,
+): string[] {
+  return ['-v', `${hostPath}:${containerPath}:ro`];
+}
+
+/** Returns the shell command to stop a container by name. */
+export function stopContainer(name: string): string {
+  return `${CONTAINER_RUNTIME_BIN} stop -t 1 ${name}`;
+}
+
+/** Ensure the container runtime is running, starting it if needed. */
+export function ensureContainerRuntimeRunning(): void {
+  try {
+    execSync(`${CONTAINER_RUNTIME_BIN} info`, {
+      stdio: 'pipe',
+      timeout: 10000,
+    });
+    logger.debug('Container runtime already running');
+  } catch (err) {
+    logger.error({ err }, 'Failed to reach container runtime');
+    console.error(
+      '\n╔════════════════════════════════════════════════════════════════╗',
+    );
+    console.error(
+      '║  FATAL: Container runtime failed to start                      ║',
+    );
+    console.error(
+      '║                                                                ║',
+    );
+    console.error(
+      '║  Agents cannot run without a container runtime. To fix:        ║',
+    );
+    console.error(
+      '║  1. Ensure Docker is installed and running                     ║',
+    );
+    console.error(
+      '║  2. Run: docker info                                           ║',
+    );
+    console.error(
+      '║  3. Restart NanoClaw                                           ║',
+    );
+    console.error(
+      '╚════════════════════════════════════════════════════════════════╝\n',
+    );
+    throw new Error('Container runtime is required but failed to start', {
+      cause: err,
+    });
+  }
+}
+
+/** Kill orphaned NanoClaw containers from previous runs. */
+export function cleanupOrphans(): void {
+  try {
+    const output = execSync(
+      `${CONTAINER_RUNTIME_BIN} ps --filter name=nanoclaw- --format '{{.Names}}'`,
+      { stdio: ['pipe', 'pipe', 'pipe'], encoding: 'utf-8' },
+    );
+    const orphans = output.trim().split('\n').filter(Boolean);
+    for (const name of orphans) {
+      try {
+        execSync(stopContainer(name), { stdio: 'pipe' });
+      } catch {
+        /* already stopped */
+      }
+    }
+    if (orphans.length > 0) {
+      logger.info(
+        { count: orphans.length, names: orphans },
+        'Stopped orphaned containers',
+      );
+    }
+  } catch (err) {
+    logger.warn({ err }, 'Failed to clean up orphaned containers');
+  }
+}
+
+/** Remove stale iptables rules from any previous NanoClaw run. */
+export function cleanupStaleIptablesRules(): void {
+  if (!IPTABLES_SUPPORTED) return;
+  try {
+    const rules = execSync(
+      `sudo iptables -S DOCKER-USER 2>/dev/null | grep 'nanoclaw-'`,
+      { encoding: 'utf-8', timeout: 5000 },
+    ).trim();
+    if (!rules) return;
+    let cleaned = 0;
+    for (const rule of rules.split('\n')) {
+      const deleteCmd = rule.replace(/^-[AI]\s+DOCKER-USER\s+/, '-D DOCKER-USER ');
+      try {
+        execSync(`sudo iptables ${deleteCmd}`, { stdio: 'pipe', timeout: 5000 });
+        cleaned++;
+      } catch { /* already gone */ }
+    }
+    if (cleaned > 0) {
+      logger.info({ count: cleaned }, 'Cleaned up stale iptables rules from previous run');
+    }
+  } catch { /* no stale rules */ }
+}

package/template/src/db-migration.test.ts

@@ -0,0 +1,67 @@
+import Database from 'better-sqlite3';
+import fs from 'fs';
+import os from 'os';
+import path from 'path';
+import { describe, expect, it, vi } from 'vitest';
+
+describe('database migrations', () => {
+  it('defaults Telegram backfill chats to direct messages', async () => {
+    const repoRoot = process.cwd();
+    const tempDir = fs.mkdtempSync(path.join(os.tmpdir(), 'nanoclaw-db-test-'));
+
+    try {
+      process.chdir(tempDir);
+      fs.mkdirSync(path.join(tempDir, 'store'), { recursive: true });
+
+      const dbPath = path.join(tempDir, 'store', 'messages.db');
+      const legacyDb = new Database(dbPath);
+      legacyDb.exec(`
+        CREATE TABLE chats (
+          jid TEXT PRIMARY KEY,
+          name TEXT,
+          last_message_time TEXT
+        );
+      `);
+      legacyDb
+        .prepare(
+          `INSERT INTO chats (jid, name, last_message_time) VALUES (?, ?, ?)`,
+        )
+        .run('tg:12345', 'Telegram DM', '2024-01-01T00:00:00.000Z');
+      legacyDb
+        .prepare(
+          `INSERT INTO chats (jid, name, last_message_time) VALUES (?, ?, ?)`,
+        )
+        .run('tg:-10012345', 'Telegram Group', '2024-01-01T00:00:01.000Z');
+      legacyDb
+        .prepare(
+          `INSERT INTO chats (jid, name, last_message_time) VALUES (?, ?, ?)`,
+        )
+        .run('room@g.us', 'WhatsApp Group', '2024-01-01T00:00:02.000Z');
+      legacyDb.close();
+
+      vi.resetModules();
+      const { initDatabase, getAllChats, _closeDatabase } =
+        await import('./db.js');
+
+      initDatabase();
+
+      const chats = getAllChats();
+      expect(chats.find((chat) => chat.jid === 'tg:12345')).toMatchObject({
+        channel: 'telegram',
+        is_group: 0,
+      });
+      expect(chats.find((chat) => chat.jid === 'tg:-10012345')).toMatchObject({
+        channel: 'telegram',
+        is_group: 0,
+      });
+      expect(chats.find((chat) => chat.jid === 'room@g.us')).toMatchObject({
+        channel: 'whatsapp',
+        is_group: 1,
+      });
+
+      _closeDatabase();
+    } finally {
+      process.chdir(repoRoot);
+    }
+  });
+});