instar 0.6.6 → 0.6.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/_demo.mjs +78 -0
- package/dist/commands/init.js +3 -0
- package/dist/server/routes.js +58 -0
- package/dist/tunnel/TunnelManager.js +11 -2
- package/package.json +1 -1
package/_demo.mjs
ADDED
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
import { PrivateViewer } from './dist/publishing/PrivateViewer.js';
|
|
2
|
+
import express from 'express';
|
|
3
|
+
import { Tunnel } from 'cloudflared';
|
|
4
|
+
import fs from 'node:fs';
|
|
5
|
+
import os from 'node:os';
|
|
6
|
+
import path from 'node:path';
|
|
7
|
+
|
|
8
|
+
const PIN = '1234';
|
|
9
|
+
|
|
10
|
+
// Set up viewer
|
|
11
|
+
const viewsDir = path.join(os.tmpdir(), 'instar-demo-views-' + Date.now());
|
|
12
|
+
fs.mkdirSync(viewsDir, { recursive: true });
|
|
13
|
+
const viewer = new PrivateViewer({ viewsDir });
|
|
14
|
+
|
|
15
|
+
// Create test view with PIN
|
|
16
|
+
const view = viewer.create(
|
|
17
|
+
'Secret Test Report',
|
|
18
|
+
'# Hello from Instar\n\nThis is a **PIN-protected** private view.\n\nIf you can see this, the PIN worked!\n\n---\n\n*Served securely via Cloudflare Tunnel + PIN gate.*',
|
|
19
|
+
PIN
|
|
20
|
+
);
|
|
21
|
+
console.log('View created:', view.id);
|
|
22
|
+
|
|
23
|
+
// Start express server
|
|
24
|
+
const app = express();
|
|
25
|
+
app.use(express.json());
|
|
26
|
+
|
|
27
|
+
app.get('/view/:id', (req, res) => {
|
|
28
|
+
const v = viewer.get(req.params.id);
|
|
29
|
+
if (!v) return res.status(404).send('Not found');
|
|
30
|
+
if (v.pinHash) {
|
|
31
|
+
res.setHeader('Content-Type', 'text/html; charset=utf-8');
|
|
32
|
+
res.send(viewer.renderPinPage(v));
|
|
33
|
+
} else {
|
|
34
|
+
res.setHeader('Content-Type', 'text/html; charset=utf-8');
|
|
35
|
+
res.send(viewer.renderHtml(v));
|
|
36
|
+
}
|
|
37
|
+
});
|
|
38
|
+
|
|
39
|
+
app.post('/view/:id/unlock', (req, res) => {
|
|
40
|
+
const v = viewer.get(req.params.id);
|
|
41
|
+
if (!v) return res.status(404).send('Not found');
|
|
42
|
+
const pin = req.body?.pin;
|
|
43
|
+
if (!pin || !viewer.verifyPin(req.params.id, pin)) {
|
|
44
|
+
return res.status(403).json({ error: 'Incorrect PIN' });
|
|
45
|
+
}
|
|
46
|
+
res.setHeader('Content-Type', 'text/html; charset=utf-8');
|
|
47
|
+
res.send(viewer.renderHtml(v));
|
|
48
|
+
});
|
|
49
|
+
|
|
50
|
+
const server = app.listen(0, '127.0.0.1', () => {
|
|
51
|
+
const port = server.address().port;
|
|
52
|
+
console.log('Server on port', port);
|
|
53
|
+
|
|
54
|
+
const localUrl = `http://127.0.0.1:${port}`;
|
|
55
|
+
// Use explicit --config to prevent ~/.cloudflared/config.yml
|
|
56
|
+
// named tunnel ingress rules from overriding the quick tunnel
|
|
57
|
+
const cfgPath = path.join(os.tmpdir(), 'instar-demo-cf.yml');
|
|
58
|
+
fs.writeFileSync(cfgPath, '# Quick tunnel — no ingress rules\n');
|
|
59
|
+
const t = Tunnel.quick(localUrl, { '--config': cfgPath });
|
|
60
|
+
|
|
61
|
+
t.once('url', (tunnelUrl) => {
|
|
62
|
+
const viewUrl = `${tunnelUrl}/view/${view.id}`;
|
|
63
|
+
console.log('TUNNEL_URL=' + viewUrl);
|
|
64
|
+
console.log('PIN=' + PIN);
|
|
65
|
+
fs.writeFileSync('/tmp/instar-demo-url.txt', viewUrl + '\n' + PIN);
|
|
66
|
+
});
|
|
67
|
+
|
|
68
|
+
t.on('error', (err) => {
|
|
69
|
+
console.error('Tunnel error:', err.message);
|
|
70
|
+
});
|
|
71
|
+
|
|
72
|
+
// Keep process alive
|
|
73
|
+
process.on('SIGINT', () => {
|
|
74
|
+
t.stop();
|
|
75
|
+
server.close();
|
|
76
|
+
process.exit();
|
|
77
|
+
});
|
|
78
|
+
});
|
package/dist/commands/init.js
CHANGED
|
@@ -648,12 +648,15 @@ function getDefaultJobs(port) {
|
|
|
648
648
|
6. **Logs**: Check .instar/logs/server.log for recent errors: tail -50 .instar/logs/server.log | grep -i error
|
|
649
649
|
7. **Settings coherence**: Are hooks in .claude/settings.json pointing to files that exist?
|
|
650
650
|
8. **Design friction**: During your recent work, did anything feel unnecessarily difficult, confusing, or broken? Did you work around any issues?
|
|
651
|
+
9. **CI health**: Check if the project has a GitHub repo and if CI is passing. Run: REPO=$(git remote get-url origin 2>/dev/null | sed 's/.*github.com[:/]//;s/.git$//'); if [ -n "$REPO" ]; then FAILURES=$(gh run list --repo "$REPO" --status failure --limit 3 --json databaseId,conclusion,headBranch,name,createdAt 2>/dev/null); if echo "$FAILURES" | python3 -c "import sys,json; runs=json.load(sys.stdin); exit(0 if runs else 1)" 2>/dev/null; then echo "CI FAILURES DETECTED in $REPO"; echo "$FAILURES"; echo ""; echo "FIX THESE NOW: Read the failure logs with 'gh run view RUN_ID --repo $REPO --log-failed', diagnose the issue, fix it, run tests locally, commit and push."; fi; fi
|
|
651
652
|
|
|
652
653
|
For EACH issue found, submit feedback immediately:
|
|
653
654
|
curl -s -X POST http://localhost:${port}/feedback -H 'Content-Type: application/json' -d '{"type":"bug","title":"TITLE","description":"FULL_CONTEXT"}'
|
|
654
655
|
|
|
655
656
|
For improvements (not bugs), use type "improvement" instead.
|
|
656
657
|
|
|
658
|
+
IMPORTANT for CI failures: Don't just report them as feedback — FIX THEM. Read the logs, diagnose the root cause, apply the fix, run tests locally to verify, then commit and push. Only submit feedback if the fix is beyond your capability (e.g., requires credentials or external service changes). CI health is your responsibility as the agent running this project.
|
|
659
|
+
|
|
657
660
|
If everything looks healthy, exit silently. Only report issues.`,
|
|
658
661
|
},
|
|
659
662
|
tags: ['coherence', 'default'],
|
package/dist/server/routes.js
CHANGED
|
@@ -173,6 +173,64 @@ export function createRoutes(ctx) {
|
|
|
173
173
|
monitoring: ctx.config.monitoring,
|
|
174
174
|
});
|
|
175
175
|
});
|
|
176
|
+
// ── CI Health ─────────────────────────────────────────────────────
|
|
177
|
+
//
|
|
178
|
+
// On-demand CI status check. Detects GitHub repo from git remote and
|
|
179
|
+
// queries GitHub Actions for recent failures. Agents can use this to
|
|
180
|
+
// check CI health without waiting for the next self-diagnosis cycle.
|
|
181
|
+
router.get('/ci', (_req, res) => {
|
|
182
|
+
const projectDir = ctx.config.projectDir;
|
|
183
|
+
// Detect GitHub repo from git remote
|
|
184
|
+
let repo = null;
|
|
185
|
+
try {
|
|
186
|
+
const remoteUrl = execFileSync('git', ['remote', 'get-url', 'origin'], {
|
|
187
|
+
cwd: projectDir,
|
|
188
|
+
encoding: 'utf-8',
|
|
189
|
+
timeout: 5000,
|
|
190
|
+
stdio: ['pipe', 'pipe', 'pipe'],
|
|
191
|
+
}).trim();
|
|
192
|
+
// Extract owner/repo from SSH or HTTPS URL
|
|
193
|
+
const match = remoteUrl.match(/github\.com[:/](.+?)(?:\.git)?$/);
|
|
194
|
+
if (match)
|
|
195
|
+
repo = match[1];
|
|
196
|
+
}
|
|
197
|
+
catch {
|
|
198
|
+
// Not a git repo or no remote
|
|
199
|
+
}
|
|
200
|
+
if (!repo) {
|
|
201
|
+
res.json({ status: 'unknown', message: 'No GitHub repo detected', runs: [] });
|
|
202
|
+
return;
|
|
203
|
+
}
|
|
204
|
+
// Query recent CI runs
|
|
205
|
+
try {
|
|
206
|
+
const result = execFileSync('gh', [
|
|
207
|
+
'run', 'list', '--repo', repo, '--limit', '5',
|
|
208
|
+
'--json', 'databaseId,conclusion,status,headBranch,name,createdAt',
|
|
209
|
+
], {
|
|
210
|
+
encoding: 'utf-8',
|
|
211
|
+
timeout: 15000,
|
|
212
|
+
stdio: ['pipe', 'pipe', 'pipe'],
|
|
213
|
+
});
|
|
214
|
+
const runs = JSON.parse(result);
|
|
215
|
+
const failures = runs.filter((r) => r.conclusion === 'failure');
|
|
216
|
+
const inProgress = runs.filter((r) => r.status === 'in_progress');
|
|
217
|
+
res.json({
|
|
218
|
+
repo,
|
|
219
|
+
status: failures.length > 0 ? 'failing' : inProgress.length > 0 ? 'in_progress' : 'passing',
|
|
220
|
+
failureCount: failures.length,
|
|
221
|
+
inProgressCount: inProgress.length,
|
|
222
|
+
runs,
|
|
223
|
+
});
|
|
224
|
+
}
|
|
225
|
+
catch (err) {
|
|
226
|
+
res.json({
|
|
227
|
+
repo,
|
|
228
|
+
status: 'error',
|
|
229
|
+
message: err instanceof Error ? err.message : 'gh CLI failed',
|
|
230
|
+
runs: [],
|
|
231
|
+
});
|
|
232
|
+
}
|
|
233
|
+
});
|
|
176
234
|
// ── Sessions ────────────────────────────────────────────────────
|
|
177
235
|
// Literal routes BEFORE parameterized routes to avoid capture
|
|
178
236
|
router.get('/sessions/tmux', (_req, res) => {
|
|
@@ -102,9 +102,18 @@ export class TunnelManager extends EventEmitter {
|
|
|
102
102
|
}
|
|
103
103
|
startQuickTunnel() {
|
|
104
104
|
return new Promise((resolve, reject) => {
|
|
105
|
-
const localUrl = `http://
|
|
105
|
+
const localUrl = `http://127.0.0.1:${this.config.port}`;
|
|
106
106
|
try {
|
|
107
|
-
|
|
107
|
+
// Write an empty config to prevent cloudflared from loading
|
|
108
|
+
// ~/.cloudflared/config.yml, which may contain named tunnel
|
|
109
|
+
// ingress rules that override the quick tunnel's --url proxy.
|
|
110
|
+
const emptyConfig = path.join(this.config.stateDir, 'cloudflared-quick.yml');
|
|
111
|
+
const dir = path.dirname(emptyConfig);
|
|
112
|
+
if (!fs.existsSync(dir)) {
|
|
113
|
+
fs.mkdirSync(dir, { recursive: true });
|
|
114
|
+
}
|
|
115
|
+
fs.writeFileSync(emptyConfig, '# Quick tunnel — no ingress rules\n');
|
|
116
|
+
this.tunnel = Tunnel.quick(localUrl, { '--config': emptyConfig });
|
|
108
117
|
}
|
|
109
118
|
catch (err) {
|
|
110
119
|
reject(new Error(`Failed to start quick tunnel: ${err instanceof Error ? err.message : String(err)}`));
|