jerob 1.0.0

package/scheduler/README.md

@@ -0,0 +1,200 @@
+# Jimmy Scheduler
+
+Fully automated task scheduler with AI planning. Tasks run either locally (`jimmy daemon`) or serverless (Supabase Edge Functions + pg_cron).
+
+## Features
+
+- **AI Task Planning** — describe a task in plain English, LLM breaks it into steps + cron schedule
+- **Step Types** — web_search, web_crawl, custom (pure LLM), email_send, browser (local only)
+- **Auto Re-auth** — Gmail refresh token auto-syncs to Supabase on re-auth, zero manual updates
+- **Run History** — all runs logged to Supabase with full step results
+- **Email Summaries** — optional email digest after each run
+
+---
+
+## Setup (One Time)
+
+### 1. Create Supabase tables
+
+Already done if you ran the main setup SQL. Verify these exist:
+```sql
+scheduler_tasks
+scheduler_runs
+user_config
+```
+
+### 2. Deploy Edge Function (serverless mode)
+
+```powershell
+# Install Supabase CLI
+npm i -g supabase
+
+# Login
+supabase login
+
+# Link your project
+supabase link --project-ref <YOUR_PROJECT_REF>
+
+# Deploy + sync credentials
+.\supabase\deploy.ps1
+```
+
+The script:
+- Deploys the `scheduler-tick` Edge Function
+- Sets `SUPABASE_URL` and `SUPABASE_SERVICE_ROLE_KEY` as secrets
+- Syncs all API keys (OpenRouter, Groq, Firecrawl, Google) to `user_config` table
+
+### 3. Register pg_cron job
+
+Run the SQL in `supabase/functions/scheduler-tick/setup.sql` in your Supabase SQL editor.
+
+Replace `<PROJECT_REF>` with your actual project ref, and set your service role key in the last line.
+
+---
+
+## Usage
+
+### Add a Task
+
+```
+jimmy jet → CLI → Scheduler → Add new task
+```
+
+Describe it naturally:
+> "Every morning at 9am, search for top AI news from the last 24 hours and email me a summary"
+
+The LLM plans:
+```json
+{
+  "name": "Daily AI News Digest",
+  "cron": "0 9 * * *",
+  "steps": [
+    { "order": 1, "type": "web_search", "instruction": "Find top AI news from last 24 hours" },
+    { "order": 2, "type": "email_send", "instruction": "Send summary to user" }
+  ]
+}
+```
+
+You can edit the cron expression before saving.
+
+### Task Management
+
+- **List** — see all tasks, their status, run count, next run time
+- **Manage** — enable/disable, edit cron/email, view run history, run now (manual trigger), delete
+
+### Execution Modes
+
+**Serverless (Default)** — Tasks run in Supabase Edge Function every minute via pg_cron. Your machine can be off.
+
+**Supported Step Types:**
+- `web_search` - Search via Firecrawl API
+- `web_crawl` - Scrape URLs via Firecrawl API  
+- `custom` - LLM-powered tasks (OpenRouter → Groq fallback)
+- `email_send` - Gmail API (auto-refresh token)
+
+---
+
+## How Auto Re-auth Works
+
+When you re-authenticate Gmail via `jimmy jet`:
+
+1. New refresh token saved to `~/.cccontrol/googleAuth/google_config.json`
+2. **Automatically synced to Supabase `user_config` table**
+3. Edge Function reads from `user_config` on every run
+4. No manual `supabase secrets set` needed ever again
+
+Same applies to all API keys — update `.env` and run `jimmy sync-credentials` to push changes.
+
+---
+
+## Cron Expression Examples
+
+| Expression | Meaning |
+|---|---|
+| `* * * * *` | Every minute |
+| `0 * * * *` | Every hour on the hour |
+| `0 9 * * *` | Every day at 9:00 AM |
+| `0 9 * * 1` | Every Monday at 9:00 AM |
+| `*/15 * * * *` | Every 15 minutes |
+| `0 0 1 * *` | First day of every month at midnight |
+
+---
+
+## Troubleshooting
+
+### Quick Debug
+
+Run the built-in debug tool:
+```powershell
+jimmy scheduler-debug
+```
+
+This checks:
+- ✓ Credentials synced to Supabase
+- ✓ Tasks and their run history
+- ✓ Manually triggers Edge Function for testing
+
+### Check in Supabase Dashboard
+
+**View Task Runs:**
+```sql
+select * from scheduler_runs order by started_at desc limit 20;
+```
+
+**Check Cron Job Status:**
+```sql
+-- See if cron job is registered
+select * from cron.job;
+
+-- View recent cron executions
+select * from cron.job_run_details 
+where jobname = 'jimmy-scheduler-tick' 
+order by start_time desc 
+limit 10;
+```
+
+**View Tasks:**
+```sql
+select id, name, enabled, cron, next_run_at, last_run_at, run_count 
+from scheduler_tasks;
+```
+
+**Complete Status Check:**
+Open `scheduler/check-status.sql` and copy-paste sections into Supabase SQL Editor.
+
+### Common Issues
+
+**Tasks not running?**
+
+1. Check `supabase secrets list` — ensure `SUPABASE_URL` and `SUPABASE_SERVICE_ROLE_KEY` are set
+2. Query `user_config` table — verify credentials are present
+3. Check `scheduler_runs` table — look for error messages
+4. View Edge Function logs: `supabase functions logs scheduler-tick`
+5. Verify pg_cron job: `select * from cron.job;`
+
+**Gmail sends failing?**
+
+Run `jimmy sync-credentials` to push the latest refresh token to Supabase.
+
+**Task says "completed" but I see no output?**
+
+Check the `scheduler_runs` table for detailed `step_results` and `output` fields.
+
+**Cron job not registered?**
+
+You need to run the setup SQL once: `supabase/functions/scheduler-tick/setup.sql`
+
+---
+
+## Architecture
+
+All tasks run **100% serverless in Supabase** via Edge Functions + pg_cron. Your machine can be completely off.
+
+**Step Types (all serverless):**
+
+| Type | What it does |
+|------|-------------|
+| `web_search` | Search via Firecrawl API |
+| `web_crawl` | Scrape URLs via Firecrawl API |
+| `custom` | LLM-powered tasks (OpenRouter → Groq fallback) |
+| `email_send` | Send via Gmail API (auto-refresh token) |

package/scheduler/SETUP-READY.sql

@@ -0,0 +1,84 @@
+-- ════════════════════════════════════════════════════════════════════════════════
+-- Jimmy Scheduler — One-Time Setup SQL
+-- 1. Go to your Supabase project → SQL Editor
+-- 2. Paste this entire file and click RUN
+-- ════════════════════════════════════════════════════════════════════════════════
+
+-- 1. Extensions
+CREATE EXTENSION IF NOT EXISTS pg_cron;
+GRANT USAGE ON SCHEMA cron TO postgres;
+
+-- 2. scheduler_tasks table
+CREATE TABLE IF NOT EXISTS scheduler_tasks (
+  id            UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+  name          TEXT NOT NULL,
+  description   TEXT NOT NULL DEFAULT '',
+  cron          TEXT NOT NULL,
+  enabled       BOOLEAN NOT NULL DEFAULT true,
+  steps         JSONB NOT NULL DEFAULT '[]',
+  summary_email TEXT,
+  created_at    TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+  updated_at    TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+  last_run_at   TIMESTAMPTZ,
+  next_run_at   TIMESTAMPTZ,
+  run_count     INTEGER NOT NULL DEFAULT 0
+);
+
+-- 3. scheduler_runs table
+CREATE TABLE IF NOT EXISTS scheduler_runs (
+  id           UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+  task_id      UUID NOT NULL REFERENCES scheduler_tasks(id) ON DELETE CASCADE,
+  started_at   TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+  finished_at  TIMESTAMPTZ,
+  status       TEXT NOT NULL DEFAULT 'running' CHECK (status IN ('running','success','failed')),
+  output       TEXT,
+  error        TEXT,
+  step_results JSONB NOT NULL DEFAULT '[]'
+);
+
+-- 4. user_config table (stores API keys synced from your machine)
+CREATE TABLE IF NOT EXISTS user_config (
+  key        TEXT PRIMARY KEY,
+  value      TEXT NOT NULL,
+  updated_at TIMESTAMPTZ DEFAULT NOW()
+);
+
+-- 5. Row Level Security — service role only (your app uses service role key)
+ALTER TABLE scheduler_tasks ENABLE ROW LEVEL SECURITY;
+ALTER TABLE scheduler_runs  ENABLE ROW LEVEL SECURITY;
+ALTER TABLE user_config     ENABLE ROW LEVEL SECURITY;
+
+DROP POLICY IF EXISTS "Service role full access" ON scheduler_tasks;
+DROP POLICY IF EXISTS "Service role full access" ON scheduler_runs;
+DROP POLICY IF EXISTS "Service role full access" ON user_config;
+
+CREATE POLICY "Service role full access" ON scheduler_tasks FOR ALL USING (auth.role() = 'service_role');
+CREATE POLICY "Service role full access" ON scheduler_runs  FOR ALL USING (auth.role() = 'service_role');
+CREATE POLICY "Service role full access" ON user_config     FOR ALL USING (auth.role() = 'service_role');
+
+-- 6. Schedule the Edge Function to fire every minute
+--    Replace YOUR_PROJECT_REF and YOUR_SERVICE_ROLE_KEY below before running.
+--    Get them from: Supabase Dashboard → Settings → API
+SELECT cron.unschedule('jimmy-scheduler-tick') WHERE EXISTS (
+  SELECT 1 FROM cron.job WHERE jobname = 'jimmy-scheduler-tick'
+);
+
+SELECT cron.schedule(
+  'jimmy-scheduler-tick',
+  '* * * * *',
+  $$
+  SELECT net.http_post(
+    url     := 'https://YOUR_PROJECT_REF.supabase.co/functions/v1/scheduler-tick',
+    headers := jsonb_build_object(
+      'Content-Type',  'application/json',
+      'Authorization', 'Bearer YOUR_SERVICE_ROLE_KEY'
+    ),
+    body    := '{}'::jsonb
+  );
+  $$
+);
+
+-- ════════════════════════════════════════════════════════════════════════════════
+-- Done! Verify setup:
+SELECT jobid, jobname, schedule, active FROM cron.job;
+-- ════════════════════════════════════════════════════════════════════════════════

package/scheduler/check-status.sql

@@ -0,0 +1,124 @@
+-- ════════════════════════════════════════════════════════════════════════════════
+-- Jimmy Scheduler Status Check
+-- Copy and paste each section into Supabase SQL Editor to debug your scheduler
+-- ════════════════════════════════════════════════════════════════════════════════
+
+-- 1. CHECK IF PG_CRON JOB EXISTS
+-- Should show: jimmy-scheduler-tick job running every minute
+select 
+  jobid,
+  jobname,
+  schedule,
+  active,
+  database
+from cron.job;
+
+-- 2. CHECK RECENT CRON JOB RUNS
+-- Should show executions every minute with status and return messages
+select 
+  jobname,
+  runid,
+  status,
+  return_message,
+  start_time,
+  end_time
+from cron.job_run_details 
+where jobname = 'jimmy-scheduler-tick' 
+order by start_time desc 
+limit 10;
+
+-- 3. CHECK YOUR TASKS
+-- Shows all tasks, when they should run next, and run counts
+select 
+  id,
+  name,
+  enabled,
+  cron,
+  next_run_at,
+  last_run_at,
+  run_count,
+  summary_email,
+  jsonb_array_length(steps::jsonb) as step_count
+from scheduler_tasks
+order by created_at desc;
+
+-- 4. CHECK TASK RUNS (EXECUTION HISTORY)
+-- Shows actual task executions with results
+select 
+  r.id,
+  t.name as task_name,
+  r.status,
+  r.started_at,
+  r.finished_at,
+  r.output,
+  r.error,
+  jsonb_array_length(r.step_results::jsonb) as steps_executed
+from scheduler_runs r
+left join scheduler_tasks t on r.task_id = t.id
+order by r.started_at desc
+limit 20;
+
+-- 5. CHECK CREDENTIALS IN USER_CONFIG
+-- Should show all your API keys (values hidden for security)
+select 
+  key,
+  case 
+    when key like '%token%' or key like '%secret%' or key like '%key%' 
+    then '***HIDDEN***'
+    else left(value, 20) || '...'
+  end as value_preview,
+  updated_at
+from user_config
+order by key;
+
+-- 6. CHECK IF TASKS ARE DUE NOW
+-- Shows tasks that should run in the next execution
+select 
+  id,
+  name,
+  cron,
+  next_run_at,
+  now() as current_time,
+  next_run_at <= now() as is_due
+from scheduler_tasks
+where enabled = true;
+
+-- ════════════════════════════════════════════════════════════════════════════════
+-- TROUBLESHOOTING TIPS:
+-- ════════════════════════════════════════════════════════════════════════════════
+--
+-- ❌ No rows in cron.job?
+--    → You haven't run the setup SQL yet. Run: supabase/functions/scheduler-tick/setup.sql
+--
+-- ❌ cron.job exists but no runs in job_run_details?
+--    → Check if pg_cron is enabled: CREATE EXTENSION IF NOT EXISTS pg_cron;
+--    → Check Edge Function logs: supabase functions logs scheduler-tick
+--
+-- ❌ Cron runs but scheduler_runs table is empty?
+--    → Edge Function might be failing. Check logs with: supabase functions logs scheduler-tick
+--    → Verify secrets are set: supabase secrets list
+--
+-- ❌ scheduler_runs shows "failed" status?
+--    → Check the error column in scheduler_runs
+--    → Check if credentials are in user_config (query #5 above)
+--    → Run: jimmy sync-credentials
+--
+-- ❌ Task says "completed" but no email sent?
+--    → Check if summary_email is set on the task
+--    → Verify google_refresh_token is in user_config
+--    → Check step_results in scheduler_runs for email step errors
+--
+-- ════════════════════════════════════════════════════════════════════════════════
+
+-- MANUAL EDGE FUNCTION TRIGGER (for testing):
+-- Replace <PROJECT_REF> and <SERVICE_ROLE_KEY> with your actual values
+/*
+select net.http_post(
+  url     := 'https://<PROJECT_REF>.supabase.co/functions/v1/scheduler-tick',
+  headers := jsonb_build_object(
+    'Content-Type',   'application/json',
+    'Authorization',  'Bearer <SERVICE_ROLE_KEY>'
+  ),
+  body    := '{}'::jsonb
+) as response;
+*/

package/scheduler/config-sync.ts

@@ -0,0 +1,91 @@
+/**
+ * Syncs local credentials to Supabase user_config table.
+ * The Edge Function reads from here instead of static secrets,
+ * so re-auth is fully automatic — no manual `supabase secrets set` needed.
+ *
+ * Required SQL (run once in Supabase SQL editor):
+ *   create table user_config (
+ *     key text primary key,
+ *     value text not null,
+ *     updated_at timestamptz default now()
+ *   );
+ */
+
+import { createClient } from "@supabase/supabase-js";
+
+function getDb() {
+  const url = process.env.SUPABASE_URL;
+  const key = process.env.SUPABASE_SERVICE_ROLE_KEY || process.env.SUPABASE_KEY;
+  if (!url || !key) return null;
+  return createClient(url, key);
+}
+
+/** Upsert a single key-value pair into user_config */
+async function upsertConfig(key: string, value: string): Promise<void> {
+  const db = getDb();
+  if (!db) return; // Supabase not configured yet, skip silently
+  const { error } = await db.from("user_config").upsert(
+    { key, value, updated_at: new Date().toISOString() },
+    { onConflict: "key" }
+  );
+  if (error) {
+    // Non-fatal — log but don't crash the auth flow
+    console.warn(`[config-sync] Failed to sync "${key}": ${error.message}`);
+  }
+}
+
+/** Read a value from user_config */
+export async function readRemoteConfig(key: string): Promise<string | null> {
+  const db = getDb();
+  if (!db) return null;
+  const { data, error } = await db
+    .from("user_config")
+    .select("value")
+    .eq("key", key)
+    .single();
+  if (error || !data) return null;
+  return (data as any).value as string;
+}
+
+/**
+ * Called after Gmail OAuth completes.
+ * Pushes the new refresh token to Supabase so the Edge Function picks it up automatically.
+ */
+export async function syncGoogleRefreshToken(refreshToken: string): Promise<void> {
+  await upsertConfig("google_refresh_token", refreshToken);
+}
+
+/**
+ * Sync all relevant env vars to Supabase user_config.
+ * Call this on first deploy or when API keys change.
+ * Keys stored: openrouter_key, groq_api_key, firecrawl_key,
+ *              google_client_id, google_client_secret, google_refresh_token
+ */
+export async function syncAllSecrets(): Promise<void> {
+  const pairs: [string, string | undefined][] = [
+    ["openrouter_key",   process.env.OPENROUTER_KEY],
+    ["openrouter_model", process.env.OPENROUTER_MODEL],
+    ["groq_api_key",     process.env.GROQ_API_KEY],
+    ["firecrawl_key",    process.env.FIRECRAWL_KEY],
+    ["google_api_key",   process.env.GOOGLE_GENERATIVE_AI_API_KEY],  // for Gemini in Edge Function
+    ["google_client_id",     process.env.GOOGLE_CLIENT_ID],
+    ["google_client_secret", process.env.GOOGLE_CLIENT_SECRET],
+  ];
+
+  // Also sync Google refresh token from local file if it exists
+  try {
+    const { loadConfig } = await import("../email_ops/email_pass_store");
+    const googleConfig = loadConfig();
+    if (googleConfig?.refresh_token) {
+      pairs.push(["google_refresh_token", googleConfig.refresh_token]);
+    }
+  } catch (e) {
+    console.warn("[config-sync] Could not load Google refresh token from local file");
+  }
+
+  await Promise.allSettled(
+    pairs
+      .filter(([, v]) => v)
+      .map(([k, v]) => upsertConfig(k, v!))
+  );
+}