labgate 0.5.28 → 0.5.30

package/README.md

@@ -1,23 +1,13 @@
 # LabGate
 
-Secure wrapper around LLM coding agents for HPC clusters.
-
-LabGate lets institutions adopt AI coding tools without giving agents unrestricted host access. It is designed for shared research environments where HPC admins need policy and audit controls, while researchers need a practical day-to-day workflow for coding, data analysis, and SLURM jobs.
-
-## Product Goal
-
-- Give HPC admins a deployable control layer for agent sessions.
-- Make Claude-assisted work practical for researchers on real cluster infrastructure.
-- Keep the default path simple and reliable: `labgate claude` + Apptainer + SLURM.
+Policy-controlled sandboxes for AI coding agents. Built for HPC clusters.
 
 ## Current Product Focus
 
 - Primary workflow: Claude (`labgate claude`)
 - Primary runtime: Apptainer on HPC
-- SLURM integration: enabled by default (`slurm.enabled = true`)
-- Secondary targets: other agents/runtimes are best-effort only
-
-LabGate still contains Podman runtime code for local/non-HPC scenarios, but that is not the primary supported path.
+- macOS runtime: Podman (best-effort fallback path)
+- Secondary targets (best-effort): other agents
 
 ## Install
 
@@ -25,107 +15,50 @@ LabGate still contains Podman runtime code for local/non-HPC scenarios, but that
 npm i -g labgate
 ```
 
-Note: LabGate uses `node-pty` only for the optional sticky footer. On minimal Linux installs, that dependency may fail to build without a compiler toolchain. If it fails, install still succeeds and LabGate falls back to non-sticky output.
-
-## Quick Start (Researcher)
-
-```bash
-labgate init
-labgate claude
-```
-
-Typical HPC flow:
-
-1. Login node: run `labgate ui`
-2. Compute allocation: `srun --pty bash`, then `labgate claude` in your project directory
-
-Useful follow-ups for data-heavy work:
-
-```bash
-labgate dataset list
-labgate slurm status
-labgate logs --follow
-```
-
-Example (life science / data analysis workflow):
+Note: LabGate uses `node-pty` only for the optional sticky footer. On minimal Linux installs, that dependency may fail to build without a compiler toolchain. If it fails, the install still works and LabGate falls back to non-sticky output.
 
-```bash
-# 1) register datasets in ~/.labgate/config.json (via UI or config edit)
-# 2) initialize dataset stats for discoverability
-labgate dataset init rnaseq-cohort
-
-# 3) start agent and run analysis in project directory
-labgate claude
+Note: `tmux` is a host-level dependency for `labgate ui` / web terminals. `npm i -g labgate` does not install `tmux`; install it through your OS or cluster module system.
 
-# 4) submit SLURM job with host-valid output paths (relative preferred)
-sbatch --output slurm-%j.out --error slurm-%j.err run_qc.sh
+LabGate prefers Apptainer for sandbox runtime and supports Podman as a fallback (especially on macOS).
 
-# 5) inspect tracked jobs and output
-labgate slurm status
-labgate slurm output <job-id> --tail 100
-```
+On UI startup, LabGate ensures a bundled sample dataset (`flowers-iris`) is available at `~/.labgate/datasets/flowers-iris` for first-run testing.
 
-## Quick Start (HPC Admin)
+## Quick start
 
 ```bash
-# Install license (enterprise mode)
-labgate license install <key-or-file> --system
-
-# Create baseline policy
-labgate policy init --path /etc/labgate/policy.json --admin <hpc-admin-username>
-labgate policy validate
-
-# Validate default runtime behavior
-labgate config get runtime
+labgate init                          # optional: pre-create ~/.labgate/config.json
+labgate claude                        # launch Claude Code in current dir
+labgate codex /projects/my-analysis   # launch Codex in a specific dir
 ```
 
-Admin controls can force/lock runtime, network mode, audit settings, and SLURM behavior through policy.
-
-## Why HPC Admins Deploy It
-
-- Scoped filesystem mounts instead of full host exposure
-- Default blocking of common credential and key material paths (`.ssh`, `.aws`, `.env`, `.gnupg`, key files)
-- Network policy modes (`host`, `filtered`, `none`)
-- Command blacklist inside sandbox (`ssh`, `curl`, `wget`, etc.)
-- Session/audit logging for operational traceability
-- Enterprise policy and lock semantics for institution-level governance
-- SLURM-aware behavior designed for shared cluster operations
+## What it does
 
-## Why Researchers Keep Using It (Life Science / Data Analysis)
+LabGate runs your AI coding agent inside a sandboxed container with:
 
-- Works in existing project folders and scheduler workflows
-- Named dataset mounts under `/datasets/<name>` reduce path confusion in collaborative analysis
-- Auto-injected session context gives the agent correct path + cluster constraints
-- SLURM tracking + MCP tools help inspect jobs and output without leaving the coding workflow
-- Results registry MCP lets teams record findings, artifacts, and summaries across sessions
-
-## What LabGate Enforces
-
-LabGate runs AI coding agents in a sandboxed container with:
-
-- **Scoped filesystem**: only workdir + configured mounts are visible
-- **Credential blocking**: sensitive paths hidden by default
-- **Network policy**: configurable network mode
-- **Command blocking**: risky commands blocked by default
-- **Audit logging**: session lifecycle + key security events in `~/.labgate/logs/`
-- **Instruction management**: temporary LabGate context blocks in `CLAUDE.md` / `AGENTS.md`
-- **HPC integration**: Apptainer-first runtime behavior and SLURM support
+- **Scoped filesystem** — only your working directory and configured paths are visible
+- **Credential blocking** — `.ssh`, `.aws`, `.env`, `.gnupg`, and other sensitive paths are hidden by default
+- **Network policy** — configurable network modes (`host`, `filtered`, `none`)
+- **Command blocking** — `ssh`, `curl`, `wget`, and other commands are blocked by default
+- **Audit logging** — session start/stop and mount configuration logged to `~/.labgate/logs/`
+- **Dashboard instructions editor** — view and update per-session `AGENTS.md` / `CLAUDE.md` from the UI
+- **Session context injection** — LabGate prepends a temporary sandbox-mapping instruction block during active sessions
+- **HPC ready** — first-class Apptainer support for shared clusters
 
 ## Configuration
 
-Edit config:
+Edit `~/.labgate/config.json` to customize:
 
 ```bash
 $EDITOR ~/.labgate/config.json
 ```
 
-Reset full config:
+Or start fresh:
 
 ```bash
 labgate init --force
 ```
 
-Reset a single setting to defaults:
+Or reset a single setting back to defaults:
 
 ```bash
 labgate config reset image
@@ -135,101 +68,73 @@ labgate config reset image
 
 | Setting | Default | What it does |
 |---------|---------|-------------|
-| `runtime` | `auto` | Runtime preference (`auto`, `apptainer`, `podman`) |
+| `runtime` | `auto` | `auto`, `apptainer`, or `podman` |
 | `image` | `docker.io/library/node:20-bookworm` | Container image |
 | `session_timeout_hours` | `8` | Max session length |
 | `filesystem.blocked_patterns` | `.ssh, .aws, .env, ...` | Hidden from sandbox |
 | `filesystem.extra_paths` | `[]` | Additional mounts |
-| `datasets` | `[]` | Named dataset mounts under `/datasets/*` |
 | `network.mode` | `host` | `none`, `filtered`, or `host` |
 | `commands.blacklist` | `ssh, curl, wget, ...` | Blocked commands |
-| `slurm.enabled` | `true` | Enable SLURM tracking + passthrough |
-| `slurm.mcp_server` | `true` | Enable SLURM MCP server integration |
-| `audit.enabled` | `true` | Enable audit logging |
+| `slurm.enabled` | `true` | Enable SLURM CLI passthrough (`sbatch`, `squeue`, etc.) and job tracking |
 
 ## Commands
 
 ```bash
-# Agent sessions
-labgate claude [workdir]
-labgate codex [workdir]              # secondary/best-effort path
-
-# Session lifecycle
-labgate status
-labgate stop <id>
-labgate restart <id>
-labgate continue [web-terminal-id] [--latest]
-
-# UI + logs
-labgate ui
-labgate logs [-n 20]
-labgate logs --follow
-labgate doctor
-
-# Config + setup
-labgate init [--force]
-labgate config get <key>
-labgate config set <key> <value>
-labgate config reset <key>
-
-# Dataset workflow
-labgate dataset list
-labgate dataset init <name>
-
-# SLURM workflow
-labgate slurm status
-labgate slurm job <id>
-labgate slurm output <id> [--stderr] [--tail <lines>]
-labgate slurm cancel <id>
-labgate slurm mcp
-
-# Enterprise
-labgate license
-labgate license install <key-or-file> [--system|--user|--path]
-labgate register <activation-key> [--server <url>]
-labgate policy init [--institution ... --admin ...]
-labgate policy validate [file]
+labgate claude [workdir]    # launch Claude Code
+labgate codex [workdir]     # launch Codex
+labgate feedback            # submit feedback (interactive or piped)
+labgate status              # list running sessions
+labgate stop <id>           # stop a session
+labgate ui                  # start dashboard server on localhost:7700 (auth token required, tmux required)
+labgate register <activation-key> [--server <url>]            # activate + install enterprise license
+labgate license             # show enterprise license status
+labgate license install <key-or-file> [--system|--user|--path]  # install enterprise license key
+labgate policy init [--institution ... --admin ...]             # create policy template
+labgate policy validate [file]                                   # validate policy JSON
+labgate logs [-n 20]        # view recent audit events
+labgate logs --follow       # stream new audit events
+labgate init [--force]      # create/reset config
 ```
 
-### Common options
+### Options
 
 ```bash
-labgate claude --dry-run
-labgate claude --image my-image:tag
-labgate claude --no-footer
-labgate claude --api-key "$ANTHROPIC_API_KEY"
-labgate ui --socket ~/.labgate/ui.sock
-labgate logs --lines 50 --follow
+labgate claude --dry-run              # print the sandbox command without running
+labgate claude --image my-image:tag   # use a different container image
+labgate claude --no-footer            # disable the status footer line
+labgate ui                            # localhost UI on 7700, logs full token URL + short /s/<code> quick link
+labgate ui --socket ~/.labgate/ui.sock # custom Unix socket path
+labgate logs --lines 50 --follow      # tail last 50 lines and keep following
 ```
 
 `labgate claude` auto-starts `labgate ui` when missing in local (non-SSH/non-SLURM) shells.
 
 ### SLURM inside sandboxes (`sbatch` / `squeue`)
 
-For Apptainer sessions, LabGate attempts SLURM CLI passthrough automatically.
-If host `sbatch`/`squeue` are available, they are staged into the sandbox so
-`labgate claude` works in common HPC setups without extra config.
+For Apptainer sessions, LabGate now attempts SLURM CLI passthrough automatically.
+If host `sbatch`/`squeue` are available, they are staged into the sandbox, so
+`labgate claude` should work without extra config in the common HPC path.
 
-SLURM tracking and MCP tools are enabled by default (`slurm.enabled = true`).
+SLURM tracking and MCP tools are enabled by default (`slurm.enabled=true`).
 If native SQLite (`better-sqlite3`) is unavailable on a host, LabGate falls back
 to a JSON tracking store automatically.
 
 Requirements for automatic `sbatch` in sandbox:
 
 1. Runtime is Apptainer
-2. Host shell can resolve SLURM CLI tools before launching LabGate
+2. The host can resolve SLURM CLI tools when launching LabGate
 
-If `sbatch` is missing inside the sandbox:
+If `sbatch` is missing inside the sandbox, run:
 
 ```bash
-which sbatch
+which sbatch                          # on host, before launching labgate
 labgate claude
 ```
 
-If your cluster uses environment modules, load SLURM first:
+If your cluster uses environment modules, load SLURM first (host shell), then launch LabGate:
 
 ```bash
-module load slurm
+module load slurm   # or your site-specific module name
 labgate claude
 ```
 
@@ -343,20 +248,20 @@ Coverage:
   3. Verifies host browser-open hook is triggered
   4. Optional override: `LABGATE_REAL_E2E_IMAGE`
 
-## How It Works
+## How it works
 
 LabGate builds a sandboxed container from your config:
 
-1. Detects Apptainer first (primary HPC path), with secondary fallback runtimes when configured
+1. Detects Apptainer first, then Podman (or uses explicit runtime)
 2. Mounts your working directory at `/work`
 3. Mounts persistent sandbox HOME at `/home/sandbox` (for npm cache, agent config)
 4. Overlays blocked paths (`.ssh`, `.aws`, etc.) with empty mounts
-5. Applies network isolation and command controls
+5. Applies network isolation and capability restrictions
 6. Installs the agent (if not cached) and runs it interactively
 
-On macOS, LabGate can sync Claude credentials from the system keychain so the agent can authenticate automatically.
+On macOS, LabGate syncs your Claude credentials from the system keychain so the agent can authenticate automatically.
 
-## Audit Logs
+## Audit logs
 
 Session events are logged to `~/.labgate/logs/YYYY-MM-DD.jsonl`:
 
@@ -364,6 +269,14 @@ Session events are logged to `~/.labgate/logs/YYYY-MM-DD.jsonl`:
 cat ~/.labgate/logs/2025-02-05.jsonl | jq .
 ```
 
+## Roadmap
+
+- **M0** CLI + sandbox engine + config + audit (this release)
+- **M1** Mount allowlists, network filtering, project-level config
+- **M2** SLURM proxy (submit/status/cancel from inside sandbox)
+- **M3** Web UI for config + audit viewer
+- **M4** Institutional mode (/etc/labgate/ policies, admin locks)
+
 ## License
 
 MIT

package/dist/cli.js

@@ -39,7 +39,6 @@ const fs_1 = require("fs");
 const os_1 = require("os");
 const net_1 = require("net");
 const readline_1 = require("readline");
-const child_process_1 = require("child_process");
 const config_js_1 = require("./lib/config.js");
 const init_js_1 = require("./lib/init.js");
 const container_js_1 = require("./lib/container.js");
@@ -340,49 +339,49 @@ program
         });
     }
 });
-// ── labgate doctor ───────────────────────────────────────
-program
-    .command('doctor')
-    .description('Run preflight checks for LabGate HPC usage')
-    .option('--json', 'Print full report as JSON')
-    .action(async (opts) => {
-    const { runDoctor, renderDoctorReport } = await import('./lib/doctor.js');
-    const report = runDoctor();
-    if (opts.json) {
-        console.log(JSON.stringify(report, null, 2));
-    }
-    else {
-        console.log(renderDoctorReport(report));
-    }
-    if (!report.success) {
-        process.exit(1);
-    }
-});
 // ── labgate ui ───────────────────────────────────────────
 program
     .command('ui')
     .description('Open settings dashboard in browser')
     .option('--port <number>', 'Listen on TCP port (default: 7700; requires auth token)', '')
+    .option('--listen-address <address>', 'Listen on specific IP address (default: 127.0.0.1)', '')
     .option('--socket <path>', 'Unix socket path (owner-only)')
     .action(async (opts) => {
     const portInput = typeof opts.port === 'string' ? opts.port.trim() : '';
+    const listenAddressInput = typeof opts.listenAddress === 'string' ? opts.listenAddress.trim() : '';
     const socketInput = typeof opts.socket === 'string' ? opts.socket.trim() : '';
     const hasPort = portInput.length > 0;
+    const hasListenAddress = listenAddressInput.length > 0;
     const hasSocket = socketInput.length > 0;
     if (hasPort && hasSocket) {
         console.error('Error: use either --port or --socket, not both.');
         process.exit(1);
     }
+    if (hasListenAddress && hasSocket) {
+        console.error('Error: --listen-address can only be used with --port, not --socket.');
+        process.exit(1);
+    }
     const effectivePortInput = hasPort ? portInput : (hasSocket ? '' : String(DEFAULT_UI_PORT));
     const parsedPort = effectivePortInput ? parseInt(effectivePortInput, 10) : NaN;
     if (effectivePortInput && (!Number.isFinite(parsedPort) || parsedPort <= 0 || parsedPort > 65535)) {
         console.error('Error: --port must be an integer between 1 and 65535.');
         process.exit(1);
     }
+    const cfgPath = (0, config_js_1.getConfigPath)();
+    if (!(0, fs_1.existsSync)(cfgPath)) {
+        await (0, init_js_1.initConfig)({ force: false, quiet: true });
+    }
+    const { ensureTmuxAvailable } = await import('./lib/web-terminal.js');
+    const tmuxAvailable = await ensureTmuxAvailable();
+    if (!tmuxAvailable.ok) {
+        console.error(tmuxAvailable.error);
+        process.exit(1);
+    }
     const { startUI } = await import('./lib/ui.js');
     const server = startUI({
         port: Number.isFinite(parsedPort) ? parsedPort : undefined,
         socketPath: hasSocket ? socketInput : undefined,
+        listenAddress: hasListenAddress ? listenAddressInput : undefined,
         standalone: true,
     });
     // In standalone mode, keep the process alive
@@ -415,129 +414,6 @@ program
     const { restartSession } = await import('./lib/container.js');
     await restartSession(id, { dryRun: opts.dryRun ?? false });
 });
-// ── labgate continue <id> ─────────────────────────────────
-program
-    .command('continue')
-    .description('Attach to a tmux-backed web terminal session')
-    .argument('[id]', 'Web terminal session ID/prefix (e.g. wt-abc123...)')
-    .option('--latest', 'Attach to the newest runnable local web-terminal session')
-    .action(async (id, opts) => {
-    const web = await import('./lib/web-terminal.js');
-    if (opts.latest && id && id.trim()) {
-        console.error('Use either an ID/prefix or --latest, not both.');
-        process.exit(1);
-    }
-    const localHost = (0, os_1.hostname)();
-    const all = web.listWebTerminalRecords();
-    const ensureTmux = async () => {
-        const tmux = await web.ensureTmuxAvailable();
-        if (!tmux.ok) {
-            console.error(`Error: ${tmux.error}`);
-            process.exit(1);
-        }
-    };
-    const pickLatestRunnableLocal = async () => {
-        await ensureTmux();
-        for (const item of all) {
-            if (item.node !== localHost)
-                continue;
-            if (await web.hasTmuxSession(item.tmuxSession))
-                return item;
-        }
-        return null;
-    };
-    const pickInteractive = async () => {
-        const candidates = all.slice(0, 20);
-        if (candidates.length === 0)
-            return null;
-        if (!process.stdin.isTTY || !process.stdout.isTTY) {
-            console.error('No session id provided in non-interactive mode. Use `labgate continue <id>` or `--latest`.');
-            process.exit(1);
-        }
-        await ensureTmux();
-        console.error('Select a web terminal session to continue:');
-        for (let i = 0; i < candidates.length; i++) {
-            const item = candidates[i];
-            const alive = item.node === localHost ? await web.hasTmuxSession(item.tmuxSession) : false;
-            const availability = item.node === localHost ? (alive ? 'attachable' : 'not running') : `remote:${item.node}`;
-            console.error(`  ${i + 1}. ${item.id}  ${item.agent}  ${item.status}  ${availability}  ${item.workdir}`);
-        }
-        const rl = (0, readline_1.createInterface)({ input: process.stdin, output: process.stderr });
-        const answer = await new Promise((resolve) => {
-            rl.question('Enter number (or q to cancel): ', (value) => {
-                rl.close();
-                resolve((value || '').trim());
-            });
-        });
-        if (!answer || answer.toLowerCase() === 'q') {
-            console.error('Cancelled.');
-            process.exit(1);
-        }
-        const idx = parseInt(answer, 10);
-        if (!Number.isFinite(idx) || idx < 1 || idx > candidates.length) {
-            console.error(`Invalid selection: ${answer}`);
-            process.exit(1);
-        }
-        return candidates[idx - 1];
-    };
-    let record = null;
-    if (opts.latest) {
-        record = await pickLatestRunnableLocal();
-        if (!record) {
-            console.error('No runnable local web terminal session found.');
-            process.exit(1);
-        }
-    }
-    else if (id && id.trim()) {
-        const resolved = web.resolveWebTerminalRecord(id);
-        if (!resolved.record) {
-            if (resolved.matches.length > 1) {
-                console.error(`Ambiguous session prefix "${id}". Matches:`);
-                for (const item of resolved.matches.slice(0, 20)) {
-                    console.error(`  - ${item.id} (${item.agent}, ${item.workdir})`);
-                }
-                process.exit(1);
-            }
-            console.error(`Session not found: ${id}`);
-            process.exit(1);
-        }
-        record = resolved.record;
-    }
-    else {
-        if (!process.stdin.isTTY || !process.stdout.isTTY) {
-            console.error('No session id provided in non-interactive mode. Use `labgate continue <id>` or `--latest`.');
-            process.exit(1);
-        }
-        record = await pickInteractive();
-        if (!record) {
-            console.error('No web terminal sessions found.');
-            process.exit(1);
-        }
-    }
-    if (record.node !== localHost) {
-        console.error(`Session "${record.id}" is running on node "${record.node}", not "${localHost}".`);
-        console.error(`Attach there: ssh ${record.node} "labgate continue ${record.id}"`);
-        process.exit(1);
-    }
-    await ensureTmux();
-    const alive = await web.hasTmuxSession(record.tmuxSession);
-    if (!alive) {
-        console.error(`Session "${record.id}" is not running anymore (tmux session missing).`);
-        process.exit(1);
-    }
-    let tmuxBin = 'tmux';
-    try {
-        tmuxBin = await web.getTmuxBinary();
-    }
-    catch (err) {
-        console.error(`Error resolving tmux binary: ${err?.message ?? String(err)}`);
-        process.exit(1);
-    }
-    const child = (0, child_process_1.spawn)(tmuxBin, ['attach-session', '-t', record.tmuxSession], { stdio: 'inherit' });
-    child.on('exit', (code) => {
-        process.exit(code ?? 0);
-    });
-});
 // ── labgate slurm ────────────────────────────────────────
 const slurmCmd = program
     .command('slurm')