openthrottle 0.1.11 → 0.1.14

package/dist/config-cmd.js

@@ -0,0 +1,125 @@
+// =============================================================================
+// openthrottle config — View and edit .openthrottle.yml settings.
+//
+// Usage:
+//   openthrottle config                   Show current config
+//   openthrottle config <key> <value>     Set a value (dot-notation)
+//
+// Examples:
+//   openthrottle config phases.plan.model opus
+//   openthrottle config phases.build.timeout 3600
+//   openthrottle config limits.task_timeout 7200
+//   openthrottle config review.enabled false
+// =============================================================================
+import { readFileSync, writeFileSync, existsSync } from 'node:fs';
+import { join } from 'node:path';
+import { parse, stringify } from 'yaml';
+const CONFIG_FILE = '.openthrottle.yml';
+function configPath() {
+    return join(process.cwd(), CONFIG_FILE);
+}
+function loadYaml() {
+    const path = configPath();
+    if (!existsSync(path)) {
+        console.error(`No ${CONFIG_FILE} found. Run "openthrottle init" first.`);
+        process.exit(1);
+    }
+    return parse(readFileSync(path, 'utf8'));
+}
+function saveYaml(doc) {
+    const header = [
+        '# openthrottle.yml — project config for Open Throttle (Daytona runtime)',
+        '# Edit directly or use: openthrottle config <key> <value>',
+        '',
+    ].join('\n');
+    writeFileSync(configPath(), header + stringify(doc));
+}
+/** Get a nested value using dot notation: "phases.plan.model" */
+function getDeep(obj, path) {
+    const parts = path.split('.');
+    let cur = obj;
+    for (const part of parts) {
+        if (cur == null || typeof cur !== 'object')
+            return undefined;
+        cur = cur[part];
+    }
+    return cur;
+}
+/** Set a nested value using dot notation, creating intermediate objects. */
+function setDeep(obj, path, value) {
+    const parts = path.split('.');
+    let cur = obj;
+    for (let i = 0; i < parts.length - 1; i++) {
+        if (cur[parts[i]] == null || typeof cur[parts[i]] !== 'object') {
+            cur[parts[i]] = {};
+        }
+        cur = cur[parts[i]];
+    }
+    cur[parts[parts.length - 1]] = value;
+}
+/** Coerce string values to appropriate types. */
+function coerce(value) {
+    if (value === 'true')
+        return true;
+    if (value === 'false')
+        return false;
+    const num = Number(value);
+    if (!isNaN(num) && value.trim() !== '')
+        return num;
+    return value;
+}
+function printConfig(doc, prefix = '', indent = 0) {
+    const pad = '  '.repeat(indent);
+    for (const [key, val] of Object.entries(doc)) {
+        const fullKey = prefix ? `${prefix}.${key}` : key;
+        if (val != null && typeof val === 'object' && !Array.isArray(val)) {
+            console.log(`${pad}${key}:`);
+            printConfig(val, fullKey, indent + 1);
+        }
+        else if (Array.isArray(val)) {
+            console.log(`${pad}${key}:`);
+            for (const item of val) {
+                if (typeof item === 'object') {
+                    console.log(`${pad}  -`);
+                    printConfig(item, fullKey, indent + 2);
+                }
+                else {
+                    console.log(`${pad}  - ${item}`);
+                }
+            }
+        }
+        else {
+            console.log(`${pad}${key}: ${val}`);
+        }
+    }
+}
+export default function configCmd(args) {
+    const doc = loadYaml();
+    // No args → show config
+    if (args.length === 0) {
+        printConfig(doc);
+        return;
+    }
+    // One arg → show specific key
+    if (args.length === 1) {
+        const val = getDeep(doc, args[0]);
+        if (val === undefined) {
+            console.error(`Key not found: ${args[0]}`);
+            process.exit(1);
+        }
+        if (typeof val === 'object') {
+            printConfig(val);
+        }
+        else {
+            console.log(val);
+        }
+        return;
+    }
+    // Two args → set key
+    const [key, ...rest] = args;
+    const rawValue = rest.join(' ');
+    const value = coerce(rawValue);
+    setDeep(doc, key, value);
+    saveYaml(doc);
+    console.log(`  ${key}: ${value}`);
+}

package/dist/index.js

@@ -127,6 +127,9 @@ function cmdShip(args) {
         'prd-queued', 'prd-running', 'prd-complete', 'prd-failed',
         'needs-review', 'reviewing',
         'bug-queued', 'bug-running', 'bug-complete', 'bug-failed',
+        'bug-confirmed', 'bug-unconfirmed',
+        'triage-queued', 'triage-running', 'triage-complete',
+        'skip-plan',
     ];
     for (const label of labels) {
         try {
@@ -278,6 +281,8 @@ const HELP = `Usage: openthrottle <command>
 Commands:
   init                               Set up Open Throttle in your project
   ship <file.md> [--base <branch>]   Create a GitHub issue to trigger a sandbox
+  run                                Run sandbox lifecycle (used by GH Actions)
+  config [key] [value]               View or edit .openthrottle.yml settings
   status                             Show running, queued, and completed tasks
   logs                               Show recent GitHub Actions workflow runs
 
@@ -301,6 +306,16 @@ async function main() {
         await init();
         return;
     }
+    if (command === 'config') {
+        const { default: configCmd } = await import('./config-cmd.js');
+        configCmd(args.slice(1));
+        return;
+    }
+    if (command === 'run') {
+        const { default: run } = await import('./run.js');
+        await run();
+        return;
+    }
     preflight();
     switch (command) {
         case 'ship':

package/dist/run.js

@@ -0,0 +1,140 @@
+// =============================================================================
+// openthrottle run — Daytona sandbox lifecycle manager.
+//
+// Creates a sandbox, streams entrypoint logs while the orchestrator
+// works inside, then stops and deletes the sandbox when it finishes.
+// =============================================================================
+import { Daytona } from "@daytonaio/sdk";
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+function requireEnv(name) {
+    const value = process.env[name];
+    if (!value) {
+        console.error(`error: ${name} is required`);
+        process.exit(1);
+    }
+    return value;
+}
+const PASSTHROUGH_KEYS = [
+    "ANTHROPIC_API_KEY",
+    "CLAUDE_CODE_OAUTH_TOKEN",
+    "OPENAI_API_KEY",
+    "SUPABASE_ACCESS_TOKEN",
+    "TELEGRAM_BOT_TOKEN",
+    "TELEGRAM_CHAT_ID",
+    "FROM_PR",
+];
+const SKIP_PATTERN = /^(GITHUB|RUNNER|ACTIONS|INPUT|CI|HOME|PATH|SHELL|USER|TERM|PWD|NODE|SNAPSHOT|DAYTONA|LANG|LC_|DOTNET|JAVA|ANDROID|CHROME|DEBIAN|HOMEBREW|GOROOT|PIPX|CONDA|TASK_TIMEOUT)/;
+function buildSandboxEnv(githubToken, githubRepo, workItem, taskType) {
+    const env = {
+        GITHUB_TOKEN: githubToken,
+        GITHUB_REPO: githubRepo,
+        WORK_ITEM: workItem,
+        TASK_TYPE: taskType,
+    };
+    for (const key of PASSTHROUGH_KEYS) {
+        const value = process.env[key];
+        if (value)
+            env[key] = value;
+    }
+    // Project-specific secrets (scaffolder-injected @@ENV_SECRETS@@)
+    for (const [key, value] of Object.entries(process.env)) {
+        if (!value || key in env)
+            continue;
+        if (!/^[A-Z][A-Z0-9_]+$/.test(key))
+            continue;
+        if (SKIP_PATTERN.test(key))
+            continue;
+        env[key] = value;
+    }
+    return env;
+}
+// ---------------------------------------------------------------------------
+// Main (exported for use by CLI index.ts)
+// ---------------------------------------------------------------------------
+export default async function run() {
+    const apiKey = requireEnv("DAYTONA_API_KEY");
+    const snapshot = requireEnv("SNAPSHOT");
+    const workItem = requireEnv("WORK_ITEM");
+    const taskType = requireEnv("TASK_TYPE");
+    const githubRepo = process.env.GITHUB_REPO || process.env["github.repository"] || "";
+    const githubToken = process.env.GH_PAT || process.env.GITHUB_TOKEN || "";
+    const runId = process.env.GITHUB_RUN_ID || String(Date.now());
+    const taskTimeout = parseInt(process.env.TASK_TIMEOUT || "7200", 10);
+    const daytona = new Daytona({ apiKey });
+    let sandbox;
+    const sandboxName = `ot-${taskType}-${workItem}-${runId}`;
+    const cleanup = async (signal) => {
+        if (signal)
+            console.log(`\n[run] Received ${signal}`);
+        if (!sandbox)
+            return;
+        const s = sandbox;
+        sandbox = undefined;
+        try {
+            console.log("[run] Stopping sandbox...");
+            await s.stop();
+        }
+        catch {
+            // may already be stopped
+        }
+        try {
+            console.log("[run] Deleting sandbox...");
+            await s.delete();
+        }
+        catch (e) {
+            console.error("[run] Delete failed:", e);
+        }
+    };
+    process.once("SIGINT", () => cleanup("SIGINT").then(() => process.exit(130)));
+    process.once("SIGTERM", () => cleanup("SIGTERM").then(() => process.exit(143)));
+    try {
+        console.log(`[run] Creating sandbox: ${sandboxName}`);
+        console.log(`[run] Snapshot: ${snapshot}`);
+        console.log(`[run] Task: ${taskType} #${workItem}`);
+        sandbox = await daytona.create({
+            snapshot,
+            name: sandboxName,
+            envVars: buildSandboxEnv(githubToken, githubRepo, workItem, taskType),
+            labels: {
+                project: githubRepo.split("/").pop() || "unknown",
+                task_type: taskType,
+                issue: workItem,
+            },
+            autoStopInterval: Math.ceil(taskTimeout / 60) + 10,
+            autoDeleteInterval: Math.ceil(taskTimeout / 60) + 30,
+        });
+        console.log(`[run] Sandbox created: ${sandboxName}`);
+        console.log(`[run] Streaming logs (timeout: ${taskTimeout}s)...`);
+        // Stream entrypoint logs — blocks until entrypoint exits
+        const logStreamDone = sandbox.process.getEntrypointLogs((chunk) => process.stdout.write(chunk), (chunk) => process.stderr.write(chunk));
+        await Promise.race([
+            logStreamDone,
+            new Promise((_, reject) => setTimeout(() => reject(new Error(`Task timeout (${taskTimeout}s) exceeded`)), taskTimeout * 1000)),
+        ]);
+        // Get exit code
+        let exitCode = 0;
+        try {
+            const session = await sandbox.process.getEntrypointSession();
+            const commands = session?.commands || [];
+            if (commands.length > 0) {
+                const last = commands[commands.length - 1];
+                if (last.exitCode !== undefined && last.exitCode !== null) {
+                    exitCode = last.exitCode;
+                }
+            }
+        }
+        catch {
+            // default to 0
+        }
+        console.log(`[run] Finished (exit code: ${exitCode})`);
+        await cleanup();
+        process.exit(exitCode);
+    }
+    catch (err) {
+        console.error(`[run] Error: ${err?.message ?? err}`);
+        await cleanup();
+        process.exit(1);
+    }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "openthrottle",
-  "version": "0.1.11",
+  "version": "0.1.14",
   "description": "CLI for Open Throttle — ship prompts to Daytona sandboxes.",
   "type": "module",
   "bin": {
@@ -12,9 +12,12 @@
   ],
   "scripts": {
     "build": "tsc",
+    "test": "echo 'No tests'",
+    "lint": "echo 'No linter configured'",
     "prepublishOnly": "npm run build"
   },
   "dependencies": {
+    "@daytonaio/sdk": "^0.153.0",
     "prompts": "^2.4.2",
     "yaml": "^2.4.0"
   },

package/templates/wake-sandbox.yml

@@ -6,15 +6,15 @@
 #   - PR review with changes_requested      → review-fix sandbox
 #
 # Each trigger creates a fresh ephemeral sandbox — no polling, no long-lived state.
-# Multiple triggers fire in parallel (one sandbox per task).
+# The GH Actions runner stays alive to stream logs and clean up the sandbox.
 #
 # Required repository secrets:
 #   DAYTONA_API_KEY          — API key from daytona.io
+#   GH_PAT                   — GitHub PAT for sandbox git operations
 #   ANTHROPIC_API_KEY        — (option a) or
 #   CLAUDE_CODE_OAUTH_TOKEN  — (option b) for Claude Code auth
 #   TELEGRAM_BOT_TOKEN       — optional, for notifications
 #   TELEGRAM_CHAT_ID         — optional, for notifications
-#   SUPABASE_ACCESS_TOKEN    — optional, for Supabase MCP
 
 name: Wake Sandbox
 
@@ -37,8 +37,9 @@ permissions:
 
 jobs:
   run-task:
-    if: ${{ contains(fromJSON('["prd-queued","bug-queued","needs-review","needs-investigation"]'), github.event.label.name) || (github.event.review.state == 'changes_requested') }}
+    if: ${{ contains(fromJSON('["prd-queued","bug-queued","needs-review","needs-investigation","triage-queued"]'), github.event.label.name) || (github.event.review.state == 'changes_requested') }}
     runs-on: ubuntu-latest
+    timeout-minutes: 150
     steps:
       - uses: actions/checkout@v6
 
@@ -62,7 +63,7 @@ jobs:
           fi
           echo "item=$WORK_ITEM" >> "$GITHUB_OUTPUT"
 
-          # Determine task type (using env vars, not inline expressions)
+          # Determine task type
           TASK_TYPE="prd"
           if [[ "$EVENT_LABEL" == "bug-queued" ]]; then
             TASK_TYPE="bug"
@@ -70,94 +71,51 @@ jobs:
             TASK_TYPE="review"
           elif [[ "$EVENT_LABEL" == "needs-investigation" ]]; then
             TASK_TYPE="investigation"
+          elif [[ "$EVENT_LABEL" == "triage-queued" ]]; then
+            TASK_TYPE="triage"
           elif [[ "$EVENT_REVIEW_STATE" == "changes_requested" ]]; then
             TASK_TYPE="review-fix"
           fi
           echo "task_type=$TASK_TYPE" >> "$GITHUB_OUTPUT"
 
-          # For review-fix tasks, pass the PR number so the sandbox can
-          # use `claude --from-pr` to resume conversation context
           FROM_PR=""
           if [[ "$TASK_TYPE" == "review-fix" ]]; then
             FROM_PR="${EVENT_PR_NUM}"
           fi
           echo "from_pr=$FROM_PR" >> "$GITHUB_OUTPUT"
 
-      - name: Install Daytona CLI
-        run: curl -Lo daytona "https://download.daytona.io/cli/latest/daytona-linux-amd64" && sudo chmod +x daytona && sudo mv daytona /usr/local/bin/
-
-      - name: Install yq
-        run: sudo snap install yq
-
-      - name: Validate config
+      - name: Read snapshot from config
         id: config
         run: |
-          SNAPSHOT=$(yq '.snapshot // ""' .openthrottle.yml)
-          if [[ -z "$SNAPSHOT" || "$SNAPSHOT" == "null" ]]; then
-            echo "::error::Missing 'snapshot' key in .openthrottle.yml — cannot create sandbox"
+          SNAPSHOT=$(grep '^snapshot:' .openthrottle.yml 2>/dev/null | awk '{print $2}' || echo "")
+          TASK_TIMEOUT=$(grep 'task_timeout:' .openthrottle.yml 2>/dev/null | awk '{print $2}' || echo "7200")
+          if [[ -z "$SNAPSHOT" ]]; then
+            echo "::error::Missing 'snapshot' in .openthrottle.yml"
             exit 1
           fi
           echo "snapshot=$SNAPSHOT" >> "$GITHUB_OUTPUT"
+          echo "task_timeout=$TASK_TIMEOUT" >> "$GITHUB_OUTPUT"
 
-      - name: Authenticate Daytona CLI
-        run: daytona login --api-key "$DAYTONA_API_KEY"
-        env:
-          DAYTONA_API_KEY: ${{ secrets.DAYTONA_API_KEY }}
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '22'
 
-      - name: Verify snapshot exists
+      - name: Run sandbox lifecycle
         env:
           DAYTONA_API_KEY: ${{ secrets.DAYTONA_API_KEY }}
           SNAPSHOT: ${{ steps.config.outputs.snapshot }}
-        run: |
-          # Reactivate if idle >2 weeks, then verify it exists
-          daytona snapshot activate "$SNAPSHOT" 2>/dev/null || true
-          if ! daytona snapshot list 2>/dev/null | grep -q "$SNAPSHOT"; then
-            echo "::error::Snapshot '$SNAPSHOT' not found. Create it first: daytona snapshot create $SNAPSHOT --image <your-image:tag>"
-            echo "Available snapshots:"
-            daytona snapshot list 2>/dev/null || echo "  (could not list snapshots)"
-            exit 1
-          fi
-          echo "Snapshot verified: $SNAPSHOT"
-
-      - name: Create and run sandbox
-        env:
-          DAYTONA_API_KEY: ${{ secrets.DAYTONA_API_KEY }}
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          WORK_ITEM: ${{ steps.work.outputs.item }}
+          TASK_TYPE: ${{ steps.work.outputs.task_type }}
+          TASK_TIMEOUT: ${{ steps.config.outputs.task_timeout }}
+          GH_PAT: ${{ secrets.GH_PAT }}
+          GITHUB_REPO: ${{ github.repository }}
           ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
           CLAUDE_CODE_OAUTH_TOKEN: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
           OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
           SUPABASE_ACCESS_TOKEN: ${{ secrets.SUPABASE_ACCESS_TOKEN }}
-          SNAPSHOT: ${{ steps.config.outputs.snapshot }}
-          WORK_ITEM: ${{ steps.work.outputs.item }}
-          TASK_TYPE: ${{ steps.work.outputs.task_type }}
+          TELEGRAM_BOT_TOKEN: ${{ secrets.TELEGRAM_BOT_TOKEN }}
+          TELEGRAM_CHAT_ID: ${{ secrets.TELEGRAM_CHAT_ID }}
           FROM_PR: ${{ steps.work.outputs.from_pr }}
           # @@ENV_SECRETS@@ — scaffolder inserts project-specific secrets here
-        run: |
-          SANDBOX_NAME="ot-${TASK_TYPE}-${WORK_ITEM}-${GITHUB_RUN_ID}"
-
-          # Create ephemeral sandbox
-          daytona create \
-            --snapshot "$SNAPSHOT" \
-            --name "$SANDBOX_NAME" \
-            --auto-stop 180 \
-            --label "project=${{ github.event.repository.name }}" \
-            --label "task_type=${TASK_TYPE}" \
-            --label "issue=${WORK_ITEM}" \
-            --env "GITHUB_TOKEN=${{ secrets.GH_PAT }}" \
-            --env "GITHUB_REPO=${{ github.repository }}" \
-            --env "ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}" \
-            --env "CLAUDE_CODE_OAUTH_TOKEN=${CLAUDE_CODE_OAUTH_TOKEN}" \
-            --env "OPENAI_API_KEY=${OPENAI_API_KEY}" \
-            --env "SUPABASE_ACCESS_TOKEN=${SUPABASE_ACCESS_TOKEN}" \
-            --env "TELEGRAM_BOT_TOKEN=${{ secrets.TELEGRAM_BOT_TOKEN }}" \
-            --env "TELEGRAM_CHAT_ID=${{ secrets.TELEGRAM_CHAT_ID }}" \
-            --env "WORK_ITEM=${WORK_ITEM}" \
-            --env "TASK_TYPE=${TASK_TYPE}" \
-            --env "FROM_PR=${FROM_PR}" \
-            # @@ENV_FLAGS@@ — scaffolder inserts --env flags for project secrets here
-
-          echo "Sandbox created: $SANDBOX_NAME"
-          echo "Task: ${TASK_TYPE} #${WORK_ITEM}"
-          if [[ -n "$FROM_PR" ]]; then
-            echo "Review-fix mode: sandbox will use 'claude --from-pr $FROM_PR' to resume PR context"
-          fi
+        run: npx openthrottle@latest run