takos-runtime-service 1.0.0

package/src/routes/repos/branches.ts

@@ -0,0 +1,160 @@
+import { Hono } from 'hono';
+import { runGitCommand } from '../../runtime/git.js';
+import { getErrorMessage } from 'takos-common/errors';
+import {
+  getVerifiedRepoPath,
+  validateRef,
+  requireRepoParams,
+} from './repo-validation.js';
+import { badRequest, internalError, notFound } from 'takos-common/middleware/hono';
+import { ErrorCodes } from 'takos-common/errors';
+
+const app = new Hono();
+
+// ---------------------------------------------------------------------------
+// branches: list, create, delete
+// ---------------------------------------------------------------------------
+
+app.get('/repos/:spaceId/:repoName/branches', async (c) => {
+  try {
+    const spaceId = c.req.param('spaceId');
+    const repoName = c.req.param('repoName');
+
+    const paramsErr = requireRepoParams(c, spaceId, repoName);
+    if (paramsErr) return paramsErr;
+
+    const repoResult = await getVerifiedRepoPath(c, spaceId, repoName);
+    if ('error' in repoResult) return repoResult.error;
+    const gitPath = repoResult.gitPath;
+
+    const { exitCode, output } = await runGitCommand(
+      ['branch', '--list', '--format=%(refname:short)'],
+      gitPath
+    );
+
+    if (exitCode !== 0) {
+      return internalError(c, 'Failed to list branches', { output });
+    }
+
+    const branches = output
+      .split('\n')
+      .map((branch) => branch.trim())
+      .filter((branch) => branch.length > 0);
+
+    return c.json({ success: true, branches });
+  } catch (err) {
+    return internalError(c, getErrorMessage(err));
+  }
+});
+
+app.post('/repos/branch', async (c) => {
+  try {
+    const { spaceId, repoName, branchName, fromRef } = await c.req.json() as {
+      spaceId: string;
+      repoName: string;
+      branchName: string;
+      fromRef?: string;
+    };
+
+    if (!spaceId || !repoName || !branchName) {
+      return badRequest(c, 'spaceId, repoName, and branchName are required');
+    }
+
+    const refErr = validateRef(c, branchName);
+    if (refErr) return refErr;
+    if (fromRef) {
+      const fromRefErr = validateRef(c, fromRef);
+      if (fromRefErr) return fromRefErr;
+    }
+
+    const repoResult = await getVerifiedRepoPath(c, spaceId, repoName);
+    if ('error' in repoResult) return repoResult.error;
+    const gitPath = repoResult.gitPath;
+
+    const branchCheckResult = await runGitCommand(
+      ['show-ref', '--verify', `refs/heads/${branchName}`],
+      gitPath
+    );
+    if (branchCheckResult.exitCode === 0) {
+      return c.json({ error: { code: ErrorCodes.CONFLICT, message: `Branch '${branchName}' already exists` } }, 409);
+    }
+
+    const sourceRef = fromRef || 'HEAD';
+    const resolveResult = await runGitCommand(['rev-parse', sourceRef], gitPath);
+    if (resolveResult.exitCode !== 0) {
+      return badRequest(c, `Invalid reference: ${sourceRef}`, { output: resolveResult.output });
+    }
+
+    const commitHash = resolveResult.output.trim();
+    const createResult = await runGitCommand(
+      ['update-ref', `refs/heads/${branchName}`, commitHash],
+      gitPath
+    );
+
+    if (createResult.exitCode !== 0) {
+      return internalError(c, 'Failed to create branch', { output: createResult.output });
+    }
+
+    return c.json({
+      success: true,
+      branchName,
+      commitHash,
+      fromRef: sourceRef,
+      message: `Branch '${branchName}' created successfully`,
+    });
+  } catch (err) {
+    return internalError(c, getErrorMessage(err));
+  }
+});
+
+app.delete('/repos/branch', async (c) => {
+  try {
+    const { spaceId, repoName, branchName } = await c.req.json() as {
+      spaceId: string;
+      repoName: string;
+      branchName: string;
+    };
+
+    if (!spaceId || !repoName || !branchName) {
+      return badRequest(c, 'spaceId, repoName, and branchName are required');
+    }
+
+    const refErr = validateRef(c, branchName);
+    if (refErr) return refErr;
+
+    if (branchName === 'main' || branchName === 'master') {
+      return badRequest(c, `Cannot delete protected branch: ${branchName}`);
+    }
+
+    const repoResult = await getVerifiedRepoPath(c, spaceId, repoName);
+    if ('error' in repoResult) return repoResult.error;
+    const gitPath = repoResult.gitPath;
+
+    const branchCheckResult = await runGitCommand(
+      ['show-ref', '--verify', `refs/heads/${branchName}`],
+      gitPath
+    );
+    if (branchCheckResult.exitCode !== 0) {
+      return notFound(c, `Branch '${branchName}' not found`);
+    }
+
+    const deleteResult = await runGitCommand(
+      ['update-ref', '-d', `refs/heads/${branchName}`],
+      gitPath
+    );
+
+    if (deleteResult.exitCode !== 0) {
+      return internalError(c, 'Failed to delete branch', { output: deleteResult.output });
+    }
+
+    return c.json({
+      success: true,
+      branchName,
+      message: `Branch '${branchName}' deleted successfully`,
+    });
+  } catch (err) {
+    return internalError(c, getErrorMessage(err));
+  }
+});
+
+export default app;

package/src/routes/repos/content.ts

@@ -0,0 +1,209 @@
+import { Hono } from 'hono';
+import { runGitCommand } from '../../runtime/git.js';
+import { getErrorMessage } from 'takos-common/errors';
+import {
+  getVerifiedRepoPath,
+  validateRef,
+  validatePathParam,
+  requireRepoParams,
+} from './repo-validation.js';
+import { badRequest, internalError, notFound } from 'takos-common/middleware/hono';
+
+const app = new Hono();
+
+// ---------------------------------------------------------------------------
+// tree: ls-tree + blob
+// ---------------------------------------------------------------------------
+
+app.get('/repos/:spaceId/:repoName/tree', async (c) => {
+  try {
+    const spaceId = c.req.param('spaceId');
+    const repoName = c.req.param('repoName');
+    const ref = c.req.query('ref') || 'HEAD';
+    const treePath = c.req.query('path') || '';
+
+    const paramsErr = requireRepoParams(c, spaceId, repoName);
+    if (paramsErr) return paramsErr;
+    const refErr = validateRef(c, ref);
+    if (refErr) return refErr;
+    if (treePath) {
+      const pathErr = validatePathParam(c, treePath);
+      if (pathErr) return pathErr;
+    }
+
+    const repoResult = await getVerifiedRepoPath(c, spaceId, repoName);
+    if ('error' in repoResult) return repoResult.error;
+    const gitPath = repoResult.gitPath;
+
+    const lsTreeArgs = ['ls-tree', '-l', ref];
+    if (treePath) {
+      lsTreeArgs.push('--', treePath);
+    }
+
+    const { exitCode, output } = await runGitCommand(lsTreeArgs, gitPath);
+
+    if (exitCode !== 0) {
+      if (output.includes('Not a valid object name') || output.includes('does not exist')) {
+        return notFound(c, `Reference not found: ${ref}`, { output });
+      }
+      return internalError(c, 'Failed to list tree', { output });
+    }
+
+    const entries = output
+      .split('\n')
+      .filter((line) => line.trim().length > 0)
+      .map((line) => {
+        const tabIndex = line.indexOf('\t');
+        if (tabIndex === -1) return null;
+
+        const metaParts = line.slice(0, tabIndex).split(/\s+/);
+        if (metaParts.length < 4) return null;
+
+        const [mode, type, hash, sizeStr] = metaParts;
+        const name = line.slice(tabIndex + 1);
+        const parsedSize = type === 'blob' ? parseInt(sizeStr, 10) : undefined;
+        const size = parsedSize !== undefined && Number.isFinite(parsedSize) ? parsedSize : undefined;
+
+        return {
+          mode,
+          type: type as 'blob' | 'tree',
+          hash,
+          size,
+          name,
+          path: treePath ? `${treePath}/${name}` : name,
+        };
+      })
+      .filter((entry) => entry !== null);
+
+    return c.json({
+      success: true,
+      ref,
+      path: treePath || '/',
+      entries,
+    });
+  } catch (err) {
+    return internalError(c, getErrorMessage(err));
+  }
+});
+
+app.get('/repos/:spaceId/:repoName/blob', async (c) => {
+  try {
+    const spaceId = c.req.param('spaceId');
+    const repoName = c.req.param('repoName');
+    const ref = c.req.query('ref') || 'HEAD';
+    const filePath = c.req.query('path');
+
+    const paramsErr = requireRepoParams(c, spaceId, repoName);
+    if (paramsErr) return paramsErr;
+
+    if (!filePath) {
+      return badRequest(c, 'path query parameter is required');
+    }
+
+    const refErr = validateRef(c, ref);
+    if (refErr) return refErr;
+    const pathErr = validatePathParam(c, filePath);
+    if (pathErr) return pathErr;
+
+    const repoResult = await getVerifiedRepoPath(c, spaceId, repoName);
+    if ('error' in repoResult) return repoResult.error;
+    const gitPath = repoResult.gitPath;
+
+    const { exitCode, output } = await runGitCommand(['show', `${ref}:${filePath}`], gitPath);
+
+    if (exitCode !== 0) {
+      if (output.includes('does not exist') || output.includes('Not a valid object')) {
+        return notFound(c, `File not found: ${filePath} at ${ref}`, { output });
+      }
+      return internalError(c, 'Failed to get file content', { output });
+    }
+
+    const lsResult = await runGitCommand(['ls-tree', '-l', ref, '--', filePath], gitPath);
+
+    let size: number | undefined;
+    let mode: string | undefined;
+    if (lsResult.exitCode === 0 && lsResult.output.trim()) {
+      const parts = lsResult.output.trim().split(/\s+/);
+      if (parts.length >= 4) {
+        mode = parts[0];
+        const rawSize = parseInt(parts[3], 10);
+        size = Number.isFinite(rawSize) ? rawSize : undefined;
+      }
+    }
+
+    return c.json({
+      success: true,
+      ref,
+      path: filePath,
+      content: output,
+      size,
+      mode,
+    });
+  } catch (err) {
+    return internalError(c, getErrorMessage(err));
+  }
+});
+
+// ---------------------------------------------------------------------------
+// history: commit log
+// ---------------------------------------------------------------------------
+
+app.get('/repos/:spaceId/:repoName/commits', async (c) => {
+  try {
+    const spaceId = c.req.param('spaceId');
+    const repoName = c.req.param('repoName');
+    const limit = c.req.query('limit') || '20';
+    const branch = c.req.query('branch') || 'HEAD';
+
+    const paramsErr = requireRepoParams(c, spaceId, repoName);
+    if (paramsErr) return paramsErr;
+
+    const repoResult = await getVerifiedRepoPath(c, spaceId, repoName);
+    if ('error' in repoResult) return repoResult.error;
+    const gitPath = repoResult.gitPath;
+
+    const refErr = validateRef(c, branch);
+    if (refErr) return refErr;
+
+    const limitNum = Math.min(Math.max(parseInt(limit, 10) || 20, 1), 100);
+    const { exitCode, output } = await runGitCommand(
+      ['log', branch, `-n${limitNum}`, '--format=%H|%s|%an|%ae|%aI'],
+      gitPath
+    );
+
+    if (exitCode !== 0) {
+      if (output.includes('unknown revision') || output.includes('does not have any commits')) {
+        return c.json({
+          success: true,
+          commits: [],
+        });
+      }
+      return internalError(c, 'Failed to get commit history', { output });
+    }
+
+    const commits = output
+      .split('\n')
+      .filter((line) => line.trim().length > 0)
+      .map((line) => {
+        const [hash, message, authorName, authorEmail, date] = line.split('|');
+        return {
+          hash,
+          message,
+          author: {
+            name: authorName,
+            email: authorEmail,
+          },
+          date,
+        };
+      });
+
+    return c.json({
+      success: true,
+      commits,
+    });
+  } catch (err) {
+    return internalError(c, getErrorMessage(err));
+  }
+});
+
+export default app;

package/src/routes/repos/read.ts

@@ -0,0 +1,130 @@
+import { Hono } from 'hono';
+import * as fs from 'fs/promises';
+import * as path from 'path';
+import { REPOS_BASE_DIR, WORKDIR_BASE_DIR } from '../../shared/config.js';
+import { runGitCommand } from '../../runtime/git.js';
+import {
+  getRepoPath,
+  verifyNoSymlinkPathComponents,
+  verifyPathWithinAfterAccess,
+} from '../../runtime/paths.js';
+import { getErrorMessage } from 'takos-common/errors';
+import {
+  validateRef,
+  validateTargetDir,
+} from './repo-validation.js';
+import { isBoundaryViolationError } from '../../shared/errors.js';
+import { badRequest, forbidden, internalError, notFound } from 'takos-common/middleware/hono';
+import { ErrorCodes } from 'takos-common/errors';
+import branchRoutes from './branches.js';
+import contentRoutes from './content.js';
+
+const app = new Hono();
+
+// ---------------------------------------------------------------------------
+// base: init + clone
+// ---------------------------------------------------------------------------
+
+app.post('/repos/init', async (c) => {
+  try {
+    const { spaceId, repoName = 'main' } = await c.req.json() as {
+      spaceId: string;
+      repoName?: string;
+    };
+
+    if (!spaceId) {
+      return badRequest(c, 'spaceId is required');
+    }
+
+    const gitPath = getRepoPath(spaceId, repoName);
+
+    try {
+      await fs.access(gitPath);
+      return c.json({ error: { code: ErrorCodes.CONFLICT, message: 'Repository already exists', details: { gitPath } } }, 409);
+    } catch {
+      // Repository does not exist yet - proceed with creation.
+    }
+
+    await fs.mkdir(path.dirname(gitPath), { recursive: true });
+
+    const { exitCode, output } = await runGitCommand(['init', '--bare', gitPath], REPOS_BASE_DIR);
+
+    if (exitCode !== 0) {
+      return internalError(c, 'Failed to initialize repository', { output });
+    }
+
+    return c.json({
+      success: true,
+      gitPath,
+      message: 'Repository initialized successfully',
+    });
+  } catch (err) {
+    return internalError(c, getErrorMessage(err));
+  }
+});
+
+app.post('/repos/clone', async (c) => {
+  try {
+    const { spaceId, repoName, branch, targetDir } = await c.req.json() as {
+      spaceId: string;
+      repoName: string;
+      branch?: string;
+      targetDir: string;
+    };
+
+    if (!spaceId || !repoName || !targetDir) {
+      return badRequest(c, 'spaceId, repoName, and targetDir are required');
+    }
+
+    const targetDirResult = await validateTargetDir(c, targetDir);
+    if ('error' in targetDirResult) return targetDirResult.error;
+    const resolvedTargetDir = targetDirResult.resolved;
+
+    const gitPath = getRepoPath(spaceId, repoName);
+
+    try {
+      await fs.access(gitPath);
+    } catch {
+      return notFound(c, 'Repository not found', { gitPath });
+    }
+
+    const targetParentDir = path.dirname(resolvedTargetDir);
+    await fs.mkdir(targetParentDir, { recursive: true });
+    await verifyNoSymlinkPathComponents(WORKDIR_BASE_DIR, resolvedTargetDir, 'targetDir');
+    await verifyPathWithinAfterAccess(WORKDIR_BASE_DIR, targetParentDir, 'targetDir');
+
+    const cloneArgs = ['clone'];
+    if (branch) {
+      const refErr = validateRef(c, branch);
+      if (refErr) return refErr;
+      cloneArgs.push('--branch', branch);
+    }
+    cloneArgs.push(gitPath, resolvedTargetDir);
+
+    const { exitCode, output } = await runGitCommand(cloneArgs, '/');
+
+    if (exitCode !== 0) {
+      return internalError(c, 'Failed to clone repository', { output });
+    }
+
+    await verifyPathWithinAfterAccess(WORKDIR_BASE_DIR, resolvedTargetDir, 'targetDir');
+
+    return c.json({
+      success: true,
+      targetDir: resolvedTargetDir,
+      branch: branch || 'default',
+      message: 'Repository cloned successfully',
+    });
+  } catch (err) {
+    if (isBoundaryViolationError(err)) {
+      return forbidden(c, 'Path escapes workdir boundary');
+    }
+    return internalError(c, getErrorMessage(err));
+  }
+});
+
+// Mount branch and content sub-routes
+app.route('/', branchRoutes);
+app.route('/', contentRoutes);
+
+export default app;

package/src/routes/repos/repo-validation.ts

@@ -0,0 +1,136 @@
+import type { Context } from 'hono';
+import * as fs from 'fs/promises';
+import * as path from 'path';
+import { WORKDIR_BASE_DIR } from '../../shared/config.js';
+import {
+  getRepoPath,
+  resolveWorkDirPath,
+  verifyNoSymlinkPathComponents,
+  verifyPathWithinBeforeCreate,
+  verifyPathWithinAfterAccess,
+} from '../../runtime/paths.js';
+import { validateGitRef, validateGitPath } from '../../runtime/validation.js';
+import { getErrorMessage } from 'takos-common/errors';
+import { isBoundaryViolationError } from '../../shared/errors.js';
+import { badRequest, forbidden, notFound } from 'takos-common/middleware/hono';
+
+// --- getVerifiedRepoPath ---
+
+export async function getVerifiedRepoPath(
+  c: Context,
+  spaceId: string,
+  repoName: string,
+): Promise<{ gitPath: string } | { error: Response }> {
+  const gitPath = getRepoPath(spaceId, repoName);
+
+  try {
+    await fs.access(gitPath);
+    return { gitPath };
+  } catch {
+    return { error: notFound(c, 'Repository not found', { gitPath }) };
+  }
+}
+
+/**
+ * Validate that a git ref is well-formed.
+ * Returns null on success, or a Response on failure.
+ */
+export function validateRef(c: Context, ref: string): Response | null {
+  try {
+    validateGitRef(ref);
+    return null;
+  } catch (err) {
+    return badRequest(c, getErrorMessage(err));
+  }
+}
+
+/**
+ * Validate that a git path is well-formed.
+ * Returns null on success, or a Response on failure.
+ */
+export function validatePathParam(c: Context, filePath: string): Response | null {
+  try {
+    validateGitPath(filePath);
+    return null;
+  } catch (err) {
+    return badRequest(c, getErrorMessage(err));
+  }
+}
+
+/**
+ * Validate that spaceId and repoName are present.
+ * Returns null on success, or a Response on failure.
+ */
+export function requireRepoParams(c: Context, spaceId: string | undefined, repoName: string | undefined): Response | null {
+  if (!spaceId || !repoName) {
+    return badRequest(c, 'spaceId and repoName are required');
+  }
+  return null;
+}
+
+/**
+ * Resolve and validate a target directory for repo operations (clone, init).
+ * Checks: path resolution, symlink safety, boundary containment before creation.
+ * Returns the resolved path on success, or an error Response.
+ */
+export async function validateTargetDir(c: Context, targetDir: string): Promise<{ resolved: string } | { error: Response }> {
+  let resolved: string;
+  try {
+    resolved = resolveWorkDirPath(targetDir, 'targetDir');
+  } catch {
+    return { error: badRequest(c, 'Invalid targetDir') };
+  }
+
+  try {
+    await verifyNoSymlinkPathComponents(WORKDIR_BASE_DIR, resolved, 'targetDir');
+    await verifyPathWithinBeforeCreate(WORKDIR_BASE_DIR, resolved, 'targetDir');
+  } catch (err) {
+    if (isBoundaryViolationError(err)) {
+      return { error: forbidden(c, 'Path escapes workdir boundary') };
+    }
+    return { error: badRequest(c, 'Invalid targetDir') };
+  }
+
+  try {
+    const stats = await fs.lstat(resolved);
+    if (stats.isSymbolicLink()) {
+      return { error: forbidden(c, 'Path escapes workdir boundary') };
+    }
+  } catch (err) {
+    if ((err as NodeJS.ErrnoException).code !== 'ENOENT') throw err;
+  }
+
+  return { resolved };
+}
+
+/**
+ * Resolve and validate a working directory for git operations (commit, push).
+ * Checks: path resolution, symlink safety, boundary containment, .git presence.
+ * Returns the resolved path on success, or an error Response.
+ */
+export async function resolveAndValidateWorkDir(c: Context, workDir: string): Promise<{ resolved: string } | { error: Response }> {
+  let resolved: string;
+  try {
+    resolved = resolveWorkDirPath(workDir, 'workDir');
+  } catch (err) {
+    return { error: badRequest(c, getErrorMessage(err)) };
+  }
+
+  try {
+    await verifyNoSymlinkPathComponents(WORKDIR_BASE_DIR, resolved, 'workDir');
+    await verifyPathWithinAfterAccess(WORKDIR_BASE_DIR, resolved, 'workDir');
+  } catch (err) {
+    if (isBoundaryViolationError(err)) {
+      return { error: forbidden(c, 'Path escapes workdir boundary') };
+    }
+    throw err;
+  }
+
+  try {
+    await fs.access(path.join(resolved, '.git'));
+  } catch {
+    return { error: badRequest(c, 'Not a git repository', { workDir: resolved }) };
+  }
+
+  return { resolved };
+}