teamcopilot 0.0.1

package/dist/utils/workflow-runner.js

@@ -0,0 +1,414 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.startWorkflowRunViaBackend = startWorkflowRunViaBackend;
+// @ts-nocheck
+const child_process_1 = require("child_process");
+const fs_1 = require("fs");
+const fsp = __importStar(require("fs/promises"));
+const path = __importStar(require("path"));
+const client_1 = __importDefault(require("../prisma/client"));
+const workflow_interruption_1 = require("./workflow-interruption");
+const MAX_OUTPUT_CHARS = 300000;
+const SLUG_REGEX = /^[a-z0-9]+(?:-[a-z0-9]+)*$/;
+function sanitizeFilenamePart(value) {
+    return value.replace(/[^a-zA-Z0-9._-]/g, "_");
+}
+function isPathInside(childPath, parentPath) {
+    const parent = path.resolve(parentPath) + path.sep;
+    const child = path.resolve(childPath) + path.sep;
+    return child.startsWith(parent);
+}
+function getVenvPythonPath(workflowPath) {
+    return path.join(workflowPath, ".venv", "bin", "python");
+}
+function getVenvBinDir(workflowPath) {
+    return path.join(workflowPath, ".venv", "bin");
+}
+async function assertPathExists(p) {
+    await fsp.access(p);
+}
+async function assertDirectory(p) {
+    const stats = await fsp.stat(p);
+    if (!stats.isDirectory()) {
+        throw new Error(`Expected directory at ${p}`);
+    }
+}
+async function assertVenvExists(workflowPath) {
+    const venvPath = path.join(workflowPath, ".venv");
+    const stats = await fsp.stat(venvPath);
+    if (!stats.isDirectory()) {
+        throw new Error(`Virtual environment path is not a directory: ${venvPath}`);
+    }
+}
+function parseTimeoutSeconds(raw) {
+    if (typeof raw !== "number" || !Number.isFinite(raw))
+        return null;
+    if (raw <= 0)
+        return null;
+    return Math.min(Math.floor(raw), 24 * 60 * 60);
+}
+function coerceBoolean(value) {
+    if (typeof value === "boolean")
+        return value;
+    if (typeof value !== "string")
+        return null;
+    const v = value.trim().toLowerCase();
+    if (["true", "1", "yes", "y", "on"].includes(v))
+        return true;
+    if (["false", "0", "no", "n", "off"].includes(v))
+        return false;
+    return null;
+}
+function coerceNumber(value) {
+    if (typeof value === "number" && Number.isFinite(value))
+        return value;
+    if (typeof value !== "string")
+        return null;
+    const trimmed = value.trim();
+    if (!trimmed)
+        return null;
+    const n = Number(trimmed);
+    return Number.isFinite(n) ? n : null;
+}
+function validateInputs(providedInputs, schema) {
+    const errors = [];
+    const processedInputs = {};
+    for (const [name, config] of Object.entries(schema)) {
+        const value = providedInputs[name];
+        if (value === undefined || value === null) {
+            if (config.required !== false && config.default === undefined) {
+                errors.push(`Missing required input: '${name}'`);
+                continue;
+            }
+            if (config.default !== undefined) {
+                processedInputs[name] = config.default;
+            }
+            continue;
+        }
+        let isValid = false;
+        let processedValue = null;
+        switch (config.type) {
+            case "string":
+                if (typeof value === "string") {
+                    processedValue = value;
+                    isValid = true;
+                }
+                else if (typeof value === "number" || typeof value === "boolean" || typeof value === "bigint") {
+                    processedValue = String(value);
+                    isValid = true;
+                }
+                break;
+            case "number":
+                {
+                    const coerced = coerceNumber(value);
+                    if (coerced !== null) {
+                        processedValue = coerced;
+                        isValid = true;
+                    }
+                }
+                break;
+            case "boolean":
+                {
+                    const coerced = coerceBoolean(value);
+                    if (coerced !== null) {
+                        processedValue = coerced;
+                        isValid = true;
+                    }
+                }
+                break;
+            default:
+                if (typeof value === "string" || typeof value === "number" || typeof value === "boolean") {
+                    processedValue = value;
+                    isValid = true;
+                }
+        }
+        if (!isValid) {
+            errors.push(`Invalid type for '${name}': expected ${config.type}, got ${typeof value}`);
+        }
+        else {
+            processedInputs[name] = processedValue;
+        }
+    }
+    for (const name of Object.keys(providedInputs)) {
+        if (!(name in schema)) {
+            errors.push(`Unexpected input: '${name}' is not defined in workflow.json`);
+        }
+    }
+    return {
+        valid: errors.length === 0,
+        errors,
+        processedInputs
+    };
+}
+function inputsToArgs(inputs) {
+    const args = [];
+    for (const [name, value] of Object.entries(inputs)) {
+        const argName = `--${name}`;
+        if (typeof value === "boolean") {
+            if (value) {
+                args.push(argName);
+            }
+        }
+        else {
+            args.push(argName, String(value));
+        }
+    }
+    return args;
+}
+async function requestWorkflowPermission(opencodeSessionId, messageId, callId) {
+    const permission = await client_1.default.tool_execution_permissions.create({
+        data: {
+            opencode_session_id: opencodeSessionId,
+            message_id: messageId,
+            call_id: callId,
+            status: "pending",
+            created_at: BigInt(Date.now())
+        }
+    });
+    const maxAttempts = 300;
+    for (let attempt = 0; attempt < maxAttempts; attempt += 1) {
+        await new Promise((resolve) => setTimeout(resolve, 1000));
+        const latest = await client_1.default.tool_execution_permissions.findUnique({
+            where: { id: permission.id }
+        });
+        if (!latest) {
+            throw new Error("Permission request not found");
+        }
+        if (latest.status === "approved") {
+            return;
+        }
+        if (latest.status === "rejected") {
+            throw new Error("User denied permission to run this workflow.");
+        }
+    }
+    await client_1.default.tool_execution_permissions.update({
+        where: { id: permission.id },
+        data: {
+            status: "rejected",
+            responded_at: BigInt(Date.now())
+        }
+    });
+    throw new Error("Permission request timed out");
+}
+function runWithTimeout(workflowPath, args, timeoutSeconds, outputFilePath, shouldAbort) {
+    return new Promise((resolve) => {
+        const venvPython = getVenvPythonPath(workflowPath);
+        const runScript = path.join(workflowPath, "run.py");
+        const venvBinDir = getVenvBinDir(workflowPath);
+        let output = "";
+        let outputTruncated = false;
+        let finished = false;
+        const outputFileStream = (0, fs_1.createWriteStream)(outputFilePath, { flags: "a", encoding: "utf-8" });
+        const appendOutput = (text) => {
+            if (finished || outputTruncated)
+                return;
+            const remaining = MAX_OUTPUT_CHARS - output.length;
+            if (remaining <= 0) {
+                outputTruncated = true;
+                output += `\n[WARN] Output truncated after ${MAX_OUTPUT_CHARS} characters\n`;
+                return;
+            }
+            if (text.length <= remaining) {
+                output += text;
+                return;
+            }
+            output += text.slice(0, remaining);
+            outputTruncated = true;
+            output += `\n[WARN] Output truncated after ${MAX_OUTPUT_CHARS} characters\n`;
+        };
+        const child = (0, child_process_1.spawn)(venvPython, ["-u", runScript, ...args], {
+            cwd: workflowPath,
+            env: {
+                ...process.env,
+                PYTHONUNBUFFERED: "1",
+                VIRTUAL_ENV: path.join(workflowPath, ".venv"),
+                PATH: [venvBinDir, process.env.PATH ?? ""].filter(Boolean).join(path.delimiter),
+            },
+            stdio: ["ignore", "pipe", "pipe"],
+            detached: true,
+        });
+        const pid = child.pid;
+        const cleanup = (signal = "SIGTERM") => {
+            if (!pid)
+                return;
+            try {
+                process.kill(-pid, signal);
+            }
+            catch {
+                // ignore
+            }
+        };
+        const finalize = (status) => {
+            if (finished)
+                return;
+            finished = true;
+            if (abortPollId) {
+                clearInterval(abortPollId);
+                abortPollId = null;
+            }
+            outputFileStream.end();
+            resolve({ status, output });
+        };
+        child.stdout?.on("data", (data) => {
+            const text = data.toString();
+            appendOutput(text);
+            outputFileStream.write(text);
+        });
+        child.stderr?.on("data", (data) => {
+            const text = data.toString();
+            appendOutput(text);
+            outputFileStream.write(text);
+        });
+        let abortPollInFlight = false;
+        let abortPollId = null;
+        abortPollId = setInterval(async () => {
+            if (finished || abortPollInFlight)
+                return;
+            abortPollInFlight = true;
+            let abortRequested = false;
+            try {
+                abortRequested = await shouldAbort();
+            }
+            catch {
+                abortRequested = false;
+            }
+            finally {
+                abortPollInFlight = false;
+            }
+            if (!abortRequested || finished)
+                return;
+            cleanup("SIGTERM");
+            setTimeout(() => cleanup("SIGKILL"), 1000);
+            const message = "\n[ERROR] Workflow execution was aborted\n";
+            appendOutput(message);
+            outputFileStream.write(message);
+            finalize("aborted");
+        }, 500);
+        const timeoutId = setTimeout(() => {
+            cleanup("SIGTERM");
+            setTimeout(() => cleanup("SIGKILL"), 1000);
+            const timeoutMessage = `\n[ERROR] Workflow execution timed out after ${timeoutSeconds} seconds\n`;
+            appendOutput(timeoutMessage);
+            outputFileStream.write(timeoutMessage);
+            finalize("timeout");
+        }, timeoutSeconds * 1000);
+        child.on("close", (code) => {
+            clearTimeout(timeoutId);
+            if (code === 0) {
+                finalize("success");
+                return;
+            }
+            if (code !== null) {
+                appendOutput(`\n[ERROR] Process exited with code ${code}\n`);
+                finalize("error");
+                return;
+            }
+            finalize("error");
+        });
+        child.on("error", (err) => {
+            clearTimeout(timeoutId);
+            appendOutput(`\n[ERROR] Failed to start process: ${err.message}\n`);
+            outputFileStream.write(`\n[ERROR] Failed to start process: ${err.message}\n`);
+            finalize("error");
+        });
+    });
+}
+async function startWorkflowRunViaBackend(options) {
+    if (!SLUG_REGEX.test(options.slug)) {
+        throw new Error("Invalid workflow slug. Expected lowercase letters/numbers with optional hyphens.");
+    }
+    const workflowsRoot = path.join(options.workspaceDir, "workflows");
+    const workflowPath = path.join(workflowsRoot, options.slug);
+    if (!isPathInside(workflowPath, workflowsRoot)) {
+        throw new Error("Invalid workflow path (must be inside workflows/).");
+    }
+    await assertDirectory(workflowPath);
+    await assertPathExists(path.join(workflowPath, "run.py"));
+    await assertVenvExists(workflowPath);
+    await assertPathExists(getVenvPythonPath(workflowPath));
+    if (options.requirePermissionPrompt) {
+        await requestWorkflowPermission(options.sessionId, options.messageId, options.callId);
+    }
+    const workflowJson = JSON.parse(await fsp.readFile(path.join(workflowPath, "workflow.json"), "utf-8"));
+    const inputSchema = workflowJson.inputs || {};
+    const validation = validateInputs(options.inputs, inputSchema);
+    if (!validation.valid) {
+        throw new Error(`Input validation failed: ${JSON.stringify(validation.errors)}`);
+    }
+    const timeoutSeconds = parseTimeoutSeconds(workflowJson.runtime?.timeout_seconds);
+    if (!timeoutSeconds) {
+        throw new Error(`Could not read runtime.timeout_seconds from workflow.json for '${options.slug}'`);
+    }
+    const cmdArgs = inputsToArgs(validation.processedInputs);
+    const createdRun = await client_1.default.workflow_runs.create({
+        data: {
+            workflow_slug: options.slug,
+            ran_by_user_id: options.authUserId,
+            status: "running",
+            started_at: BigInt(Date.now()),
+            args: JSON.stringify(options.inputs),
+            session_id: options.sessionId,
+            message_id: options.messageId,
+        }
+    });
+    const workflowRunsDir = path.join(options.workspaceDir, "workflow-runs");
+    await fsp.mkdir(workflowRunsDir, { recursive: true });
+    const outputFilePath = path.join(workflowRunsDir, `${sanitizeFilenamePart(options.sessionId)}-${sanitizeFilenamePart(options.messageId)}.txt`);
+    await fsp.writeFile(outputFilePath, "", "utf-8");
+    const completion = (async () => {
+        const runResult = await runWithTimeout(workflowPath, cmdArgs, timeoutSeconds, outputFilePath, async () => {
+            return await (0, workflow_interruption_1.isWorkflowSessionInterrupted)(options.sessionId, options.workspaceDir);
+        });
+        const finalStatus = runResult.status === "success" ? "success" : "failed";
+        await client_1.default.workflow_runs.update({
+            where: { id: createdRun.id },
+            data: {
+                status: finalStatus,
+                completed_at: BigInt(Date.now()),
+                error_message: runResult.status === "success" ? null : runResult.output.slice(-1000),
+                output: runResult.output,
+            }
+        });
+        return {
+            status: runResult.status,
+            output: runResult.output
+        };
+    })();
+    return { runId: createdRun.id, timeoutSeconds, completion };
+}

package/dist/utils/workflow.js

@@ -0,0 +1,158 @@
+"use strict";
+/**
+ * Helper functions for workflow.json operations.
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getWorkflowPath = getWorkflowPath;
+exports.deleteWorkflow = deleteWorkflow;
+exports.readWorkflowManifestAndEnsurePermissions = readWorkflowManifestAndEnsurePermissions;
+exports.setWorkflowCreator = setWorkflowCreator;
+exports.listWorkflowSlugs = listWorkflowSlugs;
+const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
+const client_1 = __importDefault(require("../prisma/client"));
+const assert_1 = require("./assert");
+const workflow_permissions_1 = require("./workflow-permissions");
+const workspace_sync_1 = require("./workspace-sync");
+/** Get the absolute path to the workspace directory */
+function getWorkspacePath() {
+    return (0, workspace_sync_1.getWorkspaceDirFromEnv)();
+}
+/** Get the path to a workflow directory */
+function getWorkflowPath(slug) {
+    return path_1.default.join(getWorkspacePath(), "workflows", slug);
+}
+/** Get the path to a workflow's manifest file */
+function getWorkflowManifestPath(slug) {
+    return path_1.default.join(getWorkflowPath(slug), "workflow.json");
+}
+/** Delete a workflow directory and all of its contents */
+function deleteWorkflowDirectory(slug) {
+    const workflowPath = getWorkflowPath(slug);
+    if (!fs_1.default.existsSync(workflowPath)) {
+        throw {
+            status: 404,
+            message: `Workflow not found for slug: ${slug}`
+        };
+    }
+    fs_1.default.rmSync(workflowPath, { recursive: true, force: false });
+}
+async function deleteWorkflow(slug) {
+    await client_1.default.workflow_runs.deleteMany({
+        where: { workflow_slug: slug }
+    });
+    await client_1.default.resource_metadata.deleteMany({
+        where: {
+            resource_kind: "workflow",
+            resource_slug: slug
+        }
+    });
+    await client_1.default.resource_permissions.deleteMany({
+        where: {
+            resource_kind: "workflow",
+            resource_slug: slug
+        }
+    });
+    if (fs_1.default.existsSync(getWorkflowPath(slug))) {
+        deleteWorkflowDirectory(slug);
+    }
+}
+/** Read a workflow's manifest */
+function readWorkflowManifest(slug) {
+    const manifestPath = getWorkflowManifestPath(slug);
+    if (!fs_1.default.existsSync(manifestPath)) {
+        throw {
+            status: 404,
+            message: `Workflow manifest not found for slug: ${slug}`
+        };
+    }
+    const content = fs_1.default.readFileSync(manifestPath, "utf-8");
+    return JSON.parse(content);
+}
+async function readWorkflowManifestAndEnsurePermissions(slug) {
+    const manifest = readWorkflowManifest(slug);
+    const metadata = await getOrCreateWorkflowMetadataAndEnsurePermission(slug);
+    return { manifest, metadata };
+}
+/** Set workflow creator in database metadata */
+async function setWorkflowCreator(slug, userId) {
+    const { metadata: existing } = await readWorkflowManifestAndEnsurePermissions(slug);
+    if (existing.created_by_user_id) {
+        (0, assert_1.assertCondition)(existing.created_by_user_id === userId, "Workflow creator mismatch");
+        return existing;
+    }
+    const now = BigInt(Date.now());
+    const row = await client_1.default.resource_metadata.update({
+        where: {
+            resource_kind_resource_slug: {
+                resource_kind: "workflow",
+                resource_slug: slug
+            }
+        },
+        data: {
+            created_by_user_id: userId,
+            updated_at: now,
+        }
+    });
+    return {
+        workflow_slug: row.resource_slug,
+        created_by_user_id: row.created_by_user_id,
+        approved_by_user_id: row.approved_by_user_id,
+    };
+}
+/** List all workflow slugs */
+function listWorkflowSlugs() {
+    const workflowsDir = path_1.default.join(getWorkspacePath(), "workflows");
+    if (!fs_1.default.existsSync(workflowsDir)) {
+        return [];
+    }
+    const entries = fs_1.default.readdirSync(workflowsDir, { withFileTypes: true });
+    const slugs = [];
+    for (const entry of entries) {
+        if (!entry.isDirectory())
+            continue;
+        const manifestPath = path_1.default.join(workflowsDir, entry.name, "workflow.json");
+        if (fs_1.default.existsSync(manifestPath)) {
+            slugs.push(entry.name);
+        }
+    }
+    return slugs;
+}
+async function getOrCreateWorkflowMetadataAndEnsurePermission(slug) {
+    const existing = await client_1.default.resource_metadata.findUnique({
+        where: {
+            resource_kind_resource_slug: {
+                resource_kind: "workflow",
+                resource_slug: slug
+            }
+        }
+    });
+    if (existing) {
+        const metadata = {
+            workflow_slug: existing.resource_slug,
+            created_by_user_id: existing.created_by_user_id,
+            approved_by_user_id: existing.approved_by_user_id,
+        };
+        await (0, workflow_permissions_1.ensureWorkflowRunPermissionsForMetadata)(slug, metadata);
+        return metadata;
+    }
+    const now = BigInt(Date.now());
+    const row = await client_1.default.resource_metadata.create({
+        data: {
+            resource_kind: "workflow",
+            resource_slug: slug,
+            created_at: now,
+            updated_at: now,
+        }
+    });
+    const metadata = {
+        workflow_slug: row.resource_slug,
+        created_by_user_id: row.created_by_user_id,
+        approved_by_user_id: row.approved_by_user_id,
+    };
+    await (0, workflow_permissions_1.ensureWorkflowRunPermissionsForMetadata)(slug, metadata);
+    return metadata;
+}