teleportation-cli 1.0.0 → 1.0.2

package/lib/remote/orchestrator.js

@@ -0,0 +1,480 @@
+/**
+ * RemoteOrchestrator
+ *
+ * Manages remote session lifecycle:
+ * - Created → Provisioning → Syncing → Running → Completed/Failed
+ * - Integrates VaultClient, LivePortClient, Provider, and StateCapturer
+ * - Handles cleanup on errors and completion
+ */
+
+import { EventEmitter } from 'events';
+import { StateCapturer } from './state-capture.js';
+
+/**
+ * Session states
+ */
+export const SessionState = {
+  CREATED: 'created',
+  CAPTURING: 'capturing',
+  PROVISIONING: 'provisioning',
+  SYNCING: 'syncing',
+  RUNNING: 'running',
+  PAUSED: 'paused',
+  COMPLETED: 'completed',
+  FAILED: 'failed',
+  CLEANUP: 'cleanup',
+};
+
+/**
+ * RemoteOrchestrator class
+ */
+export class RemoteOrchestrator extends EventEmitter {
+  /**
+   * @param {Object} options
+   * @param {string} options.sessionId - Session identifier
+   * @param {string} options.repoPath - Path to git repository
+   * @param {Object} options.vaultClient - Mech Vault client instance
+   * @param {Object} options.livePortClient - LivePort client instance
+   * @param {Object} options.provider - Cloud provider instance (Fly/Daytona)
+   * @param {boolean} [options.verbose] - Enable verbose progress logging
+   */
+  constructor(options) {
+    super();
+
+    const { sessionId, repoPath, vaultClient, livePortClient, provider, verbose } = options;
+
+    if (!sessionId) {
+      throw new Error('sessionId is required');
+    }
+
+    if (!repoPath) {
+      throw new Error('repoPath is required');
+    }
+
+    if (!vaultClient || !livePortClient || !provider) {
+      throw new Error('All dependencies (vaultClient, livePortClient, provider) are required');
+    }
+
+    this.sessionId = sessionId;
+    this.repoPath = repoPath;
+    this.vaultClient = vaultClient;
+    this.livePortClient = livePortClient;
+    this.provider = provider;
+    this.verbose = verbose || false;
+
+    // Create StateCapturer for local state capture
+    this.stateCapturer = options.stateCapturer || new StateCapturer({
+      repoPath: this.repoPath,
+      sessionId: this.sessionId,
+      verbose: this.verbose,
+    });
+
+    // Session state
+    this.state = SessionState.CREATED;
+    this.stateHistory = [{ state: SessionState.CREATED, timestamp: Date.now() }];
+
+    // Resources created during session
+    this.machineId = null;
+    this.machineDetails = null;
+    this.tunnelUrl = null;
+    this.bridgeKeyId = null;
+    this.sshKeyId = null;
+    this.vaultNamespace = null;
+    this.secretIds = [];
+
+    // Captured state
+    this.capturedState = null;
+
+    // Metadata
+    this.metadata = {};
+    this.error = null;
+    this.cleanupErrors = [];
+
+    // Flags
+    this.started = false;
+    this.destroyed = false;
+
+    // Progress tracking
+    this.progress = {
+      current: 0,
+      total: 6, // Total number of steps in provisioning flow
+      step: null,
+    };
+  }
+
+  /**
+   * Transition to a new state
+   * @private
+   */
+  _transitionState(newState) {
+    const oldState = this.state;
+    this.state = newState;
+    this.stateHistory.push({ state: newState, timestamp: Date.now() });
+    this.emit('stateChange', newState, oldState);
+
+    if (this.verbose) {
+      console.log(`[orchestrator] State: ${oldState} → ${newState}`);
+    }
+  }
+
+  /**
+   * Update progress
+   * @private
+   * @param {number} step - Current step number (1-based)
+   * @param {string} description - Step description
+   */
+  _updateProgress(step, description) {
+    this.progress = {
+      current: step,
+      total: 6,
+      step: description,
+    };
+
+    this.emit('progress', this.progress);
+
+    if (this.verbose) {
+      console.log(`[orchestrator] Progress: ${step}/6 - ${description}`);
+    }
+  }
+
+  /**
+   * Start remote session
+   *
+   * Provisioning flow:
+   * 1. Capture local state (git, env, uncommitted changes)
+   * 2. Store secrets in Vault
+   * 3. Provision remote machine
+   * 4. Sync code to remote
+   * 5. Initialize machine (install deps, start daemon)
+   * 6. Mark as running
+   *
+   * @param {Object} options
+   * @param {string} options.task - Task description
+   * @param {string} [options.branch] - Git branch to checkout (defaults to current)
+   * @param {string} options.repoUrl - Git repository URL
+   * @param {string} options.relayApiUrl - Relay API endpoint
+   * @param {string} options.relayApiKey - Relay API key
+   * @param {string} options.githubToken - GitHub personal access token
+   * @param {string} [options.mechApiKey] - Mech API key for router
+   * @param {Object} [options.additionalSecrets] - Additional secrets to store
+   * @param {Object} [options.envOptions] - Options for env capture (filterPattern, exclude)
+   * @returns {Promise<Object>} Machine details and session info
+   * @throws {Error} If provisioning fails
+   */
+  async startSession(options) {
+    const {
+      task,
+      branch,
+      repoUrl,
+      relayApiUrl,
+      relayApiKey,
+      githubToken,
+      mechApiKey,
+      additionalSecrets = {},
+      envOptions = {},
+    } = options;
+
+    if (this.started) {
+      throw new Error('Session already started');
+    }
+
+    if (!repoUrl || !relayApiUrl || !relayApiKey || !githubToken) {
+      throw new Error('Required fields: repoUrl, relayApiUrl, relayApiKey, githubToken');
+    }
+
+    this.started = true;
+    this.metadata.task = task;
+    this.metadata.branch = branch;
+    this.metadata.startedAt = Date.now();
+
+    try {
+      // Step 1: Capture local state
+      this._transitionState(SessionState.CAPTURING);
+      this._updateProgress(1, 'Capturing local state...');
+
+      this.capturedState = await this.stateCapturer.captureAll({ envOptions });
+
+      // Re-check uncommitted changes immediately before committing
+      // (prevents race condition where repo state changes between capture and commit)
+      const currentChanges = await this.stateCapturer.captureUncommittedChanges();
+      if (currentChanges.hasChanges) {
+        const commitResult = await this.stateCapturer.commitAndPushChanges(task);
+        this.metadata.wipCommit = commitResult.commit;
+        this.metadata.wipBranch = commitResult.branch;
+      }
+
+      // Step 2: Store secrets in Vault
+      this._transitionState(SessionState.PROVISIONING);
+      this._updateProgress(2, 'Storing secrets in Vault...');
+
+      this.vaultNamespace = `teleportation.remote.${this.sessionId}`;
+
+      // Merge captured env vars with explicit secrets
+      const allSecrets = {
+        RELAY_API_URL: relayApiUrl,
+        RELAY_API_KEY: relayApiKey,
+        GITHUB_TOKEN: githubToken,
+        ...additionalSecrets,
+      };
+
+      if (mechApiKey) {
+        allSecrets.MECH_API_KEY = mechApiKey;
+      }
+
+      // Step 3: Provision remote machine (which handles SSH, tunnel, and secrets internally)
+      this._updateProgress(3, 'Provisioning remote machine...');
+
+      const sessionConfig = {
+        sessionId: this.sessionId,
+        machineId: this.sessionId, // Use sessionId as machineId
+        repoUrl,
+        branch: this.metadata.wipBranch || branch || this.capturedState.git.branch || 'main',
+        relayApiUrl,
+        relayApiKey,
+        githubToken,
+        mechApiKey,
+        task,
+        additionalSecrets: allSecrets,
+      };
+
+      this.machineDetails = await this.provider.createMachine(sessionConfig);
+      this.machineId = this.machineDetails.machineId;
+      this.tunnelUrl = this.machineDetails.tunnelUrl;
+      this.bridgeKeyId = this.machineDetails.bridgeKeyId;
+      this.sshKeyId = this.machineDetails.sshKeyId;
+      this.secretIds = this.machineDetails.secretIds || [];
+
+      // Step 4: Wait for machine initialization
+      this._transitionState(SessionState.SYNCING);
+      this._updateProgress(4, 'Waiting for machine initialization...');
+
+      // Give machine time to start and run init script
+      await this._waitForMachineReady();
+
+      // Step 5: Verify machine is running
+      this._updateProgress(5, 'Verifying machine status...');
+
+      const status = await this.provider.getMachineStatus(this.machineId);
+      if (status.status !== 'started' && status.status !== 'running') {
+        throw new Error(`Machine failed to start. Status: ${status.status}`);
+      }
+
+      // Step 6: Mark as running
+      this._updateProgress(6, 'Session ready!');
+      this._transitionState(SessionState.RUNNING);
+
+      return {
+        sessionId: this.sessionId,
+        machineId: this.machineId,
+        tunnelUrl: this.tunnelUrl,
+        state: this.state,
+        machineDetails: this.machineDetails,
+      };
+    } catch (error) {
+      this.error = error;
+      this._transitionState(SessionState.FAILED);
+
+      // Cleanup on failure
+      await this._cleanupOnFailure();
+
+      throw error;
+    }
+  }
+
+  /**
+   * Wait for machine to be ready
+   * @private
+   * @param {number} [maxWaitMs=120000] - Max wait time (default: 2 minutes)
+   * @param {number} [pollIntervalMs=5000] - Poll interval (default: 5 seconds)
+   * @returns {Promise<void>}
+   */
+  async _waitForMachineReady(maxWaitMs = 120000, pollIntervalMs = 5000) {
+    const startTime = Date.now();
+
+    while (Date.now() - startTime < maxWaitMs) {
+      try {
+        const status = await this.provider.getMachineStatus(this.machineId);
+
+        if (status.status === 'started' || status.status === 'running') {
+          return; // Machine is ready
+        }
+
+        if (status.status === 'error' || status.status === 'failed') {
+          throw new Error(`Machine failed during initialization: ${status.status}`);
+        }
+
+        // Wait before next poll
+        await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));
+      } catch (error) {
+        // If it's a "machine not found" error, machine hasn't started yet
+        if (error.message.includes('not found')) {
+          await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));
+          continue;
+        }
+
+        throw error;
+      }
+    }
+
+    throw new Error(`Machine failed to become ready within ${maxWaitMs}ms`);
+  }
+
+  /**
+   * Cleanup resources on failure
+   *
+   * Destroys machine and verifies cleanup succeeded.
+   * Secrets and tunnel cleanup handled by provider internally.
+   *
+   * @private
+   * @returns {Promise<void>}
+   */
+  async _cleanupOnFailure() {
+    // Destroy machine if created
+    if (this.machineId) {
+      try {
+        await this.provider.destroyMachine(this.machineId);
+
+        // Verify machine is actually destroyed
+        try {
+          await this.provider.getMachineStatus(this.machineId);
+          // If we get here, machine still exists
+          this.cleanupErrors.push({
+            resource: 'machine',
+            error: 'Machine still exists after destroy attempt',
+          });
+        } catch (notFoundErr) {
+          // Expected: machine not found means successfully destroyed
+          if (this.verbose) {
+            console.log('[orchestrator] Machine successfully destroyed and verified');
+          }
+        }
+      } catch (err) {
+        this.cleanupErrors.push({
+          resource: 'machine',
+          error: err?.message || String(err),
+        });
+      }
+    }
+
+    // Note: Secrets and tunnel are cleaned up by provider's internal cleanup
+
+    if (this.verbose && this.cleanupErrors.length > 0) {
+      console.warn('[orchestrator] Cleanup errors:', this.cleanupErrors);
+    }
+  }
+
+  /**
+   * Stop remote session (pause)
+   * @returns {Promise<void>}
+   */
+  async stopSession() {
+    if (this.state !== SessionState.RUNNING) {
+      throw new Error(`Cannot stop session in state: ${this.state}`);
+    }
+
+    try {
+      await this.provider.stopMachine(this.machineId);
+      this._transitionState(SessionState.PAUSED);
+    } catch (error) {
+      this.error = error;
+      this._transitionState(SessionState.FAILED);
+      throw error;
+    }
+  }
+
+  /**
+   * Resume paused session
+   * @returns {Promise<void>}
+   */
+  async resumeSession() {
+    if (this.state !== SessionState.PAUSED) {
+      throw new Error(`Cannot resume session in state: ${this.state}`);
+    }
+
+    try {
+      await this.provider.startMachine(this.machineId);
+      this._transitionState(SessionState.RUNNING);
+    } catch (error) {
+      this.error = error;
+      this._transitionState(SessionState.FAILED);
+      throw error;
+    }
+  }
+
+  /**
+   * Get session status
+   * @returns {Promise<Object>}
+   */
+  async getStatus() {
+    const status = {
+      sessionId: this.sessionId,
+      state: this.state,
+      machineId: this.machineId,
+      tunnelUrl: this.tunnelUrl,
+      metadata: this.metadata,
+      progress: this.progress,
+      error: this.error ? this.error.message : null,
+      capturedState: this.capturedState ? {
+        git: this.capturedState.git,
+        uncommittedChanges: this.capturedState.uncommittedChanges,
+      } : null,
+    };
+
+    // Query provider for machine status if machine exists
+    if (this.machineId && (this.state === SessionState.RUNNING || this.state === SessionState.PAUSED)) {
+      try {
+        const machineStatus = await this.provider.getMachineStatus(this.machineId);
+        status.machine = machineStatus;
+      } catch (err) {
+        status.machine = { error: err.message };
+      }
+    }
+
+    return status;
+  }
+
+  /**
+   * Get machine logs
+   * @param {Object} [options] - Log options
+   * @param {number} [options.tail] - Number of lines to retrieve
+   * @returns {Promise<Object>} Log data
+   */
+  async getLogs(options = {}) {
+    if (!this.machineId) {
+      throw new Error('No machine provisioned');
+    }
+
+    return this.provider.getLogs(this.machineId, options);
+  }
+
+  /**
+   * Destroy session and cleanup all resources
+   * @returns {Promise<Object>} Cleanup result with errors if any
+   */
+  async destroySession() {
+    if (this.destroyed) {
+      return { success: true, errors: [] }; // Idempotent
+    }
+
+    this.destroyed = true;
+    this._transitionState(SessionState.CLEANUP);
+
+    const errors = [];
+
+    // Destroy machine (provider handles internal cleanup of secrets/tunnels)
+    if (this.machineId) {
+      try {
+        await this.provider.destroyMachine(this.machineId);
+      } catch (err) {
+        errors.push({ resource: 'machine', error: err?.message || String(err) });
+      }
+    }
+
+    return {
+      success: errors.length === 0,
+      errors,
+    };
+  }
+}
+
+export default RemoteOrchestrator;