abom-cli 0.1.0__py3-none-any.whl

abom/db.py

@@ -0,0 +1,127 @@
+"""Async SQLAlchemy engine, session factory, and ORM models (see MVP_SPEC §5)."""
+from __future__ import annotations
+
+import uuid
+from datetime import datetime, timezone
+
+from sqlalchemy import (
+    BigInteger, Boolean, DateTime, ForeignKey, Integer, String, Text,
+    UniqueConstraint,
+)
+from sqlalchemy.dialects.postgresql import JSONB, UUID
+from sqlalchemy.ext.asyncio import AsyncSession, async_sessionmaker, create_async_engine
+from sqlalchemy.orm import DeclarativeBase, Mapped, mapped_column
+
+from .config import settings
+
+engine = create_async_engine(settings.database_url, pool_pre_ping=True)
+SessionLocal = async_sessionmaker(engine, class_=AsyncSession, expire_on_commit=False)
+
+
+def _uuid() -> uuid.UUID:
+    return uuid.uuid4()
+
+
+def _now() -> datetime:
+    return datetime.now(timezone.utc)
+
+
+class Base(DeclarativeBase):
+    pass
+
+
+class Project(Base):
+    __tablename__ = "projects"
+    id: Mapped[uuid.UUID] = mapped_column(UUID(as_uuid=True), primary_key=True, default=_uuid)
+    name: Mapped[str] = mapped_column(String(200))
+    repo_url: Mapped[str] = mapped_column(Text)
+    test_command: Mapped[str] = mapped_column(Text, default="pytest -q")
+    created_at: Mapped[datetime] = mapped_column(DateTime(timezone=True), default=_now)
+
+
+class Run(Base):
+    __tablename__ = "runs"
+    id: Mapped[uuid.UUID] = mapped_column(UUID(as_uuid=True), primary_key=True, default=_uuid)
+    project_id: Mapped[uuid.UUID] = mapped_column(ForeignKey("projects.id"))
+    created_by: Mapped[str] = mapped_column(String(200))
+    intent: Mapped[str] = mapped_column(Text)
+    workload_type: Mapped[str] = mapped_column(String(50), default="dev_agent")
+    status: Mapped[str] = mapped_column(String(30), default="pending")
+    model: Mapped[str] = mapped_column(String(120), default="")
+    max_iterations: Mapped[int] = mapped_column(Integer, default=4)
+    prompt_tokens: Mapped[int] = mapped_column(Integer, default=0)
+    completion_tokens: Mapped[int] = mapped_column(Integer, default=0)
+    created_at: Mapped[datetime] = mapped_column(DateTime(timezone=True), default=_now)
+    updated_at: Mapped[datetime] = mapped_column(DateTime(timezone=True), default=_now, onupdate=_now)
+
+
+class RunStep(Base):
+    __tablename__ = "run_steps"
+    id: Mapped[uuid.UUID] = mapped_column(UUID(as_uuid=True), primary_key=True, default=_uuid)
+    run_id: Mapped[uuid.UUID] = mapped_column(ForeignKey("runs.id"))
+    seq: Mapped[int] = mapped_column(Integer)
+    type: Mapped[str] = mapped_column(String(30))
+    payload: Mapped[dict] = mapped_column(JSONB, default=dict)
+    created_at: Mapped[datetime] = mapped_column(DateTime(timezone=True), default=_now)
+
+
+class GateResult(Base):
+    __tablename__ = "gate_results"
+    id: Mapped[uuid.UUID] = mapped_column(UUID(as_uuid=True), primary_key=True, default=_uuid)
+    run_id: Mapped[uuid.UUID] = mapped_column(ForeignKey("runs.id"))
+    step_id: Mapped[uuid.UUID | None] = mapped_column(UUID(as_uuid=True), nullable=True)
+    gate: Mapped[str] = mapped_column(String(50))
+    status: Mapped[str] = mapped_column(String(10))  # pass|fail
+    details: Mapped[dict] = mapped_column(JSONB, default=dict)
+    duration_ms: Mapped[int] = mapped_column(Integer, default=0)
+    created_at: Mapped[datetime] = mapped_column(DateTime(timezone=True), default=_now)
+
+
+class Approval(Base):
+    __tablename__ = "approvals"
+    id: Mapped[uuid.UUID] = mapped_column(UUID(as_uuid=True), primary_key=True, default=_uuid)
+    run_id: Mapped[uuid.UUID] = mapped_column(ForeignKey("runs.id"))
+    step_id: Mapped[uuid.UUID | None] = mapped_column(UUID(as_uuid=True), nullable=True)
+    required: Mapped[bool] = mapped_column(Boolean, default=True)
+    status: Mapped[str] = mapped_column(String(20), default="pending")
+    approver: Mapped[str | None] = mapped_column(String(200), nullable=True)
+    decided_at: Mapped[datetime | None] = mapped_column(DateTime(timezone=True), nullable=True)
+    created_at: Mapped[datetime] = mapped_column(DateTime(timezone=True), default=_now)
+
+
+class Artifact(Base):
+    __tablename__ = "artifacts"
+    id: Mapped[uuid.UUID] = mapped_column(UUID(as_uuid=True), primary_key=True, default=_uuid)
+    run_id: Mapped[uuid.UUID] = mapped_column(ForeignKey("runs.id"))
+    kind: Mapped[str] = mapped_column(String(30))  # diff|gate_log|workspace
+    object_key: Mapped[str] = mapped_column(Text)
+    sha256: Mapped[str] = mapped_column(String(64))
+    size_bytes: Mapped[int] = mapped_column(BigInteger, default=0)
+    created_at: Mapped[datetime] = mapped_column(DateTime(timezone=True), default=_now)
+
+
+class AuditEvent(Base):
+    __tablename__ = "audit_events"
+    __table_args__ = (UniqueConstraint("run_id", "seq", name="uq_audit_run_seq"),)
+    id: Mapped[uuid.UUID] = mapped_column(UUID(as_uuid=True), primary_key=True, default=_uuid)
+    run_id: Mapped[uuid.UUID] = mapped_column(ForeignKey("runs.id"))
+    seq: Mapped[int] = mapped_column(Integer)
+    event_type: Mapped[str] = mapped_column(String(50))
+    actor: Mapped[str] = mapped_column(String(200))
+    data: Mapped[dict] = mapped_column(JSONB, default=dict)
+    prev_hash: Mapped[str] = mapped_column(String(80))
+    hash: Mapped[str] = mapped_column(String(64))
+    created_at: Mapped[datetime] = mapped_column(DateTime(timezone=True), default=_now)
+
+
+class Policy(Base):
+    __tablename__ = "policies"
+    id: Mapped[uuid.UUID] = mapped_column(UUID(as_uuid=True), primary_key=True, default=_uuid)
+    name: Mapped[str] = mapped_column(String(120), unique=True)
+    document: Mapped[dict] = mapped_column(JSONB, default=dict)
+    created_at: Mapped[datetime] = mapped_column(DateTime(timezone=True), default=_now)
+
+
+async def get_session() -> AsyncSession:  # FastAPI dependency
+    async with SessionLocal() as session:
+        yield session

abom/execution.py

@@ -0,0 +1,73 @@
+"""Sandbox runner + the build/test gate.
+
+MVP sandbox = a constrained subprocess in an ephemeral workspace. The Sandbox
+interface is intentionally stable so Phase-2 can swap in gVisor / Kata microVMs
+without touching callers.
+"""
+from __future__ import annotations
+
+import os
+import shutil
+import subprocess
+import time
+import uuid
+from dataclasses import dataclass, field
+
+from .config import settings
+
+
+@dataclass
+class GateOutcome:
+    status: str            # pass|fail
+    exit_code: int
+    duration_ms: int
+    stdout: str
+    stderr: str
+    details: dict = field(default_factory=dict)
+
+
+class Sandbox:
+    """Ephemeral workspace. Phase-2: replace _run with a microVM executor."""
+
+    def __init__(self, run_id: str):
+        self.run_id = str(run_id)
+        self.path = os.path.join(settings.workspace_root, f"{self.run_id}-{uuid.uuid4().hex[:8]}")
+        os.makedirs(self.path, exist_ok=True)
+
+    def materialize(self, repo_url: str) -> None:
+        """Clone / copy the target repo into the workspace (no network egress in real impl
+        beyond the customer's own git). MVP: local path or git clone."""
+        if os.path.isdir(repo_url):
+            shutil.copytree(repo_url, os.path.join(self.path, "repo"), dirs_exist_ok=True)
+        else:
+            self._run(["git", "clone", "--depth", "1", repo_url, "repo"])
+
+    def apply_patch(self, patch_text: str) -> dict:
+        """Apply an agent-proposed change. MVP placeholder: write the patch to disk.
+        Real impl: `git apply` and compute changed_paths."""
+        patch_file = os.path.join(self.path, "proposal.patch")
+        with open(patch_file, "w") as fh:
+            fh.write(patch_text)
+        # TODO: git apply + parse changed paths
+        return {"changed_paths": [], "writes_outside_workspace": False}
+
+    def run_gate(self, test_command: str) -> GateOutcome:
+        start = time.monotonic()
+        proc = self._run(test_command.split(), cwd=os.path.join(self.path, "repo"),
+                         timeout=settings.gate_timeout_seconds, check=False)
+        dur = int((time.monotonic() - start) * 1000)
+        status = "pass" if proc.returncode == 0 else "fail"
+        return GateOutcome(
+            status=status, exit_code=proc.returncode, duration_ms=dur,
+            stdout=(proc.stdout or "")[-8000:], stderr=(proc.stderr or "")[-8000:],
+            details={"command": test_command},
+        )
+
+    def cleanup(self) -> None:
+        shutil.rmtree(self.path, ignore_errors=True)
+
+    def _run(self, cmd, cwd=None, timeout=120, check=True):
+        return subprocess.run(
+            cmd, cwd=cwd or self.path, capture_output=True, text=True,
+            timeout=timeout, check=check,
+        )

abom/models_router.py

@@ -0,0 +1,84 @@
+"""Model router + client.
+
+MVP: routes everything to the single local OpenAI-compatible endpoint (vLLM).
+The Router is where Phase-2 adds data-sensitivity classification and the gated
+egress path; the interface stays the same.
+"""
+from __future__ import annotations
+
+from dataclasses import dataclass
+from typing import Any
+
+import httpx
+
+from .config import settings
+from . import policy as policy_mod
+
+
+@dataclass
+class ModelResponse:
+    text: str
+    prompt_tokens: int
+    completion_tokens: int
+    model: str
+
+
+class ModelClient:
+    """OpenAI-compatible chat client."""
+
+    def __init__(self, base_url: str, model: str):
+        self.base_url = base_url.rstrip("/")
+        self.model = model
+
+    async def complete(self, messages: list[dict[str, str]], **kw: Any) -> ModelResponse:
+        async with httpx.AsyncClient(timeout=120) as client:
+            resp = await client.post(
+                f"{self.base_url}/chat/completions",
+                json={"model": self.model, "messages": messages, **kw},
+            )
+            resp.raise_for_status()
+            data = resp.json()
+        usage = data.get("usage", {})
+        return ModelResponse(
+            text=data["choices"][0]["message"]["content"],
+            prompt_tokens=usage.get("prompt_tokens", 0),
+            completion_tokens=usage.get("completion_tokens", 0),
+            model=self.model,
+        )
+
+
+class MockModelClient:
+    """Deterministic stand-in so the stack runs on a laptop without a GPU.
+
+    Returns a trivially-correct unified diff for the seeded demo task and a
+    deliberately-broken one on the first attempt to exercise the critic loop.
+    """
+
+    def __init__(self, model: str):
+        self.model = model
+
+    async def complete(self, messages: list[dict[str, str]], **kw: Any) -> ModelResponse:
+        attempt = sum(1 for m in messages if m["role"] == "assistant")
+        if attempt == 0:
+            text = "PATCH:\n*** broken on purpose (missing import) ***"
+        else:
+            text = "PATCH:\n*** corrected patch passing the gate ***"
+        return ModelResponse(text=text, prompt_tokens=128, completion_tokens=64, model=self.model)
+
+
+class Router:
+    def __init__(self, pol: dict | None = None):
+        self.policy = pol or policy_mod.DEFAULT_POLICY
+
+    def select(self, *, task: str, sensitivity: str = "high") -> tuple[str, bool]:
+        """Return (model_name, is_local). MVP always local; never egress."""
+        model = settings.model_name
+        if not policy_mod.model_allowed(self.policy, model):
+            raise PermissionError(f"model {model} not allowed by policy")
+        # sensitivity high -> must stay local. egress disabled in MVP.
+        return model, True
+
+    def client(self) -> ModelClient | MockModelClient:
+        if settings.model_use_mock:
+            return MockModelClient(settings.model_name)
+        return ModelClient(settings.model_base_url, settings.model_name)

abom/orchestration.py

@@ -0,0 +1,237 @@
+"""Temporal workflow + activities + worker entrypoint.
+
+The workflow is deterministic orchestration only; all IO (DB, model, sandbox)
+happens in activities. A worker crash mid-run resumes from the last completed
+activity — the durability guarantee the architecture relies on.
+
+Run the worker with:  python -m abom.orchestration
+"""
+from __future__ import annotations
+
+import asyncio
+from dataclasses import dataclass
+from datetime import timedelta
+
+from temporalio import activity, workflow
+from temporalio.client import Client
+from temporalio.common import RetryPolicy
+from temporalio.worker import Worker
+
+with workflow.unsafe.imports_passed_through():
+    from .config import settings
+    from . import policy as policy_mod
+    from . import audit
+    from .db import SessionLocal, Run, RunStep, GateResult, Approval
+    from .agents import SimpleAgent
+    from .models_router import Router
+    from .execution import Sandbox
+    from sqlalchemy import select
+
+
+# ----------------------------- activity payloads ----------------------------
+@dataclass
+class ProposeResult:
+    patch_text: str
+    changed_paths: list[str]
+    writes_outside_workspace: bool
+    prompt_tokens: int
+    completion_tokens: int
+
+
+@dataclass
+class GateRecord:
+    status: str
+    exit_code: int
+    duration_ms: int
+    summary: str
+
+
+# --------------------------------- activities -------------------------------
+class Activities:
+    """Stateful only across a single worker process; safe because Temporal
+    re-invokes activities idempotently keyed by run_id + iteration."""
+
+    def __init__(self):
+        self._agents: dict[str, SimpleAgent] = {}
+        self._sandboxes: dict[str, Sandbox] = {}
+
+    async def _audit(self, run_id: str, event_type: str, actor: str, data: dict):
+        async with SessionLocal() as s:
+            await audit.append_event(s, run_id=run_id, event_type=event_type, actor=actor, data=data)
+            await s.commit()
+
+    @activity.defn
+    async def start_run(self, run_id: str) -> None:
+        async with SessionLocal() as s:
+            run = (await s.execute(select(Run).where(Run.id == run_id))).scalar_one()
+            run.status = "running"
+            run.model = settings.model_name
+            await s.commit()
+        await self._audit(run_id, "run.created", "system", {"model": settings.model_name})
+        self._agents[run_id] = SimpleAgent(Router())
+        sb = Sandbox(run_id)
+        self._sandboxes[run_id] = sb
+        # NOTE: materialize repo here in real impl (needs project.repo_url)
+        await self._audit(run_id, "run.planned", "system", {"workspace": sb.path})
+
+    @activity.defn
+    async def agent_step(self, run_id: str, iteration: int, feedback: dict | None) -> ProposeResult:
+        agent = self._agents[run_id]
+        proposal = await agent.propose(intent=await self._intent(run_id), iteration=iteration, feedback=feedback)
+        await self._audit(run_id, "model.called", "system",
+                          {"iteration": iteration, "prompt_tokens": proposal.prompt_tokens,
+                           "completion_tokens": proposal.completion_tokens})
+        sb = self._sandboxes[run_id]
+        applied = sb.apply_patch(proposal.patch_text)
+        await self._audit(run_id, "action.proposed", "system",
+                          {"iteration": iteration, "changed_paths": applied["changed_paths"]})
+        return ProposeResult(
+            patch_text=proposal.patch_text,
+            changed_paths=applied["changed_paths"],
+            writes_outside_workspace=applied["writes_outside_workspace"],
+            prompt_tokens=proposal.prompt_tokens,
+            completion_tokens=proposal.completion_tokens,
+        )
+
+    @activity.defn
+    async def run_gate(self, run_id: str, iteration: int) -> GateRecord:
+        sb = self._sandboxes[run_id]
+        test_command = await self._test_command(run_id)
+        # MVP without a real repo: simulate based on iteration via the mock path.
+        try:
+            outcome = sb.run_gate(test_command)
+            status, code, dur, summary = outcome.status, outcome.exit_code, outcome.duration_ms, outcome.stderr[-500:]
+        except Exception as exc:  # no repo materialized in pure-mock demo
+            status = "pass" if iteration > 0 else "fail"
+            code, dur, summary = (0 if status == "pass" else 1), 5, f"(mock) {exc}"
+        async with SessionLocal() as s:
+            s.add(GateResult(run_id=run_id, gate="build+test", status=status,
+                             details={"summary": summary}, duration_ms=dur))
+            await s.commit()
+        await self._audit(run_id, "gate.evaluated", "system",
+                          {"iteration": iteration, "status": status, "exit_code": code})
+        return GateRecord(status=status, exit_code=code, duration_ms=dur, summary=summary)
+
+    @activity.defn
+    async def needs_approval(self, run_id: str, proposal: ProposeResult) -> bool:
+        required = policy_mod.approval_required(
+            policy_mod.DEFAULT_POLICY,
+            {"changed_paths": proposal.changed_paths,
+             "writes_outside_workspace": proposal.writes_outside_workspace},
+        )
+        if required:
+            async with SessionLocal() as s:
+                s.add(Approval(run_id=run_id, required=True, status="pending"))
+                await s.commit()
+            await self._audit(run_id, "approval.requested", "system", {})
+        return required
+
+    @activity.defn
+    async def record_approval(self, run_id: str, decision: str, approver: str) -> None:
+        from datetime import datetime, timezone
+        async with SessionLocal() as s:
+            ap = (await s.execute(
+                select(Approval).where(Approval.run_id == run_id, Approval.status == "pending")
+            )).scalars().first()
+            if ap:
+                ap.status = decision
+                ap.approver = approver
+                ap.decided_at = datetime.now(timezone.utc)
+            await s.commit()
+        await self._audit(run_id, "approval.decided", approver, {"decision": decision})
+
+    @activity.defn
+    async def finalize(self, run_id: str, status: str, tokens: dict) -> None:
+        async with SessionLocal() as s:
+            run = (await s.execute(select(Run).where(Run.id == run_id))).scalar_one()
+            run.status = status
+            run.prompt_tokens = tokens.get("prompt", 0)
+            run.completion_tokens = tokens.get("completion", 0)
+            await s.commit()
+        await self._audit(run_id, "run.completed" if status == "succeeded" else "run.failed",
+                          "system", {"status": status})
+        sb = self._sandboxes.pop(run_id, None)
+        if sb:
+            sb.cleanup()
+        self._agents.pop(run_id, None)
+
+    async def _intent(self, run_id: str) -> str:
+        async with SessionLocal() as s:
+            return (await s.execute(select(Run.intent).where(Run.id == run_id))).scalar_one()
+
+    async def _test_command(self, run_id: str) -> str:
+        from .db import Project
+        async with SessionLocal() as s:
+            run = (await s.execute(select(Run).where(Run.id == run_id))).scalar_one()
+            proj = (await s.execute(select(Project).where(Project.id == run.project_id))).scalar_one()
+            return proj.test_command
+
+
+# --------------------------------- workflow ---------------------------------
+@workflow.defn
+class AgentRunWorkflow:
+    def __init__(self):
+        self._approval: str | None = None
+
+    @workflow.signal
+    def approve(self, decision: str, approver: str) -> None:
+        self._approval = decision
+        self._approver = approver
+
+    @workflow.run
+    async def run(self, run_id: str, max_iterations: int) -> str:
+        retry = RetryPolicy(maximum_attempts=3)
+        opts = dict(start_to_close_timeout=timedelta(minutes=20), retry_policy=retry)
+
+        await workflow.execute_activity(Activities.start_run, run_id, **opts)
+
+        feedback: dict | None = None
+        last: ProposeResult | None = None
+        gate: GateRecord | None = None
+        tokens = {"prompt": 0, "completion": 0}
+
+        for i in range(max_iterations):
+            last = await workflow.execute_activity(Activities.agent_step, args=[run_id, i, feedback], **opts)
+            tokens["prompt"] += last.prompt_tokens
+            tokens["completion"] += last.completion_tokens
+            gate = await workflow.execute_activity(Activities.run_gate, args=[run_id, i], **opts)
+            if gate.status == "pass":
+                break
+            feedback = {"summary": gate.summary, "exit_code": gate.exit_code}
+        else:
+            await workflow.execute_activity(Activities.finalize, args=[run_id, "failed", tokens], **opts)
+            return "failed"
+
+        if await workflow.execute_activity(Activities.needs_approval, args=[run_id, last], **opts):
+            await workflow.wait_condition(lambda: self._approval is not None,
+                                          timeout=timedelta(hours=24))
+            await workflow.execute_activity(
+                Activities.record_approval,
+                args=[run_id, self._approval, getattr(self, "_approver", "operator")], **opts)
+            if self._approval == "rejected":
+                await workflow.execute_activity(Activities.finalize, args=[run_id, "failed", tokens], **opts)
+                return "rejected"
+
+        await workflow.execute_activity(Activities.finalize, args=[run_id, "succeeded", tokens], **opts)
+        return "succeeded"
+
+
+# ---------------------------------- worker ----------------------------------
+async def main() -> None:
+    client = await Client.connect(settings.temporal_host, namespace=settings.temporal_namespace)
+    acts = Activities()
+    worker = Worker(
+        client,
+        task_queue=settings.task_queue,
+        workflows=[AgentRunWorkflow],
+        activities=[
+            acts.start_run, acts.agent_step, acts.run_gate, acts.needs_approval,
+            acts.record_approval, acts.finalize,
+        ],
+    )
+    print(f"[abom] worker listening on task queue '{settings.task_queue}'")
+    await worker.run()
+
+
+if __name__ == "__main__":
+    asyncio.run(main())

abom/policy.py

@@ -0,0 +1,46 @@
+"""Simple JSON policy engine (MVP).
+
+Phase-2 replaces this module with OPA/Rego behind the same function signatures.
+"""
+from __future__ import annotations
+
+import fnmatch
+from typing import Any
+
+DEFAULT_POLICY: dict[str, Any] = {
+    "name": "default",
+    "allowed_models": ["local/qwen2.5-coder"],
+    "egress_allowed": False,
+    "consequential_actions": ["writes_outside_workspace", "touches_paths:**/auth/**"],
+    "approval_required_for_consequential": True,
+    "max_iterations_cap": 8,
+}
+
+
+def model_allowed(policy: dict, model: str) -> bool:
+    return model in policy.get("allowed_models", [])
+
+
+def egress_allowed(policy: dict) -> bool:
+    return bool(policy.get("egress_allowed", False))
+
+
+def is_consequential(policy: dict, proposal: dict) -> bool:
+    """proposal = {"changed_paths": [...], "writes_outside_workspace": bool}."""
+    rules = policy.get("consequential_actions", [])
+    if proposal.get("writes_outside_workspace") and "writes_outside_workspace" in rules:
+        return True
+    for rule in rules:
+        if rule.startswith("touches_paths:"):
+            pattern = rule.split(":", 1)[1]
+            for path in proposal.get("changed_paths", []):
+                if fnmatch.fnmatch(path, pattern):
+                    return True
+    return False
+
+
+def approval_required(policy: dict, proposal: dict) -> bool:
+    return (
+        policy.get("approval_required_for_consequential", True)
+        and is_consequential(policy, proposal)
+    )