corvinos 0.1.0__py3-none-any.whl

Dockerfile

@@ -0,0 +1,72 @@
+# ADR-0007 Phase 4 — Corvin Gateway OCI image
+#
+# Build: docker build -t corvin-gateway:latest \
+#          -f core/gateway/Dockerfile .
+# (the repo root is the build context; both corvin-gateway and forge
+# sources are referenced relative to it.)
+# Run:   docker run --rm -p 8000:8000 \
+#          -v $HOME/.corvin:/var/lib/corvin \
+#          -e CORVIN_HOME=/var/lib/corvin \
+#          corvin-gateway:latest
+#
+# Notes
+# -----
+# * Slim base — the gateway has no need for system C toolchains at
+#   runtime. cryptography wheels ship with pre-built binaries.
+# * Non-root user with a stable uid/gid so the operator can chown
+#   the bind-mounted CORVIN_HOME to match.
+# * /healthz is the documented liveness probe; the chart wires it.
+#
+# What this image does NOT include
+# --------------------------------
+# * Any engine binary (claude / codex). The gateway dispatches via
+#   the engine layer at request time; for production deployments
+#   the engine sidecar runs separately (Phase 4 only ships the
+#   gateway).
+# * bwrap. The sandbox is a forge / skill-forge concern; gateway-
+#   side runs go through the engine layer's own sandbox model.
+
+FROM python:3.12-slim AS runtime
+
+LABEL org.opencontainers.image.title="Corvin Gateway"
+LABEL org.opencontainers.image.description="Multi-tenant REST API for Corvin (ADR-0007)"
+LABEL org.opencontainers.image.source="https://github.com/veegee82/Corvin"
+LABEL org.opencontainers.image.licenses="see repo LICENSE"
+
+ENV PYTHONDONTWRITEBYTECODE=1 \
+    PYTHONUNBUFFERED=1 \
+    PIP_NO_CACHE_DIR=1 \
+    PIP_DISABLE_PIP_VERSION_CHECK=1
+
+# Non-root runtime user. The chart's securityContext mirrors this.
+RUN groupadd --system --gid 4711 corvin \
+ && useradd --system --uid 4711 --gid 4711 --home /var/lib/corvin corvin \
+ && mkdir -p /var/lib/corvin/tenants/_default/global \
+ && chown -R corvin:corvin /var/lib/corvin
+
+WORKDIR /opt/corvin-gateway
+
+# Install runtime deps first (cached layer)
+COPY --chown=corvin:corvin core/gateway/requirements.txt \
+                             /opt/corvin-gateway/requirements.txt
+RUN pip install --no-cache-dir -r /opt/corvin-gateway/requirements.txt
+
+# Plugin code -- two packages: the gateway proper and the forge
+# subset it depends on at import time (tenants module + paths +
+# security_events). Build context is the repo root.
+COPY --chown=corvin:corvin core/gateway/corvin_gateway \
+                             /opt/corvin-gateway/corvin_gateway
+COPY --chown=corvin:corvin operator/forge/forge \
+                             /opt/corvin-gateway/forge
+
+# Cross-PYTHONPATH so `from forge.tenants import ...` resolves.
+ENV PYTHONPATH=/opt/corvin-gateway
+
+EXPOSE 8000
+USER corvin
+ENV CORVIN_HOME=/var/lib/corvin
+
+# uvicorn is the documented production entry point. Operators
+# overlay --workers, --proxy-headers, --forwarded-allow-ips via
+# the chart values.
+ENTRYPOINT ["uvicorn", "corvin_gateway.app:app", "--host", "0.0.0.0", "--port", "8000"]

chart/Chart.yaml

@@ -0,0 +1,17 @@
+apiVersion: v2
+name: corvin-gateway
+description: |
+  Corvin Gateway — multi-tenant REST API (ADR-0007).
+  Opt-in deployment artefact; single-operator setups never enable it.
+type: application
+version: 0.1.0
+appVersion: "0.1.0-phase-4"
+keywords:
+  - corvin
+  - gateway
+  - multi-tenant
+  - rest-api
+home: https://github.com/veegee82/Corvin
+maintainers:
+  - name: Corvin
+    url: https://github.com/veegee82/Corvin

chart/templates/_helpers.tpl

@@ -0,0 +1,25 @@
+{{/*
+Standard Helm helpers for corvin-gateway.
+*/}}
+
+{{- define "corvin-gateway.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{- define "corvin-gateway.fullname" -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{- define "corvin-gateway.labels" -}}
+app.kubernetes.io/name: {{ include "corvin-gateway.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+helm.sh/chart: {{ printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end -}}
+
+{{- define "corvin-gateway.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "corvin-gateway.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end -}}

chart/templates/deployment.yaml

@@ -0,0 +1,55 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "corvin-gateway.fullname" . }}
+  labels:
+    {{- include "corvin-gateway.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "corvin-gateway.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        {{- include "corvin-gateway.selectorLabels" . | nindent 8 }}
+    spec:
+      securityContext:
+        {{- toYaml .Values.securityContext | nindent 8 }}
+      containers:
+        - name: gateway
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: 8000
+              protocol: TCP
+          env:
+            - name: CORVIN_HOME
+              value: {{ .Values.persistence.mountPath | quote }}
+            {{- with .Values.env }}
+            {{- toYaml . | nindent 12 }}
+            {{- end }}
+          livenessProbe:
+            {{- toYaml .Values.livenessProbe | nindent 12 }}
+          readinessProbe:
+            {{- toYaml .Values.readinessProbe | nindent 12 }}
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+          volumeMounts:
+            {{- if .Values.persistence.enabled }}
+            - name: corvin-home
+              mountPath: {{ .Values.persistence.mountPath }}
+            {{- end }}
+            {{- with .Values.extraVolumeMounts }}
+            {{- toYaml . | nindent 12 }}
+            {{- end }}
+      volumes:
+        {{- if .Values.persistence.enabled }}
+        - name: corvin-home
+          persistentVolumeClaim:
+            claimName: {{ include "corvin-gateway.fullname" . }}-home
+        {{- end }}
+        {{- with .Values.extraVolumes }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}

chart/templates/pvc.yaml

@@ -0,0 +1,17 @@
+{{- if .Values.persistence.enabled }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ include "corvin-gateway.fullname" . }}-home
+  labels:
+    {{- include "corvin-gateway.labels" . | nindent 4 }}
+spec:
+  accessModes:
+    {{- toYaml .Values.persistence.accessModes | nindent 4 }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.size }}
+  {{- if .Values.persistence.storageClass }}
+  storageClassName: {{ .Values.persistence.storageClass | quote }}
+  {{- end }}
+{{- end }}

chart/templates/service.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "corvin-gateway.fullname" . }}
+  labels:
+    {{- include "corvin-gateway.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - name: http
+      port: {{ .Values.service.port }}
+      targetPort: 8000
+      protocol: TCP
+  selector:
+    {{- include "corvin-gateway.selectorLabels" . | nindent 4 }}

chart/values.yaml

@@ -0,0 +1,75 @@
+# Default values for corvin-gateway.
+# These keep the chart shippable; operators override per environment.
+
+image:
+  repository: corvin-gateway
+  tag: "0.1.0-phase-4"
+  pullPolicy: IfNotPresent
+
+replicaCount: 1
+
+service:
+  type: ClusterIP
+  port: 8000
+
+# CORVIN_HOME is mounted from a PersistentVolumeClaim so tenant
+# state (tokens, runs, webhooks, oidc, scim, audit chains) survives
+# pod restarts. Default uses a 10 GiB RWO claim; operators that
+# need RWX across replicas adjust storageClass + accessModes.
+persistence:
+  enabled: true
+  storageClass: ""
+  accessModes:
+    - ReadWriteOnce
+  size: 10Gi
+  mountPath: /var/lib/corvin
+
+# Resources scaled for the Phase 2 traffic envelope (≤ 1k req/s).
+resources:
+  requests:
+    cpu: 100m
+    memory: 256Mi
+  limits:
+    cpu: 1000m
+    memory: 1Gi
+
+# Non-root runtime user matches the image's `corvin` user (uid 4711).
+# Operators on restrictive PSPs may need to relax fsGroup if their
+# storage class returns volumes the gateway user can't write to.
+securityContext:
+  runAsNonRoot: true
+  runAsUser: 4711
+  runAsGroup: 4711
+  fsGroup: 4711
+  allowPrivilegeEscalation: false
+  readOnlyRootFilesystem: false  # uvicorn needs /tmp for connect-streams
+  capabilities:
+    drop: [ALL]
+
+# Probes target /healthz which the gateway serves unauthenticated.
+livenessProbe:
+  httpGet:
+    path: /healthz
+    port: 8000
+  initialDelaySeconds: 5
+  periodSeconds: 15
+  timeoutSeconds: 3
+
+readinessProbe:
+  httpGet:
+    path: /healthz
+    port: 8000
+  initialDelaySeconds: 2
+  periodSeconds: 5
+  timeoutSeconds: 2
+
+# Extra env vars injected into the deployment.
+env: []
+# - name: CORVIN_DEBUG
+#   value: "1"
+
+# Operator-supplied secret(s) for gateway tokens / webhook secrets.
+# The chart does NOT generate tokens; the operator runs the CLI
+# (`python -m corvin_gateway.cli token issue …`) once a pod is up.
+extraVolumes: []
+extraVolumeMounts: []

core/awpkg/awpkg/__init__.py

@@ -0,0 +1,2 @@
+"""AWPKG — Corvin Workflow Package Format (ADR-0032)."""
+__version__ = "0.1.0"

core/awpkg/awpkg/audit.py

@@ -0,0 +1,118 @@
+"""Audit-chain integration for AWPKG.
+
+Wraps forge.security_events.write_event() when available; falls back to a
+standalone append when the forge plugin is not on sys.path.  Either way the
+output format is identical so verify_chain can read a mixed log.
+"""
+from __future__ import annotations
+
+import fcntl
+import hashlib
+import json
+import os
+import sys
+import time
+from pathlib import Path
+from typing import Any
+
+
+def _audit_path() -> Path:
+    env = os.environ.get("VOICE_AUDIT_PATH") or os.environ.get("FORGE_AUDIT_PATH")
+    if env:
+        return Path(env)
+    corvin_home = os.environ.get("CORVIN_HOME")
+    if corvin_home:
+        return Path(corvin_home) / "global" / "forge" / "audit.jsonl"
+    here = Path(__file__).resolve()
+    for parent in [here, *here.parents]:
+        if (parent / ".corvin_repo").exists() or (parent / "plugins").is_dir():  # legacy fallback during migration
+            for sub in (".corvin",):
+                candidate = parent / sub
+                if candidate.is_dir():
+                    return candidate / "global" / "forge" / "audit.jsonl"
+            return parent / ".corvin" / "global" / "forge" / "audit.jsonl"
+    return Path.home() / ".corvin" / "global" / "forge" / "audit.jsonl"
+
+
+def _try_forge_write(event_type: str, details: dict[str, Any]) -> bool:
+    try:
+        forge_root = Path(__file__).resolve().parents[3] / "forge" / "forge"
+        if forge_root not in [Path(p) for p in sys.path]:
+            sys.path.insert(0, str(forge_root.parent))
+        from forge.security_events import write_event  # type: ignore[import]
+        write_event(_audit_path(), event_type, details=details)
+        return True
+    except Exception:
+        return False
+
+
+def _standalone_write(event_type: str, details: dict[str, Any]) -> None:
+    path = _audit_path()
+    path.parent.mkdir(parents=True, exist_ok=True)
+    _SEVERITIES = {
+        "package.installed": "INFO",
+        "package.removed": "INFO",
+        "package.install_denied": "WARNING",
+        "package.inspect": "INFO",
+    }
+    severity = _SEVERITIES.get(event_type, "INFO")
+    with open(path, "a+b") as fh:
+        fcntl.flock(fh, fcntl.LOCK_EX)
+        try:
+            prev_hash = ""
+            try:
+                # FND-18: read the TRUE last chain record. The old 4 KB-tail read
+                # missed the last line whenever the final record exceeded 4 KB →
+                # a wrong/empty prev_hash → a broken chain link. Walk all lines
+                # (the awpkg fallback chain is small) and keep the last valid hash.
+                fh.seek(0)
+                for line in fh.read().decode("utf-8", errors="replace").splitlines():
+                    line = line.strip()
+                    if not line:
+                        continue
+                    try:
+                        prev_hash = json.loads(line).get("hash", prev_hash)
+                    except Exception:
+                        pass
+            except Exception:
+                pass
+            # ADR-0129 — apply the metadata-only floor even on the forge-
+            # absent fallback path, so this writer can't bypass it. If forge
+            # is genuinely unimportable, inline a minimal denylist (fail-safe).
+            _det = details
+            try:
+                from forge.security_events import filter_audit_details as _fad  # type: ignore
+                _det, _ = _fad(details, event_type=event_type)
+            except Exception:  # noqa: BLE001 — forge truly absent: minimal floor
+                _bad = ("prompt", "output", "text", "secret", "password",
+                        "token", "credential", "email", "body", "content")
+                _det = {k: v for k, v in (details or {}).items()
+                        if str(k).lower() not in _bad}
+            record: dict[str, Any] = {
+                "ts": time.time(),
+                "event_type": str(event_type)[:128],
+                "severity": severity,
+                "run_id": "",
+                "tool": "",
+                "details": _det,
+                "prev_hash": prev_hash,
+            }
+            canonical = json.dumps(record, sort_keys=True, separators=(",", ":"))
+            record["hash"] = hashlib.sha256(
+                (prev_hash + "\n" + canonical).encode()
+            ).hexdigest()[:16]
+            fh.seek(0, 2)
+            fh.write((json.dumps(record, separators=(",", ":")) + "\n").encode("utf-8"))
+            # FND-18: durability parity with the forge writer — fsync so a crash
+            # after write() but before flush doesn't lose the event the unified
+            # chain assumes is present.
+            fh.flush()
+            os.fsync(fh.fileno())
+        finally:
+            fcntl.flock(fh, fcntl.LOCK_UN)
+
+
+def emit(event_type: str, **details: Any) -> None:
+    """Emit an audit event into the unified hash chain."""
+    if not _try_forge_write(event_type, details):
+        _standalone_write(event_type, details)

core/awpkg/awpkg/builder.py

@@ -0,0 +1,207 @@
+"""AWPKG builder — build, init and export packages."""
+from __future__ import annotations
+
+import io
+import json
+import os
+import zipfile
+from pathlib import Path
+from typing import Any
+
+from .manifest import ManifestError, parse_raw
+
+try:
+    import yaml as _yaml  # type: ignore[import]
+    _HAS_YAML = True
+except ImportError:
+    _HAS_YAML = False
+
+
+class BuildError(ValueError):
+    """Raised when a build source is misconfigured."""
+
+
+_AWPKG_YAML_TEMPLATE = """\
+# awpkg build config — edit and run 'corvin pkg build'
+awpkg: "1.0"
+id: "com.example.my-workflow"
+name: "My Workflow"
+version: "0.1.0"
+description: "Describe your workflow here."
+author: "Your Name <you@example.com>"
+license: "Apache-2.0"
+
+components:
+  workflows:
+    - src/workflow.awp.yaml
+  # forge_tools:
+  #   - src/tools/code_my_tool.json
+  # skills:
+  #   - src/skills/my_skill/SKILL.md
+  # personas:
+  #   - src/personas/my_persona.yaml
+
+permissions:
+  network: false
+  compute: false
+  secrets: []
+
+dependencies: []
+"""
+
+_WORKFLOW_TEMPLATE = """\
+awp: "1.0.0"
+
+workflow:
+  name: my_workflow
+  description: "A minimal example AWP workflow."
+
+orchestration:
+  engine: dag
+  graph:
+    - id: step_one
+      type: agent
+      agent: assistant
+      instructions: "Do something useful."
+      depends_on: []
+"""
+
+
+def init(dest_dir: str | Path) -> Path:
+    """Write awpkg.yaml skeleton and a sample workflow into dest_dir."""
+    dest = Path(dest_dir)
+    dest.mkdir(parents=True, exist_ok=True)
+    cfg = dest / "awpkg.yaml"
+    if cfg.exists():
+        raise BuildError(f"awpkg.yaml already exists at {cfg}")
+    cfg.write_text(_AWPKG_YAML_TEMPLATE, encoding="utf-8")
+    src = dest / "src"
+    src.mkdir(exist_ok=True)
+    wf = src / "workflow.awp.yaml"
+    if not wf.exists():
+        wf.write_text(_WORKFLOW_TEMPLATE, encoding="utf-8")
+    return cfg
+
+
+def build(
+    source_dir: str | Path,
+    output_dir: str | Path | None = None,
+) -> Path:
+    """Build an .awpkg from awpkg.yaml in source_dir.
+
+    Returns the path to the generated .awpkg file.
+    """
+    source = Path(source_dir).resolve()
+    cfg_path = source / "awpkg.yaml"
+    if not cfg_path.exists():
+        raise BuildError(f"awpkg.yaml not found in {source}")
+
+    if _HAS_YAML:
+        raw: dict[str, Any] = _yaml.safe_load(cfg_path.read_text(encoding="utf-8"))
+    else:
+        raise BuildError(
+            "PyYAML is required to build packages (pip install pyyaml)"
+        )
+
+    try:
+        manifest = parse_raw(raw)
+    except ManifestError as exc:
+        raise BuildError(f"awpkg.yaml validation failed: {exc}") from exc
+
+    out_dir = Path(output_dir).resolve() if output_dir else source
+    out_dir.mkdir(parents=True, exist_ok=True)
+    filename = f"{manifest.id.replace('.', '-')}-{manifest.version}.awpkg"
+    out_path = out_dir / filename
+
+    manifest_bytes = _yaml.dump(raw, allow_unicode=True, default_flow_style=False).encode("utf-8")
+
+    with zipfile.ZipFile(out_path, "w", compression=zipfile.ZIP_DEFLATED) as zf:
+        zf.writestr("manifest.yaml", manifest_bytes)
+
+        readme = source / "README.md"
+        if readme.exists():
+            zf.write(readme, "README.md")
+
+        for path in manifest.all_component_paths:
+            src_file = source / path
+            if not src_file.exists():
+                raise BuildError(
+                    f"declared component {path!r} not found at {src_file}"
+                )
+            zf.write(src_file, path)
+
+    return out_path
+
+
+def build_from_dict(
+    manifest_dict: dict[str, Any],
+    files: dict[str, bytes],
+    output_path: str | Path,
+) -> Path:
+    """Build an .awpkg from in-memory data. Used by tests and programmatic callers.
+
+    Args:
+        manifest_dict: The manifest as a Python dict (validated internally).
+        files: Dict mapping archive path → file bytes (e.g. "tools/code_foo.json" → b"...").
+        output_path: Where to write the .awpkg file.
+    """
+    from .manifest import parse_raw, ManifestError
+    try:
+        parse_raw(manifest_dict)
+    except ManifestError as exc:
+        raise BuildError(str(exc)) from exc
+
+    if _HAS_YAML:
+        manifest_bytes = _yaml.dump(
+            manifest_dict, allow_unicode=True, default_flow_style=False
+        ).encode("utf-8")
+    else:
+        manifest_bytes = json.dumps(manifest_dict).encode("utf-8")
+
+    out = Path(output_path)
+    out.parent.mkdir(parents=True, exist_ok=True)
+    with zipfile.ZipFile(out, "w", compression=zipfile.ZIP_DEFLATED) as zf:
+        zf.writestr("manifest.yaml", manifest_bytes)
+        for arc_path, data in files.items():
+            zf.writestr(arc_path, data)
+    return out
+
+
+def export(
+    package_id: str,
+    output_dir: str | Path,
+    scope: str = "user",
+    corvin_home: Path | None = None,
+) -> Path:
+    """Re-pack an installed package back into an .awpkg file."""
+    from .installer import _packages_root, _resolve_corvin_home
+    import json
+
+    home = corvin_home or _resolve_corvin_home()
+    install_dir = _packages_root(scope, home) / package_id
+    meta_file = install_dir / "_awpkg_meta.json"
+    if not meta_file.exists():
+        raise BuildError(f"package {package_id!r} not installed in scope {scope!r}")
+
+    meta = json.loads(meta_file.read_text(encoding="utf-8"))
+    out_dir = Path(output_dir)
+    out_dir.mkdir(parents=True, exist_ok=True)
+    filename = f"{package_id.replace('.', '-')}-{meta['version']}.awpkg"
+    out_path = out_dir / filename
+
+    with zipfile.ZipFile(out_path, "w", compression=zipfile.ZIP_DEFLATED) as zf:
+        manifest_file = install_dir / "manifest.yaml"
+        if manifest_file.exists():
+            zf.write(manifest_file, "manifest.yaml")
+
+        for paths in meta.get("components", {}).values():
+            for p in paths:
+                src = install_dir / p
+                if src.exists():
+                    zf.write(src, p)
+
+        readme = install_dir / "README.md"
+        if readme.exists():
+            zf.write(readme, "README.md")
+
+    return out_path