devs-webhook 0.1.0__py3-none-any.whl

devs_webhook/__init__.py

@@ -0,0 +1,21 @@
+"""DevContainer Webhook Handler
+
+A GitHub webhook handler for automated devcontainer operations with Claude Code.
+"""
+
+__version__ = "0.1.0"
+__author__ = "Dan Lester"
+
+from .config import WebhookConfig
+from .core.webhook_handler import WebhookHandler
+from .core.container_pool import ContainerPool
+from .core.repository_manager import RepositoryManager
+from .core.claude_dispatcher import ClaudeDispatcher
+
+__all__ = [
+    "WebhookConfig",
+    "WebhookHandler",
+    "ContainerPool", 
+    "RepositoryManager",
+    "ClaudeDispatcher",
+]

devs_webhook/app.py

@@ -0,0 +1,321 @@
+"""FastAPI webhook server.
+
+This module provides the FastAPI application for receiving GitHub webhooks.
+It's part of the webhook task source and delegates processing to WebhookHandler,
+which in turn uses TaskProcessor for the core business logic.
+
+Architecture:
+    FastAPI endpoints -> WebhookHandler -> TaskProcessor -> ContainerPool
+"""
+
+import secrets
+from fastapi import FastAPI, Request, HTTPException, BackgroundTasks, Depends, status
+from fastapi.security import HTTPBasic, HTTPBasicCredentials
+from fastapi.responses import JSONResponse
+from pydantic import BaseModel
+import structlog
+import uuid
+from datetime import datetime, timezone
+
+from .config import get_config, WebhookConfig
+from .core.webhook_handler import WebhookHandler
+from .utils.logging import setup_logging
+from .utils.github import verify_github_signature
+
+# Set up logging
+setup_logging()
+logger = structlog.get_logger()
+
+
+class TestEventRequest(BaseModel):
+    """Request model for test event endpoint."""
+    prompt: str
+    repo: str = "test/repo"  # Default test repository
+
+# Initialize FastAPI app
+app = FastAPI(
+    title="DevContainer Webhook Handler",
+    description="GitHub webhook handler for automated devcontainer operations with Claude Code",
+    version="0.1.0"
+)
+
+# Security setup for admin endpoints
+security = HTTPBasic()
+
+# Initialize webhook handler lazily
+webhook_handler = None
+
+
+def get_webhook_handler():
+    """Get or create the webhook handler."""
+    global webhook_handler
+    if webhook_handler is None:
+        webhook_handler = WebhookHandler()
+    return webhook_handler
+
+
+def require_dev_mode(config: WebhookConfig = Depends(get_config)):
+    """Dependency that requires development mode."""
+    if not config.dev_mode:
+        raise HTTPException(
+            status_code=404, 
+            detail="This endpoint is only available in development mode"
+        )
+
+
+def verify_admin_credentials(
+    credentials: HTTPBasicCredentials = Depends(security),
+    config: WebhookConfig = Depends(get_config)
+):
+    """Verify admin credentials for protected endpoints.
+    
+    Args:
+        credentials: HTTP Basic auth credentials
+        config: Webhook configuration
+        
+    Returns:
+        Username if authentication successful
+        
+    Raises:
+        HTTPException: If authentication fails
+    """
+    # In dev mode with no password set, allow any credentials
+    if config.dev_mode and not config.admin_password:
+        logger.warning("Admin auth bypassed in dev mode without password")
+        return credentials.username
+    
+    # Verify username and password
+    correct_username = secrets.compare_digest(
+        credentials.username, config.admin_username
+    )
+    correct_password = secrets.compare_digest(
+        credentials.password, config.admin_password
+    )
+    
+    if not (correct_username and correct_password):
+        logger.warning(
+            "Failed admin authentication attempt",
+            username=credentials.username
+        )
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Invalid authentication credentials"
+        )
+    
+    return credentials.username
+
+
+# verify_github_signature is now imported from .utils module
+
+
+@app.get("/")
+async def root():
+    """Health check endpoint."""
+    return {"status": "healthy", "service": "devs-webhook"}
+
+
+@app.get("/health")
+async def health():
+    """Health check endpoint."""
+    return {"status": "healthy", "service": "devs-webhook"}
+
+
+@app.post("/webhook")
+async def handle_webhook(request: Request, background_tasks: BackgroundTasks):
+    """Handle GitHub webhook events."""
+    config = get_config()
+    
+    # Get headers
+    headers = dict(request.headers)
+    
+    # Read payload
+    payload = await request.body()
+    
+    # Verify signature
+    signature = headers.get("x-hub-signature-256", "")
+    if not verify_github_signature(payload, signature, config.github_webhook_secret):
+        logger.warning("Invalid webhook signature", signature=signature)
+        raise HTTPException(status_code=401, detail="Invalid signature")
+    
+    # Get event type
+    event_type = headers.get("x-github-event", "unknown")
+    delivery_id = headers.get("x-github-delivery", "unknown")
+    
+    logger.info(
+        "Webhook received",
+        event_type=event_type,
+        delivery_id=delivery_id,
+        payload_size=len(payload)
+    )
+    
+    # Process webhook in background
+    background_tasks.add_task(
+        get_webhook_handler().process_webhook,
+        headers,
+        payload,
+        delivery_id
+    )
+    
+    return JSONResponse(
+        status_code=200,
+        content={"status": "accepted", "delivery_id": delivery_id}
+    )
+
+
+@app.get("/status")
+async def get_status(username: str = Depends(verify_admin_credentials)):
+    """Get current webhook handler status.
+    
+    Requires admin authentication.
+    """
+    logger.info("Status endpoint accessed", authenticated_user=username)
+    return await get_webhook_handler().get_status()
+
+
+@app.post("/container/{container_name}/stop")
+async def stop_container(
+    container_name: str,
+    username: str = Depends(verify_admin_credentials)
+):
+    """Manually stop a container.
+    
+    Requires admin authentication.
+    """
+    logger.info(
+        "Container stop requested",
+        container=container_name,
+        authenticated_user=username
+    )
+    success = await get_webhook_handler().stop_container(container_name)
+    if success:
+        return {"status": "stopped", "container": container_name}
+    else:
+        raise HTTPException(status_code=404, detail="Container not found or failed to stop")
+
+
+@app.get("/containers")
+async def list_containers(username: str = Depends(verify_admin_credentials)):
+    """List all managed containers.
+    
+    Requires admin authentication.
+    """
+    logger.info("Containers list accessed", authenticated_user=username)
+    return await get_webhook_handler().list_containers()
+
+
+@app.post("/testevent")
+async def test_event(
+    request: TestEventRequest,
+    config: WebhookConfig = Depends(require_dev_mode),
+    username: str = Depends(verify_admin_credentials)
+):
+    """Test endpoint to simulate GitHub webhook events with custom prompts.
+    
+    Only available in development mode.
+    
+    Example:
+        POST /testevent
+        {
+            "prompt": "Fix the login bug in the authentication module",
+            "repo": "myorg/myproject"
+        }
+    """
+    # Generate a unique delivery ID for this test
+    delivery_id = f"test-{uuid.uuid4().hex[:8]}"
+    
+    logger.info(
+        "Test event received",
+        prompt_length=len(request.prompt),
+        repo=request.repo,
+        delivery_id=delivery_id
+    )
+    
+    # Create a minimal mock webhook event
+    from .github.models import GitHubRepository, GitHubUser, GitHubIssue, TestIssueEvent
+    
+    # Mock repository
+    mock_repo = GitHubRepository(
+        id=999999,
+        name=request.repo.split("/")[-1],
+        full_name=request.repo,
+        owner=GitHubUser(
+            login=request.repo.split("/")[0],
+            id=999999,
+            avatar_url="https://github.com/test.png",
+            html_url=f"https://github.com/{request.repo.split('/')[0]}"
+        ),
+        html_url=f"https://github.com/{request.repo}",
+        clone_url=f"https://github.com/{request.repo}.git",
+        ssh_url=f"git@github.com:{request.repo}.git",
+        default_branch="main"
+    )
+    
+    # Mock issue with the prompt
+    mock_issue = GitHubIssue(
+        id=999999,
+        number=999,
+        title="Test Issue",
+        body=f"Test prompt: {request.prompt}",
+        state="open",
+        user=GitHubUser(
+            login="test-user",
+            id=999999,
+            avatar_url="https://github.com/test.png",
+            html_url="https://github.com/test-user"
+        ),
+        html_url=f"https://github.com/{request.repo}/issues/999",
+        created_at=datetime.now(tz=timezone.utc),
+        updated_at=datetime.now(tz=timezone.utc)
+    )
+    
+    # Mock issue event
+    mock_event = TestIssueEvent(
+        action="opened",
+        issue=mock_issue,
+        repository=mock_repo,
+        sender=mock_issue.user
+    )
+    
+    # Queue the task directly in the container pool
+    success = await get_webhook_handler().container_pool.queue_task(
+        task_id=delivery_id,
+        repo_name=request.repo,
+        task_description=request.prompt,
+        event=mock_event,
+    )
+    
+    if success:
+        logger.info("Test task queued successfully",
+                   delivery_id=delivery_id,
+                   repo=request.repo)
+        
+        return JSONResponse(
+            status_code=202,
+            content={
+                "status": "test_accepted",
+                "delivery_id": delivery_id,
+                "repo": request.repo,
+                "prompt": request.prompt[:100] + "..." if len(request.prompt) > 100 else request.prompt,
+                "message": "Test task queued for processing"
+            }
+        )
+    else:
+        logger.error("Failed to queue test task",
+                    delivery_id=delivery_id,
+                    repo=request.repo)
+        
+        raise HTTPException(
+            status_code=500,
+            detail="Failed to queue test task"
+        )
+
+
+# Error handlers
+@app.exception_handler(Exception)
+async def global_exception_handler(request: Request, exc: Exception):
+    """Global exception handler."""
+    logger.error("Unhandled exception", error=str(exc), path=request.url.path)
+    return JSONResponse(
+        status_code=500,
+        content={"error": "Internal server error", "detail": str(exc)}
+    )

devs_webhook/cli/__init__.py

@@ -0,0 +1,6 @@
+"""CLI commands for devs webhook."""
+
+# Import main CLI from parent module
+from ..main_cli import main
+
+__all__ = ["main"]

devs_webhook/cli/worker.py

@@ -0,0 +1,296 @@
+"""Webhook worker CLI command for processing tasks in isolated subprocess."""
+
+import os
+import sys
+import json
+import click
+import structlog
+import asyncio
+from pathlib import Path
+from datetime import datetime, timezone
+from typing import Optional
+
+from pydantic import TypeAdapter
+from devs_common.core.project import Project
+
+from ..config import get_config
+from ..core.claude_dispatcher import ClaudeDispatcher
+from ..core.test_dispatcher import TestDispatcher
+from ..github.models import AnyWebhookEvent, DevsOptions
+
+logger = structlog.get_logger()
+
+
+@click.command()
+@click.option('--task-id', required=True, help='Unique task identifier')
+@click.option('--dev-name', required=True, help='Development container name')
+@click.option('--repo-name', required=True, help='Repository name (owner/repo)')
+@click.option('--repo-path', required=True, help='Path to repository on host')
+@click.option('--task-type', default='claude', help='Task type: claude or tests (default: claude)')
+@click.option('--timeout', default=3600, help='Task timeout in seconds (default: 3600)')
+def worker(task_id: str, dev_name: str, repo_name: str, repo_path: str, task_type: str, timeout: int):
+    """Process a single webhook task in an isolated subprocess.
+    
+    This command runs the complete task processing logic in a separate process to provide
+    Docker safety and prevent blocking the main web server.
+    
+    Large payloads (task description, webhook event data, options) are read
+    from stdin as JSON to avoid command-line length limitations.
+    
+    Expected stdin JSON format:
+    {
+        "task_description": "string",
+        "event": {...webhook event object...},
+        "devs_options": {...devs options object...} (optional)
+    }
+    """
+    # Set environment variable to redirect console output to stderr
+    os.environ['DEVS_WEBHOOK_MODE'] = '1'
+    
+    # Configure structured logging for subprocess to output to stderr
+    import logging
+    logging.basicConfig(
+        stream=sys.stderr,
+        level=logging.INFO,
+        format='%(message)s'
+    )
+    
+    structlog.configure(
+        processors=[
+            structlog.stdlib.filter_by_level,
+            structlog.stdlib.add_logger_name,
+            structlog.stdlib.add_log_level,
+            structlog.stdlib.PositionalArgumentsFormatter(),
+            structlog.processors.TimeStamper(fmt="iso"),
+            structlog.processors.StackInfoRenderer(),
+            structlog.processors.format_exc_info,
+            structlog.processors.UnicodeDecoder(),
+            structlog.processors.JSONRenderer()
+        ],
+        wrapper_class=structlog.stdlib.BoundLogger,
+        logger_factory=structlog.stdlib.LoggerFactory(),
+        cache_logger_on_first_use=True,
+    )
+    
+    logger.info("Worker subprocess started",
+                task_id=task_id,
+                dev_name=dev_name,
+                repo_name=repo_name,
+                repo_path=repo_path,
+                timeout=timeout,
+                pid=os.getpid())
+    
+    try:
+        # Read payload from stdin
+        logger.info("Reading payload from stdin", task_id=task_id)
+        stdin_data = sys.stdin.read()
+        
+        if not stdin_data:
+            raise ValueError("No data provided on stdin")
+        
+        try:
+            payload = json.loads(stdin_data)
+        except json.JSONDecodeError as e:
+            raise ValueError(f"Invalid JSON on stdin: {e}")
+        
+        # Extract required fields
+        task_description = payload.get('task_description')
+        event_data = payload.get('event')
+        devs_options_data = payload.get('devs_options')
+        
+        # task_description is only required for claude tasks, not for tests
+        if task_type == 'claude' and not task_description:
+            raise ValueError("task_description required in stdin JSON for claude tasks")
+        if not event_data:
+            raise ValueError("event required in stdin JSON")
+        
+        # Parse webhook event directly from JSON - let Pydantic figure out the type!
+        logger.info("Parsing webhook event from JSON", task_id=task_id)
+        
+        # Use TypeAdapter to handle the union type automatically
+        webhook_adapter = TypeAdapter(AnyWebhookEvent)
+        event = webhook_adapter.validate_python(event_data)
+        
+        parsed_devs_options = None
+        if devs_options_data:
+            logger.info("Parsing devs options from JSON", task_id=task_id)
+            parsed_devs_options = DevsOptions.model_validate(devs_options_data)
+        
+        # Run the task processing logic (extracted from ContainerPool._process_task)
+        result = _process_task_subprocess(
+            task_id=task_id,
+            dev_name=dev_name,
+            repo_name=repo_name,
+            repo_path=Path(repo_path),
+            task_description=task_description,
+            event=event,
+            devs_options=parsed_devs_options,
+            task_type=task_type
+        )
+        
+        # Output result as JSON to stdout
+        output = {
+            'success': result['success'],
+            'output': result.get('output', ''),
+            'error': result.get('error'),
+            'task_id': task_id,
+            'timestamp': datetime.now(tz=timezone.utc).isoformat()
+        }
+        
+        print(json.dumps(output))
+        sys.exit(0 if result['success'] else 1)
+        
+    except Exception as e:
+        error_msg = f"Worker subprocess failed: {str(e)}"
+        logger.error("Worker subprocess error",
+                    task_id=task_id,
+                    error=error_msg,
+                    exc_info=True)
+        
+        # Output error as JSON to stdout
+        error_output = {
+            'success': False,
+            'output': '',
+            'error': error_msg,
+            'task_id': task_id,
+            'timestamp': datetime.now(tz=timezone.utc).isoformat()
+        }
+        
+        print(json.dumps(error_output))
+        sys.exit(1)
+
+
+def _process_task_subprocess(
+    task_id: str,
+    dev_name: str, 
+    repo_name: str,
+    repo_path: Path,
+    task_description: Optional[str],
+    event,
+    devs_options,
+    task_type: str = 'claude'
+) -> dict:
+    """Process a single task in subprocess (extracted from ContainerPool._process_task).
+    
+    Args:
+        task_id: Unique task identifier
+        dev_name: Name of container to execute in
+        repo_name: Repository name (owner/repo)
+        repo_path: Path to repository on host
+        task_description: Task description for Claude (unused for tests, can be None for test tasks)
+        event: WebhookEvent instance
+        devs_options: DevsOptions instance
+        task_type: Task type ('claude' or 'tests')
+        
+    Returns:
+        Dict with 'success', 'output', and optionally 'error' keys
+    """
+    logger.info("Starting task processing in subprocess",
+               task_id=task_id,
+               dev_name=dev_name,
+               repo_name=repo_name,
+               repo_path=str(repo_path),
+               task_type=task_type)
+    
+    try:
+        # Verify repository exists (should already be cloned by container_pool)
+        if not repo_path.exists():
+            raise Exception(f"Repository path does not exist: {repo_path}")
+        
+        # Create project instance
+        logger.info("Creating project instance",
+                   task_id=task_id,
+                   dev_name=dev_name,
+                   repo_path=str(repo_path),
+                   task_type=task_type)
+        
+        project = Project(repo_path)
+        workspace_name = project.get_workspace_name(dev_name)
+        
+        logger.info("Project created successfully",
+                   task_id=task_id,
+                   dev_name=dev_name,
+                   project_name=project.info.name,
+                   workspace_name=workspace_name,
+                   task_type=task_type)
+        
+        # Initialize appropriate dispatcher based on task type
+        if task_type == 'tests':
+            dispatcher = TestDispatcher()
+            logger.info("Executing task with Test dispatcher",
+                       task_id=task_id,
+                       dev_name=dev_name,
+                       workspace_name=workspace_name)
+            
+            # Execute tests
+            result = asyncio.run(dispatcher.execute_tests(
+                dev_name=dev_name,
+                repo_path=repo_path,
+                event=event,
+                devs_options=devs_options
+            ))
+        else:
+            # Default to Claude execution
+            dispatcher = ClaudeDispatcher()
+            logger.info("Executing task with Claude dispatcher",
+                       task_id=task_id,
+                       dev_name=dev_name,
+                       workspace_name=workspace_name)
+            
+            # Ensure task_description is provided for Claude tasks
+            if not task_description:
+                raise ValueError("task_description is required for Claude tasks")
+            
+            # Execute Claude task
+            result = asyncio.run(dispatcher.execute_task(
+                dev_name=dev_name,
+                repo_path=repo_path,
+                task_description=task_description,
+                event=event,
+                devs_options=devs_options
+            ))
+        
+        if result.success:
+            logger.info("Task execution completed successfully",
+                       task_id=task_id,
+                       dev_name=dev_name,
+                       output_length=len(result.output) if result.output else 0)
+            
+            return {
+                'success': True,
+                'output': result.output,
+            }
+        else:
+            logger.error("Task execution failed",
+                        task_id=task_id,
+                        dev_name=dev_name,
+                        error=result.error,
+                        output_preview=result.output[:500] if result.output else "")
+            
+            return {
+                'success': False,
+                'output': result.output or '',
+                'error': result.error
+            }
+            
+    except Exception as e:
+        error_msg = f"Task processing failed: {str(e)}"
+        logger.error("Task processing error in subprocess",
+                    task_id=task_id,
+                    dev_name=dev_name,
+                    repo_name=repo_name,
+                    repo_path=str(repo_path),
+                    error=error_msg,
+                    error_type=type(e).__name__,
+                    exc_info=True)
+        
+        return {
+            'success': False,
+            'output': '',
+            'error': error_msg
+        }
+
+
+if __name__ == '__main__':
+    import os
+    worker()