omneval-devloop 0.0.1__py3-none-any.whl

devloop/github_ops.py

@@ -0,0 +1,167 @@
+"""GitHub REST activities for the Dev Loop (issues #22, #23).
+
+Network access is via ``httpx`` against the GitHub REST API. Each enrolled
+project carries its own scoped GitHub token (``github_token_secret`` in the
+registry); the token is resolved per project from that Secret at call time, so
+different orgs/owners use different credentials.
+"""
+
+from __future__ import annotations
+
+import logging
+import os
+import re
+from dataclasses import dataclass, field
+from typing import Any
+
+from temporalio import activity
+
+from . import cluster
+from .projects import ProjectConfig, get_project, parse_github_repo
+from .shared import OpenAgentPRsInput, PostCommentsInput
+
+log = logging.getLogger(__name__)
+
+GITHUB_API = os.getenv("GITHUB_API", "https://api.github.com")
+
+# Agent issue branches are named ``agent/issue-<N>[-slug]`` (see entrypoint.py).
+_AGENT_BRANCH = re.compile(r"^agent/issue-(\d+)")
+
+
+def agent_pr_issue_numbers(pulls: list[dict[str, Any]]) -> list[int]:
+    """Issue numbers that already have an open agent PR.
+
+    Pure helper (no network) so it is unit-testable. Reads each PR's head branch
+    and matches the ``agent/issue-<N>`` convention the execute phase pushes. Used
+    by the Dev Loop planner to skip issues whose work is already up for human
+    review — under the PR-review merge model an issue stays *open* until its PR
+    is merged, so without this filter the planner would re-surface it every round.
+    """
+    nums: set[int] = set()
+    for pr in pulls:
+        ref = (pr.get("head") or {}).get("ref", "")
+        m = _AGENT_BRANCH.match(ref)
+        if m:
+            nums.add(int(m.group(1)))
+    return sorted(nums)
+
+
+# --------------------------------------------------------------------------- #
+# HTTP helpers
+# --------------------------------------------------------------------------- #
+def _headers(token: str) -> dict[str, str]:
+    return {
+        "Authorization": f"Bearer {token}",
+        "Accept": "application/vnd.github+json",
+        "X-GitHub-Api-Version": "2022-11-28",
+    }
+
+
+def _client(cfg: ProjectConfig):
+    import httpx
+
+    token = cluster.read_secret_value(cfg.github_token_secret, "GITHUB_TOKEN")
+    return httpx.Client(base_url=GITHUB_API, headers=_headers(token), timeout=30.0)
+
+
+# --------------------------------------------------------------------------- #
+# Activity inputs
+# --------------------------------------------------------------------------- #
+@dataclass
+class NewIssue:
+    title: str
+    body: str
+
+
+@dataclass
+class FileIssuesInput:
+    project_id: str
+    issues: list[NewIssue] = field(default_factory=list)
+
+
+# --------------------------------------------------------------------------- #
+# Activities
+# --------------------------------------------------------------------------- #
+@activity.defn
+async def post_pr_comments(inp: PostCommentsInput) -> None:
+    """Post the reviewer's findings to a PR: a summary comment plus any
+    line-anchored inline review comments. Called by the Dev Loop after the review
+    Agent Execution Job returns its ``review`` payload."""
+    cfg = get_project(inp.project_id)
+    repo = parse_github_repo(cfg.github_url)
+    with _client(cfg) as c:
+        # PR-level summary comment
+        c.post(
+            f"/repos/{repo}/issues/{inp.pr_number}/comments",
+            json={"body": f"### Agent review\n\n{inp.summary}"},
+        ).raise_for_status()
+        # Inline review comments (best-effort; needs the head commit SHA)
+        if inp.inline_comments:
+            pr = c.get(f"/repos/{repo}/pulls/{inp.pr_number}")
+            pr.raise_for_status()
+            commit_id = pr.json()["head"]["sha"]
+            comments = [
+                {"path": ic.file, "line": ic.line, "side": "RIGHT", "body": ic.body}
+                for ic in inp.inline_comments
+            ]
+            c.post(
+                f"/repos/{repo}/pulls/{inp.pr_number}/reviews",
+                json={"commit_id": commit_id, "event": "COMMENT", "comments": comments},
+            ).raise_for_status()
+    log.info(
+        "posted %d inline comment(s) to %s#%d",
+        len(inp.inline_comments),
+        repo,
+        inp.pr_number,
+    )
+
+
+@activity.defn
+async def file_issues(inp: FileIssuesInput) -> list[int]:
+    """File new agent-ready issues. The seam for the forthcoming QA Validator
+    agent, which files follow-up issues for problems it finds; not yet wired into
+    any workflow."""
+    cfg = get_project(inp.project_id)
+    repo = parse_github_repo(cfg.github_url)
+    created: list[int] = []
+    with _client(cfg) as c:
+        for issue in inp.issues:
+            resp = c.post(
+                f"/repos/{repo}/issues",
+                json={
+                    "title": issue.title,
+                    "body": issue.body,
+                    "labels": [cfg.agent_label],
+                },
+            )
+            resp.raise_for_status()
+            created.append(resp.json()["number"])
+    log.info("filed %d new issue(s) in %s: %s", len(created), repo, created)
+    return created
+
+
+@activity.defn
+async def open_agent_pr_issue_numbers(inp: OpenAgentPRsInput) -> list[int]:
+    """Return issue numbers that already have an open agent PR (head branch
+    ``agent/issue-<N>``). The Dev Loop planner uses this to drop issues whose
+    work is awaiting human review on a PR, so they aren't re-planned each round.
+    """
+    cfg = get_project(inp.project_id)
+    repo = parse_github_repo(cfg.github_url)
+    pulls: list[dict[str, Any]] = []
+    with _client(cfg) as c:
+        page = 1
+        while True:
+            resp = c.get(
+                f"/repos/{repo}/pulls",
+                params={"state": "open", "per_page": 100, "page": page},
+            )
+            resp.raise_for_status()
+            batch = resp.json()
+            if not batch:
+                break
+            pulls.extend(batch)
+            page += 1
+    numbers = agent_pr_issue_numbers(pulls)
+    log.info("issues with open agent PRs in %s: %s", repo, numbers)
+    return numbers

devloop/k8s_jobs.py

@@ -0,0 +1,367 @@
+"""Kubernetes Job dispatch for Agent Execution Jobs (issue #18).
+
+A single Temporal activity, ``dispatch_agent_job``, renders a ``batch/v1`` Job
+from a Project Registry entry, creates it in the ``agents`` namespace, polls it
+to a terminal state, and reads the output ConfigMap the Job writes.
+
+Design notes
+------------
+* The kubernetes client is reached through the ``cluster`` module
+  (``cluster.batch()`` / ``cluster.core()`` and its ConfigMap helpers) so unit
+  tests can monkeypatch one seam without a cluster.
+* A failed Job (or a Job whose output ConfigMap reports ``failed``) raises an
+  exception so Temporal's retry policy (max 3) re-runs the activity. Each
+  attempt gets a fresh Job name (``…-a<attempt>``).
+* If the Job reports ``awaiting_human`` (a mid-run blocking question, issue
+  #21) the activity returns that result *without* deleting the Job — it stays
+  Running, polling its input ConfigMap for the answer. The workflow then calls
+  :func:`answer_agent_job` and :func:`await_agent_job`.
+* ``cleanup_agent_job`` deletes the Job and ConfigMap after a retention window.
+"""
+
+from __future__ import annotations
+
+import asyncio
+import json
+import logging
+import os
+
+from temporalio import activity
+from temporalio.exceptions import ApplicationError
+
+from . import cluster
+from .cluster import NAMESPACE
+from .shared import (
+    KEY_HUMAN_ANSWER,
+    KEY_RESULT,
+    AgentJobResult,
+    AnswerInput,
+    AwaitInput,
+    DispatchInput,
+    JobStatus,
+)
+from .projects import get_project
+
+log = logging.getLogger(__name__)
+
+SERVICE_ACCOUNT = os.getenv("AGENT_JOB_SERVICE_ACCOUNT", "agent-job")
+TEMPORAL_HOST = os.getenv("TEMPORAL_HOST", "localhost:7233")
+OMNEVAL_OTLP_ENDPOINT = os.getenv(
+    "OMNEVAL_OTLP_ENDPOINT", "http://omneval-ingest.omneval.svc.cluster.local:8000"
+)
+OPENAI_BASE_URL = os.getenv("AGENT_OPENAI_BASE_URL", "http://192.168.68.104/v1")
+AGENT_BASE_IMAGE = os.getenv(
+    "AGENT_BASE_IMAGE", "ghcr.io/omneval/devloop-agent-base:latest"
+)
+
+# Defaults; overridable via DispatchInput for tests.
+DEFAULT_CPU = os.getenv("AGENT_JOB_CPU", "2")
+DEFAULT_MEMORY = os.getenv("AGENT_JOB_MEMORY", "4Gi")
+JOB_ACTIVE_DEADLINE = int(os.getenv("AGENT_JOB_ACTIVE_DEADLINE", "7200"))
+
+
+# --------------------------------------------------------------------------- #
+# Job spec rendering
+# --------------------------------------------------------------------------- #
+def job_name_for(d: DispatchInput, attempt: int, discriminator: str = "") -> str:
+    """Build a Job name. Dev-loop jobs disambiguate by issue number; jobs with
+    no issue (Alert Response diagnosis) use ``discriminator`` (a per-workflow
+    hash) so two concurrent/rapid alerts don't collide on the same Job name and
+    read each other's stale output ConfigMap."""
+    spec = d.task_spec
+    base = f"agent-{spec.project_id}-{spec.phase}"
+    if d.issue_number:
+        base += f"-{d.issue_number}"
+    elif discriminator:
+        base += f"-{discriminator}"
+    return f"{base}-a{attempt}".replace("_", "-").lower()[:60]
+
+
+def _resolve_job_refs(d: DispatchInput):
+    """Resolve (image, omneval_secret, github_url, default_branch, github_token_secret).
+
+    Registry-backed jobs read from the project entry; alert-response style jobs
+    pass explicit overrides and have no registry project. ``github_token_secret``
+    may be empty for jobs that need no GitHub access (e.g. diagnosis).
+    """
+    try:
+        cfg = get_project(d.project_id)
+    except KeyError:
+        cfg = None
+    image = d.image_override or (cfg.agent_image if cfg else AGENT_BASE_IMAGE)
+    omneval_secret = d.omneval_secret_override or (
+        cfg.omneval_ingest_secret if cfg else ""
+    )
+    github_url = d.github_url_override or (cfg.github_url if cfg else "")
+    default_branch = cfg.default_branch if cfg else "main"
+    github_token_secret = d.github_token_secret_override or (
+        cfg.github_token_secret if cfg else ""
+    )
+    if not omneval_secret:
+        raise ValueError(
+            f"no omneval ingest secret for project {d.project_id!r} "
+            "(set omneval_secret_override or add a registry entry)"
+        )
+    return image, omneval_secret, github_url, default_branch, github_token_secret
+
+
+def render_job(d: DispatchInput, job_name: str) -> dict:
+    """Render the ``batch/v1`` Job manifest for an Agent Execution Job."""
+    image, omneval_secret, github_url, default_branch, github_token_secret = (
+        _resolve_job_refs(d)
+    )
+    spec = d.task_spec
+
+    # omneval ingest is X-API-Key auth, NOT bearer; the omneval project is
+    # resolved server-side from the key, so no project_id is sent.
+    env = [
+        {"name": "TASK_SPEC", "value": spec.to_env_value()},
+        {"name": "PROJECT_ID", "value": d.project_id},
+        {"name": "GITHUB_URL", "value": github_url},
+        {"name": "DEFAULT_BRANCH", "value": default_branch},
+        {"name": "TEMPORAL_HOST", "value": TEMPORAL_HOST},
+        {"name": "OUTPUT_CONFIGMAP", "value": job_name},
+        {"name": "OPENAI_BASE_URL", "value": OPENAI_BASE_URL},
+        # OTLP / omneval tracing
+        {"name": "OTEL_EXPORTER_OTLP_PROTOCOL", "value": "http/protobuf"},
+        {
+            "name": "OTEL_EXPORTER_OTLP_ENDPOINT",
+            "value": os.environ.get(
+                "OTEL_EXPORTER_OTLP_ENDPOINT", OMNEVAL_OTLP_ENDPOINT
+            ),
+        },
+        {
+            "name": "OMNEVAL_API_KEY",
+            "valueFrom": {"secretKeyRef": {"name": omneval_secret, "key": "api-key"}},
+        },
+        {
+            "name": "OTEL_EXPORTER_OTLP_HEADERS",
+            # If the worker has an explicit override use it; otherwise default to
+            # omneval X-API-Key substitution referencing the secret env var.
+            "value": os.environ.get(
+                "OTEL_EXPORTER_OTLP_HEADERS", "x-api-key=$(OMNEVAL_API_KEY)"
+            ),
+        },
+        # OTEL_SERVICE_NAME is set to the phase so spans are tagged per-phase;
+        # the worker's own OTEL_SERVICE_NAME is intentionally NOT inherited here.
+        {"name": "OTEL_SERVICE_NAME", "value": spec.phase},
+    ]
+
+    # Pass through LLM connection env and stub flag from the worker process so
+    # the agent entrypoint can reach the DGX model endpoint and take the stub
+    # fast-path when AGENT_STUB=1.  Only include vars that are actually set —
+    # skip missing ones rather than forwarding empty strings.
+    for var in ("AGENT_MODEL", "AGENT_LLM_BASE_URL", "AGENT_LLM_API_KEY", "AGENT_STUB"):
+        val = os.environ.get(var)
+        if val:
+            env.append({"name": var, "value": val})
+
+    # Reviewer the merge phase tags on the PR it opens (assignee + @-mention).
+    # Sourced from the registry; absent for non-registry (alert-response) jobs.
+    try:
+        reviewer = get_project(d.project_id).pr_reviewer
+    except KeyError:
+        reviewer = ""
+    if reviewer:
+        env.append({"name": "PR_REVIEWER", "value": reviewer})
+
+    # Per-project GitHub token (scoped to that owner/org). Omitted for jobs that
+    # need no GitHub access, e.g. Alert Response diagnosis.
+    # ``GITHUB_TOKEN`` is used for git push/clone; ``GH_TOKEN`` is consumed by
+    # the ``gh`` CLI (``gh issue list``) inside the agent sandbox.
+    if github_token_secret:
+        env.extend(
+            [
+                {
+                    "name": "GITHUB_TOKEN",
+                    "valueFrom": {
+                        "secretKeyRef": {
+                            "name": github_token_secret,
+                            "key": "GITHUB_TOKEN",
+                        }
+                    },
+                },
+                {
+                    "name": "GH_TOKEN",
+                    "valueFrom": {
+                        "secretKeyRef": {
+                            "name": github_token_secret,
+                            "key": "GITHUB_TOKEN",
+                        }
+                    },
+                },
+            ]
+        )
+
+    return {
+        "apiVersion": "batch/v1",
+        "kind": "Job",
+        "metadata": {
+            "name": job_name,
+            "namespace": NAMESPACE,
+            "labels": {
+                "app.kubernetes.io/managed-by": "orchestration-worker",
+                "agents.homelab/project": d.project_id,
+                "agents.homelab/phase": spec.phase,
+            },
+        },
+        "spec": {
+            "backoffLimit": 0,  # Temporal owns retries, not the Job controller
+            "activeDeadlineSeconds": JOB_ACTIVE_DEADLINE,
+            "ttlSecondsAfterFinished": int(d.retention_seconds),
+            "template": {
+                "metadata": {
+                    "labels": {"agents.homelab/project": d.project_id},
+                },
+                "spec": {
+                    "restartPolicy": "Never",
+                    "serviceAccountName": d.service_account_override or SERVICE_ACCOUNT,
+                    "containers": [
+                        {
+                            "name": "agent",
+                            "image": image,
+                            "command": ["python", "/usr/local/bin/agent-entrypoint.py"],
+                            "env": env,
+                            "resources": {
+                                "requests": {
+                                    "cpu": DEFAULT_CPU,
+                                    "memory": DEFAULT_MEMORY,
+                                },
+                                "limits": {"memory": DEFAULT_MEMORY},
+                            },
+                        }
+                    ],
+                },
+            },
+        },
+    }
+
+
+# --------------------------------------------------------------------------- #
+# ConfigMap read/write helpers
+# --------------------------------------------------------------------------- #
+def _read_output(job_name: str) -> dict | None:
+    """Return the parsed output ConfigMap payload, or None if not yet written."""
+    data = cluster.read_configmap_data(job_name)
+    if not data:
+        return None
+    raw = data.get(KEY_RESULT)
+    if not raw:
+        return None
+    return json.loads(raw)
+
+
+def _job_terminal(job) -> str | None:
+    """Return 'complete', 'failed', or None for a batch/v1 Job object/dict."""
+    status = job.status if not isinstance(job, dict) else job.get("status", {})
+    succeeded = (
+        getattr(status, "succeeded", None)
+        if not isinstance(status, dict)
+        else status.get("succeeded")
+    )
+    failed = (
+        getattr(status, "failed", None)
+        if not isinstance(status, dict)
+        else status.get("failed")
+    )
+    if succeeded:
+        return "complete"
+    if failed:
+        return "failed"
+    return None
+
+
+# --------------------------------------------------------------------------- #
+# Polling
+# --------------------------------------------------------------------------- #
+async def _poll_to_terminal(
+    batch, job_name: str, poll_interval: float
+) -> AgentJobResult:
+    """Poll a running Job until terminal or until it asks a human a question."""
+    while True:
+        payload = _read_output(job_name)
+        if payload and payload.get("status") == JobStatus.AWAITING_HUMAN.value:
+            log.info("job %s is awaiting a human reply", job_name)
+            return AgentJobResult.from_payload(payload, job_name)
+
+        job = batch.read_namespaced_job_status(job_name, NAMESPACE)
+        terminal = _job_terminal(job)
+        if terminal == "complete":
+            payload = _read_output(job_name) or {"status": JobStatus.COMPLETE.value}
+            return AgentJobResult.from_payload(payload, job_name)
+        if terminal == "failed":
+            payload = _read_output(job_name) or {}
+            err = payload.get("error", f"Job {job_name} failed without output")
+            raise ApplicationError(f"agent job failed: {err}", type="AgentJobFailed")
+
+        await asyncio.sleep(poll_interval)
+
+
+# --------------------------------------------------------------------------- #
+# Activities
+# --------------------------------------------------------------------------- #
+@activity.defn
+async def dispatch_agent_job(d: DispatchInput) -> AgentJobResult:
+    """Render + create an Agent Execution Job, then poll it to completion."""
+    attempt = activity.info().attempt
+    # Jobs without an issue number (Alert Response diagnosis) share a name across
+    # workflows; disambiguate by a hash of the workflow id so concurrent alerts
+    # get distinct Jobs/ConfigMaps. Stable across retries (same workflow run).
+    discriminator = ""
+    if not d.issue_number:
+        import hashlib
+
+        discriminator = hashlib.sha1(activity.info().workflow_id.encode()).hexdigest()[
+            :8
+        ]
+    job_name = job_name_for(d, attempt, discriminator)
+    manifest = render_job(d, job_name)
+
+    batch = cluster.batch()
+
+    from kubernetes.client.exceptions import ApiException
+
+    try:
+        batch.create_namespaced_job(NAMESPACE, manifest)
+        log.info("created job %s (attempt %d)", job_name, attempt)
+    except ApiException as exc:
+        if getattr(exc, "status", None) != 409:  # already exists (retry attach)
+            raise
+        log.info("job %s already exists, attaching", job_name)
+
+    return await _poll_to_terminal(batch, job_name, d.poll_interval_seconds)
+
+
+@activity.defn
+async def answer_agent_job(inp: AnswerInput) -> None:
+    """Write a human's reply to the Job's input ConfigMap so it can resume."""
+    cluster.patch_configmap_data(inp.job_name, {KEY_HUMAN_ANSWER: inp.answer})
+    log.info("answered job %s", inp.job_name)
+
+
+@activity.defn
+async def await_agent_job(inp: AwaitInput) -> AgentJobResult:
+    """Continue polling a Job that was previously parked on a human question."""
+    return await _poll_to_terminal(
+        cluster.batch(), inp.job_name, inp.poll_interval_seconds
+    )
+
+
+@activity.defn
+async def cleanup_agent_job(job_name: str) -> None:
+    """Delete the Job and its output ConfigMap (best-effort)."""
+    from kubernetes.client import V1DeleteOptions
+    from kubernetes.client.exceptions import ApiException
+
+    batch, core = cluster.batch(), cluster.core()
+    for fn in (
+        lambda: batch.delete_namespaced_job(
+            job_name, NAMESPACE, body=V1DeleteOptions(propagation_policy="Background")
+        ),
+        lambda: core.delete_namespaced_config_map(job_name, NAMESPACE),
+    ):
+        try:
+            fn()
+        except ApiException as exc:
+            if getattr(exc, "status", None) != 404:
+                log.warning("cleanup error for %s: %s", job_name, exc)

devloop/projects.py

@@ -0,0 +1,121 @@
+"""Project registry loader for the Orchestration Worker.
+
+Reads agents/projects.yaml and surfaces typed ProjectConfig objects.
+No dynamic reload — restart the worker to pick up registry changes.
+"""
+
+from __future__ import annotations
+
+import logging
+from dataclasses import dataclass
+from pathlib import Path
+from typing import Any
+
+import yaml
+
+logger = logging.getLogger(__name__)
+
+_REQUIRED_FIELDS = (
+    "id",
+    "github_url",
+    "default_branch",
+    "agent_image",
+    "agent_label",
+    "discord_channel",
+    "omneval_ingest_secret",
+    "github_token_secret",
+)
+
+
+@dataclass(frozen=True)
+class ProjectConfig:
+    id: str
+    github_url: str
+    default_branch: str
+    agent_image: str
+    agent_label: str
+    discord_channel: str
+    omneval_ingest_secret: str
+    # Secret (agents ns, key "GITHUB_TOKEN") holding this project's scoped GitHub
+    # token. Per-project so each org/owner gets its own credential — the worker
+    # resolves it per project and the Agent Execution Job mounts it.
+    github_token_secret: str
+    # GitHub login tagged for review on the PR the merge phase opens (assignee +
+    # @-mention). Optional; empty means the merge phase opens the PR untagged.
+    pr_reviewer: str = ""
+
+
+def load_projects(path: str | Path) -> list[ProjectConfig]:
+    """Parse projects.yaml and return a list of ProjectConfig.
+
+    Raises ValueError if any project entry is missing required fields.
+    """
+    raw = Path(path).read_text()
+    data: dict[str, Any] = yaml.safe_load(raw)
+    entries = data.get("projects", [])
+    configs: list[ProjectConfig] = []
+    for entry in entries:
+        missing = [f for f in _REQUIRED_FIELDS if f not in entry]
+        if missing:
+            raise ValueError(
+                f"Project entry missing required fields: {missing!r} in {entry!r}"
+            )
+        configs.append(
+            ProjectConfig(
+                id=entry["id"],
+                github_url=entry["github_url"],
+                default_branch=entry["default_branch"],
+                agent_image=entry["agent_image"],
+                agent_label=entry["agent_label"],
+                discord_channel=entry["discord_channel"],
+                omneval_ingest_secret=entry["omneval_ingest_secret"],
+                github_token_secret=entry["github_token_secret"],
+                pr_reviewer=entry.get("pr_reviewer", ""),
+            )
+        )
+    logger.info(
+        "loaded %d project%s: %s",
+        len(configs),
+        "" if len(configs) == 1 else "s",
+        ", ".join(c.id for c in configs),
+    )
+    return configs
+
+
+# ---------------------------------------------------------------------------
+# Process-wide registry.
+#
+# The worker calls install_registry() once at startup; activities then resolve
+# project configs by id without re-reading the file (no dynamic reload — a
+# worker restart is required to pick up registry changes).
+# ---------------------------------------------------------------------------
+
+_REGISTRY: dict[str, ProjectConfig] = {}
+
+
+def install_registry(path: str | Path) -> list[ProjectConfig]:
+    """Load projects.yaml and make the configs available process-wide."""
+    configs = load_projects(path)
+    _REGISTRY.clear()
+    _REGISTRY.update({c.id: c for c in configs})
+    return configs
+
+
+def get_project(project_id: str) -> ProjectConfig:
+    """Return the registered ProjectConfig for ``project_id``.
+
+    Raises KeyError if the project is not in the registry.
+    """
+    try:
+        return _REGISTRY[project_id]
+    except KeyError:
+        raise KeyError(
+            f"project {project_id!r} not in registry (known: {sorted(_REGISTRY)})"
+        ) from None
+
+
+def parse_github_repo(github_url: str) -> str:
+    """Return ``owner/repo`` from a GitHub URL (used for gh CLI / REST calls)."""
+    slug = github_url.rstrip("/").removesuffix(".git")
+    parts = slug.split("/")
+    return f"{parts[-2]}/{parts[-1]}"