a78b1542da
* feat: pullfrog auth codex + fresh-branch Add `pullfrog auth codex` standalone command for minting Codex (ChatGPT) subscription credentials and saving them as the `CODEX_AUTH_JSON` Pullfrog secret. Codex device-auth runs in a subprocess with an isolated `CODEX_HOME` (temp dir) so the user's `~/.codex/auth.json` is never touched. The spawned `codex login --device-auth` output is captured line-by-line, ANSI-stripped, and re-rendered with a `$ codex login --device-auth` header above dimmed sub-output on the @clack/prompts rail so the user visually understands they're seeing a sub-process. Companion `pnpm fresh-branch` script: from inside `.worktrees/<name>`, creates a schema-only Neon branch named `dev/<git-branch>`, patches the worktree's `.env` (DATABASE_URL, DATABASE_URL_UNPOOLED, NEON_DEV_BRANCH), then runs `prisma migrate reset --force` so migrations apply cleanly against a data-free copy. Refuses to run from the primary checkout or on protected branch names. Other: - bump CLI/account/repo secret value limit 4096 -> 49152 chars (matches GitHub Actions' 48KB cap; auth.json is ~4-5KB) - extract shared CLI helpers (gh/pullfrog API, secret save) into `action/commands/_shared.ts` * fix(auth): address PR review + add CodexAuthCallout, default account scope Review fixes: - handle 'error' event from `codex` spawn (ENOENT) so missing PATH bails with an actionable "install codex CLI" message instead of an unhandled Node error - escalate SIGTERM -> SIGKILL after 5s grace when killing a stuck codex child so the CLI can't get pinned indefinitely - stop the spinner with a red "failed" glyph in the catch path before clearing activeSpin, mirroring `bail` (no orphan spinner above errors) - enforce 48 KB secret value cap by *bytes* (Buffer.byteLength) not UTF-16 code units, across all 3 secret routes; matches GH Actions' byte-based limit - preserve existing blank lines + comments when fresh-branch rewrites worktree .env (no more cosmetic reformat on every run) Scope: - default to `account` scope on org-owned repos too — never silently prompt for repo scope. Pullfrog has no per-GitHub-user secret store, so account is right for both user and org owners; `--scope repo` is the explicit opt-in for repo-only. UI: - new CodexAuthCallout (sibling to ClaudeCodeOAuthCallout); surfaces `pullfrog auth codex` for ChatGPT subscribers when an OpenAI provider model is selected. wired into AgentSettings.tsx (model-costs surface) and OnboardingCard.tsx (first-time setup). no paste button — the CLI handles minting + saving end-to-end. * auth/codex: rename to neon-fresh-branch, address PR review - rename `pnpm fresh-branch` → `pnpm neon-fresh-branch` (and the script file) to disambiguate from git branches. - `--scope` help text now explains the default (account) and when to pass `repo`. - move `_shared.ts` import up with the rest in `action/commands/auth.ts` and push the `stripAnsi` helper below the import block. - `sanitizeBranchName` no longer slices: slicing after trim could reintroduce a trailing `-`/`/`. callers slice the raw input first, then sanitize. - DRY the `start` branch of the codex progress callback (single header path, optional retry log). - thread a `timedOut` flag from `runDeviceAuth` → `ProgressEvent.exit` so the retry prompt can say "device authorization timed out — retry?" instead of the generic "no auth.json was written" line when the per-attempt timeout fires. - drop the redundant `mkdirSync` after `mkdtempSync` in `codexAuth.ts`. * untrack .scratch/ (committed screenshot fixture by mistake) * auth codex: prompt for scope on orgs (mirrors init) * revert worktree.ts: out of scope for this PR * anneal: trim _shared.ts dead exports, collapse CodexSpawnError, inline packageBin * codex auth: wire end-to-end runtime consumer CODEX_AUTH_JSON is now actually usable: the action runtime materializes it as OpenCode's auth.json at the runner's real $HOME/.local/share/opencode, OpenCode routes openai requests through the ChatGPT subscription via the embedded CodexAuthPlugin, and a GitHub Actions post: hook detects any refresh-chain rotation during the run and PUTs it back to Pullfrog via a new JWT-authenticated PUT /api/runtime/secret endpoint. Key decisions: - Write to the real $HOME (not the per-run tmpdir-redirected HOME) so the file lives outside OpenCode's `/tmp/*` permission allow zone — its existing deny-default protects it without any new permission rule. - Materialization gated on agent === opencode (Codex auth is OpenAI-only, Claude never sees the file). - Defense-in-depth on Claude: deny Read/Grep/Edit/Glob + sandbox.denyRead for ~/.local/share/opencode/auth.json in managedSettings (covers Bash file-reading commands too per Claude Code permissions docs). - New `provider.managedCredentials` field on the provider config — CLI-only credentials authored via `pullfrog auth <provider>`. Counted for hasAnyKey/log-redaction but never surfaced as a paste option in init. CODEX_AUTH_JSON is the first member; OPENAI_API_KEY stays in envVars. - Eager refresh on `pullfrog auth codex`: one OAuth round-trip before setPullfrogSecret so Pullfrog's copy is the freshest in the chain (avoids the user's laptop refreshing first and stranding our copy). - Post-hook approach for write-back so it survives cancellation, timeouts, and unhandled errors in the main step. State is ferried via core.saveState since apiToken is run-scoped and not in env. - Server-side write-back endpoint is allowlist-gated to CODEX_AUTH_JSON only — never a generic secret-write surface. Looks up the secret at repo scope first, falls back to account scope. 404s on create (refresh-only, never auto-provision). * codex auth: documentation + wiki cross-links * debug: log dbSecrets keys + CODEX_AUTH_JSON presence (temporary) * debug: surface install path + parse failure preview * remove debug log lines (E2E verified) * hide CodexAuthCallout until opencode-ai bump (1.1.56's allowed-models set excludes gpt-5.5)
298 lines
9.0 KiB
TypeScript
298 lines
9.0 KiB
TypeScript
/**
|
|
* ⚠️ LIMITED IMPORTS - this file is imported by Next.js and must avoid pulling in backend code.
|
|
* All shared constants, types, and data used by both the Next.js app and the action runtime live here.
|
|
* Other files in action/ re-export from this file for backward compatibility.
|
|
*/
|
|
|
|
// mcp name constant
|
|
export const pullfrogMcpName = "pullfrog";
|
|
|
|
/** @see {@link file://./agents/shared.ts} Agent interface that uses this type */
|
|
export type AgentId = "claude" | "opencode";
|
|
|
|
/**
|
|
* format a tool name the way each agent's MCP client presents it to the model.
|
|
* claude code: mcp__pullfrog__select_mode
|
|
* opencode: pullfrog_select_mode
|
|
*/
|
|
export function formatMcpToolRef(agentId: AgentId, toolName: string): string {
|
|
switch (agentId) {
|
|
case "claude":
|
|
return `mcp__${pullfrogMcpName}__${toolName}`;
|
|
case "opencode":
|
|
return `${pullfrogMcpName}_${toolName}`;
|
|
default:
|
|
return agentId satisfies never;
|
|
}
|
|
}
|
|
|
|
// model alias registry lives in models.ts — re-exported here for shared access
|
|
export type { ModelAlias, ModelProvider, ProviderConfig } from "./models.ts";
|
|
export {
|
|
getModelEnvVars,
|
|
getModelManagedCredentials,
|
|
getModelProvider,
|
|
getProviderDisplayName,
|
|
modelAliases,
|
|
parseModel,
|
|
providers,
|
|
resolveCliModel,
|
|
resolveDisplayAlias,
|
|
resolveModelSlug,
|
|
resolveOpenRouterModel,
|
|
} from "./models.ts";
|
|
|
|
// tool permission types shared with server dispatch
|
|
export type ToolPermission = "disabled" | "enabled";
|
|
export type ShellPermission = "disabled" | "restricted" | "enabled";
|
|
export type PushPermission = "disabled" | "restricted" | "enabled";
|
|
|
|
// workflow yml permissions for GITHUB_TOKEN
|
|
export type WorkflowPermissionValue = "read" | "write" | "none";
|
|
export type WorkflowIdTokenPermissionValue = "write" | "none";
|
|
|
|
export interface WorkflowPermissions {
|
|
actions?: WorkflowPermissionValue;
|
|
attestations?: WorkflowPermissionValue;
|
|
checks?: WorkflowPermissionValue;
|
|
contents?: WorkflowPermissionValue;
|
|
deployments?: WorkflowPermissionValue;
|
|
discussions?: WorkflowPermissionValue;
|
|
"id-token"?: WorkflowIdTokenPermissionValue;
|
|
issues?: WorkflowPermissionValue;
|
|
models?: WorkflowPermissionValue;
|
|
packages?: WorkflowPermissionValue;
|
|
pages?: WorkflowPermissionValue;
|
|
"pull-requests"?: WorkflowPermissionValue;
|
|
"repository-projects"?: WorkflowPermissionValue;
|
|
"security-events"?: WorkflowPermissionValue;
|
|
statuses?: WorkflowPermissionValue;
|
|
}
|
|
|
|
// permission level for the author who triggered the event
|
|
// matches GitHub's permission levels: admin > write > maintain > triage > read > none
|
|
export type AuthorPermission = "admin" | "maintain" | "write" | "triage" | "read" | "none";
|
|
|
|
// base interface for common payload event fields
|
|
interface BasePayloadEvent {
|
|
issue_number?: number;
|
|
is_pr?: boolean;
|
|
branch?: string;
|
|
/** title of the issue/PR (or contextual title for comments) */
|
|
title?: string;
|
|
/** primary content for this trigger (issue body, PR body, comment body, review body, etc.) */
|
|
body?: string | null;
|
|
comment_id?: number;
|
|
review_id?: number;
|
|
review_state?: string;
|
|
thread?: any;
|
|
pull_request?: any;
|
|
check_suite?: {
|
|
id: number;
|
|
head_sha: string;
|
|
head_branch: string | null;
|
|
status: string | null;
|
|
conclusion: string | null;
|
|
url: string;
|
|
};
|
|
comment_ids?: number[] | "all";
|
|
/** permission level of the user who triggered this event */
|
|
authorPermission?: AuthorPermission;
|
|
/** when true, runs silently without progress comments (e.g., auto-labeling) */
|
|
silent?: boolean;
|
|
[key: string]: any;
|
|
}
|
|
|
|
interface PullRequestOpenedEvent extends BasePayloadEvent {
|
|
trigger: "pull_request_opened";
|
|
issue_number: number;
|
|
is_pr: true;
|
|
title: string;
|
|
body: string | null;
|
|
branch: string;
|
|
}
|
|
|
|
interface PullRequestReadyForReviewEvent extends BasePayloadEvent {
|
|
trigger: "pull_request_ready_for_review";
|
|
issue_number: number;
|
|
is_pr: true;
|
|
title: string;
|
|
body: string | null;
|
|
branch: string;
|
|
}
|
|
|
|
interface PullRequestReviewRequestedEvent extends BasePayloadEvent {
|
|
trigger: "pull_request_review_requested";
|
|
issue_number: number;
|
|
is_pr: true;
|
|
title: string;
|
|
body: string | null;
|
|
branch: string;
|
|
}
|
|
|
|
interface PullRequestReviewSubmittedEvent extends BasePayloadEvent {
|
|
trigger: "pull_request_review_submitted";
|
|
issue_number: number;
|
|
is_pr: true;
|
|
review_id: number;
|
|
/** review body is the primary content */
|
|
body: string | null;
|
|
review_state: string;
|
|
branch: string;
|
|
}
|
|
|
|
interface PullRequestReviewCommentCreatedEvent extends BasePayloadEvent {
|
|
trigger: "pull_request_review_comment_created";
|
|
issue_number: number;
|
|
is_pr: true;
|
|
title: string;
|
|
comment_id: number;
|
|
/** comment body is the primary content (null if already in prompt) */
|
|
body: string | null;
|
|
thread?: any;
|
|
branch: string;
|
|
}
|
|
|
|
interface IssuesOpenedEvent extends BasePayloadEvent {
|
|
trigger: "issues_opened";
|
|
issue_number: number;
|
|
title: string;
|
|
body: string | null;
|
|
}
|
|
|
|
interface IssuesAssignedEvent extends BasePayloadEvent {
|
|
trigger: "issues_assigned";
|
|
issue_number: number;
|
|
title: string;
|
|
body: string | null;
|
|
}
|
|
|
|
interface IssuesLabeledEvent extends BasePayloadEvent {
|
|
trigger: "issues_labeled";
|
|
issue_number: number;
|
|
title: string;
|
|
body: string | null;
|
|
}
|
|
|
|
interface IssueCommentCreatedEvent extends BasePayloadEvent {
|
|
trigger: "issue_comment_created";
|
|
comment_id: number;
|
|
/** distinguishes this from PR review comments (which use pull_request_review_comment_created) */
|
|
comment_type: "issue";
|
|
/** comment body is the primary content (null if already in prompt) */
|
|
body: string | null;
|
|
issue_number: number;
|
|
// PR-specific fields (only present when is_pr is true)
|
|
is_pr?: true;
|
|
branch?: string;
|
|
title?: string;
|
|
}
|
|
|
|
interface CheckSuiteCompletedEvent extends BasePayloadEvent {
|
|
trigger: "check_suite_completed";
|
|
issue_number: number;
|
|
is_pr: true;
|
|
title: string;
|
|
body: string | null;
|
|
pull_request: any;
|
|
branch: string;
|
|
check_suite: {
|
|
id: number;
|
|
head_sha: string;
|
|
head_branch: string | null;
|
|
status: string | null;
|
|
conclusion: string | null;
|
|
url: string;
|
|
};
|
|
}
|
|
|
|
interface WorkflowDispatchEvent extends BasePayloadEvent {
|
|
trigger: "workflow_dispatch";
|
|
}
|
|
|
|
interface FixReviewEvent extends BasePayloadEvent {
|
|
trigger: "fix_review";
|
|
issue_number: number;
|
|
is_pr: true;
|
|
review_id: number;
|
|
/** when true, only address comments the triggerer approved with 👍 (vs all comments) */
|
|
approved_only?: boolean | undefined;
|
|
}
|
|
|
|
interface ImplementPlanEvent extends BasePayloadEvent {
|
|
trigger: "implement_plan";
|
|
issue_number: number;
|
|
plan_comment_id: number;
|
|
/** plan content is the primary content (null if already in prompt) */
|
|
body: string | null;
|
|
}
|
|
|
|
interface PullRequestSynchronizeEvent extends BasePayloadEvent {
|
|
trigger: "pull_request_synchronize";
|
|
issue_number: number;
|
|
is_pr: true;
|
|
title: string;
|
|
body: string | null;
|
|
branch: string;
|
|
/** SHA before the push -- used to compute incremental range-diff between PR versions */
|
|
before_sha: string;
|
|
}
|
|
|
|
interface UnknownEvent extends BasePayloadEvent {
|
|
trigger: "unknown";
|
|
}
|
|
|
|
// discriminated union for payload event based on trigger
|
|
// note: all events use issue_number for consistency (PRs are issues in GitHub's API)
|
|
export type PayloadEvent =
|
|
| PullRequestOpenedEvent
|
|
| PullRequestReadyForReviewEvent
|
|
| PullRequestSynchronizeEvent
|
|
| PullRequestReviewRequestedEvent
|
|
| PullRequestReviewSubmittedEvent
|
|
| PullRequestReviewCommentCreatedEvent
|
|
| IssuesOpenedEvent
|
|
| IssuesAssignedEvent
|
|
| IssuesLabeledEvent
|
|
| IssueCommentCreatedEvent
|
|
| CheckSuiteCompletedEvent
|
|
| WorkflowDispatchEvent
|
|
| FixReviewEvent
|
|
| ImplementPlanEvent
|
|
| UnknownEvent;
|
|
|
|
// writeable payload type for building payloads
|
|
export interface WriteablePayload {
|
|
"~pullfrog": true;
|
|
/** semantic version of the payload to ensure compatibility */
|
|
version: string;
|
|
/** provider/model slug (e.g. "anthropic/claude-opus") */
|
|
model?: string | undefined;
|
|
/** the user's actual request (body if @pullfrog tagged) */
|
|
prompt: string;
|
|
/** github username of the human who triggered this workflow run */
|
|
triggerer?: string | undefined;
|
|
/** event-level instructions for this trigger type (flag-expanded server-side) */
|
|
eventInstructions?: string | undefined;
|
|
/**
|
|
* system-injected note about prior superseded runs (e.g. when the
|
|
* triggering @pullfrog comment is edited). rendered alongside the user's
|
|
* prompt rather than via eventInstructions so it survives user-prompt
|
|
* precedence.
|
|
*/
|
|
previousRunsNote?: string | undefined;
|
|
/** event data from webhook payload - discriminated union based on trigger field */
|
|
event: PayloadEvent;
|
|
/** timeout for agent run (e.g., "10m", "1h30m") - defaults to "1h" */
|
|
timeout?: string | undefined;
|
|
/** working directory for the agent */
|
|
cwd?: string | undefined;
|
|
/** pre-created progress comment (ID + type) for updating status */
|
|
progressComment?: { id: string; type: "issue" | "review" } | undefined;
|
|
/** when true, seed the PR summary tmpfile + persist edits at run end */
|
|
generateSummary?: boolean | undefined;
|
|
}
|
|
|
|
// immutable payload type for agent execution
|
|
export type Payload = Readonly<WriteablePayload>;
|