fix: simplify agentrun cli entrypoints
This commit is contained in:
@@ -1,6 +1,6 @@
|
||||
---
|
||||
name: unidesk-cicd
|
||||
description: UniDesk CI/CD 控制面 — `hwlab g14` 和 `agentrun v01` 子命令,覆盖 PR 监控自动合并、Tekton/Argo 控制面、git-mirror、Secret、observability、CI tools image、PipelineRun 清理和 AgentRun v0.1 部署。用户提到 CI/CD、deploy、rollout、PipelineRun、trigger、git-mirror、control-plane、k3s 部署、agentrun 部署、hwlab g14、monitor-prs、trigger-current 时使用。任何需要把代码变更推送部署到 G14 k3s 的操作都必须走本 skill。
|
||||
description: UniDesk CI/CD 控制面 — `hwlab g14` 和 `agentrun` 子命令,覆盖 PR 监控自动合并、Tekton/Argo 控制面、git-mirror、Secret、observability、CI tools image、PipelineRun 清理和 AgentRun v0.1 部署。用户提到 CI/CD、deploy、rollout、PipelineRun、trigger、git-mirror、control-plane、k3s 部署、agentrun 部署、hwlab g14、monitor-prs、trigger-current 时使用。任何需要把代码变更推送部署到 G14 k3s 的操作都必须走本 skill。
|
||||
---
|
||||
|
||||
# UniDesk HWLAB G14 CI/CD CLI
|
||||
@@ -191,15 +191,15 @@ bun scripts/cli.ts hwlab g14 record-rollout --pr <number> --source-commit <sha>
|
||||
## AgentRun v0.1 控制面
|
||||
|
||||
```bash
|
||||
bun scripts/cli.ts agentrun v01 control-plane status \
|
||||
bun scripts/cli.ts agentrun control-plane status \
|
||||
[--dry-run|--confirm]
|
||||
bun scripts/cli.ts agentrun v01 control-plane trigger-current \
|
||||
bun scripts/cli.ts agentrun control-plane trigger-current \
|
||||
[--dry-run|--confirm]
|
||||
bun scripts/cli.ts agentrun v01 control-plane refresh \
|
||||
bun scripts/cli.ts agentrun control-plane refresh \
|
||||
[--dry-run|--confirm]
|
||||
bun scripts/cli.ts agentrun v01 control-plane cleanup-runs \
|
||||
bun scripts/cli.ts agentrun control-plane cleanup-runs \
|
||||
[--min-age-minutes N] [--limit N] [--dry-run|--confirm]
|
||||
bun scripts/cli.ts agentrun v01 control-plane cleanup-released-pvs \
|
||||
bun scripts/cli.ts agentrun control-plane cleanup-released-pvs \
|
||||
[--limit N] [--dry-run|--confirm]
|
||||
```
|
||||
|
||||
@@ -209,14 +209,14 @@ bun scripts/cli.ts agentrun v01 control-plane cleanup-released-pvs \
|
||||
- `cleanup-runs`: 只清理 `agentrun-ci` 中已完成 PipelineRun + 临时 PVC;不清理 `agentrun-v01` runtime runner Job/Pod/Secret
|
||||
- `cleanup-released-pvs`: 回收 Released PV
|
||||
|
||||
AgentRun `control-plane status` 的 compact JSON 关键字段在 `.data.sourceCommit`、`.data.expectedPipelineRun`、`.data.runtimeAlignment`、`.data.gitMirror.summary` 等位置,不要假设存在 `.data.status`。触发部署后如果 GitOps 已 promotion 但 git mirror `pendingFlush=true`,先执行 `bun scripts/cli.ts agentrun v01 git-mirror flush --confirm --wait`,再 `control-plane refresh --confirm`,最后用 `control-plane status --full` 证明 `runtimeAlignment.localHeadMatchesOrigin=true`、`syncedToGitopsLatest=true`、`managerSourceMatchesExpected=true`。
|
||||
AgentRun `control-plane status` 的 compact JSON 关键字段在 `.data.sourceCommit`、`.data.expectedPipelineRun`、`.data.runtimeAlignment`、`.data.gitMirror.summary` 等位置,不要假设存在 `.data.status`。触发部署后如果 GitOps 已 promotion 但 git mirror `pendingFlush=true`,先执行 `bun scripts/cli.ts agentrun git-mirror flush --confirm --wait`,再 `control-plane refresh --confirm`,最后用 `control-plane status --full` 证明 `runtimeAlignment.localHeadMatchesOrigin=true`、`syncedToGitopsLatest=true`、`managerSourceMatchesExpected=true`。
|
||||
|
||||
## AgentRun v0.1 Git Mirror
|
||||
|
||||
```bash
|
||||
bun scripts/cli.ts agentrun v01 git-mirror status [--full|--raw]
|
||||
bun scripts/cli.ts agentrun v01 git-mirror sync [--dry-run|--confirm] [--wait]
|
||||
bun scripts/cli.ts agentrun v01 git-mirror flush [--dry-run|--confirm] [--wait]
|
||||
bun scripts/cli.ts agentrun git-mirror status [--full|--raw]
|
||||
bun scripts/cli.ts agentrun git-mirror sync [--dry-run|--confirm] [--wait]
|
||||
bun scripts/cli.ts agentrun git-mirror flush [--dry-run|--confirm] [--wait]
|
||||
```
|
||||
|
||||
- `status`: 返回 `localV01`/`githubV01`/`localGitops`/`githubGitops`/`pendingFlush`/`githubInSync`
|
||||
|
||||
@@ -1,13 +1,13 @@
|
||||
---
|
||||
name: unidesk-code-queue
|
||||
description: UniDesk AgentRun-backed Code Queue CLI — legacy `codex` 子命令只保留历史只读/残留停止/prompt-lint;新任务提交、Aipod/Artificer 派单、steer、resume、queue mutation、session trace/output/read/cancel 和 HWLAB Code Agent/CaseRun follow-up 必须使用 `agentrun v01 queue|sessions|aipod-specs`。用户提到 codex、Code Queue、submit、steer、resume、tasks、unread、code-queue、aipod、Artificer、HWLAB Code Agent 时使用。
|
||||
description: UniDesk AgentRun-backed Code Queue CLI — Skill(cli-spec)。legacy `codex` 子命令只保留历史只读/残留停止/prompt-lint;新任务提交、Aipod/Artificer 派单、steer、resume、queue mutation、session trace/output/read/cancel、run/command/runner 状态 drill-down 和 HWLAB Code Agent/CaseRun follow-up 必须使用 `agentrun queue|runs|commands|runner|sessions|aipod-specs`。用户提到 codex、Code Queue、submit、steer、resume、tasks、unread、code-queue、aipod、Artificer、HWLAB Code Agent 时使用。
|
||||
---
|
||||
|
||||
# UniDesk Code Queue / AgentRun CLI
|
||||
|
||||
旧 Code Queue 已冻结新任务和写入口。`bun scripts/cli.ts codex ...` 现在只作为历史归档、只读排障、残留任务停止和 prompt-lint 入口;新的指挥官派单、Aipod/Artificer 执行、trace/output、read/cancel、steer/reuse 必须走 AgentRun Queue/Sessions/AipodSpec。
|
||||
旧 Code Queue 已冻结新任务和写入口。`bun scripts/cli.ts codex ...` 现在只作为历史归档、只读排障、残留任务停止和 prompt-lint 入口;新的指挥官派单、Aipod/Artificer 执行、trace/output、read/cancel、steer/reuse 必须走 AgentRun Queue/Runs/Commands/Runner/Sessions/AipodSpec,并按 cli-spec 渐进披露。
|
||||
|
||||
**固定入口前缀**: `cd /root/unidesk && bun scripts/cli.ts codex ...`
|
||||
**固定入口前缀**: `cd /root/unidesk && bun scripts/cli.ts agentrun ...`
|
||||
|
||||
---
|
||||
|
||||
@@ -15,15 +15,27 @@ description: UniDesk AgentRun-backed Code Queue CLI — legacy `codex` 子命令
|
||||
|
||||
```bash
|
||||
# 查看 AgentRun 指挥官队列
|
||||
bun scripts/cli.ts agentrun v01 queue commander --reader-id <id>
|
||||
bun scripts/cli.ts agentrun queue commander --reader-id <id>
|
||||
bun scripts/cli.ts agentrun queue commander --reader-id <id> --full
|
||||
|
||||
# 按已有 CLI 组合查看一个 Aipod/Queue run 生命周期;不要新增 queue lifecycle 命令
|
||||
bun scripts/cli.ts agentrun queue show <taskId>
|
||||
bun scripts/cli.ts agentrun queue show <taskId> --full
|
||||
bun scripts/cli.ts agentrun runs show <runId>
|
||||
bun scripts/cli.ts agentrun runs result <runId> --command-id <commandId>
|
||||
bun scripts/cli.ts agentrun runs events <runId> --after-seq <lastSeq> --limit 100 --tail-summary
|
||||
bun scripts/cli.ts agentrun commands show <commandId> --run-id <runId>
|
||||
bun scripts/cli.ts agentrun commands result <commandId> --run-id <runId>
|
||||
bun scripts/cli.ts agentrun runner jobs --run-id <runId> --command-id <commandId>
|
||||
bun scripts/cli.ts agentrun runner job-status <runnerJobId> --run-id <runId>
|
||||
|
||||
# 查看 / 渲染 AipodSpec(Artificer 是默认分布式开发 agent)
|
||||
bun scripts/cli.ts agentrun v01 aipod-specs list
|
||||
bun scripts/cli.ts agentrun v01 aipod-specs show Artificer
|
||||
bun scripts/cli.ts agentrun v01 aipod-specs render Artificer --prompt-stdin
|
||||
bun scripts/cli.ts agentrun aipod-specs list
|
||||
bun scripts/cli.ts agentrun aipod-specs show Artificer
|
||||
bun scripts/cli.ts agentrun aipod-specs render Artificer --prompt-stdin
|
||||
|
||||
# 提交 AgentRun Queue payload
|
||||
bun scripts/cli.ts agentrun v01 queue submit --json-stdin <<'JSON'
|
||||
bun scripts/cli.ts agentrun queue submit --json-stdin <<'JSON'
|
||||
{
|
||||
"tenantId": "unidesk",
|
||||
"projectId": "example",
|
||||
@@ -36,24 +48,37 @@ bun scripts/cli.ts agentrun v01 queue submit --json-stdin <<'JSON'
|
||||
JSON
|
||||
|
||||
# 用 AipodSpec 提交,优先用于新任务和 Artificer
|
||||
bun scripts/cli.ts agentrun v01 queue submit --aipod Artificer \
|
||||
bun scripts/cli.ts agentrun queue submit --aipod Artificer \
|
||||
--prompt-stdin --idempotency-key <key>
|
||||
|
||||
# 查看/控制 AgentRun session
|
||||
bun scripts/cli.ts agentrun v01 sessions trace <sessionId>
|
||||
bun scripts/cli.ts agentrun v01 sessions output <sessionId>
|
||||
bun scripts/cli.ts agentrun v01 sessions read <sessionId>
|
||||
bun scripts/cli.ts agentrun v01 sessions turn <sessionId> --aipod Artificer --prompt-stdin
|
||||
bun scripts/cli.ts agentrun v01 sessions steer <sessionId> --prompt-stdin
|
||||
bun scripts/cli.ts agentrun v01 sessions cancel <sessionId>
|
||||
bun scripts/cli.ts agentrun sessions trace <sessionId>
|
||||
bun scripts/cli.ts agentrun sessions output <sessionId>
|
||||
bun scripts/cli.ts agentrun sessions read <sessionId>
|
||||
bun scripts/cli.ts agentrun sessions turn <sessionId> --aipod Artificer --prompt-stdin
|
||||
bun scripts/cli.ts agentrun sessions steer <sessionId> --prompt-stdin
|
||||
bun scripts/cli.ts agentrun sessions cancel <sessionId>
|
||||
```
|
||||
|
||||
日常一次性 JSON、prompt 和 runner JSON 输入优先使用 quoted heredoc/stdin:`--json-stdin`、`--prompt-stdin`、`--runner-json-stdin` 或 `--*-file -`。UniDesk bridge 会把 stdin 直通 G14 `/root/agentrun-v01` 官方 `./scripts/agentrun --manager-url auto` CLI,不先落 dump 文件;`--json-file`、`--prompt-file` 和 `--runner-json-file` 只用于已审阅且可复用的受控文件。它不是旧 Code Queue adapter,不双写,也不迁移旧历史。
|
||||
|
||||
`AipodSpec` 是 AgentRun v0.1 的声明式 agent 装配:模型 profile、gitbundle、skills/tools、SecretRef 和 tool credential 都从 YAML 规格渲染。`Artificer` 默认用于 UniDesk 分布式开发任务,使用 `sub2api` provider、`gpt-5.5`、`reasoningEffort=xhigh`,并通过 SecretRef 注入 GitHub PR token、GitHub SSH 和 UniDesk SSH 透传能力。更新规格时使用 `agentrun v01 aipod-specs apply --yaml-stdin --dry-run` 先看计划,确认后再去掉 `--dry-run`;不得把 API key、SSH key 或 token 写入 prompt、payload、YAML 或 issue。
|
||||
`AipodSpec` 是 AgentRun v0.1 的声明式 agent 装配:模型 profile、gitbundle、skills/tools、SecretRef 和 tool credential 都从 YAML 规格渲染。`Artificer` 默认用于 UniDesk 分布式开发任务,使用 `sub2api` provider、`gpt-5.5`、`reasoningEffort=xhigh`,并通过 SecretRef 注入 GitHub PR token、GitHub SSH 和 UniDesk SSH 透传能力。更新规格时使用 `agentrun aipod-specs apply --yaml-stdin --dry-run` 先看计划,确认后再去掉 `--dry-run`;不得把 API key、SSH key 或 token 写入 prompt、payload、YAML 或 issue。
|
||||
|
||||
AgentRun Queue payload 需要 runner 内使用 UniDesk SSH 透传时,只通过 `executionPolicy.secretScope.toolCredentials[].tool=unidesk-ssh` 请求 `agentrun-v01-tool-unidesk-ssh/UNIDESK_SSH_CLIENT_TOKEN` SecretRef;不要把 token 写入 prompt、payload 或 `transientEnv`。非敏感 endpoint 使用 `UNIDESK_MAIN_SERVER_IP`、`UNIDESK_MAIN_SERVER_HOST` 或 `UNIDESK_FRONTEND_URL`,可由 runner-job `transientEnv` 显式提供;G14 `agentrun-v01` manager 也会在缺省时按受控默认值自动补齐,并在 trace 中只显示 env name/count/hash 与 `valuesPrinted=false`。
|
||||
|
||||
## Queue 渐进披露
|
||||
|
||||
AgentRun queue 生命周期不是一个单独的 `queue lifecycle` 命令,而是一组现有 CLI 的渐进披露组合:
|
||||
|
||||
1. 默认总览用 `queue commander --reader-id <id>`,只看 active/unread/terminal 摘要和少量任务行。
|
||||
2. 单任务用 `queue show <taskId>`,读取 `latestAttempt.runId`、`commandId`、`runnerJobId`、`sessionId/sessionPath`、Aipod metadata 和 `pollCommands`。
|
||||
3. Run 级状态用 `runs show <runId>` 和 `runs result <runId> --command-id <commandId>`,判断 claimed、lease、stale、terminalClassification、failureKind、provider interruption、timeoutBudget 和 recoveryActions。
|
||||
4. Command 级状态用 `commands show <commandId> --run-id <runId>` 和 `commands result <commandId> --run-id <runId>`,确认 command state、ack、terminal status 和结果摘要。
|
||||
5. Runner job 只读状态用 `runner jobs --run-id <runId> --command-id <commandId>` 和 `runner job-status <runnerJobId> --run-id <runId>`,确认 env image reuse、jobName、namespace、phase、exitCode、retention 和 `valuesPrinted=false`。不要为了这些字段手动调用 `trans G14:k3s kubectl ...`。
|
||||
6. Session trace/output 只在 `queue show` 或 result 里有实际 `sessionId` 时使用 `sessions trace|output|read|steer|cancel`;`sessionRef=null` 时不要猜 session 命令。
|
||||
|
||||
默认视图必须低噪声,`--full` 展开结构化详情,`--raw` 才保留原始响应;命令返回里的 drill-down 应优先是 `bun scripts/cli.ts agentrun ...`,不得把人工 k8s 查询作为日常下一步。
|
||||
|
||||
## HWLAB Code Agent 入口整合
|
||||
|
||||
HWLAB Code Agent / CaseRun follow-up 的日常派单也归入 AgentRun Queue/Sessions:新任务用 `queue submit --aipod Artificer` 或包含 HWLAB gitbundle 的 `queue submit --json-stdin`;运行中纠偏用 `sessions steer` 或 `sessions turn --aipod Artificer`。需要验证 HWLAB Web/Cloud API 原入口时,仍按 `$hwlab-code-agent` 使用 G14 `/root/hwlab-v02` 的 `hwlab-cli client agent ...` 拉取同一 trace/result/inspect;不要回到旧 `codex submit/resume/steer`。
|
||||
@@ -86,7 +111,7 @@ bun scripts/cli.ts codex move <taskId> --queue <queueId>
|
||||
bun scripts/cli.ts codex tasks --view commander [--limit N]
|
||||
```
|
||||
|
||||
返回旧 Code Queue 历史/残留任务的有界 action map:active runners 计数、少量 active item、queued/retry_wait 计数、terminal-unread 总数、关键风险计数、分类计数和 drill-down 命令。新任务队列状态用 `agentrun v01 queue commander`。
|
||||
返回旧 Code Queue 历史/残留任务的有界 action map:active runners 计数、少量 active item、queued/retry_wait 计数、terminal-unread 总数、关键风险计数、分类计数和 drill-down 命令。新任务队列状态用 `agentrun queue commander`。
|
||||
|
||||
### Supervisor(分区视图)
|
||||
|
||||
@@ -164,7 +189,7 @@ bun scripts/cli.ts codex interrupt <taskId>
|
||||
bun scripts/cli.ts codex cancel <taskId>
|
||||
```
|
||||
|
||||
仅用于停止旧 Code Queue 残留任务;新 AgentRun session 使用 `bun scripts/cli.ts agentrun v01 sessions cancel <sessionId>`。
|
||||
仅用于停止旧 Code Queue 残留任务;新 AgentRun session 使用 `bun scripts/cli.ts agentrun sessions cancel <sessionId>`。
|
||||
|
||||
---
|
||||
|
||||
|
||||
@@ -231,7 +231,7 @@ UniDesk 是一个以主 server 为统一入口的分布式工作平台;本文
|
||||
- `bun scripts/cli.ts gh preflight|auth status|issue ...|pr list|files|diff --stat|read|view|preflight|closeout|create|edit|update|comment|merge` / `bun scripts/code-queue-pr-preflight-example.ts`:通过 REST 执行安全 GitHub issue 读写、分页 issue list、inactive issue stale-close、脱敏 auth/status 诊断、heredoc/stdin Markdown 写入、当日滚动简报时间线 ClaudeQQ 通知、escape 扫描、只读 cleanup-plan 和 #20 board-audit、PR changed-file/stat summary、PR 创建/评论 dry-run、REST-only 低噪声 PR title/body 编辑、PR 收口元数据观察(含 merged/closed 区分与 merge commit)、低噪声 PR 收口 preflight、guarded PR merge 与 runner PR preflight;`gh issue/pr read|view` 支持 `owner/repo#number` shorthand,`--raw|--full` 是显式完整披露别名,`gh pr diff` 仅支持 `--stat` 紧凑 JSON,`gh pr merge` 会先执行 closeout 预检并拒绝非 open、draft、冲突、非 CLEAN、失败或 pending checks 的 PR,规则见 `docs/reference/cli.md` 和 `docs/reference/code-queue-supervision.md`。
|
||||
- `bun scripts/cli.ts commander contract|plan --dry-run|smoke --dry-run|approval request --dry-run|prompt-lint --kind gpt55-pr`:查看 host Codex 指挥官直管微服务 skeleton 的 source/contract、无 daemon smoke 验证计划、.state/commander/ 状态模型、trace summary 聚合、ClaudeQQ 高风险请示草案和 GPT-5.5 PR prompt 边界辅助 lint;当前只返回 dry-run 计划和 backend-core `microservice proxy claudeqq` 授权后候选命令,不接 live bridge、不接管人工指挥官,不发送消息,`prompt-lint` 不作为业务 PR 门禁也不改变 `codex submit` 默认行为,规则见 `docs/reference/host-codex-commander.md`。
|
||||
- `bun scripts/cli.ts hwlab g14 retirement status|plan|execute --confirm`:受控退役 legacy G14 DEV/PROD Argo Application 和 namespace,并写本地退役 marker 记录执行证据;base=`G14` monitor 按退役合同固定阻止重启,`bun scripts/cli.ts hwlab g14 monitor-prs --lane v02|v03` 是当前 runtime lane PR 自动 CI/CD 入口,规则见 `docs/reference/g14.md` 与 `docs/reference/cli.md`。
|
||||
- `bun scripts/cli.ts agentrun v01 control-plane status|trigger-current|refresh|cleanup-runs|cleanup-released-pvs [--dry-run|--confirm]`:通过 G14 route 只读观察、手动触发、刷新 Argo 或清理 AgentRun `v0.1` completed CI workspace retention,规则见 `docs/reference/agentrun.md`、`docs/reference/gc.md` 与 `docs/reference/cli.md`。
|
||||
- `bun scripts/cli.ts agentrun control-plane status|trigger-current|refresh|cleanup-runs|cleanup-released-pvs [--dry-run|--confirm]`:通过 G14 route 只读观察、手动触发、刷新 Argo 或清理 AgentRun `v0.1` completed CI workspace retention,规则见 `docs/reference/agentrun.md`、`docs/reference/gc.md` 与 `docs/reference/cli.md`。
|
||||
- `bun scripts/cli.ts hwlab cd audit --env dev` / `status|preflight|apply --dry-run`:旧 D601 HWLAB DEV CD 指挥侧 wrapper,仅用于显式 legacy 诊断和迁移对照;当前 HWLAB runtime truth 已迁到 G14 runtime lane,规则见 `docs/reference/hwlab.md`。
|
||||
- `bun scripts/cli.ts ci install/status/run/publish-backend-core/publish-user-service/run-dev-e2e/logs`:在 D601 原生 k3s 上安装和运行 Tekton CI,支持每 commit 检查、Code Queue 只读性能门禁、`CI.json` catalog 驱动的 backend-core 与 user-service commit-pinned 镜像发布和手动触发的 `origin/master:deploy.json#environments.dev` 临时 namespace e2e;catalog/producer/consumer 分工见 `docs/reference/cicd-standardization.md`,`run-dev-e2e` 的 Git 控制 runner、短 launcher 和 no-CD 边界见 `docs/reference/dev-ci-runner.md`,Tekton 规则见 `docs/reference/ci.md`。
|
||||
- `bun scripts/cli.ts codex deploy <commitId>`:旧 Code Queue 兼容部署入口已禁用,原因是它会绕过受控部署边界直连 D601 部署 Code Queue;规则见 `docs/reference/codex-deploy.md`。
|
||||
|
||||
+10
-10
@@ -66,15 +66,15 @@ trans G14:k3s kubectl get pods -n agentrun-v01
|
||||
AgentRun `v0.1` 的 Tekton/Argo 控制面写操作必须通过 UniDesk 高层 CLI 执行:
|
||||
|
||||
```bash
|
||||
bun scripts/cli.ts agentrun v01 control-plane status
|
||||
bun scripts/cli.ts agentrun v01 control-plane trigger-current --dry-run
|
||||
bun scripts/cli.ts agentrun v01 control-plane trigger-current --confirm
|
||||
bun scripts/cli.ts agentrun v01 control-plane refresh --dry-run
|
||||
bun scripts/cli.ts agentrun v01 control-plane refresh --confirm
|
||||
bun scripts/cli.ts agentrun v01 control-plane cleanup-runs --min-age-minutes 30 --limit 200 --dry-run
|
||||
bun scripts/cli.ts agentrun v01 control-plane cleanup-runs --min-age-minutes 30 --limit 200 --confirm
|
||||
bun scripts/cli.ts agentrun v01 control-plane cleanup-released-pvs --limit 200 --dry-run
|
||||
bun scripts/cli.ts agentrun v01 control-plane cleanup-released-pvs --limit 200 --confirm
|
||||
bun scripts/cli.ts agentrun control-plane status
|
||||
bun scripts/cli.ts agentrun control-plane trigger-current --dry-run
|
||||
bun scripts/cli.ts agentrun control-plane trigger-current --confirm
|
||||
bun scripts/cli.ts agentrun control-plane refresh --dry-run
|
||||
bun scripts/cli.ts agentrun control-plane refresh --confirm
|
||||
bun scripts/cli.ts agentrun control-plane cleanup-runs --min-age-minutes 30 --limit 200 --dry-run
|
||||
bun scripts/cli.ts agentrun control-plane cleanup-runs --min-age-minutes 30 --limit 200 --confirm
|
||||
bun scripts/cli.ts agentrun control-plane cleanup-released-pvs --limit 200 --dry-run
|
||||
bun scripts/cli.ts agentrun control-plane cleanup-released-pvs --limit 200 --confirm
|
||||
```
|
||||
|
||||
`status` 只读观察 `G14:/root/agentrun-v01` 当前 commit、对应 PipelineRun、GitOps latest、Argo Application、`agentrun-v01` workload、manager source commit 和 git mirror 摘要,并报告 Argo revision 是否对齐 `v0.1-gitops` latest。默认输出是 compact commander 视图,只保留 `summary`、阶段耗时、对齐状态和 drill-down 命令;需要远端 stdout/stderr tail 时显式加 `--full`,需要原始 git mirror cache 输出时显式加 `--raw`。`status` 额外支持 `--pipeline-run <name>` 与 `--source-commit <sha>` 定点查询,返回 `target`、`targetValidation` 和 `next.*` drill-down,便于直接判断某次 run 是成功、历史成功、运行中、缺失还是 source mismatch。`status` 会向 stderr 输出 `agentrun.control-plane.status.progress` 阶段事件,覆盖 `source`、`runtime` 和 `git-mirror`,避免长时间聚合时无可见进展。`trigger-current` 会先把固定 source worktree 快进到 `origin/v0.1`,再以当前 commit 创建 commit-pinned PipelineRun;同名 PipelineRun 正在运行或已经成功时必须拒绝重复触发,只允许在失败态或不存在时创建。该命令只提交 CI/CD 工作,不等待完整 PipelineRun 或 rollout 完成,后续用 `status` 轮询。`refresh` 只对 `argocd/agentrun-g14-v01` 执行 hard refresh,用于 GitOps promotion 已完成但 Argo 仍停留旧 revision 时的受控同步入口;它不直接 patch runtime workload。
|
||||
@@ -111,7 +111,7 @@ UniDesk 不能作为以下内容的事实来源:
|
||||
|
||||
AgentRun `v0.1` 的指挥官任务面已经按 AgentRun issue #105 完成真实运行面验收,可作为新任务派发、Queue commander、trace/output、steer、turn/reuse、read 和 cancel 的 AgentRun 侧标准路径。长期使用时仍以 AgentRun 仓库自身 SPEC 为能力事实来源;UniDesk 只记录该路径已经通过 G14 `agentrun-v01` 运行面和 `hy` profile + `gpt-5.5` 验证。
|
||||
|
||||
UniDesk 指挥官新任务入口固定使用 `bun scripts/cli.ts agentrun v01 queue|sessions`。该入口是 G14 `/root/agentrun-v01` 中官方 `./scripts/agentrun --manager-url auto` CLI 的直接 bridge;日常派单、dispatch、turn 和 steer 优先用 `--json-stdin`、`--prompt-stdin`、`--runner-json-stdin` 或 `--*-file -` 的 quoted heredoc/stdin 形式,stdin 会通过管道直通官方 CLI,不先落 dump 文件。`--json-file`、`--prompt-file` 和 `--runner-json-file` 只用于已审阅且可复用的受控文件,bridge 会将其 materialize 到 G14 临时文件后传给官方 CLI。UniDesk 不实现 AgentRun queue 协议,也不把任务 double-write 回旧 Code Queue。
|
||||
UniDesk 指挥官新任务入口固定使用 `bun scripts/cli.ts agentrun queue|sessions`。该入口是 G14 `/root/agentrun-v01` 中官方 `./scripts/agentrun --manager-url auto` CLI 的直接 bridge;日常派单、dispatch、turn 和 steer 优先用 `--json-stdin`、`--prompt-stdin`、`--runner-json-stdin` 或 `--*-file -` 的 quoted heredoc/stdin 形式,stdin 会通过管道直通官方 CLI,不先落 dump 文件。`--json-file`、`--prompt-file` 和 `--runner-json-file` 只用于已审阅且可复用的受控文件,bridge 会将其 materialize 到 G14 临时文件后传给官方 CLI。UniDesk 不实现 AgentRun queue 协议,也不把任务 double-write 回旧 Code Queue。
|
||||
|
||||
AgentRun Queue 任务如果需要调用 UniDesk 维护桥,例如 `trans` / `unidesk-ssh`,长期契约以 AgentRun 仓库 `docs/reference/spec-v01-runtime-assembly.md` 和 `docs/reference/spec-v01-secret-distribution.md` 为准:调用方通过 `executionPolicy.secretScope.toolCredentials[].tool=unidesk-ssh` 请求 `UNIDESK_SSH_CLIENT_TOKEN` SecretRef;非敏感 endpoint 由 runner-job `transientEnv` 显式提供,或由 manager 受控默认值自动补齐。UniDesk bridge 提交 Queue payload 时不得在 prompt、payload 或 `transientEnv` 中携带 token,也不得使用 HWLAB runtime Web 入口冒充 UniDesk frontend。若 dispatcher 已正确请求 `unidesk-ssh` 但 trace 的 `runner-job-created.transientEnv.names` 没有 `UNIDESK_MAIN_SERVER_IP`、`UNIDESK_MAIN_SERVER_HOST` 或 `UNIDESK_FRONTEND_URL`,归为 AgentRun assembly 问题;若 endpoint env 已存在但 route denied/timeout,再按 UniDesk frontend/token scope 或 provider session 排查。
|
||||
|
||||
|
||||
@@ -10,7 +10,7 @@ CLI 可以从 `master` 快速演进,但必须兼容 `deploy.json` 固定的 CI
|
||||
|
||||
## CI/CD Control Boundary
|
||||
|
||||
CI/CD、GitOps、rollout、artifact 发布、PR 合并后的 runtime lane 滚动、PipelineRun 重跑/清理、Argo refresh、运行面 retention 和 legacy runtime 退役都必须由 UniDesk CLI 的高层子命令控制。稳定入口包括 `gh pr ...`、`hwlab g14 retirement ...`、`hwlab g14 monitor-prs --lane v02|v03`、`agentrun v01 control-plane ...`、`deploy check|plan|apply`、`ci install|status|run|publish-*|logs`、`artifact-registry ...`、`server rebuild ...`、`dev-env ...` 和后续为特定运行面补充的同级命令。原生 `kubectl`、`argo`、`tkn`、`gh`、`curl` 或临时 shell 可以作为实现细节存在于 CLI 内部,但不能作为人工或 runner 的正式控制面。
|
||||
CI/CD、GitOps、rollout、artifact 发布、PR 合并后的 runtime lane 滚动、PipelineRun 重跑/清理、Argo refresh、运行面 retention 和 legacy runtime 退役都必须由 UniDesk CLI 的高层子命令控制。稳定入口包括 `gh pr ...`、`hwlab g14 retirement ...`、`hwlab g14 monitor-prs --lane v02|v03`、`agentrun control-plane ...`、`deploy check|plan|apply`、`ci install|status|run|publish-*|logs`、`artifact-registry ...`、`server rebuild ...`、`dev-env ...` 和后续为特定运行面补充的同级命令。原生 `kubectl`、`argo`、`tkn`、`gh`、`curl` 或临时 shell 可以作为实现细节存在于 CLI 内部,但不能作为人工或 runner 的正式控制面。
|
||||
|
||||
`trans <route> kubectl|logs|get|describe` / `tran <route> ...` 仍是 CLI 介导的低层诊断底座,用于短查询、日志尾部、只读证据和一次性故障定位。它不应承载可重复的 CI/CD 写操作:创建/删除 PipelineRun、patch Pipeline/CronJob/RBAC、annotate Argo Application、触发/回滚 rollout、修改 retention 策略、确保 SecretRef 或清理运行面资源,都应该先落成 `bun scripts/cli.ts ...` 高层子命令,再由该子命令输出结构化 dry-run、执行摘要、保护对象、后续观察命令和失败分类。
|
||||
|
||||
@@ -54,8 +54,8 @@ CI/CD、GitOps、rollout、artifact 发布、PR 合并后的 runtime lane 滚动
|
||||
- `hwlab g14 retirement status|plan|execute --confirm [--wait]` 是 legacy G14 DEV/PROD 的受控退役入口。`status` 只读报告 `argocd/hwlab-g14-dev`、`argocd/hwlab-g14-prod`、`hwlab-dev`、`hwlab-prod`、bounded legacy resource preview、受保护的 `hwlab-g14-v02`/`hwlab-node-v03` 和 `hwlab-v02`/`hwlab-v03`,以及 `.state/hwlab-g14/legacy-g14-retirement.json` marker。`plan` 是 dry-run,只列出 destructive targets 和 protected targets。`execute --confirm` 删除 legacy Argo Applications 与 legacy namespaces,取消本地 active `hwlab_g14_pr_monitor` job,并写 retirement marker 记录执行证据;`hwlab g14 monitor-prs --lane g14` 按退役合同固定结构化失败并指向 `retirement status` 和 runtime lane monitor `--lane v02|v03`。该入口禁止触碰 v0.2/v0.3 Application、namespace、PipelineRun、Secret、Git mirror 或 FRP desired state。
|
||||
- `hwlab g14 monitor-prs --lane v02` 是 HWLAB `v0.2` 的 PR -> CI -> CD 自动化入口。它只监控 base=`v0.2` 的 open PR:每轮先用 UniDesk `gh pr preflight` 读取 GitHub CI/checks、mergeability 和冲突状态;pending 时在 PR 下写等待评论,blocked/conflict 时写阻塞评论;ready 时直接用 UniDesk `gh pr merge` 合并,不因为其他 commit 的运行中 PipelineRun 阻塞 merge 或 CI 启动。合并后执行受控 `control-plane trigger-current --lane v02 --confirm --wait`、轮询定点 `control-plane status --lane v02 --source-commit <merge-sha>`,必要时执行 `git-mirror flush --confirm --wait`。v0.2 CD 采用 latest-only:旧 PipelineRun 不取消、不等待,但 promotion 写 `v0.2-gitops` 前必须重新确认 source head,stale commit 只能以 superseded/no-op 收口,不能回滚 runtime。不管 CD 成功、superseded、失败或超时,都在原 PR 下用 `gh pr comment create --body-stdin <<'EOF'` 追加语义化状态,正文固定包含起止时间、总耗时、冲突状态、CI/preflight conclusion、source commit、PipelineRun、targetValidation、Argo/webAssets 和 git mirror pendingFlush/githubInSync。评论去重状态写入 `.state/hwlab-g14/v02-pr-comment-signatures.json`,同一状态签名不会重复刷评论;v0.2 monitor 指针使用 `.state/hwlab-g14/latest-v02-monitor-job.json`、`latest-v02-once-job.json`、`latest-v02-dry-run-job.json` 和 `latest-v02-once-dry-run-job.json`,不会覆盖默认 G14 monitor 指针。`--lane v02 --once --dry-run` 只做单轮 preflight/merge/CD/comment plan,不写 GitHub、不触发 CD。
|
||||
- `hwlab g14 monitor-prs --lane v03` 是 HWLAB `v0.3` 的 PR -> CI -> 自动合并 -> CD 入口。它只监控 base=`v0.3` 的 open PR:每轮先通过 UniDesk `gh pr preflight` 读取 GitHub checks、mergeability 和冲突状态;pending 时只在 PR 下写等待评论;失败 check、preflight blocker 或 conflict 时在 PR 下写阻塞评论,并按标题去重创建或更新 HWLAB failure issue。ready 时通过 UniDesk `gh pr merge` 合并,随后执行 runtime lane `control-plane trigger-current --lane v03 --confirm --wait`,轮询 `control-plane status --lane v03 --source-commit <merge-sha>`,判定 PipelineRun `True`、Argo `Synced/Healthy`、`hwlab-v03` runtime workload 可见、20666/20667 public probes 通过,并在必要时执行 `git-mirror flush --lane v03 --confirm --wait`。CD 成功、失败或超时都会在原 PR 下写语义化状态评论;失败和超时同时创建或更新 failure issue,正文必须包含 PR、base/head、commit、PipelineRun、失败阶段、preflight/CD 摘要和下一步 CLI。评论去重状态写入 `.state/hwlab-g14/v03-pr-comment-signatures.json`,monitor 指针使用 `.state/hwlab-g14/latest-v03-monitor-job.json`、`latest-v03-once-job.json`、`latest-v03-dry-run-job.json` 和 `latest-v03-once-dry-run-job.json`。`--lane v03 --once --dry-run` 只做单轮 preflight/merge/CD/comment/issue plan,不写 GitHub、不触发 CD。
|
||||
- `agentrun v01 control-plane status|trigger-current|refresh|cleanup-runs|cleanup-released-pvs [--dry-run|--confirm]` 是 AgentRun `v0.1` 在 G14 k3s 的受控 Tekton/Argo 入口。`status` 只读汇总固定 source worktree commit、对应 commit-pinned PipelineRun、GitOps latest、Argo Application、`agentrun-v01` manager source commit、`planArtifacts.summary`、env image result 和 git mirror 摘要,并报告 manager/Argo/GitOps 是否对齐当前 source commit。默认输出是 compact commander 视图:`summary` 给出 source、PipelineRun、Argo、manager image、git mirror 和 `aligned` 结论;`timings` 给出 `sourceMs`、`runtimeMs`、`gitMirrorMs` 和 `totalMs`;远端 stdout/stderr tail 默认省略,失败时仍展开必要 tail,完整 tail 用 `--full`,原始 git mirror cache 用 `--raw`。`status` 聚合 source 后会并行读取 runtime 和 git mirror,并向 stderr 输出 `agentrun.control-plane.status.progress` JSON 事件,覆盖 `source`、`runtime`、`git-mirror` 的 started/succeeded/failed 和 elapsedMs,避免 10s 以上状态聚合期间无可见进展;`trigger-current` 先快进 `G14:/root/agentrun-v01` 到 `origin/v0.1`,检查 `devops-infra` mirror 的 `localV01` 是否等于目标 source commit,必要时先执行受控 mirror sync,再创建 `agentrun-v01-ci-<short12>` PipelineRun。confirmed trigger 只提交 CI/CD 工作并返回后续 `status` 命令,不等待完整 PipelineRun;同名 PipelineRun 运行中或已成功时拒绝重复触发,只允许失败态重建或首次创建。`refresh` 只对 `argocd/agentrun-g14-v01` 执行 hard refresh,用于 GitOps promotion 已完成但 Argo 仍停留旧 revision 时的受控同步入口;它不直接 patch runtime workload。`cleanup-runs` 只清理 `agentrun-ci` 中已完成且超过 `--min-age-minutes` 的 `agentrun-v01-ci-*` PipelineRun,通过 Tekton ownerRef 回收临时 workspace PVC;dry-run 必须输出候选 PipelineRun、owned PVC、active mount 保护、local-path 实际估算 bytes 和 confirm 命令。`cleanup-released-pvs` 只处理 `agentrun-ci`、`local-path`、`Delete` reclaim policy 的 `Released` PV,用于 PipelineRun 删除后残留 PV 的二次回收;它不触碰 runtime namespace、业务 PVC、Secret、registry storage 或 GitOps desired state。AgentRun 运行时和 SPEC 事实来源仍在 AgentRun 仓库,UniDesk 只维护受控运维入口。
|
||||
- `agentrun v01 git-mirror status|sync|flush [--dry-run|--confirm]` 是 AgentRun `v0.1` 使用 `devops-infra` git mirror/relay 的受控维护入口。`status` 默认返回 read/write URL、`localV01`、`githubV01`、`localGitops`、`githubGitops`、`pendingFlush`、`githubInSync` 和 exact full-SHA shallow fetch 摘要,不默认展开完整 cache stdout;需要探测 tail 时用 `--full`,需要原始 cache 输出时用 `--raw`。`sync` 创建 manual Job,把 GitHub `v0.1` 和 `v0.1-gitops` refs 拉入 `/cache/pikasTech/agentrun.git`;`flush` 把本地 `v0.1-gitops` 快进推回 GitHub。confirmed `sync`/`flush` 默认创建 `.state/jobs/` 异步 job 并立刻返回 `job.id`、`statusCommand` 和日志路径;只有现场同步调试才显式加 `--wait`。该入口与 HWLAB v0.2 mirror 共用 `devops-infra` 服务和 cache PVC,但 repo path、refs、status 文件和 CLI 命令彼此独立。
|
||||
- `agentrun control-plane status|trigger-current|refresh|cleanup-runs|cleanup-released-pvs [--dry-run|--confirm]` 是 AgentRun `v0.1` 在 G14 k3s 的受控 Tekton/Argo 入口。`status` 只读汇总固定 source worktree commit、对应 commit-pinned PipelineRun、GitOps latest、Argo Application、`agentrun-v01` manager source commit、`planArtifacts.summary`、env image result 和 git mirror 摘要,并报告 manager/Argo/GitOps 是否对齐当前 source commit。默认输出是 compact commander 视图:`summary` 给出 source、PipelineRun、Argo、manager image、git mirror 和 `aligned` 结论;`timings` 给出 `sourceMs`、`runtimeMs`、`gitMirrorMs` 和 `totalMs`;远端 stdout/stderr tail 默认省略,失败时仍展开必要 tail,完整 tail 用 `--full`,原始 git mirror cache 用 `--raw`。`status` 聚合 source 后会并行读取 runtime 和 git mirror,并向 stderr 输出 `agentrun.control-plane.status.progress` JSON 事件,覆盖 `source`、`runtime`、`git-mirror` 的 started/succeeded/failed 和 elapsedMs,避免 10s 以上状态聚合期间无可见进展;`trigger-current` 先快进 `G14:/root/agentrun-v01` 到 `origin/v0.1`,检查 `devops-infra` mirror 的 `localV01` 是否等于目标 source commit,必要时先执行受控 mirror sync,再创建 `agentrun-v01-ci-<short12>` PipelineRun。confirmed trigger 只提交 CI/CD 工作并返回后续 `status` 命令,不等待完整 PipelineRun;同名 PipelineRun 运行中或已成功时拒绝重复触发,只允许失败态重建或首次创建。`refresh` 只对 `argocd/agentrun-g14-v01` 执行 hard refresh,用于 GitOps promotion 已完成但 Argo 仍停留旧 revision 时的受控同步入口;它不直接 patch runtime workload。`cleanup-runs` 只清理 `agentrun-ci` 中已完成且超过 `--min-age-minutes` 的 `agentrun-v01-ci-*` PipelineRun,通过 Tekton ownerRef 回收临时 workspace PVC;dry-run 必须输出候选 PipelineRun、owned PVC、active mount 保护、local-path 实际估算 bytes 和 confirm 命令。`cleanup-released-pvs` 只处理 `agentrun-ci`、`local-path`、`Delete` reclaim policy 的 `Released` PV,用于 PipelineRun 删除后残留 PV 的二次回收;它不触碰 runtime namespace、业务 PVC、Secret、registry storage 或 GitOps desired state。AgentRun 运行时和 SPEC 事实来源仍在 AgentRun 仓库,UniDesk 只维护受控运维入口。
|
||||
- `agentrun git-mirror status|sync|flush [--dry-run|--confirm]` 是 AgentRun `v0.1` 使用 `devops-infra` git mirror/relay 的受控维护入口。`status` 默认返回 read/write URL、`localV01`、`githubV01`、`localGitops`、`githubGitops`、`pendingFlush`、`githubInSync` 和 exact full-SHA shallow fetch 摘要,不默认展开完整 cache stdout;需要探测 tail 时用 `--full`,需要原始 cache 输出时用 `--raw`。`sync` 创建 manual Job,把 GitHub `v0.1` 和 `v0.1-gitops` refs 拉入 `/cache/pikasTech/agentrun.git`;`flush` 把本地 `v0.1-gitops` 快进推回 GitHub。confirmed `sync`/`flush` 默认创建 `.state/jobs/` 异步 job 并立刻返回 `job.id`、`statusCommand` 和日志路径;只有现场同步调试才显式加 `--wait`。该入口与 HWLAB v0.2 mirror 共用 `devops-infra` 服务和 cache PVC,但 repo path、refs、status 文件和 CLI 命令彼此独立。
|
||||
- `hwlab g14 control-plane status|apply --lane v02 [--dry-run|--confirm]` 是 HWLAB `v0.2` 加法 lane 的受控 Tekton/Argo 控制面维护入口,source commit 只来自 G14 专用 bare repo `/root/hwlab-v02-cicd.git` 的 `refs/remotes/origin/v0.2`;`/root/hwlab-v02` 只作为人工开发和短连接源码工具 workspace 被观测,dirty/stale 状态必须输出为 isolated warning 而不能阻塞 CI/CD。该入口面向 branch `v0.2`、namespace `hwlab-ci` 和 Argo application `hwlab-g14-v02`;默认 `status` 只读汇总最新 source head 的 pipeline、RBAC/ServiceAccount、Argo、当前 commit PipelineRun、当前 PipelineRun 的 TaskRun 条件摘要、最近 PipelineRun 摘要、活跃 PipelineRun、遗留 v02 CronJob 清理状态、commit alignment,以及 19666/19667 的 Cloud Web 静态资源和 API live 探针。分支被后续提交推进后,要复查已完成 run 时使用 `status --lane v02 --pipeline-run hwlab-v02-ci-poll-<short-sha>`;已知完整 source SHA 但不想依赖最新 head 时使用 `status --lane v02 --source-commit <full-sha>`。定点 `status` 输出 `statusTarget.mode` 和 `targetValidation`,只检查指定 PipelineRun/source commit 的证据;`targetValidation.state=passed` 表示该目标已满足 PipelineRun succeeded、Argo `Synced/Healthy`、19666/19667 探针、Git mirror flushed,并且该 run 的 `planArtifacts.rolloutServices` 运行时 source commit 对齐;`planArtifacts.reusedServices` 作为 runtime/provenance 证据呈现,但不能被强制要求等于目标 source commit。`targetValidation.state=superseded` 表示该目标已成功且 runtime 已被同一分支后续成功 PipelineRun 取代,`falseGreenGuard` 在该状态下应标为 superseded/not-applicable。两种状态都不得因为 `origin/v0.2` 后续推进而把历史 run 判为失败;默认不带定点参数时仍严格判定最新 source head alignment。TaskRun 摘要的 `performance` 字段会把超过 120s 的 build TaskRun 标为慢任务、超过 180s 标为 critical warning,用于暴露 env reuse/git mirror 命中率回归,但不作为阻断门禁;CI/CD 性能验收应同时看 `planArtifacts.summary`、`taskRuns.performance.warningCount` 和 PipelineRun duration,纯 CLI/文档或无 runtime 重建需求的后续提交应稳定表现为 `build=0 reuse=<service-count>` 且无 build TaskRun warning,首次引入或切换 env image 时允许只构建必要 env image 一次。`webAssets` 必须直接给出 `readonly-rpc` 删除、sidebar/workspace/event panel 关键 CSS、`/app.js` 是否可读取和字节数、`/health/live` 与 API revision;`apiRevision` 是 cloud-api 服务自身 revision,Cloud Web 静态资源变更时允许它与 source commit 不同,不能把这种差异误判成 Cloud Web 未发布。默认只读取必要字段,禁止把完整 PipelineRun spec、Tekton 内联脚本、历史大对象或整份 CSS/HTML/JS 展开到默认输出;`apply` 先自动 fetch `/root/hwlab-v02-cicd.git` 并从 commit-pinned detached worktree 执行 render check,再经 `G14:k3s` server-side apply `tekton-v02/rbac.yaml`、`pipeline.yaml`、`argocd/project.yaml` 和 `argocd/application-v02.yaml`,confirmed apply 会删除遗留 v02 CronJob,但不会应用 runtime-v02 workload、Secret 或数据迁移。
|
||||
- `hwlab nodes control-plane status|apply|refresh|trigger-current --node G14 --lane v03` 使用 `/root/unidesk/config/hwlab-node-lanes.yaml` 生成 runtime lane spec。该 YAML 同时声明 `nodes.G14`、`lanes.v02/v03`、`networkProfiles` 和 `downloadProfiles`;status 默认输出 `expected.configPath`、node、network/download profile、有效 `NO_PROXY`、Docker build proxy、Argo Application 和 runtime workload 摘要,confirmed trigger 创建的 PipelineRun annotation 记录 node/profile id。`apply` 和 `trigger-current` 的控制面 apply 只安装标准 node-scoped Argo Application,并通过同一受控入口清理旧式 `hwlab-g14-vNN` runtime lane Application,避免两个 Argo Application 同时管理同一 runtime namespace;该清理不删除 runtime workload、Secret 或 GitOps desired state。`refresh` 是受控 Argo 恢复入口,只终止 stale Application operation 并执行 hard refresh,不直接 patch runtime workload;用于 GitOps revision 已更新但 Argo 仍卡在旧 hook/operation 时让 Argo 重新从当前 desired state 自愈。新增 `v0.4+` lane 时应先加 YAML,再让 GitOps render、CI prepare-source/catalog fetch、runtime env 注入和 Secret/DB/bootstrap helper 消费同一 spec;不要在脚本、CI manifest 或 helper 默认值里新增散落的 G14 代理、下载源或端口硬编码。`hyueapi.com` / `.hyueapi.com` 是强制保留的 `NO_PROXY` 条目,lane 覆盖不得移除。
|
||||
- `hwlab g14 control-plane trigger-current --lane v02 [--dry-run|--confirm]` 是 v02 标准手动触发入口:先自动 fetch `/root/hwlab-v02-cicd.git`,解析当前 `origin/v0.2` full SHA,创建 commit-pinned `hwlab-v02-ci-poll-<short12>` PipelineRun;读 Git 走 `git-mirror-http.devops-infra.svc.cluster.local`,GitOps promotion 写 `git-mirror-write.devops-infra.svc.cluster.local`;confirmed trigger 在创建 PipelineRun 前会先按当前 source commit 在 G14 临时 detached worktree 中 render,再 server-side apply v02 Tekton RBAC、Pipeline 与 Argo Application,避免 CI/CD 脚本或 runtime-ready 逻辑已合并但集群仍执行旧 Pipeline 定义;该 render 不要求固定 `/root/hwlab-v02` 工作树 clean,也不得因 `.worktree/` 或其他并行未提交修改阻塞;同名 PipelineRun 存在时默认复用现有状态,不删除重建,失败 run 的重试策略必须显式设计,不能恢复默认 delete/create。
|
||||
@@ -74,7 +74,7 @@ CI/CD、GitOps、rollout、artifact 发布、PR 合并后的 runtime lane 滚动
|
||||
- `trans gh:/owner/repo ...` 把 GitHub issue/PR 映射成只读/受控写入的虚拟文本目录,适合日报、PR 正文和 issue 正文的小补丁维护:`trans gh:/pikasTech/HWLAB ls` 展示 `pr/` 与 `issue/`,`trans gh:/pikasTech/HWLAB/pr ls [--limit N] [--full]` 和 `trans gh:/pikasTech/HWLAB/issue ls [--limit N] [--full]` 展示条目状态、楼层数、正文长度和标题,`trans gh:/pikasTech/HWLAB/pr/507 ls` 展示单个 PR 的一楼正文文件,`trans gh:/pikasTech/HWLAB/505/1 cat|rg|patch-apply` 兼容旧式 issue/PR number route。`patch-apply` 使用 UniDesk 默认 apply-patch v2 的虚拟文件 executor,把正文一楼映射为 `body.md`,写回仍走 `bun scripts/cli.ts gh issue/pr update` 的 guard/concurrency 规则;`rm` 对正文一楼结构化拒绝,避免误删 issue/PR 正文。大正文读取必须展开 UniDesk gh dump 文件,否则 `cat/rg/patch-apply` 会误读为空,这是 `gh:` 虚拟文件接口的 P0 可见性契约。
|
||||
- `hwlab cd status|audit|preflight|apply --env dev [--dry-run]` 是旧 D601 HWLAB DEV CD 指挥侧 wrapper,仅用于显式 legacy 诊断和迁移对照。默认通过 UniDesk provider `host.ssh` 进入 D601,再调用 HWLAB repo-owned `scripts/dev-cd-apply.mjs`,不内嵌发布 kubectl 逻辑:`status` 汇总固定 CD mirror、Git clean/main/origin-main、`deploy/deploy.json`/artifact catalog/report、D601 native k3s guard 和 CD Lease lock,并用 `scripts/dev-cd-apply.mjs --status --skip-live-verify` 取得 target/promotion 摘要;`audit` 在 k3s/CD 恢复后做只读健康审计,返回有界 JSON 的 blocker 分类、D601 guard/node、SecretRef 存在性、registry 可达性、Lease phase/holder/staleness、deploy.json 与 artifact/workload image 收敛、current Deployment image/revision/rollout、16666/16667 public health commit/readiness 和 DB/runtime durability 摘要;`preflight` 进一步检查必需 SecretRef 对象/键存在性并运行 HWLAB `scripts/dev-cd-apply.mjs --dry-run --skip-live-verify` 受控事务摘要。完整远端 stdout/stderr 写入 D601 `~/.state/unidesk-hwlab-cd/<run-id>/` 和本地 `.state/hwlab-cd/<run-id>/` task dump,stdout 只返回有界摘要。默认 HWLAB CD repo 是 `/home/ubuntu/hwlab_cd`,`/home/ubuntu/hwlab` runner 历史目录不得作为发布真相。wrapper 强制 `KUBECONFIG=/etc/rancher/k3s/k3s.yaml` 并只以这个显式目标作为 gate;显式目标出现 `docker-desktop`、`desktop-control-plane` 或 `127.0.0.1:11700` 信号会结构化拒绝,audit/preflight/apply --dry-run 都必须观察到 node `d601`。真实 apply 只暴露 `scripts/dev-cd-apply.mjs --apply --confirm-dev --confirmed-non-production --write-report` 命令形状并标注 host-commander-only,本 runner 不执行 live apply、rollout、Lease mutation 或 DEV deploy apply。长期规则见 `docs/reference/hwlab.md`。
|
||||
- `gh auth status [--repo owner/name]` 探测 GitHub 操作前置条件并输出脱敏 JSON:是否存在 `gh` binary、是否存在 `GH_TOKEN`/`GITHUB_TOKEN` 或可用 `gh auth token` fallback、REST API 是否可达、目标 repo 是否可见、issue 是否可读。degraded reason 必须归类为 `missing-binary`、`missing-token`、`auth-failed`、`github-transient`、`network-proxy-failed`、`permission-denied`、`repo-not-found`、`repo-forbidden`、`issue-not-found`、`pr-not-found`、`scope-insufficient`、`validation-failed`、`invalid-response` 或 `unsupported-command`,不得打印 token;失败对象必须包含 `runnerDisposition=infra-blocked|business-failed`,runner 应优先用该字段分流。`github-transient` 表示 GitHub DNS/API 连接在收到 HTTP 状态前失败,输出应带 `retryable=true` 或等价 commander action;这不是缺 token、认证失败、权限不足或 PR 语义失败。
|
||||
- `codex prompt-lint [prompt|--prompt-file path|--prompt-stdin]` 是派发前的本地 dry-run prompt lint。它只读取 prompt 文本,返回 `dryRun=true`、`mutation=false`、`declaredClass`、`effectiveClass`、`requiredClass`、`dispatchDisposition`、缺失或矛盾项和有界 evidence,不访问 live service、不提交任务、不打印完整 prompt。分级固定为 `read-only`、`live-read`、`live-mutating`;未声明时按 `read-only` 处理。新任务走 AgentRun Queue,指挥官应把 lint 结果纳入 `agentrun v01 queue submit` payload 审查。长期规则见 `docs/reference/code-queue-supervision.md` 的 DEV 测试授权分级。
|
||||
- `codex prompt-lint [prompt|--prompt-file path|--prompt-stdin]` 是派发前的本地 dry-run prompt lint。它只读取 prompt 文本,返回 `dryRun=true`、`mutation=false`、`declaredClass`、`effectiveClass`、`requiredClass`、`dispatchDisposition`、缺失或矛盾项和有界 evidence,不访问 live service、不提交任务、不打印完整 prompt。分级固定为 `read-only`、`live-read`、`live-mutating`;未声明时按 `read-only` 处理。新任务走 AgentRun Queue,指挥官应把 lint 结果纳入 `agentrun queue submit` payload 审查。长期规则见 `docs/reference/code-queue-supervision.md` 的 DEV 测试授权分级。
|
||||
- `gh issue list [owner/repo] [--state open|closed|all] [--limit N] [--search text] [--label label[,label...]]... [--repo owner/name] [--json number,title,state,url,updatedAt,createdAt,author,labels] [--raw|--full]` 通过 GitHub REST 列出 issue,默认 `state=open`、`limit=30`,输出稳定 JSON 且不依赖系统 `gh` binary。`owner/repo` 位置参数是 `--repo owner/repo` 的兼容别名;若位置 repo 与 `--repo` 冲突,或位置参数不是 `owner/repo`,必须结构化失败,禁止静默 fallback 到默认 repo。`--limit` 是 CLI 返回上限,不等同 GitHub 单页 `per_page`:当 `--limit > 100` 或默认页中混入 PR 时,CLI 必须分页抓取 GitHub REST/Search page,过滤 PR 后再返回 issue,并在输出中披露 `pagination.fetchedPages/rawCount/hasMore`;`hasMore=true` 时只能说明当前有界扫描未穷尽,禁止把它当作“仓库没有更多 issue”。`--search` 使用 GitHub Search Issues API,并自动追加 `repo:<owner>/<name>`、`type:issue` 和 state qualifier,用于创建新 issue 前做低摩擦查重;未知 state 或未知 `--json` 字段必须结构化失败并带 `runnerDisposition=business-failed`。`--label` 是 GitHub REST `labels=label1,label2` 或 Search `label:` 服务端过滤,支持重复 `--label` 和逗号分隔;filter 不在本命令上下文中使用(如 `issue read`、`pr list`)必须结构化失败并指明 `gh issue create/list/stale-close` 才是合法作用域。GitHub issues API 可能混入 PR,CLI 会从 `.data.issues` 中过滤 pull request。`--raw|--full` 在 `gh issue list` 上是绕过 20 KiB stdout 截断的显式开关:响应结果会带 `noDump=true`,`output.ts` 据此跳过 head/tail 替换并把完整数据 inline 输出;当响应未超阈值时 `--raw|--full` 行为等价默认。
|
||||
- `gh issue lifecycle`:`--state` 只能作为 `gh issue list` / `gh issue board-row list` / `gh pr list` 的过滤参数;`gh issue update` / `gh issue edit` 只写 body/title,**不接受** `--state` 改 open/closed。把 `gh issue update <n> --state closed` 落到错命令上时,CLI 必须返回 `validation-failed` 并显式提示 `gh issue close <n>` / `gh issue reopen <n>`(PR 用 `gh pr close|reopen <n>`),并把 5 条受支持命令放进 `supportedCommands`,禁止把"无 `--state` 改 issue 状态"的命令升级为"接受 `--state`"。`gh issue close|reopen` 成功输出默认是 compact issue 摘要,不得回显完整 `issue.body`;需要正文时后续使用返回的 `readCommands` 或 `gh issue view --json body|--full|--raw`。生命周期 close/reopen 的评论推荐用 `--comment-stdin <<'EOF'` 直接写 heredoc/stdin;短单行可用 `--comment`,已有复用文件才用 `--comment-file`。需要附长篇 CLI 验收证据时,先用 `gh issue comment create <n> --body-stdin <<'EOF'` 写证据评论,再用 `gh issue close <n> --comment <短引用>` 关闭。issue 硬删除走 `close`,PR 硬删除走 `close`,两者都没有"delete"语义。
|
||||
- `gh issue comment create <number|owner/repo#number> --repo owner/name --body-stdin`、`gh issue comment update|edit <commentId> --repo owner/name --body-stdin`、`gh issue comment delete <commentId|owner/repo#number> --repo owner/name`、`gh issue close <number|owner/repo#number> --repo owner/name [--comment <text>|--comment-stdin]`、`gh issue reopen <number|owner/repo#number> --repo owner/name [--comment <text>|--comment-stdin]`、`gh issue update <number|owner/repo#number> --repo owner/name [--title ...] [--body-stdin]`、`gh issue edit <number|owner/repo#number> ...`、`gh issue board-row get|update|add|move|delete|upsert <number|owner/repo#number> --repo owner/name ...` 都接受与 `gh issue view|read`、`gh pr *` 一致的 `owner/repo#number` 位置 shorthand;shorthand 与显式 `--repo` 冲突时结构化失败并把两者都回显到错误对象里,避免静默改写目标 repo。`gh issue view|read`、`gh pr view|read|files|diff|preflight|closeout|comment create|comment update|comment edit|comment delete|close|reopen|merge|edit|update` 已长期支持该 shorthand;comment update/edit/delete 的 `--number` 表示 commentId,不是 issue/PR number。issue 写命令对齐后整个 `gh` 子命令在 shorthand 行为上保持一致,不再需要把 `pikasTech/HWLAB#621` 拆成 `621 --repo pikasTech/HWLAB`。来源:HWLAB #621 CLI 验收 `gh issue comment create pikasTech/HWLAB#621` 摩擦改进。
|
||||
@@ -93,7 +93,7 @@ CI/CD、GitOps、rollout、artifact 发布、PR 合并后的 runtime lane 滚动
|
||||
- `ci install|status|run|publish-backend-core|publish-user-service|run-dev-e2e|logs` 管理 D601 原生 k3s 上的 Tekton CI。`run` 手动创建每 commit 检查和 Code Queue 只读性能门禁;`publish-backend-core` 与 `publish-user-service` 从 pushed Git commit 构建并发布 `127.0.0.1:5000/unidesk/<service>:<commit>` commit-pinned artifacts,输出 `artifactSummary`(含 `serviceId`、`sourceCommit`、`sourceRepo`、`dockerfile`、`imageRef`、`tag`、`digest`、`digestRef`),但不部署生产;`run-dev-e2e` 的 Git 控制 runner、短 launcher、host fetch 边界、临时 smoke namespace 和 no-CD 规则只在 `docs/reference/dev-ci-runner.md` 定义;Tekton CI 通用规则见 `docs/reference/ci.md`。
|
||||
- `schedule list|get|runs|run|retry-run|delete|upsert-pgdata-backup` 管理 backend-core 定时任务和运行历史。`schedule list`、`schedule get`、`schedule runs --limit N` 和 `schedule runs <scheduleId> --limit N` 是只读观察入口;`schedule run`、`schedule retry-run`、`schedule delete` 和 `schedule upsert-pgdata-backup` 会触发运行或写入配置,生产恢复时必须有明确授权。`schedule runs --limit N` 是全局历史视图,返回 `scope=global` 和 `scheduleId=null`;`schedule runs <scheduleId> --limit N` 是指定 schedule 历史视图,返回 `scope=schedule` 和对应 `scheduleId`。CLI 必须拒绝 `schedule runs 50` 这类纯数字位置参数,并提示使用 `schedule runs --limit 50`,避免把空数组误判成“没有历史 run”。`schedule run <id> --wait-ms N` 触发同一 schedule,并且即使 wait 超时也必须返回 `newRunId` 和 `observeCommand`;`schedule retry-run <failedRunId>` 只接受 failed run,从原 run 反查 `scheduleId` 后重触发同一 schedule,并输出 `originalRunId`、`scheduleId`、`newRunId` 和 `observeCommand`。当 backend-core 目标容器缺失或只观察到 verify-only 容器时,schedule/microservice 命令必须以非零退出并返回 `failureKind=target-stack-not-running`、`runnerDisposition=infra-blocked`、`readOnlyCommands` 和 `authorizationRequiredForRecovery`,不得把 Docker 的 `No such container` 当成成功的空历史。
|
||||
- `codex deploy <commitId>` 是旧 Code Queue 兼容部署入口,已禁用以防止维护通道直连 D601 部署 Code Queue;当前 dev 自动化只做 `ci run-dev-e2e` smoke,不提供 Code Queue CD,详细规则见 `docs/reference/codex-deploy.md`。
|
||||
- `agentrun v01 queue|sessions` 是当前指挥官新任务和 AgentRun session 控制入口。UniDesk CLI 通过 G14 `/root/agentrun-v01` 中官方 `./scripts/agentrun --manager-url auto` 执行:`queue commander` 查看指挥官队列,`queue submit --json-stdin` 创建新任务,`queue dispatch <taskId> --json-stdin` 派发,`queue read/cancel` 标记和取消队列任务;`sessions trace/output/read/steer/cancel` 读取和控制已创建 session。日常一次性 JSON、prompt 和 runner JSON 输入优先用 quoted heredoc/stdin;`--json-file`、`--prompt-file`、`--runner-json-file` 只用于已审阅且可复用的受控文件。本地 bridge 对 stdin 直通官方 AgentRun CLI,不先落 dump 文件;它不是旧 Code Queue adapter,不做双写,也不迁移旧历史。
|
||||
- `agentrun queue|sessions` 是当前指挥官新任务和 AgentRun session 控制入口。UniDesk CLI 通过 G14 `/root/agentrun-v01` 中官方 `./scripts/agentrun --manager-url auto` 执行:`queue commander` 查看指挥官队列,`queue submit --json-stdin` 创建新任务,`queue dispatch <taskId> --json-stdin` 派发,`queue read/cancel` 标记和取消队列任务;`sessions trace/output/read/steer/cancel` 读取和控制已创建 session。日常一次性 JSON、prompt 和 runner JSON 输入优先用 quoted heredoc/stdin;`--json-file`、`--prompt-file`、`--runner-json-file` 只用于已审阅且可复用的受控文件。本地 bridge 对 stdin 直通官方 AgentRun CLI,不先落 dump 文件;它不是旧 Code Queue adapter,不做双写,也不迁移旧历史。
|
||||
- `codex submit/enqueue`、`codex steer`、`codex resume`、`codex queue create`、`codex queue merge`、`codex move`、旧 Web 提交表单、旧队列管理和旧 workdir 管理是冻结的 legacy Code Queue 写入口。CLI 必须返回 `ok=false`、`frozen=true`、`degradedReason=legacy-code-queue-frozen` 和 AgentRun 替代命令;服务端旧 API 写入口必须返回 410。新任务、steer、trace/output、read 和 cancel 走 AgentRun Queue/Sessions。
|
||||
- 旧 Code Queue 只保留历史归档、只读排障和残留任务停止。`codex task/tasks/output/read/unread/queues` 继续通过 backend-core 私有代理读取旧 PostgreSQL 历史;`codex interrupt|cancel <taskId>` 只用于停止旧运行面残留任务。旧 `steer-confirm` 只作为历史 trace confirmation 查询,不是新任务控制入口。
|
||||
- `codex pr-preflight [--remote] [--push-dry-run --push-dry-run-ref refs/heads/probe/<name>] [--pr-create-dry-run --pr-create-dry-run-head <head>] [--issue N] [--full|--raw]` 通过稳定 `code-queue` proxy 请求 D601 scheduler `/api/runtime-preflight`,用于 PR 型派单 admission。默认输出是紧凑 commander 视图,显式分出 `schedulerPreflight` 与 `activeRunnerPrCapability`,并附带 `commands` 和 `disclosure`,方便先看 scheduler auth 缺口、再看当前 runner/dev container 的 `gh auth status` 与 `gh pr create --dry-run` 能力;`--full` 或 `--raw` 才展开完整 `preflight`、工具、agent port、Git worktree、GitHub egress、repo/issue/PR 只读探测和观测原文。只报告 `GH_TOKEN`/`GITHUB_TOKEN` 是否存在和来源 key,不打印值。当 auth-broker 配置存在时,`tokenCoverage.source="auth-broker"`、`credentialSource="broker-issued-token"` 且 runner env token 不是成功前提;当仅 env token 存在时,`credentialSource="env-token"` 且 `authBroker.nextAction="use-env-token-until-auth-broker-live"`;两者都缺失时顶层 `ok=false`、`runnerDisposition=infra-blocked`、`degradedReason=auth-broker-needed`,`tokenCoverage.missing` 同时列出 `GH_TOKEN` 与 `GITHUB_TOKEN`,并输出 `authBroker.source="broker/auth-broker-needed"`、`capability.source="missing-token"`。该 `auth-missing` 的 scope 是 `scheduler-runner-env`,不能简化成“当前 active runner/dev container 不能创建 PR”;默认视图必须带 `scopeBoundary` 和 `activeRunnerPrCapability`。GitHub DNS/API 连接失败应归类为 `failureKind=github-transient`、`degradedReason=github-dns-api-transient`,并带 `retryable=true`、`commanderAction=retry-backoff-or-keep-running-if-heartbeat-fresh` 和有界 `githubTransient.failedProbes`;调用方应重试/退避,且在任务 heartbeat/trace 新鲜时继续监督,不把它当成 auth 缺失或 PR 语义失败。`prCapability` 是 runner-facing 合同摘要,必须包含目标分支、token/auth 来源、`systemGhBinaryRequiredForWrites=false`、UniDesk REST `bun scripts/cli.ts gh` 可用性、push dry-run/PR create dry-run 的 `writesRemote=false`、expected PR handoff、真实 PR 创建需要 commander 授权,以及 guarded `gh pr merge --dry-run` 预检路径;系统 `gh` binary 缺失只进入 `tools.systemGhBinary`,不得误判为 UniDesk REST `gh` CLI 不可用。`--remote` 在 runner-like 环境里不再依赖本地 `unidesk-backend-core`、`unidesk-database`、`baidu-netdisk-backend` 容器存在;这些缺失只作为本地观测证据。若远程控制面可达,则继续走远程控制面结果;若远程控制面不可达,则结构化返回 `failureKind=control-plane-missing` / `degradedReason=remote-control-plane-unreachable`,而不是把本地 `backend-core-container-missing` 当作最终阻塞。`--pr-create-dry-run` 不 POST GitHub,只证明 runner 内 PR body 生成、`scripts/cli.ts gh pr create --dry-run` 和 branch 参数形态可用;服务端创建权限仍以 token/auth broker、repo/issue/PR read、push dry-run 和最终授权后的真实 PR 创建结果为准。
|
||||
@@ -106,9 +106,9 @@ CI/CD、GitOps、rollout、artifact 发布、PR 合并后的 runtime lane 滚动
|
||||
- `codex dev-ready` 查询 Code Queue `/api/dev-ready` 并返回有界 readiness 摘要,包括工具、Docker、Codex config、SSH 和 `devReady.skills`。`devReady.skills` 只暴露 `UNIDESK_SKILLS_PATH`、是否存在、是否只读、skillCount、`cli-spec` 是否可见和修复建议,不输出宿主 auth/token 文件内容。
|
||||
- `codex judge <taskId> --attempt N [--dry-run] [--include-prompt]` 通过 Code Queue 私有代理按指定 attempt 单步复现 judge;这是执行面诊断入口,仍依赖 D601 scheduler/runner 侧的真实 judge builder、MiniMax 调用路径和执行环境。默认会真实调用 MiniMax,`--dry-run` 只返回 prompt/payload 大小、attempt 窗口和重建来源诊断,`--include-prompt` 仅用于本地深度排查。
|
||||
- `codex steer-confirm <taskId> --steer-id <id> [--raw]` 是只读 trace confirmation lookup。默认输出 `traceConfirmation.found/accepted/deliveryState/trace.seq/trace.at/promptChars/promptHash` 和 `delivery.status`,不回显 prompt;`--raw` 才附带原始 backend confirmation body。该命令用于处理 stable-proxy abort 后的 `deliveryUnconfirmed`,不要用重复 prompt 代替确认查询。
|
||||
- 旧 `codex steer` 已冻结;`codex steer-confirm` 只作为历史 trace confirmation lookup。新运行中纠偏使用 `bun scripts/cli.ts agentrun v01 sessions steer <sessionId> --prompt-stdin`,并用 `sessions trace/output/read` 观察。
|
||||
- 旧 `codex steer` 已冻结;`codex steer-confirm` 只作为历史 trace confirmation lookup。新运行中纠偏使用 `bun scripts/cli.ts agentrun sessions steer <sessionId> --prompt-stdin`,并用 `sessions trace/output/read` 观察。
|
||||
- `codex interrupt|cancel <taskId>` 通过 Code Queue 私有代理请求中断;running/judging 任务会请求 D601 当前 agent run 停止,queued/retry_wait 任务的取消也必须保持与 WebUI 相同代理路径,返回有界 task 摘要和后续查询命令。任何需要接触 active run 的动作仍属于 D601 执行面。
|
||||
- 旧 Code Queue 多队列 lane 现在是归档视图:`codex queues [--full|--all] [--limit N] [--page N|--offset N]` 只读展示历史 queue 摘要、activity、commanderConcurrency、counts 和 execution diagnostics。`queue create`、`queue merge`、`move` 等旧队列写入口冻结并返回 `legacy-code-queue-frozen`;AgentRun 新任务的排队、派发和取消必须使用 `agentrun v01 queue`。
|
||||
- 旧 Code Queue 多队列 lane 现在是归档视图:`codex queues [--full|--all] [--limit N] [--page N|--offset N]` 只读展示历史 queue 摘要、activity、commanderConcurrency、counts 和 execution diagnostics。`queue create`、`queue merge`、`move` 等旧队列写入口冻结并返回 `legacy-code-queue-frozen`;AgentRun 新任务的排队、派发和取消必须使用 `agentrun queue`。
|
||||
- 所有旧 `codex` 历史查询、已读和残留 interrupt/cancel 命令必须走与 WebUI 相同的 backend-core 私有代理路径 `/api/microservices/code-queue/proxy/...`。旧 submit/steer/resume/queue mutation/move/workdir mutation 不得绕过冻结;若需要新任务或新 session 控制,使用 AgentRun Queue/Sessions。
|
||||
- `job list [--limit N] [--include-command]` 与 `job status <jobId|latest> [--tail-bytes N]` 查询 `.state/jobs/` 文件系统状态,是异步命令的可观测入口。`job list` 默认只返回最新 50 条摘要,并为已知异步工作流返回轻量 `progress.summary` 与后续查询命令;`job status` 默认返回结构化 `progress`、stdout/stderr 末尾 12000 字节、`tailPolicy` 与完整日志路径。已知工作流应从有界日志尾部抽取阶段、关键对象名和下一步命令,避免为了判断当前阶段而手工打开完整 stdout/stderr。`hwlab_g14_v02_trigger_current` 的 progress 必须暴露 trigger 阶段、source commit 和 PipelineRun;`hwlab_g14_v02_pr_monitor` 的 progress 必须暴露 preflight、merge、source-head、cd-trigger、cd-status、git-mirror-flush 和 pr-comment 阶段,以及 PR、source commit、PipelineRun、targetValidation/pendingFlush 摘要;`hwlab_g14_git_mirror_sync|flush` 与 `agentrun_v01_git_mirror_sync|flush` 的 progress 必须暴露 sync/flush 状态、Job 名、pendingFlush 与 fetch/push/total/SSH timing,并给出对应 repo 的 mirror status 命令。
|
||||
- `debug health`、`debug dispatch` 与 `debug task` 走真实内部 core、WebSocket、数据库、provider、系统指标、Docker 状态和 Host SSH 维护桥流程,只用于开发调试,不写入 `TEST.md` 的正式验收步骤。
|
||||
|
||||
@@ -93,7 +93,7 @@ HWLAB M3 口径使用同一分级:只读报告、fixture、LOCAL/DRY-RUN 和 d
|
||||
|
||||
AgentRun 新派单和历史 Code Queue 审阅都按成本、可信度和 blast radius 分层:GPT-5.5/Codex 处理高风险和复杂任务,DeepSeek/OpenCode 处理中等复杂度且边界清晰的任务,MiniMax/OpenCode 处理简单、低权限、可复核任务,生产重启、密钥、数据库手工写入和运行中任务控制保留给指挥官或人工。
|
||||
|
||||
当前新任务派发合同由 `bun scripts/cli.ts agentrun v01 queue|sessions` 暴露:`queue commander` 查看 AgentRun 指挥官队列,`queue submit --json-stdin` 创建任务,`queue dispatch <taskId> --json-stdin` 派发,`sessions trace/output/read/steer/cancel` 读取和控制 AgentRun session。日常一次性 JSON、prompt 和 runner JSON 输入优先用 quoted heredoc/stdin;`--json-file`、`--prompt-file`、`--runner-json-file` 只用于已审阅且可复用的受控文件。本地 UniDesk bridge 会把 stdin 直通官方 G14 `/root/agentrun-v01` CLI,不先落 dump 文件;它不是旧 Code Queue adapter,不做双写,也不迁移旧历史。
|
||||
当前新任务派发合同由 `bun scripts/cli.ts agentrun queue|sessions` 暴露:`queue commander` 查看 AgentRun 指挥官队列,`queue submit --json-stdin` 创建任务,`queue dispatch <taskId> --json-stdin` 派发,`sessions trace/output/read/steer/cancel` 读取和控制 AgentRun session。日常一次性 JSON、prompt 和 runner JSON 输入优先用 quoted heredoc/stdin;`--json-file`、`--prompt-file`、`--runner-json-file` 只用于已审阅且可复用的受控文件。本地 UniDesk bridge 会把 stdin 直通官方 G14 `/root/agentrun-v01` CLI,不先落 dump 文件;它不是旧 Code Queue adapter,不做双写,也不迁移旧历史。
|
||||
旧 `codex submit/enqueue`、`codex steer`、`codex resume`、旧 queue mutation、task move 和旧 workdir mutation 已冻结。CLI 必须返回 `ok=false`、`frozen=true`、`degradedReason=legacy-code-queue-frozen` 和 AgentRun 替代命令;服务端旧 API 写入口必须返回 410。旧 `codex task/tasks/output/read/unread/queues` 继续作为历史归档和只读排障入口,`codex interrupt|cancel` 只用于停止残留旧任务。
|
||||
|
||||
新任务模型由 AgentRun queue payload 和 AgentRun runtime 配置决定;旧 Code Queue 的 `CODE_QUEUE_MODELS` 只作为历史任务审阅和残留运行面配置参考,长期合同至少包含 GPT-5.5、GPT-5.4、GPT-5.4 Mini、DeepSeek Chat、MiniMax M3 和 MiniMax M2.7 两路并行配置;`deepseek`/`deepseek-chat`、`minimax-m3` 与 `minimax-m2.7` 会走 OpenCode port,其余模型走 Codex port。PROD 集群把 `MINIMAX_MODEL` 切到 `MiniMax-M3`(M3 是新任务的默认 provider model),judge 与 opencode 跟随;M2.7 仍然作为并行配置存在,切换只需把 `MINIMAX_MODEL` 改成 `MiniMax-M2.7` 后 rollout restart。两者不存在自动 fallback 关系:M3 任务失败不会自动改派 M2.7,task 要用 M2.7 必须显式 `--model minimax-m2.7`。只有当执行面 `/health` 或等价配置已经显示 DeepSeek 模型可用、并完成轻量 runner smoke 后,才允许真实提交 `--model deepseek-chat`。
|
||||
@@ -275,7 +275,7 @@ bun scripts/cli.ts codex pr-preflight --remote --issue <issue-number>
|
||||
|
||||
### Runner Resume 收口
|
||||
|
||||
PR 小修、冲突、rebase、补测和 reviewer feedback 的新执行入口是 AgentRun Queue/Sessions。仍在 AgentRun session 内的工作优先使用 `bun scripts/cli.ts agentrun v01 sessions steer <sessionId> --prompt-stdin` 或 AgentRun reuse/turn 能力;已沉淀成新工作项时使用 `bun scripts/cli.ts agentrun v01 queue submit --json-stdin`。旧 `codex resume` 已冻结,不再作为 follow-up turn 入口。
|
||||
PR 小修、冲突、rebase、补测和 reviewer feedback 的新执行入口是 AgentRun Queue/Sessions。仍在 AgentRun session 内的工作优先使用 `bun scripts/cli.ts agentrun sessions steer <sessionId> --prompt-stdin` 或 AgentRun reuse/turn 能力;已沉淀成新工作项时使用 `bun scripts/cli.ts agentrun queue submit --json-stdin`。旧 `codex resume` 已冻结,不再作为 follow-up turn 入口。
|
||||
|
||||
旧 Code Queue task 只保留历史审阅和残留停止;需要基于旧任务产出继续推进时,在 AgentRun payload 中显式引用旧 task id、PR/branch 和审阅结论,而不是把旧 task 重新入队、resume 或 double-write。
|
||||
|
||||
@@ -297,7 +297,7 @@ replacement runner 只用于方向明显错误、质量不可接受、原 task
|
||||
- `bun scripts/cli.ts codex tasks --status succeeded --unread --limit N`:按具体终态过滤监督结果;不支持的 status filter 必须显式失败,不能扩大为未过滤结果。
|
||||
- `bun scripts/cli.ts codex task <taskId>`:默认只查看原始 prompt、最终 response、最后错误和 drill-down 命令,这是完成未读任务审阅的第一步。
|
||||
- 当默认审阅摘要不足时,再逐级使用 `bun scripts/cli.ts codex task <taskId> --detail`、`bun scripts/cli.ts codex task <taskId> --trace --limit N` 或 `codex output`。
|
||||
- `bun scripts/cli.ts agentrun v01 sessions steer <sessionId> --prompt-stdin`:对 AgentRun 中仍可继续的 session 追加修正;旧 `codex resume` 已冻结。
|
||||
- `bun scripts/cli.ts agentrun sessions steer <sessionId> --prompt-stdin`:对 AgentRun 中仍可继续的 session 追加修正;旧 `codex resume` 已冻结。
|
||||
- 当 master 控制面状态和 D601 scheduler 状态看起来分裂时,使用 `docs/reference/observability.md` 中的活性规则判断。
|
||||
|
||||
默认 commander/supervisor 视图必须保持低噪声。commander 视图用于回答“现在需要处理什么”,supervisor 视图用于看分区小页和红线细节。commander 的 `activeRunners.count` 是指挥官 active runner 计数,supervisor 的 `activeRunning.count` 是 running+judging 状态计数;两者都必须标明 exact/source,不能把返回行数当成并发总数。`activeRunning.count` 来源是 queue summary 的 status counts 时 `activeRunning.exact=true`,用于 redline 判断;`activeRunning.rowPage.returned` / `running.returned` 只表示本次返回的紧凑任务行。`activeRunning.redline` 必须写明 `countField`、routine target、burst redline、hard redline、`state` 和 `decisionReady`;只有 `decisionReady=true` 时,才能直接用该 count 做红线/补派判断。commander 的 `attention.items` 只返回最需要处理的有界任务,`attention.total/returned/omitted` 必须保留省略计数;`sections.recentCompleted` 不得重复 `sections.terminalUnread` 的未读终态。`running`、`completedUnread` 和 `queued` 即使传入较大的 `--limit`,默认也只返回一个很小的有界页,并通过 section `commands.next` 继续分页;`--limit` 保留为扫描/分页预算和 full view 返回预算,不得让一次 commander/supervisor 调用输出几十条肥行。每个任务行只应带 task id 和必要摘要,`show`、`detail`、`trace`、`output`、`full`、`read` 使用 section template 或 row commands 表达,让下一步渐进披露动作明确且不重复;默认不得嵌入完整 queue 列表、完整 final response、raw output 页或完整 trace 行。`recentCompleted` 必须默认限量,且不得重复 `completedUnread` 里的未读终态,避免完成历史把当前 running、阻塞和未读审阅挤出视野;需要完整当前页时显式使用 `--view full`。`executionDiagnostics` 只能展示有界 task-id/reason 预览、总数、截断标记和 omitted counts;需要全量诊断时使用输出中的 raw command。`commands.read` 只是在人工审阅后的建议命令,listing 命令绝不能自动执行。
|
||||
@@ -312,7 +312,7 @@ commander 视图的任务分类必须是确定性字段,至少区分 `user-fac
|
||||
|
||||
队列诊断中的 `split-brain` 表示控制面/执行面观测分裂,不自动证明任务已经死亡。只要任务 heartbeat 还在刷新、trace 仍在推进,就不能把它判成服务中断或要求立刻 stop;应把它视为 `splitBrainLive=true` 的 live 任务,继续监督并推进 #20 里的已排任务,而不是 interrupt、替换或把 backend 当成已经挂掉。队列摘要应显示 `effectiveLiveness=live`、`splitBrainLive=true` 和 `recommendedAction=continue-supervision`;compact 输出还应在 `executionDiagnostics.liveness` 中重复这些低噪声字段,并突出 `activeHeartbeatCount`、有界 `heartbeatFreshTaskIds`、`databaseActiveTaskCount` 和 `schedulerActiveRunSlotCount`。当 master/control-plane 的 `schedulerActiveRunSlotCount=0` 但 `heartbeatFreshTaskIds` 非空时,active 数应优先按 scheduler heartbeat 摘要解释为 live,而不是按 master 本地 slot 0 解释为执行停摆。只有 heartbeat expired/missing 或满足 stale-recovery 条件时,才应显示 `effectiveLiveness=at-risk` 并进入恢复判断。
|
||||
|
||||
旧 Code Queue 的 bounded snapshot 只作为历史监督证据,不再作为新派单或恢复判据。新任务派发后应通过 `bun scripts/cli.ts agentrun v01 queue commander --reader-id <id>`、`queue show`、`sessions trace` 和 `sessions output` 观察 AgentRun 队列与 session。
|
||||
旧 Code Queue 的 bounded snapshot 只作为历史监督证据,不再作为新派单或恢复判据。新任务派发后应通过 `bun scripts/cli.ts agentrun queue commander --reader-id <id>`、`queue show`、`sessions trace` 和 `sessions output` 观察 AgentRun 队列与 session。
|
||||
|
||||
默认 supervisor poll 也遵循同一低噪声语义:heartbeat expired/missing、`heartbeatRiskTaskIds` 和 `staleRecoveryCandidateTaskIds` 必须可见,但第一次 poll 只表示 `transient-needs-repoll`,`activity.recovery.hint` 应为 `re-poll supervisor before recovery`。只有 repeated poll 仍确认 owner heartbeat expired、scheduler local no active run、database-active task 仍存在,并且输出显式带 `repeatedPollConfirmed=true` 或 confirmed stale candidate,才允许进入 bounded dry-run reconcile;真实恢复仍受高风险边界约束。
|
||||
|
||||
@@ -376,7 +376,7 @@ D601 artifact registry 的 systemd unit inactive 不等于 D601 全局离线。
|
||||
只有存在明确理由时才干预。
|
||||
|
||||
- 如果任务还在运行且 trace 或 scheduler heartbeat 新鲜,应引导而不是 interrupt。
|
||||
- 对 AgentRun 运行中 session 的引导应优先使用正式 CLI:`bun scripts/cli.ts agentrun v01 sessions steer <sessionId> --prompt-stdin`,再用 `sessions trace/output/read` 确认。旧 `codex steer` 已冻结,只保留历史 trace confirmation 查询。
|
||||
- 对 AgentRun 运行中 session 的引导应优先使用正式 CLI:`bun scripts/cli.ts agentrun sessions steer <sessionId> --prompt-stdin`,再用 `sessions trace/output/read` 确认。旧 `codex steer` 已冻结,只保留历史 trace confirmation 查询。
|
||||
- 真实 steer 输出必须保持低噪声:成功显示 `steer.status`、`steer.deliveryState`、`steer.steerId`、有界 `traceConfirmation` 和后续命令,不回显 prompt 或完整 task state;失败默认不带 request body、不带 upstream body preview,也不带 raw response,需要上游预览或原始失败对象时显式重跑 `--full` 或 `--raw`。`deliveryState=accepted` 表示 backend 已接受;`not_accepted` 表示任务状态/权限/输入未接受;`accepted_response_timeout` 表示 stable proxy 响应超时但 trace confirmation 找到该 `steerId`;`unknown` 表示响应路径失败且确认查询仍未证明接受。
|
||||
- 旧 Code Queue 的 provider tunnel 失败只作为历史运行面诊断线索;新任务控制面失败优先按 AgentRun `queue show`、`sessions trace/output`、G14 `agentrun-v01` manager 和 runner job 证据分流。
|
||||
- 新 AgentRun 任务失败分流以 AgentRun queue/session/runner-job 返回字段为准。旧 Code Queue `.data.diagnostics.reason` 只用于历史任务和残留运行面,不再引导新 `codex submit/steer/resume`。
|
||||
|
||||
@@ -79,10 +79,10 @@ G14 的 Tekton workspace retention 不能通过原生 `kubectl delete`、直接
|
||||
AgentRun `v0.1` 使用 `agentrun-ci` namespace:
|
||||
|
||||
```bash
|
||||
bun scripts/cli.ts agentrun v01 control-plane cleanup-runs --min-age-minutes 30 --limit 200 --dry-run
|
||||
bun scripts/cli.ts agentrun v01 control-plane cleanup-runs --min-age-minutes 30 --limit 200 --confirm
|
||||
bun scripts/cli.ts agentrun v01 control-plane cleanup-released-pvs --limit 200 --dry-run
|
||||
bun scripts/cli.ts agentrun v01 control-plane cleanup-released-pvs --limit 200 --confirm
|
||||
bun scripts/cli.ts agentrun control-plane cleanup-runs --min-age-minutes 30 --limit 200 --dry-run
|
||||
bun scripts/cli.ts agentrun control-plane cleanup-runs --min-age-minutes 30 --limit 200 --confirm
|
||||
bun scripts/cli.ts agentrun control-plane cleanup-released-pvs --limit 200 --dry-run
|
||||
bun scripts/cli.ts agentrun control-plane cleanup-released-pvs --limit 200 --confirm
|
||||
```
|
||||
|
||||
HWLAB 使用 `hwlab-ci` namespace:
|
||||
@@ -214,9 +214,9 @@ DEV workload 验证应检查非零副本 workload 是否 ready;`0/0` 的显式
|
||||
同时必须用高层 CLI 验证受影响运行面仍对齐:
|
||||
|
||||
```bash
|
||||
bun scripts/cli.ts agentrun v01 control-plane status
|
||||
bun scripts/cli.ts agentrun control-plane status
|
||||
bun scripts/cli.ts hwlab g14 control-plane status --lane v02
|
||||
bun scripts/cli.ts agentrun v01 control-plane cleanup-runs --min-age-minutes 30 --limit 200 --dry-run
|
||||
bun scripts/cli.ts agentrun control-plane cleanup-runs --min-age-minutes 30 --limit 200 --dry-run
|
||||
bun scripts/cli.ts hwlab g14 control-plane cleanup-released-pvs --lane all --limit 200 --dry-run
|
||||
```
|
||||
|
||||
|
||||
@@ -34,6 +34,24 @@ assertCondition(
|
||||
agentRunUsage,
|
||||
);
|
||||
|
||||
assertCondition(
|
||||
!agentRunUsage.some((line) => line.includes("agentrun v01")),
|
||||
"AgentRun help must hide the v01 lane from user-facing CLI entrypoints",
|
||||
agentRunUsage,
|
||||
);
|
||||
|
||||
assertCondition(
|
||||
agentRunUsage.some((line) => line.includes("queue show <taskId> --full"))
|
||||
&& agentRunUsage.some((line) => line.includes("runs show <runId>"))
|
||||
&& agentRunUsage.some((line) => line.includes("runs result <runId> --command-id <commandId>"))
|
||||
&& agentRunUsage.some((line) => line.includes("commands show <commandId> --run-id <runId>"))
|
||||
&& agentRunUsage.some((line) => line.includes("runner jobs --run-id <runId> --command-id <commandId>"))
|
||||
&& agentRunUsage.some((line) => line.includes("runner job-status <runnerJobId> --run-id <runId>"))
|
||||
&& !agentRunUsage.some((line) => line.includes("queue lifecycle")),
|
||||
"AgentRun help must expose queue progressive disclosure through existing show/run/command/runner commands without a lifecycle command",
|
||||
agentRunUsage,
|
||||
);
|
||||
|
||||
const submitStdinIndex = agentRunUsage.findIndex((line) => line.includes("queue submit --json-stdin"));
|
||||
const submitFileIndex = agentRunUsage.findIndex((line) => line.includes("queue submit --json-file"));
|
||||
const dispatchStdinIndex = agentRunUsage.findIndex((line) => line.includes("queue dispatch <taskId> --json-stdin"));
|
||||
@@ -53,7 +71,7 @@ assertCondition(
|
||||
const globalHelp = JSON.stringify(rootHelp());
|
||||
|
||||
assertCondition(
|
||||
globalHelp.includes("agentrun v01 aipod-specs|queue|sessions|control-plane|git-mirror"),
|
||||
globalHelp.includes("agentrun aipod-specs|queue|runs|commands|runner|sessions|control-plane|git-mirror"),
|
||||
"global help must index AgentRun v0.1 entrypoints",
|
||||
rootHelp(),
|
||||
);
|
||||
@@ -73,6 +91,8 @@ console.log(JSON.stringify({
|
||||
"AgentRun command help exposes cleanup-runs and cleanup-released-pvs",
|
||||
"AgentRun command help exposes targeted control-plane status drill-down options",
|
||||
"AgentRun command help exposes queue dry-run and compact commander usage",
|
||||
"AgentRun command help hides the v01 lane from user-facing CLI entrypoints",
|
||||
"AgentRun command help exposes queue progressive disclosure without queue lifecycle",
|
||||
"AgentRun command help presents heredoc/stdin before reusable file fallbacks",
|
||||
"global help indexes AgentRun v0.1 entrypoints",
|
||||
"AgentRun control-plane status degrades empty runtime JSON snippets",
|
||||
|
||||
@@ -31,6 +31,9 @@ const commandName = displayCommandName(args);
|
||||
|
||||
function displayCommandName(parts: string[]): string {
|
||||
if (parts.length === 0) return "help";
|
||||
if (parts[0] === "agentrun" && parts[1] === "v01") {
|
||||
return ["agentrun", ...parts.slice(2)].join(" ").trim();
|
||||
}
|
||||
if (parts[0] === "codex" && (parts[1] === "submit" || parts[1] === "enqueue")) {
|
||||
const shown = ["codex", parts[1]];
|
||||
const shownValueOptions = new Set([
|
||||
|
||||
@@ -58,7 +58,7 @@ function assertLegacyFrozenWrite(result: { status: number | null; stdout: string
|
||||
assertCondition(data.degradedReason === "legacy-code-queue-frozen", `${command} should use the legacy frozen reason`, data);
|
||||
assertCondition(data.command === command, `${command} frozen payload should identify the command`, data);
|
||||
const replacement = nestedRecord(data, ["replacement"]);
|
||||
assertCondition(String(replacement.sessionsSteer || "").includes("agentrun v01 sessions steer"), `${command} should point to AgentRun sessions steer`, replacement);
|
||||
assertCondition(String(replacement.sessionsSteer || "").includes("agentrun sessions steer"), `${command} should point to AgentRun sessions steer`, replacement);
|
||||
const legacy = nestedRecord(data, ["legacy"]);
|
||||
assertCondition(legacy.noDoubleWrite === true, `${command} should document no double-write`, legacy);
|
||||
}
|
||||
|
||||
@@ -54,8 +54,8 @@ function assertLegacyFrozenWrite(result: { status: number | null; stdout: string
|
||||
assertCondition(data.degradedReason === "legacy-code-queue-frozen", `${command} should use the legacy frozen reason`, data);
|
||||
assertCondition(data.command === command, `${command} frozen payload should identify the command`, data);
|
||||
const replacement = nestedRecord(data, ["replacement"]);
|
||||
assertCondition(String(replacement.queueSubmit || "").includes("agentrun v01 queue submit"), `${command} should point to AgentRun queue submit`, replacement);
|
||||
assertCondition(String(replacement.sessionsSteer || "").includes("agentrun v01 sessions steer"), `${command} should point to AgentRun sessions steer`, replacement);
|
||||
assertCondition(String(replacement.queueSubmit || "").includes("agentrun queue submit"), `${command} should point to AgentRun queue submit`, replacement);
|
||||
assertCondition(String(replacement.sessionsSteer || "").includes("agentrun sessions steer"), `${command} should point to AgentRun sessions steer`, replacement);
|
||||
const legacy = nestedRecord(data, ["legacy"]);
|
||||
assertCondition(legacy.noDoubleWrite === true, `${command} should document no double-write`, legacy);
|
||||
}
|
||||
@@ -145,8 +145,8 @@ export function runCodeQueueCliSubmitPromptContract(): JsonRecord {
|
||||
assertCondition(recommended.includes("--prompt-stdin") && recommended.includes("--prompt-file"), "help should recommend stdin and file prompt sources", promptInput);
|
||||
assertCondition(String(promptInput.sourceRule || "").includes("Exactly one prompt source"), "help should document exact prompt source rule", promptInput);
|
||||
assertCondition(String(submitSummary.default || "").includes("legacy-code-queue-frozen"), "help submit summary should document frozen reason", submitSummary);
|
||||
assertCondition(String(submitSummary.replacement || "").includes("agentrun v01 queue submit"), "help should point new submissions at AgentRun", submitSummary);
|
||||
assertCondition(String(examples.agentRunSubmit || "").includes("agentrun v01 queue submit"), "help examples should include AgentRun submit", examples);
|
||||
assertCondition(String(submitSummary.replacement || "").includes("agentrun queue submit"), "help should point new submissions at AgentRun", submitSummary);
|
||||
assertCondition(String(examples.agentRunSubmit || "").includes("agentrun queue submit"), "help examples should include AgentRun submit", examples);
|
||||
|
||||
return {
|
||||
ok: true,
|
||||
|
||||
@@ -34,8 +34,8 @@ function assertLegacyFrozenWrite(result: { status: number | null; stdout: string
|
||||
assertCondition(data.mutation === false, `${command} frozen payload should be non-mutating`, data);
|
||||
assertCondition(data.degradedReason === "legacy-code-queue-frozen", `${command} should use the legacy frozen reason`, data);
|
||||
const replacement = nestedRecord(data, ["replacement"]);
|
||||
assertCondition(String(replacement.queueSubmit || "").includes("agentrun v01 queue submit"), `${command} should point to AgentRun queue submit`, replacement);
|
||||
assertCondition(String(replacement.sessionsSteer || "").includes("agentrun v01 sessions steer"), `${command} should point to AgentRun sessions steer`, replacement);
|
||||
assertCondition(String(replacement.queueSubmit || "").includes("agentrun queue submit"), `${command} should point to AgentRun queue submit`, replacement);
|
||||
assertCondition(String(replacement.sessionsSteer || "").includes("agentrun sessions steer"), `${command} should point to AgentRun sessions steer`, replacement);
|
||||
}
|
||||
|
||||
function runCli(args: string[], stdin?: string): { status: number | null; stdout: string; stderr: string; json: JsonRecord | null } {
|
||||
|
||||
@@ -91,7 +91,7 @@ function assertLegacyFrozenWrite(result: { status: number | null; stdout: string
|
||||
assertCondition(data.degradedReason === "legacy-code-queue-frozen", `${command} should use the legacy frozen reason`, data);
|
||||
assertCondition(data.command === command, `${command} frozen payload should identify the command`, data);
|
||||
const replacement = nestedRecord(data, ["replacement"]);
|
||||
assertCondition(String(replacement.sessionsSteer || "").includes("agentrun v01 sessions steer"), `${command} should point to AgentRun sessions steer`, replacement);
|
||||
assertCondition(String(replacement.sessionsSteer || "").includes("agentrun sessions steer"), `${command} should point to AgentRun sessions steer`, replacement);
|
||||
const legacy = nestedRecord(data, ["legacy"]);
|
||||
assertCondition(legacy.noDoubleWrite === true, `${command} should document no double-write`, legacy);
|
||||
}
|
||||
|
||||
@@ -62,7 +62,7 @@ function assertLegacyFrozenWrite(result: { status: number | null; stdout: string
|
||||
assertCondition(data.mutation === false, `${command} frozen payload should be non-mutating`, data);
|
||||
assertCondition(data.degradedReason === "legacy-code-queue-frozen", `${command} should use the legacy frozen reason`, data);
|
||||
const replacement = nestedRecord(data, ["replacement"]);
|
||||
assertCondition(String(replacement.queueSubmit || "").includes("agentrun v01 queue submit"), `${command} should point to AgentRun queue submit`, replacement);
|
||||
assertCondition(String(replacement.queueSubmit || "").includes("agentrun queue submit"), `${command} should point to AgentRun queue submit`, replacement);
|
||||
const legacy = nestedRecord(data, ["legacy"]);
|
||||
assertCondition(legacy.noDoubleWrite === true, `${command} should document no double-write`, legacy);
|
||||
}
|
||||
|
||||
@@ -45,7 +45,7 @@ assertCondition(
|
||||
&& storageBody.includes('"agentrun"')
|
||||
&& storageBody.includes('"byOwnerGroup"')
|
||||
&& storageBody.includes("hwlab g14 control-plane cleanup-runs")
|
||||
&& storageBody.includes("agentrun v01 control-plane cleanup-runs")
|
||||
&& storageBody.includes("agentrun control-plane cleanup-runs")
|
||||
&& storageBody.includes("hostPath")
|
||||
&& storageBody.includes("activeMountPods")
|
||||
&& storageBody.includes("estimatedBytes")
|
||||
|
||||
@@ -50,7 +50,7 @@ function assertLegacyFrozenWrite(result: { status: number | null; stdout: string
|
||||
assertCondition(data.mutation === false, `${command} frozen payload should be non-mutating`, data);
|
||||
assertCondition(data.degradedReason === "legacy-code-queue-frozen", `${command} should use the legacy frozen reason`, data);
|
||||
const replacement = asRecord(data.replacement, "replacement");
|
||||
assertCondition(String(replacement.queueSubmit || "").includes("agentrun v01 queue submit"), `${command} should point to AgentRun queue submit`, replacement);
|
||||
assertCondition(String(replacement.queueSubmit || "").includes("agentrun queue submit"), `${command} should point to AgentRun queue submit`, replacement);
|
||||
}
|
||||
|
||||
const completePrompt = `
|
||||
|
||||
+176
-94
@@ -23,76 +23,113 @@ const mirrorToolsImage = "127.0.0.1:5000/hwlab/hwlab-ci-node-tools:node22-alpine
|
||||
|
||||
export function agentRunHelp(): unknown {
|
||||
return {
|
||||
command: "agentrun v01 control-plane status|trigger-current|refresh|cleanup-runs|cleanup-released-pvs | git-mirror status|sync|flush | aipod-specs list|show|render|apply|delete | queue submit|list|show|stats|commander|read|cancel|dispatch|refresh | sessions ps|show|turn|steer|cancel|output|trace|read",
|
||||
command: "agentrun control-plane status|trigger-current|refresh|cleanup-runs|cleanup-released-pvs | git-mirror status|sync|flush | aipod-specs list|show|render|apply|delete | queue submit|list|show|stats|commander|read|cancel|dispatch|refresh | runs show|events|result | commands show|result | runner jobs|job-status | sessions ps|show|turn|steer|cancel|output|trace|read",
|
||||
output: "json",
|
||||
usage: [
|
||||
"bun scripts/cli.ts agentrun v01 queue commander --reader-id cli",
|
||||
"bun scripts/cli.ts agentrun v01 queue commander --reader-id cli --limit 20",
|
||||
"bun scripts/cli.ts agentrun v01 aipod-specs list",
|
||||
"bun scripts/cli.ts agentrun v01 aipod-specs show Artificer",
|
||||
"bun scripts/cli.ts agentrun v01 aipod-specs render Artificer --prompt-stdin",
|
||||
"bun scripts/cli.ts agentrun v01 aipod-specs apply --yaml-stdin --dry-run",
|
||||
"bun scripts/cli.ts agentrun v01 queue submit --json-stdin <<'JSON'",
|
||||
"bun scripts/cli.ts agentrun v01 queue submit --json-stdin --dry-run <<'JSON'",
|
||||
"bun scripts/cli.ts agentrun v01 queue submit --aipod Artificer --prompt-stdin --idempotency-key <key>",
|
||||
"bun scripts/cli.ts agentrun v01 queue submit --aipod Artificer --prompt-stdin --dry-run",
|
||||
"bun scripts/cli.ts agentrun v01 queue submit --json-file <task.json> # reusable reviewed file fallback",
|
||||
"bun scripts/cli.ts agentrun v01 queue dispatch <taskId> --json-stdin <<'JSON'",
|
||||
"bun scripts/cli.ts agentrun v01 queue dispatch <taskId> --json-stdin --dry-run <<'JSON'",
|
||||
"bun scripts/cli.ts agentrun v01 queue dispatch <taskId> --json-file <dispatch.json> # reusable reviewed file fallback",
|
||||
"bun scripts/cli.ts agentrun v01 queue cancel <taskId> --reason <text> --dry-run",
|
||||
"bun scripts/cli.ts agentrun v01 sessions trace <sessionId> --after-seq 0 --limit 100",
|
||||
"bun scripts/cli.ts agentrun v01 sessions output <sessionId> --after-seq 0 --limit 100",
|
||||
"bun scripts/cli.ts agentrun v01 sessions turn --aipod Artificer --prompt-stdin",
|
||||
"bun scripts/cli.ts agentrun v01 sessions steer <sessionId> --prompt-stdin",
|
||||
"bun scripts/cli.ts agentrun v01 sessions read <sessionId> --reader-id cli",
|
||||
"bun scripts/cli.ts agentrun v01 control-plane status",
|
||||
"bun scripts/cli.ts agentrun v01 control-plane status --full",
|
||||
"bun scripts/cli.ts agentrun v01 control-plane status --pipeline-run agentrun-v01-ci-<short-sha>",
|
||||
"bun scripts/cli.ts agentrun v01 control-plane status --source-commit <full-sha>",
|
||||
"bun scripts/cli.ts agentrun v01 control-plane trigger-current --dry-run",
|
||||
"bun scripts/cli.ts agentrun v01 control-plane trigger-current --confirm",
|
||||
"bun scripts/cli.ts agentrun v01 control-plane refresh --dry-run",
|
||||
"bun scripts/cli.ts agentrun v01 control-plane refresh --confirm",
|
||||
"bun scripts/cli.ts agentrun v01 control-plane cleanup-runs --min-age-minutes 30 --limit 200 --dry-run",
|
||||
"bun scripts/cli.ts agentrun v01 control-plane cleanup-runs --min-age-minutes 30 --limit 200 --confirm",
|
||||
"bun scripts/cli.ts agentrun v01 control-plane cleanup-released-pvs --limit 200 --dry-run",
|
||||
"bun scripts/cli.ts agentrun v01 control-plane cleanup-released-pvs --limit 200 --confirm",
|
||||
"bun scripts/cli.ts agentrun v01 git-mirror status",
|
||||
"bun scripts/cli.ts agentrun v01 git-mirror status --full",
|
||||
"bun scripts/cli.ts agentrun v01 git-mirror sync --confirm",
|
||||
"bun scripts/cli.ts agentrun v01 git-mirror flush --confirm",
|
||||
"bun scripts/cli.ts agentrun queue commander --reader-id cli",
|
||||
"bun scripts/cli.ts agentrun queue commander --reader-id cli --limit 20",
|
||||
"bun scripts/cli.ts agentrun queue commander --reader-id cli --full",
|
||||
"bun scripts/cli.ts agentrun queue commander --reader-id cli --raw",
|
||||
"bun scripts/cli.ts agentrun aipod-specs list",
|
||||
"bun scripts/cli.ts agentrun aipod-specs show Artificer",
|
||||
"bun scripts/cli.ts agentrun aipod-specs render Artificer --prompt-stdin",
|
||||
"bun scripts/cli.ts agentrun aipod-specs apply --yaml-stdin --dry-run",
|
||||
"bun scripts/cli.ts agentrun queue submit --json-stdin <<'JSON'",
|
||||
"bun scripts/cli.ts agentrun queue submit --json-stdin --dry-run <<'JSON'",
|
||||
"bun scripts/cli.ts agentrun queue submit --aipod Artificer --prompt-stdin --idempotency-key <key>",
|
||||
"bun scripts/cli.ts agentrun queue submit --aipod Artificer --prompt-stdin --dry-run",
|
||||
"bun scripts/cli.ts agentrun queue submit --json-file <task.json> # reusable reviewed file fallback",
|
||||
"bun scripts/cli.ts agentrun queue show <taskId>",
|
||||
"bun scripts/cli.ts agentrun queue show <taskId> --full",
|
||||
"bun scripts/cli.ts agentrun queue show <taskId> --raw",
|
||||
"bun scripts/cli.ts agentrun queue dispatch <taskId> --json-stdin <<'JSON'",
|
||||
"bun scripts/cli.ts agentrun queue dispatch <taskId> --json-stdin --dry-run <<'JSON'",
|
||||
"bun scripts/cli.ts agentrun queue dispatch <taskId> --json-file <dispatch.json> # reusable reviewed file fallback",
|
||||
"bun scripts/cli.ts agentrun queue cancel <taskId> --reason <text> --dry-run",
|
||||
"bun scripts/cli.ts agentrun runs show <runId>",
|
||||
"bun scripts/cli.ts agentrun runs show <runId> --full",
|
||||
"bun scripts/cli.ts agentrun runs result <runId> --command-id <commandId>",
|
||||
"bun scripts/cli.ts agentrun runs events <runId> --after-seq 0 --limit 100 --tail-summary",
|
||||
"bun scripts/cli.ts agentrun commands show <commandId> --run-id <runId>",
|
||||
"bun scripts/cli.ts agentrun commands show <commandId> --run-id <runId> --full",
|
||||
"bun scripts/cli.ts agentrun commands result <commandId> --run-id <runId>",
|
||||
"bun scripts/cli.ts agentrun runner jobs --run-id <runId> --command-id <commandId>",
|
||||
"bun scripts/cli.ts agentrun runner job-status <runnerJobId> --run-id <runId>",
|
||||
"bun scripts/cli.ts agentrun sessions trace <sessionId> --after-seq 0 --limit 100",
|
||||
"bun scripts/cli.ts agentrun sessions output <sessionId> --after-seq 0 --limit 100",
|
||||
"bun scripts/cli.ts agentrun sessions turn --aipod Artificer --prompt-stdin",
|
||||
"bun scripts/cli.ts agentrun sessions steer <sessionId> --prompt-stdin",
|
||||
"bun scripts/cli.ts agentrun sessions read <sessionId> --reader-id cli",
|
||||
"bun scripts/cli.ts agentrun control-plane status",
|
||||
"bun scripts/cli.ts agentrun control-plane status --full",
|
||||
"bun scripts/cli.ts agentrun control-plane status --pipeline-run agentrun-v01-ci-<short-sha>",
|
||||
"bun scripts/cli.ts agentrun control-plane status --source-commit <full-sha>",
|
||||
"bun scripts/cli.ts agentrun control-plane trigger-current --dry-run",
|
||||
"bun scripts/cli.ts agentrun control-plane trigger-current --confirm",
|
||||
"bun scripts/cli.ts agentrun control-plane refresh --dry-run",
|
||||
"bun scripts/cli.ts agentrun control-plane refresh --confirm",
|
||||
"bun scripts/cli.ts agentrun control-plane cleanup-runs --min-age-minutes 30 --limit 200 --dry-run",
|
||||
"bun scripts/cli.ts agentrun control-plane cleanup-runs --min-age-minutes 30 --limit 200 --confirm",
|
||||
"bun scripts/cli.ts agentrun control-plane cleanup-released-pvs --limit 200 --dry-run",
|
||||
"bun scripts/cli.ts agentrun control-plane cleanup-released-pvs --limit 200 --confirm",
|
||||
"bun scripts/cli.ts agentrun git-mirror status",
|
||||
"bun scripts/cli.ts agentrun git-mirror status --full",
|
||||
"bun scripts/cli.ts agentrun git-mirror sync --confirm",
|
||||
"bun scripts/cli.ts agentrun git-mirror flush --confirm",
|
||||
],
|
||||
description: "Operate AgentRun v0.1 Queue, Sessions, and AipodSpec through the official G14 /root/agentrun-v01 CLI, plus bounded Tekton/Argo control-plane and devops-infra git mirror actions through UniDesk routes. Queue/session/aipod-spec commands are direct AgentRun CLI calls, not a UniDesk Code Queue adapter or double-write path.",
|
||||
description: "Operate AgentRun v0.1 Queue, Sessions, Runs, Commands, Runner job status, and AipodSpec through the official G14 /root/agentrun-v01 CLI, plus bounded Tekton/Argo control-plane and devops-infra git mirror actions through UniDesk routes. Queue/session/aipod-spec/run/command/runner-read commands are direct AgentRun CLI calls, not a UniDesk Code Queue adapter or double-write path.",
|
||||
};
|
||||
}
|
||||
|
||||
export async function runAgentRunCommand(config: UniDeskConfig, args: string[]): Promise<Record<string, unknown>> {
|
||||
const [lane, group, action] = args;
|
||||
if (lane !== "v01") return unsupported(args);
|
||||
const route = normalizeAgentRunCommandArgs(args);
|
||||
const { group, action, actionArgs } = route;
|
||||
if (group === "control-plane") {
|
||||
if (action === "status") return await status(config, parseStatusOptions(args.slice(3)));
|
||||
if (action === "trigger-current") return await triggerCurrent(config, parseTriggerOptions(args.slice(3)));
|
||||
if (action === "refresh") return await refresh(config, parseConfirmOptions(args.slice(3)));
|
||||
if (action === "cleanup-runs") return await cleanupRuns(config, parseCleanupRunsOptions(args.slice(3)));
|
||||
if (action === "cleanup-released-pvs") return await cleanupReleasedPvs(config, parseCleanupReleasedPvOptions(args.slice(3)));
|
||||
if (action === "status") return await status(config, parseStatusOptions(actionArgs));
|
||||
if (action === "trigger-current") return await triggerCurrent(config, parseTriggerOptions(actionArgs));
|
||||
if (action === "refresh") return await refresh(config, parseConfirmOptions(actionArgs));
|
||||
if (action === "cleanup-runs") return await cleanupRuns(config, parseCleanupRunsOptions(actionArgs));
|
||||
if (action === "cleanup-released-pvs") return await cleanupReleasedPvs(config, parseCleanupReleasedPvOptions(actionArgs));
|
||||
}
|
||||
if (group === "git-mirror") {
|
||||
if (action === "status") return await gitMirrorStatus(config, parseDisclosureOptions(args.slice(3)));
|
||||
if (action === "status") return await gitMirrorStatus(config, parseDisclosureOptions(actionArgs));
|
||||
if (action === "sync" || action === "flush") {
|
||||
const options = parseGitMirrorOptions(args.slice(3));
|
||||
if (options.confirm && !options.wait) return startAsyncAgentRunJob(`agentrun_v01_git_mirror_${action}`, ["bun", "scripts/cli.ts", "agentrun", "v01", "git-mirror", action, "--confirm", "--wait", "--timeout-seconds", String(options.timeoutSeconds)], `Run AgentRun v0.1 git mirror ${action} on G14`);
|
||||
const options = parseGitMirrorOptions(actionArgs);
|
||||
if (options.confirm && !options.wait) return startAsyncAgentRunJob(`agentrun_v01_git_mirror_${action}`, ["bun", "scripts/cli.ts", "agentrun", "git-mirror", action, "--confirm", "--wait", "--timeout-seconds", String(options.timeoutSeconds)], `Run AgentRun v0.1 git mirror ${action} on G14`);
|
||||
return await runGitMirrorJob(config, action, options);
|
||||
}
|
||||
}
|
||||
if (isOfficialAgentRunCliBridgeGroup(group)) {
|
||||
return await runOfficialAgentRunCli(config, group, args.slice(2));
|
||||
if (group === "runner" && (action === "jobs" || action === "job-status")) {
|
||||
return await runOfficialAgentRunCli(config, group, route.forwardArgs);
|
||||
}
|
||||
return unsupported(args);
|
||||
if (isOfficialAgentRunCliBridgeGroup(group)) {
|
||||
return await runOfficialAgentRunCli(config, group, route.forwardArgs);
|
||||
}
|
||||
return unsupported(route.canonicalArgs);
|
||||
}
|
||||
|
||||
function isOfficialAgentRunCliBridgeGroup(group: string | undefined): group is AgentRunOfficialCliBridgeGroup {
|
||||
return group === "queue" || group === "sessions" || group === "aipod-specs" || group === "aipods";
|
||||
return group === "queue" || group === "sessions" || group === "aipod-specs" || group === "aipods" || group === "runs" || group === "commands";
|
||||
}
|
||||
|
||||
interface AgentRunCommandRoute {
|
||||
canonicalArgs: string[];
|
||||
group: string | undefined;
|
||||
action: string | undefined;
|
||||
actionArgs: string[];
|
||||
forwardArgs: string[];
|
||||
}
|
||||
|
||||
function normalizeAgentRunCommandArgs(args: string[]): AgentRunCommandRoute {
|
||||
const canonicalArgs = args[0] === "v01" ? args.slice(1) : args;
|
||||
const [group, action, ...actionArgs] = canonicalArgs;
|
||||
return {
|
||||
canonicalArgs,
|
||||
group,
|
||||
action,
|
||||
actionArgs,
|
||||
forwardArgs: canonicalArgs.slice(1),
|
||||
};
|
||||
}
|
||||
|
||||
interface TriggerOptions {
|
||||
@@ -189,6 +226,7 @@ function parseStatusOptions(args: string[]): StatusOptions {
|
||||
};
|
||||
}
|
||||
|
||||
|
||||
function parseTriggerOptions(args: string[]): TriggerOptions {
|
||||
return parseConfirmOptions(args);
|
||||
}
|
||||
@@ -360,7 +398,7 @@ async function status(config: UniDeskConfig, options: StatusOptions): Promise<Re
|
||||
};
|
||||
return {
|
||||
ok: source.exitCode === 0 && k3s.exitCode === 0 && mirror.ok === true,
|
||||
command: "agentrun v01 control-plane status",
|
||||
command: "agentrun control-plane status",
|
||||
lane: "v0.1",
|
||||
summary,
|
||||
target,
|
||||
@@ -397,16 +435,16 @@ async function status(config: UniDeskConfig, options: StatusOptions): Promise<Re
|
||||
raw: options.raw,
|
||||
stdoutTailOmitted: !(options.full || options.raw),
|
||||
rawGitMirrorOmitted: !options.raw,
|
||||
expandWith: `bun scripts/cli.ts agentrun v01 control-plane status${statusTargetArg(options, target)} --full`,
|
||||
rawWith: `bun scripts/cli.ts agentrun v01 control-plane status${statusTargetArg(options, target)} --raw`,
|
||||
expandWith: `bun scripts/cli.ts agentrun control-plane status${statusTargetArg(options, target)} --full`,
|
||||
rawWith: `bun scripts/cli.ts agentrun control-plane status${statusTargetArg(options, target)} --raw`,
|
||||
},
|
||||
next: {
|
||||
statusByPipelineRun: pipelineRun ? `bun scripts/cli.ts agentrun v01 control-plane status --pipeline-run ${pipelineRun} --full` : null,
|
||||
statusBySourceCommit: sourceCommit ? `bun scripts/cli.ts agentrun v01 control-plane status --source-commit ${sourceCommit} --full` : null,
|
||||
statusByPipelineRun: pipelineRun ? `bun scripts/cli.ts agentrun control-plane status --pipeline-run ${pipelineRun} --full` : null,
|
||||
statusBySourceCommit: sourceCommit ? `bun scripts/cli.ts agentrun control-plane status --source-commit ${sourceCommit} --full` : null,
|
||||
taskRuns: pipelineRun ? `trans G14:k3s kubectl get taskrun -n ${ciNamespace} -l tekton.dev/pipelineRun=${pipelineRun} -o wide` : null,
|
||||
logs: pipelineRun ? `trans G14:k3s logs -n ${ciNamespace} -l tekton.dev/pipelineRun=${pipelineRun} --tail 120` : null,
|
||||
triggerCurrent: "bun scripts/cli.ts agentrun v01 control-plane trigger-current --confirm",
|
||||
refresh: "bun scripts/cli.ts agentrun v01 control-plane refresh --confirm",
|
||||
triggerCurrent: "bun scripts/cli.ts agentrun control-plane trigger-current --confirm",
|
||||
refresh: "bun scripts/cli.ts agentrun control-plane refresh --confirm",
|
||||
},
|
||||
};
|
||||
}
|
||||
@@ -446,7 +484,7 @@ async function triggerCurrent(config: UniDeskConfig, options: TriggerOptions): P
|
||||
const sourceCommit = matchLine(source.stdout, "sourceCommit=");
|
||||
const pipelineRun = sourceCommit ? pipelineRunName(sourceCommit) : null;
|
||||
if (source.exitCode !== 0 || !sourceCommit || !isGitSha(sourceCommit) || !pipelineRun) {
|
||||
return { ok: false, command: "agentrun v01 control-plane trigger-current", degradedReason: "source-head-unresolved", source: compactCapture(source) };
|
||||
return { ok: false, command: "agentrun control-plane trigger-current", degradedReason: "source-head-unresolved", source: compactCapture(source) };
|
||||
}
|
||||
const plan = {
|
||||
lane: "v0.1",
|
||||
@@ -466,7 +504,7 @@ async function triggerCurrent(config: UniDeskConfig, options: TriggerOptions): P
|
||||
if (options.dryRun || !options.confirm) {
|
||||
return {
|
||||
ok: true,
|
||||
command: "agentrun v01 control-plane trigger-current",
|
||||
command: "agentrun control-plane trigger-current",
|
||||
dryRun: true,
|
||||
plan,
|
||||
gitMirrorPreSync: {
|
||||
@@ -474,7 +512,7 @@ async function triggerCurrent(config: UniDeskConfig, options: TriggerOptions): P
|
||||
reason: mirrorRequirement.reason,
|
||||
before: mirrorBefore.summary,
|
||||
},
|
||||
next: { confirm: "bun scripts/cli.ts agentrun v01 control-plane trigger-current --confirm" },
|
||||
next: { confirm: "bun scripts/cli.ts agentrun control-plane trigger-current --confirm" },
|
||||
};
|
||||
}
|
||||
let gitMirrorPreSync: Record<string, unknown> = {
|
||||
@@ -490,7 +528,7 @@ async function triggerCurrent(config: UniDeskConfig, options: TriggerOptions): P
|
||||
if (synced.ok !== true || afterRequirement.required !== false) {
|
||||
return {
|
||||
ok: false,
|
||||
command: "agentrun v01 control-plane trigger-current",
|
||||
command: "agentrun control-plane trigger-current",
|
||||
dryRun: false,
|
||||
degradedReason: "git-mirror-local-v01-not-current-after-sync",
|
||||
plan,
|
||||
@@ -501,13 +539,13 @@ async function triggerCurrent(config: UniDeskConfig, options: TriggerOptions): P
|
||||
const created = await capture(config, g14K3sRoute, ["script", "--", triggerScript(sourceCommit, pipelineRun)]);
|
||||
return {
|
||||
ok: created.exitCode === 0,
|
||||
command: "agentrun v01 control-plane trigger-current",
|
||||
command: "agentrun control-plane trigger-current",
|
||||
dryRun: false,
|
||||
plan,
|
||||
gitMirrorPreSync,
|
||||
created: compactCapture(created),
|
||||
next: {
|
||||
status: "bun scripts/cli.ts agentrun v01 control-plane status",
|
||||
status: "bun scripts/cli.ts agentrun control-plane status",
|
||||
logs: `trans G14:k3s logs -n ${ciNamespace} -l tekton.dev/pipelineRun=${pipelineRun} --tail 120`,
|
||||
},
|
||||
};
|
||||
@@ -530,21 +568,21 @@ async function refresh(config: UniDeskConfig, options: ConfirmOptions): Promise<
|
||||
if (options.dryRun || !options.confirm) {
|
||||
return {
|
||||
ok: true,
|
||||
command: "agentrun v01 control-plane refresh",
|
||||
command: "agentrun control-plane refresh",
|
||||
dryRun: true,
|
||||
plan,
|
||||
next: { confirm: "bun scripts/cli.ts agentrun v01 control-plane refresh --confirm" },
|
||||
next: { confirm: "bun scripts/cli.ts agentrun control-plane refresh --confirm" },
|
||||
};
|
||||
}
|
||||
const refreshed = await capture(config, g14K3sRoute, ["script", "--", refreshScript()]);
|
||||
return {
|
||||
ok: source.exitCode === 0 && refreshed.exitCode === 0,
|
||||
command: "agentrun v01 control-plane refresh",
|
||||
command: "agentrun control-plane refresh",
|
||||
dryRun: false,
|
||||
plan,
|
||||
source: compactCapture(source),
|
||||
refreshed: compactCapture(refreshed),
|
||||
next: { status: "bun scripts/cli.ts agentrun v01 control-plane status" },
|
||||
next: { status: "bun scripts/cli.ts agentrun control-plane status" },
|
||||
};
|
||||
}
|
||||
|
||||
@@ -555,7 +593,7 @@ async function cleanupRuns(config: UniDeskConfig, options: CleanupRunsOptions):
|
||||
const base = {
|
||||
...payload,
|
||||
ok,
|
||||
command: "agentrun v01 control-plane cleanup-runs",
|
||||
command: "agentrun control-plane cleanup-runs",
|
||||
mode: options.dryRun || !options.confirm ? "dry-run" : "confirmed-cleanup",
|
||||
namespace: ciNamespace,
|
||||
minAgeMinutes: options.minAgeMinutes,
|
||||
@@ -568,7 +606,7 @@ async function cleanupRuns(config: UniDeskConfig, options: CleanupRunsOptions):
|
||||
dryRun: true,
|
||||
mutation: false,
|
||||
next: {
|
||||
confirm: `bun scripts/cli.ts agentrun v01 control-plane cleanup-runs --min-age-minutes ${options.minAgeMinutes} --limit ${options.limit} --confirm`,
|
||||
confirm: `bun scripts/cli.ts agentrun control-plane cleanup-runs --min-age-minutes ${options.minAgeMinutes} --limit ${options.limit} --confirm`,
|
||||
},
|
||||
};
|
||||
}
|
||||
@@ -577,8 +615,8 @@ async function cleanupRuns(config: UniDeskConfig, options: CleanupRunsOptions):
|
||||
dryRun: false,
|
||||
mutation: true,
|
||||
followUp: {
|
||||
status: "bun scripts/cli.ts agentrun v01 control-plane status",
|
||||
releasedPvs: `bun scripts/cli.ts agentrun v01 control-plane cleanup-released-pvs --limit ${options.limit} --dry-run`,
|
||||
status: "bun scripts/cli.ts agentrun control-plane status",
|
||||
releasedPvs: `bun scripts/cli.ts agentrun control-plane cleanup-released-pvs --limit ${options.limit} --dry-run`,
|
||||
diskPressure: "trans G14:k3s kubectl get node ubuntu-rog-zephyrus-g14-ga401iv-ga401iv -o jsonpath='{range .status.conditions[*]}{.type}{\"=\"}{.status}{\" \"}{.reason}{\"\\n\"}{end}'",
|
||||
},
|
||||
};
|
||||
@@ -591,7 +629,7 @@ async function cleanupReleasedPvs(config: UniDeskConfig, options: CleanupRelease
|
||||
const base = {
|
||||
...payload,
|
||||
ok,
|
||||
command: "agentrun v01 control-plane cleanup-released-pvs",
|
||||
command: "agentrun control-plane cleanup-released-pvs",
|
||||
mode: options.dryRun || !options.confirm ? "dry-run" : "confirmed-cleanup",
|
||||
namespace: ciNamespace,
|
||||
limit: options.limit,
|
||||
@@ -603,7 +641,7 @@ async function cleanupReleasedPvs(config: UniDeskConfig, options: CleanupRelease
|
||||
dryRun: true,
|
||||
mutation: false,
|
||||
next: {
|
||||
confirm: `bun scripts/cli.ts agentrun v01 control-plane cleanup-released-pvs --limit ${options.limit} --confirm`,
|
||||
confirm: `bun scripts/cli.ts agentrun control-plane cleanup-released-pvs --limit ${options.limit} --confirm`,
|
||||
},
|
||||
};
|
||||
}
|
||||
@@ -612,7 +650,7 @@ async function cleanupReleasedPvs(config: UniDeskConfig, options: CleanupRelease
|
||||
dryRun: false,
|
||||
mutation: true,
|
||||
followUp: {
|
||||
cleanupRuns: `bun scripts/cli.ts agentrun v01 control-plane cleanup-runs --min-age-minutes 30 --limit ${options.limit} --dry-run`,
|
||||
cleanupRuns: `bun scripts/cli.ts agentrun control-plane cleanup-runs --min-age-minutes 30 --limit ${options.limit} --dry-run`,
|
||||
diskPressure: "trans G14:k3s kubectl get node ubuntu-rog-zephyrus-g14-ga401iv-ga401iv -o jsonpath='{range .status.conditions[*]}{.type}{\"=\"}{.status}{\" \"}{.reason}{\"\\n\"}{end}'",
|
||||
},
|
||||
};
|
||||
@@ -1167,7 +1205,7 @@ async function gitMirrorStatus(config: UniDeskConfig, options: DisclosureOptions
|
||||
const summary = observation.summary;
|
||||
return {
|
||||
ok: observation.ok,
|
||||
command: "agentrun v01 git-mirror status",
|
||||
command: "agentrun git-mirror status",
|
||||
namespace: gitMirrorNamespace,
|
||||
readUrl: gitMirrorReadUrl,
|
||||
writeUrl: gitMirrorWriteUrl,
|
||||
@@ -1180,12 +1218,12 @@ async function gitMirrorStatus(config: UniDeskConfig, options: DisclosureOptions
|
||||
raw: options.raw,
|
||||
rawOmitted: !options.raw,
|
||||
probeTailOmitted: !(options.full || options.raw),
|
||||
expandWith: "bun scripts/cli.ts agentrun v01 git-mirror status --full",
|
||||
rawWith: "bun scripts/cli.ts agentrun v01 git-mirror status --raw",
|
||||
expandWith: "bun scripts/cli.ts agentrun git-mirror status --full",
|
||||
rawWith: "bun scripts/cli.ts agentrun git-mirror status --raw",
|
||||
},
|
||||
next: {
|
||||
sync: "bun scripts/cli.ts agentrun v01 git-mirror sync --confirm",
|
||||
flush: summary.pendingFlush === true ? "bun scripts/cli.ts agentrun v01 git-mirror flush --confirm" : null,
|
||||
sync: "bun scripts/cli.ts agentrun git-mirror sync --confirm",
|
||||
flush: summary.pendingFlush === true ? "bun scripts/cli.ts agentrun git-mirror flush --confirm" : null,
|
||||
},
|
||||
};
|
||||
}
|
||||
@@ -1218,7 +1256,7 @@ async function runGitMirrorJob(config: UniDeskConfig, action: "sync" | "flush",
|
||||
const jobName = `${action === "sync" ? gitMirrorSyncJobPrefix : gitMirrorFlushJobPrefix}-${Date.now().toString(36)}`.slice(0, 63);
|
||||
const manifest = gitMirrorJobManifest(action, jobName);
|
||||
const manifestB64 = Buffer.from(JSON.stringify(manifest), "utf8").toString("base64");
|
||||
const command = `agentrun v01 git-mirror ${action}`;
|
||||
const command = `agentrun git-mirror ${action}`;
|
||||
if (options.dryRun || !options.confirm) {
|
||||
return {
|
||||
ok: true,
|
||||
@@ -1243,8 +1281,8 @@ async function runGitMirrorJob(config: UniDeskConfig, action: "sync" | "flush",
|
||||
result: compactCapture(created),
|
||||
status,
|
||||
next: {
|
||||
status: "bun scripts/cli.ts agentrun v01 git-mirror status",
|
||||
wait: `bun scripts/cli.ts agentrun v01 git-mirror ${action} --confirm --wait`,
|
||||
status: "bun scripts/cli.ts agentrun git-mirror status",
|
||||
wait: `bun scripts/cli.ts agentrun git-mirror ${action} --confirm --wait`,
|
||||
},
|
||||
};
|
||||
}
|
||||
@@ -1261,8 +1299,8 @@ async function runGitMirrorJob(config: UniDeskConfig, action: "sync" | "flush",
|
||||
wait,
|
||||
status,
|
||||
next: {
|
||||
status: "bun scripts/cli.ts agentrun v01 git-mirror status",
|
||||
flush: action === "sync" && status.summary && record(status.summary).pendingFlush === true ? "bun scripts/cli.ts agentrun v01 git-mirror flush --confirm" : null,
|
||||
status: "bun scripts/cli.ts agentrun git-mirror status",
|
||||
flush: action === "sync" && status.summary && record(status.summary).pendingFlush === true ? "bun scripts/cli.ts agentrun git-mirror flush --confirm" : null,
|
||||
},
|
||||
};
|
||||
}
|
||||
@@ -1511,7 +1549,7 @@ function gitMirrorStatusSummary(raw: string): Record<string, unknown> {
|
||||
gitopsInSync: Boolean(localGitops && githubGitops && localGitops === githubGitops),
|
||||
githubInSync: Boolean(localV01 && githubV01 && localV01 === githubV01 && (!localGitops || localGitops === githubGitops)),
|
||||
flushNeeded: pendingFlush === true,
|
||||
flushCommand: pendingFlush === true ? "bun scripts/cli.ts agentrun v01 git-mirror flush --confirm" : null,
|
||||
flushCommand: pendingFlush === true ? "bun scripts/cli.ts agentrun git-mirror flush --confirm" : null,
|
||||
exactFetch: record(refs).exactFetch ?? null,
|
||||
lastSync,
|
||||
lastFlush,
|
||||
@@ -1565,18 +1603,18 @@ interface PreparedAgentRunCliArgs {
|
||||
stdinPayload: AgentRunCliForwardedStdin | null;
|
||||
}
|
||||
|
||||
type AgentRunOfficialCliBridgeGroup = "queue" | "sessions" | "aipod-specs" | "aipods";
|
||||
type AgentRunOfficialCliBridgeGroup = "queue" | "sessions" | "aipod-specs" | "aipods" | "runs" | "commands" | "runner";
|
||||
|
||||
async function runOfficialAgentRunCli(config: UniDeskConfig, group: AgentRunOfficialCliBridgeGroup, args: string[]): Promise<Record<string, unknown>> {
|
||||
const prepared = prepareOfficialAgentRunCliArgs([group, ...args]);
|
||||
const command = `agentrun v01 ${prepared.args.join(" ")}`.trim();
|
||||
const command = `agentrun ${prepared.args.join(" ")}`.trim();
|
||||
const bridge = agentRunQueueBridgeMetadata(prepared.materializedFiles, prepared.stdinPayload);
|
||||
const script = officialAgentRunCliScript(prepared);
|
||||
const result = await capture(config, g14SourceRoute, ["script", "--", script]);
|
||||
const payload = captureJsonPayload(result);
|
||||
if (result.exitCode === 0 && Object.keys(payload).length > 0) {
|
||||
return {
|
||||
...payload,
|
||||
...rewriteOfficialAgentRunCliDrillDown(payload),
|
||||
command,
|
||||
bridge,
|
||||
};
|
||||
@@ -1600,6 +1638,50 @@ async function runOfficialAgentRunCli(config: UniDeskConfig, group: AgentRunOffi
|
||||
};
|
||||
}
|
||||
|
||||
function rewriteOfficialAgentRunCliDrillDown(value: Record<string, unknown>): Record<string, unknown> {
|
||||
return rewriteRecordCommands(value);
|
||||
}
|
||||
|
||||
function rewriteRecordCommands(value: unknown): Record<string, unknown> {
|
||||
return record(rewriteOfficialCommandValue(value));
|
||||
}
|
||||
|
||||
function rewriteOfficialCommandValue(value: unknown): unknown {
|
||||
if (Array.isArray(value)) return value.map((item) => rewriteOfficialCommandValue(item));
|
||||
if (typeof value !== "object" || value === null) return value;
|
||||
const rewritten: Record<string, unknown> = {};
|
||||
for (const [key, item] of Object.entries(value)) {
|
||||
rewritten[key] = shouldRewriteOfficialCommandField(key) ? rewriteOfficialCommandFieldValue(item) : rewriteOfficialCommandValue(item);
|
||||
}
|
||||
return rewritten;
|
||||
}
|
||||
|
||||
function rewriteOfficialCommandFieldValue(value: unknown): unknown {
|
||||
if (typeof value === "string") return rewriteOfficialCommandString(value);
|
||||
if (Array.isArray(value)) return value.map((item) => rewriteOfficialCommandFieldValue(item));
|
||||
if (typeof value !== "object" || value === null) return value;
|
||||
const rewritten: Record<string, unknown> = {};
|
||||
for (const [key, item] of Object.entries(value)) {
|
||||
rewritten[key] = rewriteOfficialCommandFieldValue(item);
|
||||
}
|
||||
return rewritten;
|
||||
}
|
||||
|
||||
function shouldRewriteOfficialCommandField(key: string): boolean {
|
||||
return key === "pollCommands" || key === "drillDownCommands" || key === "recoveryActions" || key === "logPath";
|
||||
}
|
||||
|
||||
function rewriteOfficialCommandString(value: string): string {
|
||||
const trimmed = value.trim();
|
||||
if (trimmed.startsWith("./scripts/agentrun ")) {
|
||||
return `bun scripts/cli.ts agentrun ${trimmed.slice("./scripts/agentrun ".length)}`;
|
||||
}
|
||||
if (trimmed.startsWith("kubectl ") || trimmed.includes(" kubectl ")) {
|
||||
return "Use bun scripts/cli.ts agentrun runner jobs --run-id <runId> --command-id <commandId> or runner job-status <runnerJobId> --run-id <runId>; direct kubectl is intentionally hidden behind the AgentRun CLI bridge.";
|
||||
}
|
||||
return value;
|
||||
}
|
||||
|
||||
function prepareOfficialAgentRunCliArgs(args: string[]): PreparedAgentRunCliArgs {
|
||||
const fileFlags = new Set(["--json-file", "--prompt-file", "--runner-json-file"]);
|
||||
const remoteTmpDir = `/tmp/unidesk-agentrun-cli-${Date.now()}-${process.pid}-${Math.random().toString(36).slice(2)}`;
|
||||
@@ -1871,9 +1953,9 @@ function buildAgentRunTargetValidation(input: {
|
||||
warnings,
|
||||
interruptedOrUnknown: state === "pipeline-status-unknown" || state === "missing-pipelinerun",
|
||||
nextActions: {
|
||||
inspectPipelineRun: input.pipelineRun ? `bun scripts/cli.ts agentrun v01 control-plane status --pipeline-run ${input.pipelineRun} --full` : null,
|
||||
inspectSourceCommit: input.sourceCommit ? `bun scripts/cli.ts agentrun v01 control-plane status --source-commit ${input.sourceCommit} --full` : null,
|
||||
triggerCurrent: "bun scripts/cli.ts agentrun v01 control-plane trigger-current --confirm",
|
||||
inspectPipelineRun: input.pipelineRun ? `bun scripts/cli.ts agentrun control-plane status --pipeline-run ${input.pipelineRun} --full` : null,
|
||||
inspectSourceCommit: input.sourceCommit ? `bun scripts/cli.ts agentrun control-plane status --source-commit ${input.sourceCommit} --full` : null,
|
||||
triggerCurrent: "bun scripts/cli.ts agentrun control-plane trigger-current --confirm",
|
||||
},
|
||||
};
|
||||
}
|
||||
@@ -1966,6 +2048,6 @@ function unsupported(args: string[]): Record<string, unknown> {
|
||||
ok: false,
|
||||
command: `agentrun ${args.join(" ")}`.trim(),
|
||||
degradedReason: "unsupported-command",
|
||||
message: "supported commands: agentrun v01 aipod-specs list|show|render|apply|delete; agentrun v01 queue submit|list|show|stats|commander|read|cancel|dispatch|refresh; agentrun v01 sessions ps|show|turn|steer|cancel|output|trace|read; agentrun v01 control-plane status|trigger-current|refresh; agentrun v01 git-mirror status|sync|flush",
|
||||
message: "supported commands: agentrun aipod-specs list|show|render|apply|delete; agentrun queue submit|list|show|stats|commander|read|cancel|dispatch|refresh; agentrun runs show|events|result; agentrun commands show|result; agentrun runner jobs|job-status; agentrun sessions ps|show|turn|steer|cancel|output|trace|read; agentrun control-plane status|trigger-current|refresh; agentrun git-mirror status|sync|flush",
|
||||
};
|
||||
}
|
||||
|
||||
@@ -65,14 +65,14 @@ const maxSteerRetryDelayMs = 5_000;
|
||||
const codexTaskStatuses = ["queued", "running", "judging", "retry_wait", "succeeded", "failed", "canceled"] as const;
|
||||
const codexTerminalTaskStatuses = ["succeeded", "failed", "canceled"] as const;
|
||||
const agentRunQueueReplacementCommands = {
|
||||
queueCommander: "bun scripts/cli.ts agentrun v01 queue commander --reader-id cli",
|
||||
queueSubmit: "bun scripts/cli.ts agentrun v01 queue submit --json-stdin <<'JSON'",
|
||||
queueDispatch: "bun scripts/cli.ts agentrun v01 queue dispatch <taskId> --json-stdin <<'JSON'",
|
||||
sessionsTrace: "bun scripts/cli.ts agentrun v01 sessions trace <sessionId> --after-seq 0 --limit 100",
|
||||
sessionsOutput: "bun scripts/cli.ts agentrun v01 sessions output <sessionId> --after-seq 0 --limit 100",
|
||||
sessionsSteer: "bun scripts/cli.ts agentrun v01 sessions steer <sessionId> --prompt-stdin <<'EOF'",
|
||||
sessionsRead: "bun scripts/cli.ts agentrun v01 sessions read <sessionId> --reader-id cli",
|
||||
queueCancel: "bun scripts/cli.ts agentrun v01 queue cancel <taskId> --reason <text>",
|
||||
queueCommander: "bun scripts/cli.ts agentrun queue commander --reader-id cli",
|
||||
queueSubmit: "bun scripts/cli.ts agentrun queue submit --json-stdin <<'JSON'",
|
||||
queueDispatch: "bun scripts/cli.ts agentrun queue dispatch <taskId> --json-stdin <<'JSON'",
|
||||
sessionsTrace: "bun scripts/cli.ts agentrun sessions trace <sessionId> --after-seq 0 --limit 100",
|
||||
sessionsOutput: "bun scripts/cli.ts agentrun sessions output <sessionId> --after-seq 0 --limit 100",
|
||||
sessionsSteer: "bun scripts/cli.ts agentrun sessions steer <sessionId> --prompt-stdin <<'EOF'",
|
||||
sessionsRead: "bun scripts/cli.ts agentrun sessions read <sessionId> --reader-id cli",
|
||||
queueCancel: "bun scripts/cli.ts agentrun queue cancel <taskId> --reason <text>",
|
||||
};
|
||||
const codexTaskStatusAliases: Record<string, string> = {
|
||||
completed: "succeeded",
|
||||
|
||||
@@ -707,8 +707,8 @@ def ci_storage_snapshot():
|
||||
"releasedPvs": "bun scripts/cli.ts hwlab g14 control-plane cleanup-released-pvs --lane all --limit 200 --dry-run",
|
||||
},
|
||||
"agentrun": {
|
||||
"dryRun": "bun scripts/cli.ts agentrun v01 control-plane cleanup-runs --min-age-minutes 30 --limit 200 --dry-run",
|
||||
"releasedPvs": "bun scripts/cli.ts agentrun v01 control-plane cleanup-released-pvs --limit 200 --dry-run",
|
||||
"dryRun": "bun scripts/cli.ts agentrun control-plane cleanup-runs --min-age-minutes 30 --limit 200 --dry-run",
|
||||
"releasedPvs": "bun scripts/cli.ts agentrun control-plane cleanup-released-pvs --limit 200 --dry-run",
|
||||
},
|
||||
},
|
||||
}
|
||||
@@ -922,7 +922,7 @@ def collect_growth_snapshot(observed_at, preflight):
|
||||
"trend": "bun scripts/cli.ts gc remote %s trend --history-limit %s" % (PROVIDER_ID, int(OPTIONS.get("historyLimit") or 12)),
|
||||
"registryPlan": "bun scripts/cli.ts gc remote %s plan --target-use-percent 70 --include-hwlab-registry --limit 50" % PROVIDER_ID,
|
||||
"hwlabCiRetention": "bun scripts/cli.ts hwlab g14 control-plane cleanup-runs --lane v02 --min-age-minutes 30 --limit 200 --dry-run",
|
||||
"agentrunRetention": "bun scripts/cli.ts agentrun v01 control-plane cleanup-runs --min-age-minutes 30 --limit 200 --dry-run",
|
||||
"agentrunRetention": "bun scripts/cli.ts agentrun control-plane cleanup-runs --min-age-minutes 30 --limit 200 --dry-run",
|
||||
},
|
||||
}
|
||||
|
||||
|
||||
+26
-22
@@ -57,7 +57,7 @@ export function rootHelp(): unknown {
|
||||
{ command: "commander contract|plan --dry-run|smoke --dry-run|approval request --dry-run|prompt-lint --kind gpt55-pr", description: "Host Codex commander skeleton contract, no-daemon smoke plan, dry-run approval preview, and advisory GPT-5.5 PR prompt boundary lint without live bridges, message sends, or submit gating." },
|
||||
{ command: "hwlab nodes control-plane|git-mirror|secret --node G14 --lane v03", description: "Manage HWLAB node/lane runtime prerequisites for v0.3+ with the node identity passed as data instead of a command family." },
|
||||
{ command: "hwlab g14 monitor-prs | hwlab g14 control-plane status|apply|trigger-current|runtime-migration|cleanup-runs|cleanup-released-pvs | hwlab g14 git-mirror status|apply|sync|flush | hwlab g14 tools-image status|build", description: "Start the legacy G14 PR monitor, run bounded v0.2 Tekton/Argo control-plane, manual PipelineRun trigger, runtime migration, CI workspace retention, manual devops-infra git mirror/relay maintenance, or fixed HWLAB CI tools image actions; long confirmed trigger/sync/flush actions return async jobs by default." },
|
||||
{ command: "agentrun v01 aipod-specs|queue|sessions|control-plane|git-mirror", description: "Use AgentRun v0.1 AipodSpec, Queue, and Sessions as the active commander entry through the official G14 CLI bridge, plus bounded Tekton/Argo and git-mirror operations." },
|
||||
{ command: "agentrun aipod-specs|queue|runs|commands|runner|sessions|control-plane|git-mirror", description: "Use AgentRun v0.1 AipodSpec, Queue, Run, Command, read-only runner status, and Sessions through the official G14 CLI bridge, plus bounded Tekton/Argo and git-mirror operations." },
|
||||
{ command: "platform-infra sub2api plan|apply|status|validate|codex-pool", description: "Deploy Sub2API in G14 platform-infra, manage the YAML-controlled Codex upstream pool, expose the unified API through FRP when needed, and configure master ~/.codex without printing API keys." },
|
||||
{ command: "hwlab cd audit --env dev | hwlab cd status --env dev | hwlab cd apply --env dev --dry-run", description: "Legacy D601 HWLAB DEV CD wrapper kept for explicit old-path diagnostics; current HWLAB rollout uses G14 GitOps." },
|
||||
{ command: "code-agent-sandbox", description: "Independent Code Agent Sandbox service skeleton for adapter, mode, and credential-boundary diagnostics." },
|
||||
@@ -65,7 +65,7 @@ export function rootHelp(): unknown {
|
||||
{ command: "schedule upsert-pgdata-backup [--time HH:MM] [--remote-base /SERVER_DATA/UNIDESK_PG_DATA]", description: "Create or update the daily PGDATA physical backup task that uploads monthly rotated archives to Baidu Netdisk." },
|
||||
{ command: "codex deploy <commitId> [--provider-id D601] [--timeout-ms N]", description: "Disabled legacy Code Queue deploy path; use the dev-only artifact consumer instead." },
|
||||
{ command: "codex prompt-lint [prompt|--prompt-file path|--prompt-stdin]", description: "Dry-run lint a runner prompt for DEV test class read-only/live-read/live-mutating authorization without echoing prompt text or touching live services." },
|
||||
{ command: "codex submit|steer|resume|queue create|queue merge|move", description: "Frozen legacy Code Queue write commands; use agentrun v01 queue and agentrun v01 sessions for new commander work. Historical codex task/tasks/output/read/unread/queues remain available for archive troubleshooting." },
|
||||
{ command: "codex submit|steer|resume|queue create|queue merge|move", description: "Frozen legacy Code Queue write commands; use agentrun queue and agentrun sessions for new commander work. Historical codex task/tasks/output/read/unread/queues remain available for archive troubleshooting." },
|
||||
{ command: "codex skills-sync --dry-run [--full]", description: "Inspect the controlled runner skills hostPath lifecycle contract without copying files, restarting services, reading secrets, or mutating live runner paths." },
|
||||
{ command: "codex execution-plane [--full|--raw]", description: "Read-only D601 native k3s Code Queue execution-plane inspection; compares formal deployments, deprecated Compose residuals, commit markers, pod digest, and mounted worktree HEAD." },
|
||||
{ command: "codex pr-preflight [--remote] [--push-dry-run --push-dry-run-ref refs/heads/probe/<name>] [--pr-create-dry-run --pr-create-dry-run-head <head>] [--issue N] [--full|--raw]", description: "Read-only PR admission check with compact commander output by default; use --full or --raw to expand the full runtime preflight, tool, and observation payload." },
|
||||
@@ -76,10 +76,10 @@ export function rootHelp(): unknown {
|
||||
{ command: "codex read <taskId>", description: "Mark one reviewed terminal task read and return terminal metadata plus final response; prompt/tool logs stay behind drill-down commands." },
|
||||
{ command: "codex dev-ready", description: "Fetch execution-container readiness, including sanitized skill injection status from /api/dev-ready." },
|
||||
{ command: "codex judge <taskId> --attempt N [--dry-run] [--include-prompt]", description: "Replay one stored Code Queue attempt through the same judge context builder and MiniMax judge call path used by the live queue worker." },
|
||||
{ command: "codex steer <taskId> / codex resume <taskId>", description: "Frozen legacy execution mutation entries; use agentrun v01 sessions steer/read/cancel/output/trace against AgentRun sessions instead." },
|
||||
{ command: "codex steer <taskId> / codex resume <taskId>", description: "Frozen legacy execution mutation entries; use agentrun sessions steer/read/cancel/output/trace against AgentRun sessions instead." },
|
||||
{ command: "codex steer-confirm <taskId> --steer-id <id> [--raw]", description: "Read-only lookup for a steerId in task trace so deliveryUnconfirmed can be resolved without resending the corrective prompt." },
|
||||
{ command: "codex interrupt|cancel <taskId>", description: "Request interrupt for a running Code Queue task, or cancel a queued/retry_wait task, through the same private proxy." },
|
||||
{ command: "codex queues [--full|--all] [--limit N] [--page N|--offset N]", description: "Read legacy Code Queue archive summaries. Legacy queue create/merge and move are frozen; use agentrun v01 queue for new work." },
|
||||
{ command: "codex queues [--full|--all] [--limit N] [--page N|--offset N]", description: "Read legacy Code Queue archive summaries. Legacy queue create/merge and move are frozen; use agentrun queue for new work." },
|
||||
{ command: "job list [--limit N] [--include-command]", description: "List async jobs from .state/jobs with a bounded default page and progress summaries." },
|
||||
{ command: "job status <jobId|latest> [--tail-bytes N]", description: "Show job state with a structured progress summary and bounded stdout/stderr tails." },
|
||||
{ command: "job cancel <jobId>", description: "Cancel a queued/running async job through the .state/jobs control entry and keep a terminal canceled record." },
|
||||
@@ -385,11 +385,11 @@ function codexHelp(): unknown {
|
||||
usage: [
|
||||
"bun scripts/cli.ts codex deploy <commitId> # disabled legacy deployment entry",
|
||||
"bun scripts/cli.ts codex prompt-lint [prompt|--prompt-file path|--prompt-stdin]",
|
||||
"bun scripts/cli.ts agentrun v01 queue commander --reader-id cli",
|
||||
"bun scripts/cli.ts agentrun v01 aipod-specs show Artificer",
|
||||
"bun scripts/cli.ts agentrun v01 queue submit --aipod Artificer --prompt-stdin",
|
||||
"bun scripts/cli.ts agentrun v01 queue submit --json-stdin <<'JSON'",
|
||||
"bun scripts/cli.ts agentrun v01 sessions trace <sessionId> --after-seq 0 --limit 100",
|
||||
"bun scripts/cli.ts agentrun queue commander --reader-id cli",
|
||||
"bun scripts/cli.ts agentrun aipod-specs show Artificer",
|
||||
"bun scripts/cli.ts agentrun queue submit --aipod Artificer --prompt-stdin",
|
||||
"bun scripts/cli.ts agentrun queue submit --json-stdin <<'JSON'",
|
||||
"bun scripts/cli.ts agentrun sessions trace <sessionId> --after-seq 0 --limit 100",
|
||||
"bun scripts/cli.ts codex submit # frozen legacy write entry; returns legacy-code-queue-frozen",
|
||||
"bun scripts/cli.ts codex task <taskId> [--detail] [--trace --tail|--from-start|--after-seq N|--before-seq N --limit N] [--full]",
|
||||
"bun scripts/cli.ts codex tasks [--view commander|supervisor|full] [--queue id] [--status succeeded,running] [--unread|--unread-only] [--limit N] [--before-id id]",
|
||||
@@ -402,7 +402,7 @@ function codexHelp(): unknown {
|
||||
"bun scripts/cli.ts codex execution-plane [--full|--raw]",
|
||||
"bun scripts/cli.ts codex pr-preflight [--remote] [--push-dry-run --push-dry-run-ref refs/heads/probe/<name>] [--pr-create-dry-run --pr-create-dry-run-head <head>] [--issue N] [--full|--raw]",
|
||||
"bun scripts/cli.ts codex judge <taskId> --attempt N [--dry-run] [--include-prompt]",
|
||||
"bun scripts/cli.ts agentrun v01 sessions steer <sessionId> --prompt-stdin",
|
||||
"bun scripts/cli.ts agentrun sessions steer <sessionId> --prompt-stdin",
|
||||
"bun scripts/cli.ts codex steer <taskId> # frozen legacy write entry",
|
||||
"bun scripts/cli.ts codex resume <taskId> # frozen legacy write entry",
|
||||
"bun scripts/cli.ts codex steer-confirm <taskId> --steer-id <id> [--raw]",
|
||||
@@ -423,7 +423,7 @@ function codexHelp(): unknown {
|
||||
},
|
||||
submitSummary: {
|
||||
default: "codex submit/enqueue now returns ok=false, frozen=true, degradedReason=legacy-code-queue-frozen and AgentRun replacement commands.",
|
||||
replacement: "Use bun scripts/cli.ts agentrun v01 queue submit --json-stdin with a quoted heredoc for new one-shot work; reserve --json-file for reusable reviewed files.",
|
||||
replacement: "Use bun scripts/cli.ts agentrun queue submit --json-stdin with a quoted heredoc for new one-shot work; reserve --json-file for reusable reviewed files.",
|
||||
noDoubleWrite: "UniDesk does not mirror AgentRun submissions into old Code Queue and does not migrate old history into AgentRun.",
|
||||
rawDrillDown: "Use codex tasks/task/output/read/unread/queues only for legacy archive inspection.",
|
||||
},
|
||||
@@ -453,10 +453,10 @@ function codexHelp(): unknown {
|
||||
},
|
||||
examples: {
|
||||
promptLint: "bun scripts/cli.ts codex prompt-lint --prompt-file /tmp/code-queue-prompt.md",
|
||||
agentRunCommander: "bun scripts/cli.ts agentrun v01 queue commander --reader-id cli",
|
||||
agentRunAipod: "bun scripts/cli.ts agentrun v01 queue submit --aipod Artificer --prompt-stdin",
|
||||
agentRunSubmit: "bun scripts/cli.ts agentrun v01 queue submit --json-stdin <<'JSON'",
|
||||
agentRunTrace: "bun scripts/cli.ts agentrun v01 sessions trace <sessionId> --after-seq 0 --limit 100",
|
||||
agentRunCommander: "bun scripts/cli.ts agentrun queue commander --reader-id cli",
|
||||
agentRunAipod: "bun scripts/cli.ts agentrun queue submit --aipod Artificer --prompt-stdin",
|
||||
agentRunSubmit: "bun scripts/cli.ts agentrun queue submit --json-stdin <<'JSON'",
|
||||
agentRunTrace: "bun scripts/cli.ts agentrun sessions trace <sessionId> --after-seq 0 --limit 100",
|
||||
frozenLegacySubmit: "bun scripts/cli.ts codex submit --prompt-file /tmp/code-queue-prompt.md",
|
||||
},
|
||||
disclosure: {
|
||||
@@ -482,7 +482,7 @@ function codexHelp(): unknown {
|
||||
embeddedIn: [],
|
||||
reference: "docs/reference/code-queue-supervision.md#dev-测试授权分级",
|
||||
},
|
||||
description: "Operate legacy Code Queue as a read-only archive through bounded task/output/read/unread/queues views. New task dispatch, retry/resume, steer, queue mutation, move, and workdir mutation are frozen and replaced by AgentRun Queue/Sessions via bun scripts/cli.ts agentrun v01 queue|sessions.",
|
||||
description: "Operate legacy Code Queue as a read-only archive through bounded task/output/read/unread/queues views. New task dispatch, retry/resume, steer, queue mutation, move, and workdir mutation are frozen and replaced by AgentRun Queue/Sessions via bun scripts/cli.ts agentrun queue|sessions.",
|
||||
};
|
||||
}
|
||||
|
||||
@@ -597,15 +597,19 @@ function artifactRegistryHelp(): unknown {
|
||||
|
||||
function agentRunHelpSummary(): unknown {
|
||||
return {
|
||||
command: "agentrun v01 aipod-specs|queue|sessions|control-plane|git-mirror",
|
||||
command: "agentrun aipod-specs|queue|runs|commands|runner|sessions|control-plane|git-mirror",
|
||||
output: "json",
|
||||
usage: [
|
||||
"bun scripts/cli.ts agentrun v01 aipod-specs show Artificer",
|
||||
"bun scripts/cli.ts agentrun v01 queue commander --reader-id cli",
|
||||
"bun scripts/cli.ts agentrun v01 sessions trace <sessionId> --after-seq 0 --limit 100",
|
||||
"bun scripts/cli.ts agentrun v01 control-plane status",
|
||||
"bun scripts/cli.ts agentrun aipod-specs show Artificer",
|
||||
"bun scripts/cli.ts agentrun queue commander --reader-id cli",
|
||||
"bun scripts/cli.ts agentrun queue show <taskId>",
|
||||
"bun scripts/cli.ts agentrun runs show <runId>",
|
||||
"bun scripts/cli.ts agentrun commands show <commandId> --run-id <runId>",
|
||||
"bun scripts/cli.ts agentrun runner jobs --run-id <runId> --command-id <commandId>",
|
||||
"bun scripts/cli.ts agentrun sessions trace <sessionId> --after-seq 0 --limit 100",
|
||||
"bun scripts/cli.ts agentrun control-plane status",
|
||||
],
|
||||
description: "Operate AgentRun v0.1 AipodSpec, queue, sessions, and G14 control-plane entrypoints.",
|
||||
description: "Operate AgentRun v0.1 AipodSpec, queue, run, command, read-only runner status, sessions, and G14 control-plane entrypoints with progressive disclosure: queue commander -> queue show -> runs/commands/runner/session detail.",
|
||||
};
|
||||
}
|
||||
|
||||
|
||||
+1
-1
@@ -352,7 +352,7 @@ function summarizeGitMirrorJobProgress(job: JobRecord, stdoutTail: string, stder
|
||||
nextCommand: job.status === "running"
|
||||
? `bun scripts/cli.ts job status ${job.id} --tail-bytes 12000`
|
||||
: job.name.startsWith("agentrun_")
|
||||
? "bun scripts/cli.ts agentrun v01 git-mirror status"
|
||||
? "bun scripts/cli.ts agentrun git-mirror status"
|
||||
: "bun scripts/cli.ts hwlab g14 git-mirror status",
|
||||
};
|
||||
}
|
||||
|
||||
+11
-2
@@ -97,14 +97,23 @@ function renderEnvelope<T>(command: string, envelope: JsonEnvelope<T>): string {
|
||||
}
|
||||
|
||||
function shouldDumpLargeOutput(command: string, text: string, envelope: JsonEnvelope<unknown>): boolean {
|
||||
if (!(command === "gh" || command.startsWith("gh "))) return false;
|
||||
if (process.env.UNIDESK_CLI_GH_OUTPUT_DUMP_DISABLED === "1") return false;
|
||||
if (!isLargeOutputDumpCommand(command)) return false;
|
||||
if (process.env.UNIDESK_CLI_GH_OUTPUT_DUMP_DISABLED === "1" || process.env.UNIDESK_CLI_OUTPUT_DUMP_DISABLED === "1") return false;
|
||||
if (typeof envelope.data === "object" && envelope.data !== null && (envelope.data as { noDump?: unknown }).noDump === true) return false;
|
||||
const threshold = configuredDumpThresholdBytes();
|
||||
return Buffer.byteLength(text, "utf8") > threshold;
|
||||
}
|
||||
|
||||
function isLargeOutputDumpCommand(command: string): boolean {
|
||||
return command === "gh" || command.startsWith("gh ") || command === "agentrun" || command.startsWith("agentrun ");
|
||||
}
|
||||
|
||||
function configuredDumpThresholdBytes(): number {
|
||||
const genericRaw = process.env.UNIDESK_CLI_OUTPUT_DUMP_THRESHOLD_BYTES;
|
||||
if (genericRaw !== undefined && genericRaw.trim().length > 0) {
|
||||
const genericValue = Number(genericRaw);
|
||||
if (Number.isInteger(genericValue) && genericValue > 0) return genericValue;
|
||||
}
|
||||
const raw = process.env.UNIDESK_CLI_GH_OUTPUT_DUMP_THRESHOLD_BYTES;
|
||||
if (raw === undefined || raw.trim().length === 0) return GH_OUTPUT_DUMP_THRESHOLD_BYTES;
|
||||
const value = Number(raw);
|
||||
|
||||
Reference in New Issue
Block a user