feat(web-probe): add semantic YAML origins

This commit is contained in:
Codex
2026-07-10 12:37:13 +02:00
parent 2d4c1a5ffa
commit 2c47fd6528
18 changed files with 545 additions and 48 deletions
+10 -4
View File
@@ -35,6 +35,7 @@ import { isSafeWebProbeScriptArtifactPath, isSafeWebProbeScriptReportPath, isSaf
import { compactCommandResultRedacted, nullableRecord, redactKnownSecrets, shellQuote } from "./utils";
import { renderWebProbeScriptResult } from "./web-observe-render";
import { nodeWebProbeHostProxyEnv } from "./web-probe-observe";
import { webProbeOriginSummary } from "./web-probe-origin";
export function nodeWebObserveStatusNodeScript(tailLines: number, node: string, lane: string, commandId: string | null = null): string {
return `node -e ${shellQuote(`
@@ -493,7 +494,7 @@ export function runNodeWebProbeScript(
material: BootstrapAdminPasswordMaterial,
credential: Record<string, unknown>,
): Record<string, unknown> {
const commandLabel = options.commandLabel ?? `web-probe script --node ${options.node} --lane ${options.lane}`;
const commandLabel = options.commandLabel ?? `web-probe script --node ${options.node} --lane ${options.lane}${webProbeSemanticOriginArgs(options)}`;
const commandGovernance = webProbeScriptCommandGovernance(options);
const webProbeProxy = nodeWebProbeHostProxyEnv(spec, options.browserProxyMode);
const script = nodeWebProbeScriptRemoteShell(options, secretSpec, material.username ?? secretSpec.bootstrapAdminUsername, material.password ?? "", webProbeProxy, spec.webProbe?.playwrightBrowsersPath);
@@ -595,6 +596,7 @@ export function runNodeWebProbeScript(
lane: options.lane,
workspace: spec.workspace,
url: options.url,
origin: webProbeOriginSummary(options),
network: webProbeProxy.summary,
credential,
scriptSource: options.scriptSource,
@@ -641,7 +643,7 @@ export function webProbeScriptCommandGovernance(options: NodeWebProbeScriptOptio
export function webProbeScriptCommandPromotionHint(options: NodeWebProbeScriptOptions): Record<string, unknown> {
const repoOwnedTypedCommand = options.suppressAdHocWarning === true;
const currentCommand = options.commandLabel ?? `web-probe script --node ${options.node} --lane ${options.lane}`;
const currentCommand = options.commandLabel ?? `web-probe script --node ${options.node} --lane ${options.lane}${webProbeSemanticOriginArgs(options)}`;
return {
schemaVersion: "unidesk.web-probe.command-promotion.v1",
code: "prefer_repo_owned_typed_command",
@@ -680,7 +682,7 @@ export function webProbeScriptGovernanceHints(options: NodeWebProbeScriptOptions
return [
"Before rerunning this script, promote the workflow to a repo-owned typed `web-probe` command so auth, artifacts, output bounds and evidence contracts remain reusable.",
"Prefer `web-probe observe start` plus `web-probe observe command` for interactive flows; use `observe collect/analyze` for repeated evidence reads.",
`For this target, start with: bun scripts/cli.ts web-probe observe start --node ${options.node} --lane ${options.lane} --target-path /projects/mdtodo`,
`For this target, start with: bun scripts/cli.ts web-probe observe start --node ${options.node} --lane ${options.lane}${webProbeSemanticOriginArgs(options)} --target-path /projects/mdtodo`,
];
}
@@ -688,12 +690,16 @@ export function webProbeScriptPreferredCommands(options: NodeWebProbeScriptOptio
if (options.generatedPreferredCommands !== undefined) return options.generatedPreferredCommands;
return {
typedCommandCatalog: "bun scripts/cli.ts web-probe --help",
startObserver: `bun scripts/cli.ts web-probe observe start --node ${options.node} --lane ${options.lane} --target-path /projects/mdtodo`,
startObserver: `bun scripts/cli.ts web-probe observe start --node ${options.node} --lane ${options.lane}${webProbeSemanticOriginArgs(options)} --target-path /projects/mdtodo`,
mdtodoSummary: "bun scripts/cli.ts web-probe observe collect <observerId> --view project-mdtodo-summary",
analyze: "bun scripts/cli.ts web-probe observe analyze <observerId>",
};
}
function webProbeSemanticOriginArgs(options: Pick<NodeWebProbeScriptOptions, "originName">): string {
return options.originName === "internal" || options.originName === "public" ? ` --origin ${options.originName}` : "";
}
export function nodeWebProbeScriptRemoteShell(options: NodeWebProbeScriptOptions, secretSpec: RuntimeSecretSpec, username: string, password: string, webProbeProxy: NodeWebProbeHostProxyEnv, playwrightBrowsersPath: string | undefined): string {
const userScriptB64 = Buffer.from(options.scriptText, "utf8").toString("base64");
const runnerB64 = Buffer.from(nodeWebProbeScriptRunnerSource(), "utf8").toString("base64");