feat: add host commander skeleton

This commit is contained in:
Codex
2026-05-21 12:28:13 +00:00
parent 9f166d0580
commit 67f6d0e820
16 changed files with 1187 additions and 277 deletions
+5 -55
View File
@@ -1,13 +1,6 @@
const requiredDryRunMessage = "This first-phase commander contract only supports dry-run planning; live daemon/control operations are not implemented.";
import { commanderContract as hostCommanderContract, commanderHighRiskActions as highRiskActions } from "../../src/components/microservices/host-codex-commander/src/contract";
const highRiskActions = [
"code-queue-backend-restart",
"code-queue-backend-rebuild",
"code-queue-execution-plane-restart",
"code-queue-task-interrupt",
"code-queue-task-cancel",
"prod-runtime-mutation",
] as const;
const requiredDryRunMessage = "This host Codex commander skeleton only supports dry-run planning; live daemon/control operations are not implemented.";
type HighRiskAction = typeof highRiskActions[number];
@@ -37,6 +30,7 @@ function redactText(value: string): { text: string; redactionsApplied: number }
/\b(?:sk|ghp|github_pat|xoxb|xoxp|AKIA)[A-Za-z0-9_=-]{8,}\b/g,
/\b(?:token|secret|password|passwd|authorization|cookie|api[_-]?key)\s*[:=]\s*[^,\s]+/gi,
/\bBearer\s+[A-Za-z0-9._~+/-]+=*\b/gi,
/https?:\/\/[^/\s]+:[^@\s]+@[^/\s]+/gi,
];
let text = value;
for (const pattern of patterns) {
@@ -52,7 +46,7 @@ function commanderHelp(): Record<string, unknown> {
return {
command: "commander",
output: "json",
description: "First-phase source/contract stub for the host Codex commander control microservice; no daemon or live control action is implemented.",
description: "Local skeleton contract for the host Codex commander control microservice; no daemon or live control action is implemented.",
usage: [
"bun scripts/cli.ts commander contract",
"bun scripts/cli.ts commander plan --dry-run [--session-id id]",
@@ -64,51 +58,7 @@ function commanderHelp(): Record<string, unknown> {
}
export function commanderContract(): Record<string, unknown> {
return {
ok: true,
phase: "source-contract",
serviceId: "host-codex-commander",
currentImplementation: "cli-contract-stub-only",
daemonImplemented: false,
liveOperationsImplemented: false,
purpose: "Keep a host Codex commander session observable and controllable through a future direct-managed microservice without replacing Code Queue runners.",
ownershipBoundary: {
hostCodexProcess: "Long-lived Codex process on the master server host.",
controlMicroservice: "Future direct-managed bridge that records state, mediates PTY/stdio/SSH streams, injects prompts, and summarizes traces.",
codeQueue: "Remains the task execution plane; the commander only supervises through existing safe CLI/API contracts.",
claudeqq: "Approval and user-notification path for high-risk actions.",
},
requiredCapabilities: [
"host-codex-process-discovery",
"host-codex-start-plan",
"ssh-bridge-contract",
"pty-bridge-contract",
"stdio-bridge-contract",
"prompt-guidance-plan",
"trace-summary-plan",
"issue-20-board-read-write-entry",
"issue-46-brief-read-write-entry",
"claudeqq-high-risk-approval-entry",
],
apiContract: {
health: "GET /health",
contract: "GET /api/commander/contract",
sessions: "GET /api/commander/sessions",
sessionPlan: "POST /api/commander/sessions/:sessionId/plan-start",
promptPlan: "POST /api/commander/sessions/:sessionId/prompt-plan",
traceSummary: "GET /api/commander/trace-summary?taskId=<taskId>",
issueWritePlan: "POST /api/commander/issues/:issueNumber/write-plan",
approvalRequest: "POST /api/commander/approvals",
},
stateModel: {
sessionStates: ["unknown", "discovered", "planned", "starting", "running", "attention_required", "stopping", "stopped", "degraded"],
promptStates: ["draft", "planned", "queued_for_injection", "injected", "rejected", "failed"],
approvalStates: ["draft", "requested", "approved", "rejected", "expired", "consumed"],
storageRoot: ".state/commander/",
redactionPolicy: "Never persist or print token, secret, password, key, cookie, or authorization values in cleartext.",
},
safetyBoundary: safetyBoundary(),
};
return hostCommanderContract();
}
function safetyBoundary(): Record<string, unknown> {