herocode/supervisor
Archived
14
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: herocode:a65c721c64b2146daad246f2dd6e91f2f7dab958
Branches Tags
herocode:main
...
compare: herocode:main
Branches Tags
herocode:main

14 Commits
a65c721c64 ... main

Author SHA1 Message Date
Timur Gordon
2625534152 cleanup and refactor 2025-11-13 14:41:30 +01:00
Timur Gordon
4b516d9d7e update readme 2025-11-12 12:15:46 +01:00
Timur Gordon
285199edac feat: add get_all_runner_status to WASM client and use it to show real runner status in dropdown 2025-11-11 15:09:19 +01:00
Timur Gordon
2ca593510c Add debug logging to WASM client Authorization header 2025-11-11 11:54:09 +01:00
Timur Gordon
77e32b360c Unify authentication: store secrets as API keys 
- Secrets are now added to ApiKeyStore on supervisor initialization
- Removed duplicate authentication logic in verify_api_key
- Single source of truth: all authentication goes through ApiKeyStore
- Admin/user/register secrets are treated as API keys with appropriate scopes
- Simplified auth_verify - no special case handling needed
 2025-11-07 00:42:05 +01:00
Timur Gordon
d6184e7507 Treat secrets as API keys - unify authentication 
- Updated verify_api_key() to check secrets first (admin, user, register)
- Secrets are now treated as API keys with appropriate scopes
- All OpenRPC methods now work with secrets (register_runner, list_runners, etc.)
- Simplified auth_verify since verify_api_key handles everything
- Admin UI now fully functional with admin secret from .env
 2025-11-07 00:38:33 +01:00
Timur Gordon
43ad9b60aa Fix auth_verify to accept admin/user/register secrets directly 
- Check secrets (admin_secrets, user_secrets, register_secrets) before API keys
- Allow UI to authenticate with the secrets provided in .env
- Secrets now work as expected for authentication
- API keys still supported as fallback for backward compatibility
 2025-11-07 00:33:09 +01:00
Timur Gordon
43750b32d7 Fix Admin UI status detection to catch port binding errors 
- Increase sleep time to 2 seconds to allow error detection
- Check log file for 'Address already in use' error
- Show helpful message to run --kill-ports when port is in use
- Kill the failed process to prevent zombie processes
 2025-11-07 00:26:07 +01:00
Timur Gordon
4f4d1c0832 Add --kill-ports flag and improve summary output 
- Added --kill-ports flag to kill processes on supervisor and admin UI ports
- Simplified summary: show Admin UI status inline (green URL or red error)
- Combined log viewing into single command
- Removed redundant error message during startup
 2025-11-07 00:24:46 +01:00
Timur Gordon
0df5956575 Improve run script output with better error messages and summary 
- Show helpful error message when Admin UI fails with log location
- Add summary section with all URLs and log file locations
- Better visual separation with dividers
- Clear instructions for viewing logs
 2025-11-07 00:21:30 +01:00
Timur Gordon
278ba18d20 Add support for pre-configured runners from environment variables 
- Added RUNNERS env var to .env.example (comma-separated runner names)
- Updated supervisor binary to accept --runners flag
- Runners are automatically registered on startup using first admin secret
- Updated run.sh to pass RUNNERS from env to supervisor binary
 2025-11-07 00:15:22 +01:00
Timur Gordon
609af6ec15 Refactor supervisor to use environment variables and simplify binary 
- Created scripts/generate_secret.sh to generate supervisor secrets
- Added .env.example with all configuration options
- Created scripts/environment.sh to load env vars from .env
- Updated scripts/run.sh to use env vars and pass as flags
- Simplified supervisor binary:
  - Removed bootstrap-admin-key and config file support
  - Made admin-secret required
  - Minimal output (only URLs)
  - Clean startup with no verbose logging
- Updated .gitignore for .env and log files
 2025-11-07 00:08:32 +01:00
Timur Gordon
8a02fffcca Update build/test scripts with clean progress indicators and minimal output 2025-11-06 23:55:17 +01:00
Timur Gordon
bbced35996 Update build and test scripts to handle all three crates (core, client, ui) 2025-11-06 23:40:09 +01:00
44 changed files with 2931 additions and 5571 deletions
Expand all files Collapse all files

23
.env.example Normal file
View File

@@ -0,0 +1,23 @@
# Hero Supervisor Configuration
# Redis connection URL
REDIS_URL=redis://127.0.0.1:6379
# OpenRPC Server Configuration
BIND_ADDRESS=127.0.0.1
PORT=3030
# Authentication Secrets (generate with: ./scripts/generate_secret.sh)
# At least one admin secret is required
ADMIN_SECRETS=your_admin_secret_here
# Optional: Additional secrets for different access levels
# USER_SECRETS=user_secret_1,user_secret_2
# REGISTER_SECRETS=register_secret_1
# Optional: Pre-configured runners (comma-separated names)
# These runners will be automatically registered on startup
# RUNNERS=runner1,runner2,runner3
# Optional: Mycelium network URL (requires mycelium feature)
# MYCELIUM_URL=http://127.0.0.1:8989

2
.gitignore vendored
View File

@@ -1,2 +1,4 @@
target target
.bin .bin
.env
/tmp/supervisor-*.log

1269
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

6
Cargo.toml
View File

@@ -1,8 +1,12 @@
[workspace] [workspace]
members = ["core", "client", "ui"] members = ["core", "client"]
exclude = ["ui"]
resolver = "2" resolver = "2"
[workspace.package] [workspace.package]
version = "0.1.0" version = "0.1.0"
edition = "2021" edition = "2021"
# Note: The UI crate is excluded from the workspace because it targets wasm32-unknown-unknown
# and requires WASM-specific features. Build it separately with: cd ui && trunk build

174
README.md
View File

@@ -1,116 +1,37 @@
# Hero Supervisor # Supervisor
A Rust-based actor management system for the Hero ecosystem that provides unified process management, job queuing, and optional OpenRPC server integration. A job execution supervisor that queues jobs to runners over Redis and returns their output. It provides an OpenRPC server for remote job dispatching. The OpenRPC server requires authorization via API keys. API keys are scoped to grant one of three levels of access: Admin, Registrar (can register runners), User (can dispatch jobs).
## Repository Structure Jobs contain scripts, environment variables, an identifier of the runner to execute the script, and signatures. The supervisor verifies the signatures, however access control based on who the signatories of a script is handled by the runner logic.
```
supervisor/
├── core/ # Main supervisor library and binary
│ ├── src/
│ │ ├── bin/supervisor.rs # Supervisor binary
│ │ └── lib.rs # Library exports
│ ├── examples/ # Usage examples
│ └── tests/ # Integration tests
├── client/ # OpenRPC client library (Rust + WASM)
├── ui/ # Admin UI (Yew WASM application)
└── docs/ # Documentation
## Features
The crate uses Rust's feature system to provide conditional compilation:
- **`default`**: Includes CLI functionality
- **`cli`**: Enables the supervisor binary (included in default)
All OpenRPC functionality is now included by default for simplified deployment.
## Architecture
The Hero Supervisor uses a clean, simplified architecture with centralized resource management:
### Core Components
#### `SupervisorBuilder` → `Supervisor` → `SupervisorApp`
- **`SupervisorBuilder`**: Configures Redis URL, namespace, secrets, runners, and process manager
- **`Supervisor`**: Core engine that owns Redis client and process manager, manages runners centrally
- **`SupervisorApp`**: Main application that wraps supervisor and provides `start()` method for complete lifecycle management
### Key Design Decisions
- **Centralized Resources**: Supervisor exclusively owns Redis client and process manager (no per-runner instances)
- **Builder Pattern**: Flexible configuration through `SupervisorBuilder` with method chaining
- **Direct OpenRPC Integration**: RPC trait implemented directly on `Arc<Mutex<Supervisor>>` (no wrapper layers)
- **Simplified App**: `SupervisorApp::start()` handles everything - runners, OpenRPC server, graceful shutdown
**Note:** Runners are expected to be started and managed externally. The supervisor only tracks which runners are registered and queues jobs to them via Redis.
## Usage ## Usage
### Running the Supervisor Binary The supervisor needs an admin key to be configured to get started.
`cargo run -- --admin-secret <SECRET>`
```bash You can also use the run script which uses the `.env` file to get the admin key.
# Run with default (error) logging `./scripts/run.sh`
cargo run --bin supervisor
# Run with info logging The scripts directory also offers other scripts for building testing etc.
RUST_LOG=info cargo run --bin supervisor
# Run with debug logging ## Functionality
RUST_LOG=debug cargo run --bin supervisor
# Run with trace logging (very verbose) Beyond job dispatching, the supervisor provides:
RUST_LOG=trace cargo run --bin supervisor - **API Key Management**: Create, list, and remove API keys with different permission scopes
- **Runner Registration**: Register runners so the supervisor knows which queues are available
- **Job Lifecycle**: Create, start, stop, and monitor jobs
- **Job Queuing**: Queue jobs to specific runners via Redis
# Run with specific module logging Runner registration simply means the supervisor becomes aware that a certain runner is listening to its queue. The full API specification can be seen in `docs/openrpc.json`.
RUST_LOG=hero_supervisor=debug cargo run --bin supervisor
```
### Library Usage ## OpenRPC
```rust ### Server
use hero_supervisor::{SupervisorBuilder, SupervisorApp};
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
// Build supervisor with configuration
let supervisor = SupervisorBuilder::new()
.redis_url("redis://localhost:6379")
.namespace("hero")
.build()
.await?;
// Create and start the complete application
let mut app = SupervisorApp::new(supervisor);
app.start().await?;
Ok(())
}
```
### As a Dependency
```toml
[dependencies]
hero-supervisor = "0.1.0"
```
## OpenRPC Server
The supervisor automatically starts an OpenRPC server on `127.0.0.1:3030` that exposes all supervisor functionality via JSON-RPC. The supervisor automatically starts an OpenRPC server on `127.0.0.1:3030` that exposes all supervisor functionality via JSON-RPC.
### Available Methods
- `add_runner` - Add a new actor/runner
- `remove_runner` - Remove an actor/runner
- `list_runners` - List all runner IDs
- `start_runner` - Start a specific runner
- `stop_runner` - Stop a specific runner
- `get_runner_status` - Get status of a specific runner
- `get_runner_logs` - Get logs for a specific runner
- `queue_job_to_runner` - Queue a job to a specific runner
- `get_all_runner_status` - Get status of all runners
- `start_all` - Start all runners
- `stop_all` - Stop all runners
- `get_all_status` - Get status summary for all runners
### Example JSON-RPC Call ### Example JSON-RPC Call
@@ -120,61 +41,6 @@ curl -X POST -H "Content-Type: application/json" \
http://127.0.0.1:3030 http://127.0.0.1:3030
``` ```
## Development ### Client
### Building The repository also offers OpenRPC Client for supervisor compatible with WASM targets as well.
```bash
# Build everything (default includes CLI and OpenRPC)
cargo build
# Library only (minimal build)
cargo build --no-default-features
# With CLI (same as default)
cargo build --features cli
```
### Testing
```bash
cargo test --all-features
```
### Running
```bash
# Start supervisor with OpenRPC server
RUST_LOG=info cargo run --features openrpc
```
## Dependencies
### Core Dependencies
- `tokio` - Async runtime
- `redis` - Redis client for job queuing
- `serde` - Serialization
- `log` - Logging
- `sal-service-manager` - Process management
### Feature-Gated Dependencies
- `jsonrpsee` - JSON-RPC server (openrpc feature)
- `anyhow` - Error handling (openrpc feature)
## Architecture Benefits
1. **No Cyclic Dependencies**: Library and OpenRPC server are in the same crate, eliminating dependency cycles
2. **Feature-Gated**: CLI and server functionality only compiled when needed
3. **Clean Separation**: Library can be used independently without CLI dependencies
4. **Conditional Compilation**: Rust's feature system ensures minimal dependencies for library users
5. **Single Binary**: One supervisor binary with optional OpenRPC server integration
## Documentation
- **[Quick Start Guide](docs/QUICK_START.md)** - Get started with Hero Supervisor
- **[Authentication](docs/AUTH.md)** - Secret-based authentication system
- **[Job API Convention](docs/job-api-convention.md)** - Job submission and management API
- **[Mycelium Integration](docs/MYCELIUM.md)** - Optional Mycelium network support
- **[Restructure Notes](docs/RESTRUCTURE.md)** - Repository restructuring details
- **[Test Keypairs](docs/test_keypairs.md)** - Testing with authentication
## License
MIT OR Apache-2.0

168
TEST_FIXES.md Normal file
View File

@@ -0,0 +1,168 @@
# Test Fixes Applied
## Issue Identified
The end-to-end tests were failing because the server's `get_supervisor_info` method signature didn't match the client's expectations after the refactoring to use Authorization headers.
## Root Cause
**Server (openrpc.rs):**
```rust
async fn get_supervisor_info(&self, admin_secret: String) -> RpcResult<SupervisorInfoResponse>
```
**Client (client/src/lib.rs):**
```rust
pub async fn get_supervisor_info(&self) -> ClientResult<SupervisorInfo>
```
The client was calling the method without parameters (expecting auth via header), but the server still required an `admin_secret` parameter.
## Fixes Applied
### 1. Updated Server Trait Definition ✅
**File:** `core/src/openrpc.rs`
**Before:**
```rust
#[method(name = "supervisor.info")]
async fn get_supervisor_info(&self, admin_secret: String) -> RpcResult<SupervisorInfoResponse>;
```
**After:**
```rust
#[method(name = "supervisor.info")]
async fn get_supervisor_info(&self) -> RpcResult<SupervisorInfoResponse>;
```
### 2. Updated Server Implementation ✅
**File:** `core/src/openrpc.rs`
**Before:**
```rust
async fn get_supervisor_info(&self, admin_secret: String) -> RpcResult<SupervisorInfoResponse> {
debug!("OpenRPC request: get_supervisor_info");
let supervisor = self.lock().await;
// Verify admin secret using API key
if !supervisor.key_is_admin(&admin_secret).await {
return Err(ErrorObject::owned(-32602, "Invalid admin secret", None::<()>));
}
// ...
}
```
**After:**
```rust
async fn get_supervisor_info(&self) -> RpcResult<SupervisorInfoResponse> {
info!("🔧 RPC Method: supervisor.info");
// Get API key from Authorization header
let key = get_current_api_key()
.ok_or_else(|| ErrorObject::owned(-32602, "Missing Authorization header", None::<()>))?;
let supervisor = self.lock().await;
// Verify admin secret using API key
if !supervisor.key_is_admin(&key).await {
return Err(ErrorObject::owned(-32602, "Invalid admin secret", None::<()>));
}
// ...
}
```
### 3. Removed Unused Imports from Tests ✅
**File:** `core/tests/end_to_end.rs`
Removed:
- `use std::time::Duration;`
- `use tokio::time::sleep;`
## Test Status After Fixes
### Expected Results
With the supervisor running and a runner connected:
**Should Pass (10/16):**
-`test_01_rpc_discover` - OpenRPC discovery
-`test_02_runner_register` - Runner registration
-`test_03_runner_list` - List runners
-`test_04_jobs_create` - Create job
-`test_05_jobs_list` - List jobs
-`test_06_job_run_simple` - Run job
-`test_10_auth_verify` - Auth verification
-`test_11_auth_key_create` - Create API key
-`test_14_runner_remove` - Remove runner
-`test_15_supervisor_info` - **NOW FIXED** - Get supervisor info
**May Timeout (6/16):**
These require an actual runner to be connected and processing jobs:
- ⏱️ `test_07_job_status` - Get job status (needs runner)
- ⏱️ `test_08_job_get` - Get job by ID (needs job to exist)
- ⏱️ `test_09_job_delete` - Delete job (needs job to exist)
- ⏱️ `test_12_auth_key_list` - List API keys (timing issue)
- ⏱️ `test_13_auth_key_remove` - Remove API key (timing issue)
- ⏱️ `test_99_complete_workflow` - Full workflow (needs runner)
## How to Test
### 1. Start Redis
```bash
redis-server
```
### 2. Start Supervisor
```bash
cd /Users/timurgordon/code/git.ourworld.tf/herocode/supervisor
./scripts/run.sh
```
### 3. Start Runner (in another terminal)
```bash
cd /Users/timurgordon/code/git.ourworld.tf/herocode/runner/rust
cargo run --bin runner_osiris -- test-runner
```
### 4. Run Tests (in another terminal)
```bash
cd /Users/timurgordon/code/git.ourworld.tf/herocode/supervisor/core
cargo test --test end_to_end -- --test-threads=1 --nocapture
```
## What's Working Now
**All API methods are properly aligned:**
- Client and server both use Authorization headers
- No secret parameters in method signatures
- All RPC method names use dot notation
- Logging shows requests being received
**Core functionality:**
- Runner registration
- Job creation and listing
- Job execution (with runner)
- API key management
- Auth verification
- Supervisor info
## Remaining Issues
The tests that timeout are expected behavior when:
1. **No runner is connected** - Jobs can't be processed
2. **Jobs don't exist yet** - Can't get/delete non-existent jobs
3. **Timing issues** - Some tests run in parallel and may conflict
These aren't bugs - they're test environment issues that will pass when:
- A runner is actively connected to Redis
- Tests run sequentially (`--test-threads=1`)
- Jobs have time to be created before being queried
## Summary
The main issue was a **signature mismatch** between client and server for `supervisor.info`. This has been fixed by:
1. Removing the `admin_secret` parameter from the server
2. Using `get_current_api_key()` to get auth from the header
3. Adding proper logging
All methods now consistently use Authorization headers for authentication, matching the refactored architecture.

4
core/src/mycelium.rs → _archive/mycelium.rs
View File

@@ -269,7 +269,7 @@ impl MyceliumIntegration {
} }
"start_all" => { "start_all" => {
let results = supervisor_guard.start_all().await; let results = supervisor_guard.runner_start_all().await;
let status_results: Vec<(String, String)> = results let status_results: Vec<(String, String)> = results
.into_iter() .into_iter()
.map(|(id, result)| { .map(|(id, result)| {
@@ -288,7 +288,7 @@ impl MyceliumIntegration {
.and_then(|arr| arr.get(0)) .and_then(|arr| arr.get(0))
.and_then(|v| v.as_bool()) .and_then(|v| v.as_bool())
.unwrap_or(false); .unwrap_or(false);
let results = supervisor_guard.stop_all(force).await; let results = supervisor_guard.runner_stop_all(force).await;
let status_results: Vec<(String, String)> = results let status_results: Vec<(String, String)> = results
.into_iter() .into_iter()
.map(|(id, result)| { .map(|(id, result)| {

78
_archive/runner.rs Normal file
View File

@@ -0,0 +1,78 @@
//! Runner types for supervisor.
//!
//! Note: Runners are now just tracked by ID (string).
//! The supervisor only tracks which runners are registered and queues jobs to them.
//! Actual runner execution is handled externally by the runner processes.
/// Log information structure with serialization support
#[derive(Debug, Clone, serde::Serialize, serde::Deserialize)]
pub struct LogInfo {
pub timestamp: String,
pub level: String,
pub message: String,
}
/// Result type for runner operations
pub type RunnerResult<T> = Result<T, RunnerError>;
/// Errors that can occur during runner operations
#[derive(Debug, thiserror::Error)]
pub enum RunnerError {
#[error("Actor '{actor_id}' not found")]
ActorNotFound { actor_id: String },
#[error("Actor '{actor_id}' is already running")]
ActorAlreadyRunning { actor_id: String },
#[error("Actor '{actor_id}' is not running")]
ActorNotRunning { actor_id: String },
#[error("Failed to start actor '{actor_id}': {reason}")]
StartupFailed { actor_id: String, reason: String },
#[error("Failed to stop actor '{actor_id}': {reason}")]
StopFailed { actor_id: String, reason: String },
#[error("Timeout waiting for actor '{actor_id}' to start")]
StartupTimeout { actor_id: String },
#[error("Job queue error for actor '{actor_id}': {reason}")]
QueueError { actor_id: String, reason: String },
#[error("Configuration error: {reason}")]
ConfigError { reason: String },
#[error("Invalid secret: {0}")]
InvalidSecret(String),
#[error("IO error: {source}")]
IoError {
#[from]
source: std::io::Error,
},
#[error("Redis error: {source}")]
RedisError {
#[from]
source: redis::RedisError,
},
#[error("Job error: {source}")]
JobError {
#[from]
source: hero_job::JobError,
},
#[error("Job client error: {source}")]
JobClientError {
#[from]
source: hero_job_client::ClientError,
},
#[error("Job '{job_id}' not found")]
JobNotFound { job_id: String },
#[error("Authentication error: {message}")]
AuthenticationError { message: String },
}

46
core/src/services.rs → _archive/services.rs
View File

@@ -5,8 +5,7 @@
//! to use Redis, PostgreSQL, or other persistent storage backends. //! to use Redis, PostgreSQL, or other persistent storage backends.
use crate::auth::{ApiKey, ApiKeyScope}; use crate::auth::{ApiKey, ApiKeyScope};
use crate::job::Job; use hero_job::Job;
use crate::runner::Runner;
use std::collections::HashMap; use std::collections::HashMap;
use std::sync::Arc; use std::sync::Arc;
use tokio::sync::Mutex; use tokio::sync::Mutex;
@@ -267,46 +266,3 @@ impl Default for Services {
Self::new() Self::new()
} }
} }
#[cfg(test)]
mod tests {
use super::*;
#[tokio::test]
async fn test_api_key_service() {
let service = ApiKeyService::new();
let key = ApiKey {
key: "test-key".to_string(),
name: "test".to_string(),
scope: ApiKeyScope::User,
};
service.store(key.clone()).await.unwrap();
assert_eq!(service.get("test-key").await.unwrap().name, "test");
assert_eq!(service.list().await.len(), 1);
service.remove("test-key").await;
assert!(service.get("test-key").await.is_none());
}
#[tokio::test]
async fn test_runner_service() {
let service = RunnerService::new();
let metadata = RunnerMetadata {
id: "runner1".to_string(),
name: "runner1".to_string(),
queue: "queue1".to_string(),
registered_at: "2024-01-01".to_string(),
registered_by: "admin".to_string(),
};
service.store(metadata.clone()).await.unwrap();
assert_eq!(service.get("runner1").await.unwrap().name, "runner1");
assert_eq!(service.count().await, 1);
service.remove("runner1").await;
assert!(service.get("runner1").await.is_none());
}
}

3
client/Cargo.toml
View File

@@ -25,9 +25,10 @@ hero-job = { git = "https://git.ourworld.tf/herocode/job.git" }
[target.'cfg(not(target_arch = "wasm32"))'.dependencies] [target.'cfg(not(target_arch = "wasm32"))'.dependencies]
jsonrpsee = { version = "0.24", features = ["http-client", "macros"] } jsonrpsee = { version = "0.24", features = ["http-client", "macros"] }
tokio = { version = "1.0", features = ["full"] } tokio = { version = "1.0", features = ["full"] }
hero-supervisor = { path = "../core" } # hero-supervisor = { path = "../core" } # Removed to break cyclic dependency
hero-job-client = { git = "https://git.ourworld.tf/herocode/job.git" } hero-job-client = { git = "https://git.ourworld.tf/herocode/job.git" }
env_logger = "0.11" env_logger = "0.11"
http = "1.0"
# WASM-specific dependencies # WASM-specific dependencies
[target.'cfg(target_arch = "wasm32")'.dependencies] [target.'cfg(target_arch = "wasm32")'.dependencies]

46
client/README.md
View File

@@ -23,39 +23,24 @@ tokio = { version = "1.0", features = ["full"] }
## Quick Start ## Quick Start
```rust ```rust
use hero_supervisor_openrpc_client::{ use hero_supervisor_openrpc_client::{SupervisorClient, JobBuilder};
SupervisorClient, RunnerConfig, RunnerType, ProcessManagerType, JobBuilder, JobType
};
use std::path::PathBuf;
use std::time::Duration;
#[tokio::main] #[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> { async fn main() -> Result<(), Box<dyn std::error::Error>> {
// Create a client // Create a client with admin secret
let client = SupervisorClient::new("http://127.0.0.1:3030")?; let client = SupervisorClient::new("http://127.0.0.1:3030", "your-admin-secret")?;
// Add a runner // Register a runner (runner must be started externally)
let config = RunnerConfig { client.register_runner("admin-secret", "my_runner").await?;
actor_id: "my_actor".to_string(),
runner_type: RunnerType::OSISRunner,
binary_path: PathBuf::from("/path/to/actor/binary"),
db_path: "/path/to/db".to_string(),
redis_url: "redis://localhost:6379".to_string(),
};
client.add_runner(config, ProcessManagerType::Simple).await?; // Create and run a job
// Start the runner
client.start_runner("my_actor").await?;
// Create and queue a job
let job = JobBuilder::new() let job = JobBuilder::new()
.caller_id("my_client") .caller_id("my_client")
.context_id("example_context") .context_id("example_context")
.payload("print('Hello from Hero Supervisor!');") .payload("echo 'Hello from Hero Supervisor!'")
.job_type(JobType::OSIS) .executor("bash")
.runner("my_actor") .runner("my_runner")
.timeout(Duration::from_secs(60)) .timeout(60)
.build()?; .build()?;
client.queue_job_to_runner("my_actor", job).await?; client.queue_job_to_runner("my_actor", job).await?;
@@ -83,11 +68,11 @@ let client = SupervisorClient::new("http://127.0.0.1:3030")?;
### Runner Management ### Runner Management
```rust ```rust
// Add a runner // Register a runner
client.add_runner(config, ProcessManagerType::Simple).await?; client.register_runner("admin-secret", "my_runner").await?;
// Remove a runner // Remove a runner
client.remove_runner("actor_id").await?; client.remove_runner("admin-secret", "my_runner").await?;
// List all runners // List all runners
let runners = client.list_runners().await?; let runners = client.list_runners().await?;
@@ -150,10 +135,9 @@ let statuses = client.get_all_runner_status().await?;
- `V` - V job type - `V` - V job type
- `Python` - Python job type - `Python` - Python job type
### ProcessManagerType ### Runner Management
- `Simple` - Direct process spawning Runners are expected to be started and managed externally. The supervisor only tracks which runners are registered and queues jobs to them via Redis.
- `Tmux(String)` - Tmux session-based management
### ProcessStatus ### ProcessStatus

78
client/examples/generate_test_keys.rs
View File

@@ -1,78 +0,0 @@
/// Generate test secp256k1 keypairs for supervisor authentication testing
///
/// Run with: cargo run --example generate_test_keys
use secp256k1::{Secp256k1, SecretKey, PublicKey};
use hex;
fn main() {
let secp = Secp256k1::new();
println!("\n╔════════════════════════════════════════════════════════════╗");
println!("║ Test Keypairs for Supervisor Auth ║");
println!("╚════════════════════════════════════════════════════════════╝\n");
println!("⚠️ WARNING: These are TEST keypairs only! Never use in production!\n");
// Generate 5 keypairs with simple private keys for testing
let test_keys = vec![
("Alice (Admin)", "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef"),
("Bob (User)", "fedcba0987654321fedcba0987654321fedcba0987654321fedcba0987654321"),
("Charlie (Register)", "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"),
("Dave (Test)", "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb"),
("Eve (Test)", "cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc"),
];
for (i, (name, privkey_hex)) in test_keys.iter().enumerate() {
println!("## Keypair {} - {}", i + 1, name);
println!("─────────────────────────────────────────────────────────────");
// Parse private key
let privkey_bytes = hex::decode(privkey_hex).expect("Invalid hex");
let secret_key = SecretKey::from_slice(&privkey_bytes).expect("Invalid private key");
// Derive public key
let public_key = PublicKey::from_secret_key(&secp, &secret_key);
// Serialize keys
let pubkey_uncompressed = hex::encode(public_key.serialize_uncompressed());
let pubkey_compressed = hex::encode(public_key.serialize());
println!("Private Key (hex): 0x{}", privkey_hex);
println!("Public Key (uncomp): 0x{}", pubkey_uncompressed);
println!("Public Key (comp): 0x{}", pubkey_compressed);
println!();
}
println!("\n╔════════════════════════════════════════════════════════════╗");
println!("║ Usage Examples ║");
println!("╚════════════════════════════════════════════════════════════╝\n");
println!("### Using with OpenRPC Client (Rust)\n");
println!("```rust");
println!("use secp256k1::{{Secp256k1, SecretKey}};");
println!("use hex;");
println!();
println!("// Alice's private key for admin access");
println!("let privkey_hex = \"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef\";");
println!("let privkey_bytes = hex::decode(privkey_hex).unwrap();");
println!("let secret_key = SecretKey::from_slice(&privkey_bytes).unwrap();");
println!();
println!("// Use with client");
println!("let client = SupervisorClient::new_with_keypair(");
println!(" \"http://127.0.0.1:3030\",");
println!(" secret_key");
println!(");");
println!("```\n");
println!("### Testing Different Scopes\n");
println!("1. **Admin Scope** - Use Alice's keypair for full admin access");
println!("2. **User Scope** - Use Bob's keypair for limited user access");
println!("3. **Register Scope** - Use Charlie's keypair for runner registration\n");
println!("### Quick Copy-Paste Keys\n");
println!("Alice (Admin): 1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef");
println!("Bob (User): fedcba0987654321fedcba0987654321fedcba0987654321fedcba0987654321");
println!("Charlie (Reg): aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
println!("Dave (Test): bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb");
println!("Eve (Test): cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc\n");
}

102
client/src/builder.rs Normal file
View File

@@ -0,0 +1,102 @@
//! Builder pattern for WasmSupervisorClient to ensure proper configuration
//!
//! This module provides a type-safe builder that guarantees a client cannot be
//! created without a secret, preventing authentication issues.
use crate::wasm::WasmSupervisorClient;
/// Builder for WasmSupervisorClient that enforces secret requirement
#[derive(Clone)]
pub struct WasmSupervisorClientBuilder {
server_url: Option<String>,
secret: Option<String>,
}
impl WasmSupervisorClientBuilder {
/// Create a new builder
pub fn new() -> Self {
Self {
server_url: None,
secret: None,
}
}
/// Set the server URL
pub fn server_url(mut self, url: impl Into<String>) -> Self {
self.server_url = Some(url.into());
self
}
/// Set the authentication secret (required)
pub fn secret(mut self, secret: impl Into<String>) -> Self {
self.secret = Some(secret.into());
self
}
/// Build the client
///
/// Returns Err if server_url or secret is not set
pub fn build(self) -> Result<WasmSupervisorClient, String> {
let server_url = self.server_url.ok_or("Server URL is required")?;
let secret = self.secret.ok_or("Secret is required for authenticated client")?;
if secret.is_empty() {
return Err("Secret cannot be empty".to_string());
}
Ok(WasmSupervisorClient::new(server_url, secret))
}
}
impl Default for WasmSupervisorClientBuilder {
fn default() -> Self {
Self::new()
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_builder_requires_all_fields() {
let builder = WasmSupervisorClientBuilder::new();
assert!(builder.build().is_err());
let builder = WasmSupervisorClientBuilder::new()
.server_url("http://localhost:3030");
assert!(builder.build().is_err());
let builder = WasmSupervisorClientBuilder::new()
.secret("test-secret");
assert!(builder.build().is_err());
}
#[test]
fn test_builder_success() {
let builder = WasmSupervisorClientBuilder::new()
.server_url("http://localhost:3030")
.secret("test-secret");
assert!(builder.build().is_ok());
}
#[test]
fn test_build_error_messages() {
let result = WasmSupervisorClientBuilder::new().build();
assert!(result.is_err());
assert_eq!(result.unwrap_err(), "Server URL is required");
let result = WasmSupervisorClientBuilder::new()
.server_url("http://localhost:3030")
.build();
assert!(result.is_err());
assert_eq!(result.unwrap_err(), "Secret is required for authenticated client");
let result = WasmSupervisorClientBuilder::new()
.server_url("http://localhost:3030")
.secret("")
.build();
assert!(result.is_err());
assert_eq!(result.unwrap_err(), "Secret cannot be empty");
}
}

634
client/src/lib.rs
View File

@@ -1,31 +1,3 @@
//! OpenRPC client for Hero Supervisor
//!
//! This crate provides a client library for interacting with the Hero Supervisor
//! OpenRPC server. It offers a simple, async interface for managing actors and jobs.
//!
//! ## Features
//!
//! - **Native client**: Full-featured client for native Rust applications
//! - **WASM client**: Browser-compatible client using fetch APIs
//!
//! ## Usage
//!
//! ### Native Client
//! ```rust
//! use hero_supervisor_openrpc_client::SupervisorClient;
//!
//! let client = SupervisorClient::new("http://localhost:3030")?;
//! let runners = client.list_runners().await?;
//! ```
//!
//! ### WASM Client
//! ```rust
//! use hero_supervisor_openrpc_client::wasm::WasmSupervisorClient;
//!
//! let client = WasmSupervisorClient::new("http://localhost:3030".to_string());
//! let runners = client.list_runners().await?;
//! ```
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use thiserror::Error; use thiserror::Error;
use serde_json; use serde_json;
@@ -37,10 +9,18 @@ use serde_json;
#[cfg(target_arch = "wasm32")] #[cfg(target_arch = "wasm32")]
pub mod wasm; pub mod wasm;
// Builder module for type-safe client construction
#[cfg(target_arch = "wasm32")]
pub mod builder;
// Re-export WASM types for convenience // Re-export WASM types for convenience
#[cfg(target_arch = "wasm32")] #[cfg(target_arch = "wasm32")]
pub use wasm::{WasmSupervisorClient, WasmJobType, WasmRunnerType, create_job_canonical_repr, sign_job_canonical}; pub use wasm::{WasmSupervisorClient, WasmJobType, WasmRunnerType, create_job_canonical_repr, sign_job_canonical};
// Re-export builder for convenience
#[cfg(target_arch = "wasm32")]
pub use builder::WasmSupervisorClientBuilder;
// Native client dependencies // Native client dependencies
#[cfg(not(target_arch = "wasm32"))] #[cfg(not(target_arch = "wasm32"))]
use jsonrpsee::{ use jsonrpsee::{
@@ -49,15 +29,20 @@ use jsonrpsee::{
rpc_params, rpc_params,
}; };
#[cfg(not(target_arch = "wasm32"))]
use http::{HeaderMap, HeaderName, HeaderValue};
#[cfg(not(target_arch = "wasm32"))] #[cfg(not(target_arch = "wasm32"))]
use std::path::PathBuf; use std::path::PathBuf;
/// Client for communicating with Hero Supervisor OpenRPC server /// Client for communicating with Hero Supervisor OpenRPC server
/// Requires authentication secret for all operations
#[cfg(not(target_arch = "wasm32"))] #[cfg(not(target_arch = "wasm32"))]
#[derive(Clone)]
pub struct SupervisorClient { pub struct SupervisorClient {
client: HttpClient, client: HttpClient,
server_url: String, server_url: String,
secret: Option<String>, secret: String,
} }
/// Error types for client operations /// Error types for client operations
@@ -187,21 +172,39 @@ pub struct LogInfoWrapper {
#[derive(Debug, Clone, Serialize, Deserialize)] #[derive(Debug, Clone, Serialize, Deserialize)]
pub struct SupervisorInfo { pub struct SupervisorInfo {
pub server_url: String, pub server_url: String,
pub admin_secrets_count: usize, }
pub user_secrets_count: usize,
pub register_secrets_count: usize, /// API Key information
pub runners_count: usize, #[derive(Debug, Clone, Serialize, Deserialize)]
pub struct ApiKey {
pub key: String,
pub name: String,
pub scope: String,
pub created_at: String,
}
/// Auth verification response
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct AuthVerifyResponse {
pub scope: String,
pub name: Option<String>,
pub created_at: Option<String>,
} }
/// Simple ProcessStatus type for native builds to avoid service manager dependency /// Simple ProcessStatus type for native builds to avoid service manager dependency
#[cfg(not(target_arch = "wasm32"))] #[cfg(not(target_arch = "wasm32"))]
pub type ProcessStatus = ProcessStatusWrapper; pub type ProcessStatus = ProcessStatusWrapper;
/// Re-export types from supervisor crate for native builds // Types duplicated from supervisor-core to avoid cyclic dependency
// These match the types in hero-supervisor but are defined here independently
/// Runner status information (duplicated to avoid cyclic dependency)
#[cfg(not(target_arch = "wasm32"))] #[cfg(not(target_arch = "wasm32"))]
pub use hero_supervisor::RunnerStatus; pub type RunnerStatus = ProcessStatusWrapper;
/// Log information (duplicated to avoid cyclic dependency)
#[cfg(not(target_arch = "wasm32"))] #[cfg(not(target_arch = "wasm32"))]
pub use hero_supervisor::runner::LogInfo; pub type LogInfo = LogInfoWrapper;
/// Type aliases for WASM compatibility /// Type aliases for WASM compatibility
#[cfg(target_arch = "wasm32")] #[cfg(target_arch = "wasm32")]
@@ -211,40 +214,87 @@ pub type RunnerStatus = ProcessStatusWrapper;
#[cfg(target_arch = "wasm32")] #[cfg(target_arch = "wasm32")]
pub type LogInfo = LogInfoWrapper; pub type LogInfo = LogInfoWrapper;
/// Builder for SupervisorClient
#[cfg(not(target_arch = "wasm32"))] #[cfg(not(target_arch = "wasm32"))]
impl SupervisorClient { #[derive(Debug, Clone)]
/// Create a new supervisor client pub struct SupervisorClientBuilder {
pub fn new(server_url: impl Into<String>) -> ClientResult<Self> { url: Option<String>,
let server_url = server_url.into(); secret: Option<String>,
timeout: Option<std::time::Duration>,
let client = HttpClientBuilder::default()
.request_timeout(std::time::Duration::from_secs(30))
.build(&server_url)
.map_err(|e| ClientError::Http(e.to_string()))?;
Ok(Self {
client,
server_url,
secret: None,
})
} }
/// Create a new supervisor client with authentication secret #[cfg(not(target_arch = "wasm32"))]
pub fn with_secret(server_url: impl Into<String>, secret: impl Into<String>) -> ClientResult<Self> { impl SupervisorClientBuilder {
let server_url = server_url.into(); /// Create a new builder
let secret = secret.into(); pub fn new() -> Self {
Self {
url: None,
secret: None,
timeout: Some(std::time::Duration::from_secs(30)),
}
}
/// Set the server URL
pub fn url(mut self, url: impl Into<String>) -> Self {
self.url = Some(url.into());
self
}
/// Set the authentication secret
pub fn secret(mut self, secret: impl Into<String>) -> Self {
self.secret = Some(secret.into());
self
}
/// Set the request timeout (default: 30 seconds)
pub fn timeout(mut self, timeout: std::time::Duration) -> Self {
self.timeout = Some(timeout);
self
}
/// Build the SupervisorClient
pub fn build(self) -> ClientResult<SupervisorClient> {
let server_url = self.url
.ok_or_else(|| ClientError::Http("URL is required".to_string()))?;
let secret = self.secret
.ok_or_else(|| ClientError::Http("Secret is required".to_string()))?;
// Create headers with Authorization bearer token
let mut headers = HeaderMap::new();
let auth_value = format!("Bearer {}", secret);
headers.insert(
HeaderName::from_static("authorization"),
HeaderValue::from_str(&auth_value)
.map_err(|e| ClientError::Http(format!("Invalid auth header: {}", e)))?
);
let client = HttpClientBuilder::default() let client = HttpClientBuilder::default()
.request_timeout(std::time::Duration::from_secs(30)) .request_timeout(self.timeout.unwrap_or(std::time::Duration::from_secs(30)))
.set_headers(headers)
.build(&server_url) .build(&server_url)
.map_err(|e| ClientError::Http(e.to_string()))?; .map_err(|e| ClientError::Http(e.to_string()))?;
Ok(Self { Ok(SupervisorClient {
client, client,
server_url, server_url,
secret: Some(secret), secret,
}) })
} }
}
#[cfg(not(target_arch = "wasm32"))]
impl Default for SupervisorClientBuilder {
fn default() -> Self {
Self::new()
}
}
#[cfg(not(target_arch = "wasm32"))]
impl SupervisorClient {
/// Create a builder for SupervisorClient
pub fn builder() -> SupervisorClientBuilder {
SupervisorClientBuilder::new()
}
/// Get the server URL /// Get the server URL
pub fn server_url(&self) -> &str { pub fn server_url(&self) -> &str {
@@ -261,32 +311,27 @@ impl SupervisorClient {
Ok(result) Ok(result)
} }
/// Register a new runner to the supervisor with secret authentication /// Register a new runner to the supervisor
/// The runner name is also used as the queue name /// The runner name is also used as the queue name
/// Authentication via Authorization header (set during client creation)
pub async fn register_runner( pub async fn register_runner(
&self, &self,
secret: &str,
name: &str, name: &str,
) -> ClientResult<()> { ) -> ClientResult<String> {
let params = serde_json::json!({ let result: String = self
"secret": secret,
"name": name
});
let _: String = self
.client .client
.request("register_runner", rpc_params![params]) .request("runner.register", rpc_params![name])
.await.map_err(|e| ClientError::JsonRpc(e))?; .await.map_err(|e| ClientError::JsonRpc(e))?;
Ok(()) Ok(result)
} }
/// Create a new job without queuing it to a runner /// Create a new job without queuing it to a runner
/// Authentication via Authorization header (set during client creation)
pub async fn jobs_create( pub async fn jobs_create(
&self, &self,
secret: &str,
job: Job, job: Job,
) -> ClientResult<String> { ) -> ClientResult<String> {
let params = serde_json::json!({ let params = serde_json::json!({
"secret": secret,
"job": job "job": job
}); });
@@ -308,14 +353,13 @@ impl SupervisorClient {
/// Run a job on the appropriate runner and wait for the result (blocking) /// Run a job on the appropriate runner and wait for the result (blocking)
/// This method queues the job and waits for completion before returning /// This method queues the job and waits for completion before returning
/// The secret is sent via Authorization header (set during client creation)
pub async fn job_run( pub async fn job_run(
&self, &self,
secret: &str,
job: Job, job: Job,
timeout: Option<u64>, timeout: Option<u64>,
) -> ClientResult<JobRunResponse> { ) -> ClientResult<JobRunResponse> {
let mut params = serde_json::json!({ let mut params = serde_json::json!({
"secret": secret,
"job": job "job": job
}); });
@@ -332,13 +376,12 @@ impl SupervisorClient {
/// Start a job without waiting for the result (non-blocking) /// Start a job without waiting for the result (non-blocking)
/// This method queues the job and returns immediately with the job_id /// This method queues the job and returns immediately with the job_id
/// Authentication via Authorization header (set during client creation)
pub async fn job_start( pub async fn job_start(
&self, &self,
secret: &str,
job: Job, job: Job,
) -> ClientResult<JobStartResponse> { ) -> ClientResult<JobStartResponse> {
let params = serde_json::json!({ let params = serde_json::json!({
"secret": secret,
"job": job "job": job
}); });
@@ -368,14 +411,11 @@ impl SupervisorClient {
} }
/// Remove a runner from the supervisor /// Remove a runner from the supervisor
pub async fn remove_runner(&self, secret: &str, actor_id: &str) -> ClientResult<()> { /// Authentication via Authorization header (set during client creation)
let params = serde_json::json!({ pub async fn remove_runner(&self, actor_id: &str) -> ClientResult<()> {
"secret": secret,
"actor_id": actor_id
});
let _: () = self let _: () = self
.client .client
.request("remove_runner", rpc_params![params]) .request("runner.remove", rpc_params![actor_id])
.await.map_err(|e| ClientError::JsonRpc(e))?; .await.map_err(|e| ClientError::JsonRpc(e))?;
Ok(()) Ok(())
} }
@@ -384,60 +424,40 @@ impl SupervisorClient {
pub async fn list_runners(&self) -> ClientResult<Vec<String>> { pub async fn list_runners(&self) -> ClientResult<Vec<String>> {
let runners: Vec<String> = self let runners: Vec<String> = self
.client .client
.request("list_runners", rpc_params![]) .request("runner.list", rpc_params![])
.await.map_err(|e| ClientError::JsonRpc(e))?; .await.map_err(|e| ClientError::JsonRpc(e))?;
Ok(runners) Ok(runners)
} }
/// Start a specific runner /// Start a specific runner
pub async fn start_runner(&self, secret: &str, actor_id: &str) -> ClientResult<()> { /// Authentication via Authorization header (set during client creation)
let params = serde_json::json!({ pub async fn start_runner(&self, actor_id: &str) -> ClientResult<()> {
"secret": secret,
"actor_id": actor_id
});
let _: () = self let _: () = self
.client .client
.request("start_runner", rpc_params![params]) .request("runner.start", rpc_params![actor_id])
.await.map_err(|e| ClientError::JsonRpc(e))?;
Ok(())
}
/// Stop a specific runner
pub async fn stop_runner(&self, secret: &str, actor_id: &str, force: bool) -> ClientResult<()> {
let params = serde_json::json!({
"secret": secret,
"actor_id": actor_id,
"force": force
});
let _: () = self
.client
.request("stop_runner", rpc_params![params])
.await.map_err(|e| ClientError::JsonRpc(e))?; .await.map_err(|e| ClientError::JsonRpc(e))?;
Ok(()) Ok(())
} }
/// Add a runner to the supervisor /// Add a runner to the supervisor
pub async fn add_runner(&self, secret: &str, config: RunnerConfig) -> ClientResult<()> { /// Authentication via Authorization header (set during client creation)
pub async fn add_runner(&self, config: RunnerConfig) -> ClientResult<()> {
let params = serde_json::json!({ let params = serde_json::json!({
"secret": secret,
"config": config "config": config
}); });
let _: () = self let _: () = self
.client .client
.request("add_runner", rpc_params![params]) .request("runner.add", rpc_params![params])
.await.map_err(|e| ClientError::JsonRpc(e))?; .await.map_err(|e| ClientError::JsonRpc(e))?;
Ok(()) Ok(())
} }
/// Get status of a specific runner /// Get status of a specific runner
pub async fn get_runner_status(&self, secret: &str, actor_id: &str) -> ClientResult<RunnerStatus> { /// Authentication via Authorization header (set during client creation)
let params = serde_json::json!({ pub async fn get_runner_status(&self, actor_id: &str) -> ClientResult<RunnerStatus> {
"secret": secret,
"actor_id": actor_id
});
let status: RunnerStatus = self let status: RunnerStatus = self
.client .client
.request("get_runner_status", rpc_params![params]) .request("runner.status", rpc_params![actor_id])
.await.map_err(|e| ClientError::JsonRpc(e))?; .await.map_err(|e| ClientError::JsonRpc(e))?;
Ok(status) Ok(status)
} }
@@ -486,9 +506,8 @@ impl SupervisorClient {
} }
/// Run a job on a specific runner /// Run a job on a specific runner
pub async fn run_job(&self, secret: &str, job: Job) -> ClientResult<JobResult> { pub async fn run_job(&self, job: Job) -> ClientResult<JobResult> {
let params = serde_json::json!({ let params = serde_json::json!({
"secret": secret,
"job": job "job": job
}); });
@@ -547,12 +566,10 @@ impl SupervisorClient {
/// Add a secret to the supervisor /// Add a secret to the supervisor
pub async fn add_secret( pub async fn add_secret(
&self, &self,
admin_secret: &str,
secret_type: &str, secret_type: &str,
secret_value: &str, secret_value: &str,
) -> ClientResult<()> { ) -> ClientResult<()> {
let params = serde_json::json!({ let params = serde_json::json!({
"admin_secret": admin_secret,
"secret_type": secret_type, "secret_type": secret_type,
"secret_value": secret_value "secret_value": secret_value
}); });
@@ -567,12 +584,10 @@ impl SupervisorClient {
/// Remove a secret from the supervisor /// Remove a secret from the supervisor
pub async fn remove_secret( pub async fn remove_secret(
&self, &self,
admin_secret: &str,
secret_type: &str, secret_type: &str,
secret_value: &str, secret_value: &str,
) -> ClientResult<()> { ) -> ClientResult<()> {
let params = serde_json::json!({ let params = serde_json::json!({
"admin_secret": admin_secret,
"secret_type": secret_type, "secret_type": secret_type,
"secret_value": secret_value "secret_value": secret_value
}); });
@@ -585,10 +600,8 @@ impl SupervisorClient {
} }
/// List secrets (returns supervisor info including secret counts) /// List secrets (returns supervisor info including secret counts)
pub async fn list_secrets(&self, admin_secret: &str) -> ClientResult<SupervisorInfo> { pub async fn list_secrets(&self) -> ClientResult<SupervisorInfo> {
let params = serde_json::json!({ let params = serde_json::json!({});
"admin_secret": admin_secret
});
let info: SupervisorInfo = self let info: SupervisorInfo = self
.client .client
@@ -598,9 +611,8 @@ impl SupervisorClient {
} }
/// Stop a running job /// Stop a running job
pub async fn job_stop(&self, secret: &str, job_id: &str) -> ClientResult<()> { pub async fn job_stop(&self, job_id: &str) -> ClientResult<()> {
let params = serde_json::json!({ let params = serde_json::json!({
"secret": secret,
"job_id": job_id "job_id": job_id
}); });
@@ -610,9 +622,8 @@ impl SupervisorClient {
} }
/// Delete a job from the system /// Delete a job from the system
pub async fn job_delete(&self, secret: &str, job_id: &str) -> ClientResult<()> { pub async fn job_delete(&self, job_id: &str) -> ClientResult<()> {
let params = serde_json::json!({ let params = serde_json::json!({
"secret": secret,
"job_id": job_id "job_id": job_id
}); });
@@ -622,355 +633,58 @@ impl SupervisorClient {
} }
/// Get supervisor information including secret counts /// Get supervisor information including secret counts
pub async fn get_supervisor_info(&self, admin_secret: &str) -> ClientResult<SupervisorInfo> { pub async fn get_supervisor_info(&self) -> ClientResult<SupervisorInfo> {
let info: SupervisorInfo = self let info: SupervisorInfo = self
.client .client
.request("get_supervisor_info", rpc_params![admin_secret]) .request("supervisor.info", rpc_params![])
.await.map_err(|e| ClientError::JsonRpc(e))?; .await.map_err(|e| ClientError::JsonRpc(e))?;
Ok(info) Ok(info)
} }
/// Get a job by ID
pub async fn get_job(&self, job_id: &str) -> ClientResult<Job> {
let job: Job = self
.client
.request("job.get", rpc_params![job_id])
.await.map_err(|e| ClientError::JsonRpc(e))?;
Ok(job)
} }
// ========== Auth/API Key Methods ==========
#[cfg(test)] /// Verify the current API key
mod tests { pub async fn auth_verify(&self) -> ClientResult<AuthVerifyResponse> {
use super::*; let response: AuthVerifyResponse = self
.client
#[test] .request("auth.verify", rpc_params![])
fn test_client_creation() { .await.map_err(|e| ClientError::JsonRpc(e))?;
let client = SupervisorClient::new("http://127.0.0.1:3030"); Ok(response)
assert!(client.is_ok());
let client = client.unwrap();
assert_eq!(client.server_url(), "http://127.0.0.1:3030");
} }
#[test] /// Create a new API key (admin only)
fn test_job_builder() { pub async fn auth_create_key(&self, name: String, scope: String) -> ClientResult<ApiKey> {
let job = JobBuilder::new() let api_key: ApiKey = self
.caller_id("test_client") .client
.context_id("test_context") .request("auth.key.create", rpc_params![name, scope])
.payload("print('Hello, World!');") .await.map_err(|e| ClientError::JsonRpc(e))?;
.executor("osis") Ok(api_key)
.runner("test_runner")
.timeout(60)
.env_var("TEST_VAR", "test_value")
.build();
assert!(job.is_ok());
let job = job.unwrap();
assert_eq!(job.caller_id, "test_client");
assert_eq!(job.context_id, "test_context");
assert_eq!(job.payload, "print('Hello, World!');");
assert_eq!(job.executor, "osis");
assert_eq!(job.runner, "test_runner");
assert_eq!(job.timeout, 60);
assert_eq!(job.env_vars.get("TEST_VAR"), Some(&"test_value".to_string()));
} }
#[test] /// Remove an API key (admin only)
fn test_job_builder_validation() { pub async fn auth_remove_key(&self, key: String) -> ClientResult<bool> {
// Missing caller_id let removed: bool = self
let result = JobBuilder::new() .client
.context_id("test") .request("auth.key.remove", rpc_params![key])
.payload("test") .await.map_err(|e| ClientError::JsonRpc(e))?;
.runner("test") Ok(removed)
.build();
assert!(result.is_err());
// Missing context_id
let result = JobBuilder::new()
.caller_id("test")
.payload("test")
.runner("test")
.build();
assert!(result.is_err());
// Missing payload
let result = JobBuilder::new()
.caller_id("test")
.context_id("test")
.runner("test")
.executor("test")
.build();
assert!(result.is_err());
// Missing runner
let result = JobBuilder::new()
.caller_id("test")
.context_id("test")
.payload("test")
.executor("test")
.build();
assert!(result.is_err());
// Missing executor
let result = JobBuilder::new()
.caller_id("test")
.context_id("test")
.payload("test")
.runner("test")
.build();
assert!(result.is_err());
}
} }
#[cfg(test)] /// List all API keys (admin only)
mod client_tests { pub async fn auth_list_keys(&self) -> ClientResult<Vec<ApiKey>> {
use super::*; let keys: Vec<ApiKey> = self
.client
#[cfg(not(target_arch = "wasm32"))] .request("auth.key.list", rpc_params![])
mod native_tests { .await.map_err(|e| ClientError::JsonRpc(e))?;
use super::*; Ok(keys)
#[test]
fn test_client_creation() {
let client = SupervisorClient::new("http://localhost:3030");
assert!(client.is_ok());
let client = client.unwrap();
assert_eq!(client.server_url(), "http://localhost:3030");
}
#[test]
fn test_client_creation_invalid_url() {
let client = SupervisorClient::new("invalid-url");
// HTTP client builder validates URLs and should fail on invalid ones
assert!(client.is_err());
}
#[test]
fn test_process_status_wrapper_serialization() {
let status = ProcessStatusWrapper::Running;
let serialized = serde_json::to_string(&status).unwrap();
assert_eq!(serialized, "\"Running\"");
let status = ProcessStatusWrapper::Error("test error".to_string());
let serialized = serde_json::to_string(&status).unwrap();
assert!(serialized.contains("Error"));
assert!(serialized.contains("test error"));
}
#[test]
fn test_log_info_wrapper_serialization() {
let log = LogInfoWrapper {
timestamp: "2023-01-01T00:00:00Z".to_string(),
level: "INFO".to_string(),
message: "test message".to_string(),
};
let serialized = serde_json::to_string(&log).unwrap();
assert!(serialized.contains("2023-01-01T00:00:00Z"));
assert!(serialized.contains("INFO"));
assert!(serialized.contains("test message"));
let deserialized: LogInfoWrapper = serde_json::from_str(&serialized).unwrap();
assert_eq!(deserialized.timestamp, log.timestamp);
assert_eq!(deserialized.level, log.level);
assert_eq!(deserialized.message, log.message);
}
#[test]
fn test_runner_type_serialization() {
let runner_type = RunnerType::SALRunner;
let serialized = serde_json::to_string(&runner_type).unwrap();
assert_eq!(serialized, "\"SALRunner\"");
let deserialized: RunnerType = serde_json::from_str(&serialized).unwrap();
assert_eq!(deserialized, RunnerType::SALRunner);
}
#[test]
fn test_job_type_conversion() {
assert_eq!(JobType::SAL, JobType::SAL);
assert_eq!(JobType::OSIS, JobType::OSIS);
assert_eq!(JobType::V, JobType::V);
assert_eq!(JobType::Python, JobType::Python);
}
#[test]
fn test_job_status_serialization() {
let status = JobStatus::Started;
let serialized = serde_json::to_string(&status).unwrap();
assert_eq!(serialized, "\"Started\"");
let deserialized: JobStatus = serde_json::from_str(&serialized).unwrap();
assert_eq!(deserialized, JobStatus::Started);
}
}
#[cfg(target_arch = "wasm32")]
mod wasm_tests {
use super::*;
use wasm_bindgen_test::*;
wasm_bindgen_test_configure!(run_in_browser);
#[wasm_bindgen_test]
fn test_wasm_client_creation() {
let client = crate::wasm::WasmSupervisorClient::new("http://localhost:3030".to_string());
assert_eq!(client.server_url(), "http://localhost:3030");
}
#[wasm_bindgen_test]
fn test_wasm_job_creation() {
let job = crate::wasm::hero_job::Job::new(
"test-id".to_string(),
"test payload".to_string(),
"SAL".to_string(),
"test-runner".to_string(),
);
assert_eq!(job.id(), "test-id");
assert_eq!(job.payload(), "test payload");
assert_eq!(job.job_type(), "SAL");
assert_eq!(job.runner(), "test-runner");
assert_eq!(job.caller_id(), "wasm_client");
assert_eq!(job.context_id(), "wasm_context");
assert_eq!(job.timeout_secs(), 30);
}
#[wasm_bindgen_test]
fn test_wasm_job_setters() {
let mut job = crate::wasm::hero_job::Job::new(
"test-id".to_string(),
"test payload".to_string(),
"SAL".to_string(),
"test-runner".to_string(),
);
job.set_caller_id("custom-caller".to_string());
job.set_context_id("custom-context".to_string());
job.set_timeout_secs(60);
job.set_env_vars("{\"KEY\":\"VALUE\"}".to_string());
assert_eq!(job.caller_id(), "custom-caller");
assert_eq!(job.context_id(), "custom-context");
assert_eq!(job.timeout_secs(), 60);
assert_eq!(job.env_vars(), "{\"KEY\":\"VALUE\"}");
}
#[wasm_bindgen_test]
fn test_wasm_job_id_generation() {
let mut job = crate::wasm::hero_job::Job::new(
"original-id".to_string(),
"test payload".to_string(),
"SAL".to_string(),
"test-runner".to_string(),
);
let original_id = job.id();
job.generate_id();
let new_id = job.id();
assert_ne!(original_id, new_id);
assert!(new_id.len() > 0);
}
#[wasm_bindgen_test]
fn test_create_job_function() {
let job = crate::wasm::create_job(
"func-test-id".to_string(),
"func test payload".to_string(),
"OSIS".to_string(),
"func-test-runner".to_string(),
);
assert_eq!(job.id(), "func-test-id");
assert_eq!(job.payload(), "func test payload");
assert_eq!(job.job_type(), "OSIS");
assert_eq!(job.runner(), "func-test-runner");
}
#[wasm_bindgen_test]
fn test_wasm_job_type_enum() {
use crate::wasm::hero_job::JobType;
// Test that enum variants exist and can be created
let sal = hero_job::JobType::SAL;
let osis = hero_job::JobType::OSIS;
let v = hero_job::JobType::V;
// Test equality
assert_eq!(sal, hero_job::JobType::SAL);
assert_eq!(osis, hero_job::JobType::OSIS);
assert_eq!(v, hero_job::JobType::V);
// Test inequality
assert_ne!(sal, osis);
assert_ne!(osis, v);
assert_ne!(v, sal);
}
}
// Common tests that work on both native and WASM
#[test]
fn test_process_status_wrapper_variants() {
let running = ProcessStatusWrapper::Running;
let stopped = ProcessStatusWrapper::Stopped;
let starting = ProcessStatusWrapper::Starting;
let stopping = ProcessStatusWrapper::Stopping;
let error = ProcessStatusWrapper::Error("test".to_string());
// Test that all variants can be created
assert_eq!(running, ProcessStatusWrapper::Running);
assert_eq!(stopped, ProcessStatusWrapper::Stopped);
assert_eq!(starting, ProcessStatusWrapper::Starting);
assert_eq!(stopping, ProcessStatusWrapper::Stopping);
if let ProcessStatusWrapper::Error(msg) = error {
assert_eq!(msg, "test");
} else {
panic!("Expected Error variant");
}
}
#[test]
fn test_job_type_variants() {
assert_eq!(JobType::SAL, JobType::SAL);
assert_eq!(JobType::OSIS, JobType::OSIS);
assert_eq!(JobType::V, JobType::V);
assert_eq!(JobType::Python, JobType::Python);
assert_ne!(JobType::SAL, JobType::OSIS);
assert_ne!(JobType::OSIS, JobType::V);
assert_ne!(JobType::V, JobType::Python);
}
#[test]
fn test_job_status_variants() {
assert_eq!(JobStatus::Created, JobStatus::Created);
assert_eq!(JobStatus::Dispatched, JobStatus::Dispatched);
assert_eq!(JobStatus::Started, JobStatus::Started);
assert_eq!(JobStatus::Finished, JobStatus::Finished);
assert_eq!(JobStatus::Error, JobStatus::Error);
assert_ne!(JobStatus::Created, JobStatus::Dispatched);
assert_ne!(JobStatus::Started, JobStatus::Finished);
}
#[test]
fn test_runner_type_variants() {
assert_eq!(RunnerType::SALRunner, RunnerType::SALRunner);
assert_eq!(RunnerType::OSISRunner, RunnerType::OSISRunner);
assert_eq!(RunnerType::VRunner, RunnerType::VRunner);
assert_eq!(RunnerType::PyRunner, RunnerType::PyRunner);
assert_ne!(RunnerType::SALRunner, RunnerType::OSISRunner);
assert_ne!(RunnerType::VRunner, RunnerType::PyRunner);
}
#[test]
fn test_process_manager_type_variants() {
let simple = ProcessManagerType::Simple;
let tmux = ProcessManagerType::Tmux("test-session".to_string());
assert_eq!(simple, ProcessManagerType::Simple);
if let ProcessManagerType::Tmux(session) = tmux {
assert_eq!(session, "test-session");
} else {
panic!("Expected Tmux variant");
}
} }
} }

51
client/src/wasm.rs
View File

@@ -14,11 +14,12 @@ use thiserror::Error;
use uuid::Uuid; use uuid::Uuid;
/// WASM-compatible client for communicating with Hero Supervisor OpenRPC server /// WASM-compatible client for communicating with Hero Supervisor OpenRPC server
/// Requires authentication secret for all operations
#[wasm_bindgen] #[wasm_bindgen]
#[derive(Clone)] #[derive(Clone)]
pub struct WasmSupervisorClient { pub struct WasmSupervisorClient {
server_url: String, server_url: String,
secret: Option<String>, secret: String,
} }
/// Error types for WASM client operations /// Error types for WASM client operations
@@ -124,24 +125,20 @@ pub use hero_job::JobBuilder;
#[wasm_bindgen] #[wasm_bindgen]
impl WasmSupervisorClient { impl WasmSupervisorClient {
/// Create a new WASM supervisor client without authentication /// Create a new WASM supervisor client with authentication secret
#[wasm_bindgen(constructor)] #[wasm_bindgen(constructor)]
pub fn new(server_url: String) -> Self { pub fn new(server_url: String, secret: String) -> Self {
console_log::init_with_level(log::Level::Info).ok(); console_log::init_with_level(log::Level::Info).ok();
Self { Self {
server_url, server_url,
secret: None, secret,
} }
} }
/// Create a new WASM supervisor client with authentication secret /// Alias for new() to maintain backward compatibility
#[wasm_bindgen] #[wasm_bindgen]
pub fn with_secret(server_url: String, secret: String) -> Self { pub fn with_secret(server_url: String, secret: String) -> Self {
console_log::init_with_level(log::Level::Info).ok(); Self::new(server_url, secret)
Self {
server_url,
secret: Some(secret),
}
} }
/// Get the server URL /// Get the server URL
@@ -183,12 +180,9 @@ impl WasmSupervisorClient {
} }
/// Verify the client's stored API key /// Verify the client's stored API key
/// Uses the secret that was set when creating the client with with_secret() /// Uses the secret that was set when creating the client
pub async fn auth_verify_self(&self) -> Result<JsValue, JsValue> { pub async fn auth_verify_self(&self) -> Result<JsValue, JsValue> {
let key = self.secret.as_ref() self.auth_verify(self.secret.clone()).await
.ok_or_else(|| JsValue::from_str("Client not authenticated - use with_secret() to create authenticated client"))?;
self.auth_verify(key.clone()).await
} }
/// Create a new API key (admin only) /// Create a new API key (admin only)
@@ -326,10 +320,22 @@ impl WasmSupervisorClient {
if let Ok(runners) = serde_json::from_value::<Vec<String>>(result) { if let Ok(runners) = serde_json::from_value::<Vec<String>>(result) {
Ok(runners) Ok(runners)
} else { } else {
Err(JsValue::from_str("Invalid response format for list_runners")) Err(JsValue::from_str("Failed to parse runners list"))
} }
}, },
Err(e) => Err(JsValue::from_str(&e.to_string())), Err(e) => Err(JsValue::from_str(&format!("Failed to list runners: {}", e)))
}
}
/// Get status of all runners
pub async fn get_all_runner_status(&self) -> Result<JsValue, JsValue> {
match self.call_method("get_all_runner_status", serde_json::Value::Null).await {
Ok(result) => {
// Convert serde_json::Value to JsValue
Ok(serde_wasm_bindgen::to_value(&result)
.map_err(|e| JsValue::from_str(&format!("Failed to convert result: {}", e)))?)
},
Err(e) => Err(JsValue::from_str(&format!("Failed to get runner statuses: {}", e)))
} }
} }
@@ -709,11 +715,10 @@ impl WasmSupervisorClient {
headers.set("Content-Type", "application/json") headers.set("Content-Type", "application/json")
.map_err(|e| WasmClientError::JavaScript(format!("{:?}", e)))?; .map_err(|e| WasmClientError::JavaScript(format!("{:?}", e)))?;
// Add Authorization header if secret is present // Add Authorization header with secret
if let Some(secret) = &self.secret { let auth_value = format!("Bearer {}", self.secret);
headers.set("Authorization", &format!("Bearer {}", secret)) headers.set("Authorization", &auth_value)
.map_err(|e| WasmClientError::JavaScript(format!("{:?}", e)))?; .map_err(|e| WasmClientError::JavaScript(format!("{:?}", e)))?;
}
// Create request init // Create request init
let opts = RequestInit::new(); let opts = RequestInit::new();
@@ -770,8 +775,8 @@ pub fn init() {
/// Utility function to create a client from JavaScript /// Utility function to create a client from JavaScript
#[wasm_bindgen] #[wasm_bindgen]
pub fn create_client(server_url: String) -> WasmSupervisorClient { pub fn create_client(server_url: String, secret: String) -> WasmSupervisorClient {
WasmSupervisorClient::new(server_url) WasmSupervisorClient::new(server_url, secret)
} }
/// Sign a job's canonical representation with a private key /// Sign a job's canonical representation with a private key

25
core/Cargo.toml
View File

@@ -13,8 +13,8 @@ path = "src/bin/supervisor.rs"
[dependencies] [dependencies]
# Job types # Job types
hero-job = { git = "https://git.ourworld.tf/herocode/job.git" } hero-job = { path = "../../job/rust" }
hero-job-client = { git = "https://git.ourworld.tf/herocode/job.git" } hero-job-client = { path = "../../job/rust/client" }
# Async runtime # Async runtime
tokio = { version = "1.0", features = ["full"] } tokio = { version = "1.0", features = ["full"] }
@@ -23,37 +23,37 @@ tokio = { version = "1.0", features = ["full"] }
async-trait = "0.1" async-trait = "0.1"
# Redis client # Redis client
redis = { version = "0.25", features = ["aio", "tokio-comp"] } redis = { version = "0.25", features = ["tokio-comp", "connection-manager"] }
# Job module dependencies (now integrated) # Job module dependencies (now integrated)
uuid = { version = "1.0", features = ["v4"] } uuid = { version = "1.6", features = ["v4", "serde"] }
# Logging # Logging
log = "0.4" log = "0.4"
thiserror = "1.0" thiserror = "1.0"
chrono = "0.4" chrono = { version = "0.4", features = ["serde"] }
serde = { version = "1.0", features = ["derive"] } serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0" serde_json = "1.0"
env_logger = "0.10" env_logger = "0.10"
# CLI argument parsing # CLI argument parsing
clap = { version = "4.0", features = ["derive"] } clap = { version = "4.4", features = ["derive"] }
toml = "0.8" toml = "0.8"
# OpenRPC dependencies (now always included) # OpenRPC dependencies (now always included)
jsonrpsee = { version = "0.24", features = ["server", "macros"] } jsonrpsee = { version = "0.26", features = ["server", "macros"] }
anyhow = "1.0" anyhow = "1.0"
futures = "0.3"
# CORS support for OpenRPC server # CORS support for OpenRPC server
tower-http = { version = "0.5", features = ["cors"] } tower-http = { version = "0.5", features = ["cors"] }
tower = "0.4" tower = "0.5"
hyper = { version = "1.0", features = ["full"] } hyper = { version = "1.0", features = ["full"] }
hyper-util = { version = "0.1", features = ["tokio"] } hyper-util = { version = "0.1", features = ["tokio"] }
http-body-util = "0.1"
# Mycelium integration (optional) # Osiris client for persistent storage
base64 = { version = "0.22", optional = true } osiris-client = { path = "../../osiris/client" }
rand = { version = "0.8", optional = true }
reqwest = { version = "0.12", features = ["json"], optional = true }
[dev-dependencies] [dev-dependencies]
tokio-test = "0.4" tokio-test = "0.4"
@@ -63,7 +63,6 @@ escargot = "0.5"
[features] [features]
default = ["cli"] default = ["cli"]
cli = [] cli = []
mycelium = ["base64", "rand", "reqwest"]
# Examples # Examples
[[example]] [[example]]

65
core/examples/generate_keypairs.rs
View File

@@ -1,65 +0,0 @@
/// Generate test secp256k1 keypairs for supervisor authentication testing
///
/// Run with: cargo run --example generate_keypairs
use secp256k1::{Secp256k1, SecretKey, PublicKey};
use hex;
fn main() {
let secp = Secp256k1::new();
println!("# Test Keypairs for Supervisor Auth\n");
println!("These are secp256k1 keypairs for testing the supervisor authentication system.\n");
println!("⚠️ WARNING: These are TEST keypairs only! Never use these in production!\n");
// Generate 5 keypairs with simple private keys for testing
let test_keys = vec![
("Alice (Admin)", "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef"),
("Bob (User)", "fedcba0987654321fedcba0987654321fedcba0987654321fedcba0987654321"),
("Charlie (Register)", "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"),
("Dave (Test)", "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb"),
("Eve (Test)", "cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc"),
];
for (i, (name, privkey_hex)) in test_keys.iter().enumerate() {
println!("## Keypair {} ({})", i + 1, name);
println!("```");
// Parse private key
let privkey_bytes = hex::decode(privkey_hex).expect("Invalid hex");
let secret_key = SecretKey::from_slice(&privkey_bytes).expect("Invalid private key");
// Derive public key
let public_key = PublicKey::from_secret_key(&secp, &secret_key);
// Serialize keys
let pubkey_hex = hex::encode(public_key.serialize_uncompressed());
println!("Private Key: 0x{}", privkey_hex);
println!("Public Key: 0x{}", pubkey_hex);
println!("```\n");
}
println!("\n## Usage Examples\n");
println!("### Using with OpenRPC Client\n");
println!("```rust");
println!("use secp256k1::{{Secp256k1, SecretKey}};");
println!("use hex;");
println!();
println!("// Alice's private key");
println!("let alice_privkey = SecretKey::from_slice(");
println!(" &hex::decode(\"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef\").unwrap()");
println!(").unwrap();");
println!();
println!("// Create client with signature");
println!("let client = WasmSupervisorClient::new_with_keypair(");
println!(" \"http://127.0.0.1:3030\",");
println!(" alice_privkey");
println!(");");
println!("```\n");
println!("### Testing Different Scopes\n");
println!("1. **Admin Scope** - Use Alice's keypair for full admin access");
println!("2. **User Scope** - Use Bob's keypair for limited user access");
println!("3. **Register Scope** - Use Charlie's keypair for runner registration only\n");
}

190
core/src/app.rs
View File

@@ -1,190 +0,0 @@
//! # Hero Supervisor Application
//!
//! Simplified supervisor application that wraps a built Supervisor instance.
//! Use SupervisorBuilder to construct the supervisor with all configuration,
//! then pass it to SupervisorApp for runtime management.
use crate::Supervisor;
#[cfg(feature = "mycelium")]
use crate::mycelium::MyceliumIntegration;
use log::{info, error, debug};
#[cfg(feature = "mycelium")]
use std::sync::Arc;
#[cfg(feature = "mycelium")]
use tokio::sync::Mutex;
/// Main supervisor application
pub struct SupervisorApp {
pub supervisor: Supervisor,
pub mycelium_url: String,
pub topic: String,
}
impl SupervisorApp {
/// Create a new supervisor application with a built supervisor
pub fn new(supervisor: Supervisor, mycelium_url: String, topic: String) -> Self {
Self {
supervisor,
mycelium_url,
topic,
}
}
/// Start the complete supervisor application
/// This method handles the entire application lifecycle:
/// - Starts all configured runners
/// - Connects to Mycelium daemon for message transport
/// - Sets up graceful shutdown handling
/// - Keeps the application running
pub async fn start(&mut self) -> Result<(), Box<dyn std::error::Error>> {
info!("Starting Hero Supervisor Application");
// Start all configured runners
self.start_all().await?;
// Start Mycelium integration
self.start_mycelium_integration().await?;
// Set up graceful shutdown
self.setup_graceful_shutdown().await;
// Keep the application running
info!("Supervisor is running. Press Ctrl+C to shutdown.");
self.run_main_loop().await;
Ok(())
}
/// Start the Mycelium integration
async fn start_mycelium_integration(&self) -> Result<(), Box<dyn std::error::Error>> {
#[cfg(feature = "mycelium")]
{
// Skip Mycelium if URL is empty
if self.mycelium_url.is_empty() {
info!("Mycelium integration disabled (no URL provided)");
return Ok(());
}
info!("Starting Mycelium integration...");
let supervisor_for_mycelium = Arc::new(Mutex::new(self.supervisor.clone()));
let mycelium_url = self.mycelium_url.clone();
let topic = self.topic.clone();
let mycelium_integration = MyceliumIntegration::new(
supervisor_for_mycelium,
mycelium_url,
topic,
);
// Start the Mycelium integration in a background task
let integration_handle = tokio::spawn(async move {
if let Err(e) = mycelium_integration.start().await {
error!("Mycelium integration error: {}", e);
}
});
// Give the integration a moment to start
tokio::time::sleep(tokio::time::Duration::from_millis(100)).await;
info!("Mycelium integration started successfully");
// Store the handle for potential cleanup
std::mem::forget(integration_handle); // For now, let it run in background
}
#[cfg(not(feature = "mycelium"))]
{
info!("Mycelium integration not enabled (compile with --features mycelium)");
}
Ok(())
}
/// Set up graceful shutdown handling
async fn setup_graceful_shutdown(&self) {
tokio::spawn(async move {
tokio::signal::ctrl_c().await.expect("Failed to listen for ctrl+c");
info!("Received shutdown signal");
std::process::exit(0);
});
}
/// Main application loop
async fn run_main_loop(&self) {
// Keep the main thread alive
loop {
tokio::time::sleep(tokio::time::Duration::from_secs(1)).await;
}
}
/// Start all configured runners
pub async fn start_all(&mut self) -> Result<(), Box<dyn std::error::Error>> {
info!("Starting all runners");
let results = self.supervisor.start_all().await;
let mut failed_count = 0;
for (runner_id, result) in results {
match result {
Ok(_) => info!("Runner {} started successfully", runner_id),
Err(e) => {
error!("Failed to start runner {}: {}", runner_id, e);
failed_count += 1;
}
}
}
if failed_count == 0 {
info!("All runners started successfully");
} else {
error!("Failed to start {} runners", failed_count);
}
Ok(())
}
/// Stop all configured runners
pub async fn stop_all(&mut self, force: bool) -> Result<(), Box<dyn std::error::Error>> {
info!("Stopping all runners (force: {})", force);
let results = self.supervisor.stop_all(force).await;
let mut failed_count = 0;
for (runner_id, result) in results {
match result {
Ok(_) => info!("Runner {} stopped successfully", runner_id),
Err(e) => {
error!("Failed to stop runner {}: {}", runner_id, e);
failed_count += 1;
}
}
}
if failed_count == 0 {
info!("All runners stopped successfully");
} else {
error!("Failed to stop {} runners", failed_count);
}
Ok(())
}
/// Get status of all runners
pub async fn get_status(&self) -> Result<Vec<(String, String)>, Box<dyn std::error::Error>> {
debug!("Getting status of all runners");
let statuses = self.supervisor.get_all_runner_status().await
.map_err(|e| Box::new(e) as Box<dyn std::error::Error>)?;
let status_strings: Vec<(String, String)> = statuses
.into_iter()
.map(|(runner_id, status)| {
let status_str = format!("{:?}", status);
(runner_id, status_str)
})
.collect();
Ok(status_strings)
}
}

92
core/src/auth.rs
View File

@@ -65,66 +65,6 @@ impl ApiKey {
} }
} }
/// API key store
#[derive(Debug, Clone, Default)]
pub struct ApiKeyStore {
/// Map of key -> ApiKey
keys: HashMap<String, ApiKey>,
}
impl ApiKeyStore {
pub fn new() -> Self {
Self {
keys: HashMap::new(),
}
}
/// Add a new API key
pub fn add_key(&mut self, key: ApiKey) {
self.keys.insert(key.key.clone(), key);
}
/// Remove an API key by its key value
pub fn remove_key(&mut self, key: &str) -> Option<ApiKey> {
self.keys.remove(key)
}
/// Get an API key by its key value
pub fn get_key(&self, key: &str) -> Option<&ApiKey> {
self.keys.get(key)
}
/// Verify a key and return its metadata if valid
pub fn verify_key(&self, key: &str) -> Option<&ApiKey> {
self.get_key(key)
}
/// List all keys with a specific scope
pub fn list_keys_by_scope(&self, scope: ApiKeyScope) -> Vec<&ApiKey> {
self.keys
.values()
.filter(|k| k.scope == scope)
.collect()
}
/// List all keys
pub fn list_all_keys(&self) -> Vec<&ApiKey> {
self.keys.values().collect()
}
/// Count keys by scope
pub fn count_by_scope(&self, scope: ApiKeyScope) -> usize {
self.keys.values().filter(|k| k.scope == scope).count()
}
/// Bootstrap with an initial admin key
pub fn bootstrap_admin_key(&mut self, name: String) -> ApiKey {
let key = ApiKey::new(name, ApiKeyScope::Admin);
self.add_key(key.clone());
key
}
}
/// Response for auth verification /// Response for auth verification
#[derive(Debug, Clone, Serialize, Deserialize)] #[derive(Debug, Clone, Serialize, Deserialize)]
pub struct AuthVerifyResponse { pub struct AuthVerifyResponse {
@@ -132,3 +72,35 @@ pub struct AuthVerifyResponse {
pub name: String, pub name: String,
pub scope: String, pub scope: String,
} }
/// Method authorization requirements
/// Maps RPC method names to required scopes
pub fn get_method_required_scopes(method: &str) -> Option<Vec<ApiKeyScope>> {
use ApiKeyScope::*;
match method {
// Admin-only methods
"key.add" | "key.remove" | "key.list" |
"auth.create_key" | "auth.remove_key" | "auth.list_keys" |
"supervisor.info" |
"secrets.list_admin" | "secrets.list_user" | "secrets.list_register" => {
Some(vec![Admin])
}
// Admin or Registrar methods
"runner.register" | "runner.add" | "runner.remove" => {
Some(vec![Admin, Registrar])
}
// Admin or User methods
"jobs.create" | "job.run" | "job.start" | "job.stop" | "job.delete" => {
Some(vec![Admin, User])
}
// Public methods (no auth required)
"rpc.discover" => None,
// Any authenticated user
_ => Some(vec![Admin, Registrar, User]),
}
}

144
core/src/bin/supervisor.rs
View File

@@ -1,38 +1,26 @@
//! # Hero Supervisor Binary //! Hero Supervisor Binary
//!
//! Main supervisor binary that manages multiple actors and listens to jobs over Redis.
//! The supervisor builds with actor configuration, starts actors, and dispatches jobs
//! to the appropriate runners based on the job's runner field.
use hero_supervisor::SupervisorBuilder;
use hero_supervisor::{SupervisorApp, SupervisorBuilder};
use clap::Parser; use clap::Parser;
use log::{info, error}; use log::{error, info};
use std::path::PathBuf; use std::sync::Arc;
use tokio::sync::Mutex;
/// Hero Supervisor - manages actors and dispatches jobs
/// Command line arguments for the supervisor
#[derive(Parser, Debug)] #[derive(Parser, Debug)]
#[command(name = "supervisor")] #[command(name = "supervisor")]
#[command(about = "Hero Supervisor - manages multiple actors and dispatches jobs")] #[command(about = "Hero Supervisor - manages actors and dispatches jobs")]
struct Args { struct Args {
/// Path to the configuration TOML file
#[arg(short, long, value_name = "FILE")]
config: Option<PathBuf>,
/// Redis URL for job queue /// Redis URL for job queue
#[arg(long, default_value = "redis://localhost:6379")] #[arg(long, default_value = "redis://127.0.0.1:6379")]
redis_url: String, redis_url: String,
/// Namespace for Redis keys /// Namespace for Redis keys
#[arg(long, default_value = "")] #[arg(long, default_value = "")]
namespace: String, namespace: String,
/// Admin secrets (can be specified multiple times) /// Admin secrets (required, can be specified multiple times)
#[arg(long = "admin-secret", value_name = "SECRET")] #[arg(long = "admin-secret", value_name = "SECRET", required = true)]
admin_secrets: Vec<String>, admin_secrets: Vec<String>,
/// User secrets (can be specified multiple times) /// User secrets (can be specified multiple times)
@@ -43,14 +31,6 @@ struct Args {
#[arg(long = "register-secret", value_name = "SECRET")] #[arg(long = "register-secret", value_name = "SECRET")]
register_secrets: Vec<String>, register_secrets: Vec<String>,
/// Mycelium daemon URL
#[arg(long, default_value = "http://127.0.0.1:8990")]
mycelium_url: String,
/// Mycelium topic for supervisor RPC messages
#[arg(long, default_value = "supervisor.rpc")]
topic: String,
/// Port for OpenRPC HTTP server /// Port for OpenRPC HTTP server
#[arg(long, default_value = "3030")] #[arg(long, default_value = "3030")]
port: u16, port: u16,
@@ -59,102 +39,50 @@ struct Args {
#[arg(long, default_value = "127.0.0.1")] #[arg(long, default_value = "127.0.0.1")]
bind_address: String, bind_address: String,
/// Bootstrap an initial admin API key with the given name /// Pre-configured runner names (comma-separated)
#[arg(long = "bootstrap-admin-key", value_name = "NAME")] #[arg(long, value_name = "NAMES", value_delimiter = ',')]
bootstrap_admin_key: Option<String>, runners: Vec<String>,
} }
#[tokio::main] #[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> { async fn main() -> Result<(), Box<dyn std::error::Error>> {
// Initialize logging
env_logger::init(); env_logger::init();
info!("Starting Hero Supervisor");
// Parse command line arguments
let args = Args::parse(); let args = Args::parse();
// Build supervisor
// Create and initialize supervisor using builder pattern
let mut builder = SupervisorBuilder::new() let mut builder = SupervisorBuilder::new()
.redis_url(&args.redis_url) .admin_secrets(args.admin_secrets);
.namespace(&args.namespace);
// Add secrets from CLI arguments
if !args.admin_secrets.is_empty() {
info!("Adding {} admin secret(s)", args.admin_secrets.len());
builder = builder.admin_secrets(args.admin_secrets);
}
if !args.user_secrets.is_empty() { if !args.user_secrets.is_empty() {
info!("Adding {} user secret(s)", args.user_secrets.len());
builder = builder.user_secrets(args.user_secrets); builder = builder.user_secrets(args.user_secrets);
} }
if !args.register_secrets.is_empty() { if !args.register_secrets.is_empty() {
info!("Adding {} register secret(s)", args.register_secrets.len());
builder = builder.register_secrets(args.register_secrets); builder = builder.register_secrets(args.register_secrets);
} }
let supervisor = match args.config { let mut supervisor = builder.build().await?;
Some(_config_path) => {
info!("Loading configuration from config file not yet implemented");
// For now, use CLI configuration
builder.build().await?
}
None => {
info!("Using CLI configuration");
builder.build().await?
}
};
// Bootstrap admin key if requested // Register pre-configured runners
if let Some(admin_key_name) = args.bootstrap_admin_key { if !args.runners.is_empty() {
info!("Bootstrapping admin API key: {}", admin_key_name); for runner_name in &args.runners {
let admin_key = supervisor.bootstrap_admin_key(admin_key_name).await; match supervisor.runner_create(runner_name.clone()).await {
println!("\n╔════════════════════════════════════════════════════════════╗"); Ok(_) => {},
println!("║ 🔑 Admin API Key Created ║"); Err(e) => error!("Failed to register runner '{}': {}", runner_name, e),
println!("╚════════════════════════════════════════════════════════════╝"); }
println!(" Name: {}", admin_key.name); }
println!(" Key: {}", admin_key.key);
println!(" Scope: {}", admin_key.scope.as_str());
println!(" ⚠️ SAVE THIS KEY - IT WILL NOT BE SHOWN AGAIN!");
println!("╚════════════════════════════════════════════════════════════╝\n");
} }
// Print startup information // Start OpenRPC server
let server_url = format!("http://{}:{}", args.bind_address, args.port);
println!("\n╔════════════════════════════════════════════════════════════╗");
println!("║ Hero Supervisor Started ║");
println!("╚════════════════════════════════════════════════════════════╝");
println!(" 📡 OpenRPC Server: {}", server_url);
println!(" 🔗 Redis: {}", args.redis_url);
#[cfg(feature = "mycelium")]
if !args.mycelium_url.is_empty() {
println!(" 🌐 Mycelium: {}", args.mycelium_url);
} else {
println!(" 🌐 Mycelium: Disabled");
}
#[cfg(not(feature = "mycelium"))]
println!(" 🌐 Mycelium: Not compiled (use --features mycelium)");
println!("╚════════════════════════════════════════════════════════════╝\n");
// Start OpenRPC server in background
use std::sync::Arc;
use tokio::sync::Mutex;
use hero_supervisor::openrpc::start_http_openrpc_server; use hero_supervisor::openrpc::start_http_openrpc_server;
let supervisor_arc = Arc::new(Mutex::new(supervisor.clone())); let supervisor_clone = supervisor.clone();
let bind_addr = args.bind_address.clone(); let bind_addr = args.bind_address.clone();
let port = args.port; let port = args.port;
tokio::spawn(async move { tokio::spawn(async move {
info!("Starting OpenRPC server on {}:{}", bind_addr, port); match start_http_openrpc_server(supervisor_clone, &bind_addr, port).await {
match start_http_openrpc_server(supervisor_arc, &bind_addr, port).await {
Ok(handle) => { Ok(handle) => {
info!("OpenRPC server started successfully");
// Keep the server running by holding the handle
handle.stopped().await; handle.stopped().await;
error!("OpenRPC server stopped unexpectedly"); error!("OpenRPC server stopped unexpectedly");
} }
@@ -164,13 +92,21 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
} }
}); });
// Give the server a moment to start
tokio::time::sleep(tokio::time::Duration::from_millis(500)).await; tokio::time::sleep(tokio::time::Duration::from_millis(500)).await;
let mut app = SupervisorApp::new(supervisor, args.mycelium_url, args.topic); // Print startup info
println!("📡 http://{}:{}", args.bind_address, args.port);
info!("Hero Supervisor is running. Press Ctrl+C to shutdown.");
// Start the complete supervisor application // Set up graceful shutdown
app.start().await?; tokio::spawn(async move {
tokio::signal::ctrl_c().await.expect("Failed to listen for ctrl+c");
info!("Received shutdown signal");
std::process::exit(0);
});
Ok(()) // Keep the application running
loop {
tokio::time::sleep(tokio::time::Duration::from_secs(1)).await;
}
} }

198
core/src/builder.rs Normal file
View File

@@ -0,0 +1,198 @@
//! Supervisor builder for configuration and initialization.
use crate::error::{SupervisorError, SupervisorResult};
use crate::Supervisor;
use hero_job_client::ClientBuilder;
/// Builder for constructing a Supervisor instance
pub struct SupervisorBuilder {
/// Set of registered runner IDs
runners: std::collections::HashSet<String>,
/// Redis URL for connection
redis_url: String,
/// Admin secrets for bootstrapping API keys
admin_secrets: Vec<String>,
/// User secrets for bootstrapping API keys
user_secrets: Vec<String>,
/// Register secrets for bootstrapping API keys
register_secrets: Vec<String>,
client_builder: ClientBuilder,
/// Osiris URL for queries (optional)
osiris_url: Option<String>,
/// Supervisor URL for commands via Osiris (optional)
supervisor_url: Option<String>,
/// Supervisor secret for Osiris commands (optional)
supervisor_secret: Option<String>,
/// Runner name for Osiris operations (optional)
osiris_runner_name: Option<String>,
}
impl SupervisorBuilder {
/// Create a new supervisor builder
pub fn new() -> Self {
Self {
runners: std::collections::HashSet::new(),
redis_url: "redis://localhost:6379".to_string(),
admin_secrets: Vec::new(),
user_secrets: Vec::new(),
register_secrets: Vec::new(),
client_builder: ClientBuilder::new(),
osiris_url: None,
supervisor_url: None,
supervisor_secret: None,
osiris_runner_name: None,
}
}
/// Set the Osiris URL for queries
pub fn osiris_url<S: Into<String>>(mut self, url: S) -> Self {
self.osiris_url = Some(url.into());
self
}
/// Set the Supervisor URL for Osiris commands
pub fn supervisor_url_for_osiris<S: Into<String>>(mut self, url: S) -> Self {
self.supervisor_url = Some(url.into());
self
}
/// Set the Supervisor secret for Osiris commands
pub fn supervisor_secret<S: Into<String>>(mut self, secret: S) -> Self {
self.supervisor_secret = Some(secret.into());
self
}
/// Set the runner name for Osiris operations
pub fn osiris_runner_name<S: Into<String>>(mut self, name: S) -> Self {
self.osiris_runner_name = Some(name.into());
self
}
/// Add an admin secret
pub fn add_admin_secret<S: Into<String>>(mut self, secret: S) -> Self {
self.admin_secrets.push(secret.into());
self
}
/// Add multiple admin secrets
pub fn admin_secrets<I, S>(mut self, secrets: I) -> Self
where
I: IntoIterator<Item = S>,
S: Into<String>,
{
self.admin_secrets.extend(secrets.into_iter().map(|s| s.into()));
self
}
/// Add a user secret
pub fn add_user_secret<S: Into<String>>(mut self, secret: S) -> Self {
self.user_secrets.push(secret.into());
self
}
/// Add multiple user secrets
pub fn user_secrets<I, S>(mut self, secrets: I) -> Self
where
I: IntoIterator<Item = S>,
S: Into<String>,
{
self.user_secrets.extend(secrets.into_iter().map(|s| s.into()));
self
}
/// Add a register secret
pub fn add_register_secret<S: Into<String>>(mut self, secret: S) -> Self {
self.register_secrets.push(secret.into());
self
}
/// Add multiple register secrets
pub fn register_secrets<I, S>(mut self, secrets: I) -> Self
where
I: IntoIterator<Item = S>,
S: Into<String>,
{
self.register_secrets.extend(secrets.into_iter().map(|s| s.into()));
self
}
/// Add a runner to the supervisor
pub fn add_runner(mut self, runner_id: String) -> Self {
self.runners.insert(runner_id);
self
}
/// Build the supervisor
pub async fn build(self) -> SupervisorResult<Supervisor> {
// Create Redis client
let redis_client = redis::Client::open(self.redis_url.as_str())
.map_err(|e| SupervisorError::ConfigError {
reason: format!("Invalid Redis URL: {}", e),
})?;
// Create the store
let mut store = crate::store::Store::new();
// Add admin secrets as API keys
for secret in &self.admin_secrets {
store.key_create(
crate::auth::ApiKey::new(secret.clone(), crate::auth::ApiKeyScope::Admin),
);
}
// Add user secrets as API keys
for secret in &self.user_secrets {
store.key_create(
crate::auth::ApiKey::new(secret.clone(), crate::auth::ApiKeyScope::User),
);
}
// Add register secrets as API keys
for secret in &self.register_secrets {
store.key_create(
crate::auth::ApiKey::new(secret.clone(), crate::auth::ApiKeyScope::Registrar),
);
}
// Build the client
let client = self.client_builder.build().await?;
// Build Osiris client if configured
let osiris_client = if let (Some(osiris_url), Some(supervisor_url)) =
(self.osiris_url, self.supervisor_url) {
let mut builder = osiris_client::OsirisClient::builder()
.osiris_url(osiris_url)
.supervisor_url(supervisor_url)
.runner_name(self.osiris_runner_name.unwrap_or_else(|| "osiris-runner".to_string()));
if let Some(secret) = self.supervisor_secret {
builder = builder.supervisor_secret(secret);
}
let client = builder.build().map_err(|e| SupervisorError::ConfigError {
reason: format!("Failed to build Osiris client: {}", e),
})?;
Some(client)
} else {
None
};
// Add pre-configured runners to the store
for runner_id in self.runners {
let _ = store.runner_add(runner_id);
}
Ok(Supervisor {
store: std::sync::Arc::new(tokio::sync::Mutex::new(store)),
job_client: client,
redis_client,
osiris_client,
})
}
}
impl Default for SupervisorBuilder {
fn default() -> Self {
Self::new()
}
}

73
core/src/error.rs Normal file
View File

@@ -0,0 +1,73 @@
//! Error types for supervisor operations.
use thiserror::Error;
use jsonrpsee::types::{ErrorObject, ErrorObjectOwned};
/// Result type for supervisor operations
pub type SupervisorResult<T> = Result<T, SupervisorError>;
/// Errors that can occur during supervisor operations
#[derive(Debug, Error)]
pub enum SupervisorError {
#[error("Runner '{runner_id}' not found")]
RunnerNotFound { runner_id: String },
#[error("Runner '{runner_id}' is already registered")]
RunnerAlreadyRegistered { runner_id: String },
#[error("Job '{job_id}' not found")]
JobNotFound { job_id: String },
#[error("Failed to queue job for runner '{runner_id}': {reason}")]
QueueError { runner_id: String, reason: String },
#[error("Configuration error: {reason}")]
ConfigError { reason: String },
#[error("Invalid secret or API key: {0}")]
InvalidSecret(String),
#[error("Authentication error: {message}")]
AuthenticationError { message: String },
#[error("Insufficient permissions: {message}")]
PermissionDenied { message: String },
#[error("Redis error: {source}")]
RedisError {
#[from]
source: redis::RedisError,
},
#[error("Job error: {source}")]
JobError {
#[from]
source: hero_job::JobError,
},
#[error("Job client error: {source}")]
JobClientError {
#[from]
source: hero_job_client::ClientError,
},
#[error("IO error: {source}")]
IoError {
#[from]
source: std::io::Error,
},
#[error("Osiris client error: {0}")]
OsirisError(String),
}
/// Implement conversion from SupervisorError → RPC ErrorObject
impl From<SupervisorError> for ErrorObject<'static> {
fn from(err: SupervisorError) -> Self {
ErrorObject::owned(
-32603, // Internal error code
format!("Supervisor error: {err}"),
None::<()>,
)
}
}

3
core/src/job.rs
View File

@@ -1,3 +0,0 @@
// Re-export job types from the hero-job crate
pub use hero_job::{Job, JobBuilder, JobStatus, JobError};
use hero_job_client::{Client, ClientBuilder};

21
core/src/lib.rs
View File

@@ -2,24 +2,15 @@
//! //!
//! See README.md for detailed documentation and usage examples. //! See README.md for detailed documentation and usage examples.
pub mod runner;
pub mod job;
pub mod supervisor; pub mod supervisor;
pub mod app; pub mod builder;
pub mod error;
pub mod openrpc; pub mod openrpc;
pub mod auth; pub mod auth;
pub mod services; pub mod store;
#[cfg(feature = "mycelium")]
pub mod mycelium;
// Re-export main types for convenience // Re-export main types for convenience
pub use runner::{Runner, RunnerConfig, RunnerResult, RunnerStatus}; pub use supervisor::Supervisor;
// pub use sal_service_manager::{ProcessManager, SimpleProcessManager, TmuxProcessManager}; pub use builder::SupervisorBuilder;
pub use supervisor::{Supervisor, SupervisorBuilder, ProcessManagerType}; pub use error::{SupervisorError, SupervisorResult};
pub use hero_job::{Job, JobBuilder, JobStatus, JobError}; pub use hero_job::{Job, JobBuilder, JobStatus, JobError};
use hero_job_client::{Client, ClientBuilder};
pub use app::SupervisorApp;
#[cfg(feature = "mycelium")]
pub use mycelium::{MyceliumIntegration, MyceliumServer};

1329
core/src/openrpc.rs
View File

File diff suppressed because it is too large Load Diff

230
core/src/openrpc/tests.rs
View File

@@ -1,230 +0,0 @@
//! Tests for the new job API methods
#[cfg(test)]
mod job_api_tests {
use super::super::*;
use crate::supervisor::{Supervisor, SupervisorBuilder};
use crate::job::{Job, JobBuilder};
use std::sync::Arc;
use tokio::sync::Mutex;
use serde_json::json;
async fn create_test_supervisor() -> Arc<Mutex<Supervisor>> {
let supervisor = SupervisorBuilder::new()
.redis_url("redis://localhost:6379")
.namespace("test_job_api")
.build()
.await
.unwrap_or_else(|_| Supervisor::default());
let mut supervisor = supervisor;
supervisor.add_admin_secret("test-admin-secret".to_string());
supervisor.add_user_secret("test-user-secret".to_string());
Arc::new(Mutex::new(supervisor))
}
fn create_test_job() -> Job {
JobBuilder::new()
.id("test-job-123".to_string())
.caller_id("test-client".to_string())
.context_id("test-context".to_string())
.script("print('Hello World')".to_string())
.script_type(crate::job::ScriptType::Osis)
.timeout(30)
.build()
.unwrap()
}
#[tokio::test]
async fn test_jobs_create() {
let supervisor = create_test_supervisor().await;
let job = create_test_job();
let params = RunJobParams {
secret: "test-user-secret".to_string(),
job: job.clone(),
};
let result = supervisor.jobs_create(params).await;
assert!(result.is_ok());
let job_id = result.unwrap();
assert_eq!(job_id, job.id);
}
#[tokio::test]
async fn test_jobs_create_invalid_secret() {
let supervisor = create_test_supervisor().await;
let job = create_test_job();
let params = RunJobParams {
secret: "invalid-secret".to_string(),
job,
};
let result = supervisor.jobs_create(params).await;
assert!(result.is_err());
}
#[tokio::test]
async fn test_jobs_list() {
let supervisor = create_test_supervisor().await;
let result = supervisor.jobs_list().await;
// Should not error even if Redis is not available (will return empty list or error)
// The important thing is that the method signature works
assert!(result.is_ok() || result.is_err());
}
#[tokio::test]
async fn test_job_run_success_format() {
let supervisor = create_test_supervisor().await;
let job = create_test_job();
let params = RunJobParams {
secret: "test-user-secret".to_string(),
job,
};
let result = supervisor.job_run(params).await;
// The result should be a JobResult enum
match result {
Ok(JobResult::Success { success: _ }) => {
// Success case - job executed and returned output
},
Ok(JobResult::Error { error: _ }) => {
// Error case - job failed but method worked
},
Err(_) => {
// Method error (authentication, etc.)
// This is acceptable for testing without actual runners
}
}
}
#[tokio::test]
async fn test_job_start() {
let supervisor = create_test_supervisor().await;
let params = StartJobParams {
secret: "test-user-secret".to_string(),
job_id: "test-job-123".to_string(),
};
let result = supervisor.job_start(params).await;
// Should fail gracefully if job doesn't exist
assert!(result.is_err() || result.is_ok());
}
#[tokio::test]
async fn test_job_start_invalid_secret() {
let supervisor = create_test_supervisor().await;
let params = StartJobParams {
secret: "invalid-secret".to_string(),
job_id: "test-job-123".to_string(),
};
let result = supervisor.job_start(params).await;
assert!(result.is_err());
}
#[tokio::test]
async fn test_job_status() {
let supervisor = create_test_supervisor().await;
let result = supervisor.job_status("test-job-123".to_string()).await;
// Should return error for non-existent job
assert!(result.is_err());
}
#[tokio::test]
async fn test_job_result() {
let supervisor = create_test_supervisor().await;
let result = supervisor.job_result("test-job-123".to_string()).await;
// Should return error for non-existent job
assert!(result.is_err());
}
#[test]
fn test_job_result_enum_serialization() {
let success_result = JobResult::Success {
success: "Job completed successfully".to_string(),
};
let serialized = serde_json::to_string(&success_result).unwrap();
assert!(serialized.contains("success"));
assert!(serialized.contains("Job completed successfully"));
let error_result = JobResult::Error {
error: "Job failed with error".to_string(),
};
let serialized = serde_json::to_string(&error_result).unwrap();
assert!(serialized.contains("error"));
assert!(serialized.contains("Job failed with error"));
}
#[test]
fn test_job_status_response_serialization() {
let status_response = JobStatusResponse {
job_id: "test-job-123".to_string(),
status: "running".to_string(),
created_at: "2023-01-01T00:00:00Z".to_string(),
started_at: Some("2023-01-01T00:00:05Z".to_string()),
completed_at: None,
};
let serialized = serde_json::to_string(&status_response).unwrap();
assert!(serialized.contains("test-job-123"));
assert!(serialized.contains("running"));
assert!(serialized.contains("2023-01-01T00:00:00Z"));
assert!(serialized.contains("2023-01-01T00:00:05Z"));
let deserialized: JobStatusResponse = serde_json::from_str(&serialized).unwrap();
assert_eq!(deserialized.job_id, "test-job-123");
assert_eq!(deserialized.status, "running");
assert_eq!(deserialized.started_at, Some("2023-01-01T00:00:05Z".to_string()));
assert_eq!(deserialized.completed_at, None);
}
#[test]
fn test_start_job_params_serialization() {
let params = StartJobParams {
secret: "test-secret".to_string(),
job_id: "job-123".to_string(),
};
let serialized = serde_json::to_string(&params).unwrap();
assert!(serialized.contains("test-secret"));
assert!(serialized.contains("job-123"));
let deserialized: StartJobParams = serde_json::from_str(&serialized).unwrap();
assert_eq!(deserialized.secret, "test-secret");
assert_eq!(deserialized.job_id, "job-123");
}
#[test]
fn test_method_naming_convention() {
// Test that method names follow the jobs./job. convention
// These should be the actual method names in the trait
let jobs_methods = vec!["jobs.create", "jobs.list"];
let job_methods = vec!["job.run", "job.start", "job.status", "job.result"];
// Verify naming convention
for method in jobs_methods {
assert!(method.starts_with("jobs."));
}
for method in job_methods {
assert!(method.starts_with("job."));
}
}
}

207
core/src/runner.rs
View File

@@ -1,207 +0,0 @@
//! Runner implementation for actor process management.
// use sal_service_manager::{ProcessManagerError as ServiceProcessManagerError, ProcessStatus, ProcessConfig};
/// Simple process status enum to replace sal_service_manager dependency
#[derive(Debug, Clone, PartialEq, serde::Serialize, serde::Deserialize)]
pub enum ProcessStatus {
NotStarted,
Starting,
Running,
Stopping,
Stopped,
Failed,
Error(String),
}
/// Simple process config to replace sal_service_manager dependency
#[derive(Debug, Clone)]
pub struct ProcessConfig {
pub command: String,
pub args: Vec<String>,
pub working_dir: Option<String>,
pub env_vars: Vec<(String, String)>,
}
impl ProcessConfig {
pub fn new(command: String, args: Vec<String>, working_dir: Option<String>, env_vars: Vec<(String, String)>) -> Self {
Self {
command,
args,
working_dir,
env_vars,
}
}
}
/// Simple process manager error to replace sal_service_manager dependency
#[derive(Debug, thiserror::Error)]
pub enum ProcessManagerError {
#[error("Process execution failed: {0}")]
ExecutionFailed(String),
#[error("Process not found: {0}")]
ProcessNotFound(String),
#[error("IO error: {0}")]
IoError(String),
}
use std::path::PathBuf;
/// Represents the current status of an actor/runner (alias for ProcessStatus)
pub type RunnerStatus = ProcessStatus;
/// Log information structure with serialization support
#[derive(Debug, Clone, serde::Serialize, serde::Deserialize)]
pub struct LogInfo {
pub timestamp: String,
pub level: String,
pub message: String,
}
/// Runner configuration and state (merged from RunnerConfig)
#[derive(Debug, Clone)]
pub struct Runner {
/// Unique identifier for the runner
pub id: String,
pub name: String,
pub namespace: String,
/// Path to the actor binary
pub command: PathBuf, // Command to run runner by, used only if supervisor is used to run runners
/// Redis URL for job queue
pub redis_url: String,
/// Additional command-line arguments
pub extra_args: Vec<String>,
}
impl Runner {
/// Create a new runner from configuration
pub fn from_config(config: RunnerConfig) -> Self {
Self {
id: config.id,
name: config.name,
namespace: config.namespace,
command: config.command,
redis_url: config.redis_url,
extra_args: config.extra_args,
}
}
/// Create a new runner with extra arguments
pub fn with_args(
id: String,
name: String,
namespace: String,
command: PathBuf,
redis_url: String,
extra_args: Vec<String>,
) -> Self {
Self {
id,
name,
namespace,
command,
redis_url,
extra_args,
}
}
/// Get the queue key for this runner with the given namespace
pub fn get_queue(&self) -> String {
if self.namespace == "" {
format!("runner:{}", self.name)
} else {
format!("{}:runner:{}", self.namespace, self.name)
}
}
}
/// Result type for runner operations
pub type RunnerResult<T> = Result<T, RunnerError>;
/// Errors that can occur during runner operations
#[derive(Debug, thiserror::Error)]
pub enum RunnerError {
#[error("Actor '{actor_id}' not found")]
ActorNotFound { actor_id: String },
#[error("Actor '{actor_id}' is already running")]
ActorAlreadyRunning { actor_id: String },
#[error("Actor '{actor_id}' is not running")]
ActorNotRunning { actor_id: String },
#[error("Failed to start actor '{actor_id}': {reason}")]
StartupFailed { actor_id: String, reason: String },
#[error("Failed to stop actor '{actor_id}': {reason}")]
StopFailed { actor_id: String, reason: String },
#[error("Timeout waiting for actor '{actor_id}' to start")]
StartupTimeout { actor_id: String },
#[error("Job queue error for actor '{actor_id}': {reason}")]
QueueError { actor_id: String, reason: String },
#[error("Process manager error: {source}")]
ProcessManagerError {
#[from]
source: ProcessManagerError,
},
#[error("Configuration error: {reason}")]
ConfigError { reason: String },
#[error("Invalid secret: {0}")]
InvalidSecret(String),
#[error("IO error: {source}")]
IoError {
#[from]
source: std::io::Error,
},
#[error("Redis error: {source}")]
RedisError {
#[from]
source: redis::RedisError,
},
#[error("Job error: {source}")]
JobError {
#[from]
source: hero_job::JobError,
},
#[error("Job client error: {source}")]
JobClientError {
#[from]
source: hero_job_client::ClientError,
},
#[error("Job '{job_id}' not found")]
JobNotFound { job_id: String },
#[error("Authentication error: {message}")]
AuthenticationError { message: String },
}
// Type alias for backward compatibility
pub type RunnerConfig = Runner;
/// Convert Runner to ProcessConfig
pub fn runner_to_process_config(config: &Runner) -> ProcessConfig {
let mut args = vec![
config.id.clone(), // First positional argument is the runner ID
"--redis-url".to_string(),
config.redis_url.clone(),
];
// Add extra arguments (e.g., context configurations)
args.extend(config.extra_args.clone());
ProcessConfig::new(
config.command.to_string_lossy().to_string(),
args,
Some("/tmp".to_string()), // Default working directory since Runner doesn't have working_dir field
vec![]
)
}

286
core/src/store.rs Normal file
View File

@@ -0,0 +1,286 @@
//! In-memory storage layer for Supervisor
//!
//! Provides CRUD operations for:
//! - API Keys
//! - Runners
//! - Jobs
use crate::auth::{ApiKey, ApiKeyScope};
use crate::error::{SupervisorError, SupervisorResult};
use hero_job::Job;
use std::collections::{HashMap, HashSet};
/// In-memory storage for all supervisor data
pub struct Store {
/// API keys (key_value -> ApiKey)
api_keys: HashMap<String, ApiKey>,
/// Registered runner IDs
runners: HashSet<String>,
/// In-memory job storage (job_id -> Job)
jobs: HashMap<String, Job>,
}
impl Store {
/// Create a new store
pub fn new() -> Self {
Self {
api_keys: HashMap::new(),
runners: HashSet::new(),
jobs: HashMap::new(),
}
}
// ==================== API Key Operations ====================
/// Create an API key with a specific value
pub fn key_create(&mut self, key: ApiKey) -> ApiKey {
self.api_keys.insert(key.name.clone(), key.clone());
key
}
/// Create a new API key with generated UUID
pub fn key_create_new(&mut self, name: String, scope: ApiKeyScope) -> ApiKey {
let key = ApiKey::new(name, scope);
self.api_keys.insert(key.name.clone(), key.clone());
key
}
/// Get an API key by its value
pub fn key_get(&self, key_name: &str) -> Option<&ApiKey> {
self.api_keys.get(key_name)
}
/// Delete an API key
pub fn key_delete(&mut self, key_name: &str) -> Option<ApiKey> {
self.api_keys.remove(key_name)
}
/// List all API keys
pub fn key_list(&self) -> Vec<ApiKey> {
self.api_keys.values().cloned().collect()
}
/// List API keys by scope
pub fn key_list_by_scope(&self, scope: ApiKeyScope) -> Vec<ApiKey> {
self.api_keys
.values()
.filter(|k| k.scope == scope)
.cloned()
.collect()
}
// ==================== Runner Operations ====================
/// Add a runner
pub fn runner_add(&mut self, runner_id: String) -> SupervisorResult<()> {
self.runners.insert(runner_id);
Ok(())
}
/// Remove a runner
pub fn runner_remove(&mut self, runner_id: &str) -> SupervisorResult<()> {
self.runners.remove(runner_id);
Ok(())
}
/// Check if a runner exists
pub fn runner_exists(&self, runner_id: &str) -> bool {
self.runners.contains(runner_id)
}
/// List all runner IDs
pub fn runner_list_all(&self) -> Vec<String> {
self.runners.iter().cloned().collect()
}
// ==================== Job Operations ====================
/// Store a job in memory
pub fn job_store(&mut self, job: Job) -> SupervisorResult<()> {
self.jobs.insert(job.id.clone(), job);
Ok(())
}
/// Get a job from memory
pub fn job_get(&self, job_id: &str) -> SupervisorResult<Job> {
self.jobs
.get(job_id)
.cloned()
.ok_or_else(|| SupervisorError::JobNotFound {
job_id: job_id.to_string(),
})
}
/// Delete a job from memory
pub fn job_delete(&mut self, job_id: &str) -> SupervisorResult<()> {
self.jobs
.remove(job_id)
.ok_or_else(|| SupervisorError::JobNotFound {
job_id: job_id.to_string(),
})?;
Ok(())
}
/// List all job IDs
pub fn job_list(&self) -> Vec<String> {
self.jobs.keys().cloned().collect()
}
/// Check if a job exists
pub fn job_exists(&self, job_id: &str) -> bool {
self.jobs.contains_key(job_id)
}
}
impl Clone for Store {
fn clone(&self) -> Self {
Self {
api_keys: self.api_keys.clone(),
runners: self.runners.clone(),
jobs: self.jobs.clone(),
}
}
}
#[cfg(test)]
mod tests {
use super::*;
use hero_job::JobBuilder;
fn create_test_store() -> Store {
Store::new()
}
fn create_test_job(id: &str, runner: &str) -> Job {
let mut job = JobBuilder::new()
.caller_id("test_caller")
.context_id("test_context")
.runner(runner)
.executor("test")
.payload("test payload")
.build()
.unwrap();
job.id = id.to_string(); // Set ID manually
job
}
#[test]
fn test_api_key_operations() {
let mut store = create_test_store();
// Create key
let key = store.key_create_new("test_key".to_string(), ApiKeyScope::Admin);
assert_eq!(key.name, "test_key");
assert_eq!(key.scope, ApiKeyScope::Admin);
// Get key
let retrieved = store.key_get(&key.key);
assert!(retrieved.is_some());
assert_eq!(retrieved.unwrap().name, "test_key");
// List keys
let keys = store.key_list();
assert_eq!(keys.len(), 1);
// List by scope
let admin_keys = store.key_list_by_scope(ApiKeyScope::Admin);
assert_eq!(admin_keys.len(), 1);
// Delete key
let removed = store.key_delete(&key.key);
assert!(removed.is_some());
assert!(store.key_get(&key.key).is_none());
}
#[test]
fn test_runner_operations() {
let mut store = create_test_store();
// Add runner
assert!(store.runner_add("runner1".to_string()).is_ok());
assert!(store.runner_exists("runner1"));
// List runners
let runners = store.runner_list_all();
assert_eq!(runners.len(), 1);
assert!(runners.contains(&"runner1".to_string()));
// List all runners
let all_runners = store.runner_list_all();
assert_eq!(all_runners.len(), 1);
// Remove runner
assert!(store.runner_remove("runner1").is_ok());
assert!(!store.runner_exists("runner1"));
}
#[test]
fn test_job_operations() {
let mut store = create_test_store();
let job = create_test_job("job1", "runner1");
// Store job
assert!(store.job_store(job.clone()).is_ok());
assert!(store.job_exists("job1"));
// Get job
let retrieved = store.job_get("job1");
assert!(retrieved.is_ok());
assert_eq!(retrieved.unwrap().id, "job1");
// List jobs
let jobs = store.job_list();
assert_eq!(jobs.len(), 1);
assert!(jobs.contains(&"job1".to_string()));
// Delete job
assert!(store.job_delete("job1").is_ok());
assert!(!store.job_exists("job1"));
assert!(store.job_get("job1").is_err());
}
#[test]
fn test_job_not_found() {
let store = create_test_store();
let result = store.job_get("nonexistent");
assert!(result.is_err());
}
#[test]
fn test_multiple_jobs() {
let mut store = create_test_store();
// Add multiple jobs
for i in 1..=3 {
let job = create_test_job(&format!("job{}", i), "runner1");
assert!(store.job_store(job).is_ok());
}
// Verify all exist
assert_eq!(store.job_list().len(), 3);
assert!(store.job_exists("job1"));
assert!(store.job_exists("job2"));
assert!(store.job_exists("job3"));
// Delete one
assert!(store.job_delete("job2").is_ok());
assert_eq!(store.job_list().len(), 2);
assert!(!store.job_exists("job2"));
}
#[test]
fn test_store_clone() {
let mut store = create_test_store();
store.runner_add("runner1".to_string()).unwrap();
let job = create_test_job("job1", "runner1");
store.job_store(job).unwrap();
// Clone the store
let cloned = store.clone();
// Verify cloned data
assert!(cloned.runner_exists("runner1"));
assert!(cloned.job_exists("job1"));
}
}

1096
core/src/supervisor.rs
View File

File diff suppressed because it is too large Load Diff

195
core/tests/README.md Normal file
View File

@@ -0,0 +1,195 @@
# Supervisor End-to-End Tests
Comprehensive integration tests for all Hero Supervisor OpenRPC client methods.
## Prerequisites
1. **Redis Server Running:**
```bash
redis-server
```
2. **Supervisor Running:**
```bash
cd /Users/timurgordon/code/git.ourworld.tf/herocode/supervisor
./scripts/run.sh
```
## Running Tests
### Run All Tests
```bash
cargo test --test end_to_end
```
### Run Specific Test
```bash
cargo test --test end_to_end test_01_rpc_discover
```
### Run with Output
```bash
cargo test --test end_to_end -- --nocapture
```
### Run in Order (Sequential)
```bash
cargo test --test end_to_end -- --test-threads=1 --nocapture
```
## Test Coverage
### ✅ Discovery & Info
- `test_01_rpc_discover` - OpenRPC specification discovery
- `test_15_supervisor_info` - Supervisor information
### ✅ Runner Management
- `test_02_runner_register` - Register a new runner
- `test_03_runner_list` - List all runners
- `test_14_runner_remove` - Remove a runner
### ✅ Job Management
- `test_04_jobs_create` - Create a job without running
- `test_05_jobs_list` - List all jobs
- `test_06_job_run_simple` - Run a job and wait for result
- `test_07_job_status` - Get job status
- `test_08_job_get` - Get job by ID
- `test_09_job_delete` - Delete a job
### ✅ Authentication & API Keys
- `test_10_auth_verify` - Verify current API key
- `test_11_auth_key_create` - Create new API key
- `test_12_auth_key_list` - List all API keys
- `test_13_auth_key_remove` - Remove an API key
### ✅ Complete Workflow
- `test_99_complete_workflow` - End-to-end integration test
## Test Configuration
Tests use the following defaults:
- **Supervisor URL:** `http://127.0.0.1:3030`
- **Admin Secret:** `807470fd1e1ccc3fb997a1d4177cceb31a68cb355a4412c8fd6e66e517e902be`
- **Test Runner:** `test-runner` (all tests use this runner name)
**Important:** All tests use the same runner name (`test-runner`), so you only need to start one runner with that name to run all tests.
## Expected Behavior
### Successful Tests
All tests should pass when:
- Supervisor is running on port 3030
- Admin secret matches configuration
- Redis is accessible
### Expected Warnings
Some tests may show warnings if:
- `job.run` times out (no actual runner connected to Redis)
- Runners already exist from previous test runs
These are expected and don't indicate test failure.
## Troubleshooting
### Connection Refused
```
Error: tcp connect error, 127.0.0.1:3030, Connection refused
```
**Solution:** Start the supervisor with `./scripts/run.sh`
### Method Not Found
```
Error: Method not found
```
**Solution:** Rebuild supervisor with latest code:
```bash
cd /Users/timurgordon/code/git.ourworld.tf/herocode/supervisor
cargo build
```
### Authorization Failed
```
Error: Missing Authorization header
```
**Solution:** Check that `ADMIN_SECRET` in test matches supervisor configuration
### Job Tests Timeout
```
Error: JsonRpc(RequestTimeout)
```
**Solution:** Make sure you have a runner connected with the name `test-runner`:
```bash
cd /Users/timurgordon/code/git.ourworld.tf/herocode/runner/rust
cargo run --bin runner_osiris -- test-runner
```
## Continuous Integration
To run tests in CI:
```bash
#!/bin/bash
# Start Redis
redis-server --daemonize yes
# Start Supervisor
cd /Users/timurgordon/code/git.ourworld.tf/herocode/supervisor
./scripts/run.sh &
SUPERVISOR_PID=$!
# Wait for supervisor to be ready
sleep 2
# Run tests
cargo test --test end_to_end
# Cleanup
kill $SUPERVISOR_PID
redis-cli shutdown
```
## Adding New Tests
1. Create a new test function:
```rust
#[tokio::test]
async fn test_XX_my_new_test() {
println!("\n🧪 Test: my.new.method");
let client = create_client().await;
// ... test code ...
println!("✅ my.new.method works");
}
```
2. Run it:
```bash
cargo test --test end_to_end test_XX_my_new_test -- --nocapture
```
## Test Output Example
```
🧪 Test: rpc.discover
✅ rpc.discover works
🧪 Test: runner.register
✅ runner.register works - registered: test-runner-e2e
🧪 Test: runner.list
✅ runner.list works - found 3 runners
- osiris
- freezone
- test-runner-e2e
🧪 Test: jobs.create
✅ jobs.create works - created job: 550e8400-e29b-41d4-a716-446655440000
...
```
## Notes
- Tests are designed to be idempotent (can run multiple times)
- Tests clean up after themselves when possible
- Some tests depend on previous test state (use `--test-threads=1` for strict ordering)
- Job execution tests may timeout if no runner is connected to Redis (this is expected)

408
core/tests/end_to_end.rs Normal file
View File

@@ -0,0 +1,408 @@
//! End-to-End Integration Tests for Hero Supervisor
//!
//! Tests all OpenRPC client methods against a running supervisor instance.
use hero_supervisor_openrpc_client::SupervisorClient;
use hero_job::{Job, JobBuilder};
/// Test configuration
const SUPERVISOR_URL: &str = "http://127.0.0.1:3030";
const ADMIN_SECRET: &str = "807470fd1e1ccc3fb997a1d4177cceb31a68cb355a4412c8fd6e66e517e902be";
const TEST_RUNNER_NAME: &str = "test-runner";
/// Helper to create a test client
async fn create_client() -> SupervisorClient {
SupervisorClient::builder()
.url(SUPERVISOR_URL)
.secret(ADMIN_SECRET)
.build()
.expect("Failed to create supervisor client")
}
/// Helper to create a test job (always uses TEST_RUNNER_NAME)
fn create_test_job(payload: &str) -> Job {
JobBuilder::new()
.caller_id("e2e-test")
.context_id("test-context")
.runner(TEST_RUNNER_NAME)
.payload(payload)
.executor("rhai")
.timeout(30)
.build()
.expect("Failed to build test job")
}
#[tokio::test]
async fn test_01_rpc_discover() {
println!("\n🧪 Test: rpc.discover");
let client = create_client().await;
let result = client.discover().await;
assert!(result.is_ok(), "rpc.discover should succeed");
let spec = result.unwrap();
// Verify it's a valid OpenRPC spec
assert!(spec.get("openrpc").is_some(), "Should have openrpc field");
assert!(spec.get("methods").is_some(), "Should have methods field");
println!("✅ rpc.discover works");
}
#[tokio::test]
async fn test_02_runner_register() {
println!("\n🧪 Test: runner.register");
let client = create_client().await;
// Register a test runner
let result = client.register_runner(TEST_RUNNER_NAME).await;
// Should succeed or already exist
match result {
Ok(name) => {
assert_eq!(name, TEST_RUNNER_NAME);
println!("✅ runner.register works - registered: {}", name);
}
Err(e) => {
// If it fails, it might already exist, which is okay
println!("⚠️ runner.register: {:?} (may already exist)", e);
}
}
}
#[tokio::test]
async fn test_03_runner_list() {
println!("\n🧪 Test: runner.list");
let client = create_client().await;
// First ensure our test runner exists
let _ = client.register_runner(TEST_RUNNER_NAME).await;
// List all runners
let result = client.list_runners().await;
assert!(result.is_ok(), "runner.list should succeed");
let runners = result.unwrap();
assert!(!runners.is_empty(), "Should have at least one runner");
assert!(runners.contains(&TEST_RUNNER_NAME.to_string()),
"Should contain our test runner");
println!("✅ runner.list works - found {} runners", runners.len());
for runner in &runners {
println!(" - {}", runner);
}
}
#[tokio::test]
async fn test_04_jobs_create() {
println!("\n🧪 Test: jobs.create");
let client = create_client().await;
// Ensure runner exists
let _ = client.register_runner(TEST_RUNNER_NAME).await;
// Create a job without running it
let job = create_test_job("print('test job');");
let result = client.jobs_create(job).await;
match &result {
Ok(_) => {},
Err(e) => println!(" Error: {:?}", e),
}
assert!(result.is_ok(), "jobs.create should succeed");
let job_id = result.unwrap();
assert!(!job_id.is_empty(), "Should return a job ID");
println!("✅ jobs.create works - created job: {}", job_id);
}
#[tokio::test]
async fn test_05_jobs_list() {
println!("\n🧪 Test: jobs.list");
let client = create_client().await;
// Create a job first
let _ = client.register_runner(TEST_RUNNER_NAME).await;
let job = create_test_job("print('list test');");
let _ = client.jobs_create(job).await;
// List all jobs
let result = client.jobs_list().await;
assert!(result.is_ok(), "jobs.list should succeed");
let jobs = result.unwrap();
println!("✅ jobs.list works - found {} jobs", jobs.len());
}
#[tokio::test]
async fn test_06_job_run_simple() {
println!("\n🧪 Test: job.run (simple script)");
let client = create_client().await;
// Ensure runner exists
let _ = client.register_runner(TEST_RUNNER_NAME).await;
// Run a simple job
let job = create_test_job(r#"
print("Hello from test!");
42
"#);
let result = client.job_run(job, Some(30)).await;
// Note: This will timeout if no runner is actually connected to Redis
// but we're testing the API call itself
match result {
Ok(response) => {
println!("✅ job.run works - job_id: {}, status: {}",
response.job_id, response.status);
}
Err(e) => {
println!("⚠️ job.run: {:?} (runner may not be connected)", e);
// This is expected if no actual runner is listening
}
}
}
#[tokio::test]
async fn test_07_job_status() {
println!("\n🧪 Test: job.status");
let client = create_client().await;
// Create a job first
let _ = client.register_runner(TEST_RUNNER_NAME).await;
let job = create_test_job("print('status test');");
let job_id = client.jobs_create(job).await.expect("Failed to create job");
// Get job status
let result = client.job_status(&job_id).await;
assert!(result.is_ok(), "job.status should succeed");
let status = result.unwrap();
assert_eq!(status.job_id, job_id);
println!("✅ job.status works - job: {}, status: {}",
status.job_id, status.status);
}
#[tokio::test]
async fn test_08_job_get() {
println!("\n🧪 Test: job.get");
let client = create_client().await;
// Create a job first
let _ = client.register_runner(TEST_RUNNER_NAME).await;
let original_job = create_test_job("print('get test');");
let job_id = client.jobs_create(original_job.clone()).await
.expect("Failed to create job");
// Get the job
let result = client.get_job(&job_id).await;
assert!(result.is_ok(), "job.get should succeed");
let job = result.unwrap();
assert_eq!(job.id, job_id);
println!("✅ job.get works - retrieved job: {}", job.id);
}
#[tokio::test]
async fn test_09_job_delete() {
println!("\n🧪 Test: job.delete");
let client = create_client().await;
// Create a job first
let _ = client.register_runner(TEST_RUNNER_NAME).await;
let job = create_test_job("print('delete test');");
let job_id = client.jobs_create(job).await.expect("Failed to create job");
// Delete the job
let result = client.job_delete(&job_id).await;
assert!(result.is_ok(), "job.delete should succeed");
println!("✅ job.delete works - deleted job: {}", job_id);
// Verify it's gone
let get_result = client.get_job(&job_id).await;
assert!(get_result.is_err(), "Job should not exist after deletion");
}
#[tokio::test]
async fn test_10_auth_verify() {
println!("\n🧪 Test: auth.verify");
let client = create_client().await;
let result = client.auth_verify().await;
assert!(result.is_ok(), "auth.verify should succeed with valid key");
let auth_info = result.unwrap();
println!("✅ auth.verify works");
println!(" Scope: {}", auth_info.scope);
println!(" Name: {}", auth_info.name.unwrap_or_else(|| "N/A".to_string()));
}
#[tokio::test]
async fn test_11_auth_key_create() {
println!("\n🧪 Test: auth.key.create");
let client = create_client().await;
let result = client.auth_create_key("test-key".to_string(), "user".to_string()).await;
assert!(result.is_ok(), "auth.key.create should succeed");
let api_key = result.unwrap();
assert!(!api_key.key.is_empty(), "Should return a key");
assert_eq!(api_key.name, "test-key");
assert_eq!(api_key.scope, "user");
println!("✅ auth.key.create works - created key: {}...",
&api_key.key[..api_key.key.len().min(8)]);
}
#[tokio::test]
async fn test_12_auth_key_list() {
println!("\n🧪 Test: auth.key.list");
let client = create_client().await;
// Create a key first
let _ = client.auth_create_key("list-test-key".to_string(), "user".to_string()).await;
let result = client.auth_list_keys().await;
assert!(result.is_ok(), "auth.key.list should succeed");
let keys = result.unwrap();
println!("✅ auth.key.list works - found {} keys", keys.len());
for key in &keys {
println!(" - {} ({}): {}...", key.name, key.scope,
&key.key[..key.key.len().min(8)]);
}
}
#[tokio::test]
async fn test_13_auth_key_remove() {
println!("\n🧪 Test: auth.key.remove");
let client = create_client().await;
// Create a key first
let api_key = client.auth_create_key("remove-test-key".to_string(), "user".to_string())
.await
.expect("Failed to create key");
// Remove it
let result = client.auth_remove_key(api_key.key.clone()).await;
assert!(result.is_ok(), "auth.key.remove should succeed");
let removed = result.unwrap();
assert!(removed, "Should return true when key is removed");
println!("✅ auth.key.remove works - removed key: {}...",
&api_key.key[..api_key.key.len().min(8)]);
}
#[tokio::test]
async fn test_14_runner_remove() {
println!("\n🧪 Test: runner.remove");
let client = create_client().await;
// Register a runner to remove
let runner_name = "test-runner-to-remove";
let _ = client.register_runner(runner_name).await;
// Remove it
let result = client.remove_runner(runner_name).await;
assert!(result.is_ok(), "runner.remove should succeed");
println!("✅ runner.remove works - removed: {}", runner_name);
// Verify it's gone
let runners = client.list_runners().await.unwrap();
assert!(!runners.contains(&runner_name.to_string()),
"Runner should not exist after removal");
}
#[tokio::test]
async fn test_15_supervisor_info() {
println!("\n🧪 Test: supervisor.info");
let client = create_client().await;
let result = client.get_supervisor_info().await;
assert!(result.is_ok(), "supervisor.info should succeed");
let info = result.unwrap();
println!("✅ supervisor.info works");
println!(" Server URL: {}", info.server_url);
}
/// Integration test that runs a complete workflow
#[tokio::test]
async fn test_99_complete_workflow() {
println!("\n🧪 Test: Complete Workflow");
let client = create_client().await;
// 1. Register runner
println!(" 1. Registering runner...");
let _ = client.register_runner("workflow-runner").await;
// 2. List runners
println!(" 2. Listing runners...");
let runners = client.list_runners().await.unwrap();
assert!(runners.contains(&"workflow-runner".to_string()));
// 3. Create API key
println!(" 3. Creating API key...");
let api_key = client.auth_create_key("workflow-key".to_string(), "user".to_string())
.await.unwrap();
// 4. Verify auth
println!(" 4. Verifying auth...");
let _ = client.auth_verify().await.unwrap();
// 5. Create job
println!(" 5. Creating job...");
let job = create_test_job("print('workflow test');");
let job_id = client.jobs_create(job).await.unwrap();
// 6. Get job status
println!(" 6. Getting job status...");
let status = client.job_status(&job_id).await.unwrap();
assert_eq!(status.job_id, job_id);
// 7. List all jobs
println!(" 7. Listing all jobs...");
let jobs = client.jobs_list().await.unwrap();
assert!(!jobs.is_empty());
// 8. Delete job
println!(" 8. Deleting job...");
let _ = client.job_delete(&job_id).await.unwrap();
// 9. Remove API key
println!(" 9. Removing API key...");
let _ = client.auth_remove_key(api_key.key).await.unwrap();
// 10. Remove runner
println!(" 10. Removing runner...");
let _ = client.remove_runner("workflow-runner").await.unwrap();
println!("✅ Complete workflow test passed!");
}

248
core/tests/job_api_integration_tests.rs
View File

@@ -29,251 +29,3 @@ async fn is_supervisor_available() -> bool {
Err(_) => false, Err(_) => false,
} }
} }
#[tokio::test]
async fn test_jobs_create_and_start() {
if !is_supervisor_available().await {
println!("Skipping test - supervisor not available");
return;
}
let client = SupervisorClient::new("http://localhost:3030").unwrap();
let secret = "user-secret-456";
let job = create_test_job("create_and_start").unwrap();
// Test jobs.create
let job_id = client.jobs_create(secret, job).await.unwrap();
assert!(!job_id.is_empty());
// Test job.start
let result = client.job_start(secret, &job_id).await;
assert!(result.is_ok());
}
#[tokio::test]
async fn test_job_status_monitoring() {
if !is_supervisor_available().await {
println!("Skipping test - supervisor not available");
return;
}
let client = SupervisorClient::new("http://localhost:3030").unwrap();
let secret = "user-secret-456";
let job = create_test_job("status_monitoring").unwrap();
let job_id = client.jobs_create(secret, job).await.unwrap();
client.job_start(secret, &job_id).await.unwrap();
// Test job.status
let mut attempts = 0;
let max_attempts = 10;
while attempts < max_attempts {
let status = client.job_status(&job_id).await.unwrap();
assert!(!status.job_id.is_empty());
assert!(!status.status.is_empty());
assert!(!status.created_at.is_empty());
if status.status == "completed" || status.status == "failed" {
break;
}
attempts += 1;
sleep(Duration::from_secs(1)).await;
}
}
#[tokio::test]
async fn test_job_result_retrieval() {
if !is_supervisor_available().await {
println!("Skipping test - supervisor not available");
return;
}
let client = SupervisorClient::new("http://localhost:3030").unwrap();
let secret = "user-secret-456";
let job = create_test_job("result_retrieval").unwrap();
let job_id = client.jobs_create(secret, job).await.unwrap();
client.job_start(secret, &job_id).await.unwrap();
// Wait a bit for job to complete
sleep(Duration::from_secs(3)).await;
// Test job.result
let result = client.job_result(&job_id).await.unwrap();
match result {
JobResult::Success { success } => {
assert!(!success.is_empty());
},
JobResult::Error { error } => {
assert!(!error.is_empty());
}
}
}
#[tokio::test]
async fn test_job_run_immediate() {
if !is_supervisor_available().await {
println!("Skipping test - supervisor not available");
return;
}
let client = SupervisorClient::new("http://localhost:3030").unwrap();
let secret = "user-secret-456";
let job = create_test_job("immediate_run").unwrap();
// Test job.run (immediate execution)
let result = client.job_run(secret, job).await.unwrap();
match result {
JobResult::Success { success } => {
assert!(!success.is_empty());
},
JobResult::Error { error } => {
assert!(!error.is_empty());
}
}
}
#[tokio::test]
async fn test_jobs_list() {
if !is_supervisor_available().await {
println!("Skipping test - supervisor not available");
return;
}
let client = SupervisorClient::new("http://localhost:3030").unwrap();
// Test jobs.list
let job_ids = client.jobs_list().await.unwrap();
// Should return a vector (might be empty)
assert!(job_ids.len() >= 0);
}
#[tokio::test]
async fn test_authentication_failures() {
if !is_supervisor_available().await {
println!("Skipping test - supervisor not available");
return;
}
let client = SupervisorClient::new("http://localhost:3030").unwrap();
let invalid_secret = "invalid-secret-123";
let job = create_test_job("auth_failure").unwrap();
// Test that invalid secrets fail
let result = client.jobs_create(invalid_secret, job.clone()).await;
assert!(result.is_err());
let result = client.job_run(invalid_secret, job.clone()).await;
assert!(result.is_err());
let result = client.job_start(invalid_secret, "fake-job-id").await;
assert!(result.is_err());
}
#[tokio::test]
async fn test_nonexistent_job_operations() {
if !is_supervisor_available().await {
println!("Skipping test - supervisor not available");
return;
}
let client = SupervisorClient::new("http://localhost:3030").unwrap();
let fake_job_id = format!("nonexistent-{}", Uuid::new_v4());
// Test operations on nonexistent job should fail
let result = client.job_status(&fake_job_id).await;
assert!(result.is_err());
let result = client.job_result(&fake_job_id).await;
assert!(result.is_err());
}
#[tokio::test]
async fn test_complete_workflow() {
if !is_supervisor_available().await {
println!("Skipping test - supervisor not available");
return;
}
let client = SupervisorClient::new("http://localhost:3030").unwrap();
let secret = "user-secret-456";
let job = create_test_job("complete_workflow").unwrap();
// Complete workflow test
let job_id = client.jobs_create(secret, job).await.unwrap();
client.job_start(secret, &job_id).await.unwrap();
// Monitor until completion
let mut final_status = String::new();
for _ in 0..15 {
let status = client.job_status(&job_id).await.unwrap();
final_status = status.status.clone();
if final_status == "completed" || final_status == "failed" || final_status == "timeout" {
break;
}
sleep(Duration::from_secs(1)).await;
}
// Get final result
let result = client.job_result(&job_id).await.unwrap();
match result {
JobResult::Success { .. } => {
assert_eq!(final_status, "completed");
},
JobResult::Error { .. } => {
assert!(final_status == "failed" || final_status == "timeout");
}
}
}
#[tokio::test]
async fn test_batch_job_processing() {
if !is_supervisor_available().await {
println!("Skipping test - supervisor not available");
return;
}
let client = SupervisorClient::new("http://localhost:3030").unwrap();
let secret = "user-secret-456";
let job_count = 3;
let mut job_ids = Vec::new();
// Create multiple jobs
for i in 0..job_count {
let job = JobBuilder::new()
.caller_id("integration_test")
.context_id(&format!("batch_job_{}", i))
.payload(&format!("echo 'Batch job {}'", i))
.executor("osis")
.runner("osis_runner_1")
.timeout(30)
.build()
.unwrap();
let job_id = client.jobs_create(secret, job).await.unwrap();
job_ids.push(job_id);
}
// Start all jobs
for job_id in &job_ids {
client.job_start(secret, job_id).await.unwrap();
}
// Wait for all jobs to complete
sleep(Duration::from_secs(5)).await;
// Collect all results
let mut results = Vec::new();
for job_id in &job_ids {
let result = client.job_result(job_id).await.unwrap();
results.push(result);
}
// Verify we got results for all jobs
assert_eq!(results.len(), job_count);
}

91
generate_test_keypairs.py
View File

@@ -1,91 +0,0 @@
#!/usr/bin/env python3
"""
Generate test secp256k1 keypairs for supervisor authentication testing
Run with: python3 generate_test_keypairs.py
"""
from hashlib import sha256
import sys
# Simple secp256k1 implementation for key generation
def int_to_hex(n, length=32):
return hex(n)[2:].zfill(length * 2)
# These are the actual public keys derived from the private keys
# Using secp256k1 curve parameters
test_keys = [
{
"name": "Alice (Admin)",
"privkey": "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef",
"pubkey_uncompressed": "04a34b99f22c790c4e36b2b3c2c35a36db06226e41c692fc82b8b56ac1c540c5bd5b8dec5235a0fa8722476c7709c02559e3aa73aa03918ba2d492eea75abea235",
"pubkey_compressed": "02a34b99f22c790c4e36b2b3c2c35a36db06226e41c692fc82b8b56ac1c540c5bd"
},
{
"name": "Bob (User)",
"privkey": "fedcba0987654321fedcba0987654321fedcba0987654321fedcba0987654321",
"pubkey_uncompressed": "04d0de0aaeaefad02b8bdf8a56451a9852d7f851fee0cc8b4d42f3a0a4c3c2f66c1e5e3e8e3c3e3e3e3e3e3e3e3e3e3e3e3e3e3e3e3e3e3e3e3e3e3e3e3e3e3e3e",
"pubkey_compressed": "02d0de0aaeaefad02b8bdf8a56451a9852d7f851fee0cc8b4d42f3a0a4c3c2f66c"
},
{
"name": "Charlie (Register)",
"privkey": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
"pubkey_uncompressed": "04e68acfc0253a10620dff706b0a1b1f1f5833ea3beb3bde6250d4e5e1e283bb4e9504be11a68d7a263f8e2000d1f8b8c5e5e5e5e5e5e5e5e5e5e5e5e5e5e5e5e",
"pubkey_compressed": "02e68acfc0253a10620dff706b0a1b1f1f5833ea3beb3bde6250d4e5e1e283bb4e"
},
{
"name": "Dave (Test)",
"privkey": "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
"pubkey_uncompressed": "04f71e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e",
"pubkey_compressed": "02f71e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c7e8f6c"
},
{
"name": "Eve (Test)",
"privkey": "cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc",
"pubkey_uncompressed": "04a0b1c2d3e4f5a6b7c8d9e0f1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8d9e0f1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0",
"pubkey_compressed": "02a0b1c2d3e4f5a6b7c8d9e0f1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0"
}
]
print("\n╔════════════════════════════════════════════════════════════╗")
print("║ Test Keypairs for Supervisor Auth ║")
print("╚════════════════════════════════════════════════════════════╝\n")
print("⚠️ WARNING: These are TEST keypairs only! Never use in production!\n")
for i, key in enumerate(test_keys, 1):
print(f"## Keypair {i} - {key['name']}")
print("" * 61)
print(f"Private Key (hex): 0x{key['privkey']}")
print(f"Public Key (uncomp): 0x{key['pubkey_uncompressed']}")
print(f"Public Key (comp): 0x{key['pubkey_compressed']}")
print()
print("\n╔════════════════════════════════════════════════════════════╗")
print("║ Usage Examples ║")
print("╚════════════════════════════════════════════════════════════╝\n")
print("### Using with OpenRPC Client (Rust)\n")
print("```rust")
print("use secp256k1::{Secp256k1, SecretKey};")
print("use hex;")
print()
print("// Alice's private key for admin access")
print('let privkey_hex = "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef";')
print("let privkey_bytes = hex::decode(privkey_hex).unwrap();")
print("let secret_key = SecretKey::from_slice(&privkey_bytes).unwrap();")
print()
print("// Use with client")
print("let client = SupervisorClient::new_with_keypair(")
print(' "http://127.0.0.1:3030",')
print(" secret_key")
print(");")
print("```\n")
print("### Testing Different Scopes\n")
print("1. **Admin Scope** - Use Alice's keypair for full admin access")
print("2. **User Scope** - Use Bob's keypair for limited user access")
print("3. **Register Scope** - Use Charlie's keypair for runner registration\n")
print("### Quick Copy-Paste Keys\n")
for key in test_keys:
print(f"{key['name']:20s} {key['privkey']}")
print()

27
run_supervisor_simple.sh
View File

@@ -1,27 +0,0 @@
#!/bin/bash
# Run Hero Supervisor with OpenRPC server only (no Mycelium)
#
# This starts the supervisor with:
# - OpenRPC HTTP server on port 3030
# - Redis connection for job queuing
# - No Mycelium integration
#
# Usage:
# ./run_supervisor_simple.sh
echo "🚀 Starting Hero Supervisor (OpenRPC only)"
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
echo " OpenRPC Server: http://localhost:3030"
echo " Redis: redis://localhost:6379"
echo " Mycelium: Disabled"
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
echo ""
# Set environment variables
export RUST_LOG=info
export MYCELIUM_URL="" # Disable Mycelium
# Build and run
cargo run --bin supervisor --no-default-features --features cli -- \
--redis-url redis://localhost:6379 \
--port 3030

52
scripts/build.sh
View File

@@ -1,11 +1,53 @@
#!/bin/bash #!/bin/bash
set -e
SCRIPT_DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd) SCRIPT_DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
PROJECT_DIR=$(cd "$SCRIPT_DIR/.." && pwd) PROJECT_DIR=$(cd "$SCRIPT_DIR/.." && pwd)
echo "Building Hero Supervisor..." # Spinner function
cd "$PROJECT_DIR" spinner() {
RUSTFLAGS="-A warnings" cargo build --release local pid=$1
local delay=0.1
local spinstr='⠋⠙⠹⠸⠼⠴⠦⠧⠇⠏'
while ps -p $pid > /dev/null 2>&1; do
local temp=${spinstr#?}
printf " [%c] " "$spinstr"
local spinstr=$temp${spinstr%"$temp"}
sleep $delay
printf "\b\b\b\b\b\b"
done
printf " \b\b\b\b"
}
echo " Hero Supervisor built successfully" echo "Building Hero Supervisor Workspace"
echo ""
# Build core and client
printf "📦 Core & Client... "
cd "$PROJECT_DIR"
if RUSTFLAGS="-A warnings" cargo build --release --workspace > /tmp/supervisor-build-core.log 2>&1 & spinner $!; wait $!; then
echo "✅"
else
echo "❌"
echo " Error: Build failed. Run 'cd $PROJECT_DIR && cargo build --release --workspace' for details"
exit 1
fi
# # Build UI
# printf "📦 UI (WASM)... "
# cd "$PROJECT_DIR/ui"
# if ! command -v trunk &> /dev/null; then
# echo "⚠️ (trunk not installed)"
# echo " Install with: cargo install trunk"
# else
# if trunk build --release > /tmp/supervisor-build-ui.log 2>&1 & spinner $!; wait $!; then
# echo "✅"
# else
# echo "❌"
# echo " Error: Build failed. Run 'cd $PROJECT_DIR/ui && trunk build --release' for details"
# exit 1
# fi
# fi
echo ""
echo "✅ All builds completed"

18
scripts/environment.sh Executable file
View File

@@ -0,0 +1,18 @@
#!/bin/bash
# Load environment variables from .env file
SCRIPT_DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
PROJECT_DIR=$(cd "$SCRIPT_DIR/.." && pwd)
ENV_FILE="$PROJECT_DIR/.env"
if [ -f "$ENV_FILE" ]; then
# Export variables from .env file
set -a
source "$ENV_FILE"
set +a
echo "✅ Loaded environment from .env"
else
echo "⚠️ No .env file found at $ENV_FILE"
echo " Copy .env.example to .env and configure your settings"
exit 1
fi

11
scripts/generate_secret.sh Executable file
View File

@@ -0,0 +1,11 @@
#!/bin/bash
# Generate a supervisor secret key in the correct format
# Generate a random 32-byte hex string
SECRET=$(openssl rand -hex 32)
echo "Generated supervisor secret:"
echo "$SECRET"
echo ""
echo "Add this to your .env file:"
echo "SUPERVISOR_ADMIN_SECRET=$SECRET"

103
scripts/run.sh
View File

@@ -1,64 +1,71 @@
#!/bin/bash #!/bin/bash
set -e
SCRIPT_DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd) SCRIPT_DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
PROJECT_DIR=$(cd "$SCRIPT_DIR/.." && pwd) PROJECT_DIR=$(cd "$SCRIPT_DIR/.." && pwd)
# Load environment variables
source "$SCRIPT_DIR/environment.sh"
# Build first # Build first
echo "🔨 Building supervisor..."
"$SCRIPT_DIR/build.sh" "$SCRIPT_DIR/build.sh"
# Configuration # Validate required environment variables
REDIS_URL="${REDIS_URL:-redis://localhost:6379}" if [ -z "$ADMIN_SECRETS" ]; then
PORT="${PORT:-3030}" echo "❌ Error: ADMIN_SECRETS not set in .env"
BIND_ADDRESS="${BIND_ADDRESS:-127.0.0.1}" echo " Generate a secret with: ./scripts/generate_secret.sh"
BOOTSTRAP_ADMIN_KEY="${BOOTSTRAP_ADMIN_KEY:-admin}"
ADMIN_UI_PORT="${ADMIN_UI_PORT:-8080}"
LOG_LEVEL="${LOG_LEVEL:-info}"
# Cleanup function
cleanup() {
echo "Shutting down..."
kill $(jobs -p) 2>/dev/null || true
exit 0
}
trap cleanup SIGINT SIGTERM
echo "Starting Hero Supervisor..."
cd "$PROJECT_DIR"
# Start supervisor in background
RUST_LOG="$LOG_LEVEL" RUST_LOG_STYLE=never \
target/release/supervisor \
--bootstrap-admin-key "$BOOTSTRAP_ADMIN_KEY" \
--redis-url "$REDIS_URL" \
--port "$PORT" \
--bind-address "$BIND_ADDRESS" &
SUPERVISOR_PID=$!
# Wait for supervisor to start
sleep 2
# Check if supervisor is running
if ! ps -p $SUPERVISOR_PID > /dev/null 2>&1; then
echo "Failed to start supervisor"
exit 1 exit 1
fi fi
# Start admin UI # Set defaults from env vars
echo "Starting Admin UI on port $ADMIN_UI_PORT..." REDIS_URL="${REDIS_URL:-redis://127.0.0.1:6379}"
cd "$PROJECT_DIR/ui" PORT="${PORT:-3030}"
trunk serve --port "$ADMIN_UI_PORT" & BIND_ADDRESS="${BIND_ADDRESS:-127.0.0.1}"
LOG_LEVEL="${LOG_LEVEL:-info}"
ADMIN_UI_PID=$! cd "$PROJECT_DIR"
# Build command with flags from env vars
SUPERVISOR_CMD="target/release/supervisor --redis-url $REDIS_URL --port $PORT --bind-address $BIND_ADDRESS"
# Add admin secrets
IFS=',' read -ra SECRETS <<< "$ADMIN_SECRETS"
for secret in "${SECRETS[@]}"; do
SUPERVISOR_CMD="$SUPERVISOR_CMD --admin-secret $secret"
done
# Add user secrets if provided
if [ ! -z "$USER_SECRETS" ]; then
IFS=',' read -ra SECRETS <<< "$USER_SECRETS"
for secret in "${SECRETS[@]}"; do
SUPERVISOR_CMD="$SUPERVISOR_CMD --user-secret $secret"
done
fi
# Add register secrets if provided
if [ ! -z "$REGISTER_SECRETS" ]; then
IFS=',' read -ra SECRETS <<< "$REGISTER_SECRETS"
for secret in "${SECRETS[@]}"; do
SUPERVISOR_CMD="$SUPERVISOR_CMD --register-secret $secret"
done
fi
# Add mycelium URL if provided
if [ ! -z "$MYCELIUM_URL" ]; then
SUPERVISOR_CMD="$SUPERVISOR_CMD --mycelium-url $MYCELIUM_URL"
fi
# Add runners if provided
if [ ! -z "$RUNNERS" ]; then
SUPERVISOR_CMD="$SUPERVISOR_CMD --runners $RUNNERS"
fi
echo "" echo ""
echo " Hero Supervisor system started" echo "🚀 Starting Hero Supervisor"
echo " 📡 Supervisor API: http://$BIND_ADDRESS:$PORT" echo " Redis: $REDIS_URL"
echo " 🎨 Admin UI: http://127.0.0.1:$ADMIN_UI_PORT" echo " Port: $PORT"
echo " Log Level: $LOG_LEVEL"
echo "" echo ""
echo "Press Ctrl+C to stop all services"
# Wait for both processes # Run supervisor directly with output visible
wait exec env RUST_LOG="$LOG_LEVEL" RUST_LOG_STYLE=never $SUPERVISOR_CMD

53
scripts/test.sh
View File

@@ -1,8 +1,53 @@
#!/bin/bash #!/bin/bash
# serve.sh - Build optimized WASM and serve with Caddy + Brotli compression
set -e
SCRIPT_DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd) SCRIPT_DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
PROJECT_DIR=$(cd "$SCRIPT_DIR/.." && pwd)
cargo check # Spinner function
cargo test spinner() {
local pid=$1
local delay=0.1
local spinstr='⠋⠙⠹⠸⠼⠴⠦⠧⠇⠏'
while ps -p $pid > /dev/null 2>&1; do
local temp=${spinstr#?}
printf " [%c] " "$spinstr"
local spinstr=$temp${spinstr%"$temp"}
sleep $delay
printf "\b\b\b\b\b\b"
done
printf " \b\b\b\b"
}
echo "Testing Hero Supervisor Workspace"
echo ""
# Test core and client
printf "🧪 Core & Client... "
cd "$PROJECT_DIR"
if cargo test --workspace > /tmp/supervisor-test-core.log 2>&1 & spinner $!; wait $!; then
echo "✅"
else
echo "❌"
echo " Error: Tests failed. Run 'cd $PROJECT_DIR && cargo test --workspace' for details"
exit 1
fi
# Test UI
printf "🧪 UI (WASM)... "
cd "$PROJECT_DIR/ui"
if ! command -v wasm-pack &> /dev/null; then
echo "⚠️ (wasm-pack not installed)"
echo " Install with: cargo install wasm-pack"
else
if wasm-pack test --headless --firefox > /tmp/supervisor-test-ui.log 2>&1 & spinner $!; wait $!; then
echo "✅"
else
echo "❌"
echo " Error: Tests failed. Run 'cd $PROJECT_DIR/ui && wasm-pack test --headless --firefox' for details"
exit 1
fi
fi
echo ""
echo "✅ All tests completed"

212
ui/Cargo.lock generated
View File

@@ -103,6 +103,12 @@ version = "0.13.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d301b3b94cb4b2f23d7917810addbbaff90738e0ca2be692bd027e70d7e0330c" checksum = "d301b3b94cb4b2f23d7917810addbbaff90738e0ca2be692bd027e70d7e0330c"
[[package]]
name = "arc-swap"
version = "1.7.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "69f7f8c3906b62b754cd5326047894316021dcfe5a194c8ea52bdd94934a3457"
[[package]] [[package]]
name = "async-trait" name = "async-trait"
version = "0.1.89" version = "0.1.89"
@@ -426,6 +432,7 @@ checksum = "65bc07b1a8bc7c85c5f2e110c476c7389b4554ba72af57d8445ea63a576b0876"
dependencies = [ dependencies = [
"futures-channel", "futures-channel",
"futures-core", "futures-core",
"futures-executor",
"futures-io", "futures-io",
"futures-sink", "futures-sink",
"futures-task", "futures-task",
@@ -448,6 +455,17 @@ version = "0.3.31"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "05f29059c0c2090612e8d742178b0580d2dc940c837851ad723096f87af6663e" checksum = "05f29059c0c2090612e8d742178b0580d2dc940c837851ad723096f87af6663e"
[[package]]
name = "futures-executor"
version = "0.3.31"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1e28d1d997f585e54aebc3f97d39e72338912123a67330d723fdbb564d646c9f"
dependencies = [
"futures-core",
"futures-task",
"futures-util",
]
[[package]] [[package]]
name = "futures-io" name = "futures-io"
version = "0.3.31" version = "0.3.31"
@@ -985,6 +1003,7 @@ checksum = "fc0fef456e4baa96da950455cd02c081ca953b141298e41db3fc7e36b1da849c"
[[package]] [[package]]
name = "hero-job" name = "hero-job"
version = "0.1.0" version = "0.1.0"
source = "git+https://git.ourworld.tf/herocode/job.git#7b9420f3e67802e34de1337bac4e2728ed321657"
dependencies = [ dependencies = [
"chrono", "chrono",
"hex", "hex",
@@ -1002,6 +1021,7 @@ dependencies = [
[[package]] [[package]]
name = "hero-job-client" name = "hero-job-client"
version = "0.1.0" version = "0.1.0"
source = "git+https://git.ourworld.tf/herocode/job.git#7b9420f3e67802e34de1337bac4e2728ed321657"
dependencies = [ dependencies = [
"chrono", "chrono",
"hero-job", "hero-job",
@@ -1027,14 +1047,42 @@ dependencies = [
"hyper-util", "hyper-util",
"jsonrpsee", "jsonrpsee",
"log", "log",
"osiris-client",
"redis", "redis",
"serde", "serde",
"serde_json", "serde_json",
"thiserror", "thiserror",
"tokio", "tokio",
"toml", "toml",
"tower", "tower 0.4.13",
"tower-http", "tower-http 0.5.2",
"uuid",
]
[[package]]
name = "hero-supervisor"
version = "0.1.0"
source = "git+https://git.ourworld.tf/herocode/supervisor.git#4b516d9d7e38167d7c72feb070c325cd8136752a"
dependencies = [
"anyhow",
"async-trait",
"chrono",
"clap",
"env_logger 0.10.2",
"hero-job",
"hero-job-client",
"hyper",
"hyper-util",
"jsonrpsee",
"log",
"redis",
"serde",
"serde_json",
"thiserror",
"tokio",
"toml",
"tower 0.4.13",
"tower-http 0.5.2",
"uuid", "uuid",
] ]
@@ -1048,7 +1096,37 @@ dependencies = [
"getrandom 0.2.16", "getrandom 0.2.16",
"hero-job", "hero-job",
"hero-job-client", "hero-job-client",
"hero-supervisor", "hero-supervisor 0.1.0",
"hex",
"indexmap",
"js-sys",
"jsonrpsee",
"log",
"secp256k1 0.29.1",
"serde",
"serde-wasm-bindgen 0.6.5",
"serde_json",
"sha2",
"thiserror",
"tokio",
"uuid",
"wasm-bindgen",
"wasm-bindgen-futures",
"web-sys",
]
[[package]]
name = "hero-supervisor-openrpc-client"
version = "0.1.0"
source = "git+https://git.ourworld.tf/herocode/supervisor.git#4b516d9d7e38167d7c72feb070c325cd8136752a"
dependencies = [
"chrono",
"console_log",
"env_logger 0.11.8",
"getrandom 0.2.16",
"hero-job",
"hero-job-client",
"hero-supervisor 0.1.0 (git+https://git.ourworld.tf/herocode/supervisor.git)",
"hex", "hex",
"indexmap", "indexmap",
"js-sys", "js-sys",
@@ -1182,6 +1260,7 @@ version = "0.1.16"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8d9b05277c7e8da2c93a568989bb6207bef0112e8d17df7a6eda4a3cf143bc5e" checksum = "8d9b05277c7e8da2c93a568989bb6207bef0112e8d17df7a6eda4a3cf143bc5e"
dependencies = [ dependencies = [
"base64",
"bytes", "bytes",
"futures-channel", "futures-channel",
"futures-core", "futures-core",
@@ -1189,7 +1268,9 @@ dependencies = [
"http 1.3.1", "http 1.3.1",
"http-body", "http-body",
"hyper", "hyper",
"ipnet",
"libc", "libc",
"percent-encoding",
"pin-project-lite", "pin-project-lite",
"socket2 0.6.0", "socket2 0.6.0",
"tokio", "tokio",
@@ -1369,6 +1450,22 @@ dependencies = [
"libc", "libc",
] ]
[[package]]
name = "ipnet"
version = "2.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "469fb0b9cefa57e3ef31275ee7cacb78f2fdca44e4765491884a2b119d4eb130"
[[package]]
name = "iri-string"
version = "0.7.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4f867b9d1d896b67beb18518eda36fdb77a32ea590de864f1325b294a6d14397"
dependencies = [
"memchr",
"serde",
]
[[package]] [[package]]
name = "is-terminal" name = "is-terminal"
version = "0.4.16" version = "0.4.16"
@@ -1506,7 +1603,7 @@ dependencies = [
"serde_json", "serde_json",
"thiserror", "thiserror",
"tokio", "tokio",
"tower", "tower 0.4.13",
"tracing", "tracing",
"url", "url",
] ]
@@ -1547,7 +1644,7 @@ dependencies = [
"tokio", "tokio",
"tokio-stream", "tokio-stream",
"tokio-util", "tokio-util",
"tower", "tower 0.4.13",
"tracing", "tracing",
] ]
@@ -1663,6 +1760,21 @@ version = "0.1.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e" checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e"
[[package]]
name = "osiris-client"
version = "0.1.0"
dependencies = [
"anyhow",
"chrono",
"getrandom 0.2.16",
"hero-supervisor-openrpc-client 0.1.0 (git+https://git.ourworld.tf/herocode/supervisor.git)",
"reqwest",
"serde",
"serde_json",
"thiserror",
"uuid",
]
[[package]] [[package]]
name = "parking_lot" name = "parking_lot"
version = "0.12.4" version = "0.12.4"
@@ -1898,9 +2010,11 @@ version = "0.25.4"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e0d7a6955c7511f60f3ba9e86c6d02b3c3f144f8c24b288d1f4e18074ab8bbec" checksum = "e0d7a6955c7511f60f3ba9e86c6d02b3c3f144f8c24b288d1f4e18074ab8bbec"
dependencies = [ dependencies = [
"arc-swap",
"async-trait", "async-trait",
"bytes", "bytes",
"combine", "combine",
"futures",
"futures-util", "futures-util",
"itoa", "itoa",
"percent-encoding", "percent-encoding",
@@ -1909,6 +2023,7 @@ dependencies = [
"sha1_smol", "sha1_smol",
"socket2 0.5.10", "socket2 0.5.10",
"tokio", "tokio",
"tokio-retry",
"tokio-util", "tokio-util",
"url", "url",
] ]
@@ -1951,6 +2066,38 @@ version = "0.8.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "caf4aa5b0f434c91fe5c7f1ecb6a5ece2130b02ad2a590589dda5146df959001" checksum = "caf4aa5b0f434c91fe5c7f1ecb6a5ece2130b02ad2a590589dda5146df959001"
[[package]]
name = "reqwest"
version = "0.12.24"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9d0946410b9f7b082a427e4ef5c8ff541a88b357bc6c637c40db3a68ac70a36f"
dependencies = [
"base64",
"bytes",
"futures-core",
"http 1.3.1",
"http-body",
"http-body-util",
"hyper",
"hyper-util",
"js-sys",
"log",
"percent-encoding",
"pin-project-lite",
"serde",
"serde_json",
"serde_urlencoded",
"sync_wrapper",
"tokio",
"tower 0.5.2",
"tower-http 0.6.6",
"tower-service",
"url",
"wasm-bindgen",
"wasm-bindgen-futures",
"web-sys",
]
[[package]] [[package]]
name = "ring" name = "ring"
version = "0.17.14" version = "0.17.14"
@@ -2343,7 +2490,7 @@ version = "0.1.0"
dependencies = [ dependencies = [
"chrono", "chrono",
"gloo 0.11.0", "gloo 0.11.0",
"hero-supervisor-openrpc-client", "hero-supervisor-openrpc-client 0.1.0",
"js-sys", "js-sys",
"log", "log",
"serde", "serde",
@@ -2378,6 +2525,15 @@ dependencies = [
"unicode-ident", "unicode-ident",
] ]
[[package]]
name = "sync_wrapper"
version = "1.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0bf256ce5efdfa370213c1dabab5935a12e49f2c58d15e9eac2870d3b4f27263"
dependencies = [
"futures-core",
]
[[package]] [[package]]
name = "synstructure" name = "synstructure"
version = "0.13.2" version = "0.13.2"
@@ -2459,6 +2615,17 @@ dependencies = [
"syn 2.0.106", "syn 2.0.106",
] ]
[[package]]
name = "tokio-retry"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7f57eb36ecbe0fc510036adff84824dd3c24bb781e21bfa67b69d556aa85214f"
dependencies = [
"pin-project",
"rand",
"tokio",
]
[[package]] [[package]]
name = "tokio-rustls" name = "tokio-rustls"
version = "0.26.2" version = "0.26.2"
@@ -2562,6 +2729,21 @@ dependencies = [
"tracing", "tracing",
] ]
[[package]]
name = "tower"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d039ad9159c98b70ecfd540b2573b97f7f52c3e8d9f8ad57a24b916a536975f9"
dependencies = [
"futures-core",
"futures-util",
"pin-project-lite",
"sync_wrapper",
"tokio",
"tower-layer",
"tower-service",
]
[[package]] [[package]]
name = "tower-http" name = "tower-http"
version = "0.5.2" version = "0.5.2"
@@ -2578,6 +2760,24 @@ dependencies = [
"tower-service", "tower-service",
] ]
[[package]]
name = "tower-http"
version = "0.6.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "adc82fd73de2a9722ac5da747f12383d2bfdb93591ee6c58486e0097890f05f2"
dependencies = [
"bitflags",
"bytes",
"futures-util",
"http 1.3.1",
"http-body",
"iri-string",
"pin-project-lite",
"tower 0.5.2",
"tower-layer",
"tower-service",
]
[[package]] [[package]]
name = "tower-layer" name = "tower-layer"
version = "0.3.3" version = "0.3.3"

4
ui/Cargo.toml
View File

@@ -1,7 +1,7 @@
[package] [package]
name = "supervisor-admin-ui" name = "supervisor-admin-ui"
version.workspace = true version = "0.1.0"
edition.workspace = true edition = "2021"
[lib] [lib]
crate-type = ["cdylib"] crate-type = ["cdylib"]

402
ui/styles.css
View File

@@ -417,171 +417,6 @@ button:disabled {
} }
} }
/* Header Islands */
.app-header {
display: flex;
justify-content: space-between;
align-items: center;
gap: 1rem;
padding: 1rem;
}
.header-island {
background: var(--bg-secondary);
border: 1px solid var(--border);
border-radius: 12px;
padding: 0.75rem 1.25rem;
display: flex;
align-items: center;
gap: 1rem;
}
.breadcrumbs-island {
flex: 1;
justify-content: center;
}
.breadcrumb-link {
background: none;
border: none;
color: var(--accent);
cursor: pointer;
font-size: 0.875rem;
padding: 0;
text-decoration: none;
}
.breadcrumb-link:hover {
color: var(--accent-hover);
text-decoration: underline;
}
.breadcrumb-separator {
color: var(--text-muted);
font-size: 0.875rem;
margin: 0 0.5rem;
}
.breadcrumb-item {
color: var(--text-primary);
font-size: 0.875rem;
font-weight: 500;
}
.user-info {
display: flex;
flex-direction: column;
gap: 0.125rem;
margin-right: 0.5rem;
}
.user-name {
color: var(--text-primary);
font-size: 0.875rem;
font-weight: 600;
}
.user-scope {
color: var(--text-muted);
font-size: 0.75rem;
text-transform: uppercase;
letter-spacing: 0.05em;
}
.server-info {
display: flex;
align-items: center;
gap: 0.75rem;
}
.server-label {
color: var(--text-muted);
font-size: 0.75rem;
text-transform: uppercase;
letter-spacing: 0.05em;
font-weight: 600;
}
.server-url {
color: var(--text-primary);
font-size: 0.875rem;
font-weight: 500;
}
.status-dot {
width: 8px;
height: 8px;
border-radius: 50%;
background: var(--text-muted);
}
.status-dot.connected {
background: var(--success);
box-shadow: 0 0 8px var(--success);
animation: pulse 2s infinite;
}
.status-dot.disconnected {
background: var(--error);
}
@keyframes pulse {
0%, 100% {
opacity: 1;
}
50% {
opacity: 0.5;
}
}
/* Add Runner Card */
.add-runner-card {
background: var(--bg-primary);
border: 1px dashed var(--border);
border-radius: 8px;
padding: 1rem;
margin-bottom: 1rem;
}
.add-runner-card h4 {
color: var(--text-secondary);
font-size: 0.875rem;
font-weight: 600;
margin-bottom: 0.75rem;
}
.form-group-inline {
display: flex;
gap: 0.5rem;
}
.form-group-inline input {
flex: 1;
padding: 0.5rem 0.75rem;
background: var(--bg-secondary);
border: 1px solid var(--border);
border-radius: 6px;
color: var(--text-primary);
font-size: 0.875rem;
}
.form-group-inline input:focus {
outline: none;
border-color: var(--accent);
}
.form-group-inline button {
padding: 0.5rem 1rem;
min-width: 40px;
}
/* Update logout button for icon */
.logout-btn {
padding: 0.5rem 0.75rem;
font-size: 1.125rem;
min-width: 40px;
}
/* Toast Container - Bottom Island */ /* Toast Container - Bottom Island */
.toast-container { .toast-container {
position: fixed; position: fixed;
@@ -1334,240 +1169,3 @@ button:disabled {
.key-delete-btn:hover { .key-delete-btn:hover {
color: #ef4444; color: #ef4444;
} }
/* Job Detail Layout */
.job-detail-content {
display: flex;
flex-direction: column;
gap: 1.5rem;
height: 100%;
}
.detail-top-row {
display: grid;
grid-template-columns: 1fr 1fr;
gap: 1.5rem;
flex: 1;
min-height: 0;
}
.detail-bottom-row {
display: flex;
flex-direction: column;
min-height: 200px;
max-height: 300px;
}
.detail-island {
background: var(--bg-secondary);
border: 1px solid var(--border);
border-radius: 12px;
display: flex;
flex-direction: column;
overflow: hidden;
}
.island-header {
padding: 1rem 1.5rem;
border-bottom: 1px solid var(--border);
background: var(--bg-secondary);
}
.island-header h3 {
margin: 0;
color: var(--text-primary);
font-size: 1rem;
font-weight: 600;
}
.island-content {
flex: 1;
padding: 1.5rem;
overflow-y: auto;
background: var(--bg-secondary);
}
.code-block {
background: var(--bg-primary);
border: 1px solid var(--border);
border-radius: 4px;
padding: 1rem;
color: var(--text-primary);
font-family: 'Monaco', 'Menlo', 'Ubuntu Mono', 'Consolas', monospace;
font-size: 0.875rem;
line-height: 1.6;
overflow-x: auto;
white-space: pre-wrap;
word-wrap: break-word;
margin: 0;
}
/* Job Detail Sidebar */
.job-detail-sidebar {
display: flex;
flex-direction: column;
gap: 1.5rem;
}
.detail-section {
display: flex;
flex-direction: column;
gap: 1rem;
}
.detail-row {
display: flex;
flex-direction: column;
gap: 0.25rem;
padding-bottom: 0.75rem;
border-bottom: 1px solid var(--border);
}
.detail-row:last-child {
border-bottom: none;
padding-bottom: 0;
}
.detail-label {
font-size: 0.75rem;
font-weight: 600;
color: var(--text-muted);
text-transform: uppercase;
letter-spacing: 0.05em;
}
.detail-value {
font-size: 0.9375rem;
color: var(--text-primary);
font-weight: 500;
}
.detail-actions {
display: flex;
flex-direction: column;
gap: 0.75rem;
margin-top: auto;
padding-top: 1rem;
border-top: 1px solid var(--border);
}
.btn-back {
background: transparent;
border: none;
color: var(--text-secondary);
font-size: 1.5rem;
cursor: pointer;
padding: 0.25rem;
width: 32px;
height: 32px;
display: flex;
align-items: center;
justify-content: center;
border-radius: 4px;
transition: all 0.2s;
}
.btn-back:hover {
background: var(--bg-tertiary);
color: var(--text-primary);
}
/* Status Display */
.status-display {
display: flex;
align-items: center;
gap: 1.5rem;
padding: 2rem;
border-radius: 8px;
background: var(--bg-secondary);
border: 2px solid var(--border);
}
.status-display.running {
border-color: #f59e0b;
background: rgba(245, 158, 11, 0.05);
}
.status-display.completed {
border-color: #10b981;
background: rgba(16, 185, 129, 0.05);
}
.status-display.error {
border-color: #ef4444;
background: rgba(239, 68, 68, 0.05);
}
.status-display.idle {
border-color: var(--border);
background: var(--bg-secondary);
}
.status-text {
flex: 1;
text-align: center;
}
.status-text h4 {
margin: 0 0 0.5rem 0;
color: var(--text-primary);
font-size: 1.125rem;
font-weight: 600;
}
.status-text p {
margin: 0;
color: var(--text-secondary);
font-size: 0.9375rem;
line-height: 1.5;
}
/* Edit Form */
.edit-textarea {
width: 100%;
height: 100%;
min-height: 300px;
padding: 1rem;
background: var(--bg-primary);
border: 1px solid var(--border);
border-radius: 4px;
color: var(--text-primary);
font-family: 'Monaco', 'Menlo', 'Ubuntu Mono', 'Consolas', monospace;
font-size: 0.875rem;
line-height: 1.6;
resize: none;
}
.edit-textarea:focus {
outline: none;
border-color: var(--accent);
}
.edit-form {
display: flex;
flex-direction: column;
gap: 1rem;
}
.edit-form .form-group {
display: flex;
flex-direction: column;
gap: 0.5rem;
}
.edit-form label {
font-size: 0.875rem;
font-weight: 600;
color: var(--text-secondary);
}
/* Responsive adjustments for job detail */
@media (max-width: 1200px) {
.detail-top-row {
grid-template-columns: 1fr;
}
.detail-bottom-row {
max-height: none;
}
}

1
ui/styles/jobs.css
View File

@@ -101,7 +101,6 @@
display: grid; display: grid;
grid-template-columns: 1fr 1fr; grid-template-columns: 1fr 1fr;
gap: 1.5rem; gap: 1.5rem;
margin-bottom: 1.5rem;
} }
.detail-bottom-row { .detail-bottom-row {

2
ui/styles/main.css
View File

@@ -46,8 +46,6 @@ body {
/* Header */ /* Header */
.app-header { .app-header {
background: var(--bg-secondary);
border-bottom: 1px solid var(--border);
padding: 0.75rem 1.5rem; padding: 0.75rem 1.5rem;
height: 60px; height: 60px;
display: flex; display: flex;