feat: fold bot-bottle-orchestrator into bot_bottle/orchestrator subpackage
Moves the orchestrator into bot_bottle/orchestrator/ so one install gets everything. Entry point is now `python -m bot_bottle.orchestrator run`. - Add bot_bottle/orchestrator/ with all 14 modules (verbatim move; internal imports were already relative, so no changes inside orchestrator modules) - Rewrite bootstrap.py: remove the lazy bot_bottle import guard, use direct relative imports from ..contrib.* - Add bot_bottle/contrib/forge/base.py: ScopedForge (read-anywhere / write-scoped) - Add bot_bottle/contrib/gitea/client.py: GiteaClient + GiteaForge (urllib.request only) - Add bot_bottle/contrib/gitea/forge_state.py: ForgeState + SqliteForgeStateStore - Add tests/unit/orchestrator/ (82 tests: 63 migrated + 19 new for contrib modules) Closes #321
This commit is contained in:
@@ -0,0 +1,52 @@
|
||||
"""Scoped forge wrapper: read-anywhere / write-scoped access control.
|
||||
|
||||
`ScopedForge` wraps any forge object and restricts write operations to
|
||||
the set of issue/PR numbers the agent is explicitly assigned to. Read
|
||||
operations always pass through unconditionally.
|
||||
"""
|
||||
|
||||
from __future__ import annotations
|
||||
|
||||
from typing import Any
|
||||
|
||||
|
||||
class ScopedForge:
|
||||
"""Delegates all forge calls to an inner forge, raising `PermissionError`
|
||||
on write calls for numbers outside the assigned scope."""
|
||||
|
||||
def __init__(
|
||||
self,
|
||||
forge: Any,
|
||||
*,
|
||||
assigned_issue: int,
|
||||
assigned_prs: list[int],
|
||||
) -> None:
|
||||
self._forge = forge
|
||||
self._allowed_writes: frozenset[int] = frozenset({assigned_issue, *assigned_prs})
|
||||
|
||||
def _check_write(self, number: int) -> None:
|
||||
if number not in self._allowed_writes:
|
||||
raise PermissionError(
|
||||
f"write to #{number} is outside the assigned scope "
|
||||
f"(allowed: {sorted(self._allowed_writes)})"
|
||||
)
|
||||
|
||||
def is_org_member(self, org: str, username: str) -> bool:
|
||||
return self._forge.is_org_member(org, username)
|
||||
|
||||
def read_issue(self, number: int) -> dict[str, Any]:
|
||||
return self._forge.read_issue(number)
|
||||
|
||||
def read_pr(self, number: int) -> dict[str, Any]:
|
||||
return self._forge.read_pr(number)
|
||||
|
||||
def read_comments(self, number: int) -> list[dict[str, Any]]:
|
||||
return self._forge.read_comments(number)
|
||||
|
||||
def post_comment(self, number: int, body: str) -> None:
|
||||
self._check_write(number)
|
||||
self._forge.post_comment(number, body)
|
||||
|
||||
def update_description(self, number: int, body: str) -> None:
|
||||
self._check_write(number)
|
||||
self._forge.update_description(number, body)
|
||||
@@ -0,0 +1,112 @@
|
||||
"""Gitea API client and forge adapter (PRD prd-new: fold orchestrator).
|
||||
|
||||
`GiteaClient` is a thin HTTP wrapper (stdlib `urllib.request` only — no
|
||||
new runtime dependencies). `GiteaForge` composes a client and exposes
|
||||
the forge protocol used by the orchestrator's sidecar and lifecycle.
|
||||
|
||||
Required Gitea token scopes:
|
||||
- Repository: Read & Write (issues, comments, PR descriptions)
|
||||
- Organization: Read (org membership check)
|
||||
"""
|
||||
|
||||
from __future__ import annotations
|
||||
|
||||
import json
|
||||
import urllib.error
|
||||
import urllib.request
|
||||
from typing import Any
|
||||
|
||||
_TIMEOUT_SECS = 30
|
||||
|
||||
|
||||
class GiteaClient:
|
||||
"""Low-level HTTP wrapper for the Gitea REST API."""
|
||||
|
||||
def __init__(
|
||||
self, *, api_url: str, owner: str, repo: str, token: str
|
||||
) -> None:
|
||||
self._base = api_url.rstrip("/")
|
||||
self._owner = owner
|
||||
self._repo = repo
|
||||
self._headers = {
|
||||
"Authorization": f"token {token}",
|
||||
"Content-Type": "application/json",
|
||||
"Accept": "application/json",
|
||||
}
|
||||
|
||||
def _request(
|
||||
self,
|
||||
method: str,
|
||||
path: str,
|
||||
body: dict[str, Any] | None = None,
|
||||
) -> Any:
|
||||
url = f"{self._base}{path}"
|
||||
data = json.dumps(body).encode() if body is not None else None
|
||||
req = urllib.request.Request(
|
||||
url, data=data, headers=self._headers, method=method
|
||||
)
|
||||
with urllib.request.urlopen(req, timeout=_TIMEOUT_SECS) as resp:
|
||||
raw = resp.read()
|
||||
return json.loads(raw) if raw else None
|
||||
|
||||
def is_org_member(self, org: str, username: str) -> bool:
|
||||
url = f"{self._base}/orgs/{org}/members/{username}"
|
||||
req = urllib.request.Request(url, headers=self._headers, method="GET")
|
||||
try:
|
||||
urllib.request.urlopen(req, timeout=_TIMEOUT_SECS).close()
|
||||
return True
|
||||
except urllib.error.HTTPError:
|
||||
return False
|
||||
|
||||
def get_issue(self, number: int) -> dict[str, Any]:
|
||||
return self._request("GET", f"/repos/{self._owner}/{self._repo}/issues/{number}")
|
||||
|
||||
def get_pull(self, number: int) -> dict[str, Any]:
|
||||
return self._request("GET", f"/repos/{self._owner}/{self._repo}/pulls/{number}")
|
||||
|
||||
def list_comments(self, number: int) -> list[dict[str, Any]]:
|
||||
return self._request("GET", f"/repos/{self._owner}/{self._repo}/issues/{number}/comments")
|
||||
|
||||
def create_comment(self, number: int, body: str) -> None:
|
||||
self._request(
|
||||
"POST",
|
||||
f"/repos/{self._owner}/{self._repo}/issues/{number}/comments",
|
||||
{"body": body},
|
||||
)
|
||||
|
||||
def update_issue(self, number: int, body: str) -> None:
|
||||
self._request(
|
||||
"PATCH",
|
||||
f"/repos/{self._owner}/{self._repo}/issues/{number}",
|
||||
{"body": body},
|
||||
)
|
||||
|
||||
|
||||
class GiteaForge:
|
||||
"""Adapts `GiteaClient` to the forge protocol expected by the orchestrator.
|
||||
|
||||
The forge protocol is duck-typed: any object with `is_org_member`,
|
||||
`read_issue`, `read_pr`, `read_comments`, `post_comment`, and
|
||||
`update_description` methods satisfies it.
|
||||
"""
|
||||
|
||||
def __init__(self, client: GiteaClient) -> None:
|
||||
self._client = client
|
||||
|
||||
def is_org_member(self, org: str, username: str) -> bool:
|
||||
return self._client.is_org_member(org, username)
|
||||
|
||||
def read_issue(self, number: int) -> dict[str, Any]:
|
||||
return self._client.get_issue(number)
|
||||
|
||||
def read_pr(self, number: int) -> dict[str, Any]:
|
||||
return self._client.get_pull(number)
|
||||
|
||||
def read_comments(self, number: int) -> list[dict[str, Any]]:
|
||||
return self._client.list_comments(number)
|
||||
|
||||
def post_comment(self, number: int, body: str) -> None:
|
||||
self._client.create_comment(number, body)
|
||||
|
||||
def update_description(self, number: int, body: str) -> None:
|
||||
self._client.update_issue(number, body)
|
||||
@@ -0,0 +1,137 @@
|
||||
"""Forge state persistence for the orchestrator (PRD prd-new: fold orchestrator).
|
||||
|
||||
`ForgeState` is a dataclass that mirrors the orchestrator's `RunRecord`
|
||||
field-for-field, held here so the store implementation is in bot-bottle
|
||||
where the Gitea contrib lives.
|
||||
|
||||
`SqliteForgeStateStore` backs it with a single SQLite table. The DB path
|
||||
is optional; passing `None` uses `:memory:` (useful for tests and status
|
||||
commands that don't need persistence).
|
||||
"""
|
||||
|
||||
from __future__ import annotations
|
||||
|
||||
import json
|
||||
import sqlite3
|
||||
from dataclasses import dataclass, field
|
||||
from pathlib import Path
|
||||
|
||||
|
||||
@dataclass
|
||||
class ForgeState:
|
||||
"""Persisted state for one forge-targeted issue's bottle lifecycle."""
|
||||
|
||||
owner: str
|
||||
repo: str
|
||||
issue_number: int
|
||||
slug: str
|
||||
agent_name: str
|
||||
bottle_names: list[str] = field(default_factory=list)
|
||||
backend_name: str = ""
|
||||
agent_git_user: str = ""
|
||||
pr_number: int | None = None
|
||||
status: str = ""
|
||||
last_checkin_at: str = ""
|
||||
|
||||
|
||||
_DDL = """
|
||||
CREATE TABLE IF NOT EXISTS forge_state (
|
||||
owner TEXT NOT NULL,
|
||||
repo TEXT NOT NULL,
|
||||
issue_number INTEGER NOT NULL,
|
||||
slug TEXT NOT NULL,
|
||||
agent_name TEXT NOT NULL,
|
||||
bottle_names TEXT NOT NULL DEFAULT '[]',
|
||||
backend_name TEXT NOT NULL DEFAULT '',
|
||||
agent_git_user TEXT NOT NULL DEFAULT '',
|
||||
pr_number INTEGER,
|
||||
status TEXT NOT NULL DEFAULT '',
|
||||
last_checkin_at TEXT NOT NULL DEFAULT '',
|
||||
PRIMARY KEY (owner, repo, issue_number)
|
||||
)
|
||||
"""
|
||||
|
||||
|
||||
class SqliteForgeStateStore:
|
||||
"""SQLite-backed `ForgeState` store.
|
||||
|
||||
Thread-safety: a single connection is used; callers that share a
|
||||
store across threads must serialise access externally.
|
||||
"""
|
||||
|
||||
def __init__(self, db_path: Path | None) -> None:
|
||||
path = str(db_path) if db_path is not None else ":memory:"
|
||||
self._conn = sqlite3.connect(path, check_same_thread=False)
|
||||
self._conn.row_factory = sqlite3.Row
|
||||
self._conn.execute(_DDL)
|
||||
self._conn.commit()
|
||||
|
||||
def upsert(self, state: ForgeState) -> None:
|
||||
self._conn.execute(
|
||||
"""
|
||||
INSERT INTO forge_state
|
||||
(owner, repo, issue_number, slug, agent_name,
|
||||
bottle_names, backend_name, agent_git_user,
|
||||
pr_number, status, last_checkin_at)
|
||||
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
|
||||
ON CONFLICT(owner, repo, issue_number) DO UPDATE SET
|
||||
slug = excluded.slug,
|
||||
agent_name = excluded.agent_name,
|
||||
bottle_names = excluded.bottle_names,
|
||||
backend_name = excluded.backend_name,
|
||||
agent_git_user = excluded.agent_git_user,
|
||||
pr_number = excluded.pr_number,
|
||||
status = excluded.status,
|
||||
last_checkin_at = excluded.last_checkin_at
|
||||
""",
|
||||
(
|
||||
state.owner,
|
||||
state.repo,
|
||||
state.issue_number,
|
||||
state.slug,
|
||||
state.agent_name,
|
||||
json.dumps(state.bottle_names),
|
||||
state.backend_name,
|
||||
state.agent_git_user,
|
||||
state.pr_number,
|
||||
state.status,
|
||||
state.last_checkin_at,
|
||||
),
|
||||
)
|
||||
self._conn.commit()
|
||||
|
||||
def get(self, owner: str, repo: str, issue_number: int) -> ForgeState | None:
|
||||
row = self._conn.execute(
|
||||
"SELECT * FROM forge_state WHERE owner=? AND repo=? AND issue_number=?",
|
||||
(owner, repo, issue_number),
|
||||
).fetchone()
|
||||
return _row_to_state(row) if row is not None else None
|
||||
|
||||
def delete(self, owner: str, repo: str, issue_number: int) -> None:
|
||||
self._conn.execute(
|
||||
"DELETE FROM forge_state WHERE owner=? AND repo=? AND issue_number=?",
|
||||
(owner, repo, issue_number),
|
||||
)
|
||||
self._conn.commit()
|
||||
|
||||
def all(self) -> list[ForgeState]:
|
||||
rows = self._conn.execute(
|
||||
"SELECT * FROM forge_state ORDER BY owner, repo, issue_number"
|
||||
).fetchall()
|
||||
return [_row_to_state(r) for r in rows]
|
||||
|
||||
|
||||
def _row_to_state(row: sqlite3.Row) -> ForgeState:
|
||||
return ForgeState(
|
||||
owner=row["owner"],
|
||||
repo=row["repo"],
|
||||
issue_number=row["issue_number"],
|
||||
slug=row["slug"],
|
||||
agent_name=row["agent_name"],
|
||||
bottle_names=json.loads(row["bottle_names"]),
|
||||
backend_name=row["backend_name"],
|
||||
agent_git_user=row["agent_git_user"],
|
||||
pr_number=row["pr_number"],
|
||||
status=row["status"],
|
||||
last_checkin_at=row["last_checkin_at"],
|
||||
)
|
||||
Reference in New Issue
Block a user