mirror of
https://github.com/paperclipai/paperclip
synced 2026-04-25 17:25:15 +02:00
[codex] Add backup endpoint and dev runtime hardening (#4087)
## Thinking Path > - Paperclip is a local-first control plane for AI-agent companies. > - Operators need predictable local dev behavior, recoverable instance data, and scripts that do not churn the running app. > - Several accumulated changes improve backup streaming, dev-server health, static UI caching/logging, diagnostic-file ignores, and instance isolation. > - These are operational improvements that can land independently from product UI work. > - This pull request groups the dev-infra and backup changes from the split branch into one standalone branch. > - The benefit is safer local operation, easier manual backups, less noisy dev output, and less cross-instance auth leakage. ## What Changed - Added a manual instance database backup endpoint and route tests. - Streamed backup/restore handling to avoid materializing large payloads at once. - Reduced dev static UI log/cache churn and ignored Node diagnostic report captures. - Added guarded dev auto-restart health polling coverage. - Preserved worktree config during provisioning and scoped auth cookies by instance. - Added a Discord daily digest helper script and environment documentation. - Hardened adapter-route and startup feedback export tests around the changed infrastructure. ## Verification - `pnpm install --frozen-lockfile` - `pnpm exec vitest run packages/db/src/backup-lib.test.ts server/src/__tests__/instance-database-backups-routes.test.ts server/src/__tests__/server-startup-feedback-export.test.ts server/src/__tests__/adapter-routes.test.ts server/src/__tests__/dev-runner-paths.test.ts server/src/__tests__/health-dev-server-token.test.ts server/src/__tests__/http-log-policy.test.ts server/src/__tests__/vite-html-renderer.test.ts server/src/__tests__/workspace-runtime.test.ts server/src/__tests__/better-auth.test.ts` - Split integration check: merged after the runtime/governance branch and before UI branches with no merge conflicts. - Confirmed this branch does not include `pnpm-lock.yaml`. ## Risks - Medium risk: touches server startup, backup streaming, auth cookie naming, dev health checks, and worktree provisioning. - Backup endpoint behavior depends on existing board/admin access controls and database backup helpers. - No database migrations are included. > For core feature work, check [`ROADMAP.md`](ROADMAP.md) first and discuss it in `#dev` before opening the PR. Feature PRs that overlap with planned core work may need to be redirected — check the roadmap first. See `CONTRIBUTING.md`. ## Model Used - OpenAI Codex, GPT-5.4 tool-enabled coding model, agentic code-editing/runtime with local shell and GitHub CLI access; exact context window and reasoning mode are not exposed by the Paperclip harness. ## Checklist - [x] I have included a thinking path that traces from project context to this change - [x] I have specified the model used (with version and capability details) - [x] I have checked ROADMAP.md and confirmed this PR does not duplicate planned core work - [x] I have run tests locally and they pass - [x] I have added or updated tests where applicable - [x] If this change affects the UI, I have included before/after screenshots - [x] I have updated relevant documentation to reflect my changes - [x] I have considered and documented any risks above - [x] I will address all Greptile and reviewer comments before requesting merge --------- Co-authored-by: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Dotta
@@ -14,6 +14,8 @@ const ignoredTestConfigBasenames = new Set([
|
||||
"vitest.config.ts",
|
||||
]);
|
||||
|
||||
const nodeDiagnosticReportPattern = /^report\.\d{8}\.\d{6}\.\d+\.\d+\.\d+\.json$/i;
|
||||
|
||||
export function shouldTrackDevServerPath(relativePath) {
|
||||
const normalizedPath = String(relativePath).replaceAll("\\", "/").replace(/^\.\/+/, "");
|
||||
if (normalizedPath.length === 0) return false;
|
||||
@@ -21,6 +23,9 @@ export function shouldTrackDevServerPath(relativePath) {
|
||||
const segments = normalizedPath.split("/");
|
||||
const basename = segments.at(-1) ?? normalizedPath;
|
||||
|
||||
if (nodeDiagnosticReportPattern.test(basename)) {
|
||||
return false;
|
||||
}
|
||||
if (segments.includes(".paperclip")) {
|
||||
return false;
|
||||
}
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
#!/usr/bin/env node
|
||||
import { spawn } from "node:child_process";
|
||||
import { randomUUID } from "node:crypto";
|
||||
import { existsSync, mkdirSync, readdirSync, rmSync, statSync, writeFileSync } from "node:fs";
|
||||
import path from "node:path";
|
||||
import { createInterface } from "node:readline/promises";
|
||||
@@ -16,6 +17,8 @@ const gracefulShutdownTimeoutMs = 10_000;
|
||||
const changedPathSampleLimit = 5;
|
||||
const repoRoot = path.resolve(path.dirname(fileURLToPath(import.meta.url)), "..");
|
||||
const devServerStatusFilePath = path.join(repoRoot, ".paperclip", "dev-server-status.json");
|
||||
const devServerStatusToken = mode === "dev" ? randomUUID() : null;
|
||||
const devServerStatusTokenHeader = "x-paperclip-dev-server-status-token";
|
||||
|
||||
const watchedDirectories = [
|
||||
"cli",
|
||||
@@ -81,9 +84,11 @@ const env = {
|
||||
|
||||
if (mode === "dev") {
|
||||
env.PAPERCLIP_DEV_SERVER_STATUS_FILE = devServerStatusFilePath;
|
||||
env.PAPERCLIP_DEV_SERVER_STATUS_TOKEN = devServerStatusToken ?? "";
|
||||
}
|
||||
|
||||
if (mode === "watch") {
|
||||
delete env.PAPERCLIP_DEV_SERVER_STATUS_TOKEN;
|
||||
env.PAPERCLIP_MIGRATION_PROMPT ??= "never";
|
||||
env.PAPERCLIP_MIGRATION_AUTO_APPLY ??= "true";
|
||||
}
|
||||
@@ -426,7 +431,9 @@ async function scanForBackendChanges() {
|
||||
|
||||
async function getDevHealthPayload() {
|
||||
const serverPort = env.PORT ?? process.env.PORT ?? "3100";
|
||||
const response = await fetch(`http://127.0.0.1:${serverPort}/api/health`);
|
||||
const response = await fetch(`http://127.0.0.1:${serverPort}/api/health`, {
|
||||
headers: devServerStatusToken ? { [devServerStatusTokenHeader]: devServerStatusToken } : undefined,
|
||||
});
|
||||
if (!response.ok) {
|
||||
throw new Error(`Health request failed (${response.status})`);
|
||||
}
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
#!/usr/bin/env -S node --import tsx
|
||||
import { spawn } from "node:child_process";
|
||||
import { randomUUID } from "node:crypto";
|
||||
import { existsSync, mkdirSync, readdirSync, rmSync, statSync, writeFileSync } from "node:fs";
|
||||
import path from "node:path";
|
||||
import { createInterface } from "node:readline/promises";
|
||||
@@ -35,6 +36,8 @@ const autoRestartPollIntervalMs = 2500;
|
||||
const gracefulShutdownTimeoutMs = 10_000;
|
||||
const changedPathSampleLimit = 5;
|
||||
const devServerStatusFilePath = path.join(repoRoot, ".paperclip", "dev-server-status.json");
|
||||
const devServerStatusToken = mode === "dev" ? randomUUID() : null;
|
||||
const devServerStatusTokenHeader = "x-paperclip-dev-server-status-token";
|
||||
|
||||
const watchedDirectories = [
|
||||
"cli",
|
||||
@@ -133,10 +136,12 @@ const env: NodeJS.ProcessEnv = {
|
||||
|
||||
if (mode === "dev") {
|
||||
env.PAPERCLIP_DEV_SERVER_STATUS_FILE = devServerStatusFilePath;
|
||||
env.PAPERCLIP_DEV_SERVER_STATUS_TOKEN = devServerStatusToken ?? "";
|
||||
env.PAPERCLIP_MIGRATION_AUTO_APPLY ??= "true";
|
||||
}
|
||||
|
||||
if (mode === "watch") {
|
||||
delete env.PAPERCLIP_DEV_SERVER_STATUS_TOKEN;
|
||||
env.PAPERCLIP_MIGRATION_PROMPT ??= "never";
|
||||
env.PAPERCLIP_MIGRATION_AUTO_APPLY ??= "true";
|
||||
}
|
||||
@@ -553,7 +558,9 @@ async function scanForBackendChanges() {
|
||||
}
|
||||
|
||||
async function getDevHealthPayload() {
|
||||
const response = await fetch(`http://127.0.0.1:${serverPort}/api/health`);
|
||||
const response = await fetch(`http://127.0.0.1:${serverPort}/api/health`, {
|
||||
headers: devServerStatusToken ? { [devServerStatusTokenHeader]: devServerStatusToken } : undefined,
|
||||
});
|
||||
if (!response.ok) {
|
||||
throw new Error(`Health request failed (${response.status})`);
|
||||
}
|
||||
|
||||
79
scripts/discord-daily-digest.sh
Executable file
79
scripts/discord-daily-digest.sh
Executable file
@@ -0,0 +1,79 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)"
|
||||
cd "$REPO_ROOT"
|
||||
|
||||
WEBHOOK_URL="${DISCORD_WEBHOOK_URL:-}"
|
||||
DATE="${1:-$(date +%Y-%m-%d)}"
|
||||
REPO_URL="https://github.com/paperclipai/paperclip"
|
||||
|
||||
if [[ -z "$WEBHOOK_URL" ]]; then
|
||||
echo "Error: DISCORD_WEBHOOK_URL env var is required" >&2
|
||||
echo "Usage: DISCORD_WEBHOOK_URL=https://discord.com/api/webhooks/... $0 [date]" >&2
|
||||
echo " date defaults to today (YYYY-MM-DD format)" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
NEXT_DATE=$(date -j -v+1d -f "%Y-%m-%d" "$DATE" "+%Y-%m-%d" 2>/dev/null \
|
||||
|| date -d "$DATE + 1 day" "+%Y-%m-%d" 2>/dev/null)
|
||||
|
||||
COMMITS=$(git log --since="${DATE}T00:00:00" --until="${NEXT_DATE}T00:00:00" master \
|
||||
--format="%h|%s|%an" 2>/dev/null || true)
|
||||
|
||||
json_escape() {
|
||||
python3 -c 'import json, sys; print(json.dumps(sys.stdin.read().rstrip("\n"))[1:-1])'
|
||||
}
|
||||
|
||||
if [[ -z "$COMMITS" ]]; then
|
||||
PAYLOAD=$(cat <<ENDJSON
|
||||
{
|
||||
"embeds": [{
|
||||
"title": "📋 Daily Merge Digest — ${DATE}",
|
||||
"description": "No commits were merged into \`master\` today.",
|
||||
"color": 9807270
|
||||
}]
|
||||
}
|
||||
ENDJSON
|
||||
)
|
||||
else
|
||||
COMMIT_COUNT=$(echo "$COMMITS" | wc -l | tr -d ' ')
|
||||
|
||||
LINES=""
|
||||
while IFS='|' read -r hash subject author; do
|
||||
escaped_subject=$(printf '%s' "$subject" | json_escape)
|
||||
escaped_author=$(printf '%s' "$author" | json_escape)
|
||||
LINES="${LINES}• [\`${hash}\`](${REPO_URL}/commit/${hash}) ${escaped_subject} — *${escaped_author}*\\n"
|
||||
done <<< "$COMMITS"
|
||||
|
||||
PAYLOAD=$(cat <<ENDJSON
|
||||
{
|
||||
"embeds": [{
|
||||
"title": "📋 Daily Merge Digest — ${DATE}",
|
||||
"description": "**${COMMIT_COUNT} commit(s)** merged into \`master\` today:\\n\\n${LINES}",
|
||||
"color": 3066993,
|
||||
"footer": {
|
||||
"text": "paperclipai/paperclip • master"
|
||||
}
|
||||
}]
|
||||
}
|
||||
ENDJSON
|
||||
)
|
||||
fi
|
||||
|
||||
if [[ "${DRY_RUN:-}" == "1" ]]; then
|
||||
echo "$PAYLOAD" | python3 -m json.tool 2>/dev/null || echo "$PAYLOAD"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
RESPONSE=$(curl -s -o /dev/null -w "%{http_code}" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "$PAYLOAD" \
|
||||
"$WEBHOOK_URL")
|
||||
|
||||
if [[ "$RESPONSE" == "204" || "$RESPONSE" == "200" ]]; then
|
||||
echo "Discord digest posted for ${DATE} (${COMMIT_COUNT:-0} commits)"
|
||||
else
|
||||
echo "Error: Discord webhook returned HTTP ${RESPONSE}" >&2
|
||||
exit 1
|
||||
fi
|
||||
@@ -332,11 +332,15 @@ main().catch((error) => {
|
||||
EOF
|
||||
}
|
||||
|
||||
if paperclipai_command_available; then
|
||||
run_isolated_worktree_init
|
||||
if [[ -e "$worktree_config_path" && -e "$worktree_env_path" ]]; then
|
||||
echo "Reusing existing isolated Paperclip worktree config at $worktree_config_path" >&2
|
||||
else
|
||||
echo "paperclipai CLI not available in this workspace; writing isolated fallback config without DB seeding." >&2
|
||||
write_fallback_worktree_config
|
||||
if paperclipai_command_available; then
|
||||
run_isolated_worktree_init
|
||||
else
|
||||
echo "paperclipai CLI not available in this workspace; writing isolated fallback config without DB seeding." >&2
|
||||
write_fallback_worktree_config
|
||||
fi
|
||||
fi
|
||||
|
||||
list_base_node_modules_paths() {
|
||||
|
||||
Reference in New Issue
Block a user