407 lines
12 KiB
Makefile
407 lines
12 KiB
Makefile
set dotenv-load
|
|
|
|
default:
|
|
@just --list
|
|
|
|
# ── Build & Quality ────────────────────────────────────────────────────────
|
|
|
|
# Compile TypeScript to dist/
|
|
[group("build")]
|
|
build:
|
|
npx tsc
|
|
|
|
# Type-check without emitting
|
|
[group("build")]
|
|
typecheck:
|
|
npx tsc --noEmit
|
|
|
|
# Full quality gate: typecheck + format check + tests
|
|
[group("build")]
|
|
check: typecheck format-check test
|
|
|
|
# Run test suite (accepts file filter: just test src/config.test.ts)
|
|
[group("build")]
|
|
test *args="":
|
|
npx vitest run {{ args }}
|
|
|
|
# Run tests in watch mode
|
|
[group("build")]
|
|
test-watch *args="":
|
|
npx vitest {{ args }}
|
|
|
|
# Auto-format source
|
|
[group("build")]
|
|
format:
|
|
npx prettier --write "src/**/*.ts"
|
|
|
|
# Check formatting without changes
|
|
[group("build")]
|
|
format-check:
|
|
npx prettier --check "src/**/*.ts"
|
|
|
|
# Generate/update the committed built-in knowledge bootstrap artifacts (maintainer-only)
|
|
[group("build")]
|
|
build-skills-artifact *args="":
|
|
python3 scripts/memory/embed-builtin-knowledge.py --output-sql bootstrap/skills-memory/artifact.sql --output-metadata bootstrap/skills-memory/metadata.json {{ args }}
|
|
|
|
# Regenerate built-in knowledge only when docs/skills/identity sources changed, with OpenRouter budget guard
|
|
[group("build")]
|
|
refresh-skills-artifact *args="":
|
|
node scripts/memory/refresh-skills-artifact.mjs {{ args }}
|
|
|
|
# Generate llms.txt and llms-full.txt from English docs/public/ into the Astro public dir
|
|
[group("build")]
|
|
build-llms:
|
|
npx tsx scripts/generate-llms-files.ts
|
|
|
|
# Pre-commit gate (typecheck + format check)
|
|
[group("build")]
|
|
pre-commit: typecheck format-check
|
|
|
|
# ── Run ─────────────────────────────────────────────────────────────────────
|
|
|
|
# Run compiled production build
|
|
[group("run")]
|
|
start:
|
|
node dist/index.js
|
|
|
|
# Run in development mode (tsx)
|
|
[group("run")]
|
|
dev:
|
|
npx tsx src/index.ts
|
|
|
|
# Run hostd daemon (production)
|
|
[group("run")]
|
|
hostd:
|
|
sudo node dist/hostd/index.js
|
|
|
|
# Run hostd daemon (development)
|
|
[group("run")]
|
|
hostd-dev:
|
|
sudo npx tsx src/hostd/index.ts
|
|
|
|
# ── Install & Setup ────────────────────────────────────────────────────────
|
|
|
|
# Full install orchestrator (accepts: --dry-run, --from <step>)
|
|
[group("setup")]
|
|
install *args="":
|
|
npx tsx setup/install.ts {{ args }}
|
|
|
|
# Resume install from a specific step
|
|
[group("setup")]
|
|
install-from step:
|
|
npx tsx setup/install.ts --from {{ step }}
|
|
|
|
# Resume install from db step (shorthand)
|
|
[group("setup")]
|
|
install-from-db:
|
|
npx tsx setup/install.ts --from db
|
|
|
|
# Interactive onboarding wizard
|
|
[group("setup")]
|
|
wizard:
|
|
npx tsx setup/index.ts --step onboarding
|
|
|
|
# Pre-install validation checks
|
|
[group("setup")]
|
|
preflight:
|
|
npx tsx setup/index.ts --step preflight
|
|
|
|
# Run a specific setup step
|
|
[group("setup")]
|
|
setup *args="":
|
|
npx tsx setup/index.ts {{ args }}
|
|
|
|
# Setup db jail only
|
|
[group("setup")]
|
|
setup-db:
|
|
npx tsx setup/index.ts --step db
|
|
|
|
# Setup cms jail only
|
|
[group("setup")]
|
|
setup-cms:
|
|
npx tsx setup/index.ts --step cms
|
|
|
|
# Setup git jail only
|
|
[group("setup")]
|
|
setup-git:
|
|
npx tsx setup/index.ts --step git
|
|
|
|
# Setup controlplane only
|
|
[group("setup")]
|
|
setup-controlplane:
|
|
npx tsx setup/index.ts --step controlplane
|
|
|
|
# Update host patchlevel plus shared jail bases/jails for the current release family
|
|
[group("setup")]
|
|
system-update *args="":
|
|
npx tsx setup/system-update.ts {{ args }}
|
|
|
|
# Setup agent jails (db-worker, git-worker, ctrl-worker)
|
|
[group("setup")]
|
|
setup-agent-jails:
|
|
npx tsx setup/agent-jails.ts
|
|
|
|
# Verify agent jail secrets and scoping
|
|
[group("setup")]
|
|
verify-agent-jails:
|
|
sudo npx tsx setup/verify-agent-jails.ts
|
|
|
|
# Authenticate Telegram bot
|
|
[group("setup")]
|
|
auth:
|
|
npx tsx setup/telegram-auth.ts
|
|
|
|
# Validate or configure pi provider/model/key (accepts: --list-profiles, --profile, --provider, --model, --key, --ollama-host, --pi-bin)
|
|
[group("setup")]
|
|
pi-config *args="":
|
|
npx tsx setup/pi-config.ts {{ args }}
|
|
|
|
# Validate the entire harness (YAML sources, library, hostd, scripts)
|
|
[group("diagnostics")]
|
|
harness-check:
|
|
@npx tsx scripts/harness-check.ts
|
|
|
|
# Health diagnostics (plain TS, no LLM)
|
|
[group("diagnostics")]
|
|
doctor:
|
|
@npx tsx src/doctor.ts
|
|
|
|
# Diagnose and remediate issues (spawns pi session with system tools)
|
|
[group("diagnostics")]
|
|
doctor-fix:
|
|
pi --print "Run diagnostics on this Clawdie installation and fix any issues found. Use system_health, jail_status, and hostd tools to inspect and remediate." \
|
|
--extension .pi/extensions/clawdie-harness \
|
|
--tools hostd,jail_status,system_health,bash,read,write,edit \
|
|
--no-session
|
|
|
|
# ── Jail Management ────────────────────────────────────────────────────────
|
|
|
|
# List all jails with status
|
|
[group("jail")]
|
|
jail-list:
|
|
@npx tsx scripts/jail-status.ts
|
|
|
|
# Detailed status for one jail
|
|
[group("jail")]
|
|
jail-status jail:
|
|
@npx tsx scripts/jail-status.ts {{ jail }}
|
|
|
|
# Provision a jail from the registry
|
|
[group("jail")]
|
|
jail-provision jail:
|
|
npx tsx setup/jail-provision.ts {{ jail }}
|
|
|
|
# Start a jail via hostd
|
|
[group("jail")]
|
|
jail-start jail:
|
|
@npx tsx scripts/hostd-cli.ts bastille-start '{"jail":"{{ jail }}"}'
|
|
|
|
# Stop a jail via hostd
|
|
[group("jail")]
|
|
jail-stop jail:
|
|
@npx tsx scripts/hostd-cli.ts bastille-stop '{"jail":"{{ jail }}"}'
|
|
|
|
# Restart a jail via hostd
|
|
[group("jail")]
|
|
jail-restart jail:
|
|
@npx tsx scripts/hostd-cli.ts bastille-restart '{"jail":"{{ jail }}"}'
|
|
|
|
# Open a shell in a jail
|
|
[group("jail")]
|
|
jail-shell jail:
|
|
sudo bastille cmd {{ jail }} /bin/csh
|
|
|
|
# Destroy a jail (requires typing jail name to confirm)
|
|
[group("jail")]
|
|
jail-destroy jail:
|
|
@echo "This will permanently destroy jail '{{ jail }}' and all its data."
|
|
@printf "Type the jail name to confirm: " && read confirm && [ "$$confirm" = "{{ jail }}" ] && yes y | sudo bastille destroy {{ jail }}
|
|
|
|
# List packages installed in a jail
|
|
[group("jail")]
|
|
jail-packages jail:
|
|
sudo bastille pkg {{ jail }} list
|
|
|
|
# ── Skills ──────────────────────────────────────────────────────────────────
|
|
|
|
# List all skills in the catalog
|
|
[group("skills")]
|
|
skill-list:
|
|
@npx tsx scripts/skill-list.ts
|
|
|
|
# Search skills by keyword or tag
|
|
[group("skills")]
|
|
skill-search query:
|
|
@npx tsx scripts/skill-list.ts "{{ query }}"
|
|
|
|
# Add a skill from any source (local:, codeberg:, github:, raw:)
|
|
[group("skills")]
|
|
skill-add source:
|
|
npx tsx scripts/skill-add.ts "{{ source }}"
|
|
|
|
# Pull updates for all remote-sourced skills
|
|
[group("skills")]
|
|
skill-sync:
|
|
npx tsx scripts/skill-sync.ts
|
|
|
|
# Apply an installable feature skill (manifest.yaml type)
|
|
[group("skills")]
|
|
skill-apply id:
|
|
npx tsx scripts/apply-skill.ts "{{ id }}"
|
|
|
|
# Validate skill library catalog
|
|
[group("skills")]
|
|
skill-validate:
|
|
@npx tsx scripts/validate-library.ts
|
|
|
|
# Validate all skills (full cycle: init, apply, typecheck, test)
|
|
[group("skills")]
|
|
skill-validate-all:
|
|
@npx tsx scripts/validate-all-skills.ts
|
|
|
|
# ── Database ────────────────────────────────────────────────────────────────
|
|
|
|
# Run pending database migrations
|
|
[group("database")]
|
|
migrate:
|
|
@npx tsx scripts/run-migrations.ts
|
|
|
|
# ── Agent Operations ───────────────────────────────────────────────────────
|
|
|
|
# Show registered agents and controlplane state
|
|
[group("agents")]
|
|
agent-list:
|
|
@npx tsx scripts/agent-status.ts
|
|
|
|
# Create a controlplane task via natural language
|
|
[group("agents")]
|
|
agent-task description role="coordinator":
|
|
@npx tsx scripts/agent-task.ts {{ role }} "{{ description }}"
|
|
|
|
# Check status of tasks (omit id for recent list)
|
|
[group("agents")]
|
|
agent-task-status task_id="":
|
|
@npx tsx scripts/agent-task-status.ts {{ task_id }}
|
|
|
|
# Run pi with the clawdie-harness extension and a prompt
|
|
[group("agents")]
|
|
agent-run prompt:
|
|
pi --print "{{ prompt }}" \
|
|
--extension .pi/extensions/clawdie-harness \
|
|
--tools hostd,jail_status,system_health,skills_search,bash,read,write,edit \
|
|
--no-session
|
|
|
|
# Tail recent agent session logs (pass agent name to filter)
|
|
[group("agents")]
|
|
agent-logs agent_id="":
|
|
@npx tsx scripts/agent-logs.ts {{ agent_id }}
|
|
|
|
# ── System ──────────────────────────────────────────────────────────────────
|
|
|
|
# Full system health report (plain TS, calls hostd directly)
|
|
[group("system")]
|
|
system-health:
|
|
@npx tsx scripts/system-health.ts
|
|
|
|
# Set or create dashboard operator credentials after install.
|
|
[group("system")]
|
|
operator-auth email:
|
|
@npx tsx setup/index.ts --step operator-auth -- --email "{{ email }}"
|
|
|
|
# Platform ownership audit (declared resources + observed jail ownership)
|
|
[group("system")]
|
|
platform-audit:
|
|
@npx tsx scripts/platform-audit.ts
|
|
|
|
# List tenants declared in the registry
|
|
[group("system")]
|
|
tenant-list:
|
|
@npx tsx scripts/tenant-lifecycle.ts list
|
|
|
|
# Inspect one declared tenant
|
|
[group("system")]
|
|
tenant-show tenant:
|
|
@npx tsx scripts/tenant-lifecycle.ts show {{ tenant }}
|
|
|
|
# Derive the default layout for a proposed tenant id
|
|
[group("system")]
|
|
tenant-plan tenant:
|
|
@npx tsx scripts/tenant-lifecycle.ts plan {{ tenant }}
|
|
|
|
# Show what a future live apply would be allowed to touch (dry-run only)
|
|
[group("system")]
|
|
tenant-apply tenant:
|
|
@npx tsx scripts/tenant-lifecycle.ts apply {{ tenant }}
|
|
|
|
# Add a logical tenant to the registry
|
|
[group("system")]
|
|
tenant-add tenant:
|
|
@npx tsx scripts/tenant-lifecycle.ts add {{ tenant }}
|
|
|
|
# Show what a tenant removal would affect (dry-run only)
|
|
[group("system")]
|
|
tenant-remove tenant:
|
|
@npx tsx scripts/tenant-lifecycle.ts remove {{ tenant }}
|
|
|
|
# List ZFS snapshots
|
|
[group("system")]
|
|
zfs-snapshots:
|
|
@npx tsx scripts/hostd-cli.ts zfs-list
|
|
|
|
# Create a ZFS snapshot: just zfs-snapshot tank/bastille/jails/db pre-deploy
|
|
[group("system")]
|
|
zfs-snapshot dataset name:
|
|
@npx tsx scripts/hostd-cli.ts zfs-snapshot '{"dataset":"{{ dataset }}","name":"{{ name }}"}'
|
|
|
|
# Run backup
|
|
[group("system")]
|
|
backup:
|
|
npx tsx scripts/backup.ts
|
|
|
|
# PF firewall status
|
|
[group("system")]
|
|
pf-status:
|
|
@sudo pfctl -s info 2>/dev/null || echo "PF not running"
|
|
|
|
# Reload PF rules via hostd
|
|
[group("system")]
|
|
pf-reload:
|
|
@npx tsx scripts/hostd-cli.ts pf-reload
|
|
|
|
# ── Dashboard ───────────────────────────────────────────────────────────────
|
|
|
|
# Regenerate operator dashboard HTML
|
|
[group("system")]
|
|
dashboard:
|
|
@npx tsx scripts/dashboard.ts
|
|
|
|
# ── Dev Workflow ────────────────────────────────────────────────────────────
|
|
|
|
# Generate changelog from git log
|
|
[group("dev")]
|
|
gen-changelog:
|
|
npx tsx scripts/gen-changelog.ts
|
|
|
|
# Activate tracked git hooks
|
|
[group("dev")]
|
|
install-hooks:
|
|
git config core.hooksPath hooks
|
|
|
|
git-doctor:
|
|
sh scripts/git-doctor.sh
|
|
|
|
# Pull latest changes and rebuild
|
|
[group("dev")]
|
|
pull:
|
|
git pull --rebase origin main && just build
|
|
|
|
# Run post-update scripts after a pull
|
|
[group("dev")]
|
|
post-update:
|
|
@npx tsx scripts/post-update.ts
|
|
|
|
# Tag and push a release
|
|
[group("dev")]
|
|
release:
|
|
node -e "const v='v'+require('./package.json').version; require('child_process').execSync('git tag -a '+v+' -m '+v+' && git push origin '+v, {stdio:'inherit'});"
|