mirror of
https://github.com/google-gemini/gemini-cli.git
synced 2026-05-23 18:22:37 -07:00
fix(workspaces): clean up distractors and fix ESM runtime errors
This commit is contained in:
mkorwel
@@ -1,63 +1,71 @@
|
||||
/**
|
||||
* Workspace Orchestrator (Local)
|
||||
*
|
||||
* Central coordination of remote tasks.
|
||||
* Wakes workers, prepares worktrees, and launches tmux sessions.
|
||||
* @license
|
||||
* Copyright 2026 Google LLC
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*/
|
||||
import { spawnSync } from 'child_process';
|
||||
import path from 'path';
|
||||
import fs from 'fs';
|
||||
import { fileURLToPath } from 'url';
|
||||
import { spawnSync } from 'node:child_process';
|
||||
import path from 'node:path';
|
||||
import fs from 'node:fs';
|
||||
import { fileURLToPath } from 'node:url';
|
||||
import { ProviderFactory } from './providers/ProviderFactory.ts';
|
||||
|
||||
const __dirname = path.dirname(fileURLToPath(import.meta.url));
|
||||
const REPO_ROOT = path.resolve(__dirname, '../../../..');
|
||||
|
||||
function q(str: string) {
|
||||
return `'${str.replace(/'/g, "'\\''")}'`;
|
||||
return `'${str.replace(/'/g, "'\\''")}'`;
|
||||
}
|
||||
|
||||
export async function runOrchestrator(args: string[], env: NodeJS.ProcessEnv = process.env) {
|
||||
export async function runOrchestrator(
|
||||
args: string[],
|
||||
env: NodeJS.ProcessEnv = process.env,
|
||||
) {
|
||||
let prNumber = args[0];
|
||||
let action = args[1] || 'review';
|
||||
|
||||
// Handle "shell" mode: npm run workspace:shell [identifier]
|
||||
// Handle "shell" mode: workspace shell [identifier]
|
||||
const isShellMode = prNumber === 'shell';
|
||||
if (isShellMode) {
|
||||
prNumber = args[1] || `adhoc-${Math.floor(Math.random() * 10000)}`;
|
||||
action = 'shell';
|
||||
prNumber = args[1] || `adhoc-${Math.floor(Math.random() * 10000)}`;
|
||||
action = 'shell';
|
||||
}
|
||||
|
||||
if (!prNumber) {
|
||||
console.error('❌ Usage: npm run workspace <PR_NUMBER> [action] OR npm run workspace:shell [identifier]');
|
||||
console.error(
|
||||
'❌ Usage: workspace <PR_NUMBER> [action] OR workspace shell [identifier]',
|
||||
);
|
||||
return 1;
|
||||
}
|
||||
|
||||
// 1. Load Settings
|
||||
const settingsPath = path.join(REPO_ROOT, '.gemini/workspaces/settings.json');
|
||||
if (!fs.existsSync(settingsPath)) {
|
||||
console.error('❌ Workspace settings not found. Run "npm run workspace:setup" first.');
|
||||
console.error(
|
||||
'❌ Workspace settings not found. Run "workspace setup" first.',
|
||||
);
|
||||
return 1;
|
||||
}
|
||||
const settings = JSON.parse(fs.readFileSync(settingsPath, 'utf8'));
|
||||
const config = settings.workspace;
|
||||
|
||||
const targetVM = `gcli-workspace-${env.USER || 'mattkorwel'}`;
|
||||
const provider = ProviderFactory.getProvider({ projectId: config.projectId, zone: config.zone, instanceName: targetVM });
|
||||
const provider = ProviderFactory.getProvider({
|
||||
projectId: config.projectId,
|
||||
zone: config.zone,
|
||||
instanceName: targetVM,
|
||||
});
|
||||
|
||||
// 2. Wake Worker & Verify Container
|
||||
await provider.ensureReady();
|
||||
|
||||
// Retrieve the remote user to ensure we run git commands correctly
|
||||
const whoamiRes = await provider.getExecOutput('whoami');
|
||||
const remoteUser = whoamiRes.stdout.trim();
|
||||
await provider.getExecOutput('whoami');
|
||||
|
||||
// Paths - Unified across host and container
|
||||
const hostWorkspaceRoot = `/home/node/.workspaces`;
|
||||
const hostWorkDir = `${hostWorkspaceRoot}/main`;
|
||||
const containerHome = '/home/node';
|
||||
const containerWorkspaceRoot = `/home/node/.workspaces`;
|
||||
|
||||
|
||||
const remotePolicyPath = `${containerWorkspaceRoot}/policies/workspace-policy.toml`;
|
||||
const persistentScripts = `${containerWorkspaceRoot}/scripts`;
|
||||
const sessionName = `workspace-${prNumber}-${action}`;
|
||||
@@ -65,40 +73,42 @@ export async function runOrchestrator(args: string[], env: NodeJS.ProcessEnv = p
|
||||
const hostWorktreeDir = `${hostWorkspaceRoot}/worktrees/${sessionName}`;
|
||||
|
||||
// 3. Remote Context Setup (Executed on HOST for permission simplicity)
|
||||
console.log(`🚀 Preparing remote environment for ${action} on ${isShellMode ? 'branch/id' : '#'}${prNumber}...`);
|
||||
|
||||
console.log(
|
||||
`🚀 Preparing remote environment for ${action} on ${isShellMode ? 'branch/id' : '#'}${prNumber}...`,
|
||||
);
|
||||
|
||||
// FIX: Use the host path to check for existence
|
||||
const check = await provider.getExecOutput(`ls -d ${hostWorktreeDir}/.git`);
|
||||
|
||||
|
||||
// FIX: Ensure container user (node) owns the workspaces directories
|
||||
console.log(' - Synchronizing container permissions...');
|
||||
await provider.exec(`sudo chown -R 1000:1000 /home/node/.workspaces`);
|
||||
if (check.status !== 0) {
|
||||
console.log(` - Provisioning isolated git worktree for ${prNumber}...`);
|
||||
if (check.status !== 0) {
|
||||
console.log(` - Provisioning isolated git worktree for ${prNumber}...`);
|
||||
|
||||
// We run these on the host. Since setup might have left the repo root-owned, we use sudo.
|
||||
// We use environment variables to bypass safe.directory checks on a read-only filesystem.
|
||||
const gitEnv = `GIT_CONFIG_COUNT=1 GIT_CONFIG_KEY_0=safe.directory GIT_CONFIG_VALUE_0=${hostWorkDir}`;
|
||||
// We run these on the host. Since setup might have left the repo root-owned, we use sudo.
|
||||
// We use environment variables to bypass safe.directory checks on a read-only filesystem.
|
||||
const gitEnv = `GIT_CONFIG_COUNT=1 GIT_CONFIG_KEY_0=safe.directory GIT_CONFIG_VALUE_0=${hostWorkDir}`;
|
||||
|
||||
const gitFetch = isShellMode
|
||||
const gitFetch = isShellMode
|
||||
? `sudo ${gitEnv} git -C ${hostWorkDir} fetch --quiet origin`
|
||||
: `sudo ${gitEnv} git -C ${hostWorkDir} fetch --quiet upstream pull/${prNumber}/head`;
|
||||
|
||||
const gitTarget = isShellMode ? 'FETCH_HEAD' : 'FETCH_HEAD';
|
||||
const gitTarget = isShellMode ? 'FETCH_HEAD' : 'FETCH_HEAD';
|
||||
|
||||
const setupCmd = `
|
||||
sudo mkdir -p ${hostWorkspaceRoot}/worktrees && \
|
||||
sudo chown chronos:chronos ${hostWorkspaceRoot}/worktrees && \
|
||||
${gitFetch} && \
|
||||
sudo ${gitEnv} git -C ${hostWorkDir} worktree add --quiet -f ${hostWorktreeDir} ${gitTarget} 2>&1 && \
|
||||
sudo chown -R 1000:1000 ${hostWorkspaceRoot}
|
||||
`;
|
||||
const setupCmd = `
|
||||
sudo mkdir -p ${hostWorkspaceRoot}/worktrees && \
|
||||
sudo chown chronos:chronos ${hostWorkspaceRoot}/worktrees && \
|
||||
${gitFetch} && \
|
||||
sudo ${gitEnv} git -C ${hostWorkDir} worktree add --quiet -f ${hostWorktreeDir} ${gitTarget} 2>&1 && \
|
||||
sudo chown -R 1000:1000 ${hostWorkspaceRoot}
|
||||
`;
|
||||
const setupRes = await provider.getExecOutput(setupCmd);
|
||||
if (setupRes.status !== 0) {
|
||||
console.error(' ❌ Failed to provision remote worktree.');
|
||||
console.error(' STDOUT:', setupRes.stdout);
|
||||
console.error(' STDERR:', setupRes.stderr);
|
||||
return 1;
|
||||
console.error(' ❌ Failed to provision remote worktree.');
|
||||
console.error(' STDOUT:', setupRes.stdout);
|
||||
console.error(' STDERR:', setupRes.stderr);
|
||||
return 1;
|
||||
}
|
||||
console.log(' ✅ Worktree provisioned successfully.');
|
||||
} else {
|
||||
@@ -107,13 +117,19 @@ if (check.status !== 0) {
|
||||
|
||||
// AUTH: Dynamically retrieve credentials from host-side config/disk
|
||||
const remoteConfigPath = `${hostWorkspaceRoot}/gemini-cli-config/.gemini/settings.json`;
|
||||
const remoteSettingsRes = await provider.getExecOutput(`cat ${remoteConfigPath}`);
|
||||
const remoteSettingsRes = await provider.getExecOutput(
|
||||
`cat ${remoteConfigPath}`,
|
||||
);
|
||||
const remoteSettingsJson = remoteSettingsRes.stdout.trim();
|
||||
|
||||
const apiKeyRes = await provider.getExecOutput(`cat ${remoteConfigPath} | grep apiKey | cut -d '\"' -f 4`);
|
||||
|
||||
const apiKeyRes = await provider.getExecOutput(
|
||||
`cat ${remoteConfigPath} | grep apiKey | cut -d '"' -f 4`,
|
||||
);
|
||||
const remoteApiKey = apiKeyRes.stdout.trim();
|
||||
|
||||
const ghTokenRes = await provider.getExecOutput(`cat ${hostWorkspaceRoot}/.gh_token`);
|
||||
|
||||
const ghTokenRes = await provider.getExecOutput(
|
||||
`cat ${hostWorkspaceRoot}/.gh_token`,
|
||||
);
|
||||
const remoteGhToken = ghTokenRes.stdout.trim();
|
||||
|
||||
// AUTH: Inject credentials and settings directly into the worktree
|
||||
@@ -126,19 +142,23 @@ GEMINI_AUTO_UPDATE=0
|
||||
GEMINI_SANDBOX=workspace
|
||||
GEMINI_HOST=${targetVM}
|
||||
`.trim();
|
||||
await provider.exec(`sudo docker exec maintainer-worker sh -c ${q(`echo ${q(dotEnvContent)} > ${remoteWorktreeDir}/.env`)}`);
|
||||
|
||||
await provider.exec(
|
||||
`sudo docker exec maintainer-worker sh -c ${q(`echo ${q(dotEnvContent)} > ${remoteWorktreeDir}/.env`)}`,
|
||||
);
|
||||
|
||||
// Also inject the settings.json into the worktree's .gemini folder for maximum reliability
|
||||
await provider.exec(`sudo docker exec maintainer-worker sh -c ${q(`mkdir -p ${remoteWorktreeDir}/.gemini && echo ${q(remoteSettingsJson)} > ${remoteWorktreeDir}/.gemini/settings.json`)}`);
|
||||
await provider.exec(
|
||||
`sudo docker exec maintainer-worker sh -c ${q(`mkdir -p ${remoteWorktreeDir}/.gemini && echo ${q(remoteSettingsJson)} > ${remoteWorktreeDir}/.gemini/settings.json`)}`,
|
||||
);
|
||||
|
||||
// 4. Execution Logic
|
||||
// In shell mode, we just start gemini. In action mode, we run the entrypoint.
|
||||
const remoteWorker = isShellMode
|
||||
const remoteWorker = isShellMode
|
||||
? `gemini`
|
||||
: `tsx ${persistentScripts}/entrypoint.ts ${prNumber} . ${remotePolicyPath} ${action}`;
|
||||
|
||||
const authEnv = `-e GEMINI_AUTO_UPDATE=0 ${remoteApiKey ? `-e GEMINI_API_KEY=${remoteApiKey} ` : ''}${remoteGhToken ? `-e GITHUB_TOKEN=${remoteGhToken} -e GH_TOKEN=${remoteGhToken} ` : ''}`;
|
||||
|
||||
|
||||
// PERSISTENCE: Wrap the entire execution in a tmux session inside the container
|
||||
// We HIDE the tmux status bar to reduce visual noise
|
||||
const tmuxStyle = `
|
||||
@@ -147,25 +167,37 @@ GEMINI_HOST=${targetVM}
|
||||
|
||||
const tmuxCmd = `tmux new-session -A -s ${sessionName} ${q(`${tmuxStyle} cd ${remoteWorktreeDir} && ${remoteWorker}; exec $SHELL`)}`;
|
||||
const containerWrap = `sudo docker exec -it -e COLORTERM=truecolor -e TERM=xterm-256color ${authEnv}maintainer-worker sh -c ${q(tmuxCmd)}`;
|
||||
|
||||
|
||||
const finalSSH = provider.getRunCommand(containerWrap, { interactive: true });
|
||||
|
||||
const isWithinGemini = !!env.GEMINI_CLI || !!env.GEMINI_SESSION_ID || !!env.GCLI_SESSION_ID;
|
||||
|
||||
const isWithinGemini =
|
||||
!!env.GEMINI_CLI || !!env.GEMINI_SESSION_ID || !!env.GCLI_SESSION_ID;
|
||||
|
||||
// 1.5 Handle --open override
|
||||
const openIdx = args.indexOf('--open');
|
||||
let terminalTarget = config.terminalTarget || 'tab';
|
||||
if (openIdx !== -1 && args[openIdx + 1]) {
|
||||
terminalTarget = args[openIdx + 1];
|
||||
terminalTarget = args[openIdx + 1];
|
||||
}
|
||||
|
||||
const forceMainTerminal = terminalTarget === 'foreground';
|
||||
|
||||
if (!forceMainTerminal && isWithinGemini && env.TERM_PROGRAM === 'iTerm.app') {
|
||||
const tempCmdPath = path.join(process.env.TMPDIR || '/tmp', `workspace-ssh-${prNumber}.sh`);
|
||||
fs.writeFileSync(tempCmdPath, `#!/bin/bash\n${finalSSH}\nrm "$0"`, { mode: 0o755 });
|
||||
if (
|
||||
!forceMainTerminal &&
|
||||
isWithinGemini &&
|
||||
env.TERM_PROGRAM === 'iTerm.app'
|
||||
) {
|
||||
const tempCmdPath = path.join(
|
||||
process.env.TMPDIR || '/tmp',
|
||||
`workspace-ssh-${prNumber}.sh`,
|
||||
);
|
||||
fs.writeFileSync(tempCmdPath, `#!/bin/bash\n${finalSSH}\nrm "$0"`, {
|
||||
mode: 0o755,
|
||||
});
|
||||
|
||||
const appleScript = terminalTarget === 'window' ? `
|
||||
const appleScript =
|
||||
terminalTarget === 'window'
|
||||
? `
|
||||
on run argv
|
||||
tell application "iTerm"
|
||||
set newWindow to (create window with default profile)
|
||||
@@ -175,7 +207,8 @@ GEMINI_HOST=${targetVM}
|
||||
activate
|
||||
end tell
|
||||
end run
|
||||
` : `
|
||||
`
|
||||
: `
|
||||
on run argv
|
||||
tell application "iTerm"
|
||||
tell current window
|
||||
|
||||
Reference in New Issue
Block a user