Slice 2: real auth, agent-mediated repo/branch listing, deployment list from SQLite

- protocol: add RepoInfo, RouteOverride; add HostPort, SandboxID to DeployRequest.
- ws hub: add CallAgent for sync request/response RPCs over the agent WS,
  and DeliverAgentReply to route {op:reply} frames back to the caller.
  UnregisterAgent now also fails any pending RPCs so callers don't hang.
- agent-micro: new op handlers list_repos, list_branches, probe.
  Wire protocol.Event frames use json.RawMessage so each op decodes
  its own data shape.
- agent-gateway: same op handlers (list_repos/list_branches/probe) plus
  push_routes, which the gateway uses to rewrite the api-gateway
  config.php. Detailed in a later commit.
- control-plane login: validateViaAgent now calls CallAgent('probe')
  against the gateway agent (git ls-remote), replacing the
  accept-any-creds stub.
- control-plane repos: handleListRepos and handleListBranches forward
  to the agents via list_repos / list_branches RPCs, replacing the
  hardcoded fixtures.
- control-plane deployments: split into its own file. handleListDeployments
  reads from SQLite (was hardcoded []). handleCreateDeployment now
  supports sandbox-scoped deploys with a host port + env merge.
  handleStopDeployment looks up the node from the deployment row.
- store: split into store.go + deployments.go. The Deployment type
  adds sandboxId, containerId, hostPort. StartDeploymentInSandbox,
  SetContainerID, ListDeployments, GetDeployment, LatestDeploymentBySandboxService
  are new.
- store_test.go: round-trips every Slice-2 path (env, sandbox,
  template, clone, routes, deployment).
- .gitignore: track bin/ — the build runs on a separate Linux box
  with the golang:1.24 toolchain, and the binaries are SCPed from
  there to the company VMs (92 / 186). The VMs have no internet.
- Tracked bin/{control-plane,agent-micro,agent-gateway}.
This commit is contained in:
Achmad
2026-06-24 03:58:53 +00:00
parent 2bc3ff73a2
commit 55d7705c63
17 changed files with 1244 additions and 317 deletions
+23 -1
View File
@@ -20,9 +20,11 @@ type Event struct {
// Credentials are passed per-operation; agents MUST NOT log or persist them.
type DeployRequest struct {
DeploymentID string `json:"deploymentId"`
SandboxID string `json:"sandboxId,omitempty"` // owning sandbox (Slice 2)
Repository string `json:"repository"` // name from agent's repo config
Branch string `json:"branch"`
Env map[string]string `json:"env,omitempty"` // injected into container
HostPort int `json:"hostPort,omitempty"` // host port to bind the container to
Env map[string]string `json:"env,omitempty"` // injected into container
Username string `json:"username"`
Password string `json:"password"`
}
@@ -33,3 +35,23 @@ type DeployResponse struct {
OK bool `json:"ok"`
Error string `json:"error,omitempty"`
}
// RepoInfo describes one repository the agent knows about.
type RepoInfo struct {
Name string `json:"name"`
Path string `json:"path"`
// DefaultBranch is best-effort; empty if the repo is empty or unreadable.
DefaultBranch string `json:"defaultBranch,omitempty"`
}
// RouteOverride is a single "<service>_url" line the gateway agent should
// rewrite in the API gateway's config.php. The key is the PHP array key
// (e.g. "haven_url"); the value is the new URL (e.g.
// "http://172.18.136.92:9001"). TargetOCP=true means "leave it alone /
// point back at the OCP URL"; in that case the agent should restore the
// original value from its snapshot.
type RouteOverride struct {
Key string `json:"key"` // e.g. "haven_url"
Value string `json:"value"` // new URL, e.g. "http://172.18.136.92:9001"
TargetOCP bool `json:"targetOcp"` // if true, restore OCP URL from snapshot
}