mirror of
https://github.com/alkimake/paperclip.git
synced 2026-06-14 01:50:39 +09:00
f9cf1d2f6a
## Thinking Path > - Paperclip orchestrates AI agents for zero-human companies > - Agents can run inside sandboxed environments like E2B, or on remote hosts via SSH > - The cursor adapter needs to resolve `cursor-agent` inside sandbox environments where it's installed in `~/.local/bin` > - But when using the default `agent` command on a sandbox target, the adapter didn't know to look in `~/.local/bin/cursor-agent`, causing "command not found" failures > - Additionally, repeated SSH runs failed because `git checkout` during workspace sync conflicted with leftover `.paperclip-runtime` files from previous runs > - This PR adds sandbox-aware command resolution for cursor and fixes the SSH workspace sync conflict > - The benefit is cursor works in E2B sandboxes out of the box, and repeated SSH runs don't fail on workspace sync ## What Changed - `cursor-local`: Added `prepareCursorSandboxCommand` — on sandbox targets, reads the remote `$HOME`, prepends `~/.local/bin` to PATH, and prefers `~/.local/bin/cursor-agent` when the default command is requested; tightened the sandbox command probe to validate the binary exists before launching; preserves explicit custom command overrides - `adapter-utils/ssh.ts`: Added `--force` to git checkout in SSH workspace sync to handle `.paperclip-runtime` untracked file conflicts from previous runs ## Verification - `pnpm test` — all existing and new tests pass, including cursor sandbox probe, sandbox execution, and custom command override tests - `pnpm typecheck` — clean - Manual: configure an E2B environment, run a cursor-local task, verify it resolves cursor-agent from the sandbox install path ## Risks - Low-medium. The `--force` flag on git checkout could discard uncommitted changes in the remote workspace, but the workspace is managed by Paperclip and should not contain user edits. ## Model Used Codex GPT 5.4 high via Paperclip. ## Checklist - [x] I have included a thinking path that traces from project context to this change - [x] I have specified the model used (with version and capability details) - [x] I have checked ROADMAP.md and confirmed this PR does not duplicate planned core work - [x] I have run tests locally and they pass - [x] I have added or updated tests where applicable - [ ] If this change affects the UI, I have included before/after screenshots - [x] I have updated relevant documentation to reflect my changes - [x] I have considered and documented any risks above - [x] I will address all Greptile and reviewer comments before requesting merge
327 lines
11 KiB
TypeScript
327 lines
11 KiB
TypeScript
import type {
|
|
AdapterEnvironmentCheck,
|
|
AdapterEnvironmentTestContext,
|
|
AdapterEnvironmentTestResult,
|
|
} from "@paperclipai/adapter-utils";
|
|
import {
|
|
asString,
|
|
parseObject,
|
|
ensurePathInEnv,
|
|
} from "@paperclipai/adapter-utils/server-utils";
|
|
import {
|
|
asStringArray,
|
|
} from "@paperclipai/adapter-utils/server-utils";
|
|
import {
|
|
ensureAdapterExecutionTargetCommandResolvable,
|
|
ensureAdapterExecutionTargetDirectory,
|
|
runAdapterExecutionTargetProcess,
|
|
describeAdapterExecutionTarget,
|
|
resolveAdapterExecutionTargetCwd,
|
|
} from "@paperclipai/adapter-utils/execution-target";
|
|
import { discoverPiModelsCached } from "./models.js";
|
|
import { parsePiJsonl } from "./parse.js";
|
|
|
|
function summarizeStatus(checks: AdapterEnvironmentCheck[]): AdapterEnvironmentTestResult["status"] {
|
|
if (checks.some((check) => check.level === "error")) return "fail";
|
|
if (checks.some((check) => check.level === "warn")) return "warn";
|
|
return "pass";
|
|
}
|
|
|
|
function firstNonEmptyLine(text: string): string {
|
|
return (
|
|
text
|
|
.split(/\r?\n/)
|
|
.map((line) => line.trim())
|
|
.find(Boolean) ?? ""
|
|
);
|
|
}
|
|
|
|
function summarizeProbeDetail(stdout: string, stderr: string, parsedError: string | null): string | null {
|
|
const raw = parsedError?.trim() || firstNonEmptyLine(stderr) || firstNonEmptyLine(stdout);
|
|
if (!raw) return null;
|
|
const clean = raw.replace(/\s+/g, " ").trim();
|
|
const max = 240;
|
|
return clean.length > max ? `${clean.slice(0, max - 1)}...` : clean;
|
|
}
|
|
|
|
function normalizeEnv(input: unknown): Record<string, string> {
|
|
if (typeof input !== "object" || input === null || Array.isArray(input)) return {};
|
|
const env: Record<string, string> = {};
|
|
for (const [key, value] of Object.entries(input as Record<string, unknown>)) {
|
|
if (typeof value === "string") env[key] = value;
|
|
}
|
|
return env;
|
|
}
|
|
|
|
const PI_AUTH_REQUIRED_RE =
|
|
/(?:auth(?:entication)?\s+required|api\s*key|invalid\s*api\s*key|not\s+logged\s+in|free\s+usage\s+exceeded)/i;
|
|
const PI_STALE_PACKAGE_RE = /pi-driver|npm:\s*pi-driver/i;
|
|
|
|
function buildPiModelDiscoveryFailureCheck(message: string): AdapterEnvironmentCheck {
|
|
if (PI_STALE_PACKAGE_RE.test(message)) {
|
|
return {
|
|
code: "pi_package_install_failed",
|
|
level: "warn",
|
|
message: "Pi startup failed while installing configured package `npm:pi-driver`.",
|
|
detail: message,
|
|
hint: "Remove `npm:pi-driver` from ~/.pi/agent/settings.json or set adapter env HOME to a clean Pi profile, then retry `pi --list-models`.",
|
|
};
|
|
}
|
|
|
|
return {
|
|
code: "pi_models_discovery_failed",
|
|
level: "warn",
|
|
message,
|
|
hint: "Run `pi --list-models` manually to verify provider auth and config.",
|
|
};
|
|
}
|
|
|
|
export async function testEnvironment(
|
|
ctx: AdapterEnvironmentTestContext,
|
|
): Promise<AdapterEnvironmentTestResult> {
|
|
const checks: AdapterEnvironmentCheck[] = [];
|
|
const config = parseObject(ctx.config);
|
|
const command = asString(config.command, "pi");
|
|
const target = ctx.executionTarget ?? null;
|
|
const targetIsRemote = target?.kind === "remote";
|
|
const cwd = resolveAdapterExecutionTargetCwd(target, asString(config.cwd, ""), process.cwd());
|
|
const targetLabel = targetIsRemote
|
|
? ctx.environmentName ?? describeAdapterExecutionTarget(target)
|
|
: null;
|
|
const runId = `pi-envtest-${Date.now()}-${Math.random().toString(16).slice(2)}`;
|
|
|
|
if (targetLabel) {
|
|
checks.push({
|
|
code: "pi_environment_target",
|
|
level: "info",
|
|
message: `Probing inside environment: ${targetLabel}`,
|
|
});
|
|
}
|
|
|
|
try {
|
|
await ensureAdapterExecutionTargetDirectory(runId, target, cwd, {
|
|
cwd,
|
|
env: {},
|
|
createIfMissing: false,
|
|
});
|
|
checks.push({
|
|
code: "pi_cwd_valid",
|
|
level: "info",
|
|
message: `Working directory is valid: ${cwd}`,
|
|
});
|
|
} catch (err) {
|
|
checks.push({
|
|
code: "pi_cwd_invalid",
|
|
level: "error",
|
|
message: err instanceof Error ? err.message : "Invalid working directory",
|
|
detail: cwd,
|
|
});
|
|
}
|
|
|
|
const envConfig = parseObject(config.env);
|
|
const env: Record<string, string> = {};
|
|
for (const [key, value] of Object.entries(envConfig)) {
|
|
if (typeof value === "string") env[key] = value;
|
|
}
|
|
const runtimeEnv = normalizeEnv(ensurePathInEnv({ ...process.env, ...env }));
|
|
|
|
const cwdInvalid = checks.some((check) => check.code === "pi_cwd_invalid");
|
|
if (cwdInvalid) {
|
|
checks.push({
|
|
code: "pi_command_skipped",
|
|
level: "warn",
|
|
message: "Skipped command check because working directory validation failed.",
|
|
detail: command,
|
|
});
|
|
} else {
|
|
try {
|
|
await ensureAdapterExecutionTargetCommandResolvable(command, target, cwd, runtimeEnv);
|
|
checks.push({
|
|
code: "pi_command_resolvable",
|
|
level: "info",
|
|
message: `Command is executable: ${command}`,
|
|
});
|
|
} catch (err) {
|
|
checks.push({
|
|
code: "pi_command_unresolvable",
|
|
level: "error",
|
|
message: err instanceof Error ? err.message : "Command is not executable",
|
|
detail: command,
|
|
});
|
|
}
|
|
}
|
|
|
|
const canRunProbe =
|
|
checks.every((check) => check.code !== "pi_cwd_invalid" && check.code !== "pi_command_unresolvable");
|
|
|
|
// Pi model discovery shells out to `pi --list-models` locally; when probing a
|
|
// remote target we skip discovery and let the remote hello probe surface
|
|
// model/auth issues directly.
|
|
if (!targetIsRemote && canRunProbe) {
|
|
try {
|
|
const discovered = await discoverPiModelsCached({ command, cwd, env: runtimeEnv });
|
|
if (discovered.length > 0) {
|
|
checks.push({
|
|
code: "pi_models_discovered",
|
|
level: "info",
|
|
message: `Discovered ${discovered.length} model(s) from Pi.`,
|
|
});
|
|
} else {
|
|
checks.push({
|
|
code: "pi_models_empty",
|
|
level: "warn",
|
|
message: "Pi returned no models.",
|
|
hint: "Run `pi --list-models` and verify provider authentication.",
|
|
});
|
|
}
|
|
} catch (err) {
|
|
checks.push(
|
|
buildPiModelDiscoveryFailureCheck(
|
|
err instanceof Error ? err.message : "Pi model discovery failed.",
|
|
),
|
|
);
|
|
}
|
|
}
|
|
|
|
const configuredModel = asString(config.model, "").trim();
|
|
if (!configuredModel) {
|
|
checks.push({
|
|
code: "pi_model_required",
|
|
level: "error",
|
|
message: "Pi requires a configured model in provider/model format.",
|
|
hint: "Set adapterConfig.model using an ID from `pi --list-models`.",
|
|
});
|
|
} else if (targetIsRemote) {
|
|
checks.push({
|
|
code: "pi_model_validation_skipped_remote",
|
|
level: "info",
|
|
message: `Skipped local model validation; will be validated by the hello probe inside ${targetLabel}.`,
|
|
});
|
|
} else if (canRunProbe) {
|
|
// Verify model is in the list
|
|
try {
|
|
const discovered = await discoverPiModelsCached({ command, cwd, env: runtimeEnv });
|
|
const modelExists = discovered.some((m: { id: string }) => m.id === configuredModel);
|
|
if (modelExists) {
|
|
checks.push({
|
|
code: "pi_model_configured",
|
|
level: "info",
|
|
message: `Configured model: ${configuredModel}`,
|
|
});
|
|
} else {
|
|
checks.push({
|
|
code: "pi_model_not_found",
|
|
level: "warn",
|
|
message: `Configured model "${configuredModel}" not found in available models.`,
|
|
hint: "Run `pi --list-models` and choose a currently available provider/model ID.",
|
|
});
|
|
}
|
|
} catch {
|
|
// If we can't verify, just note it
|
|
checks.push({
|
|
code: "pi_model_configured",
|
|
level: "info",
|
|
message: `Configured model: ${configuredModel}`,
|
|
});
|
|
}
|
|
}
|
|
|
|
if (canRunProbe && configuredModel) {
|
|
// Parse model for probe
|
|
const provider = configuredModel.includes("/")
|
|
? configuredModel.slice(0, configuredModel.indexOf("/"))
|
|
: "";
|
|
const modelId = configuredModel.includes("/")
|
|
? configuredModel.slice(configuredModel.indexOf("/") + 1)
|
|
: configuredModel;
|
|
const thinking = asString(config.thinking, "").trim();
|
|
const extraArgs = (() => {
|
|
const fromExtraArgs = asStringArray(config.extraArgs);
|
|
if (fromExtraArgs.length > 0) return fromExtraArgs;
|
|
return asStringArray(config.args);
|
|
})();
|
|
|
|
const args = ["-p", "Respond with hello.", "--mode", "json"];
|
|
if (provider) args.push("--provider", provider);
|
|
if (modelId) args.push("--model", modelId);
|
|
if (thinking) args.push("--thinking", thinking);
|
|
args.push("--tools", "read");
|
|
if (extraArgs.length > 0) args.push(...extraArgs);
|
|
|
|
try {
|
|
const probe = await runAdapterExecutionTargetProcess(
|
|
runId,
|
|
target,
|
|
command,
|
|
args,
|
|
{
|
|
cwd,
|
|
env: runtimeEnv,
|
|
timeoutSec: 60,
|
|
graceSec: 5,
|
|
onLog: async () => {},
|
|
},
|
|
);
|
|
|
|
const parsed = parsePiJsonl(probe.stdout);
|
|
const detail = summarizeProbeDetail(probe.stdout, probe.stderr, parsed.errors[0] ?? null);
|
|
const authEvidence = `${parsed.errors.join("\n")}\n${probe.stdout}\n${probe.stderr}`.trim();
|
|
|
|
if (probe.timedOut) {
|
|
checks.push({
|
|
code: "pi_hello_probe_timed_out",
|
|
level: "warn",
|
|
message: "Pi hello probe timed out.",
|
|
hint: "Retry the probe. If this persists, run Pi manually in this working directory.",
|
|
});
|
|
} else if ((probe.exitCode ?? 1) === 0 && parsed.errors.length === 0) {
|
|
const summary = (parsed.finalMessage || parsed.messages.join(" ")).trim();
|
|
const hasHello = /\bhello\b/i.test(summary);
|
|
checks.push({
|
|
code: hasHello ? "pi_hello_probe_passed" : "pi_hello_probe_unexpected_output",
|
|
level: hasHello ? "info" : "warn",
|
|
message: hasHello
|
|
? "Pi hello probe succeeded."
|
|
: "Pi probe ran but did not return `hello` as expected.",
|
|
...(summary ? { detail: summary.replace(/\s+/g, " ").trim().slice(0, 240) } : {}),
|
|
...(hasHello
|
|
? {}
|
|
: {
|
|
hint: "Run `pi --mode json` manually and prompt `Respond with hello` to inspect output.",
|
|
}),
|
|
});
|
|
} else if (PI_AUTH_REQUIRED_RE.test(authEvidence)) {
|
|
checks.push({
|
|
code: "pi_hello_probe_auth_required",
|
|
level: "warn",
|
|
message: "Pi is installed, but provider authentication is not ready.",
|
|
...(detail ? { detail } : {}),
|
|
hint: "Set provider API key environment variable (e.g., ANTHROPIC_API_KEY, XAI_API_KEY) and retry.",
|
|
});
|
|
} else {
|
|
checks.push({
|
|
code: "pi_hello_probe_failed",
|
|
level: "error",
|
|
message: "Pi hello probe failed.",
|
|
...(detail ? { detail } : {}),
|
|
hint: "Run `pi --mode json` manually in this working directory to debug.",
|
|
});
|
|
}
|
|
} catch (err) {
|
|
checks.push({
|
|
code: "pi_hello_probe_failed",
|
|
level: "error",
|
|
message: "Pi hello probe failed.",
|
|
detail: err instanceof Error ? err.message : String(err),
|
|
hint: "Run `pi --mode json` manually in this working directory to debug.",
|
|
});
|
|
}
|
|
}
|
|
|
|
return {
|
|
adapterType: ctx.adapterType,
|
|
status: summarizeStatus(checks),
|
|
checks,
|
|
testedAt: new Date().toISOString(),
|
|
};
|
|
}
|