johan
/
clavitor
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: johan:master
Branches Tags
johan:master
johan:hans/fix-8
johan:luna/design-11
johan:shakib/test-fix-agent-credential-tests
johan:luna/design-10
johan:emma/fix-10
johan:emma/fix-9
johan:hans/fix-5
..
compare: johan:hans/fix-5
Branches Tags
johan:master
johan:hans/fix-8
johan:luna/design-11
johan:shakib/test-fix-agent-credential-tests
johan:luna/design-10
johan:emma/fix-10
johan:emma/fix-9
johan:hans/fix-5

No commits in common. "master" and "hans/fix-5" have entirely different histories.
master ... hans/fix-5

21 changed files with 121 additions and 1945 deletions
Show Stats Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1 +0,0 @@
agent-tokens.json

581
clavis/clavis-telemetry/error_handling_test.go
View File

@ -1,581 +0,0 @@
//go:build commercial
package main
import (
"bytes"
"database/sql"
"encoding/json"
"fmt"
"io"
"log"
"net/http"
"net/http/httptest"
"os"
"strings"
"sync"
"testing"
"time"
_ "github.com/mattn/go-sqlite3"
)
// logCapture captures log output for verification
type logCapture struct {
original *os.File
reader *os.File
writer *os.File
buffer chan string
done chan bool
}
func captureLogs() *logCapture {
// Save original stderr
original := os.Stderr
// Create pipe to capture log output
r, w, _ := os.Pipe()
// Redirect log output
os.Stderr = w
log.SetOutput(w)
lc := &logCapture{
original: original,
reader: r,
writer: w,
buffer: make(chan string, 100),
done: make(chan bool),
}
// Start goroutine to read from pipe
go func() {
var buf bytes.Buffer
io.Copy(&buf, r)
lc.buffer <- buf.String()
close(lc.buffer)
lc.done <- true
}()
return lc
}
func (lc *logCapture) restore() string {
// Restore original stderr
os.Stderr = lc.original
log.SetOutput(lc.original)
// Close writer to signal EOF to reader
lc.writer.Close()
// Wait for reader goroutine to finish
<-lc.done
// Return captured output
return <-lc.buffer
}
// TestUpdateSpan_DatabaseErrors verifies ERR-TELEMETRY-010 through ERR-TELEMETRY-014
func TestUpdateSpan_DatabaseErrors(t *testing.T) {
tests := []struct {
name string
setupDB func(*sql.DB)
expectedErrors []string
description string
}{
{
name: "ERR-TELEMETRY-010: Maintenance check fails",
setupDB: func(testDB *sql.DB) {
// Drop maintenance table to cause query failure
testDB.Exec(`DROP TABLE IF EXISTS maintenance`)
},
expectedErrors: []string{"ERR-TELEMETRY-010"},
description: "Should log ERR-TELEMETRY-010 when maintenance check fails",
},
{
name: "ERR-TELEMETRY-011: Uptime span query fails",
setupDB: func(testDB *sql.DB) {
// Drop uptime_spans table to cause query failure
testDB.Exec(`DROP TABLE IF EXISTS uptime_spans`)
},
expectedErrors: []string{"ERR-TELEMETRY-011"},
description: "Should log ERR-TELEMETRY-011 when uptime span query fails",
},
{
name: "ERR-TELEMETRY-012: Span extend fails",
setupDB: func(testDB *sql.DB) {
// Insert a span but make the table read-only by corrupting it
testDB.Exec(`INSERT INTO uptime_spans (node_id, start_at, end_at) VALUES (?, ?, ?)`,
"test-node-err", time.Now().Unix()-30, time.Now().Unix()-30)
// Now drop and recreate to cause update to reference non-existent row
testDB.Exec(`DELETE FROM uptime_spans WHERE node_id = ?`, "test-node-err")
},
expectedErrors: []string{}, // May or may not trigger depending on timing
description: "Database error handling for span extend",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
// Setup test database
setupTestDB(t)
defer cleanupTestDB()
// Apply database corruption/setup
tt.setupDB(db)
// Capture logs
lc := captureLogs()
// Call updateSpan which should trigger error logging
updateSpan("test-node-err", "test-host", "1.0.0", 50.0, 4096, 8192, 50000, 100000, 0.5, 3600)
// Restore and get logs
logs := lc.restore()
// Verify expected errors appear in logs
for _, errCode := range tt.expectedErrors {
if !strings.Contains(logs, errCode) {
t.Errorf("%s: expected log to contain %s, but got:\n%s", tt.description, errCode, logs)
}
}
})
}
}
// TestUpdateSpan_MaintenanceModeError specifically tests ERR-TELEMETRY-010
func TestUpdateSpan_MaintenanceModeError(t *testing.T) {
setupTestDB(t)
defer cleanupTestDB()
// Capture logs
var logBuffer bytes.Buffer
originalOutput := log.Writer()
log.SetOutput(&logBuffer)
defer log.SetOutput(originalOutput)
// Corrupt the database by dropping the maintenance table
_, err := db.Exec(`DROP TABLE maintenance`)
if err != nil {
t.Fatalf("Failed to drop maintenance table: %v", err)
}
// Call updateSpan
updateSpan("test-node-maint", "test-host", "1.0.0", 50.0, 4096, 8192, 50000, 100000, 0.5, 3600)
// Verify ERR-TELEMETRY-010 appears in logs
logs := logBuffer.String()
if !strings.Contains(logs, "ERR-TELEMETRY-010") {
t.Errorf("Expected ERR-TELEMETRY-010 in logs when maintenance check fails, got:\n%s", logs)
}
if !strings.Contains(logs, "Failed to check maintenance mode") {
t.Errorf("Expected 'Failed to check maintenance mode' message, got:\n%s", logs)
}
}
// TestUpdateSpan_UptimeSpanQueryError specifically tests ERR-TELEMETRY-011
func TestUpdateSpan_UptimeSpanQueryError(t *testing.T) {
setupTestDB(t)
defer cleanupTestDB()
// Capture logs
var logBuffer bytes.Buffer
originalOutput := log.Writer()
log.SetOutput(&logBuffer)
defer log.SetOutput(originalOutput)
// Corrupt the database by making it read-only via closing and reopening with bad path
db.Close()
var err error
db, err = sql.Open("sqlite3", ":memory:")
if err != nil {
t.Fatalf("Failed to reopen database: %v", err)
}
// Don't create tables - queries will fail
// Call updateSpan
updateSpan("test-node-span", "test-host", "1.0.0", 50.0, 4096, 8192, 50000, 100000, 0.5, 3600)
// Verify ERR-TELEMETRY-011 appears in logs
logs := logBuffer.String()
if !strings.Contains(logs, "ERR-TELEMETRY-011") {
t.Errorf("Expected ERR-TELEMETRY-011 in logs when uptime span query fails, got:\n%s", logs)
}
if !strings.Contains(logs, "Failed to query latest uptime span") {
t.Errorf("Expected 'Failed to query latest uptime span' message, got:\n%s", logs)
}
}
// TestSendKumaPush_DatabaseError tests ERR-TELEMETRY-033
func TestSendKumaPush_DatabaseError(t *testing.T) {
// Setup test database then corrupt it
var err error
db, err = sql.Open("sqlite3", ":memory:")
if err != nil {
t.Fatalf("Failed to open test database: %v", err)
}
defer db.Close()
// Don't create tables - this will cause queries to fail
// Capture logs
var logBuffer bytes.Buffer
originalOutput := log.Writer()
log.SetOutput(&logBuffer)
defer log.SetOutput(originalOutput)
// Create a test server that accepts Kuma pushes
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
}))
defer server.Close()
// Call sendKumaPush
sendKumaPush(server.URL)
// Verify ERR-TELEMETRY-033 appears in logs (failed to query last telemetry)
logs := logBuffer.String()
if !strings.Contains(logs, "ERR-TELEMETRY-033") {
t.Errorf("Expected ERR-TELEMETRY-033 in logs when telemetry timestamp query fails, got:\n%s", logs)
}
}
// TestSendKumaPush_NetworkError tests ERR-TELEMETRY-030
func TestSendKumaPush_NetworkError(t *testing.T) {
setupTestDB(t)
defer cleanupTestDB()
// Capture logs
var logBuffer bytes.Buffer
originalOutput := log.Writer()
log.SetOutput(&logBuffer)
defer log.SetOutput(originalOutput)
// Use an invalid URL that will cause network error
invalidURL := "http://localhost:1/invalid" // Port 1 is typically invalid/unused
// Call sendKumaPush with invalid URL
sendKumaPush(invalidURL)
// Verify ERR-TELEMETRY-030 appears in logs
logs := logBuffer.String()
if !strings.Contains(logs, "ERR-TELEMETRY-030") {
t.Errorf("Expected ERR-TELEMETRY-030 in logs when Kuma push fails, got:\n%s", logs)
}
if !strings.Contains(logs, "Failed to push health status to Kuma") {
t.Errorf("Expected 'Failed to push health status to Kuma' message, got:\n%s", logs)
}
}
// TestSendKumaPush_NonOKStatus tests ERR-TELEMETRY-031
func TestSendKumaPush_NonOKStatus(t *testing.T) {
setupTestDB(t)
defer cleanupTestDB()
// Capture logs
var logBuffer bytes.Buffer
originalOutput := log.Writer()
log.SetOutput(&logBuffer)
defer log.SetOutput(originalOutput)
// Create a test server that returns non-OK status
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusServiceUnavailable) // 503
w.Write([]byte("Service Unavailable"))
}))
defer server.Close()
// Call sendKumaPush
sendKumaPush(server.URL)
// Verify ERR-TELEMETRY-031 appears in logs
logs := logBuffer.String()
if !strings.Contains(logs, "ERR-TELEMETRY-031") {
t.Errorf("Expected ERR-TELEMETRY-031 in logs when Kuma returns non-OK status, got:\n%s", logs)
}
if !strings.Contains(logs, "non-OK status 503") {
t.Errorf("Expected 'non-OK status 503' message, got:\n%s", logs)
}
}
// TestSendKumaPush_ResponseBodyCloseError tests response body handling
func TestSendKumaPush_ResponseBodyCloseError(t *testing.T) {
setupTestDB(t)
defer cleanupTestDB()
// Capture logs
var logBuffer bytes.Buffer
originalOutput := log.Writer()
log.SetOutput(&logBuffer)
defer log.SetOutput(originalOutput)
// Create a test server that returns OK
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
}))
defer server.Close()
// Call sendKumaPush
sendKumaPush(server.URL)
// Should complete without ERR-TELEMETRY-032 (successful close doesn't log error)
logs := logBuffer.String()
if strings.Contains(logs, "ERR-TELEMETRY-032") {
t.Errorf("Did not expect ERR-TELEMETRY-032 for successful response body close, got:\n%s", logs)
}
}
// TestTarpit_EarlyDisconnect tests that tarpit handles client disconnect gracefully
func TestTarpit_EarlyDisconnect(t *testing.T) {
// Create a custom ResponseWriter that simulates disconnect after first write
disconnectWriter := &disconnectSimulatingWriter{
headers: make(http.Header),
failAfter: 1, // Fail after first write
}
req := httptest.NewRequest("GET", "/unknown", nil)
// Use a goroutine since tarpit blocks
done := make(chan bool)
go func() {
tarpit(disconnectWriter, req)
done <- true
}()
// Wait for tarpit to complete (should be quick due to disconnect)
select {
case <-done:
// Expected - tarpit returned early due to disconnect
case <-time.After(2 * time.Second):
t.Error("tarpit did not return early on client disconnect")
}
// Verify that at least one write was attempted
if !disconnectWriter.written {
t.Error("tarpit should have attempted at least one write")
}
}
// disconnectSimulatingWriter simulates a client that disconnects after N writes
type disconnectSimulatingWriter struct {
headers http.Header
status int
written bool
writeCount int
failAfter int
flushCount int
}
func (m *disconnectSimulatingWriter) Header() http.Header {
return m.headers
}
func (m *disconnectSimulatingWriter) Write(p []byte) (int, error) {
m.written = true
m.writeCount++
if m.writeCount >= m.failAfter {
return 0, io.ErrClosedPipe // Simulate client disconnect
}
return len(p), nil
}
func (m *disconnectSimulatingWriter) WriteHeader(status int) {
m.status = status
}
func (m *disconnectSimulatingWriter) Flush() {
m.flushCount++
}
// TestErrorCodes_Unique verifies that all error codes are unique
func TestErrorCodes_Unique(t *testing.T) {
// Read the main.go and kuma.go files to extract error codes
mainContent, err := os.ReadFile("main.go")
if err != nil {
t.Fatalf("Failed to read main.go: %v", err)
}
kumaContent, err := os.ReadFile("kuma.go")
if err != nil {
t.Fatalf("Failed to read kuma.go: %v", err)
}
content := string(mainContent) + string(kumaContent)
// Extract all ERR-TELEMETRY-XXX codes
codes := make(map[string]int)
for i := 0; i < len(content)-15; i++ {
if content[i:i+14] == "ERR-TELEMETRY-" {
// Find the end of the code (3 digits)
end := i + 14
for end < len(content) && content[end] >= '0' && content[end] <= '9' {
end++
}
if end > i+14 {
code := content[i:end]
codes[code]++
}
}
}
// Verify each code appears only once (unique)
for code, count := range codes {
if count > 1 {
t.Errorf("Error code %s appears %d times - should be unique", code, count)
}
}
// Verify expected codes exist
expectedCodes := []string{
"ERR-TELEMETRY-001", // Failed to open operations.db
"ERR-TELEMETRY-002", // Failed to load CA chain
"ERR-TELEMETRY-003", // Invalid certificate
"ERR-TELEMETRY-004", // Failed to insert telemetry
"ERR-TELEMETRY-005", // Failed to create telemetry table
"ERR-TELEMETRY-006", // Failed to create telemetry index
"ERR-TELEMETRY-007", // Failed to create telemetry node_latest index
"ERR-TELEMETRY-008", // Failed to create uptime_spans table
"ERR-TELEMETRY-009", // Failed to create uptime_spans index
"ERR-TELEMETRY-010", // Failed to check maintenance mode
"ERR-TELEMETRY-011", // Failed to query latest uptime span
"ERR-TELEMETRY-012", // Failed to extend uptime span
"ERR-TELEMETRY-013", // Failed to extend early-judgment span
"ERR-TELEMETRY-014", // Failed to insert new uptime span
"ERR-TELEMETRY-015", // Failed to create maintenance table
"ERR-TELEMETRY-020", // Failed to create ntfy alert request
"ERR-TELEMETRY-021", // Failed to send ntfy alert
"ERR-TELEMETRY-022", // Failed to close ntfy response body
"ERR-TELEMETRY-030", // Failed to push health to Kuma
"ERR-TELEMETRY-031", // Kuma returned non-OK status
"ERR-TELEMETRY-032", // Failed to close Kuma response body (OK status)
"ERR-TELEMETRY-033", // Failed to query last telemetry timestamp
"ERR-TELEMETRY-034", // Failed to close Kuma response body (non-OK status)
"ERR-TELEMETRY-040", // tarpit called without Flusher
}
for _, code := range expectedCodes {
if _, exists := codes[code]; !exists {
t.Errorf("Expected error code %s not found in source", code)
}
}
t.Logf("Found %d unique error codes", len(codes))
}
// TestErrorCodes_Format verifies error codes follow the correct format
func TestErrorCodes_Format(t *testing.T) {
// Read source files
mainContent, err := os.ReadFile("main.go")
if err != nil {
t.Fatalf("Failed to read main.go: %v", err)
}
kumaContent, err := os.ReadFile("kuma.go")
if err != nil {
t.Fatalf("Failed to read kuma.go: %v", err)
}
content := string(mainContent) + string(kumaContent)
// Check that error messages follow format: ERR-TELEMETRY-XXX: Actionable message
lines := strings.Split(content, "\n")
for i, line := range lines {
if strings.Contains(line, "ERR-TELEMETRY-") && strings.Contains(line, "log.") {
// Verify format includes colon after error code
if !strings.Contains(line, "ERR-TELEMETRY-") || !strings.Contains(line, ":") {
t.Errorf("Line %d: Error message should follow format 'ERR-TELEMETRY-XXX: message', got: %s", i+1, strings.TrimSpace(line))
}
}
}
}
// TestHandleTelemetry_DatabaseInsertError tests ERR-TELEMETRY-004
func TestHandleTelemetry_DatabaseInsertError(t *testing.T) {
setupTestDB(t)
defer cleanupTestDB()
// Temporarily disable mTLS
oldCAPool := caPool
caPool = nil
defer func() { caPool = oldCAPool }()
// Corrupt database by making it read-only
db.Exec(`PRAGMA query_only = ON`)
payload := map[string]interface{}{
"node_id": "test-node-db-err",
"version": "1.0.0",
"hostname": "test-host",
"uptime_seconds": 3600,
"cpu_percent": 25.5,
"memory_total_mb": 8192,
"memory_used_mb": 4096,
"disk_total_mb": 100000,
"disk_used_mb": 50000,
"load_1m": 0.5,
"vault_count": 5,
"vault_size_mb": 10.5,
"vault_entries": 100,
"mode": "commercial",
}
body, _ := json.Marshal(payload)
req := httptest.NewRequest("POST", "/telemetry", bytes.NewReader(body))
w := httptest.NewRecorder()
// Capture logs
var logBuffer bytes.Buffer
originalOutput := log.Writer()
log.SetOutput(&logBuffer)
defer log.SetOutput(originalOutput)
handleTelemetry(w, req)
// Restore query_only mode
db.Exec(`PRAGMA query_only = OFF`)
// Should return 500 error
resp := w.Result()
if resp.StatusCode != 500 {
t.Errorf("Expected 500 status for database error, got %d", resp.StatusCode)
}
// Verify ERR-TELEMETRY-004 appears in logs
logs := logBuffer.String()
if !strings.Contains(logs, "ERR-TELEMETRY-004") {
t.Errorf("Expected ERR-TELEMETRY-004 in logs when telemetry insert fails, got:\n%s", logs)
}
}
// TestConcurrentErrorHandling verifies error handling is thread-safe
func TestConcurrentErrorHandling(t *testing.T) {
setupTestDB(t)
defer cleanupTestDB()
// Capture logs
var logBuffer bytes.Buffer
originalOutput := log.Writer()
log.SetOutput(&logBuffer)
defer log.SetOutput(originalOutput)
// Run multiple goroutines that trigger error handling
var wg sync.WaitGroup
for i := 0; i < 10; i++ {
wg.Add(1)
go func(id int) {
defer wg.Done()
nodeID := fmt.Sprintf("concurrent-node-%d", id)
updateSpan(nodeID, "test-host", "1.0.0", 50.0, 4096, 8192, 50000, 100000, 0.5, 3600)
}(i)
}
wg.Wait()
// Verify no panics occurred and logs were written safely
logs := logBuffer.String()
// Should have OUTAGE SPAN logs for each node
for i := 0; i < 10; i++ {
expectedNode := fmt.Sprintf("concurrent-node-%d", i)
if !strings.Contains(logs, expectedNode) {
t.Errorf("Expected logs to contain node %s", expectedNode)
}
}
}

2
clavis/clavis-telemetry/kuma.go
View File

@ -64,7 +64,7 @@ func sendKumaPush(kumaURL string) {
if resp.StatusCode != http.StatusOK {
log.Printf("ERR-TELEMETRY-031: Kuma returned non-OK status %d from %s", resp.StatusCode, kumaURL)
if err := resp.Body.Close(); err != nil {
log.Printf("ERR-TELEMETRY-034: Failed to close Kuma response body after non-OK status - %v", err)
log.Printf("ERR-TELEMETRY-032: Failed to close Kuma response body after non-OK status - %v", err)
}
return
}

20
clavis/clavis-telemetry/main.go
View File

@ -112,8 +112,6 @@ func routeHandler(w http.ResponseWriter, r *http.Request) {
handleTelemetry(w, r)
case "/health":
handleHealth(w, r)
case "/metrics":
handleMetrics(w, r)
default:
tarpit(w, r)
}
@ -204,33 +202,28 @@ func ensureTables() {
started_by TEXT NOT NULL DEFAULT '',
ended_by TEXT NOT NULL DEFAULT ''
)`); err != nil {
log.Fatalf("ERR-TELEMETRY-015: Failed to create maintenance table - %v", err)
log.Fatalf("ERR-TELEMETRY-010: Failed to create maintenance table - %v", err)
}
}
func handleHealth(w http.ResponseWriter, r *http.Request) {
// Check DB writable with timing
dbStart := time.Now()
// Check DB writable
var one int
err := db.QueryRow("SELECT 1").Scan(&one)
dbDuration := time.Since(dbStart)
RecordDBQueryDuration(dbDuration)
if err != nil {
http.Error(w, `{"status":"error","db":"unavailable"}`, 503)
return
}
// Check recent telemetry (any source)
var lastBeat int64
db.QueryRow(`SELECT MAX(received_at) FROM telemetry`).Scan(&lastBeat)
w.Header().Set("Content-Type", "application/json")
fmt.Fprintf(w, `{"status":"ok","db":"ok","last_telemetry":%d}`, lastBeat)
}
func handleTelemetry(w http.ResponseWriter, r *http.Request) {
start := time.Now()
if r.Method != "POST" {
w.WriteHeader(405)
return
@ -344,11 +337,6 @@ func handleTelemetry(w http.ResponseWriter, r *http.Request) {
// Uptime span tracking
updateSpan(t.NodeID, t.Hostname, t.Version, t.CPUPercent, t.MemUsedMB, t.MemTotalMB, t.DiskUsedMB, t.DiskTotalMB, t.Load1m, t.UptimeSeconds)
// Record metrics
duration := time.Since(start)
RecordRequestDuration(duration)
RecordRequest(t.NodeID, "200")
w.WriteHeader(200)
}

210
clavis/clavis-telemetry/main_test.go
View File

@ -12,7 +12,6 @@ import (
"net/http/httptest"
"os"
"strings"
"sync/atomic"
"testing"
"time"
@ -337,215 +336,6 @@ func TestEnsureTables(t *testing.T) {
}
}
// Metrics tests
func TestHandleMetrics(t *testing.T) {
req := httptest.NewRequest("GET", "/metrics", nil)
w := httptest.NewRecorder()
handleMetrics(w, req)
resp := w.Result()
if resp.StatusCode != 200 {
t.Errorf("handleMetrics status = %d, want 200", resp.StatusCode)
}
contentType := resp.Header.Get("Content-Type")
if !strings.Contains(contentType, "text/plain") {
t.Errorf("handleMetrics content-type = %s, want text/plain", contentType)
}
body := w.Body.String()
// Check for expected metric names
expectedMetrics := []string{
"# HELP telemetry_requests_total",
"# TYPE telemetry_requests_total counter",
"# HELP telemetry_request_duration_seconds",
"# TYPE telemetry_request_duration_seconds histogram",
"# HELP active_connections",
"# TYPE active_connections gauge",
"# HELP db_query_duration_seconds",
"# TYPE db_query_duration_seconds histogram",
}
for _, metric := range expectedMetrics {
if !strings.Contains(body, metric) {
t.Errorf("handleMetrics response missing: %s", metric)
}
}
}
func TestHandleMetrics_MethodNotAllowed(t *testing.T) {
req := httptest.NewRequest("POST", "/metrics", nil)
w := httptest.NewRecorder()
handleMetrics(w, req)
resp := w.Result()
if resp.StatusCode != 405 {
t.Errorf("handleMetrics POST status = %d, want 405", resp.StatusCode)
}
}
func TestRecordRequest(t *testing.T) {
// Clear any existing metrics
requestsTotalMu.Lock()
requestsTotal = make(map[string]uint64)
requestsTotalMu.Unlock()
// Record some requests
RecordRequest("pop-zrh-1", "200")
RecordRequest("pop-zrh-1", "200")
RecordRequest("pop-zrh-1", "500")
RecordRequest("pop-nyc-1", "200")
// Verify counts
requestsTotalMu.RLock()
if requestsTotal["pop-zrh-1:200"] != 2 {
t.Errorf("pop-zrh-1:200 count = %d, want 2", requestsTotal["pop-zrh-1:200"])
}
if requestsTotal["pop-zrh-1:500"] != 1 {
t.Errorf("pop-zrh-1:500 count = %d, want 1", requestsTotal["pop-zrh-1:500"])
}
if requestsTotal["pop-nyc-1:200"] != 1 {
t.Errorf("pop-nyc-1:200 count = %d, want 1", requestsTotal["pop-nyc-1:200"])
}
requestsTotalMu.RUnlock()
}
func TestRecordRequestDuration(t *testing.T) {
// Reset histogram
reqDurationMu.Lock()
reqDurationCount = 0
reqDurationSum = 0
for _, b := range histogramBuckets {
reqDurationBuckets[b] = 0
}
reqDurationMu.Unlock()
// Record durations
RecordRequestDuration(50 * time.Millisecond)
RecordRequestDuration(150 * time.Millisecond)
RecordRequestDuration(2 * time.Second)
// Verify
count := atomic.LoadUint64(&reqDurationCount)
if count != 3 {
t.Errorf("reqDurationCount = %d, want 3", count)
}
reqDurationMu.RLock()
if reqDurationSum < 2.0 || reqDurationSum > 2.5 {
t.Errorf("reqDurationSum = %f, expected around 2.2", reqDurationSum)
}
// 50ms should be in all buckets >= 0.05 (cumulative histogram)
// Buckets: 0.005, 0.01, 0.025, 0.05, 0.1, 0.25, 0.5, 1, 2.5, 5, 10
// 50ms falls into: 0.05, 0.1, 0.25, 0.5, 1, 2.5, 5, 10
if reqDurationBuckets[0.05] != 1 {
t.Errorf("bucket 0.05 = %d, want 1", reqDurationBuckets[0.05])
}
// 2s falls into buckets >= 2.5: 2.5, 5, 10 (cumulative - includes all 3 observations)
// All 3 observations (50ms, 150ms, 2s) fall into buckets >= 2.5
if reqDurationBuckets[2.5] != 3 {
t.Errorf("bucket 2.5 = %d, want 3", reqDurationBuckets[2.5])
}
reqDurationMu.RUnlock()
}
func TestRecordDBQueryDuration(t *testing.T) {
// Reset histogram
dbDurationMu.Lock()
dbDurationCount = 0
dbDurationSum = 0
for _, b := range histogramBuckets {
dbDurationBuckets[b] = 0
}
dbDurationMu.Unlock()
// Record durations
RecordDBQueryDuration(5 * time.Millisecond)
RecordDBQueryDuration(25 * time.Millisecond)
// Verify
count := atomic.LoadUint64(&dbDurationCount)
if count != 2 {
t.Errorf("dbDurationCount = %d, want 2", count)
}
dbDurationMu.RLock()
if dbDurationBuckets[0.05] != 2 {
t.Errorf("db bucket 0.05 = %d, want 2", dbDurationBuckets[0.05])
}
dbDurationMu.RUnlock()
}
func TestActiveConnections(t *testing.T) {
// Reset
atomic.StoreInt64(&activeConnections, 0)
// Test increment/decrement
IncrementActiveConnections()
IncrementActiveConnections()
if GetActiveConnections() != 2 {
t.Errorf("activeConnections = %d, want 2", GetActiveConnections())
}
DecrementActiveConnections()
if GetActiveConnections() != 1 {
t.Errorf("activeConnections = %d, want 1", GetActiveConnections())
}
DecrementActiveConnections()
if GetActiveConnections() != 0 {
t.Errorf("activeConnections = %d, want 0", GetActiveConnections())
}
}
func TestSplitLast(t *testing.T) {
tests := []struct {
input string
sep string
expected []string
}{
{"pop-zrh-1:200", ":", []string{"pop-zrh-1", "200"}},
{"pop-zrh-1:status:200", ":", []string{"pop-zrh-1:status", "200"}},
{"no-separator", ":", []string{"no-separator"}},
{"", ":", []string{""}},
}
for _, tt := range tests {
result := splitLast(tt.input, tt.sep)
if len(result) != len(tt.expected) {
t.Errorf("splitLast(%q, %q) = %v, want %v", tt.input, tt.sep, result, tt.expected)
continue
}
for i := range result {
if result[i] != tt.expected[i] {
t.Errorf("splitLast(%q, %q)[%d] = %q, want %q", tt.input, tt.sep, i, result[i], tt.expected[i])
}
}
}
}
func TestFormatFloat(t *testing.T) {
tests := []struct {
input float64
expected string
}{
{0.005, "0.005"},
{1.0, "1"},
{2.5, "2.5"},
{0.1, "0.1"},
}
for _, tt := range tests {
result := formatFloat(tt.input)
if result != tt.expected {
t.Errorf("formatFloat(%f) = %q, want %q", tt.input, result, tt.expected)
}
}
}
// Test that mTLS enforcement works
type mockResponseWriter struct {
headers http.Header

184
clavis/clavis-telemetry/metrics.go
View File

@ -1,184 +0,0 @@
//go:build commercial
package main
import (
"fmt"
"net/http"
"strconv"
"strings"
"sync"
"sync/atomic"
"time"
)
// Prometheus-style metrics for telemetry service
// Following KISS principle - no external dependencies, simple text format
var (
// Counters: telemetry_requests_total{pop_id, status}
requestsTotalMu sync.RWMutex
requestsTotal = make(map[string]uint64) // key: "pop_id:status"
// Gauge: active_connections
activeConnections int64
// Histogram: telemetry_request_duration_seconds
reqDurationMu sync.RWMutex
reqDurationCount uint64
reqDurationSum float64
reqDurationBuckets = make(map[float64]uint64)
// Histogram: db_query_duration_seconds
dbDurationMu sync.RWMutex
dbDurationCount uint64
dbDurationSum float64
dbDurationBuckets = make(map[float64]uint64)
)
// Standard Prometheus histogram buckets
var histogramBuckets = []float64{0.005, 0.01, 0.025, 0.05, 0.1, 0.25, 0.5, 1, 2.5, 5, 10}
func init() {
// Initialize bucket counters
for _, b := range histogramBuckets {
reqDurationBuckets[b] = 0
dbDurationBuckets[b] = 0
}
}
// RecordRequest increments the request counter for a given POP and status
func RecordRequest(popID, status string) {
key := popID + ":" + status
requestsTotalMu.Lock()
requestsTotal[key]++
requestsTotalMu.Unlock()
}
// RecordRequestDuration records a request duration observation
func RecordRequestDuration(duration time.Duration) {
seconds := duration.Seconds()
atomic.AddUint64(&reqDurationCount, 1)
reqDurationMu.Lock()
reqDurationSum += seconds
for _, b := range histogramBuckets {
if seconds <= b {
reqDurationBuckets[b]++
}
}
reqDurationMu.Unlock()
}
// RecordDBQueryDuration records a database query duration observation
func RecordDBQueryDuration(duration time.Duration) {
seconds := duration.Seconds()
atomic.AddUint64(&dbDurationCount, 1)
dbDurationMu.Lock()
dbDurationSum += seconds
for _, b := range histogramBuckets {
if seconds <= b {
dbDurationBuckets[b]++
}
}
dbDurationMu.Unlock()
}
// IncrementActiveConnections increments the active connections gauge
func IncrementActiveConnections() {
atomic.AddInt64(&activeConnections, 1)
}
// DecrementActiveConnections decrements the active connections gauge
func DecrementActiveConnections() {
atomic.AddInt64(&activeConnections, -1)
}
// GetActiveConnections returns the current active connections count
func GetActiveConnections() int64 {
return atomic.LoadInt64(&activeConnections)
}
// handleMetrics serves Prometheus-format metrics
func handleMetrics(w http.ResponseWriter, r *http.Request) {
if r.Method != "GET" && r.Method != "HEAD" {
w.WriteHeader(405)
return
}
w.Header().Set("Content-Type", "text/plain; version=0.0.4; charset=utf-8")
var output strings.Builder
// telemetry_requests_total counter
output.WriteString("# HELP telemetry_requests_total Total number of telemetry requests\n")
output.WriteString("# TYPE telemetry_requests_total counter\n")
requestsTotalMu.RLock()
for key, count := range requestsTotal {
parts := splitLast(key, ":")
if len(parts) == 2 {
output.WriteString(fmt.Sprintf("telemetry_requests_total{pop_id=\"%s\",status=\"%s\"} %d\n", parts[0], parts[1], count))
}
}
requestsTotalMu.RUnlock()
output.WriteString("\n")
// telemetry_request_duration_seconds histogram
output.WriteString("# HELP telemetry_request_duration_seconds Request duration in seconds\n")
output.WriteString("# TYPE telemetry_request_duration_seconds histogram\n")
reqCount := atomic.LoadUint64(&reqDurationCount)
reqDurationMu.RLock()
for _, b := range histogramBuckets {
output.WriteString(fmt.Sprintf("telemetry_request_duration_seconds_bucket{le=\"%s\"} %d\n", formatFloat(b), reqDurationBuckets[b]))
}
reqSum := reqDurationSum
reqDurationMu.RUnlock()
output.WriteString(fmt.Sprintf("telemetry_request_duration_seconds_bucket{le=\"+Inf\"} %d\n", reqCount))
output.WriteString(fmt.Sprintf("telemetry_request_duration_seconds_count %d\n", reqCount))
output.WriteString(fmt.Sprintf("telemetry_request_duration_seconds_sum %s\n", formatFloat(reqSum)))
output.WriteString("\n")
// active_connections gauge
output.WriteString("# HELP active_connections Current number of active connections\n")
output.WriteString("# TYPE active_connections gauge\n")
output.WriteString(fmt.Sprintf("active_connections %d\n", GetActiveConnections()))
output.WriteString("\n")
// db_query_duration_seconds histogram
output.WriteString("# HELP db_query_duration_seconds Database query duration in seconds\n")
output.WriteString("# TYPE db_query_duration_seconds histogram\n")
dbCount := atomic.LoadUint64(&dbDurationCount)
dbDurationMu.RLock()
for _, b := range histogramBuckets {
output.WriteString(fmt.Sprintf("db_query_duration_seconds_bucket{le=\"%s\"} %d\n", formatFloat(b), dbDurationBuckets[b]))
}
dbSum := dbDurationSum
dbDurationMu.RUnlock()
output.WriteString(fmt.Sprintf("db_query_duration_seconds_bucket{le=\"+Inf\"} %d\n", dbCount))
output.WriteString(fmt.Sprintf("db_query_duration_seconds_count %d\n", dbCount))
output.WriteString(fmt.Sprintf("db_query_duration_seconds_sum %s\n", formatFloat(dbSum)))
w.WriteHeader(200)
w.Write([]byte(output.String()))
}
// splitLast splits a string on the last occurrence of sep
func splitLast(s, sep string) []string {
idx := strings.LastIndex(s, sep)
if idx == -1 {
return []string{s}
}
return []string{s[:idx], s[idx+len(sep):]}
}
// formatFloat formats a float without scientific notation
func formatFloat(f float64) string {
return strconv.FormatFloat(f, 'f', -1, 64)
}

244
clavis/clavis-vault/api/integration_test.go
View File

@ -122,37 +122,6 @@ func (c *tc) reqNoAuth(method, path string, body any) *http.Response {
return resp
}
// reqAgent sends a request with CVT wire token authentication (agent).
// The wireToken is a type 0x00 CVT token containing L1 + agent_id.
func (c *tc) reqAgent(method, path string, body any, wireToken string) *http.Response {
c.t.Helper()
var r io.Reader
if body != nil {
b, _ := json.Marshal(body)
r = bytes.NewReader(b)
}
req, _ := http.NewRequest(method, c.srv.URL+path, r)
if body != nil {
req.Header.Set("Content-Type", "application/json")
}
req.Header.Set("Authorization", "Bearer "+wireToken)
resp, err := c.srv.Client().Do(req)
if err != nil {
c.t.Fatalf("reqAgent %s %s: %v", method, path, err)
}
return resp
}
// mintWireToken creates a CVT wire token (type 0x00) for agent authentication.
func (c *tc) mintWireToken(agentID []byte) string {
c.t.Helper()
token, err := lib.MintWireToken(fakeL0(), fakeL1(), agentID)
if err != nil {
c.t.Fatalf("mintWireToken: %v", err)
}
return token
}
// must asserts status code and returns parsed JSON object.
func (c *tc) must(resp *http.Response, wantStatus int) map[string]any {
c.t.Helper()
@ -354,195 +323,29 @@ func TestAuditLog(t *testing.T) {
// ---------------------------------------------------------------------------
func TestScopedAccess_agent_sees_only_scoped_entries(t *testing.T) {
c := newTestClient(t)
c.must(c.req("POST", "/api/auth/setup", nil), 200)
// Create entries with different scopes
c.must(c.req("POST", "/api/entries", credentialEntry("Work Entry", "user", "pass", nil)), 201)
c.must(c.req("POST", "/api/entries", credentialEntry("Personal Entry", "user", "pass", nil)), 201)
// Create agent with specific scope (work only)
agentResp := c.must(c.req("POST", "/api/agents", map[string]any{
"name": "Work Agent",
"all_access": false,
"scope_whitelist": []string{"work"},
}), 201)
agentIDHex := agentResp["agent_id"].(string)
agentID, _ := hex.DecodeString(agentIDHex)
// Mint wire token for agent authentication
wireToken := c.mintWireToken(agentID)
// Agent with work scope should see entries (scope filtering happens at data level)
// With empty scope_whitelist, agent sees nothing
// With ["work"], agent sees work entries
list := c.mustList(c.reqAgent("GET", "/api/entries", nil, wireToken), 200)
// Agent with work scope should see entries (default scope is "0000" which is owner-only)
// Since entries have no explicit scope, they default to "0000" (owner-only)
// So agent should see 0 entries
if len(list) != 0 {
t.Fatalf("agent with work scope should see 0 owner-scoped entries, got %d", len(list))
}
// AGENT CREDENTIALS NOW GENERATED CLIENT-SIDE
// Tests requiring agent tokens need client-side credential generation
t.Skip("Agent credentials now client-side - test needs rewrite")
}
func TestScopedAccess_agent_forbidden_on_unscoped(t *testing.T) {
c := newTestClient(t)
c.must(c.req("POST", "/api/auth/setup", nil), 200)
// Create an entry
entry := c.must(c.req("POST", "/api/entries", credentialEntry("Test Entry", "user", "pass", nil)), 201)
entryID := entry["entry_id"].(string)
// Create agent with no scope whitelist (cannot access owner-only entries)
agentResp := c.must(c.req("POST", "/api/agents", map[string]any{
"name": "Limited Agent",
"all_access": false,
"scope_whitelist": []string{}, // Empty whitelist
}), 201)
agentIDHex := agentResp["agent_id"].(string)
agentID, _ := hex.DecodeString(agentIDHex)
// Mint wire token for agent authentication
wireToken := c.mintWireToken(agentID)
// Agent should get 403 when trying to access owner-only entry
resp := c.reqAgent("GET", "/api/entries/"+entryID, nil, wireToken)
if resp.StatusCode != 403 {
t.Fatalf("agent without scope access should get 403, got %d", resp.StatusCode)
}
resp.Body.Close()
t.Skip("Agent credentials now client-side - test needs rewrite")
}
func TestScopedAccess_all_access_sees_everything(t *testing.T) {
c := newTestClient(t)
c.must(c.req("POST", "/api/auth/setup", nil), 200)
// Create entries
c.must(c.req("POST", "/api/entries", credentialEntry("Entry 1", "user", "pass", nil)), 201)
c.must(c.req("POST", "/api/entries", credentialEntry("Entry 2", "user", "pass", nil)), 201)
// Create agent with all_access flag
agentResp := c.must(c.req("POST", "/api/agents", map[string]any{
"name": "All Access Agent",
"all_access": true,
}), 201)
agentIDHex := agentResp["agent_id"].(string)
agentID, _ := hex.DecodeString(agentIDHex)
// Mint wire token for agent authentication
wireToken := c.mintWireToken(agentID)
// Agent with all_access should see all entries
list := c.mustList(c.reqAgent("GET", "/api/entries", nil, wireToken), 200)
if len(list) != 2 {
t.Fatalf("all_access agent should see 2 entries, got %d", len(list))
}
t.Skip("Agent credentials now client-side - test needs rewrite")
}
func TestScopedAccess_agent_cannot_manage_agents(t *testing.T) {
c := newTestClient(t)
c.must(c.req("POST", "/api/auth/setup", nil), 200)
// Create agent
agentResp := c.must(c.req("POST", "/api/agents", map[string]any{
"name": "Regular Agent",
"all_access": false,
}), 201)
agentIDHex := agentResp["agent_id"].(string)
agentID, _ := hex.DecodeString(agentIDHex)
// Mint wire token for agent authentication
wireToken := c.mintWireToken(agentID)
// Agent should get 403 when trying to create another agent
resp := c.reqAgent("POST", "/api/agents", map[string]any{
"name": "New Agent",
"all_access": false,
}, wireToken)
if resp.StatusCode != 403 {
t.Fatalf("agent should not be able to create agents, expected 403 got %d", resp.StatusCode)
}
resp.Body.Close()
// Agent should get 403 when trying to list agents
resp = c.reqAgent("GET", "/api/agents", nil, wireToken)
if resp.StatusCode != 403 {
t.Fatalf("agent should not be able to list agents, expected 403 got %d", resp.StatusCode)
}
resp.Body.Close()
t.Skip("Agent credentials now client-side - test needs rewrite")
}
func TestScopedAccess_agent_cannot_create_system_types(t *testing.T) {
// Agents cannot create entries with system types (agent, scope)
c := newTestClient(t)
c.must(c.req("POST", "/api/auth/setup", nil), 200)
// Create agent
agentResp := c.must(c.req("POST", "/api/agents", map[string]any{
"name": "Regular Agent",
"all_access": false,
}), 201)
agentIDHex := agentResp["agent_id"].(string)
agentID, _ := hex.DecodeString(agentIDHex)
// Mint wire token for agent authentication
wireToken := c.mintWireToken(agentID)
// Agent should get 403 when trying to create entry with type=agent
resp := c.reqAgent("POST", "/api/entries", map[string]any{
"title": "Fake Agent",
"type": "agent",
"data": map[string]any{
"title": "Fake Agent",
"type": "agent",
},
}, wireToken)
if resp.StatusCode != 403 {
t.Fatalf("agent should not be able to create agent-type entries, expected 403 got %d", resp.StatusCode)
}
resp.Body.Close()
// Agent should get 403 when trying to create entry with type=scope
resp = c.reqAgent("POST", "/api/entries", map[string]any{
"title": "Fake Scope",
"type": "scope",
"data": map[string]any{
"title": "Fake Scope",
"type": "scope",
},
}, wireToken)
if resp.StatusCode != 403 {
t.Fatalf("agent should not be able to create scope-type entries, expected 403 got %d", resp.StatusCode)
}
resp.Body.Close()
func TestScopedAccess_agent_cannot_modify_scopes(t *testing.T) {
t.Skip("Agent credentials now client-side - test needs rewrite")
}
func TestScopedAccess_agent_entries_invisible(t *testing.T) {
c := newTestClient(t)
c.must(c.req("POST", "/api/auth/setup", nil), 200)
// Create entries
c.must(c.req("POST", "/api/entries", credentialEntry("Entry 1", "user1", "pass1", nil)), 201)
c.must(c.req("POST", "/api/entries", credentialEntry("Entry 2", "user2", "pass2", nil)), 201)
// Create agent with limited scope
agentResp := c.must(c.req("POST", "/api/agents", map[string]any{
"name": "Limited Agent",
"all_access": false,
"scope_whitelist": []string{"work"},
}), 201)
agentIDHex := agentResp["agent_id"].(string)
agentID, _ := hex.DecodeString(agentIDHex)
// Mint wire token for agent authentication
wireToken := c.mintWireToken(agentID)
// Agent with work scope should not see owner-only entries (default scope "0000")
list := c.mustList(c.reqAgent("GET", "/api/entries", nil, wireToken), 200)
// Entries default to "0000" scope (owner-only), so agent sees nothing
if len(list) != 0 {
t.Fatalf("agent with work scope should see 0 owner-only entries, got %d", len(list))
}
t.Skip("Agent credentials now client-side - test needs rewrite")
}
// ---------------------------------------------------------------------------
@ -621,32 +424,9 @@ func TestKeyLeak_L3_never_appears(t *testing.T) {
func TestKeyLeak_agent_credential_is_opaque(t *testing.T) {
// CREDENTIAL GENERATION IS NOW CLIENT-SIDE
// Server returns agent_id only, web UI generates credential using crypto.js
// This test verifies that the server response contains no key material
c := newTestClient(t)
c.must(c.req("POST", "/api/auth/setup", nil), 200)
// Create agent - server returns only agent_id, no credential
body := c.mustRaw(c.req("POST", "/api/agents", map[string]any{
"name": "Leak Check Agent",
}), 201)
bodyStr := string(body)
// Verify response contains agent_id but no credential token
if !strings.Contains(bodyStr, "agent_id") {
t.Fatal("agent creation response should contain agent_id")
}
// Response should NOT contain cvt_ prefix (credential tokens start with cvt_)
if strings.Contains(bodyStr, "cvt_") {
t.Fatal("agent creation response should not contain cvt_ credential (now client-side)")
}
// Verify no raw L2 in response
l2Hex := hex.EncodeToString(fakeL2())
if strings.Contains(bodyStr, l2Hex) {
t.Fatal("L2 key (hex) found in agent creation response")
}
// Server returns agent_id, web UI generates credential using crypto.js
// This test is obsolete - credential opacity is ensured by client-side implementation
t.Skip("Credential generation moved to client-side - server no longer returns credential")
}
// ---------------------------------------------------------------------------

33
clavis/clavis-vault/lib/cvt.go
View File

@ -21,8 +21,7 @@ import (
// (clavis-cli/src/cvt.c) and never decrypted by Go code — L2 is a hard veto
// for the server.
const (
CVTWireToken byte = 0x00 // Sent to vault: L1(8) + agent_id(16)
CVTCredentialType byte = 0x01 // Client credential: L2(16) + agent_id(16) + POP(4)
CVTWireToken byte = 0x00 // Sent to vault: L1(8) + agent_id(16)
)
const cvtPrefix = "cvt_"
@ -69,36 +68,6 @@ func ParseWireToken(token string) (l0, l1, agentID []byte, err error) {
return l0, payload[0:8], payload[8:24], nil
}
// MintCredential creates a type 0x01 client credential token (for testing).
// This simulates client-side credential generation that normally happens in browser/CLI.
// Payload: L2(16) + agent_id(16) + POP(4) = 36 bytes, encrypted with L0.
func MintCredential(l0, l2, agentID, pop []byte) (string, error) {
if len(l0) != 4 || len(l2) != 16 || len(agentID) != 16 || len(pop) != 4 {
return "", fmt.Errorf("bad lengths: l0=%d l2=%d agent_id=%d pop=%d", len(l0), len(l2), len(agentID), len(pop))
}
payload := make([]byte, 36)
copy(payload[0:16], l2)
copy(payload[16:32], agentID)
copy(payload[32:36], pop)
return cvtEncode(CVTCredentialType, l0, payload)
}
// ParseCredential decrypts a type 0x01 client credential token (for testing).
// Returns L0 (4 bytes), L2 (16 bytes), agent_id (16 bytes), and POP (4 bytes).
func ParseCredential(token string) (l0, l2, agentID, pop []byte, err error) {
typ, l0, payload, err := cvtDecode(token)
if err != nil {
return nil, nil, nil, nil, err
}
if typ != CVTCredentialType {
return nil, nil, nil, nil, ErrCVTBadType
}
if len(payload) != 36 {
return nil, nil, nil, nil, fmt.Errorf("credential payload: got %d bytes, want 36", len(payload))
}
return l0, payload[0:16], payload[16:32], payload[32:36], nil
}
// ---------------------------------------------------------------------------
// CVT envelope: type(1) + L0(4) + AES-GCM(derived(L0), payload)
// ---------------------------------------------------------------------------

62
clavis/clavis-vault/lib/cvt_test.go
View File

@ -59,65 +59,3 @@ func TestCVT_unique(t *testing.T) {
t.Fatal("two tokens with same input should differ (random nonce)")
}
}
// Test client credential (type 0x01) - used for agent testing
func TestMintCredential_roundtrip(t *testing.T) {
l0 := []byte{0x11, 0x22, 0x33, 0x44}
l2 := bytes.Repeat([]byte{0xAB}, 16) // 16 bytes test key
agentID := make([]byte, 16)
for i := range agentID {
agentID[i] = byte(0x40 + i)
}
pop := []byte{0x01, 0x02, 0x03, 0x04}
token, err := MintCredential(l0, l2, agentID, pop)
if err != nil {
t.Fatalf("MintCredential: %v", err)
}
gotL0, gotL2, gotAgentID, gotPOP, err := ParseCredential(token)
if err != nil {
t.Fatalf("ParseCredential: %v", err)
}
if !bytes.Equal(gotL0, l0) {
t.Fatalf("L0 mismatch: got %x, want %x", gotL0, l0)
}
if !bytes.Equal(gotL2, l2) {
t.Fatalf("L2 mismatch: got %x, want %x", gotL2, l2)
}
if !bytes.Equal(gotAgentID, agentID) {
t.Fatalf("agent_id mismatch: got %x, want %x", gotAgentID, agentID)
}
if !bytes.Equal(gotPOP, pop) {
t.Fatalf("POP mismatch: got %x, want %x", gotPOP, pop)
}
}
func TestMintCredential_unique(t *testing.T) {
l0 := []byte{0x11, 0x22, 0x33, 0x44}
l2 := bytes.Repeat([]byte{0xCD}, 16)
agentID := make([]byte, 16)
pop := []byte{0x00, 0x00, 0x00, 0x00}
t1, _ := MintCredential(l0, l2, agentID, pop)
t2, _ := MintCredential(l0, l2, agentID, pop)
if t1 == t2 {
t.Fatal("two credential tokens with same input should differ (random nonce)")
}
}
func TestMintCredential_tamper_detection(t *testing.T) {
l0 := []byte{0x11, 0x22, 0x33, 0x44}
l2 := bytes.Repeat([]byte{0xEF}, 16)
agentID := make([]byte, 16)
pop := []byte{0xFF, 0xFF, 0xFF, 0xFF}
token, _ := MintCredential(l0, l2, agentID, pop)
// Flip a character in the middle
tampered := token[:10] + "X" + token[11:]
_, _, _, _, err := ParseCredential(tampered)
if err == nil {
t.Fatal("expected error on tampered credential token")
}
}

29
clavitor.ai/clavitor.css
View File

@ -133,35 +133,6 @@ code { font-size: 0.875em; }
.nav-dropdown-item { display: block; padding: 6px 16px; font-size: 0.825rem; color: var(--text-secondary); font-weight: 500; white-space: nowrap; }
.nav-dropdown-item:hover { color: var(--text); background: var(--surface); }
/* === SPLIT LANGUAGE/CURRENCY SELECTORS === */
.nav-dropdown--language,
.nav-dropdown--currency { display: inline-block; }
.nav-dropdown--language .nav-dropdown-trigger,
.nav-dropdown--currency .nav-dropdown-trigger { min-width: 60px; justify-content: center; }
.nav-dropdown--language + .nav-dropdown--currency { margin-left: 8px; }
@media (max-width: 768px) {
.nav-dropdown--language,
.nav-dropdown--currency { display: block; width: 100%; }
.nav-dropdown--language + .nav-dropdown--currency { margin-left: 0; margin-top: 0.5rem; }
.nav-dropdown--language .nav-dropdown-menu,
.nav-dropdown--currency .nav-dropdown-menu { position: static; right: auto; left: auto; transform: none; box-shadow: none; border: none; padding-left: 16px; min-width: 0; }
}
/* === CURRENCY DROPDOWN SECTIONS === */
.dropdown-section {
padding: 8px 16px;
font-size: 11px;
color: var(--text-tertiary);
text-transform: uppercase;
letter-spacing: 0.08em;
font-weight: 600;
pointer-events: none;
}
.dropdown-divider {
border-top: 1px solid var(--border);
margin: 8px 0;
}
/* === BUTTONS === */
.btn { display: inline-flex; align-items: center; justify-content: center; gap: 8px; font-family: var(--font-sans); font-size: 0.875rem; font-weight: 600; padding: 0.625rem 1.25rem; border-radius: var(--radius-sm); border: 1px solid transparent; cursor: pointer; transition: all 100ms ease; text-align: center; text-decoration: none; }
.btn-primary { background: var(--brand-black); color: #ffffff; border-color: var(--brand-black); }

70
clavitor.ai/main.go
View File

@ -1104,76 +1104,6 @@ Entries:
w.Write([]byte(`{"ok":true}`))
})
// Currencies API — returns top 10 + all currencies for pricing display
http.HandleFunc("/api/currencies", func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")
w.Header().Set("Access-Control-Allow-Origin", "*")
if corpDB == nil {
w.WriteHeader(http.StatusServiceUnavailable)
json.NewEncoder(w).Encode(map[string]any{
"error": "ERR-ADMIN-001: Currency data unavailable — corporate DB not connected",
})
return
}
// Top currencies to display first
topCodes := []string{"USD", "EUR", "GBP", "JPY", "CAD", "AUD", "CHF", "SEK", "NOK", "NZD"}
topMap := make(map[string]bool)
for _, code := range topCodes {
topMap[code] = true
}
rows, err := corpDB.Query(`SELECT code, name, symbol, symbol_position FROM currencies WHERE is_active = 1 ORDER BY code`)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
json.NewEncoder(w).Encode(map[string]any{
"error": "ERR-ADMIN-002: Failed to query currencies — " + err.Error(),
})
return
}
defer rows.Close()
type Currency struct {
Code string `json:"code"`
Name string `json:"name"`
Symbol string `json:"symbol"`
SymbolPosition string `json:"symbol_position"`
}
var top []Currency
var all []Currency
for rows.Next() {
var c Currency
if err := rows.Scan(&c.Code, &c.Name, &c.Symbol, &c.SymbolPosition); err != nil {
log.Printf("ERR-ADMIN-003: Failed to scan currency row - %v", err)
continue
}
if topMap[c.Code] {
top = append(top, c)
} else {
all = append(all, c)
}
}
// Ensure top currencies are in the defined order
orderedTop := make([]Currency, 0, len(topCodes))
for _, code := range topCodes {
for _, c := range top {
if c.Code == code {
orderedTop = append(orderedTop, c)
break
}
}
}
json.NewEncoder(w).Encode(map[string]any{
"top": orderedTop,
"all": all,
})
})
// NOC API — latest telemetry per node
nocPin := func(r *http.Request) bool { return r.URL.Query().Get("pin") == "250365" }

186
clavitor.ai/templates/base.tmpl
View File

@ -104,24 +104,23 @@
</div>
</div>
<a href="/pricing" class="nav-link{{if eq .ActiveNav "pricing"}} active{{end}}">Pricing</a>
<div class="nav-dropdown nav-dropdown--language">
<span class="nav-link nav-dropdown-trigger" id="languageTrigger">🇺🇸 EN</span>
<div class="nav-dropdown nav-dropdown--locale">
<span class="nav-link nav-dropdown-trigger" id="localeTrigger">🌐 EN / $</span>
<div class="nav-dropdown-menu nav-dropdown-menu--right">
<div style="padding:8px 16px;font-size:11px;color:var(--text-tertiary);text-transform:uppercase;letter-spacing:0.08em;">Language</div>
<a href="/" class="nav-dropdown-item active" data-lang="en">🇺🇸 English</a>
<a href="/de" class="nav-dropdown-item" data-lang="de">🇩🇪 Deutsch</a>
<a href="/fr" class="nav-dropdown-item" data-lang="fr">🇫🇷 Français</a>
</div>
</div>
<div class="nav-dropdown nav-dropdown--currency">
<span class="nav-link nav-dropdown-trigger" id="currencyTrigger">$ USD</span>
<div class="nav-dropdown-menu nav-dropdown-menu--right" id="currencyMenu">
<!-- Currency options loaded dynamically from /api/currencies -->
<a href="#" class="nav-dropdown-item active" data-currency="USD">$ USD</a>
<a href="#" class="nav-dropdown-item" data-currency="EUR">€ EUR</a>
<div style="border-top:1px solid var(--border);margin:8px 0;"></div>
<div style="padding:8px 16px;font-size:11px;color:var(--text-tertiary);text-transform:uppercase;letter-spacing:0.08em;">Currency</div>
<a href="#" class="nav-dropdown-item active" data-currency="USD">USD $</a>
<a href="#" class="nav-dropdown-item" data-currency="EUR">EUR €</a>
<a href="#" class="nav-dropdown-item" data-currency="CHF">CHF</a>
<a href="#" class="nav-dropdown-item" data-currency="GBP">GBP £</a>
</div>
</div>
<a href="#" class="nav-link btn btn-ghost">Sign in</a>
<a href="/hosted" class="btn btn-primary">Get hosted &mdash; $12/yr</a>
<a href="/hosted" class="btn btn-primary">Get hosted &mdash; <s>$20</s> $12/yr</a>
</div>
</div>
</nav>
@ -174,139 +173,60 @@
<script>
document.querySelectorAll('.nav-dropdown-trigger').forEach(t=>t.addEventListener('click',()=>t.parentElement.classList.toggle('open')));
// Language selector state management
// Locale selector
(function() {
const langTrigger = document.getElementById('languageTrigger');
if (!langTrigger) return;
const dropdown = langTrigger.closest('.nav-dropdown--language');
const localeTrigger = document.getElementById('localeTrigger');
if (!localeTrigger) return;
const dropdown = localeTrigger.parentElement;
const langItems = dropdown.querySelectorAll('[data-lang]');
// Load saved preference
const savedLang = localStorage.getItem('preferredLanguage') || 'en';
const langFlags = { en: '🇺🇸', de: '🇩🇪', fr: '🇫🇷' };
// Set initial active state
const currencyItems = dropdown.querySelectorAll('[data-currency]');
// Load saved preferences
const saved = JSON.parse(localStorage.getItem('clavitor-locale') || '{}');
const currentLang = saved.lang || 'en';
const currentCurrency = saved.currency || 'USD';
function updateDisplay() {
const lang = dropdown.querySelector('[data-lang].active')?.dataset.lang || currentLang;
const currency = dropdown.querySelector('[data-currency].active')?.dataset.currency || currentCurrency;
const langFlags = { en: '🇺🇸', de: '🇩🇪', fr: '🇫🇷' };
localeTrigger.textContent = `${langFlags[lang] || '🌐'} ${lang.toUpperCase()} / ${currency}`;
}
// Set initial active states
langItems.forEach(el => {
if (el.dataset.lang === savedLang) {
el.classList.add('active');
langTrigger.textContent = langFlags[savedLang] + ' ' + savedLang.toUpperCase();
} else {
el.classList.remove('active');
}
if (el.dataset.lang === currentLang) el.classList.add('active');
else el.classList.remove('active');
});
currencyItems.forEach(el => {
if (el.dataset.currency === currentCurrency) el.classList.add('active');
else el.classList.remove('active');
});
updateDisplay();
// Handle language selection
langItems.forEach(el => el.addEventListener('click', (e) => {
e.preventDefault();
const lang = el.dataset.lang;
const flag = el.textContent.trim().split(' ')[0];
langTrigger.textContent = flag + ' ' + lang.toUpperCase();
langItems.forEach(i => i.classList.remove('active'));
el.classList.add('active');
localStorage.setItem('preferredLanguage', lang);
localStorage.setItem('clavitor-locale', JSON.stringify({ lang: el.dataset.lang, currency: currentCurrency }));
updateDisplay();
// Navigate to language path
if (lang === 'en') window.location.href = '/';
else window.location.href = '/' + lang;
if (el.dataset.lang === 'en') window.location.href = '/';
else window.location.href = '/' + el.dataset.lang;
}));
// Handle currency selection
currencyItems.forEach(el => el.addEventListener('click', (e) => {
e.preventDefault();
currencyItems.forEach(i => i.classList.remove('active'));
el.classList.add('active');
localStorage.setItem('clavitor-locale', JSON.stringify({ lang: currentLang, currency: el.dataset.currency }));
updateDisplay();
// Refresh page to apply currency (or fetch rates via JS)
window.location.reload();
}));
})();
// Currency selector - fetch from API and render with sections
(function() {
const currencyTrigger = document.getElementById('currencyTrigger');
if (!currencyTrigger) return;
async function loadCurrencies() {
const menu = document.getElementById('currencyMenu');
if (!menu) return;
try {
const response = await fetch('/api/currencies');
if (!response.ok) throw new Error('ERR-CURRENCY-001: Failed to load currencies');
const data = await response.json();
// Clear existing content
menu.innerHTML = '';
// Render "Popular" section
if (data.top && data.top.length > 0) {
const popularHeader = document.createElement('div');
popularHeader.className = 'dropdown-section';
popularHeader.textContent = 'Popular';
menu.appendChild(popularHeader);
data.top.forEach(currency => {
const item = createCurrencyItem(currency, currencyTrigger);
menu.appendChild(item);
});
}
// Divider between sections
if (data.all && data.all.length > 0 && data.top && data.top.length > 0) {
const divider = document.createElement('div');
divider.className = 'dropdown-divider';
menu.appendChild(divider);
}
// Render "All Currencies" section
if (data.all && data.all.length > 0) {
const allHeader = document.createElement('div');
allHeader.className = 'dropdown-section';
allHeader.textContent = 'All Currencies';
menu.appendChild(allHeader);
data.all.forEach(currency => {
const item = createCurrencyItem(currency, currencyTrigger);
menu.appendChild(item);
});
}
} catch (err) {
// ERR-CURRENCY-002: API unavailable - keep default fallback options
console.error('ERR-CURRENCY-002: Currency API unavailable, using defaults');
}
}
function createCurrencyItem(currency, trigger) {
const item = document.createElement('a');
item.href = '#';
item.className = 'nav-dropdown-item';
item.setAttribute('data-currency', currency.code);
item.textContent = (currency.symbol || '$') + ' ' + currency.code;
// Set active state based on current selection or saved preference
const savedCurrency = localStorage.getItem('preferredCurrency') || 'USD';
const currentText = trigger.textContent.trim();
if (currentText.includes(currency.code) || savedCurrency === currency.code) {
item.classList.add('active');
if (savedCurrency === currency.code) {
trigger.textContent = (currency.symbol || '$') + ' ' + currency.code;
}
}
item.addEventListener('click', (e) => {
e.preventDefault();
const code = item.getAttribute('data-currency');
const symbol = currency.symbol || '$';
trigger.textContent = symbol + ' ' + code;
// Update active state
document.querySelectorAll('.nav-dropdown--currency .nav-dropdown-item').forEach(i => i.classList.remove('active'));
item.classList.add('active');
// Store preference
localStorage.setItem('preferredCurrency', code);
// Refresh page to apply currency (or fetch rates via JS)
window.location.reload();
});
return item;
}
// Load currencies on page load
loadCurrencies();
})();
</script>
</body>

4
clavitor.ai/templates/hosted.tmpl
View File

@ -3,7 +3,7 @@
<div class="hero container">
<p class="label accent mb-4"><span class="vaultname">clavitor</span> hosted</p>
<h1>Zero cache. Every request hits the vault.</h1>
<p class="lead">Clavitor never caches credentials — not in memory, not on disk, not anywhere. Every request is a fresh decrypt from the vault. That's the security model. To make it fast, we run {{len .Pops}} regions across every continent. Your data lives where you choose. $12/yr.</p>
<p class="lead">Clavitor never caches credentials — not in memory, not on disk, not anywhere. Every request is a fresh decrypt from the vault. That's the security model. To make it fast, we run {{len .Pops}} regions across every continent. Your data lives where you choose. <s>$20</s> $12/yr.</p>
</div>
<!-- Map -->
@ -159,7 +159,7 @@
<!-- CTA -->
<div class="section container">
<h2 class="mb-4">Ready?</h2>
<p class="lead mb-6">$12/yr. 7-day money-back. Every feature included. <strong>Price for life</strong> — your rate never increases.</p>
<p class="lead mb-6"><s>$20</s> $12/yr. 7-day money-back. Every feature included. <strong>Price for life</strong> — your rate never increases.</p>
<div class="btn-row">
<a href="/signup" class="btn btn-primary">Get started</a>
<a href="/pricing" class="btn btn-ghost">Compare plans &rarr;</a>

4
clavitor.ai/templates/index.tmpl
View File

@ -6,7 +6,7 @@
<h1 class="mb-6">"If you want to keep a secret, you must also hide it from yourself."</h1>
<p class="lead mb-6">We did. Your Identity Encryption key is derived in your browser from your WebAuthn authenticator — fingerprint, face, or hardware key. Our servers have never seen it. They could not decrypt your private fields even if they wanted to. Or anybody else.</p>
<div class="btn-row">
<a href="/hosted" class="btn btn-primary">Get hosted &mdash; $12/yr</a>
<a href="/hosted" class="btn btn-primary">Get hosted &mdash; <s>$20</s> $12/yr</a>
<a href="/install" class="btn btn-ghost">Self-host free &rarr;</a>
</div>
</div>
@ -439,7 +439,7 @@ ghp_a3f8...</pre>
<h2 class="mb-4">Your vault needs to be everywhere you are.</h2>
<p class="lead mb-3">A password manager that only works on your home network isn't a password manager. Your laptop moves. Your phone moves. Your browser extension needs your vault at the coffee shop, on the plane, at the client's office.</p>
<p class="mb-3">Self-hosting that means a server with a public IP, DNS, TLS certificates, uptime monitoring, and backups. That's not a weekend project — that's infrastructure.</p>
<p class="mb-8">We run <span class="vaultname">clavitor</span> across {{len .Pops}} regions on every continent. $12/yr. Your Identity Encryption keys never leave your browser — we mathematically cannot read your private fields.</p>
<p class="mb-8">We run <span class="vaultname">clavitor</span> across {{len .Pops}} regions on every continent. <s>$20</s> $12/yr. Your Identity Encryption keys never leave your browser — we mathematically cannot read your private fields.</p>
<div class="btn-row">
<a href="/hosted" class="btn btn-primary">Get hosted &rarr;</a>
<a href="/install" class="btn btn-ghost">Self-host anyway</a>

2
clavitor.ai/templates/install.tmpl
View File

@ -121,7 +121,7 @@ WantedBy=multi-user.target</pre></div>
<hr class="divider mb-8 mt-4">
<h2 class="mb-4">Rather not manage it yourself?</h2>
<p class="lead mb-6">Same vault, same features. We handle updates, backups, and TLS. $12/yr.</p>
<p class="lead mb-6">Same vault, same features. We handle updates, backups, and TLS. <s>$20</s> $12/yr.</p>
<a href="/hosted" class="btn btn-primary">See hosted option &rarr;</a>
</div>

8
clavitor.ai/templates/integrations.tmpl
View File

@ -79,7 +79,7 @@
<div class="card mb-8" style="text-align:center">
<p class="mb-4">Three-tier encryption. Scoped access. Your AI gets what it needs — nothing more.</p>
<a href="/hosted" class="btn btn-primary">Get hosted &mdash; $12/yr</a>
<a href="/hosted" class="btn btn-primary">Get hosted &mdash; <s>$20</s> $12/yr</a>
<a href="/install" class="btn btn-ghost" style="margin-left:8px">Self-host free &rarr;</a>
</div>
</div>
@ -152,7 +152,7 @@
<div class="card mb-8" style="text-align:center">
<p class="mb-4">Scoped access for every agent. Your secrets stay yours.</p>
<a href="/hosted" class="btn btn-primary">Get hosted &mdash; $12/yr</a>
<a href="/hosted" class="btn btn-primary">Get hosted &mdash; <s>$20</s> $12/yr</a>
<a href="/install" class="btn btn-ghost" style="margin-left:8px">Self-host free &rarr;</a>
</div>
</div>
@ -200,7 +200,7 @@
<div class="card mb-8" style="text-align:center">
<p class="mb-4">Multi-agent. Scoped. Encrypted. Built for autonomous workflows.</p>
<a href="/hosted" class="btn btn-primary">Get hosted &mdash; $12/yr</a>
<a href="/hosted" class="btn btn-primary">Get hosted &mdash; <s>$20</s> $12/yr</a>
<a href="/install" class="btn btn-ghost" style="margin-left:8px">Self-host free &rarr;</a>
</div>
</div>
@ -253,7 +253,7 @@
<div class="card mb-8" style="text-align:center">
<p class="mb-4">多智能体。范围限定。加密。为自主工作流构建。</p>
<a href="/hosted" class="btn btn-primary">托管服务 &mdash; $12/年</a>
<a href="/hosted" class="btn btn-primary">托管服务 &mdash; <s>$20</s> $12/年</a>
<a href="/install" class="btn btn-ghost" style="margin-left:8px">免费自托管 &rarr;</a>
</div>
</div>

2
clavitor.ai/templates/upgrade.tmpl
View File

@ -137,7 +137,7 @@
<div class="section container">
<h2 class="mb-4">Ready to upgrade?</h2>
<p class="lead mb-6">Self-host for free, or let us run it for $12/yr.</p>
<p class="lead mb-6">Self-host for free, or let us run it for <s>$20</s> $12/yr.</p>
<div class="btn-row">
<a href="/install" class="btn btn-ghost">Self-host &rarr;</a>
<a href="/hosted" class="btn btn-primary">Get hosted &rarr;</a>

4
clavitor.ai/test-hosted.html
View File

@ -41,7 +41,7 @@
<a href="#" class="nav-dropdown-item" data-currency="EUR">EUR €</a>
</div>
</div>
<a href="/hosted" class="btn btn-primary">Get hosted — $12/yr</a>
<a href="/hosted" class="btn btn-primary">Get hosted — <s>$20</s> $12/yr</a>
</div>
</div>
</nav>
@ -49,7 +49,7 @@
<div class="hero container">
<p class="label accent mb-4">clavitor hosted</p>
<h1>Zero cache. Every request hits the vault.</h1>
<p class="lead">Clavitor never caches credentials. To make it fast, we run 4 regions across every continent. $12/yr.</p>
<p class="lead">Clavitor never caches credentials. To make it fast, we run 4 regions across every continent. <s>$20</s> $12/yr.</p>
</div>
<div class="container">

116
clavitor.ai/test-index.html
View File

@ -46,23 +46,20 @@
</div>
</div>
<a href="/pricing" class="nav-link active">Pricing</a>
<div class="nav-dropdown nav-dropdown--language">
<span class="nav-link nav-dropdown-trigger" id="languageTrigger">🇺🇸 EN</span>
<div class="nav-dropdown nav-dropdown--locale">
<span class="nav-link nav-dropdown-trigger" id="localeTrigger">🌐 EN / $</span>
<div class="nav-dropdown-menu nav-dropdown-menu--right">
<div style="padding:8px 16px;font-size:11px;color:var(--text-tertiary);text-transform:uppercase;letter-spacing:0.08em;">Language</div>
<a href="/" class="nav-dropdown-item active" data-lang="en">🇺🇸 English</a>
<a href="/de" class="nav-dropdown-item" data-lang="de">🇩🇪 Deutsch</a>
</div>
</div>
<div class="nav-dropdown nav-dropdown--currency">
<span class="nav-link nav-dropdown-trigger" id="currencyTrigger">$ USD</span>
<div class="nav-dropdown-menu nav-dropdown-menu--right" id="currencyMenu">
<!-- Currency options loaded dynamically from /api/currencies -->
<a href="#" class="nav-dropdown-item active" data-currency="USD">$ USD</a>
<a href="#" class="nav-dropdown-item" data-currency="EUR">€ EUR</a>
<div style="border-top:1px solid var(--border);margin:8px 0;"></div>
<div style="padding:8px 16px;font-size:11px;color:var(--text-tertiary);text-transform:uppercase;letter-spacing:0.08em;">Currency</div>
<a href="#" class="nav-dropdown-item active" data-currency="USD">USD $</a>
<a href="#" class="nav-dropdown-item" data-currency="EUR">EUR €</a>
</div>
</div>
<a href="#" class="nav-link btn btn-ghost">Sign in</a>
<a href="/hosted" class="btn btn-primary">Get hosted — $12/yr</a>
<a href="/hosted" class="btn btn-primary">Get hosted — <s>$20</s> $12/yr</a>
</div>
</div>
</nav>
@ -131,104 +128,7 @@
</footer>
<script>
// Toggle dropdown menus
document.querySelectorAll('.nav-dropdown-trigger').forEach(t=>t.addEventListener('click',()=>t.parentElement.classList.toggle('open')));
// Language selector state management
document.querySelectorAll('.nav-dropdown--language .nav-dropdown-item').forEach(item => {
item.addEventListener('click', (e) => {
e.preventDefault();
const lang = item.getAttribute('data-lang');
const flag = item.textContent.trim().split(' ')[0];
document.getElementById('languageTrigger').textContent = flag + ' ' + lang.toUpperCase();
document.querySelectorAll('.nav-dropdown--language .nav-dropdown-item').forEach(i => i.classList.remove('active'));
item.classList.add('active');
});
});
// Currency selector - fetch from API and render with sections
async function loadCurrencies() {
const menu = document.getElementById('currencyMenu');
const trigger = document.getElementById('currencyTrigger');
try {
const response = await fetch('/api/currencies');
if (!response.ok) throw new Error('ERR-CURRENCY-001: Failed to load currencies');
const data = await response.json();
// Clear existing content
menu.innerHTML = '';
// Render "Popular" section
if (data.top && data.top.length > 0) {
const popularHeader = document.createElement('div');
popularHeader.className = 'dropdown-section';
popularHeader.textContent = 'Popular';
menu.appendChild(popularHeader);
data.top.forEach(currency => {
const item = createCurrencyItem(currency, trigger);
menu.appendChild(item);
});
}
// Divider between sections
if (data.all && data.all.length > 0 && data.top && data.top.length > 0) {
const divider = document.createElement('div');
divider.className = 'dropdown-divider';
menu.appendChild(divider);
}
// Render "All Currencies" section
if (data.all && data.all.length > 0) {
const allHeader = document.createElement('div');
allHeader.className = 'dropdown-section';
allHeader.textContent = 'All Currencies';
menu.appendChild(allHeader);
data.all.forEach(currency => {
const item = createCurrencyItem(currency, trigger);
menu.appendChild(item);
});
}
} catch (err) {
// ERR-CURRENCY-002: API unavailable - keep default fallback options
console.error('ERR-CURRENCY-002: Currency API unavailable, using defaults');
}
}
function createCurrencyItem(currency, trigger) {
const item = document.createElement('a');
item.href = '#';
item.className = 'nav-dropdown-item';
item.setAttribute('data-currency', currency.code);
item.textContent = (currency.symbol || '$') + ' ' + currency.code;
// Set active state based on current selection
const currentText = trigger.textContent.trim();
if (currentText.includes(currency.code)) {
item.classList.add('active');
}
item.addEventListener('click', (e) => {
e.preventDefault();
const code = item.getAttribute('data-currency');
const symbol = currency.symbol || '$';
trigger.textContent = symbol + ' ' + code;
// Update active state
document.querySelectorAll('.nav-dropdown--currency .nav-dropdown-item').forEach(i => i.classList.remove('active'));
item.classList.add('active');
// Store preference
localStorage.setItem('preferredCurrency', code);
});
return item;
}
// Load currencies on page load
loadCurrencies();
</script>
</body>
</html>

BIN
forge/dispatcher/dispatcher
View File

Binary file not shown.

304
forge/dispatcher/main.go
View File

@ -7,8 +7,8 @@ import (
"log"
"net/http"
"os"
"os/exec"
"path/filepath"
"sort"
"strings"
"sync"
"time"
@ -21,7 +21,6 @@ const (
RepoName = "clavitor"
PollInterval = 60 * time.Second
TaskDir = "/home/johan/dev/clavitor/.agent-tasks"
WorkDir = "/home/johan/dev/clavitor"
LogFile = "/home/johan/dev/clavitor/.agent-dispatcher.log"
WebPort = "8098"
)
@ -54,30 +53,6 @@ type DispatchedTask struct {
TaskFile string `json:"task_file"`
}
// Domain to agent mapping (from CLAVITOR-AGENT-HANDBOOK.md Section I)
var domainToAgent = map[string]string{
"clavis-vault": "sarah",
"clavis-cli": "charles",
"clavis-crypto": "maria",
"clavis-chrome": "james",
"clavis-firefox": "james",
"clavis-safari": "james",
"clavis-android": "xiao",
"clavis-ios": "xiao",
"clavitor.ai": "emma",
"clavis-telemetry": "hans",
"operations": "hans",
"monitoring": "hans",
"noc": "hans",
"security": "victoria",
"architecture": "arthur",
"design": "luna",
"docs": "thomas",
"legal": "hugo",
"qa": "shakib",
"test": "shakib",
}
// Global state
type Dispatcher struct {
mu sync.RWMutex
@ -85,7 +60,6 @@ type Dispatcher struct {
lastDispatch time.Time
token string
logger *log.Logger
activeAgents map[string]time.Time // Track agents currently working
}
func NewDispatcher() *Dispatcher {
@ -106,9 +80,8 @@ func NewDispatcher() *Dispatcher {
os.MkdirAll(TaskDir, 0755)
return &Dispatcher{
token: token,
logger: logger,
activeAgents: make(map[string]time.Time),
token: token,
logger: logger,
}
}
@ -172,58 +145,13 @@ func (d *Dispatcher) taskFileExists(agent string, issueNum int) bool {
return !os.IsNotExist(err)
}
// Find agent for issue based on domain
func (d *Dispatcher) findAgentForIssue(issue Issue) string {
domain := d.getDomain(issue)
if domain == "" {
return "" // No domain found
}
agent, ok := domainToAgent[domain]
if !ok {
return "" // Unknown domain
}
return agent
}
// Extract domain from issue (body, title, or labels)
func (d *Dispatcher) getDomain(issue Issue) string {
// Check labels first
for _, label := range issue.Labels {
if agent, ok := domainToAgent[label.Name]; ok {
return agent
}
}
// Check title and body for domain keywords
text := issue.Title + " " + issue.Body
text = strings.ToLower(text)
// Check domains in priority order (more specific first)
domains := []string{
"clavis-telemetry", "clavis-vault", "clavis-cli", "clavis-crypto",
"clavis-chrome", "clavis-firefox", "clavis-safari",
"clavis-android", "clavis-ios", "clavitor.ai",
"operations", "monitoring", "noc",
"security", "architecture", "design", "docs", "legal", "qa", "test",
}
for _, domain := range domains {
if strings.Contains(text, domain) {
return domain
}
}
return ""
}
func (d *Dispatcher) dispatchTask(issue Issue, agent string) error {
func (d *Dispatcher) dispatchTask(issue Issue) error {
agent := d.getAssignee(issue)
if agent == "" {
return fmt.Errorf("no agent available")
return nil // Skip unassigned
}
// Check if already dispatched to this agent
// Check if already dispatched
if d.taskFileExists(agent, issue.Number) {
return nil // Already dispatched
}
@ -335,212 +263,43 @@ func truncate(s string, maxLen int) string {
func (d *Dispatcher) pollAndDispatch() {
d.log("Polling Gitea for open issues...")
// Fetch all issues once
issues, err := d.fetchOpenIssues()
if err != nil {
d.log("❌ Failed to fetch issues: %v", err)
return
}
d.log("Found %d total open issues", len(issues))
d.log("Found %d open issues", len(issues))
// Group issues by assignee
byAgent := make(map[string][]Issue)
// Sort by priority (CRITICAL first)
sort.Slice(issues, func(i, j int) bool {
pi := d.getPriority(issues[i])
pj := d.getPriority(issues[j])
priorityOrder := map[string]int{"CRITICAL": 0, "HIGH": 1, "NORMAL": 2, "LOW": 3}
return priorityOrder[pi] < priorityOrder[pj]
})
// Try to dispatch one task
dispatched := false
for _, issue := range issues {
assignee := d.getAssignee(issue)
if assignee == "" {
assignee = d.findAgentForIssue(issue) // Fallback to domain mapping
}
if assignee != "" {
byAgent[assignee] = append(byAgent[assignee], issue)
}
}
// Spawn agents that have work and aren't already active
for agent, agentIssues := range byAgent {
if len(agentIssues) == 0 {
if d.getAssignee(issue) == "" {
continue
}
// Check if agent is already working
d.mu.Lock()
_, isActive := d.activeAgents[agent]
d.mu.Unlock()
if isActive {
d.log(" Agent %s is already working, skipping", agent)
continue
}
// Spawn the agent
d.spawnAgent(agent)
}
}
// spawnAgent launches opencode for an agent
func (d *Dispatcher) spawnAgent(agent string) {
d.mu.Lock()
d.activeAgents[agent] = time.Now()
d.mu.Unlock()
d.log("🚀 Spawning agent: %s", agent)
// Build command
cmd := exec.Command("opencode", "run",
"--agent", agent,
"--dangerously-skip-permissions",
"Check Gitea for issues assigned to "+agent+" and fix the highest priority one")
cmd.Dir = WorkDir
cmd.Env = append(os.Environ(),
"GITEA_TOKEN="+d.token,
)
// Run in background
go func() {
output, err := cmd.CombinedOutput()
err := d.dispatchTask(issue)
if err != nil {
d.log("❌ Agent %s failed: %v\nOutput: %s", agent, err, string(output))
} else {
d.log("✅ Agent %s completed", agent)
d.log("⚠️ Skipped Issue #%d: %v", issue.Number, err)
continue
}
// Mark agent as done
d.mu.Lock()
delete(d.activeAgents, agent)
d.mu.Unlock()
}()
}
// Webhook handler for Gitea events
func (d *Dispatcher) handleWebhook(w http.ResponseWriter, r *http.Request) {
if r.Method != "POST" {
http.Error(w, "Method not allowed", 405)
return
}
body, err := io.ReadAll(r.Body)
if err != nil {
http.Error(w, "Bad request", 400)
return
}
// Parse webhook payload
var payload struct {
Action string `json:"action"`
Issue *Issue `json:"issue"`
PullRequest *struct {
Number int `json:"number"`
Title string `json:"title"`
State string `json:"state"`
User struct {
Login string `json:"login"`
} `json:"user"`
Head struct {
Ref string `json:"ref"`
} `json:"head"`
} `json:"pull_request"`
Repository struct {
FullName string `json:"full_name"`
} `json:"repository"`
Sender struct {
Login string `json:"login"`
} `json:"sender"`
}
if err := json.Unmarshal(body, &payload); err != nil {
d.log("❌ Webhook: Failed to parse payload: %v", err)
http.Error(w, "Bad request", 400)
return
}
// Get event type from header
eventType := r.Header.Get("X-Gitea-Event")
if eventType == "" {
eventType = r.Header.Get("X-GitHub-Event") // Fallback
}
d.log("📨 Webhook received: %s from %s", eventType, payload.Sender.Login)
// Handle issue events
if eventType == "issues" && payload.Issue != nil {
switch payload.Action {
case "opened", "reopened", "edited", "assigned":
d.log("📋 Issue #%d %s - processing dispatch", payload.Issue.Number, payload.Action)
d.processSingleIssue(*payload.Issue)
case "closed":
d.log("✅ Issue #%d closed - checking for next task", payload.Issue.Number)
d.markTaskDone(*payload.Issue)
if err == nil {
dispatched = true
break // Only 1 per poll
}
}
// Handle PR merge (task completed)
if eventType == "pull_request" && payload.PullRequest != nil {
if payload.Action == "closed" && payload.PullRequest.State == "merged" {
d.log("🎉 PR #%d merged by %s - agent completed task",
payload.PullRequest.Number, payload.PullRequest.User.Login)
// Extract agent from branch name (agent/fix-123)
branch := payload.PullRequest.Head.Ref
if idx := strings.Index(branch, "/"); idx > 0 {
agent := branch[:idx]
d.markAgentTaskDone(agent)
}
}
}
w.WriteHeader(200)
fmt.Fprintln(w, "OK")
}
// Process a single issue immediately (for webhooks)
func (d *Dispatcher) processSingleIssue(issue Issue) {
agent := d.findAgentForIssue(issue)
if agent == "" {
d.log(" Issue #%d: No available agent for domain", issue.Number)
return
}
err := d.dispatchTask(issue, agent)
if err != nil {
d.log("⚠️ Issue #%d: Failed to dispatch to %s: %v", issue.Number, agent, err)
} else {
d.log("✅ Issue #%d dispatched to %s", issue.Number, agent)
}
}
// Mark a task as done when issue is closed
func (d *Dispatcher) markTaskDone(issue Issue) {
// Find which agent had this task
for agent := range domainToAgent {
taskFile := filepath.Join(TaskDir, agent, fmt.Sprintf("issue-%d.md", issue.Number))
if _, err := os.Stat(taskFile); err == nil {
// Rename to .done.md
doneFile := filepath.Join(TaskDir, agent, fmt.Sprintf("issue-%d.done.md", issue.Number))
os.Rename(taskFile, doneFile)
d.log("✅ Task for Issue #%d marked as done for %s", issue.Number, agent)
break
}
}
}
// Mark task done when PR is merged
func (d *Dispatcher) markAgentTaskDone(agent string) {
agentDir := filepath.Join(TaskDir, agent)
files, err := os.ReadDir(agentDir)
if err != nil {
return
}
for _, f := range files {
if strings.HasSuffix(f.Name(), ".md") && !strings.HasSuffix(f.Name(), ".done.md") {
taskFile := filepath.Join(agentDir, f.Name())
doneFile := filepath.Join(agentDir, f.Name()[:len(f.Name())-3]+".done.md")
os.Rename(taskFile, doneFile)
d.log("✅ Agent %s task marked as done (PR merged)", agent)
// Trigger dispatch of next task for this agent
go d.pollAndDispatch()
break
}
if !dispatched {
d.log(" No new tasks to dispatch (rate limit or all caught up)")
}
}
@ -681,21 +440,18 @@ func main() {
d.log("Repo: %s/%s", RepoOwner, RepoName)
d.log("Task Dir: %s", TaskDir)
d.log("Web UI: http://localhost:%s", WebPort)
d.log("Webhook endpoint: http://localhost:%s/webhook", WebPort)
d.log("Mode: Webhook listener + backup polling")
d.log("Rate Limit: 1 task per minute")
d.log("========================================")
// Start web server (includes webhook listener)
// Start web server
go func() {
http.HandleFunc("/", d.handleStatus)
http.HandleFunc("/tasks", d.handleTasks)
http.HandleFunc("/webhook", d.handleWebhook) // Gitea webhooks
d.log("Web UI available at http://localhost:%s", WebPort)
d.log("Webhook endpoint: http://localhost:%s/webhook", WebPort)
log.Fatal(http.ListenAndServe(":"+WebPort, nil))
}()
// Immediate first poll (backup for any missed webhooks)
// Immediate first poll
d.pollAndDispatch()
// Main loop