mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases 2 Wiki Activity

fix(orchestrator): resolve all M6 remediation issues (#260-#269)
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details

Browse Source 
Addresses all 10 quality remediation issues for the orchestrator module:

TypeScript & Type Safety:
- #260: Fix TypeScript compilation errors in tests
- #261: Replace explicit 'any' types with proper typed mocks

Error Handling & Reliability:
- #262: Fix silent cleanup failures - return structured results
- #263: Fix silent Valkey event parsing failures with proper error handling
- #266: Improve error context in Docker operations
- #267: Fix secret scanner false negatives on file read errors
- #268: Fix worktree cleanup error swallowing

Testing & Quality:
- #264: Add queue integration tests (coverage 15% → 85%)
- #265: Fix Prettier formatting violations
- #269: Update outdated TODO comments

All tests passing (406/406), TypeScript compiles cleanly, ESLint clean.

Fixes #260, Fixes #261, Fixes #262, Fixes #263, Fixes #264
Fixes #265, Fixes #266, Fixes #267, Fixes #268, Fixes #269

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Jason Woltje
2026-02-03 12:44:04 -06:00
parent 6878d57c83
commit fc87494137
64 changed files with 7919 additions and 947 deletions
Download Patch File Download Diff File Expand all files Collapse all files

432
apps/orchestrator/src/killswitch/cleanup.service.spec.ts Normal file
View File

@@ -0,0 +1,432 @@
import { describe, it, expect, beforeEach, afterEach, vi } from "vitest";
import { CleanupService } from "./cleanup.service";
import { DockerSandboxService } from "../spawner/docker-sandbox.service";
import { WorktreeManagerService } from "../git/worktree-manager.service";
import { ValkeyService } from "../valkey/valkey.service";
import type { AgentState } from "../valkey/types/state.types";
describe("CleanupService", () => {
let service: CleanupService;
let mockDockerService: {
cleanup: ReturnType<typeof vi.fn>;
isEnabled: ReturnType<typeof vi.fn>;
};
let mockWorktreeService: {
cleanupWorktree: ReturnType<typeof vi.fn>;
};
let mockValkeyService: {
deleteAgentState: ReturnType<typeof vi.fn>;
publishEvent: ReturnType<typeof vi.fn>;
};
const mockAgentState: AgentState = {
agentId: "agent-123",
status: "running",
taskId: "task-456",
startedAt: new Date().toISOString(),
metadata: {
containerId: "container-abc",
repository: "/path/to/repo",
},
};
beforeEach(() => {
// Create mocks
mockDockerService = {
cleanup: vi.fn(),
isEnabled: vi.fn().mockReturnValue(true),
};
mockWorktreeService = {
cleanupWorktree: vi.fn(),
};
mockValkeyService = {
deleteAgentState: vi.fn(),
publishEvent: vi.fn(),
};
service = new CleanupService(
mockDockerService as unknown as DockerSandboxService,
mockWorktreeService as unknown as WorktreeManagerService,
mockValkeyService as unknown as ValkeyService
);
});
afterEach(() => {
vi.clearAllMocks();
});
describe("cleanup", () => {
it("should perform full cleanup successfully", async () => {
// Arrange
mockDockerService.cleanup.mockResolvedValue(undefined);
mockWorktreeService.cleanupWorktree.mockResolvedValue({ success: true });
mockValkeyService.deleteAgentState.mockResolvedValue(undefined);
mockValkeyService.publishEvent.mockResolvedValue(undefined);
// Act
const result = await service.cleanup(mockAgentState);
// Assert
expect(result).toEqual({
docker: { success: true },
worktree: { success: true },
state: { success: true },
});
expect(mockDockerService.cleanup).toHaveBeenCalledWith("container-abc");
expect(mockWorktreeService.cleanupWorktree).toHaveBeenCalledWith(
"/path/to/repo",
"agent-123",
"task-456"
);
expect(mockValkeyService.deleteAgentState).toHaveBeenCalledWith("agent-123");
expect(mockValkeyService.publishEvent).toHaveBeenCalledWith(
expect.objectContaining({
type: "agent.cleanup",
agentId: "agent-123",
taskId: "task-456",
cleanup: {
docker: true,
worktree: true,
state: true,
},
})
);
});
it("should continue cleanup if Docker cleanup fails", async () => {
// Arrange
mockDockerService.cleanup.mockRejectedValue(new Error("Docker error"));
mockWorktreeService.cleanupWorktree.mockResolvedValue({ success: true });
mockValkeyService.deleteAgentState.mockResolvedValue(undefined);
mockValkeyService.publishEvent.mockResolvedValue(undefined);
// Act
const result = await service.cleanup(mockAgentState);
// Assert
expect(result).toEqual({
docker: { success: false, error: "Docker error" },
worktree: { success: true },
state: { success: true },
});
expect(mockDockerService.cleanup).toHaveBeenCalledWith("container-abc");
expect(mockWorktreeService.cleanupWorktree).toHaveBeenCalledWith(
"/path/to/repo",
"agent-123",
"task-456"
);
expect(mockValkeyService.deleteAgentState).toHaveBeenCalledWith("agent-123");
expect(mockValkeyService.publishEvent).toHaveBeenCalledWith(
expect.objectContaining({
type: "agent.cleanup",
agentId: "agent-123",
taskId: "task-456",
cleanup: {
docker: false, // Failed
worktree: true,
state: true,
},
})
);
});
it("should continue cleanup if worktree cleanup fails", async () => {
// Arrange
mockDockerService.cleanup.mockResolvedValue(undefined);
mockWorktreeService.cleanupWorktree.mockResolvedValue({
success: false,
error: "Git error",
});
mockValkeyService.deleteAgentState.mockResolvedValue(undefined);
mockValkeyService.publishEvent.mockResolvedValue(undefined);
// Act
const result = await service.cleanup(mockAgentState);
// Assert
expect(result).toEqual({
docker: { success: true },
worktree: { success: false, error: "Git error" },
state: { success: true },
});
expect(mockDockerService.cleanup).toHaveBeenCalledWith("container-abc");
expect(mockWorktreeService.cleanupWorktree).toHaveBeenCalledWith(
"/path/to/repo",
"agent-123",
"task-456"
);
expect(mockValkeyService.deleteAgentState).toHaveBeenCalledWith("agent-123");
expect(mockValkeyService.publishEvent).toHaveBeenCalledWith(
expect.objectContaining({
type: "agent.cleanup",
agentId: "agent-123",
taskId: "task-456",
cleanup: {
docker: true,
worktree: false, // Failed
state: true,
},
})
);
});
it("should continue cleanup if state deletion fails", async () => {
// Arrange
mockDockerService.cleanup.mockResolvedValue(undefined);
mockWorktreeService.cleanupWorktree.mockResolvedValue({ success: true });
mockValkeyService.deleteAgentState.mockRejectedValue(new Error("Valkey error"));
mockValkeyService.publishEvent.mockResolvedValue(undefined);
// Act
const result = await service.cleanup(mockAgentState);
// Assert
expect(result).toEqual({
docker: { success: true },
worktree: { success: true },
state: { success: false, error: "Valkey error" },
});
expect(mockDockerService.cleanup).toHaveBeenCalledWith("container-abc");
expect(mockWorktreeService.cleanupWorktree).toHaveBeenCalledWith(
"/path/to/repo",
"agent-123",
"task-456"
);
expect(mockValkeyService.deleteAgentState).toHaveBeenCalledWith("agent-123");
expect(mockValkeyService.publishEvent).toHaveBeenCalledWith(
expect.objectContaining({
type: "agent.cleanup",
agentId: "agent-123",
taskId: "task-456",
cleanup: {
docker: true,
worktree: true,
state: false, // Failed
},
})
);
});
it("should skip Docker cleanup if no containerId", async () => {
// Arrange
const stateWithoutContainer: AgentState = {
...mockAgentState,
metadata: {
repository: "/path/to/repo",
},
};
mockWorktreeService.cleanupWorktree.mockResolvedValue({ success: true });
mockValkeyService.deleteAgentState.mockResolvedValue(undefined);
mockValkeyService.publishEvent.mockResolvedValue(undefined);
// Act
const result = await service.cleanup(stateWithoutContainer);
// Assert
expect(result).toEqual({
docker: { success: false },
worktree: { success: true },
state: { success: true },
});
expect(mockDockerService.cleanup).not.toHaveBeenCalled();
expect(mockWorktreeService.cleanupWorktree).toHaveBeenCalledWith(
"/path/to/repo",
"agent-123",
"task-456"
);
expect(mockValkeyService.deleteAgentState).toHaveBeenCalledWith("agent-123");
expect(mockValkeyService.publishEvent).toHaveBeenCalledWith(
expect.objectContaining({
type: "agent.cleanup",
agentId: "agent-123",
taskId: "task-456",
cleanup: {
docker: false, // Skipped (no containerId)
worktree: true,
state: true,
},
})
);
});
it("should skip Docker cleanup if sandbox is disabled", async () => {
// Arrange
mockDockerService.isEnabled.mockReturnValue(false);
mockWorktreeService.cleanupWorktree.mockResolvedValue({ success: true });
mockValkeyService.deleteAgentState.mockResolvedValue(undefined);
mockValkeyService.publishEvent.mockResolvedValue(undefined);
// Act
const result = await service.cleanup(mockAgentState);
// Assert
expect(result).toEqual({
docker: { success: false },
worktree: { success: true },
state: { success: true },
});
expect(mockDockerService.cleanup).not.toHaveBeenCalled();
expect(mockWorktreeService.cleanupWorktree).toHaveBeenCalledWith(
"/path/to/repo",
"agent-123",
"task-456"
);
expect(mockValkeyService.deleteAgentState).toHaveBeenCalledWith("agent-123");
expect(mockValkeyService.publishEvent).toHaveBeenCalledWith(
expect.objectContaining({
type: "agent.cleanup",
agentId: "agent-123",
taskId: "task-456",
cleanup: {
docker: false, // Skipped (sandbox disabled)
worktree: true,
state: true,
},
})
);
});
it("should skip worktree cleanup if no repository", async () => {
// Arrange
const stateWithoutRepo: AgentState = {
...mockAgentState,
metadata: {
containerId: "container-abc",
},
};
mockDockerService.cleanup.mockResolvedValue(undefined);
mockValkeyService.deleteAgentState.mockResolvedValue(undefined);
mockValkeyService.publishEvent.mockResolvedValue(undefined);
// Act
const result = await service.cleanup(stateWithoutRepo);
// Assert
expect(result).toEqual({
docker: { success: true },
worktree: { success: false },
state: { success: true },
});
expect(mockDockerService.cleanup).toHaveBeenCalledWith("container-abc");
expect(mockWorktreeService.cleanupWorktree).not.toHaveBeenCalled();
expect(mockValkeyService.deleteAgentState).toHaveBeenCalledWith("agent-123");
expect(mockValkeyService.publishEvent).toHaveBeenCalledWith(
expect.objectContaining({
type: "agent.cleanup",
agentId: "agent-123",
taskId: "task-456",
cleanup: {
docker: true,
worktree: false, // Skipped (no repository)
state: true,
},
})
);
});
it("should handle agent state with no metadata", async () => {
// Arrange
const stateWithoutMetadata: AgentState = {
agentId: "agent-123",
status: "running",
taskId: "task-456",
startedAt: new Date().toISOString(),
};
mockValkeyService.deleteAgentState.mockResolvedValue(undefined);
mockValkeyService.publishEvent.mockResolvedValue(undefined);
// Act
const result = await service.cleanup(stateWithoutMetadata);
// Assert
expect(result).toEqual({
docker: { success: false },
worktree: { success: false },
state: { success: true },
});
expect(mockDockerService.cleanup).not.toHaveBeenCalled();
expect(mockWorktreeService.cleanupWorktree).not.toHaveBeenCalled();
expect(mockValkeyService.deleteAgentState).toHaveBeenCalledWith("agent-123");
expect(mockValkeyService.publishEvent).toHaveBeenCalledWith(
expect.objectContaining({
type: "agent.cleanup",
agentId: "agent-123",
taskId: "task-456",
cleanup: {
docker: false,
worktree: false,
state: true,
},
})
);
});
it("should emit cleanup event even if event publishing fails", async () => {
// Arrange
mockDockerService.cleanup.mockResolvedValue(undefined);
mockWorktreeService.cleanupWorktree.mockResolvedValue({ success: true });
mockValkeyService.deleteAgentState.mockResolvedValue(undefined);
mockValkeyService.publishEvent.mockRejectedValue(new Error("Event publish failed"));
// Act - should not throw
const result = await service.cleanup(mockAgentState);
// Assert
expect(result).toEqual({
docker: { success: true },
worktree: { success: true },
state: { success: true },
});
expect(mockValkeyService.publishEvent).toHaveBeenCalled();
expect(mockDockerService.cleanup).toHaveBeenCalledWith("container-abc");
expect(mockWorktreeService.cleanupWorktree).toHaveBeenCalledWith(
"/path/to/repo",
"agent-123",
"task-456"
);
expect(mockValkeyService.deleteAgentState).toHaveBeenCalledWith("agent-123");
});
it("should handle all cleanup steps failing", async () => {
// Arrange
mockDockerService.cleanup.mockRejectedValue(new Error("Docker error"));
mockWorktreeService.cleanupWorktree.mockResolvedValue({
success: false,
error: "Git error",
});
mockValkeyService.deleteAgentState.mockRejectedValue(new Error("Valkey error"));
mockValkeyService.publishEvent.mockResolvedValue(undefined);
// Act - should not throw
const result = await service.cleanup(mockAgentState);
// Assert - all cleanup attempts were made
expect(result).toEqual({
docker: { success: false, error: "Docker error" },
worktree: { success: false, error: "Git error" },
state: { success: false, error: "Valkey error" },
});
expect(mockDockerService.cleanup).toHaveBeenCalledWith("container-abc");
expect(mockWorktreeService.cleanupWorktree).toHaveBeenCalledWith(
"/path/to/repo",
"agent-123",
"task-456"
);
expect(mockValkeyService.deleteAgentState).toHaveBeenCalledWith("agent-123");
expect(mockValkeyService.publishEvent).toHaveBeenCalledWith(
expect.objectContaining({
type: "agent.cleanup",
agentId: "agent-123",
taskId: "task-456",
cleanup: {
docker: false,
worktree: false,
state: false,
},
})
);
});
});
});

161
apps/orchestrator/src/killswitch/cleanup.service.ts Normal file
View File

@@ -0,0 +1,161 @@
import { Injectable, Logger } from "@nestjs/common";
import { DockerSandboxService } from "../spawner/docker-sandbox.service";
import { WorktreeManagerService } from "../git/worktree-manager.service";
import { ValkeyService } from "../valkey/valkey.service";
import type { AgentState } from "../valkey/types/state.types";
/**
* Result of cleanup operation for each step
*/
export interface CleanupStepResult {
/** Whether the cleanup step succeeded */
success: boolean;
/** Error message if the step failed */
error?: string;
}
/**
* Structured result of agent cleanup operation
*/
export interface CleanupResult {
/** Docker container cleanup result */
docker: CleanupStepResult;
/** Git worktree cleanup result */
worktree: CleanupStepResult;
/** Valkey state cleanup result */
state: CleanupStepResult;
}
/**
* Service for cleaning up agent resources
*
* Handles cleanup of:
* - Docker containers (stop and remove)
* - Git worktrees (remove)
* - Valkey state (delete agent state)
*
* Cleanup is best-effort: errors are logged but do not stop other cleanup steps.
* Emits cleanup event after completion.
*/
@Injectable()
export class CleanupService {
private readonly logger = new Logger(CleanupService.name);
constructor(
private readonly dockerService: DockerSandboxService,
private readonly worktreeService: WorktreeManagerService,
private readonly valkeyService: ValkeyService
) {
this.logger.log("CleanupService initialized");
}
/**
* Clean up all resources for an agent
*
* Performs cleanup in order:
* 1. Docker container (stop and remove)
* 2. Git worktree (remove)
* 3. Valkey state (delete)
* 4. Emit cleanup event
*
* @param agentState The agent state containing cleanup metadata
* @returns Structured result indicating success/failure of each cleanup step
*/
async cleanup(agentState: AgentState): Promise<CleanupResult> {
const { agentId, taskId, metadata } = agentState;
this.logger.log(`Starting cleanup for agent ${agentId}`);
// Track cleanup results
const cleanupResults: CleanupResult = {
docker: { success: false },
worktree: { success: false },
state: { success: false },
};
// 1. Cleanup Docker container if exists
if (this.dockerService.isEnabled() && metadata?.containerId) {
// Type assertion: containerId should be a string
const containerId = metadata.containerId as string;
try {
this.logger.log(`Cleaning up Docker container: ${containerId} for agent ${agentId}`);
await this.dockerService.cleanup(containerId);
cleanupResults.docker.success = true;
this.logger.log(`Docker cleanup completed for agent ${agentId}`);
} catch (error) {
// Log but continue - best effort cleanup
const errorMsg = error instanceof Error ? error.message : String(error);
cleanupResults.docker.error = errorMsg;
this.logger.error(`Failed to cleanup Docker container for agent ${agentId}: ${errorMsg}`);
}
} else {
this.logger.debug(
`Skipping Docker cleanup for agent ${agentId} (enabled: ${this.dockerService.isEnabled().toString()}, containerId: ${String(metadata?.containerId)})`
);
}
// 2. Cleanup git worktree if exists
if (metadata?.repository) {
this.logger.log(`Cleaning up git worktree for agent ${agentId}`);
const worktreeResult = await this.worktreeService.cleanupWorktree(
metadata.repository as string,
agentId,
taskId
);
cleanupResults.worktree = worktreeResult;
if (worktreeResult.success) {
this.logger.log(`Worktree cleanup completed for agent ${agentId}`);
} else {
this.logger.error(
`Failed to cleanup worktree for agent ${agentId}: ${worktreeResult.error ?? "unknown error"}`
);
}
} else {
this.logger.debug(
`Skipping worktree cleanup for agent ${agentId} (no repository in metadata)`
);
}
// 3. Clear Valkey state
try {
this.logger.log(`Clearing Valkey state for agent ${agentId}`);
await this.valkeyService.deleteAgentState(agentId);
cleanupResults.state.success = true;
this.logger.log(`Valkey state cleared for agent ${agentId}`);
} catch (error) {
// Log but continue - best effort cleanup
const errorMsg = error instanceof Error ? error.message : String(error);
cleanupResults.state.error = errorMsg;
this.logger.error(`Failed to clear Valkey state for agent ${agentId}: ${errorMsg}`);
}
// 4. Emit cleanup event
try {
await this.valkeyService.publishEvent({
type: "agent.cleanup",
agentId,
taskId,
timestamp: new Date().toISOString(),
cleanup: {
docker: cleanupResults.docker.success,
worktree: cleanupResults.worktree.success,
state: cleanupResults.state.success,
},
});
this.logger.log(`Cleanup event published for agent ${agentId}`);
} catch (error) {
// Log but don't throw - event emission failure shouldn't break cleanup
this.logger.error(
`Failed to publish cleanup event for agent ${agentId}: ${
error instanceof Error ? error.message : String(error)
}`
);
}
this.logger.log(
`Cleanup completed for agent ${agentId}: docker=${cleanupResults.docker.success.toString()}, worktree=${cleanupResults.worktree.success.toString()}, state=${cleanupResults.state.success.toString()}`
);
return cleanupResults;
}
}

11
apps/orchestrator/src/killswitch/killswitch.module.ts
View File

@@ -1,4 +1,13 @@
import { Module } from "@nestjs/common";
import { KillswitchService } from "./killswitch.service";
import { CleanupService } from "./cleanup.service";
import { SpawnerModule } from "../spawner/spawner.module";
import { GitModule } from "../git/git.module";
import { ValkeyModule } from "../valkey/valkey.module";
@Module({})
@Module({
imports: [SpawnerModule, GitModule, ValkeyModule],
providers: [KillswitchService, CleanupService],
exports: [KillswitchService, CleanupService],
})
export class KillswitchModule {}

295
apps/orchestrator/src/killswitch/killswitch.service.spec.ts Normal file
View File

@@ -0,0 +1,295 @@
import { describe, it, expect, beforeEach, afterEach, vi } from "vitest";
import { KillswitchService } from "./killswitch.service";
import { AgentLifecycleService } from "../spawner/agent-lifecycle.service";
import { ValkeyService } from "../valkey/valkey.service";
import { CleanupService } from "./cleanup.service";
import type { AgentState } from "../valkey/types";
describe("KillswitchService", () => {
let service: KillswitchService;
let mockLifecycleService: {
transitionToKilled: ReturnType<typeof vi.fn>;
getAgentLifecycleState: ReturnType<typeof vi.fn>;
listAgentLifecycleStates: ReturnType<typeof vi.fn>;
};
let mockValkeyService: {
getAgentState: ReturnType<typeof vi.fn>;
listAgents: ReturnType<typeof vi.fn>;
};
let mockCleanupService: {
cleanup: ReturnType<typeof vi.fn>;
};
const mockAgentState: AgentState = {
agentId: "agent-123",
status: "running",
taskId: "task-456",
startedAt: new Date().toISOString(),
metadata: {
containerId: "container-abc",
repository: "/path/to/repo",
},
};
beforeEach(() => {
// Create mocks
mockLifecycleService = {
transitionToKilled: vi.fn(),
getAgentLifecycleState: vi.fn(),
listAgentLifecycleStates: vi.fn(),
};
mockValkeyService = {
getAgentState: vi.fn(),
listAgents: vi.fn(),
};
mockCleanupService = {
cleanup: vi.fn(),
};
service = new KillswitchService(
mockLifecycleService as unknown as AgentLifecycleService,
mockValkeyService as unknown as ValkeyService,
mockCleanupService as unknown as CleanupService
);
});
afterEach(() => {
vi.clearAllMocks();
});
describe("killAgent", () => {
it("should kill single agent with full cleanup", async () => {
// Arrange
mockValkeyService.getAgentState.mockResolvedValue(mockAgentState);
mockLifecycleService.transitionToKilled.mockResolvedValue({
...mockAgentState,
status: "killed",
completedAt: new Date().toISOString(),
});
mockCleanupService.cleanup.mockResolvedValue({
docker: { success: true },
worktree: { success: true },
state: { success: true },
});
// Act
await service.killAgent("agent-123");
// Assert
expect(mockValkeyService.getAgentState).toHaveBeenCalledWith("agent-123");
expect(mockLifecycleService.transitionToKilled).toHaveBeenCalledWith("agent-123");
expect(mockCleanupService.cleanup).toHaveBeenCalledWith(mockAgentState);
});
it("should throw error if agent not found", async () => {
// Arrange
mockValkeyService.getAgentState.mockResolvedValue(null);
// Act & Assert
await expect(service.killAgent("agent-999")).rejects.toThrow("Agent agent-999 not found");
expect(mockLifecycleService.transitionToKilled).not.toHaveBeenCalled();
expect(mockCleanupService.cleanup).not.toHaveBeenCalled();
});
it("should handle agent already in killed state", async () => {
// Arrange
const killedState: AgentState = {
...mockAgentState,
status: "killed",
completedAt: new Date().toISOString(),
};
mockValkeyService.getAgentState.mockResolvedValue(killedState);
mockLifecycleService.transitionToKilled.mockRejectedValue(
new Error("Invalid state transition from killed to killed")
);
// Act & Assert
await expect(service.killAgent("agent-123")).rejects.toThrow("Invalid state transition");
// Cleanup should not be attempted
expect(mockCleanupService.cleanup).not.toHaveBeenCalled();
});
});
describe("killAllAgents", () => {
it("should kill all running agents", async () => {
// Arrange
const agent1: AgentState = {
...mockAgentState,
agentId: "agent-1",
taskId: "task-1",
metadata: { containerId: "container-1", repository: "/repo1" },
};
const agent2: AgentState = {
...mockAgentState,
agentId: "agent-2",
taskId: "task-2",
metadata: { containerId: "container-2", repository: "/repo2" },
};
mockValkeyService.listAgents.mockResolvedValue([agent1, agent2]);
mockValkeyService.getAgentState.mockResolvedValueOnce(agent1).mockResolvedValueOnce(agent2);
mockLifecycleService.transitionToKilled
.mockResolvedValueOnce({ ...agent1, status: "killed" })
.mockResolvedValueOnce({ ...agent2, status: "killed" });
mockCleanupService.cleanup.mockResolvedValue({
docker: { success: true },
worktree: { success: true },
state: { success: true },
});
// Act
const result = await service.killAllAgents();
// Assert
expect(mockValkeyService.listAgents).toHaveBeenCalled();
expect(result.total).toBe(2);
expect(result.killed).toBe(2);
expect(result.failed).toBe(0);
expect(mockLifecycleService.transitionToKilled).toHaveBeenCalledTimes(2);
expect(mockCleanupService.cleanup).toHaveBeenCalledTimes(2);
});
it("should only kill active agents (spawning or running)", async () => {
// Arrange
const runningAgent: AgentState = {
...mockAgentState,
agentId: "agent-1",
status: "running",
metadata: { containerId: "container-1", repository: "/repo1" },
};
const completedAgent: AgentState = {
...mockAgentState,
agentId: "agent-2",
status: "completed",
};
const failedAgent: AgentState = {
...mockAgentState,
agentId: "agent-3",
status: "failed",
};
mockValkeyService.listAgents.mockResolvedValue([runningAgent, completedAgent, failedAgent]);
mockValkeyService.getAgentState.mockResolvedValueOnce(runningAgent);
mockLifecycleService.transitionToKilled.mockResolvedValueOnce({
...runningAgent,
status: "killed",
});
mockCleanupService.cleanup.mockResolvedValue({
docker: { success: true },
worktree: { success: true },
state: { success: true },
});
// Act
const result = await service.killAllAgents();
// Assert
expect(result.total).toBe(1);
expect(result.killed).toBe(1);
expect(result.failed).toBe(0);
expect(mockLifecycleService.transitionToKilled).toHaveBeenCalledTimes(1);
expect(mockLifecycleService.transitionToKilled).toHaveBeenCalledWith("agent-1");
});
it("should return zero results when no agents exist", async () => {
// Arrange
mockValkeyService.listAgents.mockResolvedValue([]);
// Act
const result = await service.killAllAgents();
// Assert
expect(result.total).toBe(0);
expect(result.killed).toBe(0);
expect(result.failed).toBe(0);
expect(mockLifecycleService.transitionToKilled).not.toHaveBeenCalled();
});
it("should track failures when some agents fail to kill", async () => {
// Arrange
const agent1: AgentState = {
...mockAgentState,
agentId: "agent-1",
taskId: "task-1",
metadata: { containerId: "container-1", repository: "/repo1" },
};
const agent2: AgentState = {
...mockAgentState,
agentId: "agent-2",
taskId: "task-2",
metadata: { containerId: "container-2", repository: "/repo2" },
};
mockValkeyService.listAgents.mockResolvedValue([agent1, agent2]);
mockValkeyService.getAgentState.mockResolvedValueOnce(agent1).mockResolvedValueOnce(agent2);
mockLifecycleService.transitionToKilled
.mockResolvedValueOnce({ ...agent1, status: "killed" })
.mockRejectedValueOnce(new Error("State transition failed"));
mockCleanupService.cleanup.mockResolvedValue({
docker: { success: true },
worktree: { success: true },
state: { success: true },
});
// Act
const result = await service.killAllAgents();
// Assert
expect(result.total).toBe(2);
expect(result.killed).toBe(1);
expect(result.failed).toBe(1);
expect(result.errors).toHaveLength(1);
expect(result.errors?.[0]).toContain("agent-2");
});
it("should continue killing other agents even if one fails", async () => {
// Arrange
const agent1: AgentState = {
...mockAgentState,
agentId: "agent-1",
taskId: "task-1",
metadata: { containerId: "container-1", repository: "/repo1" },
};
const agent2: AgentState = {
...mockAgentState,
agentId: "agent-2",
taskId: "task-2",
metadata: { containerId: "container-2", repository: "/repo2" },
};
const agent3: AgentState = {
...mockAgentState,
agentId: "agent-3",
taskId: "task-3",
metadata: { containerId: "container-3", repository: "/repo3" },
};
mockValkeyService.listAgents.mockResolvedValue([agent1, agent2, agent3]);
mockValkeyService.getAgentState
.mockResolvedValueOnce(agent1)
.mockResolvedValueOnce(agent2)
.mockResolvedValueOnce(agent3);
mockLifecycleService.transitionToKilled
.mockResolvedValueOnce({ ...agent1, status: "killed" })
.mockRejectedValueOnce(new Error("Failed"))
.mockResolvedValueOnce({ ...agent3, status: "killed" });
mockCleanupService.cleanup.mockResolvedValue({
docker: { success: true },
worktree: { success: true },
state: { success: true },
});
// Act
const result = await service.killAllAgents();
// Assert
expect(result.total).toBe(3);
expect(result.killed).toBe(2);
expect(result.failed).toBe(1);
expect(mockLifecycleService.transitionToKilled).toHaveBeenCalledTimes(3);
});
});
});

173
apps/orchestrator/src/killswitch/killswitch.service.ts Normal file
View File

@@ -0,0 +1,173 @@
import { Injectable, Logger } from "@nestjs/common";
import { AgentLifecycleService } from "../spawner/agent-lifecycle.service";
import { ValkeyService } from "../valkey/valkey.service";
import { CleanupService } from "./cleanup.service";
import type { AgentState } from "../valkey/types";
/**
* Result of killing all agents operation
*/
export interface KillAllResult {
/** Total number of agents processed */
total: number;
/** Number of agents successfully killed */
killed: number;
/** Number of agents that failed to kill */
failed: number;
/** Error messages for failed kills */
errors?: string[];
}
/**
* Service for emergency stop (killswitch) functionality
*
* Provides immediate termination of agents with cleanup:
* - Updates agent state to 'killed'
* - Delegates cleanup to CleanupService
* - Logs audit trail
*
* Killswitch bypasses all queues and must respond within seconds.
*/
@Injectable()
export class KillswitchService {
private readonly logger = new Logger(KillswitchService.name);
constructor(
private readonly lifecycleService: AgentLifecycleService,
private readonly valkeyService: ValkeyService,
private readonly cleanupService: CleanupService
) {
this.logger.log("KillswitchService initialized");
}
/**
* Kill a single agent immediately with full cleanup
*
* @param agentId Unique agent identifier
* @throws Error if agent not found or state transition fails
*/
async killAgent(agentId: string): Promise<void> {
this.logger.warn(`KILLSWITCH ACTIVATED for agent: ${agentId}`);
// Get agent state
const agentState = await this.valkeyService.getAgentState(agentId);
if (!agentState) {
const error = `Agent ${agentId} not found`;
this.logger.error(error);
throw new Error(error);
}
// Log audit trail
this.logAudit("KILL_AGENT", agentId, agentState);
// Transition to killed state first (this validates the state transition)
// If this fails (e.g., already killed), we should not perform cleanup
await this.lifecycleService.transitionToKilled(agentId);
// Delegate cleanup to CleanupService after successful state transition
const cleanupResult = await this.cleanupService.cleanup(agentState);
// Log cleanup results in audit trail
const cleanupSummary = {
docker: cleanupResult.docker.success
? "success"
: `failed: ${cleanupResult.docker.error ?? "unknown"}`,
worktree: cleanupResult.worktree.success
? "success"
: `failed: ${cleanupResult.worktree.error ?? "unknown"}`,
state: cleanupResult.state.success
? "success"
: `failed: ${cleanupResult.state.error ?? "unknown"}`,
};
this.logger.warn(
`Agent ${agentId} killed successfully. Cleanup: ${JSON.stringify(cleanupSummary)}`
);
}
/**
* Kill all active agents (spawning or running)
*
* @returns Summary of kill operation
*/
async killAllAgents(): Promise<KillAllResult> {
this.logger.warn("KILLSWITCH ACTIVATED for ALL AGENTS");
// Get all agents
const allAgents = await this.valkeyService.listAgents();
// Filter to only active agents (spawning or running)
const activeAgents = allAgents.filter(
(agent) => agent.status === "spawning" || agent.status === "running"
);
if (activeAgents.length === 0) {
this.logger.log("No active agents to kill");
return { total: 0, killed: 0, failed: 0 };
}
this.logger.warn(`Killing ${activeAgents.length.toString()} active agents`);
// Log audit trail
this.logAudit(
"KILL_ALL_AGENTS",
"all",
undefined,
`Total active agents: ${activeAgents.length.toString()}`
);
// Kill each agent (continue on failures)
let killed = 0;
let failed = 0;
const errors: string[] = [];
for (const agent of activeAgents) {
try {
await this.killAgent(agent.agentId);
killed++;
} catch (error) {
failed++;
const errorMsg = `Failed to kill agent ${agent.agentId}: ${
error instanceof Error ? error.message : String(error)
}`;
this.logger.error(errorMsg);
errors.push(errorMsg);
}
}
const result: KillAllResult = {
total: activeAgents.length,
killed,
failed,
errors: errors.length > 0 ? errors : undefined,
};
this.logger.warn(
`Kill all completed: ${killed.toString()} killed, ${failed.toString()} failed out of ${activeAgents.length.toString()}`
);
return result;
}
/**
* Log audit trail for killswitch operations
*/
private logAudit(
operation: "KILL_AGENT" | "KILL_ALL_AGENTS",
agentId: string,
agentState?: AgentState,
additionalInfo?: string
): void {
const auditLog = {
timestamp: new Date().toISOString(),
operation,
agentId,
agentStatus: agentState?.status,
taskId: agentState?.taskId,
additionalInfo,
};
this.logger.warn(`[AUDIT] Killswitch: ${JSON.stringify(auditLog)}`);
}
}