6e9def3c5a
Merge pull request 'feat(api): MS24 queue notifications module' ( #750 ) from feat/ms24-queue-api into main
ci/woodpecker/push/ci Pipeline was successful
2026-03-08 23:04:16 +00:00
06f2cc4be3
feat(api): add queue notifications module
ci/woodpecker/push/ci Pipeline was successful
2026-03-08 17:27:41 -05:00
04bbdf3308
fix(api): proxy mission-control routes to orchestrator
ci/woodpecker/push/ci Pipeline was successful
2026-03-08 14:04:12 -05:00
af56684e84
feat(ms22-p2): add UserAgent CRUD endpoints ( #682 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-05 02:44:19 +00:00
ee4d6fa12b
feat(ms22-p2): add AgentTemplate admin CRUD endpoints ( #678 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-05 02:32:17 +00:00
a25a77a43c
fix(api): widget throttling and orchestrator endpoints ( #624 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-01 19:22:20 +00:00
029c190c05
feat(api): chat proxy (MS22-P1i) ( #615 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-01 15:59:00 +00:00
477d0c8fdf
feat(api): idle container reaper (MS22-P1k) ( #614 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-01 15:50:34 +00:00
dc7e0c805c
feat(api): onboarding API (MS22-P1e) ( #612 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-01 15:43:43 +00:00
2b010fadda
feat(api): fleet settings API (MS22-P1g) ( #611 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-01 15:37:04 +00:00
c25e753f35
feat(api): ContainerLifecycleService (MS22-P1d) ( #610 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-01 15:24:42 +00:00
d3c8b8cadd
feat(api): internal agent config endpoint (MS22-P1c) ( #609 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-01 15:14:06 +00:00
3688f89c37
feat(api): add CryptoService for secret encryption (MS22-P1b)
ci/woodpecker/push/ci Pipeline was successful
2026-03-01 08:41:28 -06:00
d07a840f25
feat(api): add conversation archive with vector search (MS22-DB-004, MS22-API-004) ( #587 )
...
ci/woodpecker/push/api Pipeline failed
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-01 02:20:56 +00:00
4b2e48af9c
feat(api): add agent memory module (MS22-DB-002, MS22-API-002) ( #586 )
...
ci/woodpecker/push/api Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-01 02:20:15 +00:00
7b390d8be2
feat(api): add findings module with vector search (MS22-DB-001, MS22-API-001) ( #585 )
...
ci/woodpecker/push/orchestrator Pipeline was successful
ci/woodpecker/push/web Pipeline was successful
ci/woodpecker/push/api Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-01 02:10:02 +00:00
f99107fbfc
feat(api): add admin bulk import endpoints (MS21-MIG-004) ( #567 )
...
ci/woodpecker/push/api Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-28 19:55:01 +00:00
0e6734bdae
feat(api): add team management module with CRUD endpoints ( #564 )
...
ci/woodpecker/push/api Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-28 18:24:09 +00:00
20f914ea85
feat(api): add AdminModule with user and workspace management endpoints ( #555 )
...
ci/woodpecker/push/api Pipeline failed
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-28 17:56:54 +00:00
128431ba58
fix(api,web): separate workspace context from auth session ( #551 )
...
ci/woodpecker/push/orchestrator Pipeline was successful
ci/woodpecker/push/web Pipeline was successful
ci/woodpecker/push/api Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-28 15:14:29 +00:00
78b71a0ecc
feat(api): implement personalities CRUD API ( #537 )
...
ci/woodpecker/push/api Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-27 10:42:50 +00:00
6290fc3d53
feat(api): add terminal WebSocket gateway with PTY session management ( #515 )
...
ci/woodpecker/push/web Pipeline failed
ci/woodpecker/push/orchestrator Pipeline failed
ci/woodpecker/push/api Pipeline failed
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-26 02:27:29 +00:00
7581d26567
Phase 2: Task Ingestion Pipeline ( #459 ) ( #460 )
...
ci/woodpecker/push/api Pipeline was successful
ci/woodpecker/push/web Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-23 00:54:55 +00:00
cf28efa880
merge: resolve conflicts with develop (M10-Telemetry + M12-MatrixBridge)
...
ci/woodpecker/push/infra Pipeline was successful
ci/woodpecker/push/coordinator Pipeline was successful
ci/woodpecker/push/orchestrator Pipeline was successful
ci/woodpecker/push/api Pipeline was successful
ci/woodpecker/push/web Pipeline was successful
Merge origin/develop into feature/m13-speech-services to incorporate
M10-Telemetry and M12-MatrixBridge changes. Resolved 4 conflicts:
- .env.example: Added speech config alongside telemetry + matrix config
- Makefile: Added speech targets alongside matrix targets
- app.module.ts: Import both MosaicTelemetryModule and SpeechModule
- docs/tasks.md: Combined all milestone task tracking sections
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-02-15 12:31:08 -06:00
314dd24dce
feat( #369 ): install @mosaicstack/telemetry-client in API
...
- Add .npmrc with scoped Gitea npm registry for @mosaicstack packages
- Create MosaicTelemetryModule (global, lifecycle-aware) at
apps/api/src/mosaic-telemetry/
- Create MosaicTelemetryService wrapping TelemetryClient with
convenience methods: trackTaskCompletion, getPrediction,
refreshPredictions, eventBuilder
- Create mosaic-telemetry.config.ts for env var integration via
NestJS ConfigService
- Register MosaicTelemetryModule in AppModule
- Add 32 unit tests covering module init, service methods, disabled
mode, dry-run mode, and lifecycle management
Refs #369
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-02-15 02:10:22 -06:00
c40373fa3b
feat( #389 ): create SpeechModule with provider abstraction layer
...
ci/woodpecker/push/api Pipeline was successful
Add SpeechModule with provider interfaces and service skeleton for
multi-tier TTS fallback (premium -> default -> fallback) and STT
transcription support. Includes 27 unit tests covering provider
selection, fallback logic, and availability checks.
- ISTTProvider interface with transcribe/isHealthy methods
- ITTSProvider interface with synthesize/listVoices/isHealthy methods
- Shared types: SpeechTier, TranscriptionResult, SynthesisResult, etc.
- SpeechService with graceful TTS fallback chain
- NestJS injection tokens (STT_PROVIDER, TTS_PROVIDERS)
- SpeechModule registered in AppModule
- ConfigModule integration via speechConfig registerAs factory
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-02-15 02:09:45 -06:00
0ca3945061
fix(api): resolve Docker startup failures (secrets, Redis, Prisma)
...
- Pass BETTER_AUTH_SECRET through all 6 docker-compose files to API container
- Fix BullModule to parse VALKEY_URL instead of VALKEY_HOST/VALKEY_PORT,
matching all other Redis consumers in the codebase
- Migrate Prisma encryption from removed $use() middleware to $extends()
client extensions (Prisma 6.x compatibility), keeping extends PrismaClient
pattern with only account and llmProviderInstance getters overridden
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-02-14 11:04:04 -06:00
46d0a06ef5
feat( #356 ): Build credential CRUD API endpoints
...
Implement comprehensive CRUD API for managing user credentials with encryption,
RLS, and audit logging following TDD methodology.
Features:
- POST /api/credentials - Create encrypted credential
- GET /api/credentials - List credentials (masked values only)
- GET /api/credentials/:id - Get single credential (masked)
- GET /api/credentials/:id/value - Decrypt plaintext (rate limited 10/min)
- PATCH /api/credentials/:id - Update metadata
- POST /api/credentials/:id/rotate - Rotate credential value
- DELETE /api/credentials/:id - Soft delete
Security:
- All values encrypted via VaultService (TransitKey.CREDENTIALS)
- List/Get endpoints NEVER return plaintext (only maskedValue)
- getValue endpoint rate limited to 10 requests/minute per user
- All operations audit-logged with CREDENTIAL_* ActivityAction
- RLS enforces per-user isolation via getRlsClient() pattern
- Input validation via class-validator DTOs
Testing:
- 26/26 unit tests passing
- 95.71% code coverage (exceeds 85% requirement)
- Service: 95.16%
- Controller: 100%
- TypeScript checks pass
Files created:
- apps/api/src/credentials/credentials.service.ts
- apps/api/src/credentials/credentials.service.spec.ts
- apps/api/src/credentials/credentials.controller.ts
- apps/api/src/credentials/credentials.controller.spec.ts
- apps/api/src/credentials/credentials.module.ts
- apps/api/src/credentials/dto/*.dto.ts (5 DTOs)
Files modified:
- apps/api/src/app.module.ts - imported CredentialsModule
Note: Admin credentials endpoints deferred to future issue. Current
implementation covers all user credential endpoints.
Refs #346
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-02-07 16:50:02 -06:00
93d403807b
feat( #351 ): Implement RLS context interceptor (fix SEC-API-4)
...
ci/woodpecker/push/woodpecker Pipeline failed
Implements Row-Level Security (RLS) context propagation via NestJS interceptor and AsyncLocalStorage.
Core Implementation:
- RlsContextInterceptor sets PostgreSQL session variables (app.current_user_id, app.current_workspace_id) within transaction boundaries
- Uses SET LOCAL for transaction-scoped variables, preventing connection pool leakage
- AsyncLocalStorage propagates transaction-scoped Prisma client to services
- Graceful handling of unauthenticated routes
- 30-second transaction timeout with 10-second max wait
Security Features:
- Error sanitization prevents information disclosure to clients
- TransactionClient type provides compile-time safety, prevents invalid method calls
- Defense-in-depth security layer for RLS policy enforcement
Quality Rails Compliance:
- Fixed 154 lint errors in llm-usage module (package-level enforcement)
- Added proper TypeScript typing for Prisma operations
- Resolved all type safety violations
Test Coverage:
- 19 tests (7 provider + 9 interceptor + 3 integration)
- 95.75% overall coverage (100% statements on implementation files)
- All tests passing, zero lint errors
Documentation:
- Comprehensive RLS-CONTEXT-USAGE.md with examples and migration guide
Files Created:
- apps/api/src/common/interceptors/rls-context.interceptor.ts
- apps/api/src/common/interceptors/rls-context.interceptor.spec.ts
- apps/api/src/common/interceptors/rls-context.integration.spec.ts
- apps/api/src/prisma/rls-context.provider.ts
- apps/api/src/prisma/rls-context.provider.spec.ts
- apps/api/src/prisma/RLS-CONTEXT-USAGE.md
Fixes #351
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-02-07 12:25:50 -06:00
Jason Woltje
7390cac2cc
fix( #338 ): Bind CSRF token to user session with HMAC
...
- Token now includes HMAC binding to session ID
- Validates session binding on verification
- Adds CSRF_SECRET configuration requirement
- Requires authentication for CSRF token endpoint
- 51 new tests covering session binding security
Security: CSRF tokens are now cryptographically tied to user sessions,
preventing token reuse across sessions and mitigating session fixation
attacks.
Token format: {random_part}:{hmac(random_part + user_id, secret)}
Refs #338
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-02-05 16:33:22 -06:00
Jason Woltje
b836940b89
feat( #309 ): Add LLM usage tracking and analytics
...
Implements comprehensive LLM usage tracking with analytics endpoints.
Implementation:
- Added LlmUsageLog model to Prisma schema
- Created llm-usage module with service, controller, and DTOs
- Added tracking for token usage, costs, and durations
- Implemented analytics aggregation by provider, model, and task type
- Added filtering by workspace, provider, model, user, and date range
Testing:
- 20 unit tests with 90.8% coverage (exceeds 85% requirement)
- Tests for service and controller with full error handling
- Tests use Vitest following project conventions
API Endpoints:
- GET /api/llm-usage/analytics - Aggregated usage analytics
- GET /api/llm-usage/by-workspace/:workspaceId - Workspace usage logs
- GET /api/llm-usage/by-workspace/:workspaceId/provider/:provider - Provider logs
- GET /api/llm-usage/by-workspace/:workspaceId/model/:model - Model logs
Database:
- LlmUsageLog table with indexes for efficient queries
- Relations to User, Workspace, and LlmProviderInstance
- Ready for migration with: pnpm prisma migrate dev
Refs #309
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-04 13:41:45 -06:00
3a98b78661
fix: Complete CSRF protection implementation
...
ci/woodpecker/push/woodpecker Pipeline failed
ci/woodpecker/pr/woodpecker Pipeline failed
Closes three CSRF security gaps identified in code review:
1. Added X-CSRF-Token and X-Workspace-Id to CORS allowed headers
- Updated apps/api/src/main.ts to accept CSRF token headers
2. Integrated CSRF token handling in web client
- Added fetchCsrfToken() to fetch token from API
- Store token in memory (not localStorage for security)
- Automatically include X-CSRF-Token in POST/PUT/PATCH/DELETE
- Implement automatic token refresh on 403 CSRF errors
- Added comprehensive test coverage for CSRF functionality
3. Applied CSRF Guard globally
- Added CsrfGuard as APP_GUARD in app.module.ts
- Verified @SkipCsrf() decorator works for exempted endpoints
All tests passing. CSRF protection now enforced application-wide.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-04 07:12:42 -06:00
ebd842f007
fix( #278 ): Implement CSRF protection using double-submit cookie pattern
...
ci/woodpecker/push/woodpecker Pipeline failed
Implemented comprehensive CSRF protection for all state-changing endpoints
(POST, PATCH, DELETE) using the double-submit cookie pattern.
Security Implementation:
- Created CsrfGuard using double-submit cookie validation
- Token set in httpOnly cookie and validated against X-CSRF-Token header
- Applied guard to FederationController (vulnerable endpoints)
- Safe HTTP methods (GET, HEAD, OPTIONS) automatically exempted
- Signature-based endpoints (@SkipCsrf decorator) exempted
Components Added:
- CsrfGuard: Validates cookie and header token match
- CsrfController: GET /api/v1/csrf/token endpoint for token generation
- @SkipCsrf(): Decorator to exempt endpoints with alternative auth
- Comprehensive tests (20 tests, all passing)
Protected Endpoints:
- POST /api/v1/federation/connections/initiate
- POST /api/v1/federation/connections/:id/accept
- POST /api/v1/federation/connections/:id/reject
- POST /api/v1/federation/connections/:id/disconnect
- POST /api/v1/federation/instance/regenerate-keys
Exempted Endpoints:
- POST /api/v1/federation/incoming/connect (signature-verified)
- GET requests (safe methods)
Security Features:
- httpOnly cookies prevent XSS attacks
- SameSite=strict prevents subdomain attacks
- Cryptographically secure random tokens (32 bytes)
- 24-hour token expiry
- Structured logging for security events
Testing:
- 14 guard tests covering all scenarios
- 6 controller tests for token generation
- Quality gates: lint, typecheck, build all passing
Note: Frontend integration required to use tokens. Clients must:
1. GET /api/v1/csrf/token to receive token
2. Include token in X-CSRF-Token header for state-changing requests
Fixes #278
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-03 20:35:00 -06:00
Jason Woltje
7989c089ef
feat( #84 ): implement instance identity model for federation
...
Implemented the foundation of federation architecture with instance
identity and connection management:
Database Schema:
- Added Instance model for instance identity with keypair generation
- Added FederationConnection model for workspace-scoped connections
- Added FederationConnectionStatus enum (PENDING, ACTIVE, SUSPENDED, DISCONNECTED)
Service Layer:
- FederationService with instance identity management
- RSA 2048-bit keypair generation for signing
- Public identity endpoint (excludes private key)
- Keypair regeneration capability
API Endpoints:
- GET /api/v1/federation/instance - Returns public instance identity
- POST /api/v1/federation/instance/regenerate-keys - Admin keypair regeneration
Tests:
- 11 tests passing (7 service, 4 controller)
- 100% statement coverage, 100% function coverage
- Follows TDD principles (Red-Green-Refactor)
Configuration:
- Added INSTANCE_NAME and INSTANCE_URL environment variables
- Integrated FederationModule into AppModule
Refs #84
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-03 10:58:50 -06:00
Jason Woltje
3dfa603a03
feat( #69 ): implement embedding generation pipeline
...
Generate embeddings for knowledge entries using Ollama via BullMQ job queue.
Changes:
- Created OllamaEmbeddingService for Ollama-based embedding generation
- Set up BullMQ queue and processor for async embedding jobs
- Integrated queue into knowledge entry lifecycle (create/update)
- Added rate limiting (1 job/second) and retry logic (3 attempts)
- Added OLLAMA_EMBEDDING_MODEL environment variable configuration
- Implemented dimension normalization (padding/truncating to 1536 dimensions)
- Added graceful degradation when Ollama is unavailable
Test Coverage:
- All 31 embedding-related tests passing
- ollama-embedding.service.spec.ts: 13 tests
- embedding-queue.spec.ts: 6 tests
- embedding.processor.spec.ts: 5 tests
- Build and linting successful
Fixes #69
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-02 15:06:11 -06:00
Jason Woltje
41d56dadf0
fix( #199 ): implement rate limiting on webhook endpoints
...
ci/woodpecker/push/woodpecker Pipeline failed
Implements comprehensive rate limiting on all webhook and coordinator endpoints
to prevent DoS attacks. Follows TDD protocol with 14 passing tests.
Implementation:
- Added @nestjs/throttler package for rate limiting
- Created ThrottlerApiKeyGuard for per-API-key rate limiting
- Created ThrottlerValkeyStorageService for distributed rate limiting via Redis
- Configured rate limits on stitcher endpoints (60 req/min)
- Configured rate limits on coordinator endpoints (100 req/min)
- Higher limits for health endpoints (300 req/min for monitoring)
- Added environment variables for rate limit configuration
- Rate limiting logs violations for security monitoring
Rate Limits:
- Stitcher webhooks: 60 requests/minute per API key
- Coordinator endpoints: 100 requests/minute per API key
- Health endpoints: 300 requests/minute (higher for monitoring)
Storage:
- Uses Valkey (Redis) for distributed rate limiting across API instances
- Falls back to in-memory storage if Redis unavailable
Testing:
- 14 comprehensive rate limiting tests (all passing)
- Tests verify: rate limit enforcement, Retry-After headers, per-API-key isolation
- TDD approach: RED (failing tests) → GREEN (implementation) → REFACTOR
Additional improvements:
- Type safety improvements in websocket gateway
- Array type notation standardization in coordinator service
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-02 13:07:16 -06:00
5a51ee8c30
feat( #176 ): Integrate M4.2 infrastructure with M4.1 coordinator
...
Add CoordinatorIntegrationModule providing REST API endpoints for the Python
coordinator to communicate with the NestJS API infrastructure:
- POST /coordinator/jobs - Create job from coordinator webhook events
- PATCH /coordinator/jobs/:id/status - Update job status (PENDING -> RUNNING)
- PATCH /coordinator/jobs/:id/progress - Update job progress percentage
- POST /coordinator/jobs/:id/complete - Mark job complete with results
- POST /coordinator/jobs/:id/fail - Mark job failed with gate results
- GET /coordinator/jobs/:id - Get job details with events and steps
- GET /coordinator/health - Integration health check
Integration features:
- Job creation dispatches to BullMQ queues
- Status updates emit JobEvents for audit logging
- Completion/failure events broadcast via Herald to Discord
- Status transition validation (PENDING -> QUEUED -> RUNNING -> COMPLETED/FAILED)
- Health check includes BullMQ connection status and queue counts
Also adds JOB_PROGRESS event type to event-types.ts for progress tracking.
Fixes #176
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-02-01 21:54:34 -06:00
efe624e2c1
feat( #168 ): Implement job steps tracking
...
Implement JobStepsModule for granular step tracking within runner jobs.
Features:
- Create and track job steps (SETUP, EXECUTION, VALIDATION, CLEANUP)
- Track step status transitions (PENDING → RUNNING → COMPLETED/FAILED)
- Record token usage for AI_ACTION steps
- Calculate step duration automatically
- GET endpoints for listing and retrieving steps
Implementation:
- JobStepsService: CRUD operations, status tracking, duration calculation
- JobStepsController: GET /runner-jobs/:jobId/steps endpoints
- DTOs: CreateStepDto, UpdateStepDto with validation
- Full unit test coverage (16 tests)
Quality gates:
- Build: ✅ Passed
- Lint: ✅ Passed
- Tests: ✅ 16/16 passed
- Coverage: ✅ 100% statements, 100% functions, 100% lines, 83.33% branches
Also fixed pre-existing TypeScript strict mode issue in job-events DTO.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-02-01 21:16:23 -06:00
a2cd614e87
feat( #166 ): Implement Stitcher module structure
...
Created the mosaic-stitcher module - the workflow orchestration layer
that wraps OpenClaw.
Responsibilities:
- Receive webhooks from @mosaic bot
- Apply Guard Rails (capability permissions)
- Apply Quality Rails (mandatory gates)
- Track all job steps and events
- Dispatch work to OpenClaw with constraints
Implementation:
- StitcherModule: Module definition with PrismaModule and BullMqModule
- StitcherService: Core orchestration logic
- handleWebhook(): Process webhooks from @mosaic bot
- dispatchJob(): Create RunnerJob and dispatch to BullMQ queue
- applyGuardRails(): Check capability permissions for agent profiles
- applyQualityRails(): Determine mandatory gates for job types
- trackJobEvent(): Log events to database for audit trail
- StitcherController: HTTP endpoints
- POST /stitcher/webhook: Webhook receiver
- POST /stitcher/dispatch: Manual job dispatch
- DTOs and interfaces for type safety
TDD Process:
1. RED: Created failing tests (12 tests)
2. GREEN: Implemented minimal code to pass tests
3. REFACTOR: Fixed TypeScript strict mode issues
Quality Gates: ALL PASS
- Typecheck: PASS
- Lint: PASS
- Build: PASS
- Tests: PASS (12/12)
Token estimate: ~56,000 tokens
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-02-01 21:08:32 -06:00
e09950f225
feat( #165 ): Implement BullMQ module setup
...
Create BullMQ module that shares the existing Valkey connection for job queue processing.
Files Created:
- apps/api/src/bullmq/bullmq.module.ts - Global module configuration
- apps/api/src/bullmq/bullmq.service.ts - Queue management service
- apps/api/src/bullmq/queues.ts - Queue name constants
- apps/api/src/bullmq/index.ts - Barrel exports
- apps/api/src/bullmq/bullmq.service.spec.ts - Unit tests
Files Modified:
- apps/api/src/app.module.ts - Import BullMqModule
Queue Definitions:
- mosaic-jobs (main queue)
- mosaic-jobs-runner (read-only operations)
- mosaic-jobs-weaver (write operations)
- mosaic-jobs-inspector (validation operations)
Implementation:
- Reuses VALKEY_URL from environment (shared connection)
- Follows existing Valkey module patterns
- Includes health check methods
- Proper lifecycle management (init/destroy)
- Queue names use hyphens instead of colons (BullMQ requirement)
Quality Gates:
- Unit tests: 11 passing
- TypeScript: No errors
- ESLint: No violations
- Build: Successful
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-02-01 21:01:25 -06:00
51e6ad0792
feat( #131 ): add OpenTelemetry tracing infrastructure
...
Implement comprehensive distributed tracing for HTTP requests and LLM
operations using OpenTelemetry with GenAI semantic conventions.
Features:
- TelemetryService: SDK initialization with OTLP HTTP exporter
- TelemetryInterceptor: Automatic HTTP request spans
- @TraceLlmCall decorator: LLM operation tracing
- GenAI semantic conventions for model/token tracking
- Graceful degradation when tracing disabled
Instrumented:
- All HTTP requests (automatic spans)
- OllamaProvider chat/chatStream/embed operations
- Token counts, model names, durations
Environment:
- OTEL_ENABLED (default: true)
- OTEL_SERVICE_NAME (default: mosaic-api)
- OTEL_EXPORTER_OTLP_ENDPOINT (default: localhost:4318)
Tests: 23 passing with full coverage
Fixes #131
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-31 12:55:11 -06:00
Jason Woltje
271fe7bd4c
Merge: Valkey integration - Task queue service ( closes #98 )
2026-01-29 23:39:12 -06:00
Jason Woltje
da4fb72902
feat: add agent task schema and CRUD API ( closes #96 , closes #97 )
2026-01-29 23:26:22 -06:00
Jason Woltje
6b776a74d2
feat: add Valkey integration for task queue ( closes #98 )
...
- Add ioredis package dependency for Redis-compatible operations
- Create ValkeyModule as global NestJS module
- Implement ValkeyService with task queue operations:
- enqueue(task): Add tasks to FIFO queue
- dequeue(): Get next task and update to PROCESSING status
- getStatus(taskId): Retrieve task metadata and status
- updateStatus(taskId, status): Update task state (COMPLETED/FAILED)
- getQueueLength(): Monitor queue depth
- clearQueue(): Queue management utility
- healthCheck(): Verify Valkey connectivity
- Add TaskDto, EnqueueTaskDto, UpdateTaskStatusDto interfaces
- Implement TaskStatus enum (PENDING/PROCESSING/COMPLETED/FAILED)
- Add comprehensive test suite with in-memory Redis mock (20 tests)
- Integrate ValkeyModule into app.module.ts
- Valkey Docker Compose service already configured in docker-compose.yml
- VALKEY_URL environment variable already in .env.example
- Add detailed README with usage examples and API documentation
Technical Details:
- Uses FIFO queue (RPUSH/LPOP for strict ordering)
- Task metadata stored with 24-hour TTL
- Lifecycle hooks for connection management (onModuleInit/onModuleDestroy)
- Automatic retry with exponential backoff on connection errors
- Global module - no explicit imports needed
Tests verify:
- Connection initialization and health checks
- FIFO enqueue/dequeue behavior
- Status lifecycle transitions
- Concurrent task handling
- Queue management operations
- Complete task processing workflows
2026-01-29 23:25:33 -06:00
2e6b7d4070
feat( #29 ): implement cron job configuration
...
- Add CronSchedule model to Prisma schema
- Implement CronService with CRUD operations
- Add REST API endpoints for cron management
- Create MoltBot plugin skill definition (SKILL.md)
- TDD: 9 passing tests for CronService
2026-01-29 23:00:48 -06:00
Jason Woltje
540344d108
Merge develop to resolve conflicts
2026-01-29 19:45:29 -06:00
Jason Woltje
1bd21b33d7
feat( #22 ): implement brain query API
...
- Create brain module with service, controller, and DTOs
- POST /api/brain/query - Structured queries for tasks, events, projects
- GET /api/brain/context - Get current workspace context for agents
- GET /api/brain/search - Search across all entities
- Support filters: status, priority, date ranges, assignee, etc.
- 41 tests covering service (27) and controller (14)
- Integrated with AuthGuard, WorkspaceGuard, PermissionGuard
2026-01-29 19:40:30 -06:00
Jason Woltje
f706b3b982
feat( #21 ): implement ollama integration
...
- Add Ollama client library (ollama npm package)
- Create LlmService for chat completion and embeddings
- Support streaming responses via Server-Sent Events
- Add configuration via env vars (OLLAMA_HOST, OLLAMA_TIMEOUT)
- Create endpoints: GET /llm/health, GET /llm/models, POST /llm/chat, POST /llm/embed
- Replace old OllamaModule with new LlmModule
- Add comprehensive tests with >85% coverage
Closes #21
2026-01-29 19:28:31 -06:00
Jason Woltje
1e5fcd19a4
feat( #59 ): implement wiki-link parser
...
- Created wiki-link-parser.ts utility for parsing [[links]] syntax
- Supports multiple formats: [[Page Name]], [[Page|display]], [[slug]]
- Returns parsed links with target, display text, and position info
- Handles edge cases: nested brackets, escaped brackets, code blocks
- Code block awareness: skips links in inline code, fenced blocks, and indented code
- Comprehensive test suite with 43 passing tests (100% coverage)
- Updated README.md with parser documentation
Implements KNOW-007 (Issue #59 ) - Wiki-style linking foundation
2026-01-29 17:42:49 -06:00
Jason Woltje
5291fece26
feat(web): add workspace management UI (M2 #12 )
...
- Create workspace listing page at /settings/workspaces
- List all user workspaces with role badges
- Create new workspace functionality
- Display member count per workspace
- Create workspace detail page at /settings/workspaces/[id]
- Workspace settings (name, ID, created date)
- Member management with role editing
- Invite member functionality
- Delete workspace (owner only)
- Add workspace components:
- WorkspaceCard: Display workspace info with role badge
- WorkspaceSettings: Edit workspace settings and delete
- MemberList: Display and manage workspace members
- InviteMember: Send invitations with role selection
- Add WorkspaceMemberWithUser type to shared package
- Follow existing app patterns for styling and structure
- Use mock data (ready for API integration)
2026-01-29 16:59:26 -06:00
