diff options
| author | Adam Malczewski <[email protected]> | 2026-06-25 16:19:58 +0900 |
|---|---|---|
| committer | Adam Malczewski <[email protected]> | 2026-06-25 16:19:58 +0900 |
| commit | 652010b6c054b69d813e8a2c724d6db039242119 (patch) | |
| tree | b70e4dd1591381a6c017c0c02f9502474b1d612d /tasks.md | |
| parent | 350b9b8e247bb1c24f49a884fdade18e44b115eb (diff) | |
| download | dispatch-652010b6c054b69d813e8a2c724d6db039242119.tar.gz dispatch-652010b6c054b69d813e8a2c724d6db039242119.zip | |
feat(ssh): wave 5b — the ssh package (remote ExecBackend over ssh2)
Wave 5b of transparent SSH support. NEW standard extension @dispatch/ssh makes
remote execution actually work over SSH, transparently. ssh2 verified to run under
Bun (load-bearing decision #1 confirmed: connects to local sshd :22 + execs).
- config.ts: ~/.ssh/config reader via ssh-config -> Computer[]/ComputerEntry[]
(read-only discovery; resolves hostName/port/user/identityFile/knownHost).
- hostkey.ts: known_hosts auto-trust-and-pin (present->verify/reject-on-mismatch,
absent->accept+append; the accept-new analog).
- errors.ts: pure ssh2/SFTP -> node:fs-style .code error mapping (so tools'
existing ENOENT branches work unchanged).
- pool.ts: SshConnectionPool (per-alias ssh2.Client, lazy connect, keep-alive,
idle reap ~15m); key-only auth from ~/.ssh (config IdentityFile or default
id_ed25519/id_rsa); no agent-forwarding, no PTY.
- backend.ts: SshExecBackend implements ExecBackend (spawn via client.exec with
shell-quoted cwd; fs via SFTP).
- service.ts + extension.ts: activate provides BOTH handles the other units
consume — remoteExecBackendFactoryHandle (exec-backend: computerId->SshExecBackend)
AND computerServiceHandle (transport-http: listComputers/getComputer/getStatus/test).
- orchestrator: added packages/ssh to root tsconfig.json refs + bun install.
Tests: 45 pass + 6 sshd-integration skipped (it.skipIf(!process.env.SSH_TEST_HOST)).
Verified: tsc -b EXIT 0, biome clean, 1690 vitest pass (was 1641, +49).
CRs for wave 5c: host-bin registration; CR-5 transport-http barrel re-export;
CR-6 usageCount wiring (deferred-ok, defaults to 0).
Refs: notes/ssh-support-plan.md (decisions §0.5/§13). No merge or push.
Diffstat (limited to 'tasks.md')
| -rw-r--r-- | tasks.md | 15 |
1 files changed, 13 insertions, 2 deletions
@@ -35,8 +35,19 @@ owner-agents on disjoint packages). threading + the `ComputerService` seam the ssh package will provide) + `transport-ws` (computerId through chat.send/queue) + `mcp` (CR-1: preserve computerId in filter). `tsc -b` EXIT 0, biome clean, **1641 vitest** (was 1620). -- [ ] **Wave 5**: `host-bin` wiring + `ssh` package (SshConnectionPool, - SshExecBackend, ~/.ssh/config reader via ssh-config, known_hosts pinning). +- [x] **Wave 5a**: `exec-backend` — remote-backend factory handle (lazy lookup; + computerId set -> SshExecBackend via factory; absent -> clear error). +24 tests. +- [x] **Wave 5b**: `ssh` package (NEW) — SshConnectionPool (per-alias ssh2.Client, + lazy connect, keep-alive, idle reap), SshExecBackend (ssh2 exec+sftp, node:fs + .code error mapping), ~/.ssh/config reader (ssh-config), known_hosts + auto-trust-and-pin, key-only auth from ~/.ssh. LOAD-BEARING: ssh2 verified + under Bun (connected to local sshd :22, exec OK) — decision #1 confirmed. + Provides remoteExecBackendFactoryHandle + computerServiceHandle. +45 tests + (6 sshd integration tests skipped). tsc -b EXIT 0, biome clean, **1690 vitest** + (was 1641). +- [ ] **Wave 5c**: host-bin — register exec-backend + ssh extensions; CR-5 + transport-http barrel re-export of computerServiceHandle; CR-6 + usageCount wiring (deferred-ok). - [ ] **DEFERRED — cache-warming**: computerId threading intentionally NOT done (user-deferred — cache-warming is not needed right now). Known limitation: a warm probe on a remote turn assembles the tool set WITHOUT the remote-drop |