[ { "path": ".codex/skills/commit/SKILL.md", "content": "---\nname: commit\ndescription:\n Create a well-formed git commit from current changes using session history for\n rationale and summary; use when asked to commit, prepare a commit message, or\n finalize staged work.\n---\n\n# Commit\n\n## Goals\n\n- Produce a commit that reflects the actual code changes and the session\n context.\n- Follow common git conventions (type prefix, short subject, wrapped body).\n- Include both summary and rationale in the body.\n\n## Inputs\n\n- Codex session history for intent and rationale.\n- `git status`, `git diff`, and `git diff --staged` for actual changes.\n- Repo-specific commit conventions if documented.\n\n## Steps\n\n1. Read session history to identify scope, intent, and rationale.\n2. Inspect the working tree and staged changes (`git status`, `git diff`,\n `git diff --staged`).\n3. Stage intended changes, including new files (`git add -A`) after confirming\n scope.\n4. Sanity-check newly added files; if anything looks random or likely ignored\n (build artifacts, logs, temp files), flag it to the user before committing.\n5. If staging is incomplete or includes unrelated files, fix the index or ask\n for confirmation.\n6. Choose a conventional type and optional scope that match the change (e.g.,\n `feat(scope): ...`, `fix(scope): ...`, `refactor(scope): ...`).\n7. Write a subject line in imperative mood, <= 72 characters, no trailing\n period.\n8. Write a body that includes:\n - Summary of key changes (what changed).\n - Rationale and trade-offs (why it changed).\n - Tests or validation run (or explicit note if not run).\n9. Append a `Co-authored-by` trailer for Codex using `Codex `\n unless the user explicitly requests a different identity.\n10. Wrap body lines at 72 characters.\n11. Create the commit message with a here-doc or temp file and use\n `git commit -F ` so newlines are literal (avoid `-m` with `\\n`).\n12. Commit only when the message matches the staged changes: if the staged diff\n includes unrelated files or the message describes work that isn't staged,\n fix the index or revise the message before committing.\n\n## Output\n\n- A single commit created with `git commit` whose message reflects the session.\n\n## Template\n\nType and scope are examples only; adjust to fit the repo and changes.\n\n```\n(): \n\nSummary:\n- \n- \n\nRationale:\n- \n- \n\nTests:\n- \n\nCo-authored-by: Codex \n```\n" }, { "path": ".codex/skills/debug/SKILL.md", "content": "---\nname: debug\ndescription:\n Investigate stuck runs and execution failures by tracing Symphony and Codex\n logs with issue/session identifiers; use when runs stall, retry repeatedly, or\n fail unexpectedly.\n---\n\n# Debug\n\n## Goals\n\n- Find why a run is stuck, retrying, or failing.\n- Correlate Linear issue identity to a Codex session quickly.\n- Read the right logs in the right order to isolate root cause.\n\n## Log Sources\n\n- Primary runtime log: `log/symphony.log`\n - Default comes from `SymphonyElixir.LogFile` (`log/symphony.log`).\n - Includes orchestrator, agent runner, and Codex app-server lifecycle logs.\n- Rotated runtime logs: `log/symphony.log*`\n - Check these when the relevant run is older.\n\n## Correlation Keys\n\n- `issue_identifier`: human ticket key (example: `MT-625`)\n- `issue_id`: Linear UUID (stable internal ID)\n- `session_id`: Codex thread-turn pair (`-`)\n\n`elixir/docs/logging.md` requires these fields for issue/session lifecycle logs. Use\nthem as your join keys during debugging.\n\n## Quick Triage (Stuck Run)\n\n1. Confirm scheduler/worker symptoms for the ticket.\n2. Find recent lines for the ticket (`issue_identifier` first).\n3. Extract `session_id` from matching lines.\n4. Trace that `session_id` across start, stream, completion/failure, and stall\n handling logs.\n5. Decide class of failure: timeout/stall, app-server startup failure, turn\n failure, or orchestrator retry loop.\n\n## Commands\n\n```bash\n# 1) Narrow by ticket key (fastest entry point)\nrg -n \"issue_identifier=MT-625\" log/symphony.log*\n\n# 2) If needed, narrow by Linear UUID\nrg -n \"issue_id=\" log/symphony.log*\n\n# 3) Pull session IDs seen for that ticket\nrg -o \"session_id=[^ ;]+\" log/symphony.log* | sort -u\n\n# 4) Trace one session end-to-end\nrg -n \"session_id=-\" log/symphony.log*\n\n# 5) Focus on stuck/retry signals\nrg -n \"Issue stalled|scheduling retry|turn_timeout|turn_failed|Codex session failed|Codex session ended with error\" log/symphony.log*\n```\n\n## Investigation Flow\n\n1. Locate the ticket slice:\n - Search by `issue_identifier=`.\n - If noise is high, add `issue_id=`.\n2. Establish timeline:\n - Identify first `Codex session started ... session_id=...`.\n - Follow with `Codex session completed`, `ended with error`, or worker exit\n lines.\n3. Classify the problem:\n - Stall loop: `Issue stalled ... restarting with backoff`.\n - App-server startup: `Codex session failed ...`.\n - Turn execution failure: `turn_failed`, `turn_cancelled`, `turn_timeout`, or\n `ended with error`.\n - Worker crash: `Agent task exited ... reason=...`.\n4. Validate scope:\n - Check whether failures are isolated to one issue/session or repeating across\n multiple tickets.\n5. Capture evidence:\n - Save key log lines with timestamps, `issue_identifier`, `issue_id`, and\n `session_id`.\n - Record probable root cause and the exact failing stage.\n\n## Reading Codex Session Logs\n\nIn Symphony, Codex session diagnostics are emitted into `log/symphony.log` and\nkeyed by `session_id`. Read them as a lifecycle:\n\n1. `Codex session started ... session_id=...`\n2. Session stream/lifecycle events for the same `session_id`\n3. Terminal event:\n - `Codex session completed ...`, or\n - `Codex session ended with error ...`, or\n - `Issue stalled ... restarting with backoff`\n\nFor one specific session investigation, keep the trace narrow:\n\n1. Capture one `session_id` for the ticket.\n2. Build a timestamped slice for only that session:\n - `rg -n \"session_id=-\" log/symphony.log*`\n3. Mark the exact failing stage:\n - Startup failure before stream events (`Codex session failed ...`).\n - Turn/runtime failure after stream events (`turn_*` / `ended with error`).\n - Stall recovery (`Issue stalled ... restarting with backoff`).\n4. Pair findings with `issue_identifier` and `issue_id` from nearby lines to\n confirm you are not mixing concurrent retries.\n\nAlways pair session findings with `issue_identifier`/`issue_id` to avoid mixing\nconcurrent runs.\n\n## Notes\n\n- Prefer `rg` over `grep` for speed on large logs.\n- Check rotated logs (`log/symphony.log*`) before concluding data is missing.\n- If required context fields are missing in new log statements, align with\n `elixir/docs/logging.md` conventions.\n" }, { "path": ".codex/skills/land/SKILL.md", "content": "---\nname: land\ndescription:\n Land a PR by monitoring conflicts, resolving them, waiting for checks, and\n squash-merging when green; use when asked to land, merge, or shepherd a PR to\n completion.\n---\n\n# Land\n\n## Goals\n\n- Ensure the PR is conflict-free with main.\n- Keep CI green and fix failures when they occur.\n- Squash-merge the PR once checks pass.\n- Do not yield to the user until the PR is merged; keep the watcher loop running\n unless blocked.\n- No need to delete remote branches after merge; the repo auto-deletes head\n branches.\n\n## Preconditions\n\n- `gh` CLI is authenticated.\n- You are on the PR branch with a clean working tree.\n\n## Steps\n\n1. Locate the PR for the current branch.\n2. Confirm the full gauntlet is green locally before any push.\n3. If the working tree has uncommitted changes, commit with the `commit` skill\n and push with the `push` skill before proceeding.\n4. Check mergeability and conflicts against main.\n5. If conflicts exist, use the `pull` skill to fetch/merge `origin/main` and\n resolve conflicts, then use the `push` skill to publish the updated branch.\n6. Ensure Codex review comments (if present) are acknowledged and any required\n fixes are handled before merging.\n7. Watch checks until complete.\n8. If checks fail, pull logs, fix the issue, commit with the `commit` skill,\n push with the `push` skill, and re-run checks.\n9. When all checks are green and review feedback is addressed, squash-merge and\n delete the branch using the PR title/body for the merge subject/body.\n10. **Context guard:** Before implementing review feedback, confirm it does not\n conflict with the user’s stated intent or task context. If it conflicts,\n respond inline with a justification and ask the user before changing code.\n11. **Pushback template:** When disagreeing, reply inline with: acknowledge +\n rationale + offer alternative.\n12. **Ambiguity gate:** When ambiguity blocks progress, use the clarification\n flow (assign PR to current GH user, mention them, wait for response). Do not\n implement until ambiguity is resolved.\n - If you are confident you know better than the reviewer, you may proceed\n without asking the user, but reply inline with your rationale.\n13. **Per-comment mode:** For each review comment, choose one of: accept,\n clarify, or push back. Reply inline (or in the issue thread for Codex\n reviews) stating the mode before changing code.\n14. **Reply before change:** Always respond with intended action before pushing\n code changes (inline for review comments, issue thread for Codex reviews).\n\n## Commands\n\n```\n# Ensure branch and PR context\nbranch=$(git branch --show-current)\npr_number=$(gh pr view --json number -q .number)\npr_title=$(gh pr view --json title -q .title)\npr_body=$(gh pr view --json body -q .body)\n\n# Check mergeability and conflicts\nmergeable=$(gh pr view --json mergeable -q .mergeable)\n\nif [ \"$mergeable\" = \"CONFLICTING\" ]; then\n # Run the `pull` skill to handle fetch + merge + conflict resolution.\n # Then run the `push` skill to publish the updated branch.\nfi\n\n# Preferred: use the Async Watch Helper below. The manual loop is a fallback\n# when Python cannot run or the helper script is unavailable.\n# Wait for review feedback: Codex reviews arrive as issue comments that start\n# with \"## Codex Review — \". Treat them like reviewer feedback: reply\n# with a `[codex]` issue comment acknowledging the findings and whether you're\n# addressing or deferring them.\nwhile true; do\n gh api repos/{owner}/{repo}/issues/\"$pr_number\"/comments \\\n --jq '.[] | select(.body | startswith(\"## Codex Review\")) | .id' | rg -q '.' \\\n && break\n sleep 10\ndone\n\n# Watch checks\nif ! gh pr checks --watch; then\n gh pr checks\n # Identify failing run and inspect logs\n # gh run list --branch \"$branch\"\n # gh run view --log\n exit 1\nfi\n\n# Squash-merge (remote branches auto-delete on merge in this repo)\ngh pr merge --squash --subject \"$pr_title\" --body \"$pr_body\"\n```\n\n## Async Watch Helper\n\nPreferred: use the asyncio watcher to monitor review comments, CI, and head\nupdates in parallel:\n\n```\npython3 .codex/skills/land/land_watch.py\n```\n\nExit codes:\n\n- 2: Review comments detected (address feedback)\n- 3: CI checks failed\n- 4: PR head updated (autofix commit detected)\n\n## Failure Handling\n\n- If checks fail, pull details with `gh pr checks` and `gh run view --log`, then\n fix locally, commit with the `commit` skill, push with the `push` skill, and\n re-run the watch.\n- Use judgment to identify flaky failures. If a failure is a flake (e.g., a\n timeout on only one platform), you may proceed without fixing it.\n- If CI pushes an auto-fix commit (authored by GitHub Actions), it does not\n trigger a fresh CI run. Detect the updated PR head, pull locally, merge\n `origin/main` if needed, add a real author commit, and force-push to retrigger\n CI, then restart the checks loop.\n- If all jobs fail with corrupted pnpm lockfile errors on the merge commit, the\n remediation is to fetch latest `origin/main`, merge, force-push, and rerun CI.\n- If mergeability is `UNKNOWN`, wait and re-check.\n- Do not merge while review comments (human or Codex review) are outstanding.\n- Codex review jobs retry on failure and are non-blocking; use the presence of\n `## Codex Review — ` issue comments (not job status) as the signal\n that review feedback is available.\n- Do not enable auto-merge; this repo has no required checks so auto-merge can\n skip tests.\n- If the remote PR branch advanced due to your own prior force-push or merge,\n avoid redundant merges; re-run the formatter locally if needed and\n `git push --force-with-lease`.\n\n## Review Handling\n\n- Codex reviews now arrive as issue comments posted by GitHub Actions. They\n start with `## Codex Review — ` and include the reviewer’s\n methodology + guardrails used. Treat these as feedback that must be\n acknowledged before merge.\n- Human review comments are blocking and must be addressed (responded to and\n resolved) before requesting a new review or merging.\n- If multiple reviewers comment in the same thread, respond to each comment\n (batching is fine) before closing the thread.\n- Fetch review comments via `gh api` and reply with a prefixed comment.\n- Use review comment endpoints (not issue comments) to find inline feedback:\n - List PR review comments:\n ```\n gh api repos/{owner}/{repo}/pulls//comments\n ```\n - PR issue comments (top-level discussion):\n ```\n gh api repos/{owner}/{repo}/issues//comments\n ```\n - Reply to a specific review comment:\n ```\n gh api -X POST /repos/{owner}/{repo}/pulls//comments \\\n -f body='[codex] ' -F in_reply_to=\n ```\n- `in_reply_to` must be the numeric review comment id (e.g., `2710521800`), not\n the GraphQL node id (e.g., `PRRC_...`), and the endpoint must include the PR\n number (`/pulls//comments`).\n- If GraphQL review reply mutation is forbidden, use REST.\n- A 404 on reply typically means the wrong endpoint (missing PR number) or\n insufficient scope; verify by listing comments first.\n- All GitHub comments generated by this agent must be prefixed with `[codex]`.\n- For Codex review issue comments, reply in the issue thread (not a review\n thread) with `[codex]` and state whether you will address the feedback now or\n defer it (include rationale).\n- If feedback requires changes:\n - For inline review comments (human), reply with intended fixes\n (`[codex] ...`) **as an inline reply to the original review comment** using\n the review comment endpoint and `in_reply_to` (do not use issue comments for\n this).\n - Implement fixes, commit, push.\n - Reply with the fix details and commit sha (`[codex] ...`) in the same place\n you acknowledged the feedback (issue comment for Codex reviews, inline reply\n for review comments).\n - The land watcher treats Codex review issue comments as unresolved until a\n newer `[codex]` issue comment is posted acknowledging the findings.\n- Only request a new Codex review when you need a rerun (e.g., after new\n commits). Do not request one without changes since the last review.\n - Before requesting a new Codex review, re-run the land watcher and ensure\n there are zero outstanding review comments (all have `[codex]` inline\n replies).\n - After pushing new commits, the Codex review workflow will rerun on PR\n synchronization (or you can re-run the workflow manually). Post a concise\n root-level summary comment so reviewers have the latest delta:\n ```\n [codex] Changes since last review:\n - \n Commits: , \n Tests: \n ```\n - Only request a new review if there is at least one new commit since the\n previous request.\n - Wait for the next Codex review comment before merging.\n\n## Scope + PR Metadata\n\n- The PR title and description should reflect the full scope of the change, not\n just the most recent fix.\n- If review feedback expands scope, decide whether to include it now or defer\n it. You can accept, defer, or decline feedback. If deferring or declining,\n call it out in the root-level `[codex]` update with a brief reason (e.g.,\n out-of-scope, conflicts with intent, unnecessary).\n- Correctness issues raised in review comments should be addressed. If you plan\n to defer or decline a correctness concern, validate first and explain why the\n concern does not apply.\n- Classify each review comment as one of: correctness, design, style,\n clarification, scope.\n- For correctness feedback, provide concrete validation (test, log, or\n reasoning) before closing it.\n- When accepting feedback, include a one-line rationale in the root-level\n update.\n- When declining feedback, offer a brief alternative or follow-up trigger.\n- Prefer a single consolidated \"review addressed\" root-level comment after a\n batch of fixes instead of many small updates.\n- For doc feedback, confirm the doc change matches behavior (no doc-only edits\n to appease review).\n" }, { "path": ".codex/skills/land/land_watch.py", "content": "#!/usr/bin/env python3\nimport asyncio\nimport json\nimport random\nimport re\nfrom dataclasses import dataclass\nfrom datetime import datetime\nfrom typing import Any\n\nPOLL_SECONDS = 10\nCHECKS_APPEAR_TIMEOUT_SECONDS = 120\nCODEX_BOTS = {\n \"chatgpt-codex-connector[bot]\",\n \"github-actions[bot]\",\n \"codex-gc-app[bot]\",\n \"app/codex-gc-app\",\n}\nMAX_GH_RETRIES = 5\nBASE_GH_BACKOFF_SECONDS = 2\n\n\n@dataclass\nclass PrInfo:\n number: int\n url: str\n head_sha: str\n mergeable: str | None\n merge_state: str | None\n\n\nclass RateLimitError(RuntimeError):\n pass\n\n\ndef is_rate_limit_error(error: str) -> bool:\n return \"HTTP 429\" in error or \"rate limit\" in error.lower()\n\n\nasync def run_gh(*args: str) -> str:\n max_delay = BASE_GH_BACKOFF_SECONDS * (2 ** (MAX_GH_RETRIES - 1))\n delay_seconds = BASE_GH_BACKOFF_SECONDS\n last_error = \"gh command failed\"\n for attempt in range(1, MAX_GH_RETRIES + 1):\n proc = await asyncio.create_subprocess_exec(\n \"gh\",\n *args,\n stdout=asyncio.subprocess.PIPE,\n stderr=asyncio.subprocess.PIPE,\n )\n stdout, stderr = await proc.communicate()\n if proc.returncode == 0:\n return stdout.decode()\n error = stderr.decode().strip() or \"gh command failed\"\n if not is_rate_limit_error(error):\n raise RuntimeError(error)\n last_error = error\n if attempt >= MAX_GH_RETRIES:\n break\n jitter = random.uniform(0, delay_seconds)\n await asyncio.sleep(min(delay_seconds + jitter, max_delay))\n delay_seconds = min(delay_seconds * 2, max_delay)\n raise RateLimitError(last_error)\n\n\nasync def get_pr_info() -> PrInfo:\n data = await run_gh(\n \"pr\",\n \"view\",\n \"--json\",\n \"number,url,headRefOid,mergeable,mergeStateStatus\",\n )\n parsed = json.loads(data)\n return PrInfo(\n number=parsed[\"number\"],\n url=parsed[\"url\"],\n head_sha=parsed[\"headRefOid\"],\n mergeable=parsed.get(\"mergeable\"),\n merge_state=parsed.get(\"mergeStateStatus\"),\n )\n\n\nasync def get_paginated_list(endpoint: str) -> list[dict[str, Any]]:\n page = 1\n items: list[dict[str, Any]] = []\n while True:\n data = await run_gh(\n \"api\",\n \"--method\",\n \"GET\",\n endpoint,\n \"-f\",\n \"per_page=100\",\n \"-f\",\n f\"page={page}\",\n )\n batch = json.loads(data)\n if not batch:\n break\n items.extend(batch)\n page += 1\n return items\n\n\nasync def get_issue_comments(pr_number: int) -> list[dict[str, Any]]:\n return await get_paginated_list(\n f\"repos/{{owner}}/{{repo}}/issues/{pr_number}/comments\",\n )\n\n\nasync def get_review_comments(pr_number: int) -> list[dict[str, Any]]:\n return await get_paginated_list(\n f\"repos/{{owner}}/{{repo}}/pulls/{pr_number}/comments\",\n )\n\n\nasync def get_reviews(pr_number: int) -> list[dict[str, Any]]:\n page = 1\n reviews: list[dict[str, Any]] = []\n while True:\n data = await run_gh(\n \"api\",\n \"--method\",\n \"GET\",\n f\"repos/{{owner}}/{{repo}}/pulls/{pr_number}/reviews\",\n \"-f\",\n \"per_page=100\",\n \"-f\",\n f\"page={page}\",\n )\n batch = json.loads(data)\n if not batch:\n break\n reviews.extend(batch)\n page += 1\n return reviews\n\n\nasync def get_check_runs(head_sha: str) -> list[dict[str, Any]]:\n page = 1\n check_runs: list[dict[str, Any]] = []\n while True:\n data = await run_gh(\n \"api\",\n \"--method\",\n \"GET\",\n f\"repos/{{owner}}/{{repo}}/commits/{head_sha}/check-runs\",\n \"-f\",\n \"per_page=100\",\n \"-f\",\n f\"page={page}\",\n )\n payload = json.loads(data)\n batch = payload.get(\"check_runs\", [])\n if not batch:\n break\n check_runs.extend(batch)\n total_count = payload.get(\"total_count\")\n if total_count is not None and len(check_runs) >= total_count:\n break\n page += 1\n return check_runs\n\n\ndef parse_time(value: str) -> datetime:\n normalized = value.replace(\"Z\", \"+00:00\")\n return datetime.fromisoformat(normalized)\n\n\nCONTROL_CHARS_RE = re.compile(r\"[\\x00-\\x08\\x0b-\\x1f\\x7f-\\x9f]\")\n\n\ndef sanitize_terminal_output(value: str) -> str:\n return CONTROL_CHARS_RE.sub(\"\", value)\n\n\ndef check_timestamp(check: dict[str, Any]) -> datetime | None:\n for key in (\"completed_at\", \"started_at\", \"run_started_at\", \"created_at\"):\n value = check.get(key)\n if value:\n return parse_time(value)\n return None\n\n\ndef dedupe_check_runs(check_runs: list[dict[str, Any]]) -> list[dict[str, Any]]:\n latest_by_name: dict[str, dict[str, Any]] = {}\n for check in check_runs:\n name = check.get(\"name\", \"unknown\")\n timestamp = check_timestamp(check)\n if name not in latest_by_name:\n latest_by_name[name] = check\n continue\n existing = latest_by_name[name]\n existing_timestamp = check_timestamp(existing)\n if timestamp is None:\n continue\n if existing_timestamp is None or timestamp > existing_timestamp:\n latest_by_name[name] = check\n return list(latest_by_name.values())\n\n\ndef summarize_checks(check_runs: list[dict[str, Any]]) -> tuple[bool, bool, list[str]]:\n if not check_runs:\n return True, False, [\"no checks reported\"]\n check_runs = dedupe_check_runs(check_runs)\n pending = False\n failed = False\n failures: list[str] = []\n for check in check_runs:\n status = check.get(\"status\")\n conclusion = check.get(\"conclusion\")\n name = check.get(\"name\", \"unknown\")\n if status != \"completed\":\n pending = True\n continue\n if conclusion not in (\"success\", \"skipped\", \"neutral\"):\n failed = True\n failures.append(f\"{name}: {conclusion}\")\n return pending, failed, failures\n\n\ndef latest_review_request_at(comments: list[dict[str, Any]]) -> datetime | None:\n latest: datetime | None = None\n for comment in comments:\n if is_codex_bot_user(comment.get(\"user\", {})):\n continue\n body = comment.get(\"body\") or \"\"\n if \"@codex review\" not in body:\n continue\n timestamp = comment_time(comment)\n if timestamp is None:\n continue\n if latest is None or timestamp > latest:\n latest = timestamp\n return latest\n\n\ndef filter_codex_comments(\n comments: list[dict[str, Any]],\n review_requested_at: datetime | None,\n) -> list[dict[str, Any]]:\n latest_codex_reply = latest_codex_reply_by_thread(comments)\n latest_issue_ack = latest_codex_issue_reply_time(comments)\n codex_comments = [c for c in comments if is_codex_bot_user(c.get(\"user\", {}))]\n filtered: list[dict[str, Any]] = []\n for comment in codex_comments:\n created_time = comment_time(comment)\n if created_time is None:\n continue\n if review_requested_at is not None and created_time <= review_requested_at:\n continue\n is_threaded = bool(\n comment.get(\"in_reply_to_id\") or comment.get(\"pull_request_review_id\")\n )\n if not is_threaded:\n if latest_issue_ack is not None and created_time <= latest_issue_ack:\n continue\n else:\n thread_root = thread_root_id(comment)\n last_reply = None\n if thread_root is not None:\n last_reply = latest_codex_reply.get(thread_root)\n if last_reply and last_reply > created_time:\n continue\n filtered.append(comment)\n return filtered\n\n\ndef is_codex_bot_user(user: dict[str, Any]) -> bool:\n login = user.get(\"login\") or \"\"\n return login in CODEX_BOTS\n\n\ndef is_bot_user(user: dict[str, Any]) -> bool:\n login = user.get(\"login\") or \"\"\n if is_codex_bot_user(user):\n return True\n if user.get(\"type\") == \"Bot\":\n return True\n return login.endswith(\"[bot]\")\n\n\ndef is_codex_reply_body(body: str) -> bool:\n return body.startswith(\"[codex]\")\n\n\ndef is_codex_review_body(body: str) -> bool:\n return body.startswith(\"## Codex Review\")\n\n\ndef latest_codex_issue_reply_time(\n comments: list[dict[str, Any]],\n) -> datetime | None:\n latest: datetime | None = None\n for comment in comments:\n body = (comment.get(\"body\") or \"\").strip()\n if not is_codex_reply_body(body):\n continue\n created_time = comment_time(comment)\n if created_time is None:\n continue\n if latest is None or created_time > latest:\n latest = created_time\n return latest\n\n\ndef filter_human_issue_comments(comments: list[dict[str, Any]]) -> list[dict[str, Any]]:\n latest_ack = latest_codex_issue_reply_time(comments)\n filtered: list[dict[str, Any]] = []\n for comment in comments:\n if is_bot_user(comment.get(\"user\", {})):\n continue\n body = (comment.get(\"body\") or \"\").strip()\n if is_codex_reply_body(body):\n continue\n if is_codex_review_body(body):\n continue\n if \"@codex review\" in body:\n continue\n created_time = comment_time(comment)\n if (\n latest_ack is not None\n and created_time is not None\n and created_time <= latest_ack\n ):\n continue\n filtered.append(comment)\n return filtered\n\n\ndef filter_codex_review_issue_comments(\n comments: list[dict[str, Any]],\n) -> list[dict[str, Any]]:\n latest_ack = latest_codex_issue_reply_time(comments)\n filtered: list[dict[str, Any]] = []\n for comment in comments:\n body = (comment.get(\"body\") or \"\").strip()\n if not is_codex_review_body(body):\n continue\n created_time = comment_time(comment)\n if (\n latest_ack is not None\n and created_time is not None\n and created_time <= latest_ack\n ):\n continue\n filtered.append(comment)\n return filtered\n\n\ndef thread_root_id(comment: dict[str, Any]) -> int | None:\n return comment.get(\"in_reply_to_id\") or comment.get(\"id\")\n\n\ndef comment_time(comment: dict[str, Any]) -> datetime | None:\n timestamp = comment.get(\"updated_at\") or comment.get(\"created_at\")\n if not timestamp:\n return None\n return parse_time(timestamp)\n\n\ndef latest_codex_reply_by_thread(\n comments: list[dict[str, Any]],\n) -> dict[int, datetime]:\n latest: dict[int, datetime] = {}\n for comment in comments:\n body = (comment.get(\"body\") or \"\").strip()\n if not is_codex_reply_body(body):\n continue\n thread_root = thread_root_id(comment)\n created_time = comment_time(comment)\n if thread_root is None or created_time is None:\n continue\n existing = latest.get(thread_root)\n if existing is None or created_time > existing:\n latest[thread_root] = created_time\n return latest\n\n\ndef filter_human_review_comments(\n comments: list[dict[str, Any]],\n) -> list[dict[str, Any]]:\n latest_codex_reply = latest_codex_reply_by_thread(comments)\n filtered: list[dict[str, Any]] = []\n for comment in comments:\n if is_bot_user(comment.get(\"user\", {})):\n continue\n body = (comment.get(\"body\") or \"\").strip()\n if is_codex_reply_body(body):\n continue\n thread_root = thread_root_id(comment)\n created_time = comment_time(comment)\n last_codex_reply = None\n if thread_root is not None:\n last_codex_reply = latest_codex_reply.get(thread_root)\n if last_codex_reply and created_time and created_time <= last_codex_reply:\n continue\n filtered.append(comment)\n return filtered\n\n\ndef is_blocking_review(\n review: dict[str, Any],\n review_requested_at: datetime | None,\n) -> bool:\n created_at = review.get(\"submitted_at\") or review.get(\"created_at\")\n if not created_at:\n return False\n user_login = review.get(\"user\", {}).get(\"login\")\n created_time = parse_time(created_at)\n if (\n user_login in CODEX_BOTS\n and review_requested_at is not None\n and created_time <= review_requested_at\n ):\n return False\n body = (review.get(\"body\") or \"\").strip()\n state = review.get(\"state\")\n if user_login in CODEX_BOTS:\n return state == \"CHANGES_REQUESTED\"\n if body.startswith(\"[codex]\") or state in (\"APPROVED\", \"DISMISSED\"):\n return False\n blocking = False\n if body or state == \"CHANGES_REQUESTED\":\n blocking = True\n elif state == \"COMMENTED\":\n blocking = False\n elif state:\n blocking = state not in (\"APPROVED\", \"DISMISSED\")\n return blocking\n\n\ndef review_timestamp(review: dict[str, Any]) -> datetime | None:\n created_at = review.get(\"submitted_at\") or review.get(\"created_at\")\n if not created_at:\n return None\n return parse_time(created_at)\n\n\ndef dedupe_reviews(reviews: list[dict[str, Any]]) -> list[dict[str, Any]]:\n latest_by_user: dict[str, dict[str, Any]] = {}\n for review in reviews:\n user_login = review.get(\"user\", {}).get(\"login\")\n if not user_login:\n continue\n timestamp = review_timestamp(review)\n if user_login not in latest_by_user:\n latest_by_user[user_login] = review\n continue\n existing = latest_by_user[user_login]\n existing_timestamp = review_timestamp(existing)\n if timestamp is None:\n continue\n if existing_timestamp is None or timestamp > existing_timestamp:\n latest_by_user[user_login] = review\n return list(latest_by_user.values())\n\n\ndef filter_blocking_reviews(\n reviews: list[dict[str, Any]],\n review_requested_at: datetime | None,\n) -> list[dict[str, Any]]:\n return [\n review\n for review in dedupe_reviews(reviews)\n if is_blocking_review(review, review_requested_at)\n ]\n\n\ndef is_merge_conflicting(pr: PrInfo) -> bool:\n return pr.mergeable == \"CONFLICTING\" or pr.merge_state == \"DIRTY\"\n\n\nasync def fetch_review_context(\n pr_number: int,\n) -> tuple[\n list[dict[str, Any]],\n list[dict[str, Any]],\n list[dict[str, Any]],\n datetime | None,\n]:\n issue_comments = await get_issue_comments(pr_number)\n review_request_at = latest_review_request_at(issue_comments)\n review_comments = await get_review_comments(pr_number)\n reviews = await get_reviews(pr_number)\n return issue_comments, review_comments, reviews, review_request_at\n\n\ndef raise_on_human_feedback(\n issue_comments: list[dict[str, Any]],\n review_comments: list[dict[str, Any]],\n reviews: list[dict[str, Any]],\n review_request_at: datetime | None,\n) -> None:\n human_issue_comments = filter_human_issue_comments(issue_comments)\n codex_review_comments = filter_codex_review_issue_comments(issue_comments)\n human_review_comments = filter_human_review_comments(review_comments)\n if human_issue_comments or human_review_comments or codex_review_comments:\n print(\"Review comments detected. Address before merge.\")\n print(\n \"Reminder: decide whether feedback stays in scope; defer if needed \"\n \"and note in your root-level update.\",\n )\n raise SystemExit(2)\n blocking_reviews = filter_blocking_reviews(reviews, review_request_at)\n if blocking_reviews:\n print(\"Review states/comments detected. Address before merge.\")\n print(\n \"Reminder: keep PR title/description aligned with the full scope \"\n \"when changes expand.\",\n )\n raise SystemExit(2)\n\n\nasync def wait_for_codex(pr_number: int, checks_done: asyncio.Event) -> None:\n print(\"Waiting for review feedback...\", flush=True)\n while True:\n (\n issue_comments,\n review_comments,\n reviews,\n review_request_at,\n ) = await fetch_review_context(pr_number)\n bot_issue_comments = filter_codex_comments(issue_comments, review_request_at)\n bot_review_comments = filter_codex_comments(review_comments, review_request_at)\n bot_comments = bot_issue_comments + bot_review_comments\n raise_on_human_feedback(\n issue_comments,\n review_comments,\n reviews,\n review_request_at,\n )\n if bot_comments:\n latest = max(\n bot_comments,\n key=lambda comment: parse_time(comment[\"created_at\"]),\n )\n body = sanitize_terminal_output(latest.get(\"body\") or \"\").strip()\n if body:\n print(\"Codex left comments. Address feedback before merge.\")\n print(body)\n raise SystemExit(2)\n if checks_done.is_set():\n return\n await asyncio.sleep(POLL_SECONDS)\n\n\nasync def wait_for_checks(head_sha: str, checks_done: asyncio.Event) -> None:\n print(\"Waiting for CI checks...\", flush=True)\n empty_seconds = 0\n while True:\n check_runs = await get_check_runs(head_sha)\n if not check_runs:\n empty_seconds += POLL_SECONDS\n if empty_seconds >= CHECKS_APPEAR_TIMEOUT_SECONDS:\n print(\n \"No checks detected after 120s; check CI configuration\",\n )\n raise SystemExit(3)\n await asyncio.sleep(POLL_SECONDS)\n continue\n empty_seconds = 0\n pending, failed, failures = summarize_checks(check_runs)\n if failed:\n print(\"Checks failed:\")\n for failure in failures:\n print(f\"- {failure}\")\n raise SystemExit(3)\n if not pending:\n print(\"Checks passed\")\n checks_done.set()\n return\n await asyncio.sleep(POLL_SECONDS)\n\n\nasync def watch_pr() -> None:\n pr = await get_pr_info()\n if is_merge_conflicting(pr):\n print(\n \"PR has merge conflicts. Resolve/rebase against main and push before \"\n \"running land_watch again.\",\n )\n raise SystemExit(5)\n head_sha = pr.head_sha\n checks_done = asyncio.Event()\n codex_task = asyncio.create_task(wait_for_codex(pr.number, checks_done))\n checks_task = asyncio.create_task(wait_for_checks(head_sha, checks_done))\n\n async def head_monitor() -> None:\n while True:\n current = await get_pr_info()\n if is_merge_conflicting(current):\n print(\n \"PR has merge conflicts. Resolve/rebase against main and push \"\n \"before running land_watch again.\",\n )\n raise SystemExit(5)\n if current.head_sha != head_sha:\n print(\"PR head updated; pull/amend/force-push to retrigger CI\")\n raise SystemExit(4)\n await asyncio.sleep(POLL_SECONDS)\n\n monitor_task = asyncio.create_task(head_monitor())\n success_task = asyncio.gather(codex_task, checks_task)\n\n done, pending = await asyncio.wait(\n [monitor_task, success_task],\n return_when=asyncio.FIRST_COMPLETED,\n )\n for task in pending:\n task.cancel()\n for task in done:\n exc = task.exception()\n if exc:\n raise exc\n\n\nif __name__ == \"__main__\":\n try:\n asyncio.run(watch_pr())\n except SystemExit as exc:\n raise SystemExit(exc.code) from None\n" }, { "path": ".codex/skills/linear/SKILL.md", "content": "---\nname: linear\ndescription: |\n Use Symphony's `linear_graphql` client tool for raw Linear GraphQL\n operations such as comment editing and upload flows.\n---\n\n# Linear GraphQL\n\nUse this skill for raw Linear GraphQL work during Symphony app-server sessions.\n\n## Primary tool\n\nUse the `linear_graphql` client tool exposed by Symphony's app-server session.\nIt reuses Symphony's configured Linear auth for the session.\n\nTool input:\n\n```json\n{\n \"query\": \"query or mutation document\",\n \"variables\": {\n \"optional\": \"graphql variables object\"\n }\n}\n```\n\nTool behavior:\n\n- Send one GraphQL operation per tool call.\n- Treat a top-level `errors` array as a failed GraphQL operation even if the\n tool call itself completed.\n- Keep queries/mutations narrowly scoped; ask only for the fields you need.\n\n## Discovering unfamiliar operations\n\nWhen you need an unfamiliar mutation, input type, or object field, use targeted\nintrospection through `linear_graphql`.\n\nList mutation names:\n\n```graphql\nquery ListMutations {\n __type(name: \"Mutation\") {\n fields {\n name\n }\n }\n}\n```\n\nInspect a specific input object:\n\n```graphql\nquery CommentCreateInputShape {\n __type(name: \"CommentCreateInput\") {\n inputFields {\n name\n type {\n kind\n name\n ofType {\n kind\n name\n }\n }\n }\n }\n}\n```\n\n## Common workflows\n\n### Query an issue by key, identifier, or id\n\nUse these progressively:\n\n- Start with `issue(id: $key)` when you have a ticket key such as `MT-686`.\n- Fall back to `issues(filter: ...)` when you need identifier search semantics.\n- Once you have the internal issue id, prefer `issue(id: $id)` for narrower reads.\n\nLookup by issue key:\n\n```graphql\nquery IssueByKey($key: String!) {\n issue(id: $key) {\n id\n identifier\n title\n state {\n id\n name\n type\n }\n project {\n id\n name\n }\n branchName\n url\n description\n updatedAt\n links {\n nodes {\n id\n url\n title\n }\n }\n }\n}\n```\n\nLookup by identifier filter:\n\n```graphql\nquery IssueByIdentifier($identifier: String!) {\n issues(filter: { identifier: { eq: $identifier } }, first: 1) {\n nodes {\n id\n identifier\n title\n state {\n id\n name\n type\n }\n project {\n id\n name\n }\n branchName\n url\n description\n updatedAt\n }\n }\n}\n```\n\nResolve a key to an internal id:\n\n```graphql\nquery IssueByIdOrKey($id: String!) {\n issue(id: $id) {\n id\n identifier\n title\n }\n}\n```\n\nRead the issue once the internal id is known:\n\n```graphql\nquery IssueDetails($id: String!) {\n issue(id: $id) {\n id\n identifier\n title\n url\n description\n state {\n id\n name\n type\n }\n project {\n id\n name\n }\n attachments {\n nodes {\n id\n title\n url\n sourceType\n }\n }\n }\n}\n```\n\n### Query team workflow states for an issue\n\nUse this before changing issue state when you need the exact `stateId`:\n\n```graphql\nquery IssueTeamStates($id: String!) {\n issue(id: $id) {\n id\n team {\n id\n key\n name\n states {\n nodes {\n id\n name\n type\n }\n }\n }\n }\n}\n```\n\n### Edit an existing comment\n\nUse `commentUpdate` through `linear_graphql`:\n\n```graphql\nmutation UpdateComment($id: String!, $body: String!) {\n commentUpdate(id: $id, input: { body: $body }) {\n success\n comment {\n id\n body\n }\n }\n}\n```\n\n### Create a comment\n\nUse `commentCreate` through `linear_graphql`:\n\n```graphql\nmutation CreateComment($issueId: String!, $body: String!) {\n commentCreate(input: { issueId: $issueId, body: $body }) {\n success\n comment {\n id\n url\n }\n }\n}\n```\n\n### Move an issue to a different state\n\nUse `issueUpdate` with the destination `stateId`:\n\n```graphql\nmutation MoveIssueToState($id: String!, $stateId: String!) {\n issueUpdate(id: $id, input: { stateId: $stateId }) {\n success\n issue {\n id\n identifier\n state {\n id\n name\n }\n }\n }\n}\n```\n\n### Attach a GitHub PR to an issue\n\nUse the GitHub-specific attachment mutation when linking a PR:\n\n```graphql\nmutation AttachGitHubPR($issueId: String!, $url: String!, $title: String) {\n attachmentLinkGitHubPR(\n issueId: $issueId\n url: $url\n title: $title\n linkKind: links\n ) {\n success\n attachment {\n id\n title\n url\n }\n }\n}\n```\n\nIf you only need a plain URL attachment and do not care about GitHub-specific\nlink metadata, use:\n\n```graphql\nmutation AttachURL($issueId: String!, $url: String!, $title: String) {\n attachmentLinkURL(issueId: $issueId, url: $url, title: $title) {\n success\n attachment {\n id\n title\n url\n }\n }\n}\n```\n\n### Introspection patterns used during schema discovery\n\nUse these when the exact field or mutation shape is unclear:\n\n```graphql\nquery QueryFields {\n __type(name: \"Query\") {\n fields {\n name\n }\n }\n}\n```\n\n```graphql\nquery IssueFieldArgs {\n __type(name: \"Query\") {\n fields {\n name\n args {\n name\n type {\n kind\n name\n ofType {\n kind\n name\n ofType {\n kind\n name\n }\n }\n }\n }\n }\n }\n}\n```\n\n### Upload a video to a comment\n\nDo this in three steps:\n\n1. Call `linear_graphql` with `fileUpload` to get `uploadUrl`, `assetUrl`, and\n any required upload headers.\n2. Upload the local file bytes to `uploadUrl` with `curl -X PUT` and the exact\n headers returned by `fileUpload`.\n3. Call `linear_graphql` again with `commentCreate` (or `commentUpdate`) and\n include the resulting `assetUrl` in the comment body.\n\nUseful mutations:\n\n```graphql\nmutation FileUpload(\n $filename: String!\n $contentType: String!\n $size: Int!\n $makePublic: Boolean\n) {\n fileUpload(\n filename: $filename\n contentType: $contentType\n size: $size\n makePublic: $makePublic\n ) {\n success\n uploadFile {\n uploadUrl\n assetUrl\n headers {\n key\n value\n }\n }\n }\n}\n```\n\n## Usage rules\n\n- Use `linear_graphql` for comment edits, uploads, and ad-hoc Linear API\n queries.\n- Prefer the narrowest issue lookup that matches what you already know:\n key -> identifier search -> internal id.\n- For state transitions, fetch team states first and use the exact `stateId`\n instead of hardcoding names inside mutations.\n- Prefer `attachmentLinkGitHubPR` over a generic URL attachment when linking a\n GitHub PR to a Linear issue.\n- Do not introduce new raw-token shell helpers for GraphQL access.\n- If you need shell work for uploads, only use it for signed upload URLs\n returned by `fileUpload`; those URLs already carry the needed authorization.\n" }, { "path": ".codex/skills/pull/SKILL.md", "content": "---\nname: pull\ndescription:\n Pull latest origin/main into the current local branch and resolve merge\n conflicts (aka update-branch). Use when Codex needs to sync a feature branch\n with origin, perform a merge-based update (not rebase), and guide conflict\n resolution best practices.\n---\n\n# Pull\n\n## Workflow\n\n1. Verify git status is clean or commit/stash changes before merging.\n2. Ensure rerere is enabled locally:\n - `git config rerere.enabled true`\n - `git config rerere.autoupdate true`\n3. Confirm remotes and branches:\n - Ensure the `origin` remote exists.\n - Ensure the current branch is the one to receive the merge.\n4. Fetch latest refs:\n - `git fetch origin`\n5. Sync the remote feature branch first:\n - `git pull --ff-only origin $(git branch --show-current)`\n - This pulls branch updates made remotely (for example, a GitHub auto-commit)\n before merging `origin/main`.\n6. Merge in order:\n - Prefer `git -c merge.conflictstyle=zdiff3 merge origin/main` for clearer\n conflict context.\n7. If conflicts appear, resolve them (see conflict guidance below), then:\n - `git add `\n - `git commit` (or `git merge --continue` if the merge is paused)\n8. Verify with project checks (follow repo policy in `AGENTS.md`).\n9. Summarize the merge:\n - Call out the most challenging conflicts/files and how they were resolved.\n - Note any assumptions or follow-ups.\n\n## Conflict Resolution Guidance (Best Practices)\n\n- Inspect context before editing:\n - Use `git status` to list conflicted files.\n - Use `git diff` or `git diff --merge` to see conflict hunks.\n - Use `git diff :1:path/to/file :2:path/to/file` and\n `git diff :1:path/to/file :3:path/to/file` to compare base vs ours/theirs\n for a file-level view of intent.\n - With `merge.conflictstyle=zdiff3`, conflict markers include:\n - `<<<<<<<` ours, `|||||||` base, `=======` split, `>>>>>>>` theirs.\n - Matching lines near the start/end are trimmed out of the conflict region,\n so focus on the differing core.\n - Summarize the intent of both changes, decide the semantically correct\n outcome, then edit:\n - State what each side is trying to achieve (bug fix, refactor, rename,\n behavior change).\n - Identify the shared goal, if any, and whether one side supersedes the\n other.\n - Decide the final behavior first; only then craft the code to match that\n decision.\n - Prefer preserving invariants, API contracts, and user-visible behavior\n unless the conflict clearly indicates a deliberate change.\n - Open files and understand intent on both sides before choosing a resolution.\n- Prefer minimal, intention-preserving edits:\n - Keep behavior consistent with the branch’s purpose.\n - Avoid accidental deletions or silent behavior changes.\n- Resolve one file at a time and rerun tests after each logical batch.\n- Use `ours/theirs` only when you are certain one side should win entirely.\n- For complex conflicts, search for related files or definitions to align with\n the rest of the codebase.\n- For generated files, resolve non-generated conflicts first, then regenerate:\n - Prefer resolving source files and handwritten logic before touching\n generated artifacts.\n - Run the CLI/tooling command that produced the generated file to recreate it\n cleanly, then stage the regenerated output.\n- For import conflicts where intent is unclear, accept both sides first:\n - Keep all candidate imports temporarily, finish the merge, then run lint/type\n checks to remove unused or incorrect imports safely.\n- After resolving, ensure no conflict markers remain:\n - `git diff --check`\n- When unsure, note assumptions and ask for confirmation before finalizing the\n merge.\n\n## When To Ask The User (Keep To A Minimum)\n\nDo not ask for input unless there is no safe, reversible alternative. Prefer\nmaking a best-effort decision, documenting the rationale, and proceeding.\n\nAsk the user only when:\n\n- The correct resolution depends on product intent or behavior not inferable\n from code, tests, or nearby documentation.\n- The conflict crosses a user-visible contract, API surface, or migration where\n choosing incorrectly could break external consumers.\n- A conflict requires selecting between two mutually exclusive designs with\n equivalent technical merit and no clear local signal.\n- The merge introduces data loss, schema changes, or irreversible side effects\n without an obvious safe default.\n- The branch is not the intended target, or the remote/branch names do not exist\n and cannot be determined locally.\n\nOtherwise, proceed with the merge, explain the decision briefly in notes, and\nleave a clear, reviewable commit history.\n" }, { "path": ".codex/skills/push/SKILL.md", "content": "---\nname: push\ndescription:\n Push current branch changes to origin and create or update the corresponding\n pull request; use when asked to push, publish updates, or create pull request.\n---\n\n# Push\n\n## Prerequisites\n\n- `gh` CLI is installed and available in `PATH`.\n- `gh auth status` succeeds for GitHub operations in this repo.\n\n## Goals\n\n- Push current branch changes to `origin` safely.\n- Create a PR if none exists for the branch, otherwise update the existing PR.\n- Keep branch history clean when remote has moved.\n\n## Related Skills\n\n- `pull`: use this when push is rejected or sync is not clean (non-fast-forward,\n merge conflict risk, or stale branch).\n\n## Steps\n\n1. Identify current branch and confirm remote state.\n2. Run local validation (`make -C elixir all`) before pushing.\n3. Push branch to `origin` with upstream tracking if needed, using whatever\n remote URL is already configured.\n4. If push is not clean/rejected:\n - If the failure is a non-fast-forward or sync problem, run the `pull`\n skill to merge `origin/main`, resolve conflicts, and rerun validation.\n - Push again; use `--force-with-lease` only when history was rewritten.\n - If the failure is due to auth, permissions, or workflow restrictions on\n the configured remote, stop and surface the exact error instead of\n rewriting remotes or switching protocols as a workaround.\n\n5. Ensure a PR exists for the branch:\n - If no PR exists, create one.\n - If a PR exists and is open, update it.\n - If branch is tied to a closed/merged PR, create a new branch + PR.\n - Write a proper PR title that clearly describes the change outcome\n - For branch updates, explicitly reconsider whether current PR title still\n matches the latest scope; update it if it no longer does.\n6. Write/update PR body explicitly using `.github/pull_request_template.md`:\n - Fill every section with concrete content for this change.\n - Replace all placeholder comments (``).\n - Keep bullets/checkboxes where template expects them.\n - If PR already exists, refresh body content so it reflects the total PR\n scope (all intended work on the branch), not just the newest commits,\n including newly added work, removed work, or changed approach.\n - Do not reuse stale description text from earlier iterations.\n7. Validate PR body with `mix pr_body.check` and fix all reported issues.\n8. Reply with the PR URL from `gh pr view`.\n\n## Commands\n\n```sh\n# Identify branch\nbranch=$(git branch --show-current)\n\n# Minimal validation gate\nmake -C elixir all\n\n# Initial push: respect the current origin remote.\ngit push -u origin HEAD\n\n# If that failed because the remote moved, use the pull skill. After\n# pull-skill resolution and re-validation, retry the normal push:\ngit push -u origin HEAD\n\n# If the configured remote rejects the push for auth, permissions, or workflow\n# restrictions, stop and surface the exact error.\n\n# Only if history was rewritten locally:\ngit push --force-with-lease origin HEAD\n\n# Ensure a PR exists (create only if missing)\npr_state=$(gh pr view --json state -q .state 2>/dev/null || true)\nif [ \"$pr_state\" = \"MERGED\" ] || [ \"$pr_state\" = \"CLOSED\" ]; then\n echo \"Current branch is tied to a closed PR; create a new branch + PR.\" >&2\n exit 1\nfi\n\n# Write a clear, human-friendly title that summarizes the shipped change.\npr_title=\"\"\nif [ -z \"$pr_state\" ]; then\n gh pr create --title \"$pr_title\"\nelse\n # Reconsider title on every branch update; edit if scope shifted.\n gh pr edit --title \"$pr_title\"\nfi\n\n# Write/edit PR body to match .github/pull_request_template.md before validation.\n# Example workflow:\n# 1) open the template and draft body content for this PR\n# 2) gh pr edit --body-file /tmp/pr_body.md\n# 3) for branch updates, re-check that title/body still match current diff\n\ntmp_pr_body=$(mktemp)\ngh pr view --json body -q .body > \"$tmp_pr_body\"\n(cd elixir && mix pr_body.check --file \"$tmp_pr_body\")\nrm -f \"$tmp_pr_body\"\n\n# Show PR URL for the reply\ngh pr view --json url -q .url\n```\n\n## Notes\n\n- Do not use `--force`; only use `--force-with-lease` as the last resort.\n- Distinguish sync problems from remote auth/permission problems:\n - Use the `pull` skill for non-fast-forward or stale-branch issues.\n - Surface auth, permissions, or workflow restrictions directly instead of\n changing remotes or protocols.\n" }, { "path": ".codex/worktree_init.sh", "content": "#!/usr/bin/env bash\nset -eo pipefail\n\nscript_dir=\"$(cd \"$(dirname \"$0\")\" && pwd)\"\nrepo_root=\"$(cd \"$script_dir/..\" && pwd)\"\nproject_root=\"$repo_root/elixir\"\n\nif ! command -v mise >/dev/null 2>&1; then\n echo \"mise is required. Install it from https://mise.jdx.dev/getting-started.html\" >&2\n exit 1\nfi\n\ncd \"$project_root\"\nmise trust\n\nmake setup\n" }, { "path": ".github/pull_request_template.md", "content": "#### Context\n\n\n\n#### TL;DR\n\n**\n\n#### Summary\n\n- \n- \n- \n\n#### Alternatives\n\n- \n\n#### Test Plan\n\n- [ ] `make -C elixir all`\n- [ ] \n" }, { "path": ".github/workflows/make-all.yml", "content": "name: make-all\n\non:\n pull_request:\n push:\n branches:\n - main\n\njobs:\n make-all:\n runs-on: ubuntu-latest\n defaults:\n run:\n working-directory: elixir\n\n steps:\n - name: Checkout\n uses: actions/checkout@v4\n\n - name: Set up mise tools\n uses: jdx/mise-action@v3\n with:\n install: true\n cache: true\n working_directory: elixir\n\n - name: Cache deps and build\n uses: actions/cache@v4\n with:\n path: |\n elixir/deps\n elixir/_build\n key: ${{ runner.os }}-mix-${{ hashFiles('elixir/mix.lock') }}\n restore-keys: |\n ${{ runner.os }}-mix-\n\n - name: Verify make all\n run: make all\n" }, { "path": ".github/workflows/pr-description-lint.yml", "content": "name: pr-description-lint\n\non:\n pull_request:\n types: [opened, edited, reopened, synchronize, ready_for_review]\n\njobs:\n validate-pr-description:\n runs-on: ubuntu-latest\n defaults:\n run:\n working-directory: elixir\n\n steps:\n - name: Checkout\n uses: actions/checkout@v4\n\n - name: Set up mise tools\n uses: jdx/mise-action@v3\n with:\n install: true\n cache: true\n working_directory: elixir\n\n - name: Validate PR description format\n env:\n PR_BODY_JSON: ${{ toJson(github.event.pull_request.body) }}\n run: |\n mix local.hex --force\n mix local.rebar --force\n mix deps.get\n printf '%s' \"$PR_BODY_JSON\" | jq -r '.' > /tmp/pr_body.md\n mix pr_body.check --file /tmp/pr_body.md\n" }, { "path": "LICENSE", "content": " Apache License\n Version 2.0, January 2004\n http://www.apache.org/licenses/\n\n TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION\n\n 1. Definitions.\n\n \"License\" shall mean the terms and conditions for use, reproduction,\n and distribution as defined by Sections 1 through 9 of this document.\n\n \"Licensor\" shall mean the copyright owner or entity authorized by\n the copyright owner that is granting the License.\n\n \"Legal Entity\" shall mean the union of the acting entity and all\n other entities that control, are controlled by, or are under common\n control with that entity. For the purposes of this definition,\n \"control\" means (i) the power, direct or indirect, to cause the\n direction or management of such entity, whether by contract or\n otherwise, or (ii) ownership of fifty percent (50%) or more of the\n outstanding shares, or (iii) beneficial ownership of such entity.\n\n \"You\" (or \"Your\") shall mean an individual or Legal Entity\n exercising permissions granted by this License.\n\n \"Source\" form shall mean the preferred form for making modifications,\n including but not limited to software source code, documentation\n source, and configuration files.\n\n \"Object\" form shall mean any form resulting from mechanical\n transformation or translation of a Source form, including but\n not limited to compiled object code, generated documentation,\n and conversions to other media types.\n\n \"Work\" shall mean the work of authorship, whether in Source or\n Object form, made available under the License, as indicated by a\n copyright notice that is included in or attached to the work\n (an example is provided in the Appendix below).\n\n \"Derivative Works\" shall mean any work, whether in Source or Object\n form, that is based on (or derived from) the Work and for which the\n editorial revisions, annotations, elaborations, or other modifications\n represent, as a whole, an original work of authorship. For the purposes\n of this License, Derivative Works shall not include works that remain\n separable from, or merely link (or bind by name) to the interfaces of,\n the Work and Derivative Works thereof.\n\n \"Contribution\" shall mean any work of authorship, including\n the original version of the Work and any modifications or additions\n to that Work or Derivative Works thereof, that is intentionally\n submitted to Licensor for inclusion in the Work by the copyright owner\n or by an individual or Legal Entity authorized to submit on behalf of\n the copyright owner. For the purposes of this definition, \"submitted\"\n means any form of electronic, verbal, or written communication sent\n to the Licensor or its representatives, including but not limited to\n communication on electronic mailing lists, source code control systems,\n and issue tracking systems that are managed by, or on behalf of, the\n Licensor for the purpose of discussing and improving the Work, but\n excluding communication that is conspicuously marked or otherwise\n designated in writing by the copyright owner as \"Not a Contribution.\"\n\n \"Contributor\" shall mean Licensor and any individual or Legal Entity\n on behalf of whom a Contribution has been received by Licensor and\n subsequently incorporated within the Work.\n\n 2. Grant of Copyright License. Subject to the terms and conditions of\n this License, each Contributor hereby grants to You a perpetual,\n worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n copyright license to reproduce, prepare Derivative Works of,\n publicly display, publicly perform, sublicense, and distribute the\n Work and such Derivative Works in Source or Object form.\n\n 3. Grant of Patent License. Subject to the terms and conditions of\n this License, each Contributor hereby grants to You a perpetual,\n worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n (except as stated in this section) patent license to make, have made,\n use, offer to sell, sell, import, and otherwise transfer the Work,\n where such license applies only to those patent claims licensable\n by such Contributor that are necessarily infringed by their\n Contribution(s) alone or by combination of their Contribution(s)\n with the Work to which such Contribution(s) was submitted. If You\n institute patent litigation against any entity (including a\n cross-claim or counterclaim in a lawsuit) alleging that the Work\n or a Contribution incorporated within the Work constitutes direct\n or contributory patent infringement, then any patent licenses\n granted to You under this License for that Work shall terminate\n as of the date such litigation is filed.\n\n 4. Redistribution. You may reproduce and distribute copies of the\n Work or Derivative Works thereof in any medium, with or without\n modifications, and in Source or Object form, provided that You\n meet the following conditions:\n\n (a) You must give any other recipients of the Work or\n Derivative Works a copy of this License; and\n\n (b) You must cause any modified files to carry prominent notices\n stating that You changed the files; and\n\n (c) You must retain, in the Source form of any Derivative Works\n that You distribute, all copyright, patent, trademark, and\n attribution notices from the Source form of the Work,\n excluding those notices that do not pertain to any part of\n the Derivative Works; and\n\n (d) If the Work includes a \"NOTICE\" text file as part of its\n distribution, then any Derivative Works that You distribute must\n include a readable copy of the attribution notices contained\n within such NOTICE file, excluding those notices that do not\n pertain to any part of the Derivative Works, in at least one\n of the following places: within a NOTICE text file distributed\n as part of the Derivative Works; within the Source form or\n documentation, if provided along with the Derivative Works; or,\n within a display generated by the Derivative Works, if and\n wherever such third-party notices normally appear. The contents\n of the NOTICE file are for informational purposes only and\n do not modify the License. You may add Your own attribution\n notices within Derivative Works that You distribute, alongside\n or as an addendum to the NOTICE text from the Work, provided\n that such additional attribution notices cannot be construed\n as modifying the License.\n\n You may add Your own copyright statement to Your modifications and\n may provide additional or different license terms and conditions\n for use, reproduction, or distribution of Your modifications, or\n for any such Derivative Works as a whole, provided Your use,\n reproduction, and distribution of the Work otherwise complies with\n the conditions stated in this License.\n\n 5. Submission of Contributions. Unless You explicitly state otherwise,\n any Contribution intentionally submitted for inclusion in the Work\n by You to the Licensor shall be under the terms and conditions of\n this License, without any additional terms or conditions.\n Notwithstanding the above, nothing herein shall supersede or modify\n the terms of any separate license agreement you may have executed\n with Licensor regarding such Contributions.\n\n 6. Trademarks. This License does not grant permission to use the trade\n names, trademarks, service marks, or product names of the Licensor,\n except as required for reasonable and customary use in describing the\n origin of the Work and reproducing the content of the NOTICE file.\n\n 7. Disclaimer of Warranty. Unless required by applicable law or\n agreed to in writing, Licensor provides the Work (and each\n Contributor provides its Contributions) on an \"AS IS\" BASIS,\n WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n implied, including, without limitation, any warranties or conditions\n of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A\n PARTICULAR PURPOSE. You are solely responsible for determining the\n appropriateness of using or redistributing the Work and assume any\n risks associated with Your exercise of permissions under this License.\n\n 8. Limitation of Liability. In no event and under no legal theory,\n whether in tort (including negligence), contract, or otherwise,\n unless required by applicable law (such as deliberate and grossly\n negligent acts) or agreed to in writing, shall any Contributor be\n liable to You for damages, including any direct, indirect, special,\n incidental, or consequential damages of any character arising as a\n result of this License or out of the use or inability to use the\n Work (including but not limited to damages for loss of goodwill,\n work stoppage, computer failure or malfunction, or any and all\n other commercial damages or losses), even if such Contributor\n has been advised of the possibility of such damages.\n\n 9. Accepting Warranty or Additional Liability. While redistributing\n the Work or Derivative Works thereof, You may choose to offer,\n and charge a fee for, acceptance of support, warranty, indemnity,\n or other liability obligations and/or rights consistent with this\n License. However, in accepting such obligations, You may act only\n on Your own behalf and on Your sole responsibility, not on behalf\n of any other Contributor, and only if You agree to indemnify,\n defend, and hold each Contributor harmless for any liability\n incurred by, or claims asserted against, such Contributor by reason\n of your accepting any such warranty or additional liability.\n\n END OF TERMS AND CONDITIONS\n\n APPENDIX: How to apply the Apache License to your work.\n\n To apply the Apache License to your work, attach the following\n boilerplate notice, with the fields enclosed by brackets \"[]\"\n replaced with your own identifying information. (Don't include\n the brackets!) The text should be enclosed in the appropriate\n comment syntax for the file format. We also recommend that a\n file or class name and description of purpose be included on the\n same \"printed page\" as the copyright notice for easier\n identification within third-party archives.\n\n Copyright [yyyy] [name of copyright owner]\n\n Licensed under the Apache License, Version 2.0 (the \"License\");\n you may not use this file except in compliance with the License.\n You may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\n Unless required by applicable law or agreed to in writing, software\n distributed under the License is distributed on an \"AS IS\" BASIS,\n WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n See the License for the specific language governing permissions and\n limitations under the License.\n" }, { "path": "NOTICE", "content": "Copyright 2025 OpenAI\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\nDistributed under the License is distributed on an “AS IS” BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nLimitations under the License.\n" }, { "path": "README.md", "content": "# Symphony\n\nSymphony turns project work into isolated, autonomous implementation runs, allowing teams to manage\nwork instead of supervising coding agents.\n\n[![Symphony demo video preview](.github/media/symphony-demo-poster.jpg)](.github/media/symphony-demo.mp4)\n\n_In this [demo video](.github/media/symphony-demo.mp4), Symphony monitors a Linear board for work and spawns agents to handle the tasks. The agents complete the tasks and provide proof of work: CI status, PR review feedback, complexity analysis, and walkthrough videos. When accepted, the agents land the PR safely. Engineers do not need to supervise Codex; they can manage the work at a higher level._\n\n> [!WARNING]\n> Symphony is a low-key engineering preview for testing in trusted environments.\n\n## Running Symphony\n\n### Requirements\n\nSymphony works best in codebases that have adopted\n[harness engineering](https://openai.com/index/harness-engineering/). Symphony is the next step --\nmoving from managing coding agents to managing work that needs to get done.\n\n### Option 1. Make your own\n\nTell your favorite coding agent to build Symphony in a programming language of your choice:\n\n> Implement Symphony according to the following spec:\n> https://github.com/openai/symphony/blob/main/SPEC.md\n\n### Option 2. Use our experimental reference implementation\n\nCheck out [elixir/README.md](elixir/README.md) for instructions on how to set up your environment\nand run the Elixir-based Symphony implementation. You can also ask your favorite coding agent to\nhelp with the setup:\n\n> Set up Symphony for my repository based on\n> https://github.com/openai/symphony/blob/main/elixir/README.md\n\n---\n\n## License\n\nThis project is licensed under the [Apache License 2.0](LICENSE).\n" }, { "path": "SPEC.md", "content": "# Symphony Service Specification\n\nStatus: Draft v1 (language-agnostic)\n\nPurpose: Define a service that orchestrates coding agents to get project work done.\n\n## 1. Problem Statement\n\nSymphony is a long-running automation service that continuously reads work from an issue tracker\n(Linear in this specification version), creates an isolated workspace for each issue, and runs a\ncoding agent session for that issue inside the workspace.\n\nThe service solves four operational problems:\n\n- It turns issue execution into a repeatable daemon workflow instead of manual scripts.\n- It isolates agent execution in per-issue workspaces so agent commands run only inside per-issue\n workspace directories.\n- It keeps the workflow policy in-repo (`WORKFLOW.md`) so teams version the agent prompt and runtime\n settings with their code.\n- It provides enough observability to operate and debug multiple concurrent agent runs.\n\nImplementations are expected to document their trust and safety posture explicitly. This\nspecification does not require a single approval, sandbox, or operator-confirmation policy; some\nimplementations may target trusted environments with a high-trust configuration, while others may\nrequire stricter approvals or sandboxing.\n\nImportant boundary:\n\n- Symphony is a scheduler/runner and tracker reader.\n- Ticket writes (state transitions, comments, PR links) are typically performed by the coding agent\n using tools available in the workflow/runtime environment.\n- A successful run may end at a workflow-defined handoff state (for example `Human Review`), not\n necessarily `Done`.\n\n## 2. Goals and Non-Goals\n\n### 2.1 Goals\n\n- Poll the issue tracker on a fixed cadence and dispatch work with bounded concurrency.\n- Maintain a single authoritative orchestrator state for dispatch, retries, and reconciliation.\n- Create deterministic per-issue workspaces and preserve them across runs.\n- Stop active runs when issue state changes make them ineligible.\n- Recover from transient failures with exponential backoff.\n- Load runtime behavior from a repository-owned `WORKFLOW.md` contract.\n- Expose operator-visible observability (at minimum structured logs).\n- Support restart recovery without requiring a persistent database.\n\n### 2.2 Non-Goals\n\n- Rich web UI or multi-tenant control plane.\n- Prescribing a specific dashboard or terminal UI implementation.\n- General-purpose workflow engine or distributed job scheduler.\n- Built-in business logic for how to edit tickets, PRs, or comments. (That logic lives in the\n workflow prompt and agent tooling.)\n- Mandating strong sandbox controls beyond what the coding agent and host OS provide.\n- Mandating a single default approval, sandbox, or operator-confirmation posture for all\n implementations.\n\n## 3. System Overview\n\n### 3.1 Main Components\n\n1. `Workflow Loader`\n - Reads `WORKFLOW.md`.\n - Parses YAML front matter and prompt body.\n - Returns `{config, prompt_template}`.\n\n2. `Config Layer`\n - Exposes typed getters for workflow config values.\n - Applies defaults and environment variable indirection.\n - Performs validation used by the orchestrator before dispatch.\n\n3. `Issue Tracker Client`\n - Fetches candidate issues in active states.\n - Fetches current states for specific issue IDs (reconciliation).\n - Fetches terminal-state issues during startup cleanup.\n - Normalizes tracker payloads into a stable issue model.\n\n4. `Orchestrator`\n - Owns the poll tick.\n - Owns the in-memory runtime state.\n - Decides which issues to dispatch, retry, stop, or release.\n - Tracks session metrics and retry queue state.\n\n5. `Workspace Manager`\n - Maps issue identifiers to workspace paths.\n - Ensures per-issue workspace directories exist.\n - Runs workspace lifecycle hooks.\n - Cleans workspaces for terminal issues.\n\n6. `Agent Runner`\n - Creates workspace.\n - Builds prompt from issue + workflow template.\n - Launches the coding agent app-server client.\n - Streams agent updates back to the orchestrator.\n\n7. `Status Surface` (optional)\n - Presents human-readable runtime status (for example terminal output, dashboard, or other\n operator-facing view).\n\n8. `Logging`\n - Emits structured runtime logs to one or more configured sinks.\n\n### 3.2 Abstraction Levels\n\nSymphony is easiest to port when kept in these layers:\n\n1. `Policy Layer` (repo-defined)\n - `WORKFLOW.md` prompt body.\n - Team-specific rules for ticket handling, validation, and handoff.\n\n2. `Configuration Layer` (typed getters)\n - Parses front matter into typed runtime settings.\n - Handles defaults, environment tokens, and path normalization.\n\n3. `Coordination Layer` (orchestrator)\n - Polling loop, issue eligibility, concurrency, retries, reconciliation.\n\n4. `Execution Layer` (workspace + agent subprocess)\n - Filesystem lifecycle, workspace preparation, coding-agent protocol.\n\n5. `Integration Layer` (Linear adapter)\n - API calls and normalization for tracker data.\n\n6. `Observability Layer` (logs + optional status surface)\n - Operator visibility into orchestrator and agent behavior.\n\n### 3.3 External Dependencies\n\n- Issue tracker API (Linear for `tracker.kind: linear` in this specification version).\n- Local filesystem for workspaces and logs.\n- Optional workspace population tooling (for example Git CLI, if used).\n- Coding-agent executable that supports JSON-RPC-like app-server mode over stdio.\n- Host environment authentication for the issue tracker and coding agent.\n\n## 4. Core Domain Model\n\n### 4.1 Entities\n\n#### 4.1.1 Issue\n\nNormalized issue record used by orchestration, prompt rendering, and observability output.\n\nFields:\n\n- `id` (string)\n - Stable tracker-internal ID.\n- `identifier` (string)\n - Human-readable ticket key (example: `ABC-123`).\n- `title` (string)\n- `description` (string or null)\n- `priority` (integer or null)\n - Lower numbers are higher priority in dispatch sorting.\n- `state` (string)\n - Current tracker state name.\n- `branch_name` (string or null)\n - Tracker-provided branch metadata if available.\n- `url` (string or null)\n- `labels` (list of strings)\n - Normalized to lowercase.\n- `blocked_by` (list of blocker refs)\n - Each blocker ref contains:\n - `id` (string or null)\n - `identifier` (string or null)\n - `state` (string or null)\n- `created_at` (timestamp or null)\n- `updated_at` (timestamp or null)\n\n#### 4.1.2 Workflow Definition\n\nParsed `WORKFLOW.md` payload:\n\n- `config` (map)\n - YAML front matter root object.\n- `prompt_template` (string)\n - Markdown body after front matter, trimmed.\n\n#### 4.1.3 Service Config (Typed View)\n\nTyped runtime values derived from `WorkflowDefinition.config` plus environment resolution.\n\nExamples:\n\n- poll interval\n- workspace root\n- active and terminal issue states\n- concurrency limits\n- coding-agent executable/args/timeouts\n- workspace hooks\n\n#### 4.1.4 Workspace\n\nFilesystem workspace assigned to one issue identifier.\n\nFields (logical):\n\n- `path` (workspace path; current runtime typically uses absolute paths, but relative roots are\n possible if configured without path separators)\n- `workspace_key` (sanitized issue identifier)\n- `created_now` (boolean, used to gate `after_create` hook)\n\n#### 4.1.5 Run Attempt\n\nOne execution attempt for one issue.\n\nFields (logical):\n\n- `issue_id`\n- `issue_identifier`\n- `attempt` (integer or null, `null` for first run, `>=1` for retries/continuation)\n- `workspace_path`\n- `started_at`\n- `status`\n- `error` (optional)\n\n#### 4.1.6 Live Session (Agent Session Metadata)\n\nState tracked while a coding-agent subprocess is running.\n\nFields:\n\n- `session_id` (string, `-`)\n- `thread_id` (string)\n- `turn_id` (string)\n- `codex_app_server_pid` (string or null)\n- `last_codex_event` (string/enum or null)\n- `last_codex_timestamp` (timestamp or null)\n- `last_codex_message` (summarized payload)\n- `codex_input_tokens` (integer)\n- `codex_output_tokens` (integer)\n- `codex_total_tokens` (integer)\n- `last_reported_input_tokens` (integer)\n- `last_reported_output_tokens` (integer)\n- `last_reported_total_tokens` (integer)\n- `turn_count` (integer)\n - Number of coding-agent turns started within the current worker lifetime.\n\n#### 4.1.7 Retry Entry\n\nScheduled retry state for an issue.\n\nFields:\n\n- `issue_id`\n- `identifier` (best-effort human ID for status surfaces/logs)\n- `attempt` (integer, 1-based for retry queue)\n- `due_at_ms` (monotonic clock timestamp)\n- `timer_handle` (runtime-specific timer reference)\n- `error` (string or null)\n\n#### 4.1.8 Orchestrator Runtime State\n\nSingle authoritative in-memory state owned by the orchestrator.\n\nFields:\n\n- `poll_interval_ms` (current effective poll interval)\n- `max_concurrent_agents` (current effective global concurrency limit)\n- `running` (map `issue_id -> running entry`)\n- `claimed` (set of issue IDs reserved/running/retrying)\n- `retry_attempts` (map `issue_id -> RetryEntry`)\n- `completed` (set of issue IDs; bookkeeping only, not dispatch gating)\n- `codex_totals` (aggregate tokens + runtime seconds)\n- `codex_rate_limits` (latest rate-limit snapshot from agent events)\n\n### 4.2 Stable Identifiers and Normalization Rules\n\n- `Issue ID`\n - Use for tracker lookups and internal map keys.\n- `Issue Identifier`\n - Use for human-readable logs and workspace naming.\n- `Workspace Key`\n - Derive from `issue.identifier` by replacing any character not in `[A-Za-z0-9._-]` with `_`.\n - Use the sanitized value for the workspace directory name.\n- `Normalized Issue State`\n - Compare states after `lowercase`.\n- `Session ID`\n - Compose from coding-agent `thread_id` and `turn_id` as `-`.\n\n## 5. Workflow Specification (Repository Contract)\n\n### 5.1 File Discovery and Path Resolution\n\nWorkflow file path precedence:\n\n1. Explicit application/runtime setting (set by CLI startup path).\n2. Default: `WORKFLOW.md` in the current process working directory.\n\nLoader behavior:\n\n- If the file cannot be read, return `missing_workflow_file` error.\n- The workflow file is expected to be repository-owned and version-controlled.\n\n### 5.2 File Format\n\n`WORKFLOW.md` is a Markdown file with optional YAML front matter.\n\nDesign note:\n\n- `WORKFLOW.md` should be self-contained enough to describe and run different workflows (prompt,\n runtime settings, hooks, and tracker selection/config) without requiring out-of-band\n service-specific configuration.\n\nParsing rules:\n\n- If file starts with `---`, parse lines until the next `---` as YAML front matter.\n- Remaining lines become the prompt body.\n- If front matter is absent, treat the entire file as prompt body and use an empty config map.\n- YAML front matter must decode to a map/object; non-map YAML is an error.\n- Prompt body is trimmed before use.\n\nReturned workflow object:\n\n- `config`: front matter root object (not nested under a `config` key).\n- `prompt_template`: trimmed Markdown body.\n\n### 5.3 Front Matter Schema\n\nTop-level keys:\n\n- `tracker`\n- `polling`\n- `workspace`\n- `hooks`\n- `agent`\n- `codex`\n\nUnknown keys should be ignored for forward compatibility.\n\nNote:\n\n- The workflow front matter is extensible. Optional extensions may define additional top-level keys\n (for example `server`) without changing the core schema above.\n- Extensions should document their field schema, defaults, validation rules, and whether changes\n apply dynamically or require restart.\n- Common extension: `server.port` (integer) enables the optional HTTP server described in Section\n 13.7.\n\n#### 5.3.1 `tracker` (object)\n\nFields:\n\n- `kind` (string)\n - Required for dispatch.\n - Current supported value: `linear`\n- `endpoint` (string)\n - Default for `tracker.kind == \"linear\"`: `https://api.linear.app/graphql`\n- `api_key` (string)\n - May be a literal token or `$VAR_NAME`.\n - Canonical environment variable for `tracker.kind == \"linear\"`: `LINEAR_API_KEY`.\n - If `$VAR_NAME` resolves to an empty string, treat the key as missing.\n- `project_slug` (string)\n - Required for dispatch when `tracker.kind == \"linear\"`.\n- `active_states` (list of strings)\n - Default: `Todo`, `In Progress`\n- `terminal_states` (list of strings)\n - Default: `Closed`, `Cancelled`, `Canceled`, `Duplicate`, `Done`\n\n#### 5.3.2 `polling` (object)\n\nFields:\n\n- `interval_ms` (integer or string integer)\n - Default: `30000`\n - Changes should be re-applied at runtime and affect future tick scheduling without restart.\n\n#### 5.3.3 `workspace` (object)\n\nFields:\n\n- `root` (path string or `$VAR`)\n - Default: `/symphony_workspaces`\n - `~` and strings containing path separators are expanded.\n - Bare strings without path separators are preserved as-is (relative roots are allowed but\n discouraged).\n\n#### 5.3.4 `hooks` (object)\n\nFields:\n\n- `after_create` (multiline shell script string, optional)\n - Runs only when a workspace directory is newly created.\n - Failure aborts workspace creation.\n- `before_run` (multiline shell script string, optional)\n - Runs before each agent attempt after workspace preparation and before launching the coding\n agent.\n - Failure aborts the current attempt.\n- `after_run` (multiline shell script string, optional)\n - Runs after each agent attempt (success, failure, timeout, or cancellation) once the workspace\n exists.\n - Failure is logged but ignored.\n- `before_remove` (multiline shell script string, optional)\n - Runs before workspace deletion if the directory exists.\n - Failure is logged but ignored; cleanup still proceeds.\n- `timeout_ms` (integer, optional)\n - Default: `60000`\n - Applies to all workspace hooks.\n - Non-positive values should be treated as invalid and fall back to the default.\n - Changes should be re-applied at runtime for future hook executions.\n\n#### 5.3.5 `agent` (object)\n\nFields:\n\n- `max_concurrent_agents` (integer or string integer)\n - Default: `10`\n - Changes should be re-applied at runtime and affect subsequent dispatch decisions.\n- `max_retry_backoff_ms` (integer or string integer)\n - Default: `300000` (5 minutes)\n - Changes should be re-applied at runtime and affect future retry scheduling.\n- `max_concurrent_agents_by_state` (map `state_name -> positive integer`)\n - Default: empty map.\n - State keys are normalized (`lowercase`) for lookup.\n - Invalid entries (non-positive or non-numeric) are ignored.\n\n#### 5.3.6 `codex` (object)\n\nFields:\n\nFor Codex-owned config values such as `approval_policy`, `thread_sandbox`, and\n`turn_sandbox_policy`, supported values are defined by the targeted Codex app-server version.\nImplementors should treat them as pass-through Codex config values rather than relying on a\nhand-maintained enum in this spec. To inspect the installed Codex schema, run\n`codex app-server generate-json-schema --out ` and inspect the relevant definitions referenced\nby `v2/ThreadStartParams.json` and `v2/TurnStartParams.json`. Implementations may validate these\nfields locally if they want stricter startup checks.\n\n- `command` (string shell command)\n - Default: `codex app-server`\n - The runtime launches this command via `bash -lc` in the workspace directory.\n - The launched process must speak a compatible app-server protocol over stdio.\n- `approval_policy` (Codex `AskForApproval` value)\n - Default: implementation-defined.\n- `thread_sandbox` (Codex `SandboxMode` value)\n - Default: implementation-defined.\n- `turn_sandbox_policy` (Codex `SandboxPolicy` value)\n - Default: implementation-defined.\n- `turn_timeout_ms` (integer)\n - Default: `3600000` (1 hour)\n- `read_timeout_ms` (integer)\n - Default: `5000`\n- `stall_timeout_ms` (integer)\n - Default: `300000` (5 minutes)\n - If `<= 0`, stall detection is disabled.\n\n### 5.4 Prompt Template Contract\n\nThe Markdown body of `WORKFLOW.md` is the per-issue prompt template.\n\nRendering requirements:\n\n- Use a strict template engine (Liquid-compatible semantics are sufficient).\n- Unknown variables must fail rendering.\n- Unknown filters must fail rendering.\n\nTemplate input variables:\n\n- `issue` (object)\n - Includes all normalized issue fields, including labels and blockers.\n- `attempt` (integer or null)\n - `null`/absent on first attempt.\n - Integer on retry or continuation run.\n\nFallback prompt behavior:\n\n- If the workflow prompt body is empty, the runtime may use a minimal default prompt\n (`You are working on an issue from Linear.`).\n- Workflow file read/parse failures are configuration/validation errors and should not silently fall\n back to a prompt.\n\n### 5.5 Workflow Validation and Error Surface\n\nError classes:\n\n- `missing_workflow_file`\n- `workflow_parse_error`\n- `workflow_front_matter_not_a_map`\n- `template_parse_error` (during prompt rendering)\n- `template_render_error` (unknown variable/filter, invalid interpolation)\n\nDispatch gating behavior:\n\n- Workflow file read/YAML errors block new dispatches until fixed.\n- Template errors fail only the affected run attempt.\n\n## 6. Configuration Specification\n\n### 6.1 Source Precedence and Resolution Semantics\n\nConfiguration precedence:\n\n1. Workflow file path selection (runtime setting -> cwd default).\n2. YAML front matter values.\n3. Environment indirection via `$VAR_NAME` inside selected YAML values.\n4. Built-in defaults.\n\nValue coercion semantics:\n\n- Path/command fields support:\n - `~` home expansion\n - `$VAR` expansion for env-backed path values\n - Apply expansion only to values intended to be local filesystem paths; do not rewrite URIs or\n arbitrary shell command strings.\n\n### 6.2 Dynamic Reload Semantics\n\nDynamic reload is required:\n\n- The software should watch `WORKFLOW.md` for changes.\n- On change, it should re-read and re-apply workflow config and prompt template without restart.\n- The software should attempt to adjust live behavior to the new config (for example polling\n cadence, concurrency limits, active/terminal states, codex settings, workspace paths/hooks, and\n prompt content for future runs).\n- Reloaded config applies to future dispatch, retry scheduling, reconciliation decisions, hook\n execution, and agent launches.\n- Implementations are not required to restart in-flight agent sessions automatically when config\n changes.\n- Extensions that manage their own listeners/resources (for example an HTTP server port change) may\n require restart unless the implementation explicitly supports live rebind.\n- Implementations should also re-validate/reload defensively during runtime operations (for example\n before dispatch) in case filesystem watch events are missed.\n- Invalid reloads should not crash the service; keep operating with the last known good effective\n configuration and emit an operator-visible error.\n\n### 6.3 Dispatch Preflight Validation\n\nThis validation is a scheduler preflight run before attempting to dispatch new work. It validates\nthe workflow/config needed to poll and launch workers, not a full audit of all possible workflow\nbehavior.\n\nStartup validation:\n\n- Validate configuration before starting the scheduling loop.\n- If startup validation fails, fail startup and emit an operator-visible error.\n\nPer-tick dispatch validation:\n\n- Re-validate before each dispatch cycle.\n- If validation fails, skip dispatch for that tick, keep reconciliation active, and emit an\n operator-visible error.\n\nValidation checks:\n\n- Workflow file can be loaded and parsed.\n- `tracker.kind` is present and supported.\n- `tracker.api_key` is present after `$` resolution.\n- `tracker.project_slug` is present when required by the selected tracker kind.\n- `codex.command` is present and non-empty.\n\n### 6.4 Config Fields Summary (Cheat Sheet)\n\nThis section is intentionally redundant so a coding agent can implement the config layer quickly.\n\n- `tracker.kind`: string, required, currently `linear`\n- `tracker.endpoint`: string, default `https://api.linear.app/graphql` when `tracker.kind=linear`\n- `tracker.api_key`: string or `$VAR`, canonical env `LINEAR_API_KEY` when `tracker.kind=linear`\n- `tracker.project_slug`: string, required when `tracker.kind=linear`\n- `tracker.active_states`: list of strings, default `[\"Todo\", \"In Progress\"]`\n- `tracker.terminal_states`: list of strings, default `[\"Closed\", \"Cancelled\", \"Canceled\", \"Duplicate\", \"Done\"]`\n- `polling.interval_ms`: integer, default `30000`\n- `workspace.root`: path, default `/symphony_workspaces`\n- `worker.ssh_hosts` (extension): list of SSH host strings, optional; when omitted, work runs\n locally\n- `worker.max_concurrent_agents_per_host` (extension): positive integer, optional; shared per-host\n cap applied across configured SSH hosts\n- `hooks.after_create`: shell script or null\n- `hooks.before_run`: shell script or null\n- `hooks.after_run`: shell script or null\n- `hooks.before_remove`: shell script or null\n- `hooks.timeout_ms`: integer, default `60000`\n- `agent.max_concurrent_agents`: integer, default `10`\n- `agent.max_turns`: integer, default `20`\n- `agent.max_retry_backoff_ms`: integer, default `300000` (5m)\n- `agent.max_concurrent_agents_by_state`: map of positive integers, default `{}`\n- `codex.command`: shell command string, default `codex app-server`\n- `codex.approval_policy`: Codex `AskForApproval` value, default implementation-defined\n- `codex.thread_sandbox`: Codex `SandboxMode` value, default implementation-defined\n- `codex.turn_sandbox_policy`: Codex `SandboxPolicy` value, default implementation-defined\n- `codex.turn_timeout_ms`: integer, default `3600000`\n- `codex.read_timeout_ms`: integer, default `5000`\n- `codex.stall_timeout_ms`: integer, default `300000`\n- `server.port` (extension): integer, optional; enables the optional HTTP server, `0` may be used\n for ephemeral local bind, and CLI `--port` overrides it\n\n## 7. Orchestration State Machine\n\nThe orchestrator is the only component that mutates scheduling state. All worker outcomes are\nreported back to it and converted into explicit state transitions.\n\n### 7.1 Issue Orchestration States\n\nThis is not the same as tracker states (`Todo`, `In Progress`, etc.). This is the service's internal\nclaim state.\n\n1. `Unclaimed`\n - Issue is not running and has no retry scheduled.\n\n2. `Claimed`\n - Orchestrator has reserved the issue to prevent duplicate dispatch.\n - In practice, claimed issues are either `Running` or `RetryQueued`.\n\n3. `Running`\n - Worker task exists and the issue is tracked in `running` map.\n\n4. `RetryQueued`\n - Worker is not running, but a retry timer exists in `retry_attempts`.\n\n5. `Released`\n - Claim removed because issue is terminal, non-active, missing, or retry path completed without\n re-dispatch.\n\nImportant nuance:\n\n- A successful worker exit does not mean the issue is done forever.\n- The worker may continue through multiple back-to-back coding-agent turns before it exits.\n- After each normal turn completion, the worker re-checks the tracker issue state.\n- If the issue is still in an active state, the worker should start another turn on the same live\n coding-agent thread in the same workspace, up to `agent.max_turns`.\n- The first turn should use the full rendered task prompt.\n- Continuation turns should send only continuation guidance to the existing thread, not resend the\n original task prompt that is already present in thread history.\n- Once the worker exits normally, the orchestrator still schedules a short continuation retry\n (about 1 second) so it can re-check whether the issue remains active and needs another worker\n session.\n\n### 7.2 Run Attempt Lifecycle\n\nA run attempt transitions through these phases:\n\n1. `PreparingWorkspace`\n2. `BuildingPrompt`\n3. `LaunchingAgentProcess`\n4. `InitializingSession`\n5. `StreamingTurn`\n6. `Finishing`\n7. `Succeeded`\n8. `Failed`\n9. `TimedOut`\n10. `Stalled`\n11. `CanceledByReconciliation`\n\nDistinct terminal reasons are important because retry logic and logs differ.\n\n### 7.3 Transition Triggers\n\n- `Poll Tick`\n - Reconcile active runs.\n - Validate config.\n - Fetch candidate issues.\n - Dispatch until slots are exhausted.\n\n- `Worker Exit (normal)`\n - Remove running entry.\n - Update aggregate runtime totals.\n - Schedule continuation retry (attempt `1`) after the worker exhausts or finishes its in-process\n turn loop.\n\n- `Worker Exit (abnormal)`\n - Remove running entry.\n - Update aggregate runtime totals.\n - Schedule exponential-backoff retry.\n\n- `Codex Update Event`\n - Update live session fields, token counters, and rate limits.\n\n- `Retry Timer Fired`\n - Re-fetch active candidates and attempt re-dispatch, or release claim if no longer eligible.\n\n- `Reconciliation State Refresh`\n - Stop runs whose issue states are terminal or no longer active.\n\n- `Stall Timeout`\n - Kill worker and schedule retry.\n\n### 7.4 Idempotency and Recovery Rules\n\n- The orchestrator serializes state mutations through one authority to avoid duplicate dispatch.\n- `claimed` and `running` checks are required before launching any worker.\n- Reconciliation runs before dispatch on every tick.\n- Restart recovery is tracker-driven and filesystem-driven (no durable orchestrator DB required).\n- Startup terminal cleanup removes stale workspaces for issues already in terminal states.\n\n## 8. Polling, Scheduling, and Reconciliation\n\n### 8.1 Poll Loop\n\nAt startup, the service validates config, performs startup cleanup, schedules an immediate tick, and\nthen repeats every `polling.interval_ms`.\n\nThe effective poll interval should be updated when workflow config changes are re-applied.\n\nTick sequence:\n\n1. Reconcile running issues.\n2. Run dispatch preflight validation.\n3. Fetch candidate issues from tracker using active states.\n4. Sort issues by dispatch priority.\n5. Dispatch eligible issues while slots remain.\n6. Notify observability/status consumers of state changes.\n\nIf per-tick validation fails, dispatch is skipped for that tick, but reconciliation still happens\nfirst.\n\n### 8.2 Candidate Selection Rules\n\nAn issue is dispatch-eligible only if all are true:\n\n- It has `id`, `identifier`, `title`, and `state`.\n- Its state is in `active_states` and not in `terminal_states`.\n- It is not already in `running`.\n- It is not already in `claimed`.\n- Global concurrency slots are available.\n- Per-state concurrency slots are available.\n- Blocker rule for `Todo` state passes:\n - If the issue state is `Todo`, do not dispatch when any blocker is non-terminal.\n\nSorting order (stable intent):\n\n1. `priority` ascending (1..4 are preferred; null/unknown sorts last)\n2. `created_at` oldest first\n3. `identifier` lexicographic tie-breaker\n\n### 8.3 Concurrency Control\n\nGlobal limit:\n\n- `available_slots = max(max_concurrent_agents - running_count, 0)`\n\nPer-state limit:\n\n- `max_concurrent_agents_by_state[state]` if present (state key normalized)\n- otherwise fallback to global limit\n\nThe runtime counts issues by their current tracked state in the `running` map.\n\nOptional SSH host limit:\n\n- When `worker.max_concurrent_agents_per_host` is set, each configured SSH host may run at most\n that many concurrent agents at once.\n- Hosts at that cap are skipped for new dispatch until capacity frees up.\n\n### 8.4 Retry and Backoff\n\nRetry entry creation:\n\n- Cancel any existing retry timer for the same issue.\n- Store `attempt`, `identifier`, `error`, `due_at_ms`, and new timer handle.\n\nBackoff formula:\n\n- Normal continuation retries after a clean worker exit use a short fixed delay of `1000` ms.\n- Failure-driven retries use `delay = min(10000 * 2^(attempt - 1), agent.max_retry_backoff_ms)`.\n- Power is capped by the configured max retry backoff (default `300000` / 5m).\n\nRetry handling behavior:\n\n1. Fetch active candidate issues (not all issues).\n2. Find the specific issue by `issue_id`.\n3. If not found, release claim.\n4. If found and still candidate-eligible:\n - Dispatch if slots are available.\n - Otherwise requeue with error `no available orchestrator slots`.\n5. If found but no longer active, release claim.\n\nNote:\n\n- Terminal-state workspace cleanup is handled by startup cleanup and active-run reconciliation\n (including terminal transitions for currently running issues).\n- Retry handling mainly operates on active candidates and releases claims when the issue is absent,\n rather than performing terminal cleanup itself.\n\n### 8.5 Active Run Reconciliation\n\nReconciliation runs every tick and has two parts.\n\nPart A: Stall detection\n\n- For each running issue, compute `elapsed_ms` since:\n - `last_codex_timestamp` if any event has been seen, else\n - `started_at`\n- If `elapsed_ms > codex.stall_timeout_ms`, terminate the worker and queue a retry.\n- If `stall_timeout_ms <= 0`, skip stall detection entirely.\n\nPart B: Tracker state refresh\n\n- Fetch current issue states for all running issue IDs.\n- For each running issue:\n - If tracker state is terminal: terminate worker and clean workspace.\n - If tracker state is still active: update the in-memory issue snapshot.\n - If tracker state is neither active nor terminal: terminate worker without workspace cleanup.\n- If state refresh fails, keep workers running and try again on the next tick.\n\n### 8.6 Startup Terminal Workspace Cleanup\n\nWhen the service starts:\n\n1. Query tracker for issues in terminal states.\n2. For each returned issue identifier, remove the corresponding workspace directory.\n3. If the terminal-issues fetch fails, log a warning and continue startup.\n\nThis prevents stale terminal workspaces from accumulating after restarts.\n\n## 9. Workspace Management and Safety\n\n### 9.1 Workspace Layout\n\nWorkspace root:\n\n- `workspace.root` (normalized path; the current config layer expands path-like values and preserves\n bare relative names)\n\nPer-issue workspace path:\n\n- `/`\n\nWorkspace persistence:\n\n- Workspaces are reused across runs for the same issue.\n- Successful runs do not auto-delete workspaces.\n\n### 9.2 Workspace Creation and Reuse\n\nInput: `issue.identifier`\n\nAlgorithm summary:\n\n1. Sanitize identifier to `workspace_key`.\n2. Compute workspace path under workspace root.\n3. Ensure the workspace path exists as a directory.\n4. Mark `created_now=true` only if the directory was created during this call; otherwise\n `created_now=false`.\n5. If `created_now=true`, run `after_create` hook if configured.\n\nNotes:\n\n- This section does not assume any specific repository/VCS workflow.\n- Workspace preparation beyond directory creation (for example dependency bootstrap, checkout/sync,\n code generation) is implementation-defined and is typically handled via hooks.\n\n### 9.3 Optional Workspace Population (Implementation-Defined)\n\nThe spec does not require any built-in VCS or repository bootstrap behavior.\n\nImplementations may populate or synchronize the workspace using implementation-defined logic and/or\nhooks (for example `after_create` and/or `before_run`).\n\nFailure handling:\n\n- Workspace population/synchronization failures return an error for the current attempt.\n- If failure happens while creating a brand-new workspace, implementations may remove the partially\n prepared directory.\n- Reused workspaces should not be destructively reset on population failure unless that policy is\n explicitly chosen and documented.\n\n### 9.4 Workspace Hooks\n\nSupported hooks:\n\n- `hooks.after_create`\n- `hooks.before_run`\n- `hooks.after_run`\n- `hooks.before_remove`\n\nExecution contract:\n\n- Execute in a local shell context appropriate to the host OS, with the workspace directory as\n `cwd`.\n- On POSIX systems, `sh -lc \n \n \n \n \n \n \n {@inner_content}\n \n \n \"\"\"\n end\n\n @spec app(map()) :: Phoenix.LiveView.Rendered.t()\n def app(assigns) do\n ~H\"\"\"\n
\n {@inner_content}\n
\n \"\"\"\n end\nend\n" }, { "path": "elixir/lib/symphony_elixir_web/controllers/observability_api_controller.ex", "content": "defmodule SymphonyElixirWeb.ObservabilityApiController do\n @moduledoc \"\"\"\n JSON API for Symphony observability data.\n \"\"\"\n\n use Phoenix.Controller, formats: [:json]\n\n alias Plug.Conn\n alias SymphonyElixirWeb.{Endpoint, Presenter}\n\n @spec state(Conn.t(), map()) :: Conn.t()\n def state(conn, _params) do\n json(conn, Presenter.state_payload(orchestrator(), snapshot_timeout_ms()))\n end\n\n @spec issue(Conn.t(), map()) :: Conn.t()\n def issue(conn, %{\"issue_identifier\" => issue_identifier}) do\n case Presenter.issue_payload(issue_identifier, orchestrator(), snapshot_timeout_ms()) do\n {:ok, payload} ->\n json(conn, payload)\n\n {:error, :issue_not_found} ->\n error_response(conn, 404, \"issue_not_found\", \"Issue not found\")\n end\n end\n\n @spec refresh(Conn.t(), map()) :: Conn.t()\n def refresh(conn, _params) do\n case Presenter.refresh_payload(orchestrator()) do\n {:ok, payload} ->\n conn\n |> put_status(202)\n |> json(payload)\n\n {:error, :unavailable} ->\n error_response(conn, 503, \"orchestrator_unavailable\", \"Orchestrator is unavailable\")\n end\n end\n\n @spec method_not_allowed(Conn.t(), map()) :: Conn.t()\n def method_not_allowed(conn, _params) do\n error_response(conn, 405, \"method_not_allowed\", \"Method not allowed\")\n end\n\n @spec not_found(Conn.t(), map()) :: Conn.t()\n def not_found(conn, _params) do\n error_response(conn, 404, \"not_found\", \"Route not found\")\n end\n\n defp error_response(conn, status, code, message) do\n conn\n |> put_status(status)\n |> json(%{error: %{code: code, message: message}})\n end\n\n defp orchestrator do\n Endpoint.config(:orchestrator) || SymphonyElixir.Orchestrator\n end\n\n defp snapshot_timeout_ms do\n Endpoint.config(:snapshot_timeout_ms) || 15_000\n end\nend\n" }, { "path": "elixir/lib/symphony_elixir_web/controllers/static_asset_controller.ex", "content": "defmodule SymphonyElixirWeb.StaticAssetController do\n @moduledoc \"\"\"\n Serves the dashboard's embedded CSS and JavaScript assets.\n \"\"\"\n\n use Phoenix.Controller, formats: []\n\n alias Plug.Conn\n alias SymphonyElixirWeb.StaticAssets\n\n @spec dashboard_css(Conn.t(), map()) :: Conn.t()\n def dashboard_css(conn, _params), do: serve(conn, \"/dashboard.css\")\n\n @spec phoenix_html_js(Conn.t(), map()) :: Conn.t()\n def phoenix_html_js(conn, _params), do: serve(conn, \"/vendor/phoenix_html/phoenix_html.js\")\n\n @spec phoenix_js(Conn.t(), map()) :: Conn.t()\n def phoenix_js(conn, _params), do: serve(conn, \"/vendor/phoenix/phoenix.js\")\n\n @spec phoenix_live_view_js(Conn.t(), map()) :: Conn.t()\n def phoenix_live_view_js(conn, _params), do: serve(conn, \"/vendor/phoenix_live_view/phoenix_live_view.js\")\n\n defp serve(conn, path) do\n case StaticAssets.fetch(path) do\n {:ok, content_type, body} ->\n conn\n |> put_resp_content_type(content_type)\n |> put_resp_header(\"cache-control\", \"public, max-age=31536000\")\n |> send_resp(200, body)\n\n :error ->\n send_resp(conn, 404, \"Not Found\")\n end\n end\nend\n" }, { "path": "elixir/lib/symphony_elixir_web/endpoint.ex", "content": "defmodule SymphonyElixirWeb.Endpoint do\n @moduledoc \"\"\"\n Phoenix endpoint for Symphony's optional observability UI and API.\n \"\"\"\n\n use Phoenix.Endpoint, otp_app: :symphony_elixir\n\n @session_options [\n store: :cookie,\n key: \"_symphony_elixir_key\",\n signing_salt: \"symphony-session\"\n ]\n\n socket(\"/live\", Phoenix.LiveView.Socket,\n websocket: [connect_info: [session: @session_options]],\n longpoll: false\n )\n\n plug(Plug.RequestId)\n plug(Plug.Telemetry, event_prefix: [:phoenix, :endpoint])\n\n plug(Plug.Parsers,\n parsers: [:urlencoded, :multipart, :json],\n pass: [\"*/*\"],\n json_decoder: Jason\n )\n\n plug(Plug.MethodOverride)\n plug(Plug.Head)\n plug(Plug.Session, @session_options)\n plug(SymphonyElixirWeb.Router)\nend\n" }, { "path": "elixir/lib/symphony_elixir_web/error_html.ex", "content": "defmodule SymphonyElixirWeb.ErrorHTML do\n @moduledoc false\n\n @spec render(String.t(), map()) :: String.t()\n def render(template, _assigns) do\n Phoenix.Controller.status_message_from_template(template)\n end\nend\n" }, { "path": "elixir/lib/symphony_elixir_web/error_json.ex", "content": "defmodule SymphonyElixirWeb.ErrorJSON do\n @moduledoc false\n\n @spec render(String.t(), map()) :: map()\n def render(template, _assigns) do\n %{error: %{code: \"request_failed\", message: Phoenix.Controller.status_message_from_template(template)}}\n end\nend\n" }, { "path": "elixir/lib/symphony_elixir_web/live/dashboard_live.ex", "content": "defmodule SymphonyElixirWeb.DashboardLive do\n @moduledoc \"\"\"\n Live observability dashboard for Symphony.\n \"\"\"\n\n use Phoenix.LiveView, layout: {SymphonyElixirWeb.Layouts, :app}\n\n alias SymphonyElixirWeb.{Endpoint, ObservabilityPubSub, Presenter}\n @runtime_tick_ms 1_000\n\n @impl true\n def mount(_params, _session, socket) do\n socket =\n socket\n |> assign(:payload, load_payload())\n |> assign(:now, DateTime.utc_now())\n\n if connected?(socket) do\n :ok = ObservabilityPubSub.subscribe()\n schedule_runtime_tick()\n end\n\n {:ok, socket}\n end\n\n @impl true\n def handle_info(:runtime_tick, socket) do\n schedule_runtime_tick()\n {:noreply, assign(socket, :now, DateTime.utc_now())}\n end\n\n @impl true\n def handle_info(:observability_updated, socket) do\n {:noreply,\n socket\n |> assign(:payload, load_payload())\n |> assign(:now, DateTime.utc_now())}\n end\n\n @impl true\n def render(assigns) do\n ~H\"\"\"\n
\n
\n
\n
\n

\n Symphony Observability\n

\n

\n Operations Dashboard\n

\n

\n Current state, retry pressure, token usage, and orchestration health for the active Symphony runtime.\n

\n
\n\n
\n \n \n Live\n \n \n \n Offline\n \n
\n
\n
\n\n <%= if @payload[:error] do %>\n
\n

\n Snapshot unavailable\n

\n

\n <%= @payload.error.code %>: <%= @payload.error.message %>\n

\n
\n <% else %>\n
\n
\n

Running

\n

<%= @payload.counts.running %>

\n

Active issue sessions in the current runtime.

\n
\n\n
\n

Retrying

\n

<%= @payload.counts.retrying %>

\n

Issues waiting for the next retry window.

\n
\n\n
\n

Total tokens

\n

<%= format_int(@payload.codex_totals.total_tokens) %>

\n

\n In <%= format_int(@payload.codex_totals.input_tokens) %> / Out <%= format_int(@payload.codex_totals.output_tokens) %>\n

\n
\n\n
\n

Runtime

\n

<%= format_runtime_seconds(total_runtime_seconds(@payload, @now)) %>

\n

Total Codex runtime across completed and active sessions.

\n
\n
\n\n
\n
\n
\n

Rate limits

\n

Latest upstream rate-limit snapshot, when available.

\n
\n
\n\n 
<%= pretty_value(@payload.rate_limits) %>
\n
\n\n
\n
\n
\n

Running sessions

\n

Active issues, last known agent activity, and token usage.

\n
\n
\n\n <%= if @payload.running == [] do %>\n

No active sessions.

\n <% else %>\n
\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
IssueStateSessionRuntime / turnsCodex updateTokens
\n
\n <%= entry.issue_identifier %>\n JSON details\n
\n 		\n \n <%= entry.state %>\n \n \n
\n <%= if entry.session_id do %>\n { this.textContent = this.dataset.label }, 1200);\"\n >\n Copy ID\n \n <% else %>\n n/a\n <% end %>\n
\n 		<%= format_runtime_and_turns(entry.started_at, entry.turn_count, @now) %>\n
\n <%= entry.last_message || to_string(entry.last_event || \"n/a\") %>\n \n <%= entry.last_event || \"n/a\" %>\n <%= if entry.last_event_at do %>\n · <%= entry.last_event_at %>\n <% end %>\n \n
\n 		\n
\n Total: <%= format_int(entry.tokens.total_tokens) %>\n In <%= format_int(entry.tokens.input_tokens) %> / Out <%= format_int(entry.tokens.output_tokens) %>\n
\n
\n
\n <% end %>\n
\n\n
\n
\n
\n

Retry queue

\n

Issues waiting for the next retry window.

\n
\n
\n\n <%= if @payload.retrying == [] do %>\n

No issues are currently backing off.

\n <% else %>\n
\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
IssueAttemptDue atError
\n
\n <%= entry.issue_identifier %>\n JSON details\n
\n 		<%= entry.attempt %><%= entry.due_at || \"n/a\" %><%= entry.error || \"n/a\" %>
\n
\n <% end %>\n
\n <% end %>\n
\n \"\"\"\n end\n\n defp load_payload do\n Presenter.state_payload(orchestrator(), snapshot_timeout_ms())\n end\n\n defp orchestrator do\n Endpoint.config(:orchestrator) || SymphonyElixir.Orchestrator\n end\n\n defp snapshot_timeout_ms do\n Endpoint.config(:snapshot_timeout_ms) || 15_000\n end\n\n defp completed_runtime_seconds(payload) do\n payload.codex_totals.seconds_running || 0\n end\n\n defp total_runtime_seconds(payload, now) do\n completed_runtime_seconds(payload) +\n Enum.reduce(payload.running, 0, fn entry, total ->\n total + runtime_seconds_from_started_at(entry.started_at, now)\n end)\n end\n\n defp format_runtime_and_turns(started_at, turn_count, now) when is_integer(turn_count) and turn_count > 0 do\n \"#{format_runtime_seconds(runtime_seconds_from_started_at(started_at, now))} / #{turn_count}\"\n end\n\n defp format_runtime_and_turns(started_at, _turn_count, now),\n do: format_runtime_seconds(runtime_seconds_from_started_at(started_at, now))\n\n defp format_runtime_seconds(seconds) when is_number(seconds) do\n whole_seconds = max(trunc(seconds), 0)\n mins = div(whole_seconds, 60)\n secs = rem(whole_seconds, 60)\n \"#{mins}m #{secs}s\"\n end\n\n defp runtime_seconds_from_started_at(%DateTime{} = started_at, %DateTime{} = now) do\n DateTime.diff(now, started_at, :second)\n end\n\n defp runtime_seconds_from_started_at(started_at, %DateTime{} = now) when is_binary(started_at) do\n case DateTime.from_iso8601(started_at) do\n {:ok, parsed, _offset} -> runtime_seconds_from_started_at(parsed, now)\n _ -> 0\n end\n end\n\n defp runtime_seconds_from_started_at(_started_at, _now), do: 0\n\n defp format_int(value) when is_integer(value) do\n value\n |> Integer.to_string()\n |> String.reverse()\n |> String.replace(~r/.{3}(?=.)/, \"\\\\0,\")\n |> String.reverse()\n end\n\n defp format_int(_value), do: \"n/a\"\n\n defp state_badge_class(state) do\n base = \"state-badge\"\n normalized = state |> to_string() |> String.downcase()\n\n cond do\n String.contains?(normalized, [\"progress\", \"running\", \"active\"]) -> \"#{base} state-badge-active\"\n String.contains?(normalized, [\"blocked\", \"error\", \"failed\"]) -> \"#{base} state-badge-danger\"\n String.contains?(normalized, [\"todo\", \"queued\", \"pending\", \"retry\"]) -> \"#{base} state-badge-warning\"\n true -> base\n end\n end\n\n defp schedule_runtime_tick do\n Process.send_after(self(), :runtime_tick, @runtime_tick_ms)\n end\n\n defp pretty_value(nil), do: \"n/a\"\n defp pretty_value(value), do: inspect(value, pretty: true, limit: :infinity)\nend\n" }, { "path": "elixir/lib/symphony_elixir_web/observability_pubsub.ex", "content": "defmodule SymphonyElixirWeb.ObservabilityPubSub do\n @moduledoc \"\"\"\n PubSub helpers for observability dashboard updates.\n \"\"\"\n\n @pubsub SymphonyElixir.PubSub\n @topic \"observability:dashboard\"\n @update_message :observability_updated\n\n @spec subscribe() :: :ok | {:error, term()}\n def subscribe do\n Phoenix.PubSub.subscribe(@pubsub, @topic)\n end\n\n @spec broadcast_update() :: :ok\n def broadcast_update do\n case Process.whereis(@pubsub) do\n pid when is_pid(pid) ->\n Phoenix.PubSub.broadcast(@pubsub, @topic, @update_message)\n\n _ ->\n :ok\n end\n end\nend\n" }, { "path": "elixir/lib/symphony_elixir_web/presenter.ex", "content": "defmodule SymphonyElixirWeb.Presenter do\n @moduledoc \"\"\"\n Shared projections for the observability API and dashboard.\n \"\"\"\n\n alias SymphonyElixir.{Config, Orchestrator, StatusDashboard}\n\n @spec state_payload(GenServer.name(), timeout()) :: map()\n def state_payload(orchestrator, snapshot_timeout_ms) do\n generated_at = DateTime.utc_now() |> DateTime.truncate(:second) |> DateTime.to_iso8601()\n\n case Orchestrator.snapshot(orchestrator, snapshot_timeout_ms) do\n %{} = snapshot ->\n %{\n generated_at: generated_at,\n counts: %{\n running: length(snapshot.running),\n retrying: length(snapshot.retrying)\n },\n running: Enum.map(snapshot.running, &running_entry_payload/1),\n retrying: Enum.map(snapshot.retrying, &retry_entry_payload/1),\n codex_totals: snapshot.codex_totals,\n rate_limits: snapshot.rate_limits\n }\n\n :timeout ->\n %{generated_at: generated_at, error: %{code: \"snapshot_timeout\", message: \"Snapshot timed out\"}}\n\n :unavailable ->\n %{generated_at: generated_at, error: %{code: \"snapshot_unavailable\", message: \"Snapshot unavailable\"}}\n end\n end\n\n @spec issue_payload(String.t(), GenServer.name(), timeout()) :: {:ok, map()} | {:error, :issue_not_found}\n def issue_payload(issue_identifier, orchestrator, snapshot_timeout_ms) when is_binary(issue_identifier) do\n case Orchestrator.snapshot(orchestrator, snapshot_timeout_ms) do\n %{} = snapshot ->\n running = Enum.find(snapshot.running, &(&1.identifier == issue_identifier))\n retry = Enum.find(snapshot.retrying, &(&1.identifier == issue_identifier))\n\n if is_nil(running) and is_nil(retry) do\n {:error, :issue_not_found}\n else\n {:ok, issue_payload_body(issue_identifier, running, retry)}\n end\n\n _ ->\n {:error, :issue_not_found}\n end\n end\n\n @spec refresh_payload(GenServer.name()) :: {:ok, map()} | {:error, :unavailable}\n def refresh_payload(orchestrator) do\n case Orchestrator.request_refresh(orchestrator) do\n :unavailable ->\n {:error, :unavailable}\n\n payload ->\n {:ok, Map.update!(payload, :requested_at, &DateTime.to_iso8601/1)}\n end\n end\n\n defp issue_payload_body(issue_identifier, running, retry) do\n %{\n issue_identifier: issue_identifier,\n issue_id: issue_id_from_entries(running, retry),\n status: issue_status(running, retry),\n workspace: %{\n path: workspace_path(issue_identifier, running, retry),\n host: workspace_host(running, retry)\n },\n attempts: %{\n restart_count: restart_count(retry),\n current_retry_attempt: retry_attempt(retry)\n },\n running: running && running_issue_payload(running),\n retry: retry && retry_issue_payload(retry),\n logs: %{\n codex_session_logs: []\n },\n recent_events: (running && recent_events_payload(running)) || [],\n last_error: retry && retry.error,\n tracked: %{}\n }\n end\n\n defp issue_id_from_entries(running, retry),\n do: (running && running.issue_id) || (retry && retry.issue_id)\n\n defp restart_count(retry), do: max(retry_attempt(retry) - 1, 0)\n defp retry_attempt(nil), do: 0\n defp retry_attempt(retry), do: retry.attempt || 0\n\n defp issue_status(_running, nil), do: \"running\"\n defp issue_status(nil, _retry), do: \"retrying\"\n defp issue_status(_running, _retry), do: \"running\"\n\n defp running_entry_payload(entry) do\n %{\n issue_id: entry.issue_id,\n issue_identifier: entry.identifier,\n state: entry.state,\n worker_host: Map.get(entry, :worker_host),\n workspace_path: Map.get(entry, :workspace_path),\n session_id: entry.session_id,\n turn_count: Map.get(entry, :turn_count, 0),\n last_event: entry.last_codex_event,\n last_message: summarize_message(entry.last_codex_message),\n started_at: iso8601(entry.started_at),\n last_event_at: iso8601(entry.last_codex_timestamp),\n tokens: %{\n input_tokens: entry.codex_input_tokens,\n output_tokens: entry.codex_output_tokens,\n total_tokens: entry.codex_total_tokens\n }\n }\n end\n\n defp retry_entry_payload(entry) do\n %{\n issue_id: entry.issue_id,\n issue_identifier: entry.identifier,\n attempt: entry.attempt,\n due_at: due_at_iso8601(entry.due_in_ms),\n error: entry.error,\n worker_host: Map.get(entry, :worker_host),\n workspace_path: Map.get(entry, :workspace_path)\n }\n end\n\n defp running_issue_payload(running) do\n %{\n worker_host: Map.get(running, :worker_host),\n workspace_path: Map.get(running, :workspace_path),\n session_id: running.session_id,\n turn_count: Map.get(running, :turn_count, 0),\n state: running.state,\n started_at: iso8601(running.started_at),\n last_event: running.last_codex_event,\n last_message: summarize_message(running.last_codex_message),\n last_event_at: iso8601(running.last_codex_timestamp),\n tokens: %{\n input_tokens: running.codex_input_tokens,\n output_tokens: running.codex_output_tokens,\n total_tokens: running.codex_total_tokens\n }\n }\n end\n\n defp retry_issue_payload(retry) do\n %{\n attempt: retry.attempt,\n due_at: due_at_iso8601(retry.due_in_ms),\n error: retry.error,\n worker_host: Map.get(retry, :worker_host),\n workspace_path: Map.get(retry, :workspace_path)\n }\n end\n\n defp workspace_path(issue_identifier, running, retry) do\n (running && Map.get(running, :workspace_path)) ||\n (retry && Map.get(retry, :workspace_path)) ||\n Path.join(Config.settings!().workspace.root, issue_identifier)\n end\n\n defp workspace_host(running, retry) do\n (running && Map.get(running, :worker_host)) || (retry && Map.get(retry, :worker_host))\n end\n\n defp recent_events_payload(running) do\n [\n %{\n at: iso8601(running.last_codex_timestamp),\n event: running.last_codex_event,\n message: summarize_message(running.last_codex_message)\n }\n ]\n |> Enum.reject(&is_nil(&1.at))\n end\n\n defp summarize_message(nil), do: nil\n defp summarize_message(message), do: StatusDashboard.humanize_codex_message(message)\n\n defp due_at_iso8601(due_in_ms) when is_integer(due_in_ms) do\n DateTime.utc_now()\n |> DateTime.add(div(due_in_ms, 1_000), :second)\n |> DateTime.truncate(:second)\n |> DateTime.to_iso8601()\n end\n\n defp due_at_iso8601(_due_in_ms), do: nil\n\n defp iso8601(%DateTime{} = datetime) do\n datetime\n |> DateTime.truncate(:second)\n |> DateTime.to_iso8601()\n end\n\n defp iso8601(_datetime), do: nil\nend\n" }, { "path": "elixir/lib/symphony_elixir_web/router.ex", "content": "defmodule SymphonyElixirWeb.Router do\n @moduledoc \"\"\"\n Router for Symphony's observability dashboard and API.\n \"\"\"\n\n use Phoenix.Router\n import Phoenix.LiveView.Router\n\n pipeline :browser do\n plug(:fetch_session)\n plug(:fetch_live_flash)\n plug(:put_root_layout, html: {SymphonyElixirWeb.Layouts, :root})\n plug(:protect_from_forgery)\n plug(:put_secure_browser_headers)\n end\n\n scope \"/\", SymphonyElixirWeb do\n get(\"/dashboard.css\", StaticAssetController, :dashboard_css)\n get(\"/vendor/phoenix_html/phoenix_html.js\", StaticAssetController, :phoenix_html_js)\n get(\"/vendor/phoenix/phoenix.js\", StaticAssetController, :phoenix_js)\n get(\"/vendor/phoenix_live_view/phoenix_live_view.js\", StaticAssetController, :phoenix_live_view_js)\n end\n\n scope \"/\", SymphonyElixirWeb do\n pipe_through(:browser)\n\n live(\"/\", DashboardLive, :index)\n end\n\n scope \"/\", SymphonyElixirWeb do\n get(\"/api/v1/state\", ObservabilityApiController, :state)\n\n match(:*, \"/\", ObservabilityApiController, :method_not_allowed)\n match(:*, \"/api/v1/state\", ObservabilityApiController, :method_not_allowed)\n post(\"/api/v1/refresh\", ObservabilityApiController, :refresh)\n match(:*, \"/api/v1/refresh\", ObservabilityApiController, :method_not_allowed)\n get(\"/api/v1/:issue_identifier\", ObservabilityApiController, :issue)\n match(:*, \"/api/v1/:issue_identifier\", ObservabilityApiController, :method_not_allowed)\n match(:*, \"/*path\", ObservabilityApiController, :not_found)\n end\nend\n" }, { "path": "elixir/lib/symphony_elixir_web/static_assets.ex", "content": "defmodule SymphonyElixirWeb.StaticAssets do\n @moduledoc false\n\n @dashboard_css_path Path.expand(\"../../priv/static/dashboard.css\", __DIR__)\n @phoenix_html_js_path Application.app_dir(:phoenix_html, \"priv/static/phoenix_html.js\")\n @phoenix_js_path Application.app_dir(:phoenix, \"priv/static/phoenix.js\")\n @phoenix_live_view_js_path Application.app_dir(:phoenix_live_view, \"priv/static/phoenix_live_view.js\")\n\n @external_resource @dashboard_css_path\n @external_resource @phoenix_html_js_path\n @external_resource @phoenix_js_path\n @external_resource @phoenix_live_view_js_path\n\n @dashboard_css File.read!(@dashboard_css_path)\n @phoenix_html_js File.read!(@phoenix_html_js_path)\n @phoenix_js File.read!(@phoenix_js_path)\n @phoenix_live_view_js File.read!(@phoenix_live_view_js_path)\n\n @assets %{\n \"/dashboard.css\" => {\"text/css\", @dashboard_css},\n \"/vendor/phoenix_html/phoenix_html.js\" => {\"application/javascript\", @phoenix_html_js},\n \"/vendor/phoenix/phoenix.js\" => {\"application/javascript\", @phoenix_js},\n \"/vendor/phoenix_live_view/phoenix_live_view.js\" => {\"application/javascript\", @phoenix_live_view_js}\n }\n\n @spec fetch(String.t()) :: {:ok, String.t(), binary()} | :error\n def fetch(path) when is_binary(path) do\n case Map.fetch(@assets, path) do\n {:ok, {content_type, body}} -> {:ok, content_type, body}\n :error -> :error\n end\n end\nend\n" }, { "path": "elixir/mise.toml", "content": "[tools]\nerlang = \"28\"\nelixir = \"1.19.5-otp-28\"\n" }, { "path": "elixir/mix.exs", "content": "defmodule SymphonyElixir.MixProject do\n use Mix.Project\n\n def project do\n [\n app: :symphony_elixir,\n version: \"0.1.0\",\n elixir: \"~> 1.19\",\n compilers: [:phoenix_live_view] ++ Mix.compilers(),\n start_permanent: Mix.env() == :prod,\n test_coverage: [\n summary: [\n threshold: 100\n ],\n ignore_modules: [\n SymphonyElixir.Config,\n SymphonyElixir.Linear.Client,\n SymphonyElixir.SpecsCheck,\n SymphonyElixir.Orchestrator,\n SymphonyElixir.Orchestrator.State,\n SymphonyElixir.AgentRunner,\n SymphonyElixir.CLI,\n SymphonyElixir.Codex.AppServer,\n SymphonyElixir.Codex.DynamicTool,\n SymphonyElixir.HttpServer,\n SymphonyElixir.StatusDashboard,\n SymphonyElixir.LogFile,\n SymphonyElixir.Workspace,\n SymphonyElixirWeb.DashboardLive,\n SymphonyElixirWeb.Endpoint,\n SymphonyElixirWeb.ErrorHTML,\n SymphonyElixirWeb.ErrorJSON,\n SymphonyElixirWeb.Layouts,\n SymphonyElixirWeb.ObservabilityApiController,\n SymphonyElixirWeb.Presenter,\n SymphonyElixirWeb.StaticAssetController,\n SymphonyElixirWeb.StaticAssets,\n SymphonyElixirWeb.Router,\n SymphonyElixirWeb.Router.Helpers\n ]\n ],\n test_ignore_filters: [\n \"test/support/snapshot_support.exs\",\n \"test/support/test_support.exs\"\n ],\n dialyzer: [\n plt_add_apps: [:mix]\n ],\n escript: escript(),\n aliases: aliases(),\n deps: deps()\n ]\n end\n\n # Run \"mix help compile.app\" to learn about applications.\n def application do\n [\n mod: {SymphonyElixir.Application, []},\n extra_applications: [:logger]\n ]\n end\n\n # Run \"mix help deps\" to learn about dependencies.\n defp deps do\n [\n {:bandit, \"~> 1.8\"},\n {:floki, \">= 0.30.0\", only: :test},\n {:lazy_html, \">= 0.1.0\", only: :test},\n {:phoenix, \"~> 1.8.0\"},\n {:phoenix_html, \"~> 4.2\"},\n {:phoenix_live_view, \"~> 1.1.0\"},\n {:req, \"~> 0.5\"},\n {:jason, \"~> 1.4\"},\n {:yaml_elixir, \"~> 2.12\"},\n {:solid, \"~> 1.2\"},\n {:ecto, \"~> 3.13\"},\n {:credo, \"~> 1.7\", only: [:dev, :test], runtime: false},\n {:dialyxir, \"~> 1.4\", only: [:dev], runtime: false}\n ]\n end\n\n defp aliases do\n [\n setup: [\"deps.get\"],\n build: [\"escript.build\"],\n lint: [\"specs.check\", \"credo --strict\"]\n ]\n end\n\n defp escript do\n [\n app: nil,\n main_module: SymphonyElixir.CLI,\n name: \"symphony\",\n path: \"bin/symphony\"\n ]\n end\nend\n" }, { "path": "elixir/priv/static/dashboard.css", "content": ":root {\n color-scheme: light;\n --page: #f7f7f8;\n --page-soft: #fbfbfc;\n --page-deep: #ececf1;\n --card: rgba(255, 255, 255, 0.94);\n --card-muted: #f3f4f6;\n --ink: #202123;\n --muted: #6e6e80;\n --line: #ececf1;\n --line-strong: #d9d9e3;\n --accent: #10a37f;\n --accent-ink: #0f513f;\n --accent-soft: #e8faf4;\n --danger: #b42318;\n --danger-soft: #fef3f2;\n --shadow-sm: 0 1px 2px rgba(16, 24, 40, 0.05);\n --shadow-lg: 0 20px 50px rgba(15, 23, 42, 0.08);\n}\n\n* {\n box-sizing: border-box;\n}\n\nhtml {\n background: var(--page);\n}\n\nbody {\n margin: 0;\n min-height: 100vh;\n background:\n radial-gradient(circle at top, rgba(16, 163, 127, 0.12) 0%, rgba(16, 163, 127, 0) 30%),\n linear-gradient(180deg, var(--page-soft) 0%, var(--page) 24%, #f3f4f6 100%);\n color: var(--ink);\n font-family: \"Sohne\", \"SF Pro Text\", \"Helvetica Neue\", \"Segoe UI\", sans-serif;\n line-height: 1.5;\n}\n\na {\n color: var(--ink);\n text-decoration: none;\n transition: color 140ms ease;\n}\n\na:hover {\n color: var(--accent);\n}\n\nbutton {\n appearance: none;\n border: 1px solid var(--accent);\n background: var(--accent);\n color: white;\n border-radius: 999px;\n padding: 0.72rem 1.08rem;\n cursor: pointer;\n font: inherit;\n font-weight: 600;\n letter-spacing: -0.01em;\n box-shadow: 0 8px 20px rgba(16, 163, 127, 0.18);\n transition:\n transform 140ms ease,\n box-shadow 140ms ease,\n background 140ms ease,\n border-color 140ms ease;\n}\n\nbutton:hover {\n transform: translateY(-1px);\n box-shadow: 0 12px 24px rgba(16, 163, 127, 0.22);\n}\n\nbutton.secondary {\n background: var(--card);\n color: var(--ink);\n border-color: var(--line-strong);\n box-shadow: var(--shadow-sm);\n}\n\nbutton.secondary:hover {\n box-shadow: 0 6px 16px rgba(15, 23, 42, 0.08);\n}\n\n.subtle-button {\n appearance: none;\n border: 1px solid var(--line-strong);\n background: rgba(255, 255, 255, 0.72);\n color: var(--muted);\n border-radius: 999px;\n padding: 0.34rem 0.72rem;\n cursor: pointer;\n font: inherit;\n font-size: 0.82rem;\n font-weight: 600;\n letter-spacing: 0.01em;\n box-shadow: none;\n transition:\n background 140ms ease,\n border-color 140ms ease,\n color 140ms ease;\n}\n\n.subtle-button:hover {\n transform: none;\n box-shadow: none;\n background: white;\n border-color: var(--muted);\n color: var(--ink);\n}\n\npre {\n margin: 0;\n white-space: pre-wrap;\n word-break: break-word;\n}\n\ncode,\npre,\n.mono {\n font-family: \"Sohne Mono\", \"SFMono-Regular\", \"SF Mono\", Consolas, \"Liberation Mono\", monospace;\n}\n\n.mono,\n.numeric {\n font-variant-numeric: tabular-nums slashed-zero;\n font-feature-settings: \"tnum\" 1, \"zero\" 1;\n}\n\n.app-shell {\n max-width: 1280px;\n margin: 0 auto;\n padding: 2rem 1rem 3.5rem;\n}\n\n.dashboard-shell {\n display: grid;\n gap: 1rem;\n}\n\n.hero-card,\n.section-card,\n.metric-card,\n.error-card {\n background: var(--card);\n border: 1px solid rgba(217, 217, 227, 0.82);\n box-shadow: var(--shadow-sm);\n backdrop-filter: blur(18px);\n}\n\n.hero-card {\n border-radius: 28px;\n padding: clamp(1.25rem, 3vw, 2rem);\n box-shadow: var(--shadow-lg);\n}\n\n.hero-grid {\n display: grid;\n grid-template-columns: minmax(0, 1fr) auto;\n gap: 1.25rem;\n align-items: start;\n}\n\n.eyebrow {\n margin: 0;\n color: var(--muted);\n text-transform: uppercase;\n letter-spacing: 0.08em;\n font-size: 0.76rem;\n font-weight: 600;\n}\n\n.hero-title {\n margin: 0.35rem 0 0;\n font-size: clamp(2rem, 4vw, 3.3rem);\n line-height: 0.98;\n letter-spacing: -0.04em;\n}\n\n.hero-copy {\n margin: 0.75rem 0 0;\n max-width: 46rem;\n color: var(--muted);\n font-size: 1rem;\n}\n\n.status-stack {\n display: grid;\n justify-items: end;\n align-content: start;\n min-width: min(100%, 9rem);\n}\n\n.status-badge {\n display: inline-flex;\n align-items: center;\n gap: 0.45rem;\n min-height: 2rem;\n padding: 0.35rem 0.78rem;\n border-radius: 999px;\n border: 1px solid var(--line);\n background: var(--card-muted);\n color: var(--muted);\n font-size: 0.82rem;\n font-weight: 700;\n letter-spacing: 0.01em;\n}\n\n.status-badge-dot {\n width: 0.52rem;\n height: 0.52rem;\n border-radius: 999px;\n background: currentColor;\n opacity: 0.9;\n}\n\n.status-badge-live {\n display: none;\n background: var(--accent-soft);\n border-color: rgba(16, 163, 127, 0.18);\n color: var(--accent-ink);\n}\n\n.status-badge-offline {\n background: #f5f5f7;\n border-color: var(--line-strong);\n color: var(--muted);\n}\n\n[data-phx-main].phx-connected .status-badge-live {\n display: inline-flex;\n}\n\n[data-phx-main].phx-connected .status-badge-offline {\n display: none;\n}\n\n.metric-grid {\n display: grid;\n gap: 0.85rem;\n grid-template-columns: repeat(auto-fit, minmax(180px, 1fr));\n}\n\n.metric-card {\n border-radius: 22px;\n padding: 1rem 1.05rem 1.1rem;\n}\n\n.metric-label {\n margin: 0;\n color: var(--muted);\n font-size: 0.82rem;\n font-weight: 600;\n letter-spacing: 0.01em;\n}\n\n.metric-value {\n margin: 0.35rem 0 0;\n font-size: clamp(1.6rem, 2vw, 2.1rem);\n line-height: 1.05;\n letter-spacing: -0.03em;\n}\n\n.metric-detail {\n margin: 0.45rem 0 0;\n color: var(--muted);\n font-size: 0.88rem;\n}\n\n.section-card {\n border-radius: 24px;\n padding: 1.15rem;\n}\n\n.section-header {\n display: flex;\n justify-content: space-between;\n align-items: flex-start;\n gap: 1rem;\n flex-wrap: wrap;\n}\n\n.section-title {\n margin: 0;\n font-size: 1.08rem;\n line-height: 1.2;\n letter-spacing: -0.02em;\n}\n\n.section-copy {\n margin: 0.35rem 0 0;\n color: var(--muted);\n font-size: 0.94rem;\n}\n\n.table-wrap {\n overflow-x: auto;\n margin-top: 1rem;\n}\n\n.data-table {\n width: 100%;\n min-width: 720px;\n border-collapse: collapse;\n}\n\n.data-table-running {\n table-layout: fixed;\n min-width: 980px;\n}\n\n.data-table th {\n padding: 0 0.5rem 0.75rem 0;\n text-align: left;\n color: var(--muted);\n font-size: 0.78rem;\n font-weight: 600;\n text-transform: uppercase;\n letter-spacing: 0.04em;\n}\n\n.data-table td {\n padding: 0.9rem 0.5rem 0.9rem 0;\n border-top: 1px solid var(--line);\n vertical-align: top;\n font-size: 0.94rem;\n}\n\n.issue-stack,\n.session-stack,\n.detail-stack,\n.token-stack {\n display: grid;\n gap: 0.24rem;\n min-width: 0;\n}\n\n.event-text {\n font-weight: 500;\n line-height: 1.45;\n max-width: 100%;\n overflow: hidden;\n text-overflow: ellipsis;\n white-space: nowrap;\n}\n\n.event-meta {\n max-width: 100%;\n overflow: hidden;\n text-overflow: ellipsis;\n white-space: nowrap;\n}\n\n.state-badge {\n display: inline-flex;\n align-items: center;\n min-height: 1.85rem;\n padding: 0.3rem 0.68rem;\n border-radius: 999px;\n border: 1px solid var(--line);\n background: var(--card-muted);\n color: var(--ink);\n font-size: 0.8rem;\n font-weight: 600;\n line-height: 1;\n}\n\n.state-badge-active {\n background: var(--accent-soft);\n border-color: rgba(16, 163, 127, 0.18);\n color: var(--accent-ink);\n}\n\n.state-badge-warning {\n background: #fff7e8;\n border-color: #f1d8a6;\n color: #8a5a00;\n}\n\n.state-badge-danger {\n background: var(--danger-soft);\n border-color: #f6d3cf;\n color: var(--danger);\n}\n\n.issue-id {\n font-weight: 600;\n letter-spacing: -0.01em;\n}\n\n.issue-link {\n color: var(--muted);\n font-size: 0.86rem;\n}\n\n.muted {\n color: var(--muted);\n}\n\n.code-panel {\n margin-top: 1rem;\n padding: 1rem;\n border-radius: 18px;\n background: #f5f5f7;\n border: 1px solid var(--line);\n color: #353740;\n font-size: 0.9rem;\n}\n\n.empty-state {\n margin: 1rem 0 0;\n color: var(--muted);\n}\n\n.error-card {\n border-radius: 24px;\n padding: 1.25rem;\n background: linear-gradient(180deg, #fff8f7 0%, var(--danger-soft) 100%);\n border-color: #f6d3cf;\n}\n\n.error-title {\n margin: 0;\n color: var(--danger);\n font-size: 1.15rem;\n letter-spacing: -0.02em;\n}\n\n.error-copy {\n margin: 0.45rem 0 0;\n color: var(--danger);\n}\n\n@media (max-width: 860px) {\n .app-shell {\n padding: 1rem 0.85rem 2rem;\n }\n\n .hero-grid {\n grid-template-columns: 1fr;\n }\n\n .status-stack {\n justify-items: start;\n }\n\n .metric-grid {\n grid-template-columns: repeat(2, minmax(0, 1fr));\n }\n}\n\n@media (max-width: 560px) {\n .metric-grid {\n grid-template-columns: 1fr;\n }\n\n .section-card,\n .hero-card,\n .error-card {\n border-radius: 20px;\n padding: 1rem;\n }\n}\n" }, { "path": "elixir/test/fixtures/status_dashboard_snapshots/backoff_queue.evidence.md", "content": "```text\n╭─ SYMPHONY STATUS\n│ Agents: 1/10\n│ Throughput: 15 tps\n│ Runtime: 45m 0s\n│ Tokens: in 18,000 | out 2,200 | total 20,200\n│ Rate Limits: gpt-5 | primary 0/20,000 reset 95s | secondary 0/60 reset 45s | credits none\n│ Project: https://linear.app/project/project/issues\n│ Next refresh: n/a\n├─ Running\n│\n│ ID STAGE PID AGE / TURN TOKENS SESSION EVENT \n│ ───────────────────────────────────────────────────────────────────────────────────────────────────────────────\n│ ● MT-638 retrying 4242 20m 25s / 7 14,200 thre...567890 agent message streaming: waiting on ...\n│\n├─ Backoff queue\n│\n│ ↻ MT-450 attempt=4 in 1.250s error=rate limit exhausted\n│ ↻ MT-451 attempt=2 in 3.900s error=retrying after API timeout with jitter\n│ ↻ MT-452 attempt=6 in 8.100s error=worker crashed restarting cleanly\n│ ↻ MT-453 attempt=1 in 11.000s error=fourth queued retry should also render after removing the top-three limit\n╰─\n```\n" }, { "path": "elixir/test/fixtures/status_dashboard_snapshots/backoff_queue.snapshot.txt", "content": "\\e[1m╭─ SYMPHONY STATUS\\e[0m\n\\e[1m│ Agents: \\e[0m\\e[32m1\\e[0m\\e[90m/\\e[0m\\e[90m10\\e[0m\n\\e[1m│ Throughput: \\e[0m\\e[36m15 tps\\e[0m\n\\e[1m│ Runtime: \\e[0m\\e[35m45m 0s\\e[0m\n\\e[1m│ Tokens: \\e[0m\\e[33min 18,000\\e[0m\\e[90m | \\e[0m\\e[33mout 2,200\\e[0m\\e[90m | \\e[0m\\e[33mtotal 20,200\\e[0m\n\\e[1m│ Rate Limits: \\e[0m\\e[33mgpt-5\\e[0m\\e[90m | \\e[0m\\e[36mprimary 0/20,000 reset 95s\\e[0m\\e[90m | \\e[0m\\e[36msecondary 0/60 reset 45s\\e[0m\\e[90m | \\e[0m\\e[32mcredits none\\e[0m\n\\e[1m│ Project: \\e[0m\\e[36mhttps://linear.app/project/project/issues\\e[0m\n\\e[1m│ Next refresh: \\e[0m\\e[90mn/a\\e[0m\n\\e[1m├─ Running\\e[0m\n│\n│ \\e[90mID STAGE PID AGE / TURN TOKENS SESSION EVENT \\e[0m\n│ \\e[90m───────────────────────────────────────────────────────────────────────────────────────────────────────────────\\e[0m\n│ \\e[34m●\\e[0m \\e[36mMT-638 \\e[0m \\e[34mretrying \\e[0m \\e[33m4242 \\e[0m \\e[35m20m 25s / 7 \\e[0m \\e[33m 14,200\\e[0m \\e[36mthre...567890 \\e[0m \\e[34magent message streaming: waiting on ...\\e[0m\n│\n\\e[1m├─ Backoff queue\\e[0m\n│\n│ \\e[33m↻\\e[0m \\e[31mMT-450\\e[0m \\e[33mattempt=4\\e[0m\\e[2m in \\e[0m\\e[36m1.250s\\e[0m \\e[2merror=rate limit exhausted\\e[0m\n│ \\e[33m↻\\e[0m \\e[31mMT-451\\e[0m \\e[33mattempt=2\\e[0m\\e[2m in \\e[0m\\e[36m3.900s\\e[0m \\e[2merror=retrying after API timeout with jitter\\e[0m\n│ \\e[33m↻\\e[0m \\e[31mMT-452\\e[0m \\e[33mattempt=6\\e[0m\\e[2m in \\e[0m\\e[36m8.100s\\e[0m \\e[2merror=worker crashed restarting cleanly\\e[0m\n│ \\e[33m↻\\e[0m \\e[31mMT-453\\e[0m \\e[33mattempt=1\\e[0m\\e[2m in \\e[0m\\e[36m11.000s\\e[0m \\e[2merror=fourth queued retry should also render after removing the top-three limit\\e[0m\n╰─\n" }, { "path": "elixir/test/fixtures/status_dashboard_snapshots/credits_unlimited.evidence.md", "content": "```text\n╭─ SYMPHONY STATUS\n│ Agents: 1/10\n│ Throughput: 42 tps\n│ Runtime: 1m 15s\n│ Tokens: in 90 | out 12 | total 102\n│ Rate Limits: priority-tier | primary 100/100 reset 1s | secondary 500/500 reset 1s | credits unlimited\n│ Project: https://linear.app/project/project/issues\n│ Next refresh: n/a\n├─ Running\n│\n│ ID STAGE PID AGE / TURN TOKENS SESSION EVENT \n│ ───────────────────────────────────────────────────────────────────────────────────────────────────────────────\n│ ● MT-777 running 4242 1m 15s / 7 3,200 thre...567890 thread token usage updated (in 90, o...\n│\n├─ Backoff queue\n│\n│ No queued retries\n╰─\n```\n" }, { "path": "elixir/test/fixtures/status_dashboard_snapshots/credits_unlimited.snapshot.txt", "content": "\\e[1m╭─ SYMPHONY STATUS\\e[0m\n\\e[1m│ Agents: \\e[0m\\e[32m1\\e[0m\\e[90m/\\e[0m\\e[90m10\\e[0m\n\\e[1m│ Throughput: \\e[0m\\e[36m42 tps\\e[0m\n\\e[1m│ Runtime: \\e[0m\\e[35m1m 15s\\e[0m\n\\e[1m│ Tokens: \\e[0m\\e[33min 90\\e[0m\\e[90m | \\e[0m\\e[33mout 12\\e[0m\\e[90m | \\e[0m\\e[33mtotal 102\\e[0m\n\\e[1m│ Rate Limits: \\e[0m\\e[33mpriority-tier\\e[0m\\e[90m | \\e[0m\\e[36mprimary 100/100 reset 1s\\e[0m\\e[90m | \\e[0m\\e[36msecondary 500/500 reset 1s\\e[0m\\e[90m | \\e[0m\\e[32mcredits unlimited\\e[0m\n\\e[1m│ Project: \\e[0m\\e[36mhttps://linear.app/project/project/issues\\e[0m\n\\e[1m│ Next refresh: \\e[0m\\e[90mn/a\\e[0m\n\\e[1m├─ Running\\e[0m\n│\n│ \\e[90mID STAGE PID AGE / TURN TOKENS SESSION EVENT \\e[0m\n│ \\e[90m───────────────────────────────────────────────────────────────────────────────────────────────────────────────\\e[0m\n│ \\e[33m●\\e[0m \\e[36mMT-777 \\e[0m \\e[33mrunning \\e[0m \\e[33m4242 \\e[0m \\e[35m1m 15s / 7 \\e[0m \\e[33m 3,200\\e[0m \\e[36mthre...567890 \\e[0m \\e[33mthread token usage updated (in 90, o...\\e[0m\n│\n\\e[1m├─ Backoff queue\\e[0m\n│\n│ \\e[90mNo queued retries\\e[0m\n╰─\n" }, { "path": "elixir/test/fixtures/status_dashboard_snapshots/idle.evidence.md", "content": "```text\n╭─ SYMPHONY STATUS\n│ Agents: 0/10\n│ Throughput: 0 tps\n│ Runtime: 0m 0s\n│ Tokens: in 0 | out 0 | total 0\n│ Rate Limits: unavailable\n│ Project: https://linear.app/project/project/issues\n│ Next refresh: n/a\n├─ Running\n│\n│ ID STAGE PID AGE / TURN TOKENS SESSION EVENT \n│ ───────────────────────────────────────────────────────────────────────────────────────────────────────────────\n│ No active agents\n│\n├─ Backoff queue\n│\n│ No queued retries\n╰─\n```\n" }, { "path": "elixir/test/fixtures/status_dashboard_snapshots/idle.snapshot.txt", "content": "\\e[1m╭─ SYMPHONY STATUS\\e[0m\n\\e[1m│ Agents: \\e[0m\\e[32m0\\e[0m\\e[90m/\\e[0m\\e[90m10\\e[0m\n\\e[1m│ Throughput: \\e[0m\\e[36m0 tps\\e[0m\n\\e[1m│ Runtime: \\e[0m\\e[35m0m 0s\\e[0m\n\\e[1m│ Tokens: \\e[0m\\e[33min 0\\e[0m\\e[90m | \\e[0m\\e[33mout 0\\e[0m\\e[90m | \\e[0m\\e[33mtotal 0\\e[0m\n\\e[1m│ Rate Limits: \\e[0m\\e[90munavailable\\e[0m\n\\e[1m│ Project: \\e[0m\\e[36mhttps://linear.app/project/project/issues\\e[0m\n\\e[1m│ Next refresh: \\e[0m\\e[90mn/a\\e[0m\n\\e[1m├─ Running\\e[0m\n│\n│ \\e[90mID STAGE PID AGE / TURN TOKENS SESSION EVENT \\e[0m\n│ \\e[90m───────────────────────────────────────────────────────────────────────────────────────────────────────────────\\e[0m\n│ \\e[90mNo active agents\\e[0m\n│\n\\e[1m├─ Backoff queue\\e[0m\n│\n│ \\e[90mNo queued retries\\e[0m\n╰─\n" }, { "path": "elixir/test/fixtures/status_dashboard_snapshots/idle_with_dashboard_url.evidence.md", "content": "```text\n╭─ SYMPHONY STATUS\n│ Agents: 0/10\n│ Throughput: 0 tps\n│ Runtime: 0m 0s\n│ Tokens: in 0 | out 0 | total 0\n│ Rate Limits: unavailable\n│ Project: https://linear.app/project/project/issues\n│ Dashboard: http://127.0.0.1:4000/\n│ Next refresh: n/a\n├─ Running\n│\n│ ID STAGE PID AGE / TURN TOKENS SESSION EVENT \n│ ───────────────────────────────────────────────────────────────────────────────────────────────────────────────\n│ No active agents\n│\n├─ Backoff queue\n│\n│ No queued retries\n╰─\n```\n" }, { "path": "elixir/test/fixtures/status_dashboard_snapshots/idle_with_dashboard_url.snapshot.txt", "content": "\\e[1m╭─ SYMPHONY STATUS\\e[0m\n\\e[1m│ Agents: \\e[0m\\e[32m0\\e[0m\\e[90m/\\e[0m\\e[90m10\\e[0m\n\\e[1m│ Throughput: \\e[0m\\e[36m0 tps\\e[0m\n\\e[1m│ Runtime: \\e[0m\\e[35m0m 0s\\e[0m\n\\e[1m│ Tokens: \\e[0m\\e[33min 0\\e[0m\\e[90m | \\e[0m\\e[33mout 0\\e[0m\\e[90m | \\e[0m\\e[33mtotal 0\\e[0m\n\\e[1m│ Rate Limits: \\e[0m\\e[90munavailable\\e[0m\n\\e[1m│ Project: \\e[0m\\e[36mhttps://linear.app/project/project/issues\\e[0m\n\\e[1m│ Dashboard: \\e[0m\\e[36mhttp://127.0.0.1:4000/\\e[0m\n\\e[1m│ Next refresh: \\e[0m\\e[90mn/a\\e[0m\n\\e[1m├─ Running\\e[0m\n│\n│ \\e[90mID STAGE PID AGE / TURN TOKENS SESSION EVENT \\e[0m\n│ \\e[90m───────────────────────────────────────────────────────────────────────────────────────────────────────────────\\e[0m\n│ \\e[90mNo active agents\\e[0m\n│\n\\e[1m├─ Backoff queue\\e[0m\n│\n│ \\e[90mNo queued retries\\e[0m\n╰─\n" }, { "path": "elixir/test/fixtures/status_dashboard_snapshots/super_busy.evidence.md", "content": "```text\n╭─ SYMPHONY STATUS\n│ Agents: 2/10\n│ Throughput: 1,842 tps\n│ Runtime: 72m 1s\n│ Tokens: in 250,000 | out 18,500 | total 268,500\n│ Rate Limits: gpt-5 | primary 12,345/20,000 reset 30s | secondary 45/60 reset 12s | credits 9876.50\n│ Project: https://linear.app/project/project/issues\n│ Next refresh: n/a\n├─ Running\n│\n│ ID STAGE PID AGE / TURN TOKENS SESSION EVENT \n│ ───────────────────────────────────────────────────────────────────────────────────────────────────────────────\n│ ● MT-101 running 4242 13m 5s / 11 120,450 thre...567890 turn completed (completed) \n│ ● MT-102 running 5252 6m 52s / 4 89,200 thre...567890 mix test --cover \n│\n├─ Backoff queue\n│\n│ No queued retries\n╰─\n```\n" }, { "path": "elixir/test/fixtures/status_dashboard_snapshots/super_busy.snapshot.txt", "content": "\\e[1m╭─ SYMPHONY STATUS\\e[0m\n\\e[1m│ Agents: \\e[0m\\e[32m2\\e[0m\\e[90m/\\e[0m\\e[90m10\\e[0m\n\\e[1m│ Throughput: \\e[0m\\e[36m1,842 tps\\e[0m\n\\e[1m│ Runtime: \\e[0m\\e[35m72m 1s\\e[0m\n\\e[1m│ Tokens: \\e[0m\\e[33min 250,000\\e[0m\\e[90m | \\e[0m\\e[33mout 18,500\\e[0m\\e[90m | \\e[0m\\e[33mtotal 268,500\\e[0m\n\\e[1m│ Rate Limits: \\e[0m\\e[33mgpt-5\\e[0m\\e[90m | \\e[0m\\e[36mprimary 12,345/20,000 reset 30s\\e[0m\\e[90m | \\e[0m\\e[36msecondary 45/60 reset 12s\\e[0m\\e[90m | \\e[0m\\e[32mcredits 9876.50\\e[0m\n\\e[1m│ Project: \\e[0m\\e[36mhttps://linear.app/project/project/issues\\e[0m\n\\e[1m│ Next refresh: \\e[0m\\e[90mn/a\\e[0m\n\\e[1m├─ Running\\e[0m\n│\n│ \\e[90mID STAGE PID AGE / TURN TOKENS SESSION EVENT \\e[0m\n│ \\e[90m───────────────────────────────────────────────────────────────────────────────────────────────────────────────\\e[0m\n│ \\e[35m●\\e[0m \\e[36mMT-101 \\e[0m \\e[35mrunning \\e[0m \\e[33m4242 \\e[0m \\e[35m13m 5s / 11 \\e[0m \\e[33m 120,450\\e[0m \\e[36mthre...567890 \\e[0m \\e[35mturn completed (completed) \\e[0m\n│ \\e[32m●\\e[0m \\e[36mMT-102 \\e[0m \\e[32mrunning \\e[0m \\e[33m5252 \\e[0m \\e[35m6m 52s / 4 \\e[0m \\e[33m 89,200\\e[0m \\e[36mthre...567890 \\e[0m \\e[32mmix test --cover \\e[0m\n│\n\\e[1m├─ Backoff queue\\e[0m\n│\n│ \\e[90mNo queued retries\\e[0m\n╰─\n" }, { "path": "elixir/test/mix/tasks/pr_body_check_test.exs", "content": "defmodule Mix.Tasks.PrBody.CheckTest do\n use ExUnit.Case, async: false\n\n alias Mix.Tasks.PrBody.Check\n\n import ExUnit.CaptureIO\n\n @template \"\"\"\n #### Context\n\n \n\n #### TL;DR\n\n **\n\n #### Summary\n\n - \n\n #### Alternatives\n\n - \n\n #### Test Plan\n\n - [ ] \n \"\"\"\n\n @valid_body \"\"\"\n #### Context\n\n Context text.\n\n #### TL;DR\n\n Short summary.\n\n #### Summary\n\n - First change.\n\n #### Alternatives\n\n - Alternative considered.\n\n #### Test Plan\n\n - [x] Ran targeted checks.\n \"\"\"\n\n setup do\n Mix.Task.reenable(\"pr_body.check\")\n :ok\n end\n\n test \"prints help\" do\n output = capture_io(fn -> Check.run([\"--help\"]) end)\n assert output =~ \"mix pr_body.check --file /path/to/pr_body.md\"\n end\n\n test \"fails on invalid options\" do\n assert_raise Mix.Error, ~r/Invalid option/, fn ->\n Check.run([\"lint\", \"--wat\"])\n end\n end\n\n test \"fails when file option is missing\" do\n assert_raise Mix.Error, ~r/Missing required option --file/, fn ->\n Check.run([\"lint\"])\n end\n end\n\n test \"fails when template is missing\" do\n in_temp_repo(fn ->\n File.write!(\"body.md\", @valid_body)\n\n assert_raise Mix.Error, ~r/Unable to read PR template/, fn ->\n Check.run([\"lint\", \"--file\", \"body.md\"])\n end\n end)\n end\n\n test \"fails when template has no headings\" do\n in_temp_repo(fn ->\n write_template!(\"no headings here\")\n File.write!(\"body.md\", @valid_body)\n\n assert_raise Mix.Error, ~r/No markdown headings found/, fn ->\n Check.run([\"lint\", \"--file\", \"body.md\"])\n end\n end)\n end\n\n test \"fails when body file is missing\" do\n in_temp_repo(fn ->\n write_template!(@template)\n\n assert_raise Mix.Error, ~r/Unable to read missing\\.md/, fn ->\n Check.run([\"lint\", \"--file\", \"missing.md\"])\n end\n end)\n end\n\n test \"fails when body still has placeholders\" do\n in_temp_repo(fn ->\n write_template!(@template)\n File.write!(\"body.md\", @template)\n\n error_output =\n capture_io(:stderr, fn ->\n assert_raise Mix.Error, ~r/PR body format invalid/, fn ->\n Check.run([\"lint\", \"--file\", \"body.md\"])\n end\n end)\n\n assert error_output =~ \"PR description still contains template placeholder comments\"\n end)\n end\n\n test \"fails when heading is missing\" do\n in_temp_repo(fn ->\n write_template!(@template)\n\n missing_heading = String.replace(@valid_body, \"#### Alternatives\\n\\n- Alternative considered.\\n\\n\", \"\")\n File.write!(\"body.md\", missing_heading)\n\n error_output =\n capture_io(:stderr, fn ->\n assert_raise Mix.Error, ~r/PR body format invalid/, fn ->\n Check.run([\"lint\", \"--file\", \"body.md\"])\n end\n end)\n\n assert error_output =~ \"Missing required heading: #### Alternatives\"\n end)\n end\n\n test \"fails when headings are out of order\" do\n in_temp_repo(fn ->\n write_template!(@template)\n\n out_of_order = \"\"\"\n #### TL;DR\n\n Short summary.\n\n #### Context\n\n Context text.\n\n #### Summary\n\n - First change.\n\n #### Alternatives\n\n - Alternative considered.\n\n #### Test Plan\n\n - [x] Ran targeted checks.\n \"\"\"\n\n File.write!(\"body.md\", out_of_order)\n\n error_output =\n capture_io(:stderr, fn ->\n assert_raise Mix.Error, ~r/PR body format invalid/, fn ->\n Check.run([\"lint\", \"--file\", \"body.md\"])\n end\n end)\n\n assert error_output =~ \"Required headings are out of order.\"\n end)\n end\n\n test \"fails on empty section\" do\n in_temp_repo(fn ->\n write_template!(@template)\n\n empty_context = String.replace(@valid_body, \"Context text.\", \"\")\n File.write!(\"body.md\", empty_context)\n\n error_output =\n capture_io(:stderr, fn ->\n assert_raise Mix.Error, ~r/PR body format invalid/, fn ->\n Check.run([\"lint\", \"--file\", \"body.md\"])\n end\n end)\n\n assert error_output =~ \"Section cannot be empty: #### Context\"\n end)\n end\n\n test \"fails when a middle section is blank before the next heading\" do\n in_temp_repo(fn ->\n write_template!(@template)\n\n blank_alternatives = \"\"\"\n #### Context\n\n Context text.\n\n #### TL;DR\n\n Short summary.\n\n #### Summary\n\n - First change.\n\n #### Alternatives\n\n\n #### Test Plan\n\n - [x] Ran targeted checks.\n \"\"\"\n\n File.write!(\"body.md\", blank_alternatives)\n\n error_output =\n capture_io(:stderr, fn ->\n assert_raise Mix.Error, ~r/PR body format invalid/, fn ->\n Check.run([\"lint\", \"--file\", \"body.md\"])\n end\n end)\n\n assert error_output =~ \"Section cannot be empty: #### Alternatives\"\n end)\n end\n\n test \"fails when bullet and checkbox expectations are not met\" do\n in_temp_repo(fn ->\n write_template!(@template)\n\n invalid_body = \"\"\"\n #### Context\n\n Context text.\n\n #### TL;DR\n\n Short summary.\n\n #### Summary\n\n Not a bullet.\n\n #### Alternatives\n\n Also not a bullet.\n\n #### Test Plan\n\n No checkbox.\n \"\"\"\n\n File.write!(\"body.md\", invalid_body)\n\n error_output =\n capture_io(:stderr, fn ->\n assert_raise Mix.Error, ~r/PR body format invalid/, fn ->\n Check.run([\"lint\", \"--file\", \"body.md\"])\n end\n end)\n\n assert error_output =~ \"Section must include at least one bullet item: #### Summary\"\n assert error_output =~ \"Section must include at least one bullet item: #### Alternatives\"\n assert error_output =~ \"Section must include at least one bullet item: #### Test Plan\"\n assert error_output =~ \"Section must include at least one checkbox item: #### Test Plan\"\n end)\n end\n\n test \"fails when heading has no content delimiter\" do\n in_temp_repo(fn ->\n write_template!(@template)\n File.write!(\"body.md\", \"#### Context\\nContext text.\")\n\n capture_io(:stderr, fn ->\n assert_raise Mix.Error, ~r/PR body format invalid/, fn ->\n Check.run([\"lint\", \"--file\", \"body.md\"])\n end\n end)\n end)\n end\n\n test \"fails when heading appears at end of file\" do\n in_temp_repo(fn ->\n write_template!(@template)\n File.write!(\"body.md\", \"#### Context\")\n\n error_output =\n capture_io(:stderr, fn ->\n assert_raise Mix.Error, ~r/PR body format invalid/, fn ->\n Check.run([\"lint\", \"--file\", \"body.md\"])\n end\n end)\n\n assert error_output =~ \"Section cannot be empty: #### Context\"\n end)\n end\n\n test \"passes for valid body\" do\n in_temp_repo(fn ->\n write_template!(@template)\n File.write!(\"body.md\", @valid_body)\n\n output =\n capture_io(fn ->\n Check.run([\"lint\", \"--file\", \"body.md\"])\n end)\n\n assert output =~ \"PR body format OK\"\n end)\n end\n\n defp in_temp_repo(fun) do\n unique = System.unique_integer([:positive, :monotonic])\n root = Path.join(System.tmp_dir!(), \"validate-pr-body-task-test-#{unique}\")\n\n File.rm_rf!(root)\n File.mkdir_p!(root)\n\n original_cwd = File.cwd!()\n\n try do\n File.cd!(root)\n fun.()\n after\n File.cd!(original_cwd)\n File.rm_rf!(root)\n end\n end\n\n defp write_template!(content) do\n File.mkdir_p!(\".github\")\n File.write!(\".github/pull_request_template.md\", content)\n end\nend\n" }, { "path": "elixir/test/mix/tasks/specs_check_task_test.exs", "content": "defmodule Mix.Tasks.Specs.CheckTaskTest do\n use ExUnit.Case, async: false\n\n import ExUnit.CaptureIO\n\n alias Mix.Tasks.Specs.Check\n\n setup do\n Mix.Task.reenable(\"specs.check\")\n :ok\n end\n\n test \"uses the default lib path when all public functions have specs\" do\n in_temp_project(fn ->\n write_module!(\"lib/sample.ex\", \"\"\"\n defmodule Sample do\n @spec ok(term()) :: term()\n def ok(arg), do: arg\n end\n \"\"\")\n\n output =\n capture_io(fn ->\n assert :ok = Check.run([])\n end)\n\n assert output =~ \"specs.check: all public functions have @spec or exemption\"\n end)\n end\n\n test \"raises when an explicit path contains missing specs\" do\n in_temp_project(fn ->\n write_module!(\"src/sample.ex\", \"\"\"\n defmodule Sample do\n def missing(arg), do: arg\n end\n \"\"\")\n\n error_output =\n capture_io(:stderr, fn ->\n assert_raise Mix.Error, ~r/specs.check failed with 1 missing @spec declaration/, fn ->\n Check.run([\"--paths\", \"src\"])\n end\n end)\n\n assert error_output =~ \"src/sample.ex:2 missing @spec for Sample.missing/1\"\n end)\n end\n\n test \"loads exemptions from a file and ignores comments and blank lines\" do\n in_temp_project(fn ->\n write_module!(\"lib/sample.ex\", \"\"\"\n defmodule Sample do\n def legacy(arg), do: arg\n end\n \"\"\")\n\n File.mkdir_p!(\"config\")\n\n File.write!(\"config/specs_exemptions.txt\", \"\"\"\n # existing exemptions\n\n Sample.legacy/1\n \"\"\")\n\n output =\n capture_io(fn ->\n assert :ok = Check.run([\"--paths\", \"lib\", \"--exemptions-file\", \"config/specs_exemptions.txt\"])\n end)\n\n assert output =~ \"specs.check: all public functions have @spec or exemption\"\n end)\n end\n\n test \"treats a missing exemptions file as empty\" do\n in_temp_project(fn ->\n write_module!(\"lib/sample.ex\", \"\"\"\n defmodule Sample do\n @spec ok(term()) :: term()\n def ok(arg), do: arg\n end\n \"\"\")\n\n output =\n capture_io(fn ->\n assert :ok = Check.run([\"--exemptions-file\", \"config/missing.txt\"])\n end)\n\n assert output =~ \"specs.check: all public functions have @spec or exemption\"\n end)\n end\n\n defp in_temp_project(fun) do\n root = Path.join(System.tmp_dir!(), \"specs-check-task-test-#{System.unique_integer([:positive, :monotonic])}\")\n original_cwd = File.cwd!()\n\n File.rm_rf!(root)\n File.mkdir_p!(root)\n\n try do\n File.cd!(root, fun)\n after\n File.cd!(original_cwd)\n File.rm_rf!(root)\n end\n end\n\n defp write_module!(path, source) do\n File.mkdir_p!(Path.dirname(path))\n File.write!(path, source)\n end\nend\n" }, { "path": "elixir/test/mix/tasks/workspace_before_remove_test.exs", "content": "defmodule Mix.Tasks.Workspace.BeforeRemoveTest do\n use ExUnit.Case, async: false\n\n alias Mix.Tasks.Workspace.BeforeRemove\n\n import ExUnit.CaptureIO\n\n setup do\n Mix.Task.reenable(\"workspace.before_remove\")\n :ok\n end\n\n test \"prints help\" do\n output =\n capture_io(fn ->\n BeforeRemove.run([\"--help\"])\n end)\n\n assert output =~ \"mix workspace.before_remove\"\n end\n\n test \"fails on invalid options\" do\n assert_raise Mix.Error, ~r/Invalid option/, fn ->\n BeforeRemove.run([\"--wat\"])\n end\n end\n\n test \"no-ops when branch is unavailable\" do\n with_path([], fn ->\n in_temp_dir(fn ->\n output =\n capture_io(fn ->\n BeforeRemove.run([])\n end)\n\n assert output == \"\"\n end)\n end)\n end\n\n test \"no-ops when gh is unavailable\" do\n with_path([], fn ->\n output =\n capture_io(fn ->\n BeforeRemove.run([\"--branch\", \"feature/no-gh\"])\n end)\n\n assert output == \"\"\n end)\n end\n\n test \"uses current branch for lookup when branch option is omitted\" do\n with_fake_gh_and_git(\n \"\"\"\n #!/bin/sh\n printf '%s\\n' \"$*\" >> \"$GH_LOG\"\n\n if [ \"$1\" = \"auth\" ] && [ \"$2\" = \"status\" ]; then\n exit 0\n fi\n\n if [ \"$1\" = \"pr\" ] && [ \"$2\" = \"list\" ]; then\n printf '101\\n102\\n'\n exit 0\n fi\n\n if [ \"$1\" = \"pr\" ] && [ \"$2\" = \"close\" ] && [ \"$3\" = \"101\" ]; then\n exit 0\n fi\n\n if [ \"$1\" = \"pr\" ] && [ \"$2\" = \"close\" ] && [ \"$3\" = \"102\" ]; then\n printf 'boom\\n' >&2\n exit 17\n fi\n\n exit 99\n \"\"\",\n \"\"\"\n #!/bin/sh\n printf 'feature/workpad\\n'\n exit 0\n \"\"\",\n fn log_path ->\n {output, error_output} =\n capture_task_output(fn ->\n BeforeRemove.run([])\n end)\n\n assert output =~ \"Closed PR #101 for branch feature/workpad\"\n assert error_output =~ \"Failed to close PR #102 for branch feature/workpad\"\n\n log = File.read!(log_path)\n\n assert log =~\n \"pr list --repo openai/symphony --head feature/workpad --state open --json number --jq .[].number\"\n\n assert log =~ \"pr close 101 --repo openai/symphony\"\n assert log =~ \"pr close 102 --repo openai/symphony\"\n end\n )\n end\n\n test \"closes open pull requests for the branch and tolerates close failures\" do\n with_fake_gh(fn log_path ->\n File.write!(log_path, \"\")\n\n {output, error_output} =\n capture_task_output(fn ->\n BeforeRemove.run([\"--branch\", \"feature/workpad\"])\n end)\n\n assert output =~ \"Closed PR #101 for branch feature/workpad\"\n assert error_output =~ \"Failed to close PR #102 for branch feature/workpad\"\n\n log = File.read!(log_path)\n\n assert log =~ \"auth status\"\n assert log =~ \"pr list --repo openai/symphony --head feature/workpad --state open --json number --jq .[].number\"\n assert log =~ \"pr close 101 --repo openai/symphony\"\n assert log =~ \"pr close 102 --repo openai/symphony\"\n\n {second_output, error_output} =\n capture_task_output(fn ->\n Mix.Task.reenable(\"workspace.before_remove\")\n BeforeRemove.run([\"--branch\", \"feature/workpad\"])\n end)\n\n assert second_output =~ \"Closed PR #101 for branch feature/workpad\"\n assert error_output =~ \"Failed to close PR #102 for branch feature/workpad\"\n end)\n end\n\n test \"formats close failures without command stderr output\" do\n with_fake_gh(\n \"\"\"\n #!/bin/sh\n printf '%s\\n' \"$*\" >> \"$GH_LOG\"\n\n if [ \"$1\" = \"auth\" ] && [ \"$2\" = \"status\" ]; then\n exit 0\n fi\n\n if [ \"$1\" = \"pr\" ] && [ \"$2\" = \"list\" ]; then\n printf '102\\n'\n exit 0\n fi\n\n if [ \"$1\" = \"pr\" ] && [ \"$2\" = \"close\" ] && [ \"$3\" = \"102\" ]; then\n exit 17\n fi\n\n exit 99\n \"\"\",\n fn log_path ->\n error_output =\n capture_io(:stderr, fn ->\n Mix.Task.reenable(\"workspace.before_remove\")\n BeforeRemove.run([\"--branch\", \"feature/no-output\"])\n end)\n\n assert error_output =~ \"Failed to close PR #102 for branch feature/no-output: exit 17\"\n refute error_output =~ \"output=\"\n log = File.read!(log_path)\n assert log =~ \"pr list --repo openai/symphony --head feature/no-output --state open --json number --jq .[].number\"\n assert log =~ \"pr close 102 --repo openai/symphony\"\n end\n )\n end\n\n test \"no-ops when PR list fails for current branch\" do\n with_fake_gh(\n \"\"\"\n #!/bin/sh\n printf '%s\\n' \"$*\" >> \"$GH_LOG\"\n\n if [ \"$1\" = \"auth\" ] && [ \"$2\" = \"status\" ]; then\n exit 0\n fi\n\n if [ \"$1\" = \"pr\" ] && [ \"$2\" = \"list\" ]; then\n exit 1\n fi\n\n exit 99\n \"\"\",\n fn log_path ->\n output =\n capture_io(fn ->\n BeforeRemove.run([\"--branch\", \"feature/list-fails\"])\n end)\n\n assert output == \"\"\n\n log = File.read!(log_path)\n assert log =~ \"auth status\"\n\n assert log =~\n \"pr list --repo openai/symphony --head feature/list-fails --state open --json number --jq .[].number\"\n\n refute log =~ \"pr close\"\n end\n )\n end\n\n test \"no-ops when git current branch is blank\" do\n with_fake_gh_and_git(\n \"\"\"\n #!/bin/sh\n printf '%s\\n' \"$*\" >> \"$GH_LOG\"\n\n if [ \"$1\" = \"auth\" ] && [ \"$2\" = \"status\" ]; then\n exit 0\n fi\n\n exit 99\n \"\"\",\n \"\"\"\n #!/bin/sh\n printf '\\n'\n exit 0\n \"\"\",\n fn log_path ->\n output =\n capture_io(fn ->\n BeforeRemove.run([])\n end)\n\n assert output == \"\"\n\n log = File.read!(log_path)\n assert log == \"\"\n refute log =~ \"pr list\"\n end\n )\n end\n\n test \"no-ops when gh auth is unavailable\" do\n with_fake_gh(\n \"\"\"\n #!/bin/sh\n printf '%s\\n' \"$*\" >> \"$GH_LOG\"\n if [ \"$1\" = \"auth\" ] && [ \"$2\" = \"status\" ]; then\n exit 1\n fi\n exit 99\n \"\"\",\n fn log_path ->\n BeforeRemove.run([\"--branch\", \"feature/no-auth\"])\n\n log = File.read!(log_path)\n assert log =~ \"auth status\"\n refute log =~ \"pr list\"\n end\n )\n end\n\n defp with_fake_gh(fun) do\n with_fake_binaries(\n %{\n \"gh\" => \"\"\"\n #!/bin/sh\n printf '%s\\n' \"$*\" >> \"$GH_LOG\"\n\n if [ \"$1\" = \"auth\" ] && [ \"$2\" = \"status\" ]; then\n exit 0\n fi\n\n if [ \"$1\" = \"pr\" ] && [ \"$2\" = \"list\" ]; then\n printf '101\\n102\\n'\n exit 0\n fi\n\n if [ \"$1\" = \"pr\" ] && [ \"$2\" = \"close\" ] && [ \"$3\" = \"101\" ]; then\n exit 0\n fi\n\n if [ \"$1\" = \"pr\" ] && [ \"$2\" = \"close\" ] && [ \"$3\" = \"102\" ]; then\n printf 'boom\\n' >&2\n exit 17\n fi\n\n exit 99\n \"\"\"\n },\n fun\n )\n end\n\n defp with_fake_gh(script, fun) do\n with_fake_binaries(%{\"gh\" => script}, fun)\n end\n\n defp with_fake_gh_and_git(gh_script, git_script, fun) do\n with_fake_binaries(%{\"gh\" => gh_script, \"git\" => git_script}, fun)\n end\n\n defp with_fake_binaries(scripts, fun) do\n unique = System.unique_integer([:positive, :monotonic])\n root = Path.join(System.tmp_dir!(), \"workspace-before-remove-task-test-#{unique}\")\n bin_dir = Path.join(root, \"bin\")\n log_path = Path.join(root, \"gh.log\")\n\n try do\n File.rm_rf!(root)\n File.mkdir_p!(bin_dir)\n File.write!(log_path, \"\")\n original_path = System.get_env(\"PATH\") || \"\"\n path_with_binaries = Enum.join([bin_dir, original_path], \":\")\n\n Enum.each(scripts, fn {name, script} ->\n path = Path.join(bin_dir, name)\n File.write!(path, script)\n File.chmod!(path, 0o755)\n end)\n\n with_env(\n %{\n \"GH_LOG\" => log_path,\n \"PATH\" => path_with_binaries\n },\n fn ->\n fun.(log_path)\n end\n )\n after\n File.rm_rf!(root)\n end\n end\n\n defp with_path(paths, fun) do\n with_env(%{\"PATH\" => Enum.join(paths, \":\")}, fun)\n end\n\n defp with_env(overrides, fun) do\n keys = Map.keys(overrides)\n previous = Map.new(keys, fn key -> {key, System.get_env(key)} end)\n\n try do\n Enum.each(overrides, fn {key, value} -> System.put_env(key, value) end)\n fun.()\n after\n Enum.each(previous, fn\n {key, nil} -> System.delete_env(key)\n {key, value} -> System.put_env(key, value)\n end)\n end\n end\n\n defp in_temp_dir(fun) do\n unique = System.unique_integer([:positive, :monotonic])\n root = Path.join(System.tmp_dir!(), \"workspace-before-remove-empty-dir-#{unique}\")\n\n File.rm_rf!(root)\n File.mkdir_p!(root)\n\n original_cwd = File.cwd!()\n\n try do\n File.cd!(root)\n fun.()\n after\n File.cd!(original_cwd)\n File.rm_rf!(root)\n end\n end\n\n defp capture_task_output(fun) do\n parent = self()\n ref = make_ref()\n\n error_output =\n capture_io(:stderr, fn ->\n output =\n capture_io(fn ->\n fun.()\n end)\n\n send(parent, {ref, output})\n end)\n\n output =\n receive do\n {^ref, output} -> output\n after\n 1_000 -> flunk(\"Timed out waiting for captured task output\")\n end\n\n {output, error_output}\n end\nend\n" }, { "path": "elixir/test/support/live_e2e_docker/Dockerfile", "content": "FROM node:20-bookworm-slim\n\nRUN apt-get update && apt-get install -y --no-install-recommends \\\n bash \\\n ca-certificates \\\n git \\\n openssh-server \\\n python3 \\\n ripgrep \\\n && rm -rf /var/lib/apt/lists/*\n\nRUN install -d -m 700 /root/.ssh /root/.codex /run/symphony/ssh /var/run/sshd\n\nRUN npm install --global @openai/codex\n\nCOPY symphony-live-worker.conf /etc/ssh/sshd_config.d/symphony-live-worker.conf\nCOPY live_worker_entrypoint.sh /usr/local/bin/symphony-live-worker\nRUN chmod 755 /usr/local/bin/symphony-live-worker\n\nEXPOSE 22\n\nENTRYPOINT [\"/usr/local/bin/symphony-live-worker\"]\n" }, { "path": "elixir/test/support/live_e2e_docker/docker-compose.yml", "content": "services:\n worker1:\n build:\n context: .\n dockerfile: Dockerfile\n ports:\n - \"${SYMPHONY_LIVE_DOCKER_WORKER_1_PORT}:22\"\n volumes:\n - ${SYMPHONY_LIVE_DOCKER_AUTHORIZED_KEY}:/run/symphony/ssh/authorized_key.pub:ro\n - ${SYMPHONY_LIVE_DOCKER_AUTH_JSON}:/root/.codex/auth.json:ro\n\n worker2:\n build:\n context: .\n dockerfile: Dockerfile\n ports:\n - \"${SYMPHONY_LIVE_DOCKER_WORKER_2_PORT}:22\"\n volumes:\n - ${SYMPHONY_LIVE_DOCKER_AUTHORIZED_KEY}:/run/symphony/ssh/authorized_key.pub:ro\n - ${SYMPHONY_LIVE_DOCKER_AUTH_JSON}:/root/.codex/auth.json:ro\n" }, { "path": "elixir/test/support/live_e2e_docker/live_worker_entrypoint.sh", "content": "#!/bin/sh\nset -eu\n\ninstall -d -m 700 /root/.ssh /root/.codex\n\nif [ ! -s /run/symphony/ssh/authorized_key.pub ]; then\n echo \"missing authorized key at /run/symphony/ssh/authorized_key.pub\" >&2\n exit 1\nfi\n\ninstall -m 600 /run/symphony/ssh/authorized_key.pub /root/.ssh/authorized_keys\n\nexec /usr/sbin/sshd -D -e\n" }, { "path": "elixir/test/support/live_e2e_docker/symphony-live-worker.conf", "content": "PubkeyAuthentication yes\nPasswordAuthentication no\nKbdInteractiveAuthentication no\nChallengeResponseAuthentication no\nUsePAM no\nPermitRootLogin yes\nAuthorizedKeysFile .ssh/authorized_keys\n" }, { "path": "elixir/test/support/snapshot_support.exs", "content": "defmodule SymphonyElixir.TestSupport.Snapshot do\n import ExUnit.Assertions\n\n @snapshot_root Path.expand(\"../fixtures\", __DIR__)\n @ansi_regex ~r/\\e\\[[0-9;]*m/\n\n @update_snapshot_hint \"Run `UPDATE_SNAPSHOTS=1 mix test test/symphony_elixir/status_dashboard_snapshot_test.exs` to create or update fixtures.\"\n\n def assert_dashboard_snapshot!(name, raw_ansi_content)\n when is_binary(name) and is_binary(raw_ansi_content) do\n assert_snapshot!(\n Path.join(\"status_dashboard_snapshots\", \"#{name}.snapshot.txt\"),\n escape_ansi(raw_ansi_content)\n )\n\n assert_snapshot!(\n Path.join(\"status_dashboard_snapshots\", \"#{name}.evidence.md\"),\n evidence_markdown(raw_ansi_content)\n )\n\n :ok\n end\n\n def assert_snapshot!(relative_path, content)\n when is_binary(relative_path) and is_binary(content) do\n path = snapshot_path(relative_path)\n normalized = normalize_content(content)\n\n File.mkdir_p!(Path.dirname(path))\n\n if update_snapshots?() do\n File.write!(path, normalized)\n :ok\n else\n case File.read(path) do\n {:ok, expected} ->\n assert normalized == expected,\n \"Snapshot mismatch for `#{relative_path}`. #{@update_snapshot_hint}\"\n\n {:error, :enoent} ->\n flunk(\"Missing snapshot fixture `#{relative_path}`. #{@update_snapshot_hint}\")\n\n {:error, reason} ->\n flunk(\"Failed reading snapshot fixture `#{relative_path}`: #{inspect(reason)}\")\n end\n end\n end\n\n def escape_ansi(content) when is_binary(content), do: String.replace(content, <<27>>, \"\\\\e\")\n\n def strip_ansi(content) when is_binary(content), do: Regex.replace(@ansi_regex, content, \"\")\n\n def evidence_markdown(raw_ansi_content) when is_binary(raw_ansi_content) do\n plain =\n raw_ansi_content\n |> strip_ansi()\n |> normalize_content()\n |> String.trim_trailing(\"\\n\")\n\n \"```text\\n#{plain}\\n```\\n\"\n end\n\n defp snapshot_path(relative_path), do: Path.join(@snapshot_root, relative_path)\n\n defp update_snapshots? do\n System.get_env(\"UPDATE_SNAPSHOTS\")\n |> to_string()\n |> String.downcase()\n |> Kernel.in([\"1\", \"true\", \"yes\"])\n end\n\n defp normalize_content(content) do\n content\n |> String.replace(\"\\r\\n\", \"\\n\")\n |> String.trim_trailing(\"\\n\")\n |> Kernel.<>(\"\\n\")\n end\nend\n" }, { "path": "elixir/test/support/test_support.exs", "content": "defmodule SymphonyElixir.TestSupport do\n @workflow_prompt \"You are an agent for this repository.\"\n\n defmacro __using__(_opts) do\n quote do\n use ExUnit.Case\n import ExUnit.CaptureLog\n\n alias SymphonyElixir.AgentRunner\n alias SymphonyElixir.CLI\n alias SymphonyElixir.Codex.AppServer\n alias SymphonyElixir.Config\n alias SymphonyElixir.HttpServer\n alias SymphonyElixir.Linear.Client\n alias SymphonyElixir.Linear.Issue\n alias SymphonyElixir.Orchestrator\n alias SymphonyElixir.PromptBuilder\n alias SymphonyElixir.StatusDashboard\n alias SymphonyElixir.Tracker\n alias SymphonyElixir.Workflow\n alias SymphonyElixir.WorkflowStore\n alias SymphonyElixir.Workspace\n\n import SymphonyElixir.TestSupport,\n only: [write_workflow_file!: 1, write_workflow_file!: 2, restore_env: 2, stop_default_http_server: 0]\n\n setup do\n workflow_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-workflow-#{System.unique_integer([:positive])}\"\n )\n\n File.mkdir_p!(workflow_root)\n workflow_file = Path.join(workflow_root, \"WORKFLOW.md\")\n write_workflow_file!(workflow_file)\n Workflow.set_workflow_file_path(workflow_file)\n if Process.whereis(SymphonyElixir.WorkflowStore), do: SymphonyElixir.WorkflowStore.force_reload()\n stop_default_http_server()\n\n on_exit(fn ->\n Application.delete_env(:symphony_elixir, :workflow_file_path)\n Application.delete_env(:symphony_elixir, :server_port_override)\n Application.delete_env(:symphony_elixir, :memory_tracker_issues)\n Application.delete_env(:symphony_elixir, :memory_tracker_recipient)\n File.rm_rf(workflow_root)\n end)\n\n :ok\n end\n end\n end\n\n def write_workflow_file!(path, overrides \\\\ []) do\n workflow = workflow_content(overrides)\n File.write!(path, workflow)\n\n if Process.whereis(SymphonyElixir.WorkflowStore) do\n try do\n SymphonyElixir.WorkflowStore.force_reload()\n catch\n :exit, _reason -> :ok\n end\n end\n\n :ok\n end\n\n def restore_env(key, nil), do: System.delete_env(key)\n def restore_env(key, value), do: System.put_env(key, value)\n\n def stop_default_http_server do\n case Enum.find(Supervisor.which_children(SymphonyElixir.Supervisor), fn\n {SymphonyElixir.HttpServer, _pid, _type, _modules} -> true\n _child -> false\n end) do\n {SymphonyElixir.HttpServer, pid, _type, _modules} when is_pid(pid) ->\n :ok = Supervisor.terminate_child(SymphonyElixir.Supervisor, SymphonyElixir.HttpServer)\n\n if Process.alive?(pid) do\n Process.exit(pid, :normal)\n end\n\n :ok\n\n _ ->\n :ok\n end\n end\n\n defp workflow_content(overrides) do\n config =\n Keyword.merge(\n [\n tracker_kind: \"linear\",\n tracker_endpoint: \"https://api.linear.app/graphql\",\n tracker_api_token: \"token\",\n tracker_project_slug: \"project\",\n tracker_assignee: nil,\n tracker_active_states: [\"Todo\", \"In Progress\"],\n tracker_terminal_states: [\"Closed\", \"Cancelled\", \"Canceled\", \"Duplicate\", \"Done\"],\n poll_interval_ms: 30_000,\n workspace_root: Path.join(System.tmp_dir!(), \"symphony_workspaces\"),\n worker_ssh_hosts: [],\n worker_max_concurrent_agents_per_host: nil,\n max_concurrent_agents: 10,\n max_turns: 20,\n max_retry_backoff_ms: 300_000,\n max_concurrent_agents_by_state: %{},\n codex_command: \"codex app-server\",\n codex_approval_policy: %{reject: %{sandbox_approval: true, rules: true, mcp_elicitations: true}},\n codex_thread_sandbox: \"workspace-write\",\n codex_turn_sandbox_policy: nil,\n codex_turn_timeout_ms: 3_600_000,\n codex_read_timeout_ms: 5_000,\n codex_stall_timeout_ms: 300_000,\n hook_after_create: nil,\n hook_before_run: nil,\n hook_after_run: nil,\n hook_before_remove: nil,\n hook_timeout_ms: 60_000,\n observability_enabled: true,\n observability_refresh_ms: 1_000,\n observability_render_interval_ms: 16,\n server_port: nil,\n server_host: nil,\n prompt: @workflow_prompt\n ],\n overrides\n )\n\n tracker_kind = Keyword.get(config, :tracker_kind)\n tracker_endpoint = Keyword.get(config, :tracker_endpoint)\n tracker_api_token = Keyword.get(config, :tracker_api_token)\n tracker_project_slug = Keyword.get(config, :tracker_project_slug)\n tracker_assignee = Keyword.get(config, :tracker_assignee)\n tracker_active_states = Keyword.get(config, :tracker_active_states)\n tracker_terminal_states = Keyword.get(config, :tracker_terminal_states)\n poll_interval_ms = Keyword.get(config, :poll_interval_ms)\n workspace_root = Keyword.get(config, :workspace_root)\n worker_ssh_hosts = Keyword.get(config, :worker_ssh_hosts)\n worker_max_concurrent_agents_per_host = Keyword.get(config, :worker_max_concurrent_agents_per_host)\n max_concurrent_agents = Keyword.get(config, :max_concurrent_agents)\n max_turns = Keyword.get(config, :max_turns)\n max_retry_backoff_ms = Keyword.get(config, :max_retry_backoff_ms)\n max_concurrent_agents_by_state = Keyword.get(config, :max_concurrent_agents_by_state)\n codex_command = Keyword.get(config, :codex_command)\n codex_approval_policy = Keyword.get(config, :codex_approval_policy)\n codex_thread_sandbox = Keyword.get(config, :codex_thread_sandbox)\n codex_turn_sandbox_policy = Keyword.get(config, :codex_turn_sandbox_policy)\n codex_turn_timeout_ms = Keyword.get(config, :codex_turn_timeout_ms)\n codex_read_timeout_ms = Keyword.get(config, :codex_read_timeout_ms)\n codex_stall_timeout_ms = Keyword.get(config, :codex_stall_timeout_ms)\n hook_after_create = Keyword.get(config, :hook_after_create)\n hook_before_run = Keyword.get(config, :hook_before_run)\n hook_after_run = Keyword.get(config, :hook_after_run)\n hook_before_remove = Keyword.get(config, :hook_before_remove)\n hook_timeout_ms = Keyword.get(config, :hook_timeout_ms)\n observability_enabled = Keyword.get(config, :observability_enabled)\n observability_refresh_ms = Keyword.get(config, :observability_refresh_ms)\n observability_render_interval_ms = Keyword.get(config, :observability_render_interval_ms)\n server_port = Keyword.get(config, :server_port)\n server_host = Keyword.get(config, :server_host)\n prompt = Keyword.get(config, :prompt)\n\n sections =\n [\n \"---\",\n \"tracker:\",\n \" kind: #{yaml_value(tracker_kind)}\",\n \" endpoint: #{yaml_value(tracker_endpoint)}\",\n \" api_key: #{yaml_value(tracker_api_token)}\",\n \" project_slug: #{yaml_value(tracker_project_slug)}\",\n \" assignee: #{yaml_value(tracker_assignee)}\",\n \" active_states: #{yaml_value(tracker_active_states)}\",\n \" terminal_states: #{yaml_value(tracker_terminal_states)}\",\n \"polling:\",\n \" interval_ms: #{yaml_value(poll_interval_ms)}\",\n \"workspace:\",\n \" root: #{yaml_value(workspace_root)}\",\n worker_yaml(worker_ssh_hosts, worker_max_concurrent_agents_per_host),\n \"agent:\",\n \" max_concurrent_agents: #{yaml_value(max_concurrent_agents)}\",\n \" max_turns: #{yaml_value(max_turns)}\",\n \" max_retry_backoff_ms: #{yaml_value(max_retry_backoff_ms)}\",\n \" max_concurrent_agents_by_state: #{yaml_value(max_concurrent_agents_by_state)}\",\n \"codex:\",\n \" command: #{yaml_value(codex_command)}\",\n \" approval_policy: #{yaml_value(codex_approval_policy)}\",\n \" thread_sandbox: #{yaml_value(codex_thread_sandbox)}\",\n \" turn_sandbox_policy: #{yaml_value(codex_turn_sandbox_policy)}\",\n \" turn_timeout_ms: #{yaml_value(codex_turn_timeout_ms)}\",\n \" read_timeout_ms: #{yaml_value(codex_read_timeout_ms)}\",\n \" stall_timeout_ms: #{yaml_value(codex_stall_timeout_ms)}\",\n hooks_yaml(hook_after_create, hook_before_run, hook_after_run, hook_before_remove, hook_timeout_ms),\n observability_yaml(observability_enabled, observability_refresh_ms, observability_render_interval_ms),\n server_yaml(server_port, server_host),\n \"---\",\n prompt\n ]\n |> Enum.reject(&(&1 in [nil, \"\"]))\n\n Enum.join(sections, \"\\n\") <> \"\\n\"\n end\n\n defp yaml_value(value) when is_binary(value) do\n \"\\\"\" <> String.replace(value, \"\\\"\", \"\\\\\\\"\") <> \"\\\"\"\n end\n\n defp yaml_value(value) when is_integer(value), do: to_string(value)\n defp yaml_value(true), do: \"true\"\n defp yaml_value(false), do: \"false\"\n defp yaml_value(nil), do: \"null\"\n\n defp yaml_value(values) when is_list(values) do\n \"[\" <> Enum.map_join(values, \", \", &yaml_value/1) <> \"]\"\n end\n\n defp yaml_value(values) when is_map(values) do\n \"{\" <>\n Enum.map_join(values, \", \", fn {key, value} ->\n \"#{yaml_value(to_string(key))}: #{yaml_value(value)}\"\n end) <> \"}\"\n end\n\n defp yaml_value(value), do: yaml_value(to_string(value))\n\n defp hooks_yaml(nil, nil, nil, nil, timeout_ms), do: \"hooks:\\n timeout_ms: #{yaml_value(timeout_ms)}\"\n\n defp hooks_yaml(hook_after_create, hook_before_run, hook_after_run, hook_before_remove, timeout_ms) do\n [\n \"hooks:\",\n \" timeout_ms: #{yaml_value(timeout_ms)}\",\n hook_entry(\"after_create\", hook_after_create),\n hook_entry(\"before_run\", hook_before_run),\n hook_entry(\"after_run\", hook_after_run),\n hook_entry(\"before_remove\", hook_before_remove)\n ]\n |> Enum.reject(&is_nil/1)\n |> Enum.join(\"\\n\")\n end\n\n defp worker_yaml(ssh_hosts, max_concurrent_agents_per_host)\n when ssh_hosts in [nil, []] and is_nil(max_concurrent_agents_per_host),\n do: nil\n\n defp worker_yaml(ssh_hosts, max_concurrent_agents_per_host) do\n [\n \"worker:\",\n ssh_hosts not in [nil, []] && \" ssh_hosts: #{yaml_value(ssh_hosts)}\",\n !is_nil(max_concurrent_agents_per_host) &&\n \" max_concurrent_agents_per_host: #{yaml_value(max_concurrent_agents_per_host)}\"\n ]\n |> Enum.reject(&(&1 in [nil, false]))\n |> Enum.join(\"\\n\")\n end\n\n defp observability_yaml(enabled, refresh_ms, render_interval_ms) do\n [\n \"observability:\",\n \" dashboard_enabled: #{yaml_value(enabled)}\",\n \" refresh_ms: #{yaml_value(refresh_ms)}\",\n \" render_interval_ms: #{yaml_value(render_interval_ms)}\"\n ]\n |> Enum.join(\"\\n\")\n end\n\n defp server_yaml(nil, nil), do: nil\n\n defp server_yaml(port, host) do\n [\n \"server:\",\n port && \" port: #{yaml_value(port)}\",\n host && \" host: #{yaml_value(host)}\"\n ]\n |> Enum.reject(&is_nil/1)\n |> Enum.join(\"\\n\")\n end\n\n defp hook_entry(_name, nil), do: nil\n\n defp hook_entry(name, command) when is_binary(command) do\n indented =\n command\n |> String.split(\"\\n\")\n |> Enum.map_join(\"\\n\", &(\" \" <> &1))\n\n \" #{name}: |\\n#{indented}\"\n end\nend\n" }, { "path": "elixir/test/symphony_elixir/app_server_test.exs", "content": "defmodule SymphonyElixir.AppServerTest do\n use SymphonyElixir.TestSupport\n\n test \"app server rejects the workspace root and paths outside workspace root\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-app-server-cwd-guard-#{System.unique_integer([:positive])}\"\n )\n\n try do\n workspace_root = Path.join(test_root, \"workspaces\")\n outside_workspace = Path.join(test_root, \"outside\")\n\n File.mkdir_p!(workspace_root)\n File.mkdir_p!(outside_workspace)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root\n )\n\n issue = %Issue{\n id: \"issue-workspace-guard\",\n identifier: \"MT-999\",\n title: \"Validate workspace guard\",\n description: \"Ensure app-server refuses invalid cwd targets\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-999\",\n labels: [\"backend\"]\n }\n\n assert {:error, {:invalid_workspace_cwd, :workspace_root, _path}} =\n AppServer.run(workspace_root, \"guard\", issue)\n\n assert {:error, {:invalid_workspace_cwd, :outside_workspace_root, _path, _root}} =\n AppServer.run(outside_workspace, \"guard\", issue)\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"app server rejects symlink escape cwd paths under the workspace root\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-app-server-symlink-cwd-guard-#{System.unique_integer([:positive])}\"\n )\n\n try do\n workspace_root = Path.join(test_root, \"workspaces\")\n outside_workspace = Path.join(test_root, \"outside\")\n symlink_workspace = Path.join(workspace_root, \"MT-1000\")\n\n File.mkdir_p!(workspace_root)\n File.mkdir_p!(outside_workspace)\n File.ln_s!(outside_workspace, symlink_workspace)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root\n )\n\n issue = %Issue{\n id: \"issue-workspace-symlink-guard\",\n identifier: \"MT-1000\",\n title: \"Validate symlink workspace guard\",\n description: \"Ensure app-server refuses symlink escape cwd targets\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-1000\",\n labels: [\"backend\"]\n }\n\n assert {:error, {:invalid_workspace_cwd, :symlink_escape, ^symlink_workspace, _root}} =\n AppServer.run(symlink_workspace, \"guard\", issue)\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"app server passes explicit turn sandbox policies through unchanged\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-app-server-supported-turn-policies-#{System.unique_integer([:positive])}\"\n )\n\n try do\n workspace_root = Path.join(test_root, \"workspaces\")\n workspace = Path.join(workspace_root, \"MT-1001\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n trace_file = Path.join(test_root, \"codex-supported-turn-policies.trace\")\n previous_trace = System.get_env(\"SYMP_TEST_CODEx_TRACE\")\n\n on_exit(fn ->\n if is_binary(previous_trace) do\n System.put_env(\"SYMP_TEST_CODEx_TRACE\", previous_trace)\n else\n System.delete_env(\"SYMP_TEST_CODEx_TRACE\")\n end\n end)\n\n System.put_env(\"SYMP_TEST_CODEx_TRACE\", trace_file)\n File.mkdir_p!(workspace)\n\n File.write!(codex_binary, \"\"\"\n #!/bin/sh\n trace_file=\"${SYMP_TEST_CODEx_TRACE:-/tmp/codex-supported-turn-policies.trace}\"\n count=0\n\n while IFS= read -r line; do\n count=$((count + 1))\n printf 'JSON:%s\\\\n' \"$line\" >> \"$trace_file\"\n\n case \"$count\" in\n 1)\n printf '%s\\\\n' '{\"id\":1,\"result\":{}}'\n ;;\n 2)\n printf '%s\\\\n' '{\"id\":2,\"result\":{\"thread\":{\"id\":\"thread-1001\"}}}'\n ;;\n 3)\n printf '%s\\\\n' '{\"id\":3,\"result\":{\"turn\":{\"id\":\"turn-1001\"}}}'\n ;;\n 4)\n printf '%s\\\\n' '{\"method\":\"turn/completed\"}'\n exit 0\n ;;\n *)\n exit 0\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(codex_binary, 0o755)\n\n issue = %Issue{\n id: \"issue-supported-turn-policies\",\n identifier: \"MT-1001\",\n title: \"Validate explicit turn sandbox policy passthrough\",\n description: \"Ensure runtime startup forwards configured turn sandbox policies unchanged\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-1001\",\n labels: [\"backend\"]\n }\n\n policy_cases = [\n %{\"type\" => \"dangerFullAccess\"},\n %{\"type\" => \"externalSandbox\", \"profile\" => \"remote-ci\"},\n %{\"type\" => \"workspaceWrite\", \"writableRoots\" => [\"relative/path\"], \"networkAccess\" => true},\n %{\"type\" => \"futureSandbox\", \"nested\" => %{\"flag\" => true}}\n ]\n\n Enum.each(policy_cases, fn configured_policy ->\n File.rm(trace_file)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n codex_command: \"#{codex_binary} app-server\",\n codex_turn_sandbox_policy: configured_policy\n )\n\n assert {:ok, _result} = AppServer.run(workspace, \"Validate supported turn policy\", issue)\n\n trace = File.read!(trace_file)\n lines = String.split(trace, \"\\n\", trim: true)\n\n assert Enum.any?(lines, fn line ->\n if String.starts_with?(line, \"JSON:\") do\n line\n |> String.trim_leading(\"JSON:\")\n |> Jason.decode!()\n |> then(fn payload ->\n payload[\"method\"] == \"turn/start\" &&\n get_in(payload, [\"params\", \"sandboxPolicy\"]) == configured_policy\n end)\n else\n false\n end\n end)\n end)\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"app server marks request-for-input events as a hard failure\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-app-server-input-#{System.unique_integer([:positive])}\"\n )\n\n try do\n workspace_root = Path.join(test_root, \"workspaces\")\n workspace = Path.join(workspace_root, \"MT-88\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n trace_file = Path.join(test_root, \"codex-input.trace\")\n previous_trace = System.get_env(\"SYMP_TEST_CODEx_TRACE\")\n\n on_exit(fn ->\n if is_binary(previous_trace) do\n System.put_env(\"SYMP_TEST_CODEx_TRACE\", previous_trace)\n else\n System.delete_env(\"SYMP_TEST_CODEx_TRACE\")\n end\n end)\n\n System.put_env(\"SYMP_TEST_CODEx_TRACE\", trace_file)\n File.mkdir_p!(workspace)\n\n File.write!(codex_binary, \"\"\"\n #!/bin/sh\n trace_file=\"${SYMP_TEST_CODEx_TRACE:-/tmp/codex-input.trace}\"\n count=0\n while IFS= read -r line; do\n count=$((count + 1))\n printf 'JSON:%s\\\\n' \\\"$line\\\" >> \\\"$trace_file\\\"\n\n case \\\"$count\\\" in\n 1)\n printf '%s\\\\n' '{\\\"id\\\":1,\\\"result\\\":{}}'\n ;;\n 2)\n printf '%s\\\\n' '{\\\"id\\\":2,\\\"result\\\":{\\\"thread\\\":{\\\"id\\\":\\\"thread-88\\\"}}}'\n ;;\n 3)\n printf '%s\\\\n' '{\\\"id\\\":3,\\\"result\\\":{\\\"turn\\\":{\\\"id\\\":\\\"turn-88\\\"}}}'\n ;;\n 4)\n printf '%s\\\\n' '{\\\"method\\\":\\\"turn/input_required\\\",\\\"id\\\":\\\"resp-1\\\",\\\"params\\\":{\\\"requiresInput\\\":true,\\\"reason\\\":\\\"blocked\\\"}}'\n ;;\n *)\n exit 0\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(codex_binary, 0o755)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n codex_command: \"#{codex_binary} app-server\"\n )\n\n issue = %Issue{\n id: \"issue-input\",\n identifier: \"MT-88\",\n title: \"Input needed\",\n description: \"Cannot satisfy codex input\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-88\",\n labels: [\"backend\"]\n }\n\n assert {:error, {:turn_input_required, payload}} =\n AppServer.run(workspace, \"Needs input\", issue)\n\n assert payload[\"method\"] == \"turn/input_required\"\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"app server fails when command execution approval is required under safer defaults\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-app-server-approval-required-#{System.unique_integer([:positive])}\"\n )\n\n try do\n workspace_root = Path.join(test_root, \"workspaces\")\n workspace = Path.join(workspace_root, \"MT-89\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n File.mkdir_p!(workspace)\n\n File.write!(codex_binary, \"\"\"\n #!/bin/sh\n count=0\n while IFS= read -r _line; do\n count=$((count + 1))\n\n case \"$count\" in\n 1)\n printf '%s\\\\n' '{\"id\":1,\"result\":{}}'\n ;;\n 2)\n printf '%s\\\\n' '{\"id\":2,\"result\":{\"thread\":{\"id\":\"thread-89\"}}}'\n ;;\n 3)\n printf '%s\\\\n' '{\"id\":3,\"result\":{\"turn\":{\"id\":\"turn-89\"}}}'\n printf '%s\\\\n' '{\"id\":99,\"method\":\"item/commandExecution/requestApproval\",\"params\":{\"command\":\"gh pr view\",\"cwd\":\"/tmp\",\"reason\":\"need approval\"}}'\n ;;\n *)\n sleep 1\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(codex_binary, 0o755)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n codex_command: \"#{codex_binary} app-server\"\n )\n\n issue = %Issue{\n id: \"issue-approval-required\",\n identifier: \"MT-89\",\n title: \"Approval required\",\n description: \"Ensure safer defaults do not auto approve requests\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-89\",\n labels: [\"backend\"]\n }\n\n assert {:error, {:approval_required, payload}} =\n AppServer.run(workspace, \"Handle approval request\", issue)\n\n assert payload[\"method\"] == \"item/commandExecution/requestApproval\"\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"app server auto-approves command execution approval requests when approval policy is never\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-app-server-auto-approve-#{System.unique_integer([:positive])}\"\n )\n\n try do\n workspace_root = Path.join(test_root, \"workspaces\")\n workspace = Path.join(workspace_root, \"MT-89\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n trace_file = Path.join(test_root, \"codex-auto-approve.trace\")\n previous_trace = System.get_env(\"SYMP_TEST_CODex_TRACE\")\n\n on_exit(fn ->\n if is_binary(previous_trace) do\n System.put_env(\"SYMP_TEST_CODex_TRACE\", previous_trace)\n else\n System.delete_env(\"SYMP_TEST_CODex_TRACE\")\n end\n end)\n\n System.put_env(\"SYMP_TEST_CODex_TRACE\", trace_file)\n File.mkdir_p!(workspace)\n\n File.write!(codex_binary, \"\"\"\n #!/bin/sh\n trace_file=\"${SYMP_TEST_CODex_TRACE:-/tmp/codex-auto-approve.trace}\"\n count=0\n while IFS= read -r line; do\n count=$((count + 1))\n printf 'JSON:%s\\\\n' \\\"$line\\\" >> \\\"$trace_file\\\"\n\n case \\\"$count\\\" in\n 1)\n printf '%s\\\\n' '{\\\"id\\\":1,\\\"result\\\":{}}'\n ;;\n 2)\n ;;\n 3)\n printf '%s\\\\n' '{\\\"id\\\":2,\\\"result\\\":{\\\"thread\\\":{\\\"id\\\":\\\"thread-89\\\"}}}'\n ;;\n 4)\n printf '%s\\\\n' '{\\\"id\\\":3,\\\"result\\\":{\\\"turn\\\":{\\\"id\\\":\\\"turn-89\\\"}}}'\n printf '%s\\\\n' '{\\\"id\\\":99,\\\"method\\\":\\\"item/commandExecution/requestApproval\\\",\\\"params\\\":{\\\"command\\\":\\\"gh pr view\\\",\\\"cwd\\\":\\\"/tmp\\\",\\\"reason\\\":\\\"need approval\\\"}}'\n ;;\n 5)\n printf '%s\\\\n' '{\\\"method\\\":\\\"turn/completed\\\"}'\n exit 0\n ;;\n *)\n exit 0\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(codex_binary, 0o755)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n codex_command: \"#{codex_binary} app-server\",\n codex_approval_policy: \"never\"\n )\n\n issue = %Issue{\n id: \"issue-auto-approve\",\n identifier: \"MT-89\",\n title: \"Auto approve request\",\n description: \"Ensure app-server approval requests are handled automatically\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-89\",\n labels: [\"backend\"]\n }\n\n assert {:ok, _result} = AppServer.run(workspace, \"Handle approval request\", issue)\n\n trace = File.read!(trace_file)\n lines = String.split(trace, \"\\n\", trim: true)\n\n assert Enum.any?(lines, fn line ->\n if String.starts_with?(line, \"JSON:\") do\n payload =\n line\n |> String.trim_leading(\"JSON:\")\n |> Jason.decode!()\n\n payload[\"id\"] == 1 and\n get_in(payload, [\"params\", \"capabilities\", \"experimentalApi\"]) == true\n else\n false\n end\n end)\n\n assert Enum.any?(lines, fn line ->\n if String.starts_with?(line, \"JSON:\") do\n payload =\n line\n |> String.trim_leading(\"JSON:\")\n |> Jason.decode!()\n\n payload[\"id\"] == 2 and\n case get_in(payload, [\"params\", \"dynamicTools\"]) do\n [\n %{\n \"description\" => description,\n \"inputSchema\" => %{\"required\" => [\"query\"]},\n \"name\" => \"linear_graphql\"\n }\n ] ->\n description =~ \"Linear\"\n\n _ ->\n false\n end\n else\n false\n end\n end)\n\n assert Enum.any?(lines, fn line ->\n if String.starts_with?(line, \"JSON:\") do\n payload =\n line\n |> String.trim_leading(\"JSON:\")\n |> Jason.decode!()\n\n payload[\"id\"] == 99 and get_in(payload, [\"result\", \"decision\"]) == \"acceptForSession\"\n else\n false\n end\n end)\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"app server auto-approves MCP tool approval prompts when approval policy is never\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-app-server-tool-user-input-auto-approve-#{System.unique_integer([:positive])}\"\n )\n\n try do\n workspace_root = Path.join(test_root, \"workspaces\")\n workspace = Path.join(workspace_root, \"MT-717\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n trace_file = Path.join(test_root, \"codex-tool-user-input-auto-approve.trace\")\n previous_trace = System.get_env(\"SYMP_TEST_CODEx_TRACE\")\n\n on_exit(fn ->\n if is_binary(previous_trace) do\n System.put_env(\"SYMP_TEST_CODEx_TRACE\", previous_trace)\n else\n System.delete_env(\"SYMP_TEST_CODEx_TRACE\")\n end\n end)\n\n System.put_env(\"SYMP_TEST_CODEx_TRACE\", trace_file)\n File.mkdir_p!(workspace)\n\n File.write!(codex_binary, \"\"\"\n #!/bin/sh\n trace_file=\"${SYMP_TEST_CODEx_TRACE:-/tmp/codex-tool-user-input-auto-approve.trace}\"\n count=0\n while IFS= read -r line; do\n count=$((count + 1))\n printf 'JSON:%s\\\\n' \\\"$line\\\" >> \\\"$trace_file\\\"\n\n case \\\"$count\\\" in\n 1)\n printf '%s\\\\n' '{\\\"id\\\":1,\\\"result\\\":{}}'\n ;;\n 2)\n ;;\n 3)\n printf '%s\\\\n' '{\\\"id\\\":2,\\\"result\\\":{\\\"thread\\\":{\\\"id\\\":\\\"thread-717\\\"}}}'\n ;;\n 4)\n printf '%s\\\\n' '{\\\"id\\\":3,\\\"result\\\":{\\\"turn\\\":{\\\"id\\\":\\\"turn-717\\\"}}}'\n printf '%s\\\\n' '{\\\"id\\\":110,\\\"method\\\":\\\"item/tool/requestUserInput\\\",\\\"params\\\":{\\\"itemId\\\":\\\"call-717\\\",\\\"questions\\\":[{\\\"header\\\":\\\"Approve app tool call?\\\",\\\"id\\\":\\\"mcp_tool_call_approval_call-717\\\",\\\"isOther\\\":false,\\\"isSecret\\\":false,\\\"options\\\":[{\\\"description\\\":\\\"Run the tool and continue.\\\",\\\"label\\\":\\\"Approve Once\\\"},{\\\"description\\\":\\\"Run the tool and remember this choice for this session.\\\",\\\"label\\\":\\\"Approve this Session\\\"},{\\\"description\\\":\\\"Decline this tool call and continue.\\\",\\\"label\\\":\\\"Deny\\\"},{\\\"description\\\":\\\"Cancel this tool call\\\",\\\"label\\\":\\\"Cancel\\\"}],\\\"question\\\":\\\"The linear MCP server wants to run the tool \\\\\\\"Save issue\\\\\\\", which may modify or delete data. Allow this action?\\\"}],\\\"threadId\\\":\\\"thread-717\\\",\\\"turnId\\\":\\\"turn-717\\\"}}'\n ;;\n 5)\n printf '%s\\\\n' '{\\\"method\\\":\\\"turn/completed\\\"}'\n exit 0\n ;;\n *)\n exit 0\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(codex_binary, 0o755)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n codex_command: \"#{codex_binary} app-server\",\n codex_approval_policy: \"never\"\n )\n\n issue = %Issue{\n id: \"issue-tool-user-input-auto-approve\",\n identifier: \"MT-717\",\n title: \"Auto approve MCP tool request user input\",\n description: \"Ensure app tool approval prompts continue automatically\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-717\",\n labels: [\"backend\"]\n }\n\n assert {:ok, _result} = AppServer.run(workspace, \"Handle tool approval prompt\", issue)\n\n trace = File.read!(trace_file)\n lines = String.split(trace, \"\\n\", trim: true)\n\n assert Enum.any?(lines, fn line ->\n if String.starts_with?(line, \"JSON:\") do\n payload =\n line\n |> String.trim_leading(\"JSON:\")\n |> Jason.decode!()\n\n payload[\"id\"] == 110 and\n get_in(payload, [\"result\", \"answers\", \"mcp_tool_call_approval_call-717\", \"answers\"]) ==\n [\"Approve this Session\"]\n else\n false\n end\n end)\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"app server sends a generic non-interactive answer for freeform tool input prompts\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-app-server-tool-user-input-required-#{System.unique_integer([:positive])}\"\n )\n\n try do\n workspace_root = Path.join(test_root, \"workspaces\")\n workspace = Path.join(workspace_root, \"MT-718\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n File.mkdir_p!(workspace)\n\n File.write!(codex_binary, \"\"\"\n #!/bin/sh\n count=0\n while IFS= read -r _line; do\n count=$((count + 1))\n\n case \"$count\" in\n 1)\n printf '%s\\\\n' '{\"id\":1,\"result\":{}}'\n ;;\n 2)\n ;;\n 3)\n printf '%s\\\\n' '{\"id\":2,\"result\":{\"thread\":{\"id\":\"thread-718\"}}}'\n ;;\n 4)\n printf '%s\\\\n' '{\"id\":3,\"result\":{\"turn\":{\"id\":\"turn-718\"}}}'\n printf '%s\\\\n' '{\"id\":111,\"method\":\"item/tool/requestUserInput\",\"params\":{\"itemId\":\"call-718\",\"questions\":[{\"header\":\"Provide context\",\"id\":\"freeform-718\",\"isOther\":false,\"isSecret\":false,\"options\":null,\"question\":\"What comment should I post back to the issue?\"}],\"threadId\":\"thread-718\",\"turnId\":\"turn-718\"}}'\n ;;\n 5)\n printf '%s\\\\n' '{\"method\":\"turn/completed\"}'\n exit 0\n ;;\n *)\n exit 0\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(codex_binary, 0o755)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n codex_command: \"#{codex_binary} app-server\",\n codex_approval_policy: \"never\"\n )\n\n issue = %Issue{\n id: \"issue-tool-user-input-required\",\n identifier: \"MT-718\",\n title: \"Non interactive tool input answer\",\n description: \"Ensure arbitrary tool prompts receive a generic answer\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-718\",\n labels: [\"backend\"]\n }\n\n on_message = fn message -> send(self(), {:app_server_message, message}) end\n\n assert {:ok, _result} =\n AppServer.run(workspace, \"Handle generic tool input\", issue, on_message: on_message)\n\n assert_received {:app_server_message,\n %{\n event: :tool_input_auto_answered,\n answer: \"This is a non-interactive session. Operator input is unavailable.\"\n }}\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"app server sends a generic non-interactive answer for option-based tool input prompts\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-app-server-tool-user-input-options-#{System.unique_integer([:positive])}\"\n )\n\n try do\n workspace_root = Path.join(test_root, \"workspaces\")\n workspace = Path.join(workspace_root, \"MT-719\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n trace_file = Path.join(test_root, \"codex-tool-user-input-options.trace\")\n previous_trace = System.get_env(\"SYMP_TEST_CODEx_TRACE\")\n\n on_exit(fn ->\n if is_binary(previous_trace) do\n System.put_env(\"SYMP_TEST_CODEx_TRACE\", previous_trace)\n else\n System.delete_env(\"SYMP_TEST_CODEx_TRACE\")\n end\n end)\n\n System.put_env(\"SYMP_TEST_CODEx_TRACE\", trace_file)\n File.mkdir_p!(workspace)\n\n File.write!(codex_binary, \"\"\"\n #!/bin/sh\n trace_file=\"${SYMP_TEST_CODEx_TRACE:-/tmp/codex-tool-user-input-options.trace}\"\n count=0\n while IFS= read -r line; do\n count=$((count + 1))\n printf 'JSON:%s\\\\n' \\\"$line\\\" >> \\\"$trace_file\\\"\n\n case \\\"$count\\\" in\n 1)\n printf '%s\\\\n' '{\\\"id\\\":1,\\\"result\\\":{}}'\n ;;\n 2)\n ;;\n 3)\n printf '%s\\\\n' '{\\\"id\\\":2,\\\"result\\\":{\\\"thread\\\":{\\\"id\\\":\\\"thread-719\\\"}}}'\n ;;\n 4)\n printf '%s\\\\n' '{\\\"id\\\":3,\\\"result\\\":{\\\"turn\\\":{\\\"id\\\":\\\"turn-719\\\"}}}'\n printf '%s\\\\n' '{\\\"id\\\":112,\\\"method\\\":\\\"item/tool/requestUserInput\\\",\\\"params\\\":{\\\"itemId\\\":\\\"call-719\\\",\\\"questions\\\":[{\\\"header\\\":\\\"Choose an action\\\",\\\"id\\\":\\\"options-719\\\",\\\"isOther\\\":false,\\\"isSecret\\\":false,\\\"options\\\":[{\\\"description\\\":\\\"Use the default behavior.\\\",\\\"label\\\":\\\"Use default\\\"},{\\\"description\\\":\\\"Skip this step.\\\",\\\"label\\\":\\\"Skip\\\"}],\\\"question\\\":\\\"How should I proceed?\\\"}],\\\"threadId\\\":\\\"thread-719\\\",\\\"turnId\\\":\\\"turn-719\\\"}}'\n ;;\n 5)\n printf '%s\\\\n' '{\\\"method\\\":\\\"turn/completed\\\"}'\n exit 0\n ;;\n *)\n exit 0\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(codex_binary, 0o755)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n codex_command: \"#{codex_binary} app-server\"\n )\n\n issue = %Issue{\n id: \"issue-tool-user-input-options\",\n identifier: \"MT-719\",\n title: \"Option based tool input answer\",\n description: \"Ensure option prompts receive a generic non-interactive answer\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-719\",\n labels: [\"backend\"]\n }\n\n assert {:ok, _result} =\n AppServer.run(workspace, \"Handle option based tool input\", issue)\n\n trace = File.read!(trace_file)\n lines = String.split(trace, \"\\n\", trim: true)\n\n assert Enum.any?(lines, fn line ->\n if String.starts_with?(line, \"JSON:\") do\n payload =\n line\n |> String.trim_leading(\"JSON:\")\n |> Jason.decode!()\n\n payload[\"id\"] == 112 and\n get_in(payload, [\"result\", \"answers\", \"options-719\", \"answers\"]) == [\n \"This is a non-interactive session. Operator input is unavailable.\"\n ]\n else\n false\n end\n end)\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"app server rejects unsupported dynamic tool calls without stalling\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-app-server-tool-call-#{System.unique_integer([:positive])}\"\n )\n\n try do\n workspace_root = Path.join(test_root, \"workspaces\")\n workspace = Path.join(workspace_root, \"MT-90\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n trace_file = Path.join(test_root, \"codex-tool-call.trace\")\n previous_trace = System.get_env(\"SYMP_TEST_CODEx_TRACE\")\n\n on_exit(fn ->\n if is_binary(previous_trace) do\n System.put_env(\"SYMP_TEST_CODEx_TRACE\", previous_trace)\n else\n System.delete_env(\"SYMP_TEST_CODEx_TRACE\")\n end\n end)\n\n System.put_env(\"SYMP_TEST_CODEx_TRACE\", trace_file)\n File.mkdir_p!(workspace)\n\n File.write!(codex_binary, \"\"\"\n #!/bin/sh\n trace_file=\"${SYMP_TEST_CODEx_TRACE:-/tmp/codex-tool-call.trace}\"\n count=0\n while IFS= read -r line; do\n count=$((count + 1))\n printf 'JSON:%s\\\\n' \\\"$line\\\" >> \\\"$trace_file\\\"\n\n case \\\"$count\\\" in\n 1)\n printf '%s\\\\n' '{\\\"id\\\":1,\\\"result\\\":{}}'\n ;;\n 2)\n ;;\n 3)\n printf '%s\\\\n' '{\\\"id\\\":2,\\\"result\\\":{\\\"thread\\\":{\\\"id\\\":\\\"thread-90\\\"}}}'\n ;;\n 4)\n printf '%s\\\\n' '{\\\"id\\\":3,\\\"result\\\":{\\\"turn\\\":{\\\"id\\\":\\\"turn-90\\\"}}}'\n printf '%s\\\\n' '{\\\"id\\\":101,\\\"method\\\":\\\"item/tool/call\\\",\\\"params\\\":{\\\"tool\\\":\\\"some_tool\\\",\\\"callId\\\":\\\"call-90\\\",\\\"threadId\\\":\\\"thread-90\\\",\\\"turnId\\\":\\\"turn-90\\\",\\\"arguments\\\":{}}}'\n ;;\n 5)\n printf '%s\\\\n' '{\\\"method\\\":\\\"turn/completed\\\"}'\n exit 0\n ;;\n *)\n exit 0\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(codex_binary, 0o755)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n codex_command: \"#{codex_binary} app-server\"\n )\n\n issue = %Issue{\n id: \"issue-tool-call\",\n identifier: \"MT-90\",\n title: \"Unsupported tool call\",\n description: \"Ensure unsupported tool calls do not stall a turn\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-90\",\n labels: [\"backend\"]\n }\n\n assert {:ok, _result} = AppServer.run(workspace, \"Reject unsupported tool calls\", issue)\n\n trace = File.read!(trace_file)\n lines = String.split(trace, \"\\n\", trim: true)\n\n assert Enum.any?(lines, fn line ->\n if String.starts_with?(line, \"JSON:\") do\n payload =\n line\n |> String.trim_leading(\"JSON:\")\n |> Jason.decode!()\n\n payload[\"id\"] == 101 and\n get_in(payload, [\"result\", \"success\"]) == false and\n String.contains?(\n get_in(payload, [\"result\", \"output\"]),\n \"Unsupported dynamic tool\"\n )\n else\n false\n end\n end)\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"app server executes supported dynamic tool calls and returns the tool result\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-app-server-supported-tool-call-#{System.unique_integer([:positive])}\"\n )\n\n try do\n workspace_root = Path.join(test_root, \"workspaces\")\n workspace = Path.join(workspace_root, \"MT-90A\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n trace_file = Path.join(test_root, \"codex-supported-tool-call.trace\")\n previous_trace = System.get_env(\"SYMP_TEST_CODEx_TRACE\")\n\n on_exit(fn ->\n if is_binary(previous_trace) do\n System.put_env(\"SYMP_TEST_CODEx_TRACE\", previous_trace)\n else\n System.delete_env(\"SYMP_TEST_CODEx_TRACE\")\n end\n end)\n\n System.put_env(\"SYMP_TEST_CODEx_TRACE\", trace_file)\n File.mkdir_p!(workspace)\n\n File.write!(codex_binary, \"\"\"\n #!/bin/sh\n trace_file=\"${SYMP_TEST_CODEx_TRACE:-/tmp/codex-supported-tool-call.trace}\"\n count=0\n while IFS= read -r line; do\n count=$((count + 1))\n printf 'JSON:%s\\\\n' \\\"$line\\\" >> \\\"$trace_file\\\"\n\n case \\\"$count\\\" in\n 1)\n printf '%s\\\\n' '{\\\"id\\\":1,\\\"result\\\":{}}'\n ;;\n 2)\n ;;\n 3)\n printf '%s\\\\n' '{\\\"id\\\":2,\\\"result\\\":{\\\"thread\\\":{\\\"id\\\":\\\"thread-90a\\\"}}}'\n ;;\n 4)\n printf '%s\\\\n' '{\\\"id\\\":3,\\\"result\\\":{\\\"turn\\\":{\\\"id\\\":\\\"turn-90a\\\"}}}'\n printf '%s\\\\n' '{\\\"id\\\":102,\\\"method\\\":\\\"item/tool/call\\\",\\\"params\\\":{\\\"name\\\":\\\"linear_graphql\\\",\\\"callId\\\":\\\"call-90a\\\",\\\"threadId\\\":\\\"thread-90a\\\",\\\"turnId\\\":\\\"turn-90a\\\",\\\"arguments\\\":{\\\"query\\\":\\\"query Viewer { viewer { id } }\\\",\\\"variables\\\":{\\\"includeTeams\\\":false}}}}'\n ;;\n 5)\n printf '%s\\\\n' '{\\\"method\\\":\\\"turn/completed\\\"}'\n exit 0\n ;;\n *)\n exit 0\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(codex_binary, 0o755)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n codex_command: \"#{codex_binary} app-server\"\n )\n\n issue = %Issue{\n id: \"issue-supported-tool-call\",\n identifier: \"MT-90A\",\n title: \"Supported tool call\",\n description: \"Ensure supported tool calls return tool output\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-90A\",\n labels: [\"backend\"]\n }\n\n test_pid = self()\n\n tool_executor = fn tool, arguments ->\n send(test_pid, {:tool_called, tool, arguments})\n\n %{\n \"success\" => true,\n \"contentItems\" => [\n %{\n \"type\" => \"inputText\",\n \"text\" => ~s({\"data\":{\"viewer\":{\"id\":\"usr_123\"}}})\n }\n ]\n }\n end\n\n assert {:ok, _result} =\n AppServer.run(workspace, \"Handle supported tool calls\", issue, tool_executor: tool_executor)\n\n assert_received {:tool_called, \"linear_graphql\",\n %{\n \"query\" => \"query Viewer { viewer { id } }\",\n \"variables\" => %{\"includeTeams\" => false}\n }}\n\n trace = File.read!(trace_file)\n lines = String.split(trace, \"\\n\", trim: true)\n\n assert Enum.any?(lines, fn line ->\n if String.starts_with?(line, \"JSON:\") do\n payload =\n line\n |> String.trim_leading(\"JSON:\")\n |> Jason.decode!()\n\n payload[\"id\"] == 102 and\n get_in(payload, [\"result\", \"success\"]) == true and\n get_in(payload, [\"result\", \"output\"]) ==\n ~s({\"data\":{\"viewer\":{\"id\":\"usr_123\"}}})\n else\n false\n end\n end)\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"app server emits tool_call_failed for supported tool failures\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-app-server-tool-call-failed-#{System.unique_integer([:positive])}\"\n )\n\n try do\n workspace_root = Path.join(test_root, \"workspaces\")\n workspace = Path.join(workspace_root, \"MT-90B\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n trace_file = Path.join(test_root, \"codex-tool-call-failed.trace\")\n previous_trace = System.get_env(\"SYMP_TEST_CODEx_TRACE\")\n\n on_exit(fn ->\n if is_binary(previous_trace) do\n System.put_env(\"SYMP_TEST_CODEx_TRACE\", previous_trace)\n else\n System.delete_env(\"SYMP_TEST_CODEx_TRACE\")\n end\n end)\n\n System.put_env(\"SYMP_TEST_CODEx_TRACE\", trace_file)\n File.mkdir_p!(workspace)\n\n File.write!(codex_binary, \"\"\"\n #!/bin/sh\n trace_file=\"${SYMP_TEST_CODEx_TRACE:-/tmp/codex-tool-call-failed.trace}\"\n count=0\n while IFS= read -r line; do\n count=$((count + 1))\n printf 'JSON:%s\\\\n' \\\"$line\\\" >> \\\"$trace_file\\\"\n\n case \\\"$count\\\" in\n 1)\n printf '%s\\\\n' '{\\\"id\\\":1,\\\"result\\\":{}}'\n ;;\n 2)\n ;;\n 3)\n printf '%s\\\\n' '{\\\"id\\\":2,\\\"result\\\":{\\\"thread\\\":{\\\"id\\\":\\\"thread-90b\\\"}}}'\n ;;\n 4)\n printf '%s\\\\n' '{\\\"id\\\":3,\\\"result\\\":{\\\"turn\\\":{\\\"id\\\":\\\"turn-90b\\\"}}}'\n printf '%s\\\\n' '{\\\"id\\\":103,\\\"method\\\":\\\"item/tool/call\\\",\\\"params\\\":{\\\"tool\\\":\\\"linear_graphql\\\",\\\"callId\\\":\\\"call-90b\\\",\\\"threadId\\\":\\\"thread-90b\\\",\\\"turnId\\\":\\\"turn-90b\\\",\\\"arguments\\\":{\\\"query\\\":\\\"query Viewer { viewer { id } }\\\"}}}'\n ;;\n 5)\n printf '%s\\\\n' '{\\\"method\\\":\\\"turn/completed\\\"}'\n exit 0\n ;;\n *)\n exit 0\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(codex_binary, 0o755)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n codex_command: \"#{codex_binary} app-server\"\n )\n\n issue = %Issue{\n id: \"issue-tool-call-failed\",\n identifier: \"MT-90B\",\n title: \"Tool call failed\",\n description: \"Ensure supported tool failures emit a distinct event\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-90B\",\n labels: [\"backend\"]\n }\n\n test_pid = self()\n\n tool_executor = fn tool, arguments ->\n send(test_pid, {:tool_called, tool, arguments})\n\n %{\n \"success\" => false,\n \"contentItems\" => [\n %{\n \"type\" => \"inputText\",\n \"text\" => ~s({\"error\":{\"message\":\"boom\"}})\n }\n ]\n }\n end\n\n on_message = fn message -> send(test_pid, {:app_server_message, message}) end\n\n assert {:ok, _result} =\n AppServer.run(workspace, \"Handle failed tool calls\", issue,\n on_message: on_message,\n tool_executor: tool_executor\n )\n\n assert_received {:tool_called, \"linear_graphql\", %{\"query\" => \"query Viewer { viewer { id } }\"}}\n\n assert_received {:app_server_message, %{event: :tool_call_failed, payload: %{\"params\" => %{\"tool\" => \"linear_graphql\"}}}}\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"app server buffers partial JSON lines until newline terminator\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-app-server-partial-line-#{System.unique_integer([:positive])}\"\n )\n\n try do\n workspace_root = Path.join(test_root, \"workspaces\")\n workspace = Path.join(workspace_root, \"MT-91\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n File.mkdir_p!(workspace)\n\n File.write!(codex_binary, \"\"\"\n #!/bin/sh\n count=0\n while IFS= read -r line; do\n count=$((count + 1))\n\n case \"$count\" in\n 1)\n padding=$(printf '%*s' 1100000 '' | tr ' ' a)\n printf '{\"id\":1,\"result\":{},\"padding\":\"%s\"}\\\\n' \"$padding\"\n ;;\n 2)\n printf '%s\\\\n' '{\"id\":2,\"result\":{\"thread\":{\"id\":\"thread-91\"}}}'\n ;;\n 3)\n printf '%s\\\\n' '{\"id\":3,\"result\":{\"turn\":{\"id\":\"turn-91\"}}}'\n ;;\n 4)\n printf '%s\\\\n' '{\"method\":\"turn/completed\"}'\n exit 0\n ;;\n *)\n exit 0\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(codex_binary, 0o755)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n codex_command: \"#{codex_binary} app-server\"\n )\n\n issue = %Issue{\n id: \"issue-partial-line\",\n identifier: \"MT-91\",\n title: \"Partial line decode\",\n description: \"Ensure JSON parsing waits for newline-delimited messages\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-91\",\n labels: [\"backend\"]\n }\n\n assert {:ok, _result} = AppServer.run(workspace, \"Validate newline-delimited buffering\", issue)\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"app server captures codex side output and logs it through Logger\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-app-server-stderr-#{System.unique_integer([:positive])}\"\n )\n\n try do\n workspace_root = Path.join(test_root, \"workspaces\")\n workspace = Path.join(workspace_root, \"MT-92\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n File.mkdir_p!(workspace)\n\n File.write!(codex_binary, \"\"\"\n #!/bin/sh\n count=0\n while IFS= read -r line; do\n count=$((count + 1))\n\n case \"$count\" in\n 1)\n printf '%s\\\\n' '{\"id\":1,\"result\":{}}'\n ;;\n 2)\n printf '%s\\\\n' '{\"id\":2,\"result\":{\"thread\":{\"id\":\"thread-92\"}}}'\n ;;\n 3)\n printf '%s\\\\n' '{\"id\":3,\"result\":{\"turn\":{\"id\":\"turn-92\"}}}'\n ;;\n 4)\n printf '%s\\\\n' 'warning: this is stderr noise' >&2\n printf '%s\\\\n' '{\"method\":\"turn/completed\"}'\n exit 0\n ;;\n *)\n exit 0\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(codex_binary, 0o755)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n codex_command: \"#{codex_binary} app-server\"\n )\n\n issue = %Issue{\n id: \"issue-stderr\",\n identifier: \"MT-92\",\n title: \"Capture stderr\",\n description: \"Ensure codex stderr is captured and logged\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-92\",\n labels: [\"backend\"]\n }\n\n test_pid = self()\n on_message = fn message -> send(test_pid, {:app_server_message, message}) end\n\n log =\n capture_log(fn ->\n assert {:ok, _result} =\n AppServer.run(workspace, \"Capture stderr log\", issue, on_message: on_message)\n end)\n\n assert_received {:app_server_message, %{event: :turn_completed}}\n refute_received {:app_server_message, %{event: :malformed}}\n assert log =~ \"Codex turn stream output: warning: this is stderr noise\"\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"app server emits malformed events for JSON-like protocol lines that fail to decode\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-app-server-malformed-protocol-#{System.unique_integer([:positive])}\"\n )\n\n try do\n workspace_root = Path.join(test_root, \"workspaces\")\n workspace = Path.join(workspace_root, \"MT-93\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n File.mkdir_p!(workspace)\n\n File.write!(codex_binary, \"\"\"\n #!/bin/sh\n count=0\n while IFS= read -r line; do\n count=$((count + 1))\n\n case \"$count\" in\n 1)\n printf '%s\\\\n' '{\"id\":1,\"result\":{}}'\n ;;\n 2)\n printf '%s\\\\n' '{\"id\":2,\"result\":{\"thread\":{\"id\":\"thread-93\"}}}'\n ;;\n 3)\n printf '%s\\\\n' '{\"id\":3,\"result\":{\"turn\":{\"id\":\"turn-93\"}}}'\n ;;\n 4)\n printf '%s\\\\n' '{\"method\":\"turn/completed\"'\n printf '%s\\\\n' '{\"method\":\"turn/completed\"}'\n exit 0\n ;;\n *)\n exit 0\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(codex_binary, 0o755)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n codex_command: \"#{codex_binary} app-server\"\n )\n\n issue = %Issue{\n id: \"issue-malformed-protocol\",\n identifier: \"MT-93\",\n title: \"Malformed protocol frame\",\n description: \"Ensure malformed JSON-like frames are surfaced to the orchestrator\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-93\",\n labels: [\"backend\"]\n }\n\n test_pid = self()\n on_message = fn message -> send(test_pid, {:app_server_message, message}) end\n\n assert {:ok, _result} =\n AppServer.run(workspace, \"Capture malformed protocol line\", issue, on_message: on_message)\n\n assert_received {:app_server_message, %{event: :malformed, payload: \"{\\\"method\\\":\\\"turn/completed\\\"\"}}\n assert_received {:app_server_message, %{event: :turn_completed}}\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"app server launches over ssh for remote workers\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-app-server-remote-ssh-#{System.unique_integer([:positive])}\"\n )\n\n previous_path = System.get_env(\"PATH\")\n previous_trace = System.get_env(\"SYMP_TEST_SSH_TRACE\")\n\n on_exit(fn ->\n restore_env(\"PATH\", previous_path)\n restore_env(\"SYMP_TEST_SSH_TRACE\", previous_trace)\n end)\n\n try do\n trace_file = Path.join(test_root, \"ssh.trace\")\n fake_ssh = Path.join(test_root, \"ssh\")\n remote_workspace = \"/remote/workspaces/MT-REMOTE\"\n\n File.mkdir_p!(test_root)\n System.put_env(\"SYMP_TEST_SSH_TRACE\", trace_file)\n System.put_env(\"PATH\", test_root <> \":\" <> (previous_path || \"\"))\n\n File.write!(fake_ssh, \"\"\"\n #!/bin/sh\n trace_file=\"${SYMP_TEST_SSH_TRACE:-/tmp/symphony-fake-ssh.trace}\"\n count=0\n printf 'ARGV:%s\\\\n' \"$*\" >> \"$trace_file\"\n\n while IFS= read -r line; do\n count=$((count + 1))\n printf 'JSON:%s\\\\n' \"$line\" >> \"$trace_file\"\n\n case \"$count\" in\n 1)\n printf '%s\\\\n' '{\"id\":1,\"result\":{}}'\n ;;\n 2)\n printf '%s\\\\n' '{\"id\":2,\"result\":{\"thread\":{\"id\":\"thread-remote\"}}}'\n ;;\n 3)\n printf '%s\\\\n' '{\"id\":3,\"result\":{\"turn\":{\"id\":\"turn-remote\"}}}'\n ;;\n 4)\n printf '%s\\\\n' '{\"method\":\"turn/completed\"}'\n exit 0\n ;;\n *)\n exit 0\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(fake_ssh, 0o755)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: \"/remote/workspaces\",\n codex_command: \"fake-remote-codex app-server\"\n )\n\n issue = %Issue{\n id: \"issue-remote\",\n identifier: \"MT-REMOTE\",\n title: \"Run remote app server\",\n description: \"Validate ssh-backed codex startup\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-REMOTE\",\n labels: [\"backend\"]\n }\n\n assert {:ok, _result} =\n AppServer.run(\n remote_workspace,\n \"Run remote worker\",\n issue,\n worker_host: \"worker-01:2200\"\n )\n\n trace = File.read!(trace_file)\n lines = String.split(trace, \"\\n\", trim: true)\n\n assert argv_line = Enum.find(lines, &String.starts_with?(&1, \"ARGV:\"))\n assert argv_line =~ \"-T -p 2200 worker-01 bash -lc\"\n assert argv_line =~ \"cd \"\n assert argv_line =~ remote_workspace\n assert argv_line =~ \"exec \"\n assert argv_line =~ \"fake-remote-codex app-server\"\n\n expected_turn_policy = %{\n \"type\" => \"workspaceWrite\",\n \"writableRoots\" => [remote_workspace],\n \"readOnlyAccess\" => %{\"type\" => \"fullAccess\"},\n \"networkAccess\" => false,\n \"excludeTmpdirEnvVar\" => false,\n \"excludeSlashTmp\" => false\n }\n\n assert Enum.any?(lines, fn line ->\n if String.starts_with?(line, \"JSON:\") do\n line\n |> String.trim_leading(\"JSON:\")\n |> Jason.decode!()\n |> then(fn payload ->\n payload[\"method\"] == \"thread/start\" &&\n get_in(payload, [\"params\", \"cwd\"]) == remote_workspace\n end)\n else\n false\n end\n end)\n\n assert Enum.any?(lines, fn line ->\n if String.starts_with?(line, \"JSON:\") do\n line\n |> String.trim_leading(\"JSON:\")\n |> Jason.decode!()\n |> then(fn payload ->\n payload[\"method\"] == \"turn/start\" &&\n get_in(payload, [\"params\", \"cwd\"]) == remote_workspace &&\n get_in(payload, [\"params\", \"sandboxPolicy\"]) == expected_turn_policy\n end)\n else\n false\n end\n end)\n after\n File.rm_rf(test_root)\n end\n end\nend\n" }, { "path": "elixir/test/symphony_elixir/cli_test.exs", "content": "defmodule SymphonyElixir.CLITest do\n use ExUnit.Case, async: true\n\n alias SymphonyElixir.CLI\n\n @ack_flag \"--i-understand-that-this-will-be-running-without-the-usual-guardrails\"\n\n test \"returns the guardrails acknowledgement banner when the flag is missing\" do\n parent = self()\n\n deps = %{\n file_regular?: fn _path ->\n send(parent, :file_checked)\n true\n end,\n set_workflow_file_path: fn _path ->\n send(parent, :workflow_set)\n :ok\n end,\n set_logs_root: fn _path ->\n send(parent, :logs_root_set)\n :ok\n end,\n set_server_port_override: fn _port ->\n send(parent, :port_set)\n :ok\n end,\n ensure_all_started: fn ->\n send(parent, :started)\n {:ok, [:symphony_elixir]}\n end\n }\n\n assert {:error, banner} = CLI.evaluate([\"WORKFLOW.md\"], deps)\n assert banner =~ \"This Symphony implementation is a low key engineering preview.\"\n assert banner =~ \"Codex will run without any guardrails.\"\n assert banner =~ \"SymphonyElixir is not a supported product and is presented as-is.\"\n assert banner =~ @ack_flag\n refute_received :file_checked\n refute_received :workflow_set\n refute_received :logs_root_set\n refute_received :port_set\n refute_received :started\n end\n\n test \"defaults to WORKFLOW.md when workflow path is missing\" do\n deps = %{\n file_regular?: fn path -> Path.basename(path) == \"WORKFLOW.md\" end,\n set_workflow_file_path: fn _path -> :ok end,\n set_logs_root: fn _path -> :ok end,\n set_server_port_override: fn _port -> :ok end,\n ensure_all_started: fn -> {:ok, [:symphony_elixir]} end\n }\n\n assert :ok = CLI.evaluate([@ack_flag], deps)\n end\n\n test \"uses an explicit workflow path override when provided\" do\n parent = self()\n workflow_path = \"tmp/custom/WORKFLOW.md\"\n expanded_path = Path.expand(workflow_path)\n\n deps = %{\n file_regular?: fn path ->\n send(parent, {:workflow_checked, path})\n path == expanded_path\n end,\n set_workflow_file_path: fn path ->\n send(parent, {:workflow_set, path})\n :ok\n end,\n set_logs_root: fn _path -> :ok end,\n set_server_port_override: fn _port -> :ok end,\n ensure_all_started: fn -> {:ok, [:symphony_elixir]} end\n }\n\n assert :ok = CLI.evaluate([@ack_flag, workflow_path], deps)\n assert_received {:workflow_checked, ^expanded_path}\n assert_received {:workflow_set, ^expanded_path}\n end\n\n test \"accepts --logs-root and passes an expanded root to runtime deps\" do\n parent = self()\n\n deps = %{\n file_regular?: fn _path -> true end,\n set_workflow_file_path: fn _path -> :ok end,\n set_logs_root: fn path ->\n send(parent, {:logs_root, path})\n :ok\n end,\n set_server_port_override: fn _port -> :ok end,\n ensure_all_started: fn -> {:ok, [:symphony_elixir]} end\n }\n\n assert :ok = CLI.evaluate([@ack_flag, \"--logs-root\", \"tmp/custom-logs\", \"WORKFLOW.md\"], deps)\n assert_received {:logs_root, expanded_path}\n assert expanded_path == Path.expand(\"tmp/custom-logs\")\n end\n\n test \"returns not found when workflow file does not exist\" do\n deps = %{\n file_regular?: fn _path -> false end,\n set_workflow_file_path: fn _path -> :ok end,\n set_logs_root: fn _path -> :ok end,\n set_server_port_override: fn _port -> :ok end,\n ensure_all_started: fn -> {:ok, [:symphony_elixir]} end\n }\n\n assert {:error, message} = CLI.evaluate([@ack_flag, \"WORKFLOW.md\"], deps)\n assert message =~ \"Workflow file not found:\"\n end\n\n test \"returns startup error when app cannot start\" do\n deps = %{\n file_regular?: fn _path -> true end,\n set_workflow_file_path: fn _path -> :ok end,\n set_logs_root: fn _path -> :ok end,\n set_server_port_override: fn _port -> :ok end,\n ensure_all_started: fn -> {:error, :boom} end\n }\n\n assert {:error, message} = CLI.evaluate([@ack_flag, \"WORKFLOW.md\"], deps)\n assert message =~ \"Failed to start Symphony with workflow\"\n assert message =~ \":boom\"\n end\n\n test \"returns ok when workflow exists and app starts\" do\n deps = %{\n file_regular?: fn _path -> true end,\n set_workflow_file_path: fn _path -> :ok end,\n set_logs_root: fn _path -> :ok end,\n set_server_port_override: fn _port -> :ok end,\n ensure_all_started: fn -> {:ok, [:symphony_elixir]} end\n }\n\n assert :ok = CLI.evaluate([@ack_flag, \"WORKFLOW.md\"], deps)\n end\nend\n" }, { "path": "elixir/test/symphony_elixir/core_test.exs", "content": "defmodule SymphonyElixir.CoreTest do\n use SymphonyElixir.TestSupport\n\n test \"config defaults and validation checks\" do\n write_workflow_file!(Workflow.workflow_file_path(),\n tracker_api_token: nil,\n tracker_project_slug: nil,\n poll_interval_ms: nil,\n tracker_active_states: nil,\n tracker_terminal_states: nil,\n codex_command: nil\n )\n\n config = Config.settings!()\n assert config.polling.interval_ms == 30_000\n assert config.tracker.active_states == [\"Todo\", \"In Progress\"]\n assert config.tracker.terminal_states == [\"Closed\", \"Cancelled\", \"Canceled\", \"Duplicate\", \"Done\"]\n assert config.tracker.assignee == nil\n assert config.agent.max_turns == 20\n\n write_workflow_file!(Workflow.workflow_file_path(), poll_interval_ms: \"invalid\")\n\n assert_raise ArgumentError, ~r/interval_ms/, fn ->\n Config.settings!().polling.interval_ms\n end\n\n assert {:error, {:invalid_workflow_config, message}} = Config.validate!()\n assert message =~ \"polling.interval_ms\"\n\n write_workflow_file!(Workflow.workflow_file_path(), poll_interval_ms: 45_000)\n assert Config.settings!().polling.interval_ms == 45_000\n\n write_workflow_file!(Workflow.workflow_file_path(), max_turns: 0)\n assert {:error, {:invalid_workflow_config, message}} = Config.validate!()\n assert message =~ \"agent.max_turns\"\n\n write_workflow_file!(Workflow.workflow_file_path(), max_turns: 5)\n assert Config.settings!().agent.max_turns == 5\n\n write_workflow_file!(Workflow.workflow_file_path(), tracker_active_states: \"Todo, Review,\")\n assert {:error, {:invalid_workflow_config, message}} = Config.validate!()\n assert message =~ \"tracker.active_states\"\n\n write_workflow_file!(Workflow.workflow_file_path(),\n tracker_api_token: \"token\",\n tracker_project_slug: nil\n )\n\n assert {:error, :missing_linear_project_slug} = Config.validate!()\n\n write_workflow_file!(Workflow.workflow_file_path(),\n tracker_project_slug: \"project\",\n codex_command: \"\"\n )\n\n assert {:error, {:invalid_workflow_config, message}} = Config.validate!()\n assert message =~ \"codex.command\"\n assert message =~ \"can't be blank\"\n\n write_workflow_file!(Workflow.workflow_file_path(), codex_command: \" \")\n assert :ok = Config.validate!()\n assert Config.settings!().codex.command == \" \"\n\n write_workflow_file!(Workflow.workflow_file_path(), codex_command: \"/bin/sh app-server\")\n assert :ok = Config.validate!()\n\n write_workflow_file!(Workflow.workflow_file_path(), codex_approval_policy: \"definitely-not-valid\")\n assert :ok = Config.validate!()\n\n write_workflow_file!(Workflow.workflow_file_path(), codex_thread_sandbox: \"unsafe-ish\")\n assert :ok = Config.validate!()\n\n write_workflow_file!(Workflow.workflow_file_path(),\n codex_turn_sandbox_policy: %{type: \"workspaceWrite\", writableRoots: [\"relative/path\"]}\n )\n\n assert :ok = Config.validate!()\n\n write_workflow_file!(Workflow.workflow_file_path(), codex_approval_policy: 123)\n assert {:error, {:invalid_workflow_config, message}} = Config.validate!()\n assert message =~ \"codex.approval_policy\"\n\n write_workflow_file!(Workflow.workflow_file_path(), codex_thread_sandbox: 123)\n assert {:error, {:invalid_workflow_config, message}} = Config.validate!()\n assert message =~ \"codex.thread_sandbox\"\n\n write_workflow_file!(Workflow.workflow_file_path(), tracker_kind: \"123\")\n assert {:error, {:unsupported_tracker_kind, \"123\"}} = Config.validate!()\n end\n\n test \"current WORKFLOW.md file is valid and complete\" do\n original_workflow_path = Workflow.workflow_file_path()\n on_exit(fn -> Workflow.set_workflow_file_path(original_workflow_path) end)\n Workflow.clear_workflow_file_path()\n\n assert {:ok, %{config: config, prompt: prompt}} = Workflow.load()\n assert is_map(config)\n\n tracker = Map.get(config, \"tracker\", %{})\n assert is_map(tracker)\n assert Map.get(tracker, \"kind\") == \"linear\"\n assert is_binary(Map.get(tracker, \"project_slug\"))\n assert is_list(Map.get(tracker, \"active_states\"))\n assert is_list(Map.get(tracker, \"terminal_states\"))\n\n hooks = Map.get(config, \"hooks\", %{})\n assert is_map(hooks)\n assert Map.get(hooks, \"after_create\") =~ \"git clone --depth 1 https://github.com/openai/symphony .\"\n assert Map.get(hooks, \"after_create\") =~ \"cd elixir && mise trust\"\n assert Map.get(hooks, \"after_create\") =~ \"mise exec -- mix deps.get\"\n assert Map.get(hooks, \"before_remove\") =~ \"cd elixir && mise exec -- mix workspace.before_remove\"\n\n assert String.trim(prompt) != \"\"\n assert is_binary(Config.workflow_prompt())\n assert Config.workflow_prompt() == prompt\n end\n\n test \"linear api token resolves from LINEAR_API_KEY env var\" do\n previous_linear_api_key = System.get_env(\"LINEAR_API_KEY\")\n env_api_key = \"test-linear-api-key\"\n\n on_exit(fn -> restore_env(\"LINEAR_API_KEY\", previous_linear_api_key) end)\n System.put_env(\"LINEAR_API_KEY\", env_api_key)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n tracker_api_token: nil,\n tracker_project_slug: \"project\",\n codex_command: \"/bin/sh app-server\"\n )\n\n assert Config.settings!().tracker.api_key == env_api_key\n assert Config.settings!().tracker.project_slug == \"project\"\n assert :ok = Config.validate!()\n end\n\n test \"linear assignee resolves from LINEAR_ASSIGNEE env var\" do\n previous_linear_assignee = System.get_env(\"LINEAR_ASSIGNEE\")\n env_assignee = \"dev@example.com\"\n\n on_exit(fn -> restore_env(\"LINEAR_ASSIGNEE\", previous_linear_assignee) end)\n System.put_env(\"LINEAR_ASSIGNEE\", env_assignee)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n tracker_assignee: nil,\n tracker_project_slug: \"project\",\n codex_command: \"/bin/sh app-server\"\n )\n\n assert Config.settings!().tracker.assignee == env_assignee\n end\n\n test \"workflow file path defaults to WORKFLOW.md in the current working directory when app env is unset\" do\n original_workflow_path = Workflow.workflow_file_path()\n\n on_exit(fn ->\n Workflow.set_workflow_file_path(original_workflow_path)\n end)\n\n Workflow.clear_workflow_file_path()\n\n assert Workflow.workflow_file_path() == Path.join(File.cwd!(), \"WORKFLOW.md\")\n end\n\n test \"workflow file path resolves from app env when set\" do\n app_workflow_path = \"/tmp/app/WORKFLOW.md\"\n\n on_exit(fn ->\n Workflow.clear_workflow_file_path()\n end)\n\n Workflow.set_workflow_file_path(app_workflow_path)\n\n assert Workflow.workflow_file_path() == app_workflow_path\n end\n\n test \"workflow load accepts prompt-only files without front matter\" do\n workflow_path = Path.join(Path.dirname(Workflow.workflow_file_path()), \"PROMPT_ONLY_WORKFLOW.md\")\n File.write!(workflow_path, \"Prompt only\\n\")\n\n assert {:ok, %{config: %{}, prompt: \"Prompt only\", prompt_template: \"Prompt only\"}} =\n Workflow.load(workflow_path)\n end\n\n test \"workflow load accepts unterminated front matter with an empty prompt\" do\n workflow_path = Path.join(Path.dirname(Workflow.workflow_file_path()), \"UNTERMINATED_WORKFLOW.md\")\n File.write!(workflow_path, \"---\\ntracker:\\n kind: linear\\n\")\n\n assert {:ok, %{config: %{\"tracker\" => %{\"kind\" => \"linear\"}}, prompt: \"\", prompt_template: \"\"}} =\n Workflow.load(workflow_path)\n end\n\n test \"workflow load rejects non-map front matter\" do\n workflow_path = Path.join(Path.dirname(Workflow.workflow_file_path()), \"INVALID_FRONT_MATTER_WORKFLOW.md\")\n File.write!(workflow_path, \"---\\n- not-a-map\\n---\\nPrompt body\\n\")\n\n assert {:error, :workflow_front_matter_not_a_map} = Workflow.load(workflow_path)\n end\n\n test \"SymphonyElixir.start_link delegates to the orchestrator\" do\n write_workflow_file!(Workflow.workflow_file_path(), tracker_kind: \"memory\")\n Application.put_env(:symphony_elixir, :memory_tracker_issues, [])\n orchestrator_pid = Process.whereis(SymphonyElixir.Orchestrator)\n\n on_exit(fn ->\n if is_nil(Process.whereis(SymphonyElixir.Orchestrator)) do\n case Supervisor.restart_child(SymphonyElixir.Supervisor, SymphonyElixir.Orchestrator) do\n {:ok, _pid} -> :ok\n {:error, {:already_started, _pid}} -> :ok\n end\n end\n end)\n\n if is_pid(orchestrator_pid) do\n assert :ok = Supervisor.terminate_child(SymphonyElixir.Supervisor, SymphonyElixir.Orchestrator)\n end\n\n assert {:ok, pid} = SymphonyElixir.start_link()\n assert Process.whereis(SymphonyElixir.Orchestrator) == pid\n\n GenServer.stop(pid)\n end\n\n test \"linear issue state reconciliation fetch with no running issues is a no-op\" do\n assert {:ok, []} = Client.fetch_issue_states_by_ids([])\n end\n\n test \"non-active issue state stops running agent without cleaning workspace\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-nonactive-reconcile-#{System.unique_integer([:positive])}\"\n )\n\n issue_id = \"issue-1\"\n issue_identifier = \"MT-555\"\n workspace = Path.join(test_root, issue_identifier)\n\n try do\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: test_root,\n tracker_active_states: [\"Todo\", \"In Progress\", \"In Review\"],\n tracker_terminal_states: [\"Closed\", \"Cancelled\", \"Canceled\", \"Duplicate\"]\n )\n\n File.mkdir_p!(test_root)\n File.mkdir_p!(workspace)\n\n agent_pid =\n spawn(fn ->\n receive do\n :stop -> :ok\n end\n end)\n\n state = %Orchestrator.State{\n running: %{\n issue_id => %{\n pid: agent_pid,\n ref: nil,\n identifier: issue_identifier,\n issue: %Issue{id: issue_id, state: \"Todo\", identifier: issue_identifier},\n started_at: DateTime.utc_now()\n }\n },\n claimed: MapSet.new([issue_id]),\n codex_totals: %{input_tokens: 0, output_tokens: 0, total_tokens: 0, seconds_running: 0},\n retry_attempts: %{}\n }\n\n issue = %Issue{\n id: issue_id,\n identifier: issue_identifier,\n state: \"Backlog\",\n title: \"Queued\",\n description: \"Not started\",\n labels: []\n }\n\n updated_state = Orchestrator.reconcile_issue_states_for_test([issue], state)\n\n refute Map.has_key?(updated_state.running, issue_id)\n refute MapSet.member?(updated_state.claimed, issue_id)\n refute Process.alive?(agent_pid)\n assert File.exists?(workspace)\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"terminal issue state stops running agent and cleans workspace\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-terminal-reconcile-#{System.unique_integer([:positive])}\"\n )\n\n issue_id = \"issue-2\"\n issue_identifier = \"MT-556\"\n workspace = Path.join(test_root, issue_identifier)\n\n try do\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: test_root,\n tracker_active_states: [\"Todo\", \"In Progress\", \"In Review\"],\n tracker_terminal_states: [\"Closed\", \"Cancelled\", \"Canceled\", \"Duplicate\"]\n )\n\n File.mkdir_p!(test_root)\n File.mkdir_p!(workspace)\n\n agent_pid =\n spawn(fn ->\n receive do\n :stop -> :ok\n end\n end)\n\n state = %Orchestrator.State{\n running: %{\n issue_id => %{\n pid: agent_pid,\n ref: nil,\n identifier: issue_identifier,\n issue: %Issue{id: issue_id, state: \"In Progress\", identifier: issue_identifier},\n started_at: DateTime.utc_now()\n }\n },\n claimed: MapSet.new([issue_id]),\n codex_totals: %{input_tokens: 0, output_tokens: 0, total_tokens: 0, seconds_running: 0},\n retry_attempts: %{}\n }\n\n issue = %Issue{\n id: issue_id,\n identifier: issue_identifier,\n state: \"Closed\",\n title: \"Done\",\n description: \"Completed\",\n labels: []\n }\n\n updated_state = Orchestrator.reconcile_issue_states_for_test([issue], state)\n\n refute Map.has_key?(updated_state.running, issue_id)\n refute MapSet.member?(updated_state.claimed, issue_id)\n refute Process.alive?(agent_pid)\n refute File.exists?(workspace)\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"missing running issues stop active agents without cleaning the workspace\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-missing-running-reconcile-#{System.unique_integer([:positive])}\"\n )\n\n previous_memory_issues = Application.get_env(:symphony_elixir, :memory_tracker_issues)\n issue_id = \"issue-missing\"\n issue_identifier = \"MT-557\"\n\n try do\n write_workflow_file!(Workflow.workflow_file_path(),\n tracker_kind: \"memory\",\n workspace_root: test_root,\n tracker_active_states: [\"Todo\", \"In Progress\", \"In Review\"],\n tracker_terminal_states: [\"Closed\", \"Cancelled\", \"Canceled\", \"Duplicate\"],\n poll_interval_ms: 30_000\n )\n\n Application.put_env(:symphony_elixir, :memory_tracker_issues, [])\n\n orchestrator_name = Module.concat(__MODULE__, :MissingRunningIssueOrchestrator)\n {:ok, pid} = Orchestrator.start_link(name: orchestrator_name)\n\n on_exit(fn ->\n restore_app_env(:memory_tracker_issues, previous_memory_issues)\n\n if Process.alive?(pid) do\n Process.exit(pid, :normal)\n end\n end)\n\n Process.sleep(50)\n\n assert {:ok, workspace} =\n SymphonyElixir.PathSafety.canonicalize(Path.join(test_root, issue_identifier))\n\n File.mkdir_p!(workspace)\n\n agent_pid =\n spawn(fn ->\n receive do\n :stop -> :ok\n end\n end)\n\n initial_state = :sys.get_state(pid)\n\n running_entry = %{\n pid: agent_pid,\n ref: nil,\n identifier: issue_identifier,\n issue: %Issue{id: issue_id, state: \"In Progress\", identifier: issue_identifier},\n started_at: DateTime.utc_now()\n }\n\n :sys.replace_state(pid, fn _ ->\n initial_state\n |> Map.put(:running, %{issue_id => running_entry})\n |> Map.put(:claimed, MapSet.new([issue_id]))\n |> Map.put(:retry_attempts, %{})\n end)\n\n send(pid, :tick)\n Process.sleep(100)\n state = :sys.get_state(pid)\n\n refute Map.has_key?(state.running, issue_id)\n refute MapSet.member?(state.claimed, issue_id)\n refute Process.alive?(agent_pid)\n assert File.exists?(workspace)\n after\n restore_app_env(:memory_tracker_issues, previous_memory_issues)\n File.rm_rf(test_root)\n end\n end\n\n test \"reconcile updates running issue state for active issues\" do\n issue_id = \"issue-3\"\n\n state = %Orchestrator.State{\n running: %{\n issue_id => %{\n pid: self(),\n ref: nil,\n identifier: \"MT-557\",\n issue: %Issue{\n id: issue_id,\n identifier: \"MT-557\",\n state: \"Todo\"\n },\n started_at: DateTime.utc_now()\n }\n },\n claimed: MapSet.new([issue_id]),\n codex_totals: %{input_tokens: 0, output_tokens: 0, total_tokens: 0, seconds_running: 0},\n retry_attempts: %{}\n }\n\n issue = %Issue{\n id: issue_id,\n identifier: \"MT-557\",\n state: \"In Progress\",\n title: \"Active state refresh\",\n description: \"State should be refreshed\",\n labels: []\n }\n\n updated_state = Orchestrator.reconcile_issue_states_for_test([issue], state)\n updated_entry = updated_state.running[issue_id]\n\n assert Map.has_key?(updated_state.running, issue_id)\n assert MapSet.member?(updated_state.claimed, issue_id)\n assert updated_entry.issue.state == \"In Progress\"\n end\n\n test \"reconcile stops running issue when it is reassigned away from this worker\" do\n issue_id = \"issue-reassigned\"\n\n agent_pid =\n spawn(fn ->\n receive do\n :stop -> :ok\n end\n end)\n\n state = %Orchestrator.State{\n running: %{\n issue_id => %{\n pid: agent_pid,\n ref: nil,\n identifier: \"MT-561\",\n issue: %Issue{\n id: issue_id,\n identifier: \"MT-561\",\n state: \"In Progress\",\n assigned_to_worker: true\n },\n started_at: DateTime.utc_now()\n }\n },\n claimed: MapSet.new([issue_id]),\n codex_totals: %{input_tokens: 0, output_tokens: 0, total_tokens: 0, seconds_running: 0},\n retry_attempts: %{}\n }\n\n issue = %Issue{\n id: issue_id,\n identifier: \"MT-561\",\n state: \"In Progress\",\n title: \"Reassigned active issue\",\n description: \"Worker should stop\",\n labels: [],\n assigned_to_worker: false\n }\n\n updated_state = Orchestrator.reconcile_issue_states_for_test([issue], state)\n\n refute Map.has_key?(updated_state.running, issue_id)\n refute MapSet.member?(updated_state.claimed, issue_id)\n refute Process.alive?(agent_pid)\n end\n\n test \"normal worker exit schedules active-state continuation retry\" do\n issue_id = \"issue-resume\"\n ref = make_ref()\n orchestrator_name = Module.concat(__MODULE__, :ContinuationOrchestrator)\n {:ok, pid} = Orchestrator.start_link(name: orchestrator_name)\n\n on_exit(fn ->\n if Process.alive?(pid) do\n Process.exit(pid, :normal)\n end\n end)\n\n initial_state = :sys.get_state(pid)\n\n running_entry = %{\n pid: self(),\n ref: ref,\n identifier: \"MT-558\",\n issue: %Issue{id: issue_id, identifier: \"MT-558\", state: \"In Progress\"},\n started_at: DateTime.utc_now()\n }\n\n :sys.replace_state(pid, fn _ ->\n initial_state\n |> Map.put(:running, %{issue_id => running_entry})\n |> Map.put(:claimed, MapSet.new([issue_id]))\n |> Map.put(:retry_attempts, %{})\n end)\n\n send(pid, {:DOWN, ref, :process, self(), :normal})\n Process.sleep(50)\n state = :sys.get_state(pid)\n\n refute Map.has_key?(state.running, issue_id)\n assert MapSet.member?(state.completed, issue_id)\n assert %{attempt: 1, due_at_ms: due_at_ms} = state.retry_attempts[issue_id]\n assert is_integer(due_at_ms)\n assert_due_in_range(due_at_ms, 500, 1_100)\n end\n\n test \"abnormal worker exit increments retry attempt progressively\" do\n issue_id = \"issue-crash\"\n ref = make_ref()\n orchestrator_name = Module.concat(__MODULE__, :CrashRetryOrchestrator)\n {:ok, pid} = Orchestrator.start_link(name: orchestrator_name)\n\n on_exit(fn ->\n if Process.alive?(pid) do\n Process.exit(pid, :normal)\n end\n end)\n\n initial_state = :sys.get_state(pid)\n\n running_entry = %{\n pid: self(),\n ref: ref,\n identifier: \"MT-559\",\n retry_attempt: 2,\n issue: %Issue{id: issue_id, identifier: \"MT-559\", state: \"In Progress\"},\n started_at: DateTime.utc_now()\n }\n\n :sys.replace_state(pid, fn _ ->\n initial_state\n |> Map.put(:running, %{issue_id => running_entry})\n |> Map.put(:claimed, MapSet.new([issue_id]))\n |> Map.put(:retry_attempts, %{})\n end)\n\n send(pid, {:DOWN, ref, :process, self(), :boom})\n Process.sleep(50)\n state = :sys.get_state(pid)\n\n assert %{attempt: 3, due_at_ms: due_at_ms, identifier: \"MT-559\", error: \"agent exited: :boom\"} =\n state.retry_attempts[issue_id]\n\n assert_due_in_range(due_at_ms, 39_500, 40_500)\n end\n\n test \"first abnormal worker exit waits before retrying\" do\n issue_id = \"issue-crash-initial\"\n ref = make_ref()\n orchestrator_name = Module.concat(__MODULE__, :InitialCrashRetryOrchestrator)\n {:ok, pid} = Orchestrator.start_link(name: orchestrator_name)\n\n on_exit(fn ->\n if Process.alive?(pid) do\n Process.exit(pid, :normal)\n end\n end)\n\n initial_state = :sys.get_state(pid)\n\n running_entry = %{\n pid: self(),\n ref: ref,\n identifier: \"MT-560\",\n issue: %Issue{id: issue_id, identifier: \"MT-560\", state: \"In Progress\"},\n started_at: DateTime.utc_now()\n }\n\n :sys.replace_state(pid, fn _ ->\n initial_state\n |> Map.put(:running, %{issue_id => running_entry})\n |> Map.put(:claimed, MapSet.new([issue_id]))\n |> Map.put(:retry_attempts, %{})\n end)\n\n send(pid, {:DOWN, ref, :process, self(), :boom})\n Process.sleep(50)\n state = :sys.get_state(pid)\n\n assert %{attempt: 1, due_at_ms: due_at_ms, identifier: \"MT-560\", error: \"agent exited: :boom\"} =\n state.retry_attempts[issue_id]\n\n assert_due_in_range(due_at_ms, 9_000, 10_500)\n end\n\n test \"stale retry timer messages do not consume newer retry entries\" do\n issue_id = \"issue-stale-retry\"\n orchestrator_name = Module.concat(__MODULE__, :StaleRetryOrchestrator)\n {:ok, pid} = Orchestrator.start_link(name: orchestrator_name)\n\n on_exit(fn ->\n if Process.alive?(pid) do\n Process.exit(pid, :normal)\n end\n end)\n\n initial_state = :sys.get_state(pid)\n current_retry_token = make_ref()\n stale_retry_token = make_ref()\n\n :sys.replace_state(pid, fn _ ->\n initial_state\n |> Map.put(:retry_attempts, %{\n issue_id => %{\n attempt: 2,\n timer_ref: nil,\n retry_token: current_retry_token,\n due_at_ms: System.monotonic_time(:millisecond) + 30_000,\n identifier: \"MT-561\",\n error: \"agent exited: :boom\"\n }\n })\n end)\n\n send(pid, {:retry_issue, issue_id, stale_retry_token})\n Process.sleep(50)\n\n assert %{\n attempt: 2,\n retry_token: ^current_retry_token,\n identifier: \"MT-561\",\n error: \"agent exited: :boom\"\n } = :sys.get_state(pid).retry_attempts[issue_id]\n end\n\n test \"manual refresh coalesces repeated requests and ignores superseded ticks\" do\n now_ms = System.monotonic_time(:millisecond)\n stale_tick_token = make_ref()\n\n state = %Orchestrator.State{\n poll_interval_ms: 30_000,\n max_concurrent_agents: 1,\n next_poll_due_at_ms: now_ms + 30_000,\n poll_check_in_progress: false,\n tick_timer_ref: nil,\n tick_token: stale_tick_token,\n codex_totals: %{input_tokens: 0, output_tokens: 0, total_tokens: 0, seconds_running: 0},\n codex_rate_limits: nil\n }\n\n assert {:reply, %{queued: true, coalesced: false}, refreshed_state} =\n Orchestrator.handle_call(:request_refresh, {self(), make_ref()}, state)\n\n assert is_reference(refreshed_state.tick_timer_ref)\n assert is_reference(refreshed_state.tick_token)\n refute refreshed_state.tick_token == stale_tick_token\n assert refreshed_state.next_poll_due_at_ms <= System.monotonic_time(:millisecond)\n\n assert {:reply, %{queued: true, coalesced: true}, coalesced_state} =\n Orchestrator.handle_call(:request_refresh, {self(), make_ref()}, refreshed_state)\n\n assert coalesced_state.tick_token == refreshed_state.tick_token\n assert {:noreply, ^coalesced_state} = Orchestrator.handle_info({:tick, stale_tick_token}, coalesced_state)\n end\n\n test \"select_worker_host_for_test skips full ssh hosts under the shared per-host cap\" do\n write_workflow_file!(Workflow.workflow_file_path(),\n worker_ssh_hosts: [\"worker-a\", \"worker-b\"],\n worker_max_concurrent_agents_per_host: 1\n )\n\n state = %Orchestrator.State{\n running: %{\n \"issue-1\" => %{worker_host: \"worker-a\"}\n }\n }\n\n assert Orchestrator.select_worker_host_for_test(state, nil) == \"worker-b\"\n end\n\n test \"select_worker_host_for_test returns no_worker_capacity when every ssh host is full\" do\n write_workflow_file!(Workflow.workflow_file_path(),\n worker_ssh_hosts: [\"worker-a\", \"worker-b\"],\n worker_max_concurrent_agents_per_host: 1\n )\n\n state = %Orchestrator.State{\n running: %{\n \"issue-1\" => %{worker_host: \"worker-a\"},\n \"issue-2\" => %{worker_host: \"worker-b\"}\n }\n }\n\n assert Orchestrator.select_worker_host_for_test(state, nil) == :no_worker_capacity\n end\n\n test \"select_worker_host_for_test keeps the preferred ssh host when it still has capacity\" do\n write_workflow_file!(Workflow.workflow_file_path(),\n worker_ssh_hosts: [\"worker-a\", \"worker-b\"],\n worker_max_concurrent_agents_per_host: 2\n )\n\n state = %Orchestrator.State{\n running: %{\n \"issue-1\" => %{worker_host: \"worker-a\"},\n \"issue-2\" => %{worker_host: \"worker-b\"}\n }\n }\n\n assert Orchestrator.select_worker_host_for_test(state, \"worker-a\") == \"worker-a\"\n end\n\n defp assert_due_in_range(due_at_ms, min_remaining_ms, max_remaining_ms) do\n remaining_ms = due_at_ms - System.monotonic_time(:millisecond)\n\n assert remaining_ms >= min_remaining_ms\n assert remaining_ms <= max_remaining_ms\n end\n\n defp restore_app_env(key, nil), do: Application.delete_env(:symphony_elixir, key)\n defp restore_app_env(key, value), do: Application.put_env(:symphony_elixir, key, value)\n\n test \"fetch issues by states with empty state set is a no-op\" do\n assert {:ok, []} = Client.fetch_issues_by_states([])\n end\n\n test \"prompt builder renders issue and attempt values from workflow template\" do\n workflow_prompt =\n \"Ticket {{ issue.identifier }} {{ issue.title }} labels={{ issue.labels }} attempt={{ attempt }}\"\n\n write_workflow_file!(Workflow.workflow_file_path(), prompt: workflow_prompt)\n\n issue = %Issue{\n identifier: \"S-1\",\n title: \"Refactor backend request path\",\n description: \"Replace transport layer\",\n state: \"Todo\",\n url: \"https://example.org/issues/S-1\",\n labels: [\"backend\"]\n }\n\n prompt = PromptBuilder.build_prompt(issue, attempt: 3)\n\n assert prompt =~ \"Ticket S-1 Refactor backend request path\"\n assert prompt =~ \"labels=backend\"\n assert prompt =~ \"attempt=3\"\n end\n\n test \"prompt builder renders issue datetime fields without crashing\" do\n workflow_prompt = \"Ticket {{ issue.identifier }} created={{ issue.created_at }} updated={{ issue.updated_at }}\"\n\n write_workflow_file!(Workflow.workflow_file_path(), prompt: workflow_prompt)\n\n created_at = DateTime.from_naive!(~N[2026-02-26 18:06:48], \"Etc/UTC\")\n updated_at = DateTime.from_naive!(~N[2026-02-26 18:07:03], \"Etc/UTC\")\n\n issue = %Issue{\n identifier: \"MT-697\",\n title: \"Live smoke\",\n description: \"Prompt should serialize datetimes\",\n state: \"Todo\",\n url: \"https://example.org/issues/MT-697\",\n labels: [],\n created_at: created_at,\n updated_at: updated_at\n }\n\n prompt = PromptBuilder.build_prompt(issue)\n\n assert prompt =~ \"Ticket MT-697\"\n assert prompt =~ \"created=2026-02-26T18:06:48Z\"\n assert prompt =~ \"updated=2026-02-26T18:07:03Z\"\n end\n\n test \"prompt builder normalizes nested date-like values, maps, and structs in issue fields\" do\n write_workflow_file!(Workflow.workflow_file_path(), prompt: \"Ticket {{ issue.identifier }}\")\n\n issue = %Issue{\n identifier: \"MT-701\",\n title: \"Serialize nested values\",\n description: \"Prompt builder should normalize nested terms\",\n state: \"Todo\",\n url: \"https://example.org/issues/MT-701\",\n labels: [\n ~N[2026-02-27 12:34:56],\n ~D[2026-02-28],\n ~T[12:34:56],\n %{phase: \"test\"},\n URI.parse(\"https://example.org/issues/MT-701\")\n ]\n }\n\n assert PromptBuilder.build_prompt(issue) == \"Ticket MT-701\"\n end\n\n test \"prompt builder uses strict variable rendering\" do\n workflow_prompt = \"Work on ticket {{ missing.ticket_id }} and follow these steps.\"\n\n write_workflow_file!(Workflow.workflow_file_path(), prompt: workflow_prompt)\n\n issue = %Issue{\n identifier: \"MT-123\",\n title: \"Investigate broken sync\",\n description: \"Reproduce and fix\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-123\",\n labels: [\"bug\"]\n }\n\n assert_raise Solid.RenderError, fn ->\n PromptBuilder.build_prompt(issue)\n end\n end\n\n test \"prompt builder surfaces invalid template content with prompt context\" do\n write_workflow_file!(Workflow.workflow_file_path(), prompt: \"{% if issue.identifier %}\")\n\n issue = %Issue{\n identifier: \"MT-999\",\n title: \"Broken prompt\",\n description: \"Invalid template syntax\",\n state: \"Todo\",\n url: \"https://example.org/issues/MT-999\",\n labels: []\n }\n\n assert_raise RuntimeError, ~r/template_parse_error:.*template=\"/s, fn ->\n PromptBuilder.build_prompt(issue)\n end\n end\n\n test \"prompt builder uses a sensible default template when workflow prompt is blank\" do\n write_workflow_file!(Workflow.workflow_file_path(), prompt: \" \\n\")\n\n issue = %Issue{\n identifier: \"MT-777\",\n title: \"Make fallback prompt useful\",\n description: \"Include enough issue context to start working.\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-777\",\n labels: [\"prompt\"]\n }\n\n prompt = PromptBuilder.build_prompt(issue)\n\n assert prompt =~ \"You are working on a Linear issue.\"\n assert prompt =~ \"Identifier: MT-777\"\n assert prompt =~ \"Title: Make fallback prompt useful\"\n assert prompt =~ \"Body:\"\n assert prompt =~ \"Include enough issue context to start working.\"\n assert Config.workflow_prompt() =~ \"{{ issue.identifier }}\"\n assert Config.workflow_prompt() =~ \"{{ issue.title }}\"\n assert Config.workflow_prompt() =~ \"{{ issue.description }}\"\n end\n\n test \"prompt builder default template handles missing issue body\" do\n write_workflow_file!(Workflow.workflow_file_path(), prompt: \"\")\n\n issue = %Issue{\n identifier: \"MT-778\",\n title: \"Handle empty body\",\n description: nil,\n state: \"Todo\",\n url: \"https://example.org/issues/MT-778\",\n labels: []\n }\n\n prompt = PromptBuilder.build_prompt(issue)\n\n assert prompt =~ \"Identifier: MT-778\"\n assert prompt =~ \"Title: Handle empty body\"\n assert prompt =~ \"No description provided.\"\n end\n\n test \"prompt builder reports workflow load failures separately from template parse errors\" do\n original_workflow_path = Workflow.workflow_file_path()\n workflow_store_pid = Process.whereis(SymphonyElixir.WorkflowStore)\n\n on_exit(fn ->\n Workflow.set_workflow_file_path(original_workflow_path)\n\n if is_pid(workflow_store_pid) and is_nil(Process.whereis(SymphonyElixir.WorkflowStore)) do\n Supervisor.restart_child(SymphonyElixir.Supervisor, SymphonyElixir.WorkflowStore)\n end\n end)\n\n assert :ok = Supervisor.terminate_child(SymphonyElixir.Supervisor, SymphonyElixir.WorkflowStore)\n\n Workflow.set_workflow_file_path(Path.join(System.tmp_dir!(), \"missing-workflow-#{System.unique_integer([:positive])}.md\"))\n\n issue = %Issue{\n identifier: \"MT-780\",\n title: \"Workflow unavailable\",\n description: \"Missing workflow file\",\n state: \"Todo\",\n url: \"https://example.org/issues/MT-780\",\n labels: []\n }\n\n assert_raise RuntimeError, ~r/workflow_unavailable:/, fn ->\n PromptBuilder.build_prompt(issue)\n end\n end\n\n test \"in-repo WORKFLOW.md renders correctly\" do\n workflow_path = Workflow.workflow_file_path()\n Workflow.set_workflow_file_path(Path.expand(\"WORKFLOW.md\", File.cwd!()))\n\n issue = %Issue{\n identifier: \"MT-616\",\n title: \"Use rich templates for WORKFLOW.md\",\n description: \"Render with rich template variables\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-616/use-rich-templates-for-workflowmd\",\n labels: [\"templating\", \"workflow\"]\n }\n\n on_exit(fn -> Workflow.set_workflow_file_path(workflow_path) end)\n\n prompt = PromptBuilder.build_prompt(issue, attempt: 2)\n\n assert prompt =~ \"You are working on a Linear ticket `MT-616`\"\n assert prompt =~ \"Issue context:\"\n assert prompt =~ \"Identifier: MT-616\"\n assert prompt =~ \"Title: Use rich templates for WORKFLOW.md\"\n assert prompt =~ \"Current status: In Progress\"\n assert prompt =~ \"https://example.org/issues/MT-616/use-rich-templates-for-workflowmd\"\n assert prompt =~ \"This is an unattended orchestration session.\"\n assert prompt =~ \"Only stop early for a true blocker\"\n assert prompt =~ \"Do not include \\\"next steps for user\\\"\"\n assert prompt =~ \"open and follow `.codex/skills/land/SKILL.md`\"\n assert prompt =~ \"Do not call `gh pr merge` directly\"\n assert prompt =~ \"Continuation context:\"\n assert prompt =~ \"retry attempt #2\"\n end\n\n test \"prompt builder adds continuation guidance for retries\" do\n workflow_prompt = \"{% if attempt %}Retry #\" <> \"{{ attempt }}\" <> \"{% endif %}\"\n write_workflow_file!(Workflow.workflow_file_path(), prompt: workflow_prompt)\n\n issue = %Issue{\n identifier: \"MT-201\",\n title: \"Continue autonomous ticket\",\n description: \"Retry flow\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-201\",\n labels: []\n }\n\n prompt = PromptBuilder.build_prompt(issue, attempt: 2)\n\n assert prompt == \"Retry #2\"\n end\n\n test \"agent runner keeps workspace after successful codex run\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-agent-runner-retain-workspace-#{System.unique_integer([:positive])}\"\n )\n\n try do\n template_repo = Path.join(test_root, \"source\")\n workspace_root = Path.join(test_root, \"workspaces\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n\n File.mkdir_p!(template_repo)\n File.mkdir_p!(workspace_root)\n File.write!(Path.join(template_repo, \"README.md\"), \"# test\")\n System.cmd(\"git\", [\"-C\", template_repo, \"init\", \"-b\", \"main\"])\n System.cmd(\"git\", [\"-C\", template_repo, \"config\", \"user.name\", \"Test User\"])\n System.cmd(\"git\", [\"-C\", template_repo, \"config\", \"user.email\", \"test@example.com\"])\n System.cmd(\"git\", [\"-C\", template_repo, \"add\", \"README.md\"])\n System.cmd(\"git\", [\"-C\", template_repo, \"commit\", \"-m\", \"initial\"])\n\n File.write!(codex_binary, \"\"\"\n #!/bin/sh\n count=0\n while IFS= read -r line; do\n count=$((count + 1))\n case \"$count\" in\n 1)\n printf '%s\\\\n' '{\\\"id\\\":1,\\\"result\\\":{}}'\n ;;\n 2)\n ;;\n 3)\n printf '%s\\\\n' '{\\\"id\\\":2,\\\"result\\\":{\\\"thread\\\":{\\\"id\\\":\\\"thread-1\\\"}}}'\n ;;\n 4)\n printf '%s\\\\n' '{\\\"id\\\":3,\\\"result\\\":{\\\"turn\\\":{\\\"id\\\":\\\"turn-1\\\"}}}'\n printf '%s\\\\n' '{\\\"method\\\":\\\"turn/completed\\\"}'\n exit 0\n ;;\n *)\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(codex_binary, 0o755)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n hook_after_create: \"cp #{Path.join(template_repo, \"README.md\")} README.md\",\n codex_command: \"#{codex_binary} app-server\"\n )\n\n issue = %Issue{\n identifier: \"S-99\",\n title: \"Smoke test\",\n description: \"Run and keep workspace\",\n state: \"In Progress\",\n url: \"https://example.org/issues/S-99\",\n labels: [\"backend\"]\n }\n\n before = MapSet.new(File.ls!(workspace_root))\n assert :ok = AgentRunner.run(issue)\n entries_after = MapSet.new(File.ls!(workspace_root))\n\n created =\n MapSet.difference(entries_after, before) |> Enum.filter(&(&1 == \"S-99\"))\n\n created = MapSet.new(created)\n\n assert MapSet.size(created) == 1\n workspace_name = created |> Enum.to_list() |> List.first()\n assert workspace_name == \"S-99\"\n\n workspace = Path.join(workspace_root, workspace_name)\n assert File.exists?(workspace)\n assert File.exists?(Path.join(workspace, \"README.md\"))\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"agent runner forwards timestamped codex updates to recipient\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-agent-runner-updates-#{System.unique_integer([:positive])}\"\n )\n\n try do\n template_repo = Path.join(test_root, \"source\")\n workspace_root = Path.join(test_root, \"workspaces\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n\n File.mkdir_p!(template_repo)\n File.write!(Path.join(template_repo, \"README.md\"), \"# test\")\n System.cmd(\"git\", [\"-C\", template_repo, \"init\", \"-b\", \"main\"])\n System.cmd(\"git\", [\"-C\", template_repo, \"config\", \"user.name\", \"Test User\"])\n System.cmd(\"git\", [\"-C\", template_repo, \"config\", \"user.email\", \"test@example.com\"])\n System.cmd(\"git\", [\"-C\", template_repo, \"add\", \"README.md\"])\n System.cmd(\"git\", [\"-C\", template_repo, \"commit\", \"-m\", \"initial\"])\n\n File.write!(\n codex_binary,\n \"\"\"\n #!/bin/sh\n count=0\n while IFS= read -r line; do\n count=$((count + 1))\n case \"$count\" in\n 1)\n printf '%s\\\\n' '{\\\"id\\\":1,\\\"result\\\":{}}'\n ;;\n 2)\n printf '%s\\\\n' '{\\\"id\\\":2,\\\"result\\\":{\\\"thread\\\":{\\\"id\\\":\\\"thread-live\\\"}}}'\n ;;\n 3)\n printf '%s\\\\n' '{\\\"id\\\":3,\\\"result\\\":{\\\"turn\\\":{\\\"id\\\":\\\"turn-live\\\"}}}'\n ;;\n 4)\n printf '%s\\\\n' '{\\\"method\\\":\\\"turn/completed\\\"}'\n ;;\n *)\n ;;\n esac\n done\n \"\"\"\n )\n\n File.chmod!(codex_binary, 0o755)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n hook_after_create: \"cp #{Path.join(template_repo, \"README.md\")} README.md\",\n codex_command: \"#{codex_binary} app-server\"\n )\n\n issue = %Issue{\n id: \"issue-live-updates\",\n identifier: \"MT-99\",\n title: \"Smoke test\",\n description: \"Capture codex updates\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-99\",\n labels: [\"backend\"]\n }\n\n test_pid = self()\n\n assert :ok =\n AgentRunner.run(\n issue,\n test_pid,\n issue_state_fetcher: fn [_issue_id] -> {:ok, [%{issue | state: \"Done\"}]} end\n )\n\n assert_receive {:codex_worker_update, \"issue-live-updates\",\n %{\n event: :session_started,\n timestamp: %DateTime{},\n session_id: session_id\n }},\n 500\n\n assert session_id == \"thread-live-turn-live\"\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"agent runner surfaces ssh startup failures instead of silently hopping hosts\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-agent-runner-single-host-#{System.unique_integer([:positive])}\"\n )\n\n previous_path = System.get_env(\"PATH\")\n previous_trace = System.get_env(\"SYMP_TEST_SSH_TRACE\")\n\n on_exit(fn ->\n restore_env(\"PATH\", previous_path)\n restore_env(\"SYMP_TEST_SSH_TRACE\", previous_trace)\n end)\n\n try do\n trace_file = Path.join(test_root, \"ssh.trace\")\n fake_ssh = Path.join(test_root, \"ssh\")\n\n File.mkdir_p!(test_root)\n System.put_env(\"SYMP_TEST_SSH_TRACE\", trace_file)\n System.put_env(\"PATH\", test_root <> \":\" <> (previous_path || \"\"))\n\n File.write!(fake_ssh, \"\"\"\n #!/bin/sh\n trace_file=\"${SYMP_TEST_SSH_TRACE:-/tmp/symphony-fake-ssh.trace}\"\n printf 'ARGV:%s\\\\n' \"$*\" >> \"$trace_file\"\n\n case \"$*\" in\n *worker-a*\"__SYMPHONY_WORKSPACE__\"*)\n printf '%s\\\\n' 'worker-a prepare failed' >&2\n exit 75\n ;;\n *worker-b*\"__SYMPHONY_WORKSPACE__\"*)\n printf '%s\\\\t%s\\\\t%s\\\\n' '__SYMPHONY_WORKSPACE__' '1' '/remote/home/.symphony-remote-workspaces/MT-SSH-FAILOVER'\n exit 0\n ;;\n *)\n exit 0\n ;;\n esac\n \"\"\")\n\n File.chmod!(fake_ssh, 0o755)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: \"~/.symphony-remote-workspaces\",\n worker_ssh_hosts: [\"worker-a\", \"worker-b\"]\n )\n\n issue = %Issue{\n id: \"issue-ssh-failover\",\n identifier: \"MT-SSH-FAILOVER\",\n title: \"Do not fail over within a single worker run\",\n description: \"Surface the startup failure to the orchestrator\",\n state: \"In Progress\"\n }\n\n assert_raise RuntimeError, ~r/workspace_prepare_failed/, fn ->\n AgentRunner.run(issue, nil, worker_host: \"worker-a\")\n end\n\n trace = File.read!(trace_file)\n assert trace =~ \"worker-a bash -lc\"\n refute trace =~ \"worker-b bash -lc\"\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"agent runner continues with a follow-up turn while the issue remains active\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-agent-runner-continuation-#{System.unique_integer([:positive])}\"\n )\n\n try do\n template_repo = Path.join(test_root, \"source\")\n workspace_root = Path.join(test_root, \"workspaces\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n trace_file = Path.join(test_root, \"codex.trace\")\n\n File.mkdir_p!(template_repo)\n File.write!(Path.join(template_repo, \"README.md\"), \"# test\")\n System.cmd(\"git\", [\"-C\", template_repo, \"init\", \"-b\", \"main\"])\n System.cmd(\"git\", [\"-C\", template_repo, \"config\", \"user.name\", \"Test User\"])\n System.cmd(\"git\", [\"-C\", template_repo, \"config\", \"user.email\", \"test@example.com\"])\n System.cmd(\"git\", [\"-C\", template_repo, \"add\", \"README.md\"])\n System.cmd(\"git\", [\"-C\", template_repo, \"commit\", \"-m\", \"initial\"])\n\n File.write!(codex_binary, \"\"\"\n #!/bin/sh\n trace_file=\"${SYMP_TEST_CODEx_TRACE:-/tmp/codex.trace}\"\n run_id=\"$(date +%s%N)-$$\"\n printf 'RUN:%s\\\\n' \"$run_id\" >> \"$trace_file\"\n count=0\n\n while IFS= read -r line; do\n count=$((count + 1))\n printf 'JSON:%s\\\\n' \"$line\" >> \"$trace_file\"\n case \"$count\" in\n 1)\n printf '%s\\\\n' '{\"id\":1,\"result\":{}}'\n ;;\n 2)\n ;;\n 3)\n printf '%s\\\\n' '{\"id\":2,\"result\":{\"thread\":{\"id\":\"thread-cont\"}}}'\n ;;\n 4)\n printf '%s\\\\n' '{\"id\":3,\"result\":{\"turn\":{\"id\":\"turn-cont-1\"}}}'\n printf '%s\\\\n' '{\"method\":\"turn/completed\"}'\n ;;\n 5)\n printf '%s\\\\n' '{\"id\":3,\"result\":{\"turn\":{\"id\":\"turn-cont-2\"}}}'\n printf '%s\\\\n' '{\"method\":\"turn/completed\"}'\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(codex_binary, 0o755)\n System.put_env(\"SYMP_TEST_CODEx_TRACE\", trace_file)\n\n on_exit(fn -> System.delete_env(\"SYMP_TEST_CODEx_TRACE\") end)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n hook_after_create: \"cp #{Path.join(template_repo, \"README.md\")} README.md\",\n codex_command: \"#{codex_binary} app-server\",\n max_turns: 3\n )\n\n parent = self()\n\n state_fetcher = fn [_issue_id] ->\n attempt = Process.get(:agent_turn_fetch_count, 0) + 1\n Process.put(:agent_turn_fetch_count, attempt)\n send(parent, {:issue_state_fetch, attempt})\n\n state =\n if attempt == 1 do\n \"In Progress\"\n else\n \"Done\"\n end\n\n {:ok,\n [\n %Issue{\n id: \"issue-continue\",\n identifier: \"MT-247\",\n title: \"Continue until done\",\n description: \"Still active after first turn\",\n state: state\n }\n ]}\n end\n\n issue = %Issue{\n id: \"issue-continue\",\n identifier: \"MT-247\",\n title: \"Continue until done\",\n description: \"Still active after first turn\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-247\",\n labels: []\n }\n\n assert :ok = AgentRunner.run(issue, nil, issue_state_fetcher: state_fetcher)\n assert_receive {:issue_state_fetch, 1}\n assert_receive {:issue_state_fetch, 2}\n\n lines = File.read!(trace_file) |> String.split(\"\\n\", trim: true)\n\n assert length(Enum.filter(lines, &String.starts_with?(&1, \"RUN:\"))) == 1\n assert length(Enum.filter(lines, &String.contains?(&1, \"\\\"method\\\":\\\"thread/start\\\"\"))) == 1\n\n turn_texts =\n lines\n |> Enum.filter(&String.starts_with?(&1, \"JSON:\"))\n |> Enum.map(&String.trim_leading(&1, \"JSON:\"))\n |> Enum.map(&Jason.decode!/1)\n |> Enum.filter(&(&1[\"method\"] == \"turn/start\"))\n |> Enum.map(fn payload ->\n get_in(payload, [\"params\", \"input\"])\n |> Enum.map_join(\"\\n\", &Map.get(&1, \"text\", \"\"))\n end)\n\n assert length(turn_texts) == 2\n assert Enum.at(turn_texts, 0) =~ \"You are an agent for this repository.\"\n refute Enum.at(turn_texts, 1) =~ \"You are an agent for this repository.\"\n assert Enum.at(turn_texts, 1) =~ \"Continuation guidance:\"\n assert Enum.at(turn_texts, 1) =~ \"continuation turn #2 of 3\"\n after\n System.delete_env(\"SYMP_TEST_CODEx_TRACE\")\n File.rm_rf(test_root)\n end\n end\n\n test \"agent runner stops continuing once agent.max_turns is reached\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-agent-runner-max-turns-#{System.unique_integer([:positive])}\"\n )\n\n try do\n template_repo = Path.join(test_root, \"source\")\n workspace_root = Path.join(test_root, \"workspaces\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n trace_file = Path.join(test_root, \"codex.trace\")\n\n File.mkdir_p!(template_repo)\n File.write!(Path.join(template_repo, \"README.md\"), \"# test\")\n System.cmd(\"git\", [\"-C\", template_repo, \"init\", \"-b\", \"main\"])\n System.cmd(\"git\", [\"-C\", template_repo, \"config\", \"user.name\", \"Test User\"])\n System.cmd(\"git\", [\"-C\", template_repo, \"config\", \"user.email\", \"test@example.com\"])\n System.cmd(\"git\", [\"-C\", template_repo, \"add\", \"README.md\"])\n System.cmd(\"git\", [\"-C\", template_repo, \"commit\", \"-m\", \"initial\"])\n\n File.write!(codex_binary, \"\"\"\n #!/bin/sh\n trace_file=\"${SYMP_TEST_CODEx_TRACE:-/tmp/codex.trace}\"\n printf 'RUN\\\\n' >> \"$trace_file\"\n count=0\n\n while IFS= read -r line; do\n count=$((count + 1))\n printf 'JSON:%s\\\\n' \"$line\" >> \"$trace_file\"\n case \"$count\" in\n 1)\n printf '%s\\\\n' '{\"id\":1,\"result\":{}}'\n ;;\n 2)\n ;;\n 3)\n printf '%s\\\\n' '{\"id\":2,\"result\":{\"thread\":{\"id\":\"thread-max\"}}}'\n ;;\n 4)\n printf '%s\\\\n' '{\"id\":3,\"result\":{\"turn\":{\"id\":\"turn-max-1\"}}}'\n printf '%s\\\\n' '{\"method\":\"turn/completed\"}'\n ;;\n 5)\n printf '%s\\\\n' '{\"id\":3,\"result\":{\"turn\":{\"id\":\"turn-max-2\"}}}'\n printf '%s\\\\n' '{\"method\":\"turn/completed\"}'\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(codex_binary, 0o755)\n System.put_env(\"SYMP_TEST_CODEx_TRACE\", trace_file)\n\n on_exit(fn -> System.delete_env(\"SYMP_TEST_CODEx_TRACE\") end)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n hook_after_create: \"cp #{Path.join(template_repo, \"README.md\")} README.md\",\n codex_command: \"#{codex_binary} app-server\",\n max_turns: 2\n )\n\n state_fetcher = fn [_issue_id] ->\n {:ok,\n [\n %Issue{\n id: \"issue-max-turns\",\n identifier: \"MT-248\",\n title: \"Stop at max turns\",\n description: \"Still active\",\n state: \"In Progress\"\n }\n ]}\n end\n\n issue = %Issue{\n id: \"issue-max-turns\",\n identifier: \"MT-248\",\n title: \"Stop at max turns\",\n description: \"Still active\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-248\",\n labels: []\n }\n\n assert :ok = AgentRunner.run(issue, nil, issue_state_fetcher: state_fetcher)\n\n trace = File.read!(trace_file)\n assert length(String.split(trace, \"RUN\", trim: true)) == 1\n assert length(Regex.scan(~r/\"method\":\"turn\\/start\"/, trace)) == 2\n after\n System.delete_env(\"SYMP_TEST_CODEx_TRACE\")\n File.rm_rf(test_root)\n end\n end\n\n test \"app server starts with workspace cwd and expected startup command\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-app-server-args-#{System.unique_integer([:positive])}\"\n )\n\n try do\n workspace_root = Path.join(test_root, \"workspaces\")\n workspace = Path.join(workspace_root, \"MT-77\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n trace_file = Path.join(test_root, \"codex-args.trace\")\n previous_trace = System.get_env(\"SYMP_TEST_CODex_TRACE\")\n\n on_exit(fn ->\n if is_binary(previous_trace) do\n System.put_env(\"SYMP_TEST_CODex_TRACE\", previous_trace)\n else\n System.delete_env(\"SYMP_TEST_CODex_TRACE\")\n end\n end)\n\n System.put_env(\"SYMP_TEST_CODex_TRACE\", trace_file)\n File.mkdir_p!(workspace)\n\n File.write!(codex_binary, \"\"\"\n #!/bin/sh\n trace_file=\"${SYMP_TEST_CODex_TRACE:-/tmp/codex-args.trace}\"\n count=0\n printf 'ARGV:%s\\\\n' \\\"$*\\\" >> \\\"$trace_file\\\"\n printf 'CWD:%s\\\\n' \\\"$PWD\\\" >> \\\"$trace_file\\\"\n\n while IFS= read -r line; do\n count=$((count + 1))\n printf 'JSON:%s\\\\n' \\\"$line\\\" >> \\\"$trace_file\\\"\n case \\\"$count\\\" in\n 1)\n printf '%s\\\\n' '{\\\"id\\\":1,\\\"result\\\":{}}'\n ;;\n 2)\n printf '%s\\\\n' '{\\\"id\\\":2,\\\"result\\\":{\\\"thread\\\":{\\\"id\\\":\\\"thread-77\\\"}}}'\n ;;\n 3)\n printf '%s\\\\n' '{\\\"id\\\":3,\\\"result\\\":{\\\"turn\\\":{\\\"id\\\":\\\"turn-77\\\"}}}'\n ;;\n 4)\n printf '%s\\\\n' '{\\\"method\\\":\\\"turn/completed\\\"}'\n exit 0\n ;;\n *)\n exit 0\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(codex_binary, 0o755)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n codex_command: \"#{codex_binary} app-server\"\n )\n\n issue = %Issue{\n id: \"issue-args\",\n identifier: \"MT-77\",\n title: \"Validate codex args\",\n description: \"Check startup args and cwd\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-77\",\n labels: [\"backend\"]\n }\n\n assert {:ok, _result} = AppServer.run(workspace, \"Fix workspace start args\", issue)\n assert {:ok, canonical_workspace} = SymphonyElixir.PathSafety.canonicalize(workspace)\n\n trace = File.read!(trace_file)\n lines = String.split(trace, \"\\n\", trim: true)\n\n assert argv_line = Enum.find(lines, fn line -> String.starts_with?(line, \"ARGV:\") end)\n assert String.contains?(argv_line, \"app-server\")\n refute Enum.any?(lines, &String.contains?(&1, \"--yolo\"))\n assert cwd_line = Enum.find(lines, fn line -> String.starts_with?(line, \"CWD:\") end)\n assert String.ends_with?(cwd_line, Path.basename(workspace))\n\n assert Enum.any?(lines, fn line ->\n if String.starts_with?(line, \"JSON:\") do\n line\n |> String.trim_leading(\"JSON:\")\n |> Jason.decode!()\n |> then(fn payload ->\n expected_approval_policy = %{\n \"reject\" => %{\n \"sandbox_approval\" => true,\n \"rules\" => true,\n \"mcp_elicitations\" => true\n }\n }\n\n payload[\"method\"] == \"thread/start\" &&\n get_in(payload, [\"params\", \"approvalPolicy\"]) == expected_approval_policy &&\n get_in(payload, [\"params\", \"sandbox\"]) == \"workspace-write\" &&\n get_in(payload, [\"params\", \"cwd\"]) == canonical_workspace\n end)\n else\n false\n end\n end)\n\n expected_turn_sandbox_policy = %{\n \"type\" => \"workspaceWrite\",\n \"writableRoots\" => [canonical_workspace],\n \"readOnlyAccess\" => %{\"type\" => \"fullAccess\"},\n \"networkAccess\" => false,\n \"excludeTmpdirEnvVar\" => false,\n \"excludeSlashTmp\" => false\n }\n\n assert Enum.any?(lines, fn line ->\n if String.starts_with?(line, \"JSON:\") do\n line\n |> String.trim_leading(\"JSON:\")\n |> Jason.decode!()\n |> then(fn payload ->\n expected_approval_policy = %{\n \"reject\" => %{\n \"sandbox_approval\" => true,\n \"rules\" => true,\n \"mcp_elicitations\" => true\n }\n }\n\n payload[\"method\"] == \"turn/start\" &&\n get_in(payload, [\"params\", \"cwd\"]) == canonical_workspace &&\n get_in(payload, [\"params\", \"approvalPolicy\"]) == expected_approval_policy &&\n get_in(payload, [\"params\", \"sandboxPolicy\"]) == expected_turn_sandbox_policy\n end)\n else\n false\n end\n end)\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"app server startup command supports codex args override from workflow config\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-app-server-custom-args-#{System.unique_integer([:positive])}\"\n )\n\n try do\n workspace_root = Path.join(test_root, \"workspaces\")\n workspace = Path.join(workspace_root, \"MT-88\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n trace_file = Path.join(test_root, \"codex-custom-args.trace\")\n previous_trace = System.get_env(\"SYMP_TEST_CODex_TRACE\")\n\n on_exit(fn ->\n if is_binary(previous_trace) do\n System.put_env(\"SYMP_TEST_CODex_TRACE\", previous_trace)\n else\n System.delete_env(\"SYMP_TEST_CODex_TRACE\")\n end\n end)\n\n System.put_env(\"SYMP_TEST_CODex_TRACE\", trace_file)\n File.mkdir_p!(workspace)\n\n File.write!(codex_binary, \"\"\"\n #!/bin/sh\n trace_file=\"${SYMP_TEST_CODex_TRACE:-/tmp/codex-custom-args.trace}\"\n count=0\n printf 'ARGV:%s\\\\n' \\\"$*\\\" >> \\\"$trace_file\\\"\n\n while IFS= read -r line; do\n count=$((count + 1))\n case \\\"$count\\\" in\n 1)\n printf '%s\\\\n' '{\\\"id\\\":1,\\\"result\\\":{}}'\n ;;\n 2)\n printf '%s\\\\n' '{\\\"id\\\":2,\\\"result\\\":{\\\"thread\\\":{\\\"id\\\":\\\"thread-88\\\"}}}'\n ;;\n 3)\n printf '%s\\\\n' '{\\\"id\\\":3,\\\"result\\\":{\\\"turn\\\":{\\\"id\\\":\\\"turn-88\\\"}}}'\n ;;\n 4)\n printf '%s\\\\n' '{\\\"method\\\":\\\"turn/completed\\\"}'\n exit 0\n ;;\n *)\n exit 0\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(codex_binary, 0o755)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n codex_command: \"#{codex_binary} --model gpt-5.3-codex app-server\"\n )\n\n issue = %Issue{\n id: \"issue-custom-args\",\n identifier: \"MT-88\",\n title: \"Validate custom codex args\",\n description: \"Check startup args override\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-88\",\n labels: [\"backend\"]\n }\n\n assert {:ok, _result} = AppServer.run(workspace, \"Fix workspace start args\", issue)\n\n trace = File.read!(trace_file)\n lines = String.split(trace, \"\\n\", trim: true)\n\n assert argv_line = Enum.find(lines, fn line -> String.starts_with?(line, \"ARGV:\") end)\n assert String.contains?(argv_line, \"--model gpt-5.3-codex app-server\")\n refute String.contains?(argv_line, \"--ask-for-approval never\")\n refute String.contains?(argv_line, \"--sandbox danger-full-access\")\n after\n File.rm_rf(test_root)\n end\n end\n\n test \"app server startup payload uses configurable approval and sandbox settings from workflow config\" do\n test_root =\n Path.join(\n System.tmp_dir!(),\n \"symphony-elixir-app-server-policy-overrides-#{System.unique_integer([:positive])}\"\n )\n\n try do\n workspace_root = Path.join(test_root, \"workspaces\")\n workspace = Path.join(workspace_root, \"MT-99\")\n codex_binary = Path.join(test_root, \"fake-codex\")\n trace_file = Path.join(test_root, \"codex-policy-overrides.trace\")\n previous_trace = System.get_env(\"SYMP_TEST_CODex_TRACE\")\n\n on_exit(fn ->\n if is_binary(previous_trace) do\n System.put_env(\"SYMP_TEST_CODex_TRACE\", previous_trace)\n else\n System.delete_env(\"SYMP_TEST_CODex_TRACE\")\n end\n end)\n\n System.put_env(\"SYMP_TEST_CODex_TRACE\", trace_file)\n File.mkdir_p!(workspace)\n\n File.write!(codex_binary, \"\"\"\n #!/bin/sh\n trace_file=\"${SYMP_TEST_CODex_TRACE:-/tmp/codex-policy-overrides.trace}\"\n count=0\n\n while IFS= read -r line; do\n count=$((count + 1))\n printf 'JSON:%s\\\\n' \"$line\" >> \"$trace_file\"\n\n case \"$count\" in\n 1)\n printf '%s\\\\n' '{\"id\":1,\"result\":{}}'\n ;;\n 2)\n printf '%s\\\\n' '{\"id\":2,\"result\":{\"thread\":{\"id\":\"thread-99\"}}}'\n ;;\n 3)\n printf '%s\\\\n' '{\"id\":3,\"result\":{\"turn\":{\"id\":\"turn-99\"}}}'\n ;;\n 4)\n printf '%s\\\\n' '{\"method\":\"turn/completed\"}'\n exit 0\n ;;\n *)\n exit 0\n ;;\n esac\n done\n \"\"\")\n\n File.chmod!(codex_binary, 0o755)\n\n workspace_cache = Path.join(Path.expand(workspace), \".cache\")\n File.mkdir_p!(workspace_cache)\n\n write_workflow_file!(Workflow.workflow_file_path(),\n workspace_root: workspace_root,\n codex_command: \"#{codex_binary} app-server\",\n codex_approval_policy: \"on-request\",\n codex_thread_sandbox: \"workspace-write\",\n codex_turn_sandbox_policy: %{\n type: \"workspaceWrite\",\n writableRoots: [Path.expand(workspace), workspace_cache]\n }\n )\n\n issue = %Issue{\n id: \"issue-policy-overrides\",\n identifier: \"MT-99\",\n title: \"Validate codex policy overrides\",\n description: \"Check startup policy payload overrides\",\n state: \"In Progress\",\n url: \"https://example.org/issues/MT-99\",\n labels: [\"backend\"]\n }\n\n assert {:ok, _result} = AppServer.run(workspace, \"Fix workspace start args\", issue)\n\n lines = File.read!(trace_file) |> String.split(\"\\n\", trim: true)\n\n assert Enum.any?(lines, fn line ->\n if String.starts_with?(line, \"JSON:\") do\n line\n |> String.trim_leading(\"JSON:\")\n |> Jason.decode!()\n |> then(fn payload ->\n payload[\"method\"] == \"thread/start\" &&\n get_in(payload, [\"params\", \"approvalPolicy\"]) == \"on-request\" &&\n get_in(payload, [\"params\", \"sandbox\"]) == \"workspace-write\"\n end)\n else\n false\n end\n end)\n\n expected_turn_policy = %{\n \"type\" => \"workspaceWrite\",\n \"writableRoots\" => [Path.expand(workspace), workspace_cache]\n }\n\n assert Enum.any?(lines, fn line ->\n if String.starts_with?(line, \"JSON:\") do\n line\n |> String.trim_leading(\"JSON:\")\n |> Jason.decode!()\n |> then(fn payload ->\n payload[\"method\"] == \"turn/start\" &&\n get_in(payload, [\"params\", \"approvalPolicy\"]) == \"on-request\" &&\n get_in(payload, [\"params\", \"sandboxPolicy\"]) == expected_turn_policy\n end)\n else\n false\n end\n end)\n after\n File.rm_rf(test_root)\n end\n end\nend\n" }, { "path": "elixir/test/symphony_elixir/dynamic_tool_test.exs", "content": "defmodule SymphonyElixir.Codex.DynamicToolTest do\n use SymphonyElixir.TestSupport\n\n alias SymphonyElixir.Codex.DynamicTool\n\n test \"tool_specs advertises the linear_graphql input contract\" do\n assert [\n %{\n \"description\" => description,\n \"inputSchema\" => %{\n \"properties\" => %{\n \"query\" => _,\n \"variables\" => _\n },\n \"required\" => [\"query\"],\n \"type\" => \"object\"\n },\n \"name\" => \"linear_graphql\"\n }\n ] = DynamicTool.tool_specs()\n\n assert description =~ \"Linear\"\n end\n\n test \"unsupported tools return a failure payload with the supported tool list\" do\n response = DynamicTool.execute(\"not_a_real_tool\", %{})\n\n assert response[\"success\"] == false\n\n assert Jason.decode!(response[\"output\"]) == %{\n \"error\" => %{\n \"message\" => ~s(Unsupported dynamic tool: \"not_a_real_tool\".),\n \"supportedTools\" => [\"linear_graphql\"]\n }\n }\n\n assert response[\"contentItems\"] == [\n %{\n \"type\" => \"inputText\",\n \"text\" => response[\"output\"]\n }\n ]\n end\n\n test \"linear_graphql returns successful GraphQL responses as tool text\" do\n test_pid = self()\n\n response =\n DynamicTool.execute(\n \"linear_graphql\",\n %{\n \"query\" => \"query Viewer { viewer { id } }\",\n \"variables\" => %{\"includeTeams\" => false}\n },\n linear_client: fn query, variables, opts ->\n send(test_pid, {:linear_client_called, query, variables, opts})\n {:ok, %{\"data\" => %{\"viewer\" => %{\"id\" => \"usr_123\"}}}}\n end\n )\n\n assert_received {:linear_client_called, \"query Viewer { viewer { id } }\", %{\"includeTeams\" => false}, []}\n\n assert response[\"success\"] == true\n assert Jason.decode!(response[\"output\"]) == %{\"data\" => %{\"viewer\" => %{\"id\" => \"usr_123\"}}}\n assert response[\"contentItems\"] == [%{\"type\" => \"inputText\", \"text\" => response[\"output\"]}]\n end\n\n test \"linear_graphql accepts a raw GraphQL query string\" do\n test_pid = self()\n\n response =\n DynamicTool.execute(\n \"linear_graphql\",\n \" query Viewer { viewer { id } } \",\n linear_client: fn query, variables, opts ->\n send(test_pid, {:linear_client_called, query, variables, opts})\n {:ok, %{\"data\" => %{\"viewer\" => %{\"id\" => \"usr_456\"}}}}\n end\n )\n\n assert_received {:linear_client_called, \"query Viewer { viewer { id } }\", %{}, []}\n assert response[\"success\"] == true\n end\n\n test \"linear_graphql ignores legacy operationName arguments\" do\n test_pid = self()\n\n response =\n DynamicTool.execute(\n \"linear_graphql\",\n %{\"query\" => \"query Viewer { viewer { id } }\", \"operationName\" => \"Viewer\"},\n linear_client: fn query, variables, opts ->\n send(test_pid, {:linear_client_called, query, variables, opts})\n {:ok, %{\"data\" => %{\"viewer\" => %{\"id\" => \"usr_789\"}}}}\n end\n )\n\n assert_received {:linear_client_called, \"query Viewer { viewer { id } }\", %{}, []}\n assert response[\"success\"] == true\n end\n\n test \"linear_graphql passes multi-operation documents through unchanged\" do\n test_pid = self()\n\n query = \"\"\"\n query Viewer { viewer { id } }\n query Teams { teams { nodes { id } } }\n \"\"\"\n\n response =\n DynamicTool.execute(\n \"linear_graphql\",\n %{\"query\" => query},\n linear_client: fn forwarded_query, variables, opts ->\n send(test_pid, {:linear_client_called, forwarded_query, variables, opts})\n {:ok, %{\"errors\" => [%{\"message\" => \"Must provide operation name if query contains multiple operations.\"}]}}\n end\n )\n\n assert_received {:linear_client_called, forwarded_query, %{}, []}\n assert forwarded_query == String.trim(query)\n assert response[\"success\"] == false\n end\n\n test \"linear_graphql rejects blank raw query strings even when using the default client\" do\n response = DynamicTool.execute(\"linear_graphql\", \" \")\n\n assert response[\"success\"] == false\n\n assert Jason.decode!(response[\"output\"]) == %{\n \"error\" => %{\n \"message\" => \"`linear_graphql` requires a non-empty `query` string.\"\n }\n }\n end\n\n test \"linear_graphql marks GraphQL error responses as failures while preserving the body\" do\n response =\n DynamicTool.execute(\n \"linear_graphql\",\n %{\"query\" => \"mutation BadMutation { nope }\"},\n linear_client: fn _query, _variables, _opts ->\n {:ok, %{\"errors\" => [%{\"message\" => \"Unknown field `nope`\"}], \"data\" => nil}}\n end\n )\n\n assert response[\"success\"] == false\n\n assert Jason.decode!(response[\"output\"]) == %{\n \"data\" => nil,\n \"errors\" => [%{\"message\" => \"Unknown field `nope`\"}]\n }\n end\n\n test \"linear_graphql marks atom-key GraphQL error responses as failures\" do\n response =\n DynamicTool.execute(\n \"linear_graphql\",\n %{\"query\" => \"query Viewer { viewer { id } }\"},\n linear_client: fn _query, _variables, _opts ->\n {:ok, %{errors: [%{message: \"boom\"}], data: nil}}\n end\n )\n\n assert response[\"success\"] == false\n end\n\n test \"linear_graphql validates required arguments before calling Linear\" do\n response =\n DynamicTool.execute(\n \"linear_graphql\",\n %{\"variables\" => %{\"commentId\" => \"comment-1\"}},\n linear_client: fn _query, _variables, _opts ->\n flunk(\"linear client should not be called when arguments are invalid\")\n end\n )\n\n assert response[\"success\"] == false\n\n assert Jason.decode!(response[\"output\"]) == %{\n \"error\" => %{\n \"message\" => \"`linear_graphql` requires a non-empty `query` string.\"\n }\n }\n\n blank_query =\n DynamicTool.execute(\n \"linear_graphql\",\n %{\"query\" => \" \"},\n linear_client: fn _query, _variables, _opts ->\n flunk(\"linear client should not be called when the query is blank\")\n end\n )\n\n assert blank_query[\"success\"] == false\n end\n\n test \"linear_graphql rejects invalid argument types\" do\n response =\n DynamicTool.execute(\n \"linear_graphql\",\n [:not, :valid],\n linear_client: fn _query, _variables, _opts ->\n flunk(\"linear client should not be called when arguments are invalid\")\n end\n )\n\n assert response[\"success\"] == false\n\n assert Jason.decode!(response[\"output\"]) == %{\n \"error\" => %{\n \"message\" => \"`linear_graphql` expects either a GraphQL query string or an object with `query` and optional `variables`.\"\n }\n }\n end\n\n test \"linear_graphql rejects invalid variables\" do\n response =\n DynamicTool.execute(\n \"linear_graphql\",\n %{\"query\" => \"query Viewer { viewer { id } }\", \"variables\" => [\"bad\"]},\n linear_client: fn _query, _variables, _opts ->\n flunk(\"linear client should not be called when variables are invalid\")\n end\n )\n\n assert response[\"success\"] == false\n\n assert Jason.decode!(response[\"output\"]) == %{\n \"error\" => %{\n \"message\" => \"`linear_graphql.variables` must be a JSON object when provided.\"\n }\n }\n end\n\n test \"linear_graphql formats transport and auth failures\" do\n missing_token =\n DynamicTool.execute(\n \"linear_graphql\",\n %{\"query\" => \"query Viewer { viewer { id } }\"},\n linear_client: fn _query, _variables, _opts -> {:error, :missing_linear_api_token} end\n )\n\n assert missing_token[\"success\"] == false\n\n assert Jason.decode!(missing_token[\"output\"]) == %{\n \"error\" => %{\n \"message\" => \"Symphony is missing Linear auth. Set `linear.api_key` in `WORKFLOW.md` or export `LINEAR_API_KEY`.\"\n }\n }\n\n status_error =\n DynamicTool.execute(\n \"linear_graphql\",\n %{\"query\" => \"query Viewer { viewer { id } }\"},\n linear_client: fn _query, _variables, _opts -> {:error, {:linear_api_status, 503}} end\n )\n\n assert Jason.decode!(status_error[\"output\"]) == %{\n \"error\" => %{\n \"message\" => \"Linear GraphQL request failed with HTTP 503.\",\n \"status\" => 503\n }\n }\n\n request_error =\n DynamicTool.execute(\n \"linear_graphql\",\n %{\"query\" => \"query Viewer { viewer { id } }\"},\n linear_client: fn _query, _variables, _opts -> {:error, {:linear_api_request, :timeout}} end\n )\n\n assert Jason.decode!(request_error[\"output\"]) == %{\n \"error\" => %{\n \"message\" => \"Linear GraphQL request failed before receiving a successful response.\",\n \"reason\" => \":timeout\"\n }\n }\n end\n\n test \"linear_graphql formats unexpected failures from the client\" do\n response =\n DynamicTool.execute(\n \"linear_graphql\",\n %{\"query\" => \"query Viewer { viewer { id } }\"},\n linear_client: fn _query, _variables, _opts -> {:error, :boom} end\n )\n\n assert response[\"success\"] == false\n\n assert Jason.decode!(response[\"output\"]) == %{\n \"error\" => %{\n \"message\" => \"Linear GraphQL tool execution failed.\",\n \"reason\" => \":boom\"\n }\n }\n end\n\n test \"linear_graphql falls back to inspect for non-JSON payloads\" do\n response =\n DynamicTool.execute(\n \"linear_graphql\",\n %{\"query\" => \"query Viewer { viewer { id } }\"},\n linear_client: fn _query, _variables, _opts -> {:ok, :ok} end\n )\n\n assert response[\"success\"] == true\n assert response[\"output\"] == \":ok\"\n end\nend\n" }, { "path": "elixir/test/symphony_elixir/extensions_test.exs", "content": "defmodule SymphonyElixir.ExtensionsTest do\n use SymphonyElixir.TestSupport\n\n import Phoenix.ConnTest\n import Phoenix.LiveViewTest\n\n alias SymphonyElixir.Linear.Adapter\n alias SymphonyElixir.Tracker.Memory\n\n @endpoint SymphonyElixirWeb.Endpoint\n\n defmodule FakeLinearClient do\n def fetch_candidate_issues do\n send(self(), :fetch_candidate_issues_called)\n {:ok, [:candidate]}\n end\n\n def fetch_issues_by_states(states) do\n send(self(), {:fetch_issues_by_states_called, states})\n {:ok, states}\n end\n\n def fetch_issue_states_by_ids(issue_ids) do\n send(self(), {:fetch_issue_states_by_ids_called, issue_ids})\n {:ok, issue_ids}\n end\n\n def graphql(query, variables) do\n send(self(), {:graphql_called, query, variables})\n\n case Process.get({__MODULE__, :graphql_results}) do\n [result | rest] ->\n Process.put({__MODULE__, :graphql_results}, rest)\n result\n\n _ ->\n Process.get({__MODULE__, :graphql_result})\n end\n end\n end\n\n defmodule SlowOrchestrator do\n use GenServer\n\n def start_link(opts) do\n GenServer.start_link(__MODULE__, :ok, opts)\n end\n\n def init(:ok), do: {:ok, :ok}\n\n def handle_call(:snapshot, _from, state) do\n Process.sleep(25)\n {:reply, %{}, state}\n end\n\n def handle_call(:request_refresh, _from, state) do\n {:reply, :unavailable, state}\n end\n end\n\n defmodule StaticOrchestrator do\n use GenServer\n\n def start_link(opts) do\n name = Keyword.fetch!(opts, :name)\n GenServer.start_link(__MODULE__, opts, name: name)\n end\n\n def init(opts), do: {:ok, opts}\n\n def handle_call(:snapshot, _from, state) do\n {:reply, Keyword.fetch!(state, :snapshot), state}\n end\n\n def handle_call(:request_refresh, _from, state) do\n {:reply, Keyword.get(state, :refresh, :unavailable), state}\n end\n end\n\n setup do\n linear_client_module = Application.get_env(:symphony_elixir, :linear_client_module)\n\n on_exit(fn ->\n if is_nil(linear_client_module) do\n Application.delete_env(:symphony_elixir, :linear_client_module)\n else\n Application.put_env(:symphony_elixir, :linear_client_module, linear_client_module)\n end\n end)\n\n :ok\n end\n\n setup do\n endpoint_config = Application.get_env(:symphony_elixir, SymphonyElixirWeb.Endpoint, [])\n\n on_exit(fn ->\n Application.put_env(:symphony_elixir, SymphonyElixirWeb.Endpoint, endpoint_config)\n end)\n\n :ok\n end\n\n test \"workflow store reloads changes, keeps last good workflow, and falls back when stopped\" do\n ensure_workflow_store_running()\n assert {:ok, %{prompt: \"You are an agent for this repository.\"}} = Workflow.current()\n\n write_workflow_file!(Workflow.workflow_file_path(), prompt: \"Second prompt\")\n send(WorkflowStore, :poll)\n\n assert_eventually(fn ->\n match?({:ok, %{prompt: \"Second prompt\"}}, Workflow.current())\n end)\n\n File.write!(Workflow.workflow_file_path(), \"---\\ntracker: [\\n---\\nBroken prompt\\n\")\n assert {:error, _reason} = WorkflowStore.force_reload()\n assert {:ok, %{prompt: \"Second prompt\"}} = Workflow.current()\n\n third_workflow = Path.join(Path.dirname(Workflow.workflow_file_path()), \"THIRD_WORKFLOW.md\")\n write_workflow_file!(third_workflow, prompt: \"Third prompt\")\n Workflow.set_workflow_file_path(third_workflow)\n assert {:ok, %{prompt: \"Third prompt\"}} = Workflow.current()\n\n assert :ok = Supervisor.terminate_child(SymphonyElixir.Supervisor, WorkflowStore)\n assert {:ok, %{prompt: \"Third prompt\"}} = WorkflowStore.current()\n assert :ok = WorkflowStore.force_reload()\n assert {:ok, _pid} = Supervisor.restart_child(SymphonyElixir.Supervisor, WorkflowStore)\n end\n\n test \"workflow store init stops on missing workflow file\" do\n missing_path = Path.join(Path.dirname(Workflow.workflow_file_path()), \"MISSING_WORKFLOW.md\")\n Workflow.set_workflow_file_path(missing_path)\n\n assert {:stop, {:missing_workflow_file, ^missing_path, :enoent}} = WorkflowStore.init([])\n end\n\n test \"workflow store start_link and poll callback cover missing-file error paths\" do\n ensure_workflow_store_running()\n existing_path = Workflow.workflow_file_path()\n manual_path = Path.join(Path.dirname(existing_path), \"MANUAL_WORKFLOW.md\")\n missing_path = Path.join(Path.dirname(existing_path), \"MANUAL_MISSING_WORKFLOW.md\")\n\n assert :ok = Supervisor.terminate_child(SymphonyElixir.Supervisor, WorkflowStore)\n\n Workflow.set_workflow_file_path(missing_path)\n\n assert {:error, {:missing_workflow_file, ^missing_path, :enoent}} =\n WorkflowStore.force_reload()\n\n write_workflow_file!(manual_path, prompt: \"Manual workflow prompt\")\n Workflow.set_workflow_file_path(manual_path)\n\n assert {:ok, manual_pid} = WorkflowStore.start_link()\n assert Process.alive?(manual_pid)\n\n state = :sys.get_state(manual_pid)\n File.write!(manual_path, \"---\\ntracker: [\\n---\\nBroken prompt\\n\")\n assert {:noreply, returned_state} = WorkflowStore.handle_info(:poll, state)\n assert returned_state.workflow.prompt == \"Manual workflow prompt\"\n refute returned_state.stamp == nil\n assert_receive :poll, 1_100\n\n Workflow.set_workflow_file_path(missing_path)\n assert {:noreply, path_error_state} = WorkflowStore.handle_info(:poll, returned_state)\n assert path_error_state.workflow.prompt == \"Manual workflow prompt\"\n assert_receive :poll, 1_100\n\n Workflow.set_workflow_file_path(manual_path)\n File.rm!(manual_path)\n assert {:noreply, removed_state} = WorkflowStore.handle_info(:poll, path_error_state)\n assert removed_state.workflow.prompt == \"Manual workflow prompt\"\n assert_receive :poll, 1_100\n\n Process.exit(manual_pid, :normal)\n restart_result = Supervisor.restart_child(SymphonyElixir.Supervisor, WorkflowStore)\n\n assert match?({:ok, _pid}, restart_result) or\n match?({:error, {:already_started, _pid}}, restart_result)\n\n Workflow.set_workflow_file_path(existing_path)\n WorkflowStore.force_reload()\n end\n\n test \"tracker delegates to memory and linear adapters\" do\n issue = %Issue{id: \"issue-1\", identifier: \"MT-1\", state: \"In Progress\"}\n Application.put_env(:symphony_elixir, :memory_tracker_issues, [issue, %{id: \"ignored\"}])\n Application.put_env(:symphony_elixir, :memory_tracker_recipient, self())\n write_workflow_file!(Workflow.workflow_file_path(), tracker_kind: \"memory\")\n\n assert Config.settings!().tracker.kind == \"memory\"\n assert SymphonyElixir.Tracker.adapter() == Memory\n assert {:ok, [^issue]} = SymphonyElixir.Tracker.fetch_candidate_issues()\n assert {:ok, [^issue]} = SymphonyElixir.Tracker.fetch_issues_by_states([\" in progress \", 42])\n assert {:ok, [^issue]} = SymphonyElixir.Tracker.fetch_issue_states_by_ids([\"issue-1\"])\n assert :ok = SymphonyElixir.Tracker.create_comment(\"issue-1\", \"comment\")\n assert :ok = SymphonyElixir.Tracker.update_issue_state(\"issue-1\", \"Done\")\n assert_receive {:memory_tracker_comment, \"issue-1\", \"comment\"}\n assert_receive {:memory_tracker_state_update, \"issue-1\", \"Done\"}\n\n Application.delete_env(:symphony_elixir, :memory_tracker_recipient)\n assert :ok = Memory.create_comment(\"issue-1\", \"quiet\")\n assert :ok = Memory.update_issue_state(\"issue-1\", \"Quiet\")\n\n write_workflow_file!(Workflow.workflow_file_path(), tracker_kind: \"linear\")\n assert SymphonyElixir.Tracker.adapter() == Adapter\n end\n\n test \"linear adapter delegates reads and validates mutation responses\" do\n Application.put_env(:symphony_elixir, :linear_client_module, FakeLinearClient)\n\n assert {:ok, [:candidate]} = Adapter.fetch_candidate_issues()\n assert_receive :fetch_candidate_issues_called\n\n assert {:ok, [\"Todo\"]} = Adapter.fetch_issues_by_states([\"Todo\"])\n assert_receive {:fetch_issues_by_states_called, [\"Todo\"]}\n\n assert {:ok, [\"issue-1\"]} = Adapter.fetch_issue_states_by_ids([\"issue-1\"])\n assert_receive {:fetch_issue_states_by_ids_called, [\"issue-1\"]}\n\n Process.put(\n {FakeLinearClient, :graphql_result},\n {:ok, %{\"data\" => %{\"commentCreate\" => %{\"success\" => true}}}}\n )\n\n assert :ok = Adapter.create_comment(\"issue-1\", \"hello\")\n assert_receive {:graphql_called, create_comment_query, %{body: \"hello\", issueId: \"issue-1\"}}\n assert create_comment_query =~ \"commentCreate\"\n\n Process.put(\n {FakeLinearClient, :graphql_result},\n {:ok, %{\"data\" => %{\"commentCreate\" => %{\"success\" => false}}}}\n )\n\n assert {:error, :comment_create_failed} =\n Adapter.create_comment(\"issue-1\", \"broken\")\n\n Process.put({FakeLinearClient, :graphql_result}, {:error, :boom})\n\n assert {:error, :boom} = Adapter.create_comment(\"issue-1\", \"boom\")\n\n Process.put({FakeLinearClient, :graphql_result}, {:ok, %{\"data\" => %{}}})\n assert {:error, :comment_create_failed} = Adapter.create_comment(\"issue-1\", \"weird\")\n\n Process.put({FakeLinearClient, :graphql_result}, :unexpected)\n assert {:error, :comment_create_failed} = Adapter.create_comment(\"issue-1\", \"odd\")\n\n Process.put(\n {FakeLinearClient, :graphql_results},\n [\n {:ok,\n %{\n \"data\" => %{\n \"issue\" => %{\"team\" => %{\"states\" => %{\"nodes\" => [%{\"id\" => \"state-1\"}]}}}\n }\n }},\n {:ok, %{\"data\" => %{\"issueUpdate\" => %{\"success\" => true}}}}\n ]\n )\n\n assert :ok = Adapter.update_issue_state(\"issue-1\", \"Done\")\n assert_receive {:graphql_called, state_lookup_query, %{issueId: \"issue-1\", stateName: \"Done\"}}\n assert state_lookup_query =~ \"states\"\n\n assert_receive {:graphql_called, update_issue_query, %{issueId: \"issue-1\", stateId: \"state-1\"}}\n\n assert update_issue_query =~ \"issueUpdate\"\n\n Process.put(\n {FakeLinearClient, :graphql_results},\n [\n {:ok,\n %{\n \"data\" => %{\n \"issue\" => %{\"team\" => %{\"states\" => %{\"nodes\" => [%{\"id\" => \"state-1\"}]}}}\n }\n }},\n {:ok, %{\"data\" => %{\"issueUpdate\" => %{\"success\" => false}}}}\n ]\n )\n\n assert {:error, :issue_update_failed} =\n Adapter.update_issue_state(\"issue-1\", \"Broken\")\n\n Process.put({FakeLinearClient, :graphql_results}, [{:error, :boom}])\n\n assert {:error, :boom} = Adapter.update_issue_state(\"issue-1\", \"Boom\")\n\n Process.put({FakeLinearClient, :graphql_results}, [{:ok, %{\"data\" => %{}}}])\n assert {:error, :state_not_found} = Adapter.update_issue_state(\"issue-1\", \"Missing\")\n\n Process.put(\n {FakeLinearClient, :graphql_results},\n [\n {:ok,\n %{\n \"data\" => %{\n \"issue\" => %{\"team\" => %{\"states\" => %{\"nodes\" => [%{\"id\" => \"state-1\"}]}}}\n }\n }},\n {:ok, %{\"data\" => %{}}}\n ]\n )\n\n assert {:error, :issue_update_failed} = Adapter.update_issue_state(\"issue-1\", \"Weird\")\n\n Process.put(\n {FakeLinearClient, :graphql_results},\n [\n {:ok,\n %{\n \"data\" => %{\n \"issue\" => %{\"team\" => %{\"states\" => %{\"nodes\" => [%{\"id\" => \"state-1\"}]}}}\n }\n }},\n :unexpected\n ]\n )\n\n assert {:error, :issue_update_failed} = Adapter.update_issue_state(\"issue-1\", \"Odd\")\n end\n\n test \"phoenix observability api preserves state, issue, and refresh responses\" do\n snapshot = static_snapshot()\n orchestrator_name = Module.concat(__MODULE__, :ObservabilityApiOrchestrator)\n\n {:ok, _pid} =\n StaticOrchestrator.start_link(\n name: orchestrator_name,\n snapshot: snapshot,\n refresh: %{\n queued: true,\n coalesced: false,\n requested_at: DateTime.utc_now(),\n operations: [\"poll\", \"reconcile\"]\n }\n )\n\n start_test_endpoint(orchestrator: orchestrator_name, snapshot_timeout_ms: 50)\n\n conn = get(build_conn(), \"/api/v1/state\")\n state_payload = json_response(conn, 200)\n\n assert state_payload == %{\n \"generated_at\" => state_payload[\"generated_at\"],\n \"counts\" => %{\"running\" => 1, \"retrying\" => 1},\n \"running\" => [\n %{\n \"issue_id\" => \"issue-http\",\n \"issue_identifier\" => \"MT-HTTP\",\n \"state\" => \"In Progress\",\n \"worker_host\" => nil,\n \"workspace_path\" => nil,\n \"session_id\" => \"thread-http\",\n \"turn_count\" => 7,\n \"last_event\" => \"notification\",\n \"last_message\" => \"rendered\",\n \"started_at\" => state_payload[\"running\"] |> List.first() |> Map.fetch!(\"started_at\"),\n \"last_event_at\" => nil,\n \"tokens\" => %{\"input_tokens\" => 4, \"output_tokens\" => 8, \"total_tokens\" => 12}\n }\n ],\n \"retrying\" => [\n %{\n \"issue_id\" => \"issue-retry\",\n \"issue_identifier\" => \"MT-RETRY\",\n \"attempt\" => 2,\n \"due_at\" => state_payload[\"retrying\"] |> List.first() |> Map.fetch!(\"due_at\"),\n \"error\" => \"boom\",\n \"worker_host\" => nil,\n \"workspace_path\" => nil\n }\n ],\n \"codex_totals\" => %{\n \"input_tokens\" => 4,\n \"output_tokens\" => 8,\n \"total_tokens\" => 12,\n \"seconds_running\" => 42.5\n },\n \"rate_limits\" => %{\"primary\" => %{\"remaining\" => 11}}\n }\n\n conn = get(build_conn(), \"/api/v1/MT-HTTP\")\n issue_payload = json_response(conn, 200)\n\n assert issue_payload == %{\n \"issue_identifier\" => \"MT-HTTP\",\n \"issue_id\" => \"issue-http\",\n \"status\" => \"running\",\n \"workspace\" => %{\n \"path\" => Path.join(Config.settings!().workspace.root, \"MT-HTTP\"),\n \"host\" => nil\n },\n \"attempts\" => %{\"restart_count\" => 0, \"current_retry_attempt\" => 0},\n \"running\" => %{\n \"worker_host\" => nil,\n \"workspace_path\" => nil,\n \"session_id\" => \"thread-http\",\n \"turn_count\" => 7,\n \"state\" => \"In Progress\",\n \"started_at\" => issue_payload[\"running\"][\"started_at\"],\n \"last_event\" => \"notification\",\n \"last_message\" => \"rendered\",\n \"last_event_at\" => nil,\n \"tokens\" => %{\"input_tokens\" => 4, \"output_tokens\" => 8, \"total_tokens\" => 12}\n },\n \"retry\" => nil,\n \"logs\" => %{\"codex_session_logs\" => []},\n \"recent_events\" => [],\n \"last_error\" => nil,\n \"tracked\" => %{}\n }\n\n conn = get(build_conn(), \"/api/v1/MT-RETRY\")\n\n assert %{\"status\" => \"retrying\", \"retry\" => %{\"attempt\" => 2, \"error\" => \"boom\"}} =\n json_response(conn, 200)\n\n conn = get(build_conn(), \"/api/v1/MT-MISSING\")\n\n assert json_response(conn, 404) == %{\n \"error\" => %{\"code\" => \"issue_not_found\", \"message\" => \"Issue not found\"}\n }\n\n conn = post(build_conn(), \"/api/v1/refresh\", %{})\n\n assert %{\"queued\" => true, \"coalesced\" => false, \"operations\" => [\"poll\", \"reconcile\"]} =\n json_response(conn, 202)\n end\n\n test \"phoenix observability api preserves 405, 404, and unavailable behavior\" do\n unavailable_orchestrator = Module.concat(__MODULE__, :UnavailableOrchestrator)\n start_test_endpoint(orchestrator: unavailable_orchestrator, snapshot_timeout_ms: 5)\n\n assert json_response(post(build_conn(), \"/api/v1/state\", %{}), 405) ==\n %{\"error\" => %{\"code\" => \"method_not_allowed\", \"message\" => \"Method not allowed\"}}\n\n assert json_response(get(build_conn(), \"/api/v1/refresh\"), 405) ==\n %{\"error\" => %{\"code\" => \"method_not_allowed\", \"message\" => \"Method not allowed\"}}\n\n assert json_response(post(build_conn(), \"/\", %{}), 405) ==\n %{\"error\" => %{\"code\" => \"method_not_allowed\", \"message\" => \"Method not allowed\"}}\n\n assert json_response(post(build_conn(), \"/api/v1/MT-1\", %{}), 405) ==\n %{\"error\" => %{\"code\" => \"method_not_allowed\", \"message\" => \"Method not allowed\"}}\n\n assert json_response(get(build_conn(), \"/unknown\"), 404) ==\n %{\"error\" => %{\"code\" => \"not_found\", \"message\" => \"Route not found\"}}\n\n state_payload = json_response(get(build_conn(), \"/api/v1/state\"), 200)\n\n assert state_payload ==\n %{\n \"generated_at\" => state_payload[\"generated_at\"],\n \"error\" => %{\"code\" => \"snapshot_unavailable\", \"message\" => \"Snapshot unavailable\"}\n }\n\n assert json_response(post(build_conn(), \"/api/v1/refresh\", %{}), 503) ==\n %{\n \"error\" => %{\n \"code\" => \"orchestrator_unavailable\",\n \"message\" => \"Orchestrator is unavailable\"\n }\n }\n end\n\n test \"phoenix observability api preserves snapshot timeout behavior\" do\n timeout_orchestrator = Module.concat(__MODULE__, :TimeoutOrchestrator)\n {:ok, _pid} = SlowOrchestrator.start_link(name: timeout_orchestrator)\n start_test_endpoint(orchestrator: timeout_orchestrator, snapshot_timeout_ms: 1)\n\n timeout_payload = json_response(get(build_conn(), \"/api/v1/state\"), 200)\n\n assert timeout_payload ==\n %{\n \"generated_at\" => timeout_payload[\"generated_at\"],\n \"error\" => %{\"code\" => \"snapshot_timeout\", \"message\" => \"Snapshot timed out\"}\n }\n end\n\n test \"dashboard bootstraps liveview from embedded static assets\" do\n orchestrator_name = Module.concat(__MODULE__, :AssetOrchestrator)\n\n {:ok, _pid} =\n StaticOrchestrator.start_link(\n name: orchestrator_name,\n snapshot: static_snapshot(),\n refresh: %{\n queued: true,\n coalesced: false,\n requested_at: DateTime.utc_now(),\n operations: [\"poll\"]\n }\n )\n\n start_test_endpoint(orchestrator: orchestrator_name, snapshot_timeout_ms: 50)\n\n html = html_response(get(build_conn(), \"/\"), 200)\n assert html =~ \"/dashboard.css\"\n assert html =~ \"/vendor/phoenix_html/phoenix_html.js\"\n assert html =~ \"/vendor/phoenix/phoenix.js\"\n assert html =~ \"/vendor/phoenix_live_view/phoenix_live_view.js\"\n refute html =~ \"/assets/app.js\"\n refute html =~ \"