Skip to content

Phase 4: remote worker + web shell (SSH-first)#117

Merged
DeadWaveWave merged 5 commits intomainfrom
feat/phase-4-remote-worker-web
Mar 30, 2026
Merged

Phase 4: remote worker + web shell (SSH-first)#117
DeadWaveWave merged 5 commits intomainfrom
feat/phase-4-remote-worker-web

Conversation

@DeadWaveWave
Copy link
Copy Markdown
Owner

@DeadWaveWave DeadWaveWave commented Mar 30, 2026
edited
Loading

💡 Change Scope

  • Small Change
  • Large Change

📝 What Does This PR Do?

Implements Phase 4 (M1–M4) “Remote Worker + Web UI (SSH-first)” v0:

  • Extract reusable Control Surface HTTP server (POST /invoke, bearer token auth, connection file)
  • Add headless Node worker entry (out/main/worker.js) running the same contracts/handlers
  • Add minimal built-in web shell served by the worker (GET /) for quick debug / manual invoke
  • CLI: support --endpoint + --token for tunnels/remote + opencove worker start/status
  • Docs: add SSH-first tunnel workflow
  • Tests: worker web shell contract coverage + web UI (non-Electron) behavior differences

🏗️ Large Change Spec

1. Context & Business Logic

  • Goal: move Control Surface from Desktop-only to Worker-first without changing contracts, enabling SSH-tunneled remote execution.
  • Transport remains HTTP (/invoke) with the same { kind, id, payload } contract shape.

2. State Ownership & Invariants

  • Owner: Worker owns side effects + durable truth when used (filesystem/worktree/pty/persistence).
  • Invariant: contracts/envelope are transport-agnostic and unchanged.
  • Invariant: guardrails do not regress (approved roots remain required for filesystem/worktree actions).
  • Invariant: default security is conservative (bind 127.0.0.1 + bearer token; remote via ssh -L).

3. Verification Plan & Regression Layer

  • pnpm pre-commit (tsc + lint/format checks + vitest + playwright e2e) ✅
  • Contract tests (Node env): Control Surface HTTP server + web shell (GET /, token auth, invalid JSON)
  • Unit tests (happy-dom): web UI differences for space path actions (clipboard fallback; openers unavailable)

✅ Delivery & Compliance Checklist

  • My code passes the ultimate gatekeeper: pnpm pre-commit is completely green.
  • I have included new tests to lock down the behavior.
  • I have strictly adhered to the DEVELOPMENT.md architectural boundaries.
  • I have attached a screenshot or screen recording (if this touches the UI).
  • I have updated the documentation accordingly.

📸 Screenshots / Visual Evidence

N/A (no renderer UI changes; worker web shell is a minimal debug surface).

@DeadWaveWave
Phase 4: remote worker + web shell (SSH-first)
7ede414 
- Extract reusable control surface HTTP server (token auth + /invoke)
- Add headless worker entry + headless PTY runtime
- Make ptyHost entry support child_process IPC
- CLI: --endpoint/--token + worker start/status
- Docs: SSH tunnel workflow
@DeadWaveWave
test: cover worker web shell + web UI differences
993ab2e 
- Add node-env contract tests for control surface HTTP server + web shell
- Add web fallback for copy space path (navigator.clipboard)
- Add unit tests ensuring web UI hides open path when openers unavailable
@DeadWaveWave
chore(test): satisfy lint rules
bdf8c29 
- Avoid await-in-loop in server polling helper
- Remove unused hook state variable in unit test
@DeadWaveWave
test(e2e): add worker web-shell suite
6e542b7
@DeadWaveWave
chore(format): run prettier for web-shell e2e
e231df9
@DeadWaveWave DeadWaveWave merged commit 3e5b1fa into main Mar 30, 2026
3 checks passed
@DeadWaveWave DeadWaveWave deleted the feat/phase-4-remote-worker-web branch March 30, 2026 07:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@DeadWaveWave