herocode/herolib_rust
12
0
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: herocode:d7562ce4665c94dca59630f34c5fe6ce9cded53e
Branches Tags
herocode:development herocode:network_setup_v2 herocode:network_setup herocode:development_containers herocode:main-rfs-client
...
compare: herocode:network_setup_v2
Branches Tags
herocode:network_setup_v2 herocode:development herocode:network_setup herocode:development_containers herocode:main-rfs-client

19 Commits
d7562ce466 ... network_se

Author SHA1 Message Date
Maxime Van Hees
f8436a726e cleanup 2 2025-09-09 14:25:09 +02:00
Maxime Van Hees
182b0edeb7 cleanup 2025-09-09 10:31:07 +02:00
Maxime Van Hees
f5670f20be rewrite builder pattern + clean script as template 2025-09-03 15:38:52 +02:00
Maxime Van Hees
0f4ed1d64d working VM setup 2025-09-02 15:17:52 +02:00
Maxime Van Hees
f4512b66cf wip 2025-09-01 16:12:50 +02:00
Maxime Van Hees
da3da0ae30 working ipv6 ip assignment + ssh with login/passwd 2025-08-28 15:19:37 +02:00
Maxime Van Hees
784f87db97 WIP2 2025-08-27 16:03:32 +02:00
Maxime Van Hees
773db2238d working version 1 2025-08-26 17:46:42 +02:00
Maxime Van Hees
e8a369e3a2 WIP2 2025-08-26 17:43:20 +02:00
Maxime Van Hees
4b4f3371b0 WIP: automating VM deployment 2025-08-26 16:50:59 +02:00
Maxime Van Hees
1bb731711b (unstable) pushing WIP 2025-08-25 15:25:00 +02:00
Maxime Van Hees
af89ef0149 networking VMs (WIP) 2025-08-21 18:57:20 +02:00
Maxime Van Hees
768e3e176d fixed overlapping workspace roots 2025-08-21 16:20:15 +02:00
Timur Gordon
aa0248ef17 move rhailib to herolib 2025-08-21 14:32:24 +02:00
Maxime Van Hees
aab2b6f128 fixed cloud hypervisor issues + updated test script (working now) 2025-08-21 13:32:03 +02:00
Maxime Van Hees
d735316b7f cloud-hypervisor SAL + rhai test script for it 2025-08-20 18:01:21 +02:00
Maxime Van Hees
d1c80863b8 fixed test script errors 2025-08-20 15:42:12 +02:00
Maxime Van Hees
169c62da47 Merge branch 'development' of https://git.ourworld.tf/herocode/herolib_rust into development 2025-08-20 14:45:57 +02:00
Maxime Van Hees
33a5f24981 qcow2 SAL + rhai script to test functionality 2025-08-20 14:44:29 +02:00
144 changed files with 21594 additions and 4 deletions
Expand all files Collapse all files

1
Cargo.toml
View File

@@ -28,6 +28,7 @@ members = [
"packages/system/process",
"packages/system/virt",
"rhai",
"rhailib",
"herodo",
"packages/clients/hetznerclient",
]

8
herodo/src/lib.rs
View File

@@ -33,9 +33,11 @@ pub fn run(script_path: &str) -> Result<(), Box<dyn Error>> {
// TODO: if we create a scope here we could clean up all the different functionsand types regsitered wit the engine
// We should generalize the way we add things to the scope for each module sepeartely
let mut scope = Scope::new();
// TODO: this should be done for the other clients as well (but not here of course, in each module)
let hetzner_client = sal::hetzner::api::Client::new(sal::hetzner::config::Config::from_env().unwrap());
scope.push("hetzner", hetzner_client);
// Conditionally add Hetzner client only when env config is present
if let Ok(cfg) = sal::hetzner::config::Config::from_env() {
let hetzner_client = sal::hetzner::api::Client::new(cfg);
scope.push("hetzner", hetzner_client);
}
// This makes it easy to call e.g. `hetzner.get_server()` or `mycelium.get_connected_peers()`
// --> without the need of manually created a client for each one first
// --> could be conditionally compiled to only use those who we need (we only push the things to the scope that we actually need to run the script)

208
packages/system/virt/src/cloudhv/builder.rs Normal file
View File

@@ -0,0 +1,208 @@
use crate::cloudhv::{vm_create, vm_start, CloudHvError, VmSpec};
use crate::image_prep::{image_prepare, Flavor as ImgFlavor, ImagePrepOptions, NetPlanOpts};
use crate::cloudhv::net::{NetworkingProfileSpec, DefaultNatOptions, BridgeOptions};
/// Cloud Hypervisor VM Builder focused on Rhai ergonomics.
///
/// Defaults enforced:
/// - kernel: /images/hypervisor-fw (firmware file in images directory)
/// - seccomp: false (pushed via extra args)
/// - serial: tty, console: off (already added by vm_start)
/// - cmdline: "console=ttyS0 root=/dev/vda1 rw"
/// - vcpus: 2
/// - memory_mb: 2048
///
/// Disk can be provided directly or prepared from a flavor (/images source).
#[derive(Debug, Clone)]
pub struct CloudHvBuilder {
id: String,
disk_path: Option<String>,
flavor: Option<ImgFlavor>,
memory_mb: u32,
vcpus: u32,
cmdline: Option<String>,
extra_args: Vec<String>,
no_default_net: bool,
/// Optional networking profile driving host provisioning and NIC injection
net_profile: Option<NetworkingProfileSpec>,
}
impl CloudHvBuilder {
pub fn new(id: &str) -> Self {
Self {
id: id.to_string(),
disk_path: None,
flavor: None,
memory_mb: 2048,
vcpus: 2,
cmdline: Some("console=ttyS0 root=/dev/vda1 rw".to_string()),
// Enforce --seccomp false by default using extra args
extra_args: vec!["--seccomp".into(), "false".into()],
no_default_net: false,
net_profile: None,
}
}
pub fn disk(&mut self, path: &str) -> &mut Self {
self.disk_path = Some(path.to_string());
self.flavor = None;
self
}
pub fn disk_from_flavor(&mut self, flavor: &str) -> &mut Self {
let f = match flavor {
"ubuntu" | "Ubuntu" | "UBUNTU" => ImgFlavor::Ubuntu,
"alpine" | "Alpine" | "ALPINE" => ImgFlavor::Alpine,
_ => ImgFlavor::Ubuntu,
};
self.flavor = Some(f);
self.disk_path = None;
self
}
pub fn memory_mb(&mut self, mb: u32) -> &mut Self {
if mb > 0 {
self.memory_mb = mb;
}
self
}
pub fn vcpus(&mut self, v: u32) -> &mut Self {
if v > 0 {
self.vcpus = v;
}
self
}
pub fn cmdline(&mut self, c: &str) -> &mut Self {
self.cmdline = Some(c.to_string());
self
}
pub fn extra_arg(&mut self, a: &str) -> &mut Self {
if !a.trim().is_empty() {
self.extra_args.push(a.to_string());
}
self
}
/// Suppress the default host networking provisioning and NIC injection.
/// Internally, we set a sentinel consumed by vm_start.
pub fn no_default_net(&mut self) -> &mut Self {
self.no_default_net = true;
// add sentinel consumed in vm_start
if !self
.extra_args
.iter()
.any(|e| e.as_str() == "--no-default-net")
{
self.extra_args.push("--no-default-net".into());
}
self
}
/// Explicitly select the Default NAT networking profile (bridge + NAT + dnsmasq; IPv6 via Mycelium if enabled).
pub fn network_default_nat(&mut self) -> &mut Self {
self.net_profile = Some(NetworkingProfileSpec::DefaultNat(DefaultNatOptions::default()));
self
}
/// Explicitly select a no-network profile (no NIC injection and no host provisioning).
pub fn network_none(&mut self) -> &mut Self {
self.net_profile = Some(NetworkingProfileSpec::NoNet);
// Keep backward compatibility: also set sentinel to suppress any legacy default path
if !self
.extra_args
.iter()
.any(|e| e.as_str() == "--no-default-net")
{
self.extra_args.push("--no-default-net".into());
}
self
}
/// Ensure only bridge + tap, without NAT or DHCP (L2-only setups). Uses defaults if not overridden later.
pub fn network_bridge_only(&mut self) -> &mut Self {
self.net_profile = Some(NetworkingProfileSpec::BridgeOnly(BridgeOptions::default()));
self
}
/// Provide a custom CH --net configuration and disable host provisioning.
pub fn network_custom_cli<S: Into<String>>(&mut self, args: Vec<S>) -> &mut Self {
self.net_profile = Some(NetworkingProfileSpec::CustomCli(
args.into_iter().map(|s| s.into()).collect(),
));
self
}
/// Resolve absolute path to hypervisor-fw from /images
fn resolve_hypervisor_fw() -> Result<String, CloudHvError> {
let p = "/images/hypervisor-fw";
if std::path::Path::new(p).exists() {
Ok(p.to_string())
} else {
Err(CloudHvError::DependencyMissing(format!(
"firmware not found: {} (expected hypervisor-fw in /images)",
p
)))
}
}
/// Prepare disk if needed and return final disk path.
/// For Ubuntu flavor, this will:
/// - copy source to per-VM work qcow2
/// - mount, retag UUIDs, fstab/grub/netplan adjustments
/// - convert to raw under the VM dir and return that raw path
fn ensure_disk(&self) -> Result<String, CloudHvError> {
if let Some(p) = &self.disk_path {
return Ok(p.clone());
}
if let Some(f) = &self.flavor {
// Use defaults: DHCPv4, placeholder static IPv6
let opts = ImagePrepOptions {
flavor: f.clone(),
id: self.id.clone(),
source: None,
target_dir: None,
net: NetPlanOpts::default(),
disable_cloud_init_net: true,
};
let res = image_prepare(&opts).map_err(|e| CloudHvError::CommandFailed(e.to_string()))?;
return Ok(res.raw_disk);
}
Err(CloudHvError::InvalidSpec(
"no disk configured; set .disk(path) or .disk_from_flavor(flavor)".into(),
))
}
/// Build final VmSpec and start the VM.
pub fn launch(&mut self) -> Result<String, CloudHvError> {
// Resolve hypervisor-fw absolute path
let kernel_path = Self::resolve_hypervisor_fw()?;
// Disk
let disk_path = self.ensure_disk()?;
let spec = VmSpec {
id: self.id.clone(),
// We use direct kernel boot with hypervisor-fw per requirements.
kernel_path: Some(kernel_path),
initramfs_path: None,
firmware_path: None,
disk_path,
api_socket: "".into(),
vcpus: self.vcpus,
memory_mb: self.memory_mb,
cmdline: self.cmdline.clone(),
extra_args: if self.extra_args.is_empty() {
None
} else {
Some(self.extra_args.clone())
},
net_profile: self.net_profile.clone(),
};
let id = vm_create(&spec)?;
vm_start(&id)?;
Ok(id)
}
}

952
packages/system/virt/src/cloudhv/mod.rs Normal file
View File

@@ -0,0 +1,952 @@
use serde::{Deserialize, Serialize};
use std::error::Error;
use std::fmt;
use std::fs;
use std::path::{Path, PathBuf};
use std::thread;
use std::time::Duration;
use sal_os;
use sal_process;
use crate::qcow2;
use crate::cloudhv::net::{NetworkingProfileSpec, DefaultNatOptions};
pub mod builder;
pub mod net;
/// Error type for Cloud Hypervisor operations
#[derive(Debug)]
pub enum CloudHvError {
CommandFailed(String),
IoError(String),
JsonError(String),
DependencyMissing(String),
InvalidSpec(String),
NotFound(String),
}
impl fmt::Display for CloudHvError {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
match self {
CloudHvError::CommandFailed(e) => write!(f, "{}", e),
CloudHvError::IoError(e) => write!(f, "IO error: {}", e),
CloudHvError::JsonError(e) => write!(f, "JSON error: {}", e),
CloudHvError::DependencyMissing(e) => write!(f, "Dependency missing: {}", e),
CloudHvError::InvalidSpec(e) => write!(f, "Invalid spec: {}", e),
CloudHvError::NotFound(e) => write!(f, "{}", e),
}
}
}
impl Error for CloudHvError {}
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct VmSpec {
pub id: String,
/// Optional for firmware boot; required for direct kernel boot
pub kernel_path: Option<String>,
/// Optional initramfs when using direct kernel boot
pub initramfs_path: Option<String>,
/// Optional for direct kernel boot; required for firmware boot
pub firmware_path: Option<String>,
/// Disk image path (qcow2 or raw)
pub disk_path: String,
/// API socket path for ch-remote and management
pub api_socket: String,
/// vCPUs to boot with
pub vcpus: u32,
/// Memory in MB
pub memory_mb: u32,
/// Kernel cmdline (only used for direct kernel boot)
pub cmdline: Option<String>,
/// Extra args (raw) if you need to extend; keep minimal for Phase 2
pub extra_args: Option<Vec<String>>,
/// Optional networking profile; when None, behavior follows explicit --net/--no-default-net or defaults
#[serde(default)]
pub net_profile: Option<NetworkingProfileSpec>,
}
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct VmRuntime {
/// PID of cloud-hypervisor process if running
pub pid: Option<i64>,
/// Last known status: "stopped" | "running"
pub status: String,
/// Console log file path
pub log_file: String,
/// Bridge name used for networking discovery (if applicable)
#[serde(default)]
pub bridge_name: Option<String>,
/// dnsmasq lease file used (if applicable)
#[serde(default)]
pub lease_file: Option<String>,
/// Stable MAC used for NIC injection (derived from VM id)
#[serde(default)]
pub mac: Option<String>,
}
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct VmRecord {
pub spec: VmSpec,
pub runtime: VmRuntime,
}
fn ensure_deps() -> Result<(), CloudHvError> {
if sal_process::which("cloud-hypervisor-static").is_none() {
return Err(CloudHvError::DependencyMissing(
"cloud-hypervisor-static not found on PATH. Install Cloud Hypervisor static binary.".into(),
));
}
if sal_process::which("ch-remote-static").is_none() {
return Err(CloudHvError::DependencyMissing(
"ch-remote-static not found on PATH. Install Cloud Hypervisor tools (static).".into(),
));
}
Ok(())
}
fn hero_vm_root() -> PathBuf {
let home = std::env::var("HOME").unwrap_or_else(|_| "/tmp".into());
Path::new(&home).join("hero/virt/vms")
}
fn vm_dir(id: &str) -> PathBuf {
hero_vm_root().join(id)
}
fn vm_json_path(id: &str) -> PathBuf {
vm_dir(id).join("vm.json")
}
// Attempt to resolve a VM record across both the current user's HOME and root HOME.
// This handles cases where the VM was created/launched under sudo (HOME=/root).
fn resolve_vm_json_path(id: &str) -> Option<PathBuf> {
let candidates = vec![
hero_vm_root(), // $HOME/hero/virt/vms
Path::new("/root/hero/virt/vms").to_path_buf(),
];
for base in candidates {
let p = base.join(id).join("vm.json");
if p.exists() {
return Some(p);
}
}
None
}
fn vm_log_path(id: &str) -> PathBuf {
vm_dir(id).join("logs/console.log")
}
/// Attempt to resolve an API socket across both the current user's HOME and root HOME.
/// This handles cases where the VM was launched under sudo (HOME=/root).
fn resolve_vm_api_socket_path(id: &str) -> Option<PathBuf> {
let candidates = vec![
hero_vm_root(), // $HOME/hero/virt/vms
Path::new("/root/hero/virt/vms").to_path_buf(),
];
for base in candidates {
let p = base.join(id).join("api.sock");
if p.exists() {
return Some(p);
}
}
None
}
/// Query cloud-hypervisor for the first NIC's tap and mac via ch-remote-static.
/// Returns (tap_name, mac_lower) if successful.
fn ch_query_tap_mac(api_sock: &Path) -> Option<(String, String)> {
let cmd = format!(
"ch-remote-static --api-socket {} info",
shell_escape(&api_sock.to_string_lossy())
);
if let Ok(res) = sal_process::run(&cmd).silent(true).die(false).execute() {
if res.success {
if let Ok(v) = serde_json::from_str::<serde_json::Value>(&res.stdout) {
if let Some(net0) = v
.get("config")
.and_then(|c| c.get("net"))
.and_then(|n| n.get(0))
{
let tap = net0.get("tap").and_then(|t| t.as_str()).unwrap_or("").to_string();
let mac = net0.get("mac").and_then(|m| m.as_str()).unwrap_or("").to_string();
if !tap.is_empty() && !mac.is_empty() {
return Some((tap, mac.to_lowercase()));
}
}
}
}
}
None
}
/// Infer the bridge name a tap device is attached to by parsing `ip -o link show <tap>` output.
fn bridge_name_for_tap(tap: &str) -> Option<String> {
let cmd = format!("ip -o link show {}", shell_escape(tap));
if let Ok(res) = sal_process::run(&cmd).silent(true).die(false).execute() {
if res.success {
for line in res.stdout.lines() {
if let Some(idx) = line.find(" master ") {
let rest = &line[idx + " master ".len()..];
let name = rest.split_whitespace().next().unwrap_or("");
if !name.is_empty() {
return Some(name.to_string());
}
}
}
}
}
None
}
fn vm_pid_path(id: &str) -> PathBuf {
vm_dir(id).join("pid")
}
fn write_json(path: &Path, value: &serde_json::Value) -> Result<(), CloudHvError> {
if let Some(parent) = path.parent() {
fs::create_dir_all(parent).map_err(|e| CloudHvError::IoError(e.to_string()))?;
}
let s = serde_json::to_string_pretty(value).map_err(|e| CloudHvError::JsonError(e.to_string()))?;
fs::write(path, s).map_err(|e| CloudHvError::IoError(e.to_string()))
}
fn read_json(path: &Path) -> Result<serde_json::Value, CloudHvError> {
let content = fs::read_to_string(path).map_err(|e| CloudHvError::IoError(e.to_string()))?;
serde_json::from_str(&content).map_err(|e| CloudHvError::JsonError(e.to_string()))
}
fn proc_exists(pid: i64) -> bool {
#[cfg(target_os = "linux")]
{
Path::new(&format!("/proc/{}", pid)).exists()
}
#[cfg(not(target_os = "linux"))]
{
// Minimal check for non-Linux; try a kill -0 style command
let res = sal_process::run(&format!("kill -0 {}", pid)).die(false).silent(true).execute();
res.map(|r| r.success).unwrap_or(false)
}
}
/// Create and persist a VM spec
pub fn vm_create(spec: &VmSpec) -> Result<String, CloudHvError> {
// Validate inputs minimally
if spec.id.trim().is_empty() {
return Err(CloudHvError::InvalidSpec("spec.id must not be empty".into()));
}
// Validate boot method: either firmware_path exists or kernel_path exists
let has_fw = spec
.firmware_path
.as_ref()
.map(|p| Path::new(p).exists())
.unwrap_or(false);
let has_kernel = spec
.kernel_path
.as_ref()
.map(|p| Path::new(p).exists())
.unwrap_or(false);
if !(has_fw || has_kernel) {
return Err(CloudHvError::InvalidSpec(
"either firmware_path or kernel_path must be set to an existing file".into(),
));
}
if !Path::new(&spec.disk_path).exists() {
return Err(CloudHvError::InvalidSpec(format!(
"disk_path not found: {}",
&spec.disk_path
)));
}
if spec.vcpus == 0 {
return Err(CloudHvError::InvalidSpec("vcpus must be >= 1".into()));
}
if spec.memory_mb == 0 {
return Err(CloudHvError::InvalidSpec("memory_mb must be >= 128".into()));
}
// If a VM with this id already exists, ensure it's not running to avoid clobber + resource conflicts
let json_path = vm_json_path(&spec.id);
if json_path.exists() {
if let Ok(value) = read_json(&json_path) {
if let Ok(existing) = serde_json::from_value::<VmRecord>(value.clone()) {
if let Some(pid) = existing.runtime.pid {
if proc_exists(pid) {
return Err(CloudHvError::CommandFailed(format!(
"VM '{}' already exists and is running with pid {}. Stop or delete it first, or choose a different id.",
spec.id, pid
)));
}
}
}
}
}
// Prepare directory layout
let dir = vm_dir(&spec.id);
sal_os::mkdir(
dir.to_str()
.unwrap_or_else(|| "/tmp/hero/virt/vms/__invalid__"),
)
.map_err(|e| CloudHvError::IoError(e.to_string()))?;
let log_dir = dir.join("logs");
sal_os::mkdir(log_dir.to_str().unwrap()).map_err(|e| CloudHvError::IoError(e.to_string()))?;
// Build runtime (preserve prior metadata if present; will be refreshed on start)
let mut runtime = VmRuntime {
pid: None,
status: "stopped".into(),
log_file: vm_log_path(&spec.id).to_string_lossy().into_owned(),
bridge_name: None,
lease_file: None,
mac: None,
};
if json_path.exists() {
if let Ok(value) = read_json(&json_path) {
if let Ok(existing) = serde_json::from_value::<VmRecord>(value) {
if !existing.runtime.log_file.is_empty() {
runtime.log_file = existing.runtime.log_file;
}
runtime.bridge_name = existing.runtime.bridge_name;
runtime.lease_file = existing.runtime.lease_file;
runtime.mac = existing.runtime.mac;
}
}
}
// Persist record (spec updated, runtime preserved/reset to stopped)
let rec = VmRecord {
spec: spec.clone(),
runtime,
};
let value = serde_json::to_value(&rec).map_err(|e| CloudHvError::JsonError(e.to_string()))?;
write_json(&json_path, &value)?;
Ok(spec.id.clone())
}
/// Start a VM using cloud-hypervisor
pub fn vm_start(id: &str) -> Result<(), CloudHvError> {
ensure_deps()?;
// Load record
let p = vm_json_path(id);
if !p.exists() {
return Err(CloudHvError::NotFound(format!("VM '{}' not found", id)));
}
let value = read_json(&p)?;
let mut rec: VmRecord =
serde_json::from_value(value).map_err(|e| CloudHvError::JsonError(e.to_string()))?;
// Prepare invocation
let api_socket = if rec.spec.api_socket.trim().is_empty() {
vm_dir(id).join("api.sock").to_string_lossy().into_owned()
} else {
rec.spec.api_socket.clone()
};
let log_file = vm_log_path(id).to_string_lossy().into_owned();
// Ensure API socket directory exists and remove any stale socket file
let api_path = Path::new(&api_socket);
if let Some(parent) = api_path.parent() {
fs::create_dir_all(parent).map_err(|e| CloudHvError::IoError(e.to_string()))?;
}
// Best-effort removal of stale socket
let _ = fs::remove_file(&api_path);
// Preflight disk: if source is qcow2, convert to raw to avoid CH "Compressed blocks not supported"
// Robust conversion:
// - Remove any stale destination
// - Try direct convert to destination file
// - On failure (e.g., byte-range lock issues), fallback to piping stdout into dd
let mut disk_to_use = rec.spec.disk_path.clone();
if let Ok(info) = qcow2::info(&disk_to_use) {
if info.get("format").and_then(|v| v.as_str()) == Some("qcow2") {
let dest = vm_dir(id).join("disk.raw").to_string_lossy().into_owned();
// Best-effort remove stale target file to avoid locking errors
let _ = fs::remove_file(&dest);
// Attempt 1: normal qemu-img convert to dest file
let cmd1 = format!(
"qemu-img convert -O raw {} {}",
shell_escape(&disk_to_use),
shell_escape(&dest)
);
let attempt1 = sal_process::run(&cmd1).silent(true).die(false).execute();
let mut converted_ok = false;
let mut err1: Option<String> = None;
if let Ok(res) = attempt1 {
if res.success {
converted_ok = true;
} else {
err1 = Some(format!("{}{}", res.stdout, res.stderr));
}
} else if let Err(e) = attempt1 {
err1 = Some(e.to_string());
}
if !converted_ok {
// Attempt 2: pipe via stdout into dd (avoids qemu-img destination locking semantics on some FS)
let heredoc2 = format!(
"bash -e -s <<'EOF'\nset -euo pipefail\nqemu-img convert -O raw {} - | dd of={} bs=4M status=none\nEOF\n",
shell_escape(&disk_to_use),
shell_escape(&dest)
);
match sal_process::run(&heredoc2).silent(true).die(false).execute() {
Ok(res) if res.success => {
converted_ok = true;
}
Ok(res) => {
let mut msg = String::from("Failed converting qcow2 to raw.");
if let Some(e1) = err1 {
msg.push_str(&format!("\nFirst attempt error:\n{}", e1));
}
msg.push_str(&format!("\nSecond attempt error:\n{}{}", res.stdout, res.stderr));
return Err(CloudHvError::CommandFailed(msg));
}
Err(e) => {
let mut msg = String::from("Failed converting qcow2 to raw.");
if let Some(e1) = err1 {
msg.push_str(&format!("\nFirst attempt error:\n{}", e1));
}
msg.push_str(&format!("\nSecond attempt error:\n{}", e));
return Err(CloudHvError::CommandFailed(msg));
}
}
}
if converted_ok {
disk_to_use = dest;
}
}
}
// Consolidate extra --disk occurrences from spec.extra_args into a single --disk (CH version requires variadic form)
// Collect disk value tokens provided by the user and strip them from extra args so we can render one '--disk' followed by multiple values.
let mut extra_disk_vals: Vec<String> = Vec::new();
let mut extra_args_sans_disks: Vec<String> = Vec::new();
if let Some(extra) = rec.spec.extra_args.clone() {
let mut i = 0usize;
while i < extra.len() {
let tok = extra[i].clone();
if tok == "--disk" {
if i + 1 < extra.len() {
extra_disk_vals.push(extra[i + 1].clone());
i += 2;
continue;
} else {
// dangling --disk without value; drop it
i += 1;
continue;
}
} else if tok == "--no-default-net" {
// sentinel: suppress default networking; do not pass to CH CLI
i += 1;
continue;
} else if let Some(rest) = tok.strip_prefix("--disk=") {
if !rest.is_empty() {
extra_disk_vals.push(rest.to_string());
}
i += 1;
continue;
}
// keep token
extra_args_sans_disks.push(tok);
i += 1;
}
}
// CH CLI flags (very common subset)
// --disk path=... uses virtio-blk by default
let mut parts: Vec<String> = vec![
"cloud-hypervisor-static".into(),
"--api-socket".into(),
api_socket.clone(),
];
if let Some(fw) = rec.spec.firmware_path.clone() {
// Firmware boot path
parts.push("--firmware".into());
parts.push(fw);
} else if let Some(kpath) = rec.spec.kernel_path.clone() {
// Direct kernel boot path
let cmdline = rec
.spec
.cmdline
.clone()
.unwrap_or_else(|| "console=ttyS0 reboot=k panic=1".to_string());
parts.push("--kernel".into());
parts.push(kpath);
if let Some(initrd) = rec.spec.initramfs_path.clone() {
if Path::new(&initrd).exists() {
parts.push("--initramfs".into());
parts.push(initrd);
}
}
parts.push("--cmdline".into());
parts.push(cmdline);
} else {
return Err(CloudHvError::InvalidSpec(
"neither firmware_path nor kernel_path set at start time".into(),
));
}
parts.push("--disk".into());
parts.push(format!("path={}", disk_to_use));
// Append any additional disk value tokens (from sanitized extra args) so CH sees a single '--disk' with multiple values
for dv in &extra_disk_vals {
parts.push(dv.clone());
}
parts.push("--cpus".into());
parts.push(format!("boot={}", rec.spec.vcpus));
parts.push("--memory".into());
parts.push(format!("size={}M", rec.spec.memory_mb));
parts.push("--serial".into());
parts.push("tty".into());
parts.push("--console".into());
parts.push("off".into());
// Determine if the user provided explicit network arguments (e.g. "--net", "tap=...,mac=...")
// If so, do NOT provision the default host networking or add a default NIC.
let has_user_net = rec
.spec
.extra_args
.as_ref()
.map(|v| v.iter().any(|tok| tok == "--net" || tok == "--no-default-net"))
.unwrap_or(false);
// Track chosen bridge/lease for later discovery
let mut bridge_for_disc: Option<String> = None;
let mut lease_for_disc: Option<String> = None;
// Determine effective networking profile
let profile_effective = if let Some(p) = rec.spec.net_profile.clone() {
Some(p)
} else if has_user_net {
// User provided explicit --net or --no-default-net; do not provision
None
} else {
// Default behavior: NAT profile
Some(NetworkingProfileSpec::DefaultNat(DefaultNatOptions::default()))
};
if let Some(profile) = profile_effective {
match profile {
NetworkingProfileSpec::DefaultNat(nat) => {
// IPv6 handling (auto via Mycelium unless disabled)
let mut ipv6_bridge_cidr: Option<String> = None;
if nat.ipv6_enable {
if let Ok(cidr) = std::env::var("HERO_VIRT_IPV6_BRIDGE_CIDR") {
// Validate mycelium iface presence if specified or default
let if_hint = nat.mycelium_if.clone().unwrap_or_else(|| "mycelium".into());
let _ = net::mycelium_ipv6_addr(&if_hint)?;
ipv6_bridge_cidr = Some(cidr);
} else {
let if_hint = nat.mycelium_if.clone().unwrap_or_else(|| "mycelium".into());
let (_ifname, myc_addr) = net::mycelium_ipv6_addr(&if_hint)?;
let (_pfx, router_cidr) = net::derive_ipv6_prefix_from_mycelium(&myc_addr)?;
ipv6_bridge_cidr = Some(router_cidr);
}
}
// Ensure bridge, NAT, and DHCP
net::ensure_bridge(&nat.bridge_name, &nat.bridge_addr_cidr, ipv6_bridge_cidr.as_deref())?;
// Derive IPv6 subnet for NAT
let ipv6_subnet = ipv6_bridge_cidr.as_ref().map(|cidr| {
let parts: Vec<&str> = cidr.split('/').collect();
if parts.len() == 2 {
let addr = parts[0];
if let Ok(ip) = addr.parse::<std::net::Ipv6Addr>() {
let seg = ip.segments();
let pfx = std::net::Ipv6Addr::new(seg[0], seg[1], seg[2], seg[3], 0, 0, 0, 0);
format!("{}/64", pfx)
} else {
"".to_string()
}
} else {
"".to_string()
}
});
net::ensure_nat(&nat.subnet_cidr, ipv6_subnet.as_deref())?;
let lease_used = net::ensure_dnsmasq(
&nat.bridge_name,
&nat.dhcp_start,
&nat.dhcp_end,
ipv6_bridge_cidr.as_deref(),
nat.lease_file.as_deref(),
)?;
bridge_for_disc = Some(nat.bridge_name.clone());
lease_for_disc = Some(lease_used.clone());
// TAP + NIC args
let tap_name = net::ensure_tap_for_vm(&nat.bridge_name, id)?;
let mac = net::stable_mac_from_id(id);
parts.push("--net".into());
parts.push(format!("tap={},mac={}", tap_name, mac));
}
NetworkingProfileSpec::BridgeOnly(opts) => {
let bridge_name = opts.bridge_name.clone();
// Use provided IPv4 if any, else env default
let bridge_addr_cidr = opts
.bridge_addr_cidr
.clone()
.unwrap_or_else(|| std::env::var("HERO_VIRT_BRIDGE_ADDR_CIDR").unwrap_or_else(|_| "172.30.0.1/24".into()));
// Ensure bridge (optional IPv6 from opts)
net::ensure_bridge(&bridge_name, &bridge_addr_cidr, opts.bridge_ipv6_cidr.as_deref())?;
// TAP + NIC only, no NAT/DHCP
let tap_name = net::ensure_tap_for_vm(&bridge_name, id)?;
let mac = net::stable_mac_from_id(id);
parts.push("--net".into());
parts.push(format!("tap={},mac={}", tap_name, mac));
// For discovery: we can attempt IPv6 neighbor; IPv4 lease not present
bridge_for_disc = Some(bridge_name);
lease_for_disc = None;
}
NetworkingProfileSpec::NoNet => {
// Do nothing
}
NetworkingProfileSpec::CustomCli(_args) => {
// Do not provision; user must add --net via extra_args
}
}
}
// Append any user-provided extra args, sans any '--disk' we already consolidated
for e in extra_args_sans_disks {
parts.push(e);
}
let args_str = shell_join(&parts);
// Execute via a bash heredoc to avoid any quoting pitfalls
let heredoc = format!(
"bash -e -s <<'EOF'\nnohup {} > '{}' 2>&1 &\necho $! > '{}'\nEOF\n",
args_str,
log_file,
vm_pid_path(id).to_string_lossy()
);
// Execute command; this will background cloud-hypervisor and return
let result = sal_process::run(&heredoc).silent(true).execute();
match result {
Ok(res) => {
if !res.success {
return Err(CloudHvError::CommandFailed(format!(
"Failed to start VM '{}': {}",
id, res.stderr
)));
}
}
Err(e) => {
return Err(CloudHvError::CommandFailed(format!(
"Failed to start VM '{}': {}",
id, e
)))
}
}
// Read PID back
let pid = match fs::read_to_string(vm_pid_path(id)) {
Ok(s) => s.trim().parse::<i64>().ok(),
Err(_) => None,
};
// Quick health check: ensure process did not exit immediately due to CLI errors (e.g., duplicate flags)
if let Some(pid_num) = pid {
thread::sleep(Duration::from_millis(300));
if !proc_exists(pid_num) {
// Tail log to surface the error cause
let tail_cmd = format!("tail -n 200 {}", shell_escape(&log_file));
let tail = sal_process::run(&tail_cmd).die(false).silent(true).execute();
let mut log_snip = String::new();
if let Ok(res) = tail {
if res.success {
log_snip = res.stdout;
} else {
log_snip = format!("{}{}", res.stdout, res.stderr);
}
}
return Err(CloudHvError::CommandFailed(format!(
"cloud-hypervisor exited immediately after start. Log tail:\n{}",
log_snip
)));
}
} else {
return Err(CloudHvError::CommandFailed(
"failed to obtain cloud-hypervisor PID (start script did not write pid)".into(),
));
}
// Update state
rec.runtime.pid = pid;
rec.runtime.status = if pid.is_some() { "running".into() } else { "stopped".into() };
rec.runtime.log_file = log_file;
rec.runtime.bridge_name = bridge_for_disc.clone();
rec.runtime.lease_file = lease_for_disc.clone();
rec.runtime.mac = Some(net::stable_mac_from_id(id));
rec.spec.api_socket = api_socket.clone();
let value = serde_json::to_value(&rec).map_err(|e| CloudHvError::JsonError(e.to_string()))?;
write_json(&vm_json_path(id), &value)?;
// Best-effort: discover guest IPv4/IPv6 addresses (default-net path)
thread::sleep(Duration::from_millis(5000));
let mac_lower = net::stable_mac_from_id(id).to_lowercase();
if let Some(bridge_name) = bridge_for_disc.clone() {
let lease_path = lease_for_disc.unwrap_or_else(|| {
std::env::var("HERO_VIRT_DHCP_LEASE_FILE")
.unwrap_or_else(|_| format!("/var/lib/misc/dnsmasq-hero-{}.leases", bridge_name))
});
let _ipv4 = net::discover_ipv4_from_leases(&lease_path, &mac_lower, 12);
let _ipv6 = net::discover_ipv6_on_bridge(&bridge_name, &mac_lower);
}
Ok(())
}
//// Return VM record info (spec + runtime) by id
pub fn vm_info(id: &str) -> Result<VmRecord, CloudHvError> {
// Try current user's VM root first, then fall back to /root (common when VM was launched under sudo)
let p_user = vm_json_path(id);
let p = if p_user.exists() {
p_user
} else if let Some(p2) = resolve_vm_json_path(id) {
p2
} else {
return Err(CloudHvError::NotFound(format!("VM '{}' not found", id)));
};
let value = read_json(&p)?;
let rec: VmRecord = serde_json::from_value(value).map_err(|e| CloudHvError::JsonError(e.to_string()))?;
Ok(rec)
}
//// Discover VM network info using persisted metadata (bridge/lease/mac) with sensible fallbacks.
/// Returns (IPv4, IPv6, MAC, BridgeName, LeaseFile), each optional.
pub fn vm_network_info(
id: &str,
timeout_secs: u64,
) -> Result<(Option<String>, Option<String>, Option<String>, Option<String>, Option<String>), CloudHvError> {
let rec = vm_info(id)?;
// Start with persisted/env/default values
let mut bridge_name = rec
.runtime
.bridge_name
.clone()
.or_else(|| std::env::var("HERO_VIRT_BRIDGE_NAME").ok())
.unwrap_or_else(|| "br-hero".into());
// MAC: persisted or deterministically derived (lowercased for matching)
let mut mac_lower = rec
.runtime
.mac
.clone()
.unwrap_or_else(|| net::stable_mac_from_id(id))
.to_lowercase();
// Attempt to query CH for ground-truth (tap, mac) if API socket is available
if let Some(api_sock) = resolve_vm_api_socket_path(id) {
if let Some((tap, mac_from_ch)) = ch_query_tap_mac(&api_sock) {
mac_lower = mac_from_ch;
if let Some(br) = bridge_name_for_tap(&tap) {
bridge_name = br;
}
}
}
// Lease file: persisted -> env -> derived from (possibly overridden) bridge
let lease_path = rec
.runtime
.lease_file
.clone()
.or_else(|| std::env::var("HERO_VIRT_DHCP_LEASE_FILE").ok())
.unwrap_or_else(|| format!("/var/lib/misc/dnsmasq-hero-{}.leases", bridge_name));
// Discover addresses
let ipv4 = net::discover_ipv4_from_leases(&lease_path, &mac_lower, timeout_secs);
let ipv6 = {
use std::time::{Duration, Instant};
let deadline = Instant::now() + Duration::from_secs(timeout_secs);
let mut v6: Option<String> = None;
while Instant::now() < deadline {
if let Some(ip) = net::discover_ipv6_on_bridge(&bridge_name, &mac_lower) {
v6 = Some(ip);
break;
}
std::thread::sleep(Duration::from_millis(800));
}
v6
};
Ok((
ipv4,
ipv6,
Some(mac_lower),
Some(bridge_name),
Some(lease_path),
))
}
/// Stop a VM via ch-remote (graceful), optionally force kill
pub fn vm_stop(id: &str, force: bool) -> Result<(), CloudHvError> {
ensure_deps().ok(); // best-effort; we might still force-kill
let p = vm_json_path(id);
if !p.exists() {
return Err(CloudHvError::NotFound(format!("VM '{}' not found", id)));
}
let value = read_json(&p)?;
let mut rec: VmRecord =
serde_json::from_value(value).map_err(|e| CloudHvError::JsonError(e.to_string()))?;
// Attempt graceful shutdown if api socket known
if !rec.spec.api_socket.trim().is_empty() {
let cmd = format!("ch-remote-static --api-socket {} shutdown", rec.spec.api_socket);
let _ = sal_process::run(&cmd).die(false).silent(true).execute();
}
// Wait for process to exit (up to ~10s)
if let Some(pid) = rec.runtime.pid {
for _ in 0..50 {
if !proc_exists(pid) {
break;
}
thread::sleep(Duration::from_millis(200));
}
// If still alive and force, kill -9 and wait again (up to ~10s)
if proc_exists(pid) && force {
// Send SIGKILL without extra shell layers; suppress errors/noise
let _ = sal_process::run(&format!("kill -9 {}", pid))
.die(false)
.silent(true)
.execute();
for _ in 0..50 {
if !proc_exists(pid) {
break;
}
thread::sleep(Duration::from_millis(200));
}
}
}
// Update state
rec.runtime.status = "stopped".into();
rec.runtime.pid = None;
let value = serde_json::to_value(&rec).map_err(|e| CloudHvError::JsonError(e.to_string()))?;
write_json(&vm_json_path(id), &value)?;
// Remove pid file
let _ = fs::remove_file(vm_pid_path(id));
Ok(())
}
/// Delete a VM definition; optionally delete disks.
pub fn vm_delete(id: &str, delete_disks: bool) -> Result<(), CloudHvError> {
let p = vm_json_path(id);
if !p.exists() {
return Err(CloudHvError::NotFound(format!("VM '{}' not found", id)));
}
let rec: VmRecord = serde_json::from_value(read_json(&p)?)
.map_err(|e| CloudHvError::JsonError(e.to_string()))?;
// If appears to be running, attempt a force stop first (best-effort)
if let Some(pid) = rec.runtime.pid {
if proc_exists(pid) {
let _ = vm_stop(id, true);
// Re-check original PID for liveness (up to ~5s)
for _ in 0..25 {
if !proc_exists(pid) {
break;
}
thread::sleep(Duration::from_millis(200));
}
if proc_exists(pid) {
return Err(CloudHvError::CommandFailed(
"VM appears to be running; stop it first".into(),
));
}
}
}
if delete_disks {
let _ = fs::remove_file(&rec.spec.disk_path);
}
let d = vm_dir(id);
fs::remove_dir_all(&d).map_err(|e| CloudHvError::IoError(e.to_string()))?;
Ok(())
}
/// List all VMs
pub fn vm_list() -> Result<Vec<VmRecord>, CloudHvError> {
let root = hero_vm_root();
if !root.exists() {
return Ok(vec![]);
}
let mut out = vec![];
for entry in fs::read_dir(&root).map_err(|e| CloudHvError::IoError(e.to_string()))? {
let entry = entry.map_err(|e| CloudHvError::IoError(e.to_string()))?;
let p = entry.path();
if !p.is_dir() {
continue;
}
let vm_json = p.join("vm.json");
if !vm_json.exists() {
continue;
}
let rec: VmRecord = serde_json::from_value(read_json(&vm_json)?)
.map_err(|e| CloudHvError::JsonError(e.to_string()))?;
out.push(rec);
}
Ok(out)
}
/// Discover the mycelium IPv6 address by inspecting the interface itself (no CLI dependency).
/// Returns (interface_name, first global IPv6 address found on the interface).
/// Derive a /64 prefix P from the mycelium IPv6 and return (P/64, P::2/64).
/// Render a shell-safe command string from vector of tokens
fn shell_join(parts: &Vec<String>) -> String {
let mut s = String::new();
for (i, p) in parts.iter().enumerate() {
if i > 0 {
s.push(' ');
}
s.push_str(&shell_escape(p));
}
s
}
fn shell_escape(s: &str) -> String {
if s.is_empty() {
return "''".into();
}
if s
.chars()
.all(|c| c.is_ascii_alphanumeric() || "-_./=:".contains(c))
{
return s.into();
}
// single-quote wrap, escape existing quotes
let mut out = String::from("'");
for ch in s.chars() {
if ch == '\'' {
out.push_str("'\"'\"'");
} else {
out.push(ch);
}
}
out.push('\'');
out
}

386
packages/system/virt/src/cloudhv/net/mod.rs Normal file
View File

@@ -0,0 +1,386 @@
use sal_process;
use crate::cloudhv::CloudHvError;
pub mod profile;
pub use profile::{BridgeOptions, DefaultNatOptions, NetworkingProfileSpec};
// Local shell escaping (keep independent from parent module)
fn shell_escape(s: &str) -> String {
if s.is_empty() {
return "''".into();
}
if s.chars()
.all(|c| c.is_ascii_alphanumeric() || "-_./=:".contains(c))
{
return s.into();
}
let mut out = String::from("'");
for ch in s.chars() {
if ch == '\'' {
out.push_str("'\"'\"'");
} else {
out.push(ch);
}
}
out.push('\'');
out
}
fn run_heredoc(label: &str, body: &str) -> Result<(), CloudHvError> {
let script = format!("bash -e -s <<'{label}'\n{body}\n{label}\n", label = label, body = body);
match sal_process::run(&script).silent(true).die(false).execute() {
Ok(res) if res.success => Ok(()),
Ok(res) => Err(CloudHvError::CommandFailed(format!(
"{} failed: {}{}",
label, res.stdout, res.stderr
))),
Err(e) => Err(CloudHvError::CommandFailed(format!(
"{} failed: {}",
label, e
))),
}
}
/// Ensure the Linux bridge exists and has IPv4 (and optional IPv6) configured.
/// Also enables IPv4 forwarding (and IPv6 forwarding when v6 provided).
pub fn ensure_bridge(
bridge_name: &str,
bridge_addr_cidr: &str,
ipv6_bridge_cidr: Option<&str>,
) -> Result<(), CloudHvError> {
// deps: ip
if sal_process::which("ip").is_none() {
return Err(CloudHvError::DependencyMissing(
"ip not found on PATH".into(),
));
}
let v6 = ipv6_bridge_cidr.unwrap_or("");
let body = format!(
"set -e
BR={br}
BR_ADDR={br_addr}
IPV6_CIDR={v6cidr}
ip link show \"$BR\" >/dev/null 2>&1 || ip link add name \"$BR\" type bridge
ip addr replace \"$BR_ADDR\" dev \"$BR\"
ip link set \"$BR\" up
# IPv6 address and forwarding (optional)
if [ -n \"$IPV6_CIDR\" ]; then
ip -6 addr replace \"$IPV6_CIDR\" dev \"$BR\"
sysctl -w net.ipv6.conf.all.forwarding=1 >/dev/null || true
fi
# IPv4 forwarding (idempotent)
sysctl -w net.ipv4.ip_forward=1 >/dev/null || true
",
br = shell_escape(bridge_name),
br_addr = shell_escape(bridge_addr_cidr),
v6cidr = shell_escape(v6),
);
run_heredoc("HEROBRIDGE", &body)
}
/// Ensure nftables NAT masquerading for the given subnet toward the default WAN interface.
/// Creates table/chain if missing and adds/keeps a single masquerade rule.
/// If ipv6_subnet is provided, also sets up IPv6 NAT.
pub fn ensure_nat(subnet_cidr: &str, ipv6_subnet: Option<&str>) -> Result<(), CloudHvError> {
for bin in ["ip", "nft"] {
if sal_process::which(bin).is_none() {
return Err(CloudHvError::DependencyMissing(format!(
"{} not found on PATH",
bin
)));
}
}
let v6_subnet = ipv6_subnet.unwrap_or("");
let body = format!(
"set -e
SUBNET={subnet}
IPV6_SUBNET={v6subnet}
WAN_IF=$(ip -o route show default | awk '{{print $5}}' | head -n1)
if [ -z \"$WAN_IF\" ]; then
echo \"No default WAN interface detected (required for NAT)\" >&2
exit 2
fi
# IPv4 NAT
nft list table ip hero >/dev/null 2>&1 || nft add table ip hero
nft list chain ip hero postrouting >/dev/null 2>&1 || nft add chain ip hero postrouting {{ type nat hook postrouting priority 100 \\; }}
nft list chain ip hero postrouting | grep -q \"ip saddr $SUBNET oifname \\\"$WAN_IF\\\" masquerade\" \
|| nft add rule ip hero postrouting ip saddr $SUBNET oifname \"$WAN_IF\" masquerade
# IPv6 NAT (if subnet provided)
if [ -n \"$IPV6_SUBNET\" ]; then
nft list table ip6 hero >/dev/null 2>&1 || nft add table ip6 hero
nft list chain ip6 hero postrouting >/dev/null 2>&1 || nft add chain ip6 hero postrouting {{ type nat hook postrouting priority 100 \\; }}
nft list chain ip6 hero postrouting | grep -q \"ip6 saddr $IPV6_SUBNET oifname \\\"$WAN_IF\\\" masquerade\" \
|| nft add rule ip6 hero postrouting ip6 saddr $IPV6_SUBNET oifname \"$WAN_IF\" masquerade
fi
",
subnet = shell_escape(subnet_cidr),
v6subnet = shell_escape(v6_subnet),
);
run_heredoc("HERONAT", &body)
}
/// Ensure dnsmasq DHCP is configured for the bridge. Returns the lease file path used.
/// This function is idempotent; it writes a deterministic conf and reloads/enables dnsmasq.
pub fn ensure_dnsmasq(
bridge_name: &str,
dhcp_start: &str,
dhcp_end: &str,
ipv6_bridge_cidr: Option<&str>,
lease_file_override: Option<&str>,
) -> Result<String, CloudHvError> {
for bin in ["dnsmasq", "systemctl"] {
if sal_process::which(bin).is_none() {
return Err(CloudHvError::DependencyMissing(format!(
"{} not found on PATH",
bin
)));
}
}
let lease_file = lease_file_override
.map(|s| s.to_string())
.unwrap_or_else(|| format!("/var/lib/misc/dnsmasq-hero-{}.leases", bridge_name));
let v6 = ipv6_bridge_cidr.unwrap_or("");
let body = format!(
"set -e
BR={br}
DHCP_START={dstart}
DHCP_END={dend}
LEASE_FILE={lease}
IPV6_CIDR={v6cidr}
mkdir -p /etc/dnsmasq.d
mkdir -p /var/lib/misc
CFG=/etc/dnsmasq.d/hero-$BR.conf
TMP=/etc/dnsmasq.d/.hero-$BR.conf.new
# Ensure main conf includes our conf-dir
CONF=/etc/dnsmasq.conf
RELOAD=0
if ! grep -qF \"conf-dir=/etc/dnsmasq.d\" \"$CONF\" 2>/dev/null; then
printf '%s\\n' 'conf-dir=/etc/dnsmasq.d,*.conf' >> \"$CONF\"
RELOAD=1
fi
# Ensure lease file and ownership (best effort)
touch \"$LEASE_FILE\" || true
chown dnsmasq:dnsmasq \"$LEASE_FILE\" 2>/dev/null || true
# IPv4 section
printf '%s\\n' \
\"interface=$BR\" \
\"bind-interfaces\" \
\"dhcp-authoritative\" \
\"dhcp-range=$DHCP_START,$DHCP_END,12h\" \
\"dhcp-option=option:dns-server,1.1.1.1,8.8.8.8\" \
\"dhcp-leasefile=$LEASE_FILE\" >\"$TMP\"
# Optional IPv6 RA/DHCPv6
if [ -n \"$IPV6_CIDR\" ]; then
BRIDGE_ADDR=\"${{IPV6_CIDR%/*}}\"
BRIDGE_PREFIX=$(echo \"$IPV6_CIDR\" | cut -d: -f1-4)::
printf '%s\\n' \
\"enable-ra\" \
\"dhcp-range=$BRIDGE_PREFIX,ra-names,12h\" \
\"dhcp-option=option6:dns-server,[2001:4860:4860::8888]\" >>\"$TMP\"
fi
if [ ! -f \"$CFG\" ] || ! cmp -s \"$CFG\" \"$TMP\"; then
mv \"$TMP\" \"$CFG\"
if systemctl is-active --quiet dnsmasq; then
systemctl reload dnsmasq || systemctl restart dnsmasq || true
else
systemctl enable --now dnsmasq || true
fi
else
rm -f \"$TMP\"
systemctl enable --now dnsmasq || true
fi
if [ \"$RELOAD\" = \"1\" ]; then
systemctl reload dnsmasq || systemctl restart dnsmasq || true
fi
",
br = shell_escape(bridge_name),
dstart = shell_escape(dhcp_start),
dend = shell_escape(dhcp_end),
lease = shell_escape(&lease_file),
v6cidr = shell_escape(v6),
);
run_heredoc("HERODNSMASQ", &body)?;
Ok(lease_file)
}
/// Deterministic TAP name from VM id (Linux IFNAMSIZ safe)
pub fn tap_name_for_id(id: &str) -> String {
use std::collections::hash_map::DefaultHasher;
use std::hash::{Hash, Hasher};
let mut h = DefaultHasher::new();
id.hash(&mut h);
let v = h.finish();
let hex = format!("{:016x}", v);
format!("tap-{}", &hex[..10])
}
/// Ensure a per-VM TAP exists, enslaved to the bridge, and up.
/// Assign ownership to current user/group so CH can open the fd unprivileged.
pub fn ensure_tap_for_vm(bridge_name: &str, id: &str) -> Result<String, CloudHvError> {
if sal_process::which("ip").is_none() {
return Err(CloudHvError::DependencyMissing(
"ip not found on PATH".into(),
));
}
let tap = tap_name_for_id(id);
let body = format!(
"set -e
BR={br}
TAP={tap}
UIDX=$(id -u)
GIDX=$(id -g)
# Ensure a clean TAP state to avoid Resource busy if a previous VM run left it lingering
if ip link show \"$TAP\" >/dev/null 2>&1; then
ip link set \"$TAP\" down || true
ip link set \"$TAP\" nomaster 2>/dev/null || true
ip tuntap del dev \"$TAP\" mode tap 2>/dev/null || true
fi
# Recreate with correct ownership and attach to bridge
ip tuntap add dev \"$TAP\" mode tap user \"$UIDX\" group \"$GIDX\"
ip link set \"$TAP\" master \"$BR\" 2>/dev/null || true
ip link set \"$TAP\" up
",
br = shell_escape(bridge_name),
tap = shell_escape(&tap),
);
run_heredoc("HEROTAP", &body)?;
Ok(tap)
}
/// Stable locally-administered unicast MAC derived from VM id.
/// IMPORTANT: Use a deterministic hash (FNV-1a) rather than DefaultHasher (which is randomized).
pub fn stable_mac_from_id(id: &str) -> String {
// 64-bit FNV-1a
const FNV_OFFSET: u64 = 0xcbf29ce484222325;
const FNV_PRIME: u64 = 0x00000100000001B3;
let mut v: u64 = FNV_OFFSET;
for b in id.as_bytes() {
v ^= *b as u64;
v = v.wrapping_mul(FNV_PRIME);
}
// Locally administered, unicast
let b0 = (((v >> 40) & 0xff) as u8 & 0xfe) | 0x02;
let b1 = ((v >> 32) & 0xff) as u8;
let b2 = ((v >> 24) & 0xff) as u8;
let b3 = ((v >> 16) & 0xff) as u8;
let b4 = ((v >> 8) & 0xff) as u8;
let b5 = (v & 0xff) as u8;
format!(
"{:02x}:{:02x}:{:02x}:{:02x}:{:02x}:{:02x}",
b0, b1, b2, b3, b4, b5
)
}
/// Discover the mycelium IPv6 global address on iface (or env override).
/// Returns (iface_name, address).
pub fn mycelium_ipv6_addr(iface_hint: &str) -> Result<(String, String), CloudHvError> {
let iface = std::env::var("HERO_VIRT_MYCELIUM_IF").unwrap_or_else(|_| iface_hint.to_string());
let cmd = format!("ip -6 addr show dev {}", shell_escape(&iface));
let res = sal_process::run(&cmd).silent(true).die(false).execute();
let out = match res {
Ok(r) if r.success => r.stdout,
_ => {
return Err(CloudHvError::DependencyMissing(format!(
"mycelium interface '{}' not found or no IPv6 configured",
iface
)))
}
};
for line in out.lines() {
let lt = line.trim();
if lt.starts_with("inet6 ") && lt.contains("scope global") {
let parts: Vec<&str> = lt.split_whitespace().collect();
if let Some(addr_cidr) = parts.get(1) {
let addr_only = addr_cidr.split('/').next().unwrap_or("").trim();
if !addr_only.is_empty() && addr_only.parse::<std::net::Ipv6Addr>().is_ok() {
return Ok((iface, addr_only.to_string()));
}
}
}
}
Err(CloudHvError::DependencyMissing(format!(
"no global IPv6 found on interface '{}'",
iface
)))
}
/// Derive (prefix /64, router /64 string) from a mycelium IPv6 address string.
pub fn derive_ipv6_prefix_from_mycelium(m: &str) -> Result<(String, String), CloudHvError> {
let ip = m.parse::<std::net::Ipv6Addr>().map_err(|e| {
CloudHvError::InvalidSpec(format!("invalid mycelium IPv6 address '{}': {}", m, e))
})?;
let seg = ip.segments();
let pfx = std::net::Ipv6Addr::new(seg[0], seg[1], seg[2], seg[3], 0, 0, 0, 0);
let router = std::net::Ipv6Addr::new(seg[0], seg[1], seg[2], seg[3], 0, 0, 0, 2);
let pfx_str = format!("{}/64", pfx);
let router_cidr = format!("{}/64", router);
Ok((pfx_str, router_cidr))
}
/// Parse a dnsmasq lease file to find last IPv4 by MAC (lowercased).
/// Polls up to timeout_secs with 800ms sleep, returns None on timeout.
pub fn discover_ipv4_from_leases(
lease_path: &str,
mac_lower: &str,
timeout_secs: u64,
) -> Option<String> {
use std::fs;
use std::time::{Duration, Instant};
let deadline = Instant::now() + Duration::from_secs(timeout_secs);
loop {
if let Ok(content) = fs::read_to_string(lease_path) {
let mut last_ip: Option<String> = None;
for line in content.lines() {
let cols: Vec<&str> = line.split_whitespace().collect();
if cols.len() >= 3 && cols[1].eq_ignore_ascii_case(mac_lower) {
last_ip = Some(cols[2].to_string());
}
}
if last_ip.is_some() {
return last_ip;
}
}
if Instant::now() >= deadline {
return None;
}
std::thread::sleep(Duration::from_millis(800));
}
}
/// Search IPv6 neighbor table on bridge for an entry matching MAC (lladdr), excluding link-local.
pub fn discover_ipv6_on_bridge(bridge_name: &str, mac_lower: &str) -> Option<String> {
let cmd = format!("ip -6 neigh show dev {}", shell_escape(bridge_name));
if let Ok(res) = sal_process::run(&cmd).silent(true).die(false).execute() {
if res.success {
let mac_pat = format!("lladdr {}", mac_lower);
for line in res.stdout.lines() {
let lt = line.trim();
if lt.to_lowercase().contains(&mac_pat) {
if let Some(addr) = lt.split_whitespace().next() {
if !addr.starts_with("fe80") && !addr.is_empty() {
return Some(addr.to_string());
}
}
}
}
}
}
None
}

95
packages/system/virt/src/cloudhv/net/profile.rs Normal file
View File

@@ -0,0 +1,95 @@
use serde::{Deserialize, Serialize};
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct DefaultNatOptions {
#[serde(default = "DefaultNatOptions::default_bridge_name")]
pub bridge_name: String,
#[serde(default = "DefaultNatOptions::default_bridge_addr")]
pub bridge_addr_cidr: String,
#[serde(default = "DefaultNatOptions::default_subnet")]
pub subnet_cidr: String,
#[serde(default = "DefaultNatOptions::default_dhcp_start")]
pub dhcp_start: String,
#[serde(default = "DefaultNatOptions::default_dhcp_end")]
pub dhcp_end: String,
#[serde(default = "DefaultNatOptions::default_ipv6_enable")]
pub ipv6_enable: bool,
/// Optional: if set, use this IPv6 on bridge (e.g. "400:...::2/64"), else derive via mycelium
#[serde(default)]
pub bridge_ipv6_cidr: Option<String>,
/// Optional explicit mycelium interface name
#[serde(default)]
pub mycelium_if: Option<String>,
/// Optional override for dnsmasq lease file
#[serde(default)]
pub lease_file: Option<String>,
}
impl DefaultNatOptions {
fn default_bridge_name() -> String {
std::env::var("HERO_VIRT_BRIDGE_NAME").unwrap_or_else(|_| "br-hero".into())
}
fn default_bridge_addr() -> String {
std::env::var("HERO_VIRT_BRIDGE_ADDR_CIDR").unwrap_or_else(|_| "172.30.0.1/24".into())
}
fn default_subnet() -> String {
std::env::var("HERO_VIRT_SUBNET_CIDR").unwrap_or_else(|_| "172.30.0.0/24".into())
}
fn default_dhcp_start() -> String {
std::env::var("HERO_VIRT_DHCP_START").unwrap_or_else(|_| "172.30.0.50".into())
}
fn default_dhcp_end() -> String {
std::env::var("HERO_VIRT_DHCP_END").unwrap_or_else(|_| "172.30.0.250".into())
}
fn default_ipv6_enable() -> bool {
match std::env::var("HERO_VIRT_IPV6_ENABLE").map(|v| v.to_lowercase()) {
Ok(s) if s == "0" || s == "false" || s == "no" => false,
_ => true,
}
}
}
impl Default for DefaultNatOptions {
fn default() -> Self {
Self {
bridge_name: Self::default_bridge_name(),
bridge_addr_cidr: Self::default_bridge_addr(),
subnet_cidr: Self::default_subnet(),
dhcp_start: Self::default_dhcp_start(),
dhcp_end: Self::default_dhcp_end(),
ipv6_enable: Self::default_ipv6_enable(),
bridge_ipv6_cidr: None,
mycelium_if: None,
lease_file: None,
}
}
}
#[derive(Debug, Clone, Serialize, Deserialize, Default)]
pub struct BridgeOptions {
#[serde(default = "DefaultNatOptions::default_bridge_name")]
pub bridge_name: String,
/// Optional: if provided, configure IPv4 on the bridge
#[serde(default)]
pub bridge_addr_cidr: Option<String>,
/// Optional: if provided, configure IPv6 on the bridge
#[serde(default)]
pub bridge_ipv6_cidr: Option<String>,
}
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(tag = "type", content = "opts")]
pub enum NetworkingProfileSpec {
DefaultNat(DefaultNatOptions),
NoNet,
/// Pass-through user args to CH; currently informational in VmSpec
CustomCli(Vec<String>),
/// Ensure bridge and tap only; no NAT/DHCP
BridgeOnly(BridgeOptions),
}
impl Default for NetworkingProfileSpec {
fn default() -> Self {
NetworkingProfileSpec::DefaultNat(DefaultNatOptions::default())
}
}

196
packages/system/virt/src/hostcheck/mod.rs Normal file
View File

@@ -0,0 +1,196 @@
use serde::{Deserialize, Serialize};
use std::fs;
use std::path::Path;
use sal_os;
use sal_process;
/// Host dependency check error
#[derive(Debug)]
pub enum HostCheckError {
Io(String),
}
impl std::fmt::Display for HostCheckError {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
HostCheckError::Io(e) => write!(f, "IO error: {}", e),
}
}
}
impl std::error::Error for HostCheckError {}
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct HostCheckReport {
pub ok: bool,
pub critical: Vec<String>,
pub optional: Vec<String>,
pub notes: Vec<String>,
}
fn hero_vm_root() -> String {
let home = std::env::var("HOME").unwrap_or_else(|_| "/tmp".into());
format!("{}/hero/virt/vms", home.trim_end_matches('/'))
}
fn bin_missing(name: &str) -> bool {
sal_process::which(name).is_none()
}
/// Perform host dependency checks required for image preparation and Cloud Hypervisor run.
/// Returns a structured report that Rhai can consume easily.
pub fn host_check_deps() -> Result<HostCheckReport, HostCheckError> {
let mut critical: Vec<String> = Vec::new();
let optional: Vec<String> = Vec::new();
let mut notes: Vec<String> = Vec::new();
// Must run as root
let uid_res = sal_process::run("id -u").silent(true).die(false).execute();
match uid_res {
Ok(r) if r.success => {
let uid_s = r.stdout.trim();
if uid_s != "0" {
critical.push("not running as root (required for nbd/mount/network)".into());
}
}
_ => {
notes.push("failed to determine uid via `id -u`".into());
}
}
// Core binaries required for CH and image manipulation
let core_bins = [
"cloud-hypervisor", // CH binary (dynamic)
"cloud-hypervisor-static", // CH static (if present)
"ch-remote",
"ch-remote-static",
// hypervisor-fw is expected at /images/hypervisor-fw (not on PATH)
"qemu-img",
"qemu-nbd",
"blkid",
"tune2fs",
"partprobe",
"mount",
"umount",
"sed",
"awk",
"modprobe",
];
// Networking helpers (for default bridge + NAT path)
let net_bins = ["ip", "nft", "dnsmasq", "systemctl"];
// Evaluate presence
let mut have_any_ch = false;
if !bin_missing("cloud-hypervisor") || !bin_missing("cloud-hypervisor-static") {
have_any_ch = true;
}
if !have_any_ch {
critical.push("cloud-hypervisor or cloud-hypervisor-static not found on PATH".into());
}
if bin_missing("ch-remote") && bin_missing("ch-remote-static") {
critical.push("ch-remote or ch-remote-static not found on PATH".into());
}
for b in [&core_bins[4..], &net_bins[..]].concat() {
if bin_missing(b) {
// treat qemu/img/nbd stack and filesystem tools as critical
// treat networking tools as critical too since default path provisions bridge/DHCP
critical.push(format!("missing binary: {}", b));
}
}
// Filesystem/path checks
// Ensure /images exists and expected image files are present (ubuntu, alpine, hypervisor-fw)
let images_root = "/images";
if !Path::new(images_root).exists() {
critical.push(format!("{} not found (expected base images directory)", images_root));
} else {
let ubuntu_path = format!("{}/noble-server-cloudimg-amd64.img", images_root);
let alpine_path = format!("{}/alpine-virt-cloudimg-amd64.qcow2", images_root);
let fw_path = format!("{}/hypervisor-fw", images_root);
if !Path::new(&ubuntu_path).exists() {
critical.push(format!("missing base image: {}", ubuntu_path));
}
if !Path::new(&alpine_path).exists() {
critical.push(format!("missing base image: {}", alpine_path));
}
if !Path::new(&fw_path).exists() {
critical.push(format!("missing firmware: {}", fw_path));
}
}
// Ensure VM root directory is writable/creatable
let vm_root = hero_vm_root();
if let Err(e) = sal_os::mkdir(&vm_root) {
critical.push(format!(
"cannot create/access VM root directory {}: {}",
vm_root, e
));
} else {
// also try writing a small file
let probe_path = format!("{}/.__hero_probe", vm_root);
if let Err(e) = fs::write(&probe_path, b"ok") {
critical.push(format!(
"VM root not writable {}: {}",
vm_root, e
));
} else {
let _ = fs::remove_file(&probe_path);
}
}
// Optional Mycelium IPv6 checks when enabled via env
let ipv6_env = std::env::var("HERO_VIRT_IPV6_ENABLE").unwrap_or_else(|_| "".into());
let ipv6_enabled = ipv6_env.eq_ignore_ascii_case("1") || ipv6_env.eq_ignore_ascii_case("true");
if ipv6_enabled {
// Require mycelium CLI
if bin_missing("mycelium") {
critical.push("mycelium CLI not found on PATH (required when HERO_VIRT_IPV6_ENABLE=true)".into());
}
// Validate interface presence and global IPv6
let ifname = std::env::var("HERO_VIRT_MYCELIUM_IF").unwrap_or_else(|_| "mycelium".into());
let check_if = sal_process::run(&format!("ip -6 addr show dev {}", ifname))
.silent(true)
.die(false)
.execute();
match check_if {
Ok(r) if r.success => {
let out = r.stdout;
if !(out.contains("inet6") && out.contains("scope global")) {
notes.push(format!(
"iface '{}' present but no global IPv6 detected; Mycelium may not be up yet",
ifname
));
}
}
_ => {
critical.push(format!(
"iface '{}' not found or no IPv6; ensure Mycelium is running",
ifname
));
}
}
// Best-effort: parse `mycelium inspect` for Address
let insp = sal_process::run("mycelium inspect").silent(true).die(false).execute();
match insp {
Ok(res) if res.success && res.stdout.contains("Address:") => {
// good enough
}
_ => {
notes.push("`mycelium inspect` did not return an Address; IPv6 overlay may be unavailable".into());
}
}
}
// Summarize ok flag
let ok = critical.is_empty();
Ok(HostCheckReport {
ok,
critical,
optional,
notes,
})
}

799
packages/system/virt/src/image_prep/mod.rs Normal file
View File

@@ -0,0 +1,799 @@
use serde::{Deserialize, Serialize};
use std::path::Path;
use sal_os;
use sal_process;
use std::collections::hash_map::DefaultHasher;
use std::hash::{Hash, Hasher};
use std::net::Ipv6Addr;
#[derive(Debug)]
pub enum ImagePrepError {
Io(String),
InvalidInput(String),
CommandFailed(String),
NotImplemented(String),
}
impl std::fmt::Display for ImagePrepError {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
ImagePrepError::Io(e) => write!(f, "IO error: {}", e),
ImagePrepError::InvalidInput(e) => write!(f, "Invalid input: {}", e),
ImagePrepError::CommandFailed(e) => write!(f, "Command failed: {}", e),
ImagePrepError::NotImplemented(e) => write!(f, "Not implemented: {}", e),
}
}
}
impl std::error::Error for ImagePrepError {}
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(rename_all = "lowercase")]
pub enum Flavor {
Ubuntu,
Alpine,
}
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct NetPlanOpts {
#[serde(default = "default_dhcp4")]
pub dhcp4: bool,
#[serde(default)]
pub dhcp6: bool,
/// Static IPv6 address to assign in guest (temporary behavior)
pub ipv6_addr: Option<String>, // e.g., "400::10/64"
pub gw6: Option<String>, // e.g., "400::1"
}
fn default_dhcp4() -> bool {
true
}
impl Default for NetPlanOpts {
fn default() -> Self {
Self {
dhcp4: true,
dhcp6: true,
ipv6_addr: None,
gw6: None,
}
}
}
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct ImagePrepOptions {
pub flavor: Flavor,
/// VM id (used for working directory layout and tap/mac derivations)
pub id: String,
/// Optional source path override, defaults to /images/<flavor default filename>
pub source: Option<String>,
/// Optional VM target directory, defaults to $HOME/hero/virt/vms/<id>
pub target_dir: Option<String>,
/// Netplan options
#[serde(default)]
pub net: NetPlanOpts,
/// Disable cloud-init networking
#[serde(default = "default_disable_cloud_init_net")]
pub disable_cloud_init_net: bool,
}
fn default_disable_cloud_init_net() -> bool {
true
}
fn stable_mac_from_id(id: &str) -> String {
// Use deterministic FNV-1a (matches host-side MAC derivation used by CH builder)
const FNV_OFFSET: u64 = 0xcbf29ce484222325;
const FNV_PRIME: u64 = 0x00000100000001B3;
let mut v: u64 = FNV_OFFSET;
for b in id.as_bytes() {
v ^= *b as u64;
v = v.wrapping_mul(FNV_PRIME);
}
let b0 = (((v >> 40) & 0xff) as u8 & 0xfe) | 0x02; // locally administered, unicast
let b1 = ((v >> 32) & 0xff) as u8;
let b2 = ((v >> 24) & 0xff) as u8;
let b3 = ((v >> 16) & 0xff) as u8;
let b4 = ((v >> 8) & 0xff) as u8;
let b5 = (v & 0xff) as u8;
format!("{:02x}:{:02x}:{:02x}:{:02x}:{:02x}:{:02x}", b0, b1, b2, b3, b4, b5)
}
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct ImagePrepResult {
pub raw_disk: String,
pub root_uuid: String,
pub boot_uuid: String,
pub work_qcow2: String,
}
fn hero_vm_root() -> String {
let home = std::env::var("HOME").unwrap_or_else(|_| "/tmp".into());
format!("{}/hero/virt/vms", home.trim_end_matches('/'))
}
fn default_source_for_flavor(flavor: &Flavor) -> (&'static str, bool) {
match flavor {
Flavor::Ubuntu => ("/images/noble-server-cloudimg-amd64.img", true),
Flavor::Alpine => ("/images/alpine-virt-cloudimg-amd64.qcow2", true),
}
}
fn fail(e: &str) -> ImagePrepError {
ImagePrepError::CommandFailed(e.to_string())
}
fn run_script(script: &str) -> Result<sal_process::CommandResult, ImagePrepError> {
match sal_process::run(script).silent(true).die(false).execute() {
Ok(res) => {
if res.success {
Ok(res)
} else {
Err(ImagePrepError::CommandFailed(format!(
"{}{}",
res.stdout, res.stderr
)))
}
}
Err(e) => Err(ImagePrepError::CommandFailed(e.to_string())),
}
}
/// Prepare a base cloud image for booting under Cloud Hypervisor:
/// - make a per-VM working copy
/// - attach via nbd, mount root/boot
/// - retag UUIDs, update fstab, write minimal grub.cfg
/// - generate netplan (DHCPv4, static IPv6 placeholder), disable cloud-init net
/// - convert to raw disk in VM dir
pub fn image_prepare(opts: &ImagePrepOptions) -> Result<ImagePrepResult, ImagePrepError> {
// Resolve source image
let (def_src, _must_exist) = default_source_for_flavor(&opts.flavor);
let src = opts.source.clone().unwrap_or_else(|| def_src.to_string());
if !Path::new(&src).exists() {
return Err(ImagePrepError::InvalidInput(format!(
"source image not found: {}",
src
)));
}
// Resolve VM dir
let vm_dir = opts
.target_dir
.clone()
.unwrap_or_else(|| format!("{}/{}", hero_vm_root(), opts.id));
sal_os::mkdir(&vm_dir).map_err(|e| ImagePrepError::Io(e.to_string()))?;
// Work qcow2 copy path and mount points
let work_qcow2 = format!("{}/work.qcow2", vm_dir);
let raw_path = format!("{}/disk.raw", vm_dir);
let mnt_root = format!("/mnt/hero-img/{}/root", opts.id);
let mnt_boot = format!("/mnt/hero-img/{}/boot", opts.id);
// Only Ubuntu implemented for now
match opts.flavor {
Flavor::Ubuntu => {
// Build bash script that performs all steps and echos "RAW|ROOT_UUID|BOOT_UUID" at end
let disable_ci_net = opts.disable_cloud_init_net;
// IPv6 static guest assignment (derive from mycelium interface) - disabled by default to use RA
// If HERO_VIRT_IPV6_STATIC_GUEST=true, use static IPv6; else use RA/SLAAC.
let static_v6 = std::env::var("HERO_VIRT_IPV6_STATIC_GUEST")
.map(|v| matches!(v.to_lowercase().as_str(), "" | "1" | "true" | "yes"))
.unwrap_or(false);
let myc_if =
std::env::var("HERO_VIRT_MYCELIUM_IF").unwrap_or_else(|_| "mycelium".into());
// Discover host mycelium global IPv6 in 400::/7 from the interface
let mut host_v6: Option<Ipv6Addr> = None;
if static_v6 {
let cmd = format!("ip -6 addr show dev {}", shell_escape(&myc_if));
if let Ok(r) = sal_process::run(&cmd).silent(true).die(false).execute() {
if r.success {
for l in r.stdout.lines() {
let lt = l.trim();
if lt.starts_with("inet6 ") && lt.contains("scope global") {
if let Some(addr_cidr) = lt.split_whitespace().nth(1) {
let addr_only =
addr_cidr.split('/').next().unwrap_or("").trim();
if let Ok(ip) = addr_only.parse::<Ipv6Addr>() {
let seg0 = ip.segments()[0];
if (seg0 & 0xFE00) == 0x0400 {
host_v6 = Some(ip);
break;
}
}
}
}
}
}
}
}
// Derive per-host /64 from mycelium and deterministic per-VM guest address
let mut np_v6_block = String::new();
let mut accept_ra = String::new();
let mut dhcp6_effective = opts.net.dhcp6;
if static_v6 {
if let Some(h) = host_v6 {
let seg = h.segments();
// Router = P::2; Guest address = P::<stable suffix>
let mut hasher = DefaultHasher::new();
opts.id.hash(&mut hasher);
let mut suffix = (hasher.finish() as u16) & 0xfffe;
if suffix == 0 || suffix == 2 {
suffix = 0x100;
}
let guest_ip =
Ipv6Addr::new(seg[0], seg[1], seg[2], seg[3], 0, 0, 0, suffix).to_string();
let gw_ip =
Ipv6Addr::new(seg[0], seg[1], seg[2], seg[3], 0, 0, 0, 2).to_string();
// Inject a YAML block for static v6
np_v6_block = format!(
" addresses:\n - {}/64\n routes:\n - to: \"::/0\"\n via: {}\n - to: \"400::/7\"\n via: {}\n",
guest_ip, gw_ip, gw_ip
);
// Disable dhcp6 when we provide a static address
dhcp6_effective = false;
}
} else {
// Use RA for IPv6
accept_ra = "\n accept-ra: true".to_string();
dhcp6_effective = false;
}
// Keep script small and robust; avoid brace-heavy awk to simplify escaping.
// Compute stable MAC (must match what vm_start() uses) and use it to match NIC in netplan.
let vm_mac = stable_mac_from_id(&opts.id);
let script = format!(
r#"#!/bin/bash -e
set -euo pipefail
SRC={src}
VM_DIR={vm_dir}
WORK={work}
MNT_ROOT={mnt_root}
MNT_BOOT={mnt_boot}
RAW={raw}
mkdir -p "$VM_DIR"
mkdir -p "$(dirname "$MNT_ROOT")"
mkdir -p "$MNT_ROOT" "$MNT_BOOT"
# Make per-VM working copy (reflink if supported)
cp --reflink=auto -f "$SRC" "$WORK"
# Load NBD with sufficient partitions
modprobe nbd max_part=63
# Pick a free /dev/nbdX and connect the qcow2
NBD=""
for i in $(seq 0 15); do
DEV="/dev/nbd$i"
# Skip devices that have any mounted partitions (avoid reusing in-use NBDs)
if findmnt -rn -S "$DEV" >/dev/null 2>&1 || \
findmnt -rn -S "${{DEV}}p1" >/dev/null 2>&1 || \
findmnt -rn -S "${{DEV}}p14" >/dev/null 2>&1 || \
findmnt -rn -S "${{DEV}}p15" >/dev/null 2>&1 || \
findmnt -rn -S "${{DEV}}p16" >/dev/null 2>&1; then
continue
fi
# Ensure it's not connected (ignore errors if already disconnected)
qemu-nbd --disconnect "$DEV" >/dev/null 2>&1 || true
if qemu-nbd --format=qcow2 --connect="$DEV" "$WORK"; then
NBD="$DEV"
break
fi
done
if [ -z "$NBD" ]; then
echo "No free /dev/nbdX device available" >&2
exit 1
fi
echo "Selected NBD: $NBD" >&2
# Settle and probe partitions
udevadm settle >/dev/null 2>&1 || true
blockdev --rereadpt "$NBD" >/dev/null 2>&1 || true
partprobe "$NBD" >/dev/null 2>&1 || true
for t in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15; do
if [ -b "${{NBD}}p1" ]; then
sz=$(blockdev --getsize64 "${{NBD}}p1" 2>/dev/null || echo 0)
if [ "$sz" -gt 0 ]; then
break
fi
fi
sleep 0.4
udevadm settle >/dev/null 2>&1 || true
blockdev --rereadpt "$NBD" >/dev/null 2>&1 || true
partprobe "$NBD" >/dev/null 2>&1 || true
done
ROOT_DEV="${{NBD}}p1"
# Prefer p16, else p15
if [ -b "${{NBD}}p16" ]; then
BOOT_DEV="${{NBD}}p16"
elif [ -b "${{NBD}}p15" ]; then
BOOT_DEV="${{NBD}}p15"
else
echo "Boot partition not found on $NBD (tried p16 and p15)" >&2
exit 33
fi
echo "ROOT_DEV=$ROOT_DEV BOOT_DEV=$BOOT_DEV" >&2
if [ ! -b "$ROOT_DEV" ]; then
echo "Root partition not found: $ROOT_DEV" >&2
exit 32
fi
cleanup() {{
set +e
umount "$MNT_BOOT" 2>/dev/null || true
umount "$MNT_ROOT" 2>/dev/null || true
[ -n "$NBD" ] && qemu-nbd --disconnect "$NBD" 2>/dev/null || true
rmmod nbd 2>/dev/null || true
}}
trap cleanup EXIT
# Ensure partitions are readable before mounting
for t in 1 2 3 4 5 6 7 8; do
szr=$(blockdev --getsize64 "$ROOT_DEV" 2>/dev/null || echo 0)
szb=$(blockdev --getsize64 "$BOOT_DEV" 2>/dev/null || echo 0)
if [ "$szr" -gt 0 ] && [ "$szb" -gt 0 ] && blkid "$ROOT_DEV" >/dev/null 2>&1; then
break
fi
sleep 0.4
udevadm settle >/dev/null 2>&1 || true
blockdev --rereadpt "$NBD" >/dev/null 2>&1 || true
partprobe "$NBD" >/dev/null 2>&1 || true
done
# Mount and mutate (with retries to avoid races)
mounted_root=0
for t in 1 2 3 4 5 6 7 8 9 10; do
if mount "$ROOT_DEV" "$MNT_ROOT"; then
mounted_root=1
break
fi
sleep 0.5
udevadm settle >/dev/null 2>&1 || true
partprobe "$NBD" >/dev/null 2>&1 || true
done
if [ "$mounted_root" -ne 1 ]; then
echo "Failed to mount root $ROOT_DEV" >&2
exit 32
fi
mounted_boot=0
for t in 1 2 3 4 5; do
if mount "$BOOT_DEV" "$MNT_BOOT"; then
mounted_boot=1
break
fi
sleep 0.5
udevadm settle >/dev/null 2>&1 || true
partprobe "$NBD" >/dev/null 2>&1 || true
done
if [ "$mounted_boot" -ne 1 ]; then
echo "Failed to mount boot "$BOOT_DEV"" >&2
exit 33
fi
# Change UUIDs (best-effort)
tune2fs -U random "$ROOT_DEV" || true
tune2fs -U random "$BOOT_DEV" || true
ROOT_UUID=$(blkid -o value -s UUID "$ROOT_DEV")
BOOT_UUID=$(blkid -o value -s UUID "$BOOT_DEV")
# Update fstab
sed -i "s/UUID=[a-f0-9-]* \\/ /UUID=$ROOT_UUID \\/ /" "$MNT_ROOT/etc/fstab"
sed -i "s/UUID=[a-f0-9-]* \\/boot /UUID=$BOOT_UUID \\/boot /" "$MNT_ROOT/etc/fstab"
# Minimal grub.cfg (note: braces escaped for Rust format!)
mkdir -p "$MNT_BOOT/grub"
KERNEL=$(ls -1 "$MNT_BOOT"/vmlinuz-* | sort -V | tail -n1 | xargs -n1 basename)
INITRD=$(ls -1 "$MNT_BOOT"/initrd.img-* | sort -V | tail -n1 | xargs -n1 basename)
cat > "$MNT_BOOT/grub/grub.cfg" << EOF
set default=0
set timeout=3
menuentry 'Ubuntu Cloud' {{
insmod part_gpt
insmod ext2
insmod gzio
search --no-floppy --fs-uuid --set=root $BOOT_UUID
linux /$KERNEL root=/dev/vda1 ro console=ttyS0
initrd /$INITRD
}}
EOF
# Netplan config
rm -f "$MNT_ROOT"/etc/netplan/*.yaml
mkdir -p "$MNT_ROOT"/etc/netplan
cat > "$MNT_ROOT/etc/netplan/01-netconfig.yaml" << EOF
network:
version: 2
renderer: networkd
ethernets:
eth0:
match:
macaddress: {vm_mac}
set-name: eth0
dhcp4: {dhcp4}
dhcp6: {dhcp6}{accept_ra}{np_v6_block}
nameservers:
addresses: [8.8.8.8, 1.1.1.1, 2001:4860:4860::8888]
EOF
# Enable SSH password authentication and set a default password for 'ubuntu'
mkdir -p "$MNT_ROOT/etc/cloud/cloud.cfg.d"
printf '%s\n' 'ssh_pwauth: true' > "$MNT_ROOT/etc/cloud/cloud.cfg.d/99-ssh-password-auth.cfg"
mkdir -p "$MNT_ROOT/etc/ssh/sshd_config.d"
cat > "$MNT_ROOT/etc/ssh/sshd_config.d/99-hero-password-auth.conf" << EOF
# Hero test: force password auth, explicitly disable pubkey to avoid client auto-trying keys
PasswordAuthentication yes
KbdInteractiveAuthentication yes
UsePAM yes
PubkeyAuthentication no
EOF
# Remove any AuthenticationMethods directives that might force publickey-only
if [ -f "$MNT_ROOT/etc/ssh/sshd_config" ]; then
sed -i -E 's/^[[:space:]]*AuthenticationMethods[[:space:]].*$/# hero: removed AuthenticationMethods/' "$MNT_ROOT/etc/ssh/sshd_config" 2>/dev/null || true
fi
if [ -d "$MNT_ROOT/etc/ssh/sshd_config.d" ]; then
find "$MNT_ROOT/etc/ssh/sshd_config.d" -type f -name '*.conf' -exec sed -i -E 's/^[[:space:]]*AuthenticationMethods[[:space:]].*$/# hero: removed AuthenticationMethods/' {{}} + 2>/dev/null \; || true
fi
# Set password for default user 'ubuntu'
if chroot "$MNT_ROOT" getent passwd ubuntu >/dev/null 2>&1; then
echo 'ubuntu:ubuntu' | chroot "$MNT_ROOT" /usr/sbin/chpasswd || true
fi
# Ensure openssh-server is present (some cloud images may omit it)
# Ensure SSH service enabled and keys generated on boot
chroot "$MNT_ROOT" systemctl unmask ssh 2>/dev/null || true
chroot "$MNT_ROOT" systemctl enable ssh 2>/dev/null || true
chroot "$MNT_ROOT" systemctl enable ssh-keygen.service 2>/dev/null || true
# Ensure sshd listens on both IPv4 and IPv6 explicitly
cat > "$MNT_ROOT/etc/ssh/sshd_config.d/99-hero-address-family.conf" << EOF
AddressFamily any
ListenAddress ::
ListenAddress 0.0.0.0
EOF
# Ensure sshd waits for network to be online (helps IPv6 readiness)
mkdir -p "$MNT_ROOT/etc/systemd/system/ssh.service.d"
cat > "$MNT_ROOT/etc/systemd/system/ssh.service.d/override.conf" << 'EOF'
[Unit]
After=network-online.target
Wants=network-online.target
EOF
# Ensure sshd_config includes conf.d include so our drop-ins are loaded
if ! grep -qE '^[[:space:]]*Include[[:space:]]+/etc/ssh/sshd_config\.d/\*\.conf' "$MNT_ROOT/etc/ssh/sshd_config"; then
echo 'Include /etc/ssh/sshd_config.d/*.conf' >> "$MNT_ROOT/etc/ssh/sshd_config"
fi
# Ensure required packages present before user/password changes
cp -f /etc/resolv.conf "$MNT_ROOT/etc/resolv.conf" 2>/dev/null || true
chroot "$MNT_ROOT" bash -c "apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends passwd openssh-server" || true
# Remove previously forced AuthenticationMethods drop-in (old)
rm -f "$MNT_ROOT/etc/ssh/sshd_config.d/99-hero-authmethods.conf"
# Force explicit password-only auth to avoid publickey-only negotiation from server
# Removed AuthenticationMethods to avoid config issues
# Ensure our overrides are last-wins even if main sshd_config sets different values after Include
cat >> "$MNT_ROOT/etc/ssh/sshd_config" << 'EOF'
# hero override (appended last)
PasswordAuthentication yes
KbdInteractiveAuthentication yes
UsePAM yes
PubkeyAuthentication no
EOF
# If UFW is present, allow SSH and disable firewall (for tests)
if chroot "$MNT_ROOT" command -v ufw >/dev/null 2>&1; then
chroot "$MNT_ROOT" ufw allow OpenSSH || true
chroot "$MNT_ROOT" ufw disable || true
fi
if ! chroot "$MNT_ROOT" test -x /usr/sbin/sshd; then
cp -f /etc/resolv.conf "$MNT_ROOT/etc/resolv.conf" 2>/dev/null || true
chroot "$MNT_ROOT" bash -c "apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends openssh-server" || true
fi
# Ensure user management utilities are present (useradd, chpasswd)
if ! chroot "$MNT_ROOT" command -v /usr/sbin/useradd >/dev/null 2>&1 || \
! chroot "$MNT_ROOT" command -v /usr/sbin/chpasswd >/dev/null 2>&1; then
cp -f /etc/resolv.conf "$MNT_ROOT/etc/resolv.conf" 2>/dev/null || true
chroot "$MNT_ROOT" bash -c "apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y passwd adduser" || true
fi
# Ensure user management utilities are present (useradd, chpasswd)
if ! chroot "$MNT_ROOT" command -v /usr/sbin/useradd >/dev/null 2>&1 || \
! chroot "$MNT_ROOT" command -v /usr/sbin/chpasswd >/dev/null 2>&1; then
cp -f /etc/resolv.conf "$MNT_ROOT/etc/resolv.conf" 2>/dev/null || true
chroot "$MNT_ROOT" bash -c "apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y passwd adduser" || true
fi
# Ensure user management utilities are present (useradd, chpasswd)
if ! chroot "$MNT_ROOT" command -v /usr/sbin/useradd >/dev/null 2>&1 || \
! chroot "$MNT_ROOT" command -v /usr/sbin/chpasswd >/dev/null 2>&1; then
cp -f /etc/resolv.conf "$MNT_ROOT/etc/resolv.conf" 2>/dev/null || true
chroot "$MNT_ROOT" bash -c "apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y passwd adduser" || true
fi
# Ensure shadow utilities present (useradd/chpasswd)
if ! chroot "$MNT_ROOT" command -v /usr/sbin/useradd >/dev/null 2>&1 || \
! chroot "$MNT_ROOT" command -v /usr/sbin/chpasswd >/dev/null 2>&1; then
cp -f /etc/resolv.conf "$MNT_ROOT/etc/resolv.conf" 2>/dev/null || true
chroot "$MNT_ROOT" bash -c "apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y passwd" || true
fi
# Ensure default user 'ubuntu' exists (fallback for minimal images)
if ! chroot "$MNT_ROOT" id -u ubuntu >/dev/null 2>&1; then
chroot "$MNT_ROOT" /usr/sbin/useradd -m -s /bin/bash ubuntu || true
echo "ubuntu ALL=(ALL) NOPASSWD:ALL" > "$MNT_ROOT/etc/sudoers.d/90-ubuntu" || true
chmod 0440 "$MNT_ROOT/etc/sudoers.d/90-ubuntu" || true
fi
# Re-assert password (covers both existing and newly created users)
if chroot "$MNT_ROOT" getent passwd ubuntu >/dev/null 2>&1; then
echo 'ubuntu:ubuntu' | chroot "$MNT_ROOT" /usr/sbin/chpasswd || true
fi
# Ensure account is unlocked (some cloud images ship locked local users)
chroot "$MNT_ROOT" /usr/bin/passwd -u ubuntu 2>/dev/null || true
chroot "$MNT_ROOT" /usr/sbin/usermod -U ubuntu 2>/dev/null || true
# Robustly set ubuntu password offline; generate hash on host and set inside chroot
UBUNTU_HASH="$(openssl passwd -6 'ubuntu' 2>/dev/null || python3 - <<'PY'
import crypt
print(crypt.crypt('ubuntu', crypt.mksalt(crypt.METHOD_SHA512)))
PY
)"
if [ -n "$UBUNTU_HASH" ] && chroot "$MNT_ROOT" getent passwd ubuntu >/dev/null 2>&1; then
printf 'ubuntu:%s\n' "$UBUNTU_HASH" | chroot "$MNT_ROOT" /usr/sbin/chpasswd -e || true
# Ensure account is not expired/locked and has sane aging
chroot "$MNT_ROOT" /usr/bin/chage -I -1 -m 0 -M 99999 -E -1 ubuntu 2>/dev/null || true
chroot "$MNT_ROOT" /usr/bin/passwd -u ubuntu 2>/dev/null || true
chroot "$MNT_ROOT" /usr/sbin/usermod -U ubuntu 2>/dev/null || true
# Debug: show status and shadow entry (for test logs)
chroot "$MNT_ROOT" /usr/bin/passwd -S ubuntu 2>/dev/null || true
chroot "$MNT_ROOT" bash -c "grep '^ubuntu:' /etc/shadow || true" 2>/dev/null || true
fi
# Also set root password and allow root login for test debugging
if chroot "$MNT_ROOT" getent passwd root >/dev/null 2>&1; then
echo 'root:root' | chroot "$MNT_ROOT" /usr/sbin/chpasswd || true
chroot "$MNT_ROOT" /usr/bin/passwd -u root 2>/dev/null || true
chroot "$MNT_ROOT" /usr/bin/chage -I -1 -m 0 -M 99999 -E -1 root 2>/dev/null || true
fi
# Pre-generate host SSH keys so sshd can start immediately
chroot "$MNT_ROOT" ssh-keygen -A 2>/dev/null || true
mkdir -p "$MNT_ROOT/var/run/sshd"
# Ensure sshd runs as a regular service and not via socket (binds IPv4+IPv6)
chroot "$MNT_ROOT" systemctl disable --now ssh.socket 2>/dev/null || true
chroot "$MNT_ROOT" systemctl mask ssh.socket 2>/dev/null || true
chroot "$MNT_ROOT" systemctl enable ssh.service 2>/dev/null || true
chroot "$MNT_ROOT" systemctl restart ssh.service 2>/dev/null || true
# Disable cloud-init networking (optional but default)
if [ "{disable_ci_net}" = "true" ]; then
mkdir -p "$MNT_ROOT/etc/cloud/cloud.cfg.d"
echo "network: {{{{config: disabled}}}}" > "$MNT_ROOT/etc/cloud/cloud.cfg.d/99-disable-network-config.cfg"
fi
# Fully disable cloud-init on first boot for deterministic tests
mkdir -p "$MNT_ROOT/etc/cloud"
: > "$MNT_ROOT/etc/cloud/cloud-init.disabled"
# Belt-and-braces: mask cloud-init services offline (no systemd required)
mkdir -p "$MNT_ROOT/etc/systemd/system"
for s in cloud-init.service cloud-config.service cloud-final.service cloud-init-local.service; do
ln -sf /dev/null "$MNT_ROOT/etc/systemd/system/$s" || true
done
# First-boot fallback: ensure ubuntu:ubuntu credentials and SSH password auth
mkdir -p "$MNT_ROOT/usr/local/sbin"
cat > "$MNT_ROOT/usr/local/sbin/hero-ensure-ubuntu-cred.sh" << 'EOS'
#!/bin/bash
set -euo pipefail
# Guarantee ubuntu user exists
if ! id -u ubuntu >/dev/null 2>&1; then
useradd -m -s /bin/bash ubuntu || true
fi
# Ensure sudo without password
mkdir -p /etc/sudoers.d
echo "ubuntu ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/90-ubuntu
chmod 0440 /etc/sudoers.d/90-ubuntu
# Set password 'ubuntu' (hashed)
UBUNTU_HASH="$(openssl passwd -6 'ubuntu' 2>/dev/null || python3 - <<'PY'
import crypt
print(crypt.crypt('ubuntu', crypt.mksalt(crypt.METHOD_SHA512)))
PY
)"
if [ -n "$UBUNTU_HASH" ]; then
printf 'ubuntu:%s\n' "$UBUNTU_HASH" | chpasswd -e || true
chage -I -1 -m 0 -M 99999 -E -1 ubuntu 2>/dev/null || true
passwd -u ubuntu 2>/dev/null || true
usermod -U ubuntu 2>/dev/null || true
fi
# SSHD password-auth settings
mkdir -p /etc/ssh/sshd_config.d
cat > /etc/ssh/sshd_config.d/99-hero-password-auth.conf << EOF
PasswordAuthentication yes
KbdInteractiveAuthentication yes
UsePAM yes
PubkeyAuthentication no
EOF
cat > /etc/ssh/sshd_config.d/99-hero-address-family.conf << EOF
AddressFamily any
ListenAddress ::
ListenAddress 0.0.0.0
EOF
# Ensure sshd waits for network-online at first boot as well
mkdir -p /etc/systemd/system/ssh.service.d
cat > /etc/systemd/system/ssh.service.d/override.conf << 'EOF'
[Unit]
After=network-online.target
Wants=network-online.target
EOF
# Remove any AuthenticationMethods directives from drop-ins that could conflict
if [ -f /etc/ssh/sshd_config ]; then
sed -i -E 's/^[[:space:]]*AuthenticationMethods[[:space:]].*$/# hero: removed AuthenticationMethods/' /etc/ssh/sshd_config 2>/dev/null || true
fi
if [ -d /etc/ssh/sshd_config.d ]; then
find /etc/ssh/sshd_config.d -type f -name '*.conf' -exec sed -i -E 's/^[[:space:]]*AuthenticationMethods[[:space:]].*$/# hero: removed AuthenticationMethods/' {{}} + 2>/dev/null \; || true
fi
# Ensure Include covers drop-ins
grep -qE '^[[:space:]]*Include[[:space:]]+/etc/ssh/sshd_config\.d/\*\.conf' /etc/ssh/sshd_config || \
echo 'Include /etc/ssh/sshd_config.d/*.conf' >> /etc/ssh/sshd_config
# Ensure and restart SSHD
if command -v systemctl >/dev/null 2>&1; then
systemctl daemon-reload || true
# Prefer running sshd as a service so it honors IPv6 ListenAddress from sshd_config
systemctl disable --now ssh.socket 2>/dev/null || true
systemctl mask ssh.socket 2>/dev/null || true
systemctl enable --now ssh.service 2>/dev/null || true
systemctl restart ssh.service 2>/dev/null || true
# Apply netplan in case renderer did not start IPv6 yet
command -v netplan >/dev/null 2>&1 && netplan apply 2>/dev/null || true
else
service ssh restart || true
fi
# Mark completion to avoid reruns if unit has a condition
mkdir -p /var/lib/hero
: > /var/lib/hero/cred-ensured
EOS
chmod 0755 "$MNT_ROOT/usr/local/sbin/hero-ensure-ubuntu-cred.sh"
# Install systemd unit to run on first boot
cat > "$MNT_ROOT/etc/systemd/system/hero-ensure-ubuntu-cred.service" << 'EOF'
[Unit]
Description=Hero: ensure ubuntu:ubuntu and SSH password auth
After=local-fs.target
Wants=local-fs.target
ConditionPathExists=!/var/lib/hero/cred-ensured
[Service]
Type=oneshot
ExecStart=/usr/local/sbin/hero-ensure-ubuntu-cred.sh
[Install]
WantedBy=multi-user.target
EOF
# Enable via symlink and best-effort systemctl in chroot
mkdir -p "$MNT_ROOT/etc/systemd/system/multi-user.target.wants"
ln -sf "/etc/systemd/system/hero-ensure-ubuntu-cred.service" "$MNT_ROOT/etc/systemd/system/multi-user.target.wants/hero-ensure-ubuntu-cred.service" || true
chroot "$MNT_ROOT" systemctl enable hero-ensure-ubuntu-cred.service 2>/dev/null || true
# Convert prepared image to raw (ensure source not locked)
umount "$MNT_BOOT" 2>/dev/null || true
umount "$MNT_ROOT" 2>/dev/null || true
if [ -n "$NBD" ]; then
qemu-nbd --disconnect "$NBD" 2>/dev/null || true
rmmod nbd 2>/dev/null || true
fi
rm -f "$RAW"
qemu-img convert -U -f qcow2 -O raw "$WORK" "$RAW"
# Output result triple ONLY on stdout, then prevent any further trap output
echo "RESULT:$RAW|$ROOT_UUID|$BOOT_UUID"
trap - EXIT
exit 0
"#,
src = shell_escape(&src),
vm_dir = shell_escape(&vm_dir),
work = shell_escape(&work_qcow2),
mnt_root = shell_escape(&mnt_root),
mnt_boot = shell_escape(&mnt_boot),
raw = shell_escape(&raw_path),
vm_mac = vm_mac,
dhcp4 = if opts.net.dhcp4 { "true" } else { "false" },
dhcp6 = if dhcp6_effective { "true" } else { "false" },
accept_ra = accept_ra,
np_v6_block = np_v6_block,
disable_ci_net = if disable_ci_net { "true" } else { "false" }
);
// image prep script executed silently
let res = run_script(&script)?;
// Prefer a RESULT:-prefixed line (robust against extra stdout noise)
let mut marker: Option<String> = None;
for l in res.stdout.lines().rev() {
let lt = l.trim();
if let Some(rest) = lt.strip_prefix("RESULT:") {
marker = Some(rest.trim().to_string());
break;
}
}
// Fallback: last line that looks like A|B|C
let line = if let Some(x) = marker {
x
} else {
let mut cand: Option<String> = None;
for l in res.stdout.lines().rev() {
let lt = l.trim();
if lt.split('|').count() == 3 {
cand = Some(lt.to_string());
break;
}
}
cand.ok_or_else(|| fail("no RAW|ROOT_UUID|BOOT_UUID line found in script output"))?
};
let parts: Vec<_> = line.split('|').map(|s| s.trim().to_string()).collect();
if parts.len() != 3 {
return Err(fail(&format!(
"unexpected output from image_prepare script, expected RAW|ROOT_UUID|BOOT_UUID, got: {}",
line
)));
}
Ok(ImagePrepResult {
raw_disk: parts[0].clone(),
root_uuid: parts[1].clone(),
boot_uuid: parts[2].clone(),
work_qcow2,
})
}
Flavor::Alpine => Err(ImagePrepError::NotImplemented(
"Alpine image_prepare not implemented yet".into(),
)),
}
}
fn shell_escape(s: &str) -> String {
if s.is_empty() {
return "''".into();
}
if s.chars()
.all(|c| c.is_ascii_alphanumeric() || "-_./=:".contains(c))
{
return s.into();
}
let mut out = String::from("'");
for ch in s.chars() {
if ch == '\'' {
out.push_str("'\"'\"'");
} else {
out.push(ch);
}
}
out.push('\'');
out
}

4
packages/system/virt/src/lib.rs
View File

@@ -24,6 +24,10 @@
pub mod buildah;
pub mod nerdctl;
pub mod rfs;
pub mod qcow2;
pub mod cloudhv;
pub mod hostcheck;
pub mod image_prep;
pub mod rhai;

4
packages/system/virt/src/mod.rs
View File

@@ -1,3 +1,5 @@
pub mod buildah;
pub mod nerdctl;
pub mod rfs;
pub mod rfs;
pub mod qcow2;
pub mod cloudhv;

200
packages/system/virt/src/qcow2/mod.rs Normal file
View File

@@ -0,0 +1,200 @@
use serde_json::Value;
use std::error::Error;
use std::fmt;
use std::fs;
use std::path::Path;
use sal_os;
use sal_process::{self, RunError};
/// Error type for qcow2 operations
#[derive(Debug)]
pub enum Qcow2Error {
/// Failed to execute a system command
CommandExecutionFailed(String),
/// Command executed but returned non-zero or failed semantics
CommandFailed(String),
/// JSON parsing error
JsonParseError(String),
/// IO error (filesystem)
IoError(String),
/// Dependency missing or invalid input
Other(String),
}
impl fmt::Display for Qcow2Error {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
match self {
Qcow2Error::CommandExecutionFailed(e) => write!(f, "Command execution failed: {}", e),
Qcow2Error::CommandFailed(e) => write!(f, "{}", e),
Qcow2Error::JsonParseError(e) => write!(f, "JSON parse error: {}", e),
Qcow2Error::IoError(e) => write!(f, "IO error: {}", e),
Qcow2Error::Other(e) => write!(f, "{}", e),
}
}
}
impl Error for Qcow2Error {}
fn from_run_error(e: RunError) -> Qcow2Error {
Qcow2Error::CommandExecutionFailed(e.to_string())
}
fn ensure_parent_dir(path: &str) -> Result<(), Qcow2Error> {
if let Some(parent) = Path::new(path).parent() {
fs::create_dir_all(parent).map_err(|e| Qcow2Error::IoError(e.to_string()))?;
}
Ok(())
}
fn ensure_qemu_img() -> Result<(), Qcow2Error> {
if sal_process::which("qemu-img").is_none() {
return Err(Qcow2Error::Other(
"qemu-img not found on PATH. Please install qemu-utils (Debian/Ubuntu) or the QEMU tools for your distro.".to_string(),
));
}
Ok(())
}
fn run_quiet(cmd: &str) -> Result<sal_process::CommandResult, Qcow2Error> {
sal_process::run(cmd)
.silent(true)
.execute()
.map_err(from_run_error)
.and_then(|res| {
if res.success {
Ok(res)
} else {
Err(Qcow2Error::CommandFailed(format!(
"Command failed (code {}): {}\n{}",
res.code, cmd, res.stderr
)))
}
})
}
/// Create a qcow2 image at path with a given virtual size (in GiB)
pub fn create(path: &str, size_gb: i64) -> Result<String, Qcow2Error> {
ensure_qemu_img()?;
if size_gb <= 0 {
return Err(Qcow2Error::Other(
"size_gb must be > 0 for qcow2.create".to_string(),
));
}
ensure_parent_dir(path)?;
let cmd = format!("qemu-img create -f qcow2 {} {}G", path, size_gb);
run_quiet(&cmd)?;
Ok(path.to_string())
}
/// Return qemu-img info as a JSON value
pub fn info(path: &str) -> Result<Value, Qcow2Error> {
ensure_qemu_img()?;
if !Path::new(path).exists() {
return Err(Qcow2Error::IoError(format!("Image not found: {}", path)));
}
let cmd = format!("qemu-img info --output=json {}", path);
let res = run_quiet(&cmd)?;
serde_json::from_str::<Value>(&res.stdout).map_err(|e| Qcow2Error::JsonParseError(e.to_string()))
}
/// Create an offline snapshot on a qcow2 image
pub fn snapshot_create(path: &str, name: &str) -> Result<(), Qcow2Error> {
ensure_qemu_img()?;
if name.trim().is_empty() {
return Err(Qcow2Error::Other("snapshot name cannot be empty".to_string()));
}
let cmd = format!("qemu-img snapshot -c {} {}", name, path);
run_quiet(&cmd).map(|_| ())
}
/// Delete a snapshot on a qcow2 image
pub fn snapshot_delete(path: &str, name: &str) -> Result<(), Qcow2Error> {
ensure_qemu_img()?;
if name.trim().is_empty() {
return Err(Qcow2Error::Other("snapshot name cannot be empty".to_string()));
}
let cmd = format!("qemu-img snapshot -d {} {}", name, path);
run_quiet(&cmd).map(|_| ())
}
/// Snapshot representation (subset of qemu-img info snapshots)
#[derive(Debug, Clone)]
pub struct Qcow2Snapshot {
pub id: Option<String>,
pub name: Option<String>,
pub vm_state_size: Option<i64>,
pub date_sec: Option<i64>,
pub date_nsec: Option<i64>,
pub vm_clock_nsec: Option<i64>,
}
/// List snapshots on a qcow2 image (offline)
pub fn snapshot_list(path: &str) -> Result<Vec<Qcow2Snapshot>, Qcow2Error> {
let v = info(path)?;
let mut out = Vec::new();
if let Some(snaps) = v.get("snapshots").and_then(|s| s.as_array()) {
for s in snaps {
let snap = Qcow2Snapshot {
id: s.get("id").and_then(|x| x.as_str()).map(|s| s.to_string()),
name: s.get("name").and_then(|x| x.as_str()).map(|s| s.to_string()),
vm_state_size: s.get("vm-state-size").and_then(|x| x.as_i64()),
date_sec: s.get("date-sec").and_then(|x| x.as_i64()),
date_nsec: s.get("date-nsec").and_then(|x| x.as_i64()),
vm_clock_nsec: s.get("vm-clock-nsec").and_then(|x| x.as_i64()),
};
out.push(snap);
}
}
Ok(out)
}
/// Result for building the base image
#[derive(Debug, Clone)]
pub struct BuildBaseResult {
pub base_image_path: String,
pub snapshot: String,
pub url: String,
pub resized_to_gb: Option<i64>,
}
/// Build/download Ubuntu 24.04 base image (Noble cloud image), optionally resize, and create a base snapshot
pub fn build_ubuntu_24_04_base(dest_dir: &str, size_gb: Option<i64>) -> Result<BuildBaseResult, Qcow2Error> {
ensure_qemu_img()?;
// Ensure destination directory exists
sal_os::mkdir(dest_dir).map_err(|e| Qcow2Error::IoError(e.to_string()))?;
// Canonical Ubuntu Noble cloud image (amd64)
let url = "https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img";
// Build destination path
let dest_dir_sanitized = dest_dir.trim_end_matches('/');
let dest_path = format!("{}/noble-server-cloudimg-amd64.img", dest_dir_sanitized);
// Download if not present
let path_obj = Path::new(&dest_path);
if !path_obj.exists() {
// 50MB minimum for sanity; the actual image is much larger
sal_os::download_file(url, &dest_path, 50_000)
.map_err(|e| Qcow2Error::IoError(e.to_string()))?;
}
// Resize if requested
if let Some(sz) = size_gb {
if sz > 0 {
let cmd = format!("qemu-img resize {} {}G", dest_path, sz);
run_quiet(&cmd)?;
}
}
// Create "base" snapshot
snapshot_create(&dest_path, "base")?;
Ok(BuildBaseResult {
base_image_path: dest_path,
snapshot: "base".to_string(),
url: url.to_string(),
resized_to_gb: size_gb.filter(|v| *v > 0),
})
}

22
packages/system/virt/src/rhai.rs
View File

@@ -8,6 +8,11 @@ use rhai::{Engine, EvalAltResult};
pub mod buildah;
pub mod nerdctl;
pub mod rfs;
pub mod qcow2;
pub mod cloudhv;
pub mod hostcheck;
pub mod image_prep;
pub mod cloudhv_builder;
/// Register all Virt module functions with the Rhai engine
///
@@ -28,6 +33,21 @@ pub fn register_virt_module(engine: &mut Engine) -> Result<(), Box<EvalAltResult
// Register RFS module functions
rfs::register_rfs_module(engine)?;
// Register QCOW2 module functions
qcow2::register_qcow2_module(engine)?;
// Register Cloud Hypervisor module functions
cloudhv::register_cloudhv_module(engine)?;
// Register Host dependency checker
hostcheck::register_hostcheck_module(engine)?;
// Register Image preparation functions
image_prep::register_image_prep_module(engine)?;
// Register Cloud Hypervisor builder and easy wrapper
cloudhv_builder::register_cloudhv_builder_module(engine)?;
Ok(())
}
@@ -35,3 +55,5 @@ pub fn register_virt_module(engine: &mut Engine) -> Result<(), Box<EvalAltResult
pub use buildah::{bah_new, register_bah_module};
pub use nerdctl::register_nerdctl_module;
pub use rfs::register_rfs_module;
pub use qcow2::register_qcow2_module;
pub use cloudhv::register_cloudhv_module;

262
packages/system/virt/src/rhai/cloudhv.rs Normal file
View File

@@ -0,0 +1,262 @@
use crate::cloudhv;
use crate::cloudhv::{VmRecord, VmRuntime, VmSpec};
use rhai::{Array, Dynamic, Engine, EvalAltResult, Map};
// Error adapter
fn hv_to_rhai<T>(r: Result<T, cloudhv::CloudHvError>) -> Result<T, Box<EvalAltResult>> {
r.map_err(|e| {
Box::new(EvalAltResult::ErrorRuntime(
format!("cloudhv error: {}", e).into(),
rhai::Position::NONE,
))
})
}
// Map conversions
fn map_to_vmspec(spec: Map) -> Result<VmSpec, Box<EvalAltResult>> {
let id = must_get_string(&spec, "id")?;
let kernel_path = get_string(&spec, "kernel_path");
let initramfs_path = get_string(&spec, "initramfs_path");
let firmware_path = get_string(&spec, "firmware_path");
let disk_path = must_get_string(&spec, "disk_path")?;
let api_socket = get_string(&spec, "api_socket").unwrap_or_else(|| "".to_string());
let vcpus = get_int(&spec, "vcpus").unwrap_or(1) as u32;
let memory_mb = get_int(&spec, "memory_mb").unwrap_or(512) as u32;
let cmdline = get_string(&spec, "cmdline");
let extra_args = get_string_array(&spec, "extra_args");
Ok(VmSpec {
id,
kernel_path,
initramfs_path,
firmware_path,
disk_path,
api_socket,
vcpus,
memory_mb,
cmdline,
extra_args,
net_profile: None,
})
}
fn vmspec_to_map(s: &VmSpec) -> Map {
let mut m = Map::new();
m.insert("id".into(), s.id.clone().into());
if let Some(k) = &s.kernel_path {
m.insert("kernel_path".into(), k.clone().into());
} else {
m.insert("kernel_path".into(), Dynamic::UNIT);
}
if let Some(ir) = &s.initramfs_path {
m.insert("initramfs_path".into(), ir.clone().into());
} else {
m.insert("initramfs_path".into(), Dynamic::UNIT);
}
if let Some(fw) = &s.firmware_path {
m.insert("firmware_path".into(), fw.clone().into());
} else {
m.insert("firmware_path".into(), Dynamic::UNIT);
}
m.insert("disk_path".into(), s.disk_path.clone().into());
m.insert("api_socket".into(), s.api_socket.clone().into());
m.insert("vcpus".into(), (s.vcpus as i64).into());
m.insert("memory_mb".into(), (s.memory_mb as i64).into());
if let Some(c) = &s.cmdline {
m.insert("cmdline".into(), c.clone().into());
} else {
m.insert("cmdline".into(), Dynamic::UNIT);
}
if let Some(arr) = &s.extra_args {
let mut a = Array::new();
for s in arr {
a.push(s.clone().into());
}
m.insert("extra_args".into(), a.into());
} else {
m.insert("extra_args".into(), Dynamic::UNIT);
}
// net_profile not exposed in Rhai yet; return UNIT for now
m.insert("net_profile".into(), Dynamic::UNIT);
m
}
fn vmruntime_to_map(r: &VmRuntime) -> Map {
let mut m = Map::new();
match r.pid {
Some(p) => m.insert("pid".into(), (p as i64).into()),
None => m.insert("pid".into(), Dynamic::UNIT),
};
m.insert("status".into(), r.status.clone().into());
m.insert("log_file".into(), r.log_file.clone().into());
m
}
fn vmrecord_to_map(rec: &VmRecord) -> Map {
let mut m = Map::new();
m.insert("spec".into(), vmspec_to_map(&rec.spec).into());
m.insert("runtime".into(), vmruntime_to_map(&rec.runtime).into());
m
}
// Helpers for reading Rhai Map fields
fn must_get_string(m: &Map, k: &str) -> Result<String, Box<EvalAltResult>> {
match m.get(k) {
Some(v) if v.is_string() => Ok(v.clone().cast::<String>()),
_ => Err(Box::new(EvalAltResult::ErrorRuntime(
format!("missing or non-string field '{}'", k).into(),
rhai::Position::NONE,
))),
}
}
fn get_string(m: &Map, k: &str) -> Option<String> {
m.get(k).and_then(|v| if v.is_string() { Some(v.clone().cast::<String>()) } else { None })
}
fn get_int(m: &Map, k: &str) -> Option<i64> {
m.get(k).and_then(|v| v.as_int().ok())
}
fn get_string_array(m: &Map, k: &str) -> Option<Vec<String>> {
m.get(k).and_then(|v| {
if v.is_array() {
let arr = v.clone().cast::<Array>();
let mut out = vec![];
for it in arr {
if it.is_string() {
out.push(it.cast::<String>());
}
}
Some(out)
} else {
None
}
})
}
// Rhai-exposed functions
pub fn cloudhv_vm_create(spec: Map) -> Result<String, Box<EvalAltResult>> {
let s = map_to_vmspec(spec)?;
hv_to_rhai(cloudhv::vm_create(&s))
}
pub fn cloudhv_vm_start(id: &str) -> Result<(), Box<EvalAltResult>> {
hv_to_rhai(cloudhv::vm_start(id))
}
pub fn cloudhv_vm_stop(id: &str, force: bool) -> Result<(), Box<EvalAltResult>> {
hv_to_rhai(cloudhv::vm_stop(id, force))
}
pub fn cloudhv_vm_delete(id: &str, delete_disks: bool) -> Result<(), Box<EvalAltResult>> {
hv_to_rhai(cloudhv::vm_delete(id, delete_disks))
}
pub fn cloudhv_vm_list() -> Result<Array, Box<EvalAltResult>> {
let vms = hv_to_rhai(cloudhv::vm_list())?;
let mut arr = Array::new();
for rec in vms {
arr.push(vmrecord_to_map(&rec).into());
}
Ok(arr)
}
pub fn cloudhv_vm_info(id: &str) -> Result<Map, Box<EvalAltResult>> {
let rec = hv_to_rhai(cloudhv::vm_info(id))?;
Ok(vmrecord_to_map(&rec))
}
pub fn cloudhv_discover_ipv4_from_leases(lease_path: &str, mac_lower: &str, timeout_secs: i64) -> Dynamic {
// Check verbosity from environment variable, default to verbose
let verbose = std::env::var("VIRT_VERBOSE").unwrap_or_else(|_| "1".to_string()) == "1";
if verbose {
println!("🔍 Discovering VM network addresses...");
}
match crate::cloudhv::net::discover_ipv4_from_leases(lease_path, mac_lower, timeout_secs as u64) {
Some(ip) => ip.into(),
None => Dynamic::UNIT,
}
}
pub fn cloudhv_discover_ipv6_on_bridge(bridge_name: &str, mac_lower: &str) -> Dynamic {
match crate::cloudhv::net::discover_ipv6_on_bridge(bridge_name, mac_lower) {
Some(ip) => ip.into(),
None => Dynamic::UNIT,
}
}
pub fn cloudhv_display_network_info(vm_id: &str, ipv4: Dynamic, ipv6: Dynamic) {
// Check verbosity from environment variable, default to verbose
let verbose = std::env::var("VIRT_VERBOSE").unwrap_or_else(|_| "1".to_string()) == "1";
if !verbose {
return;
}
println!("✅ VM {} is ready!", vm_id);
println!("");
println!("🌐 Network Information:");
if ipv4.is_string() && !ipv4.clone().cast::<String>().is_empty() {
println!(" IPv4: {}", ipv4.clone().cast::<String>());
} else {
println!(" IPv4: Not assigned yet (VM may still be configuring)");
}
if ipv6.is_string() && !ipv6.clone().cast::<String>().is_empty() {
println!(" IPv6: {}", ipv6.clone().cast::<String>());
} else {
println!(" IPv6: Not available");
}
println!("");
println!("💡 VM is running in the background. To connect:");
let ssh_addr = if ipv4.is_string() && !ipv4.clone().cast::<String>().is_empty() {
ipv4.cast::<String>()
} else {
"<IPv4>".to_string()
};
println!(" SSH: ssh ubuntu@{}", ssh_addr);
println!("");
println!("🛑 To stop the VM later:");
println!(" cloudhv_vm_stop(\"{}\", false);", vm_id);
println!(" cloudhv_vm_delete(\"{}\", true);", vm_id);
}
/// High-level network discovery that avoids hardcoded MAC/paths.
/// Returns a Rhai map with fields: ipv4, ipv6, mac, bridge, lease.
pub fn cloudhv_vm_network_info(id: &str, timeout_secs: i64) -> Result<Map, Box<EvalAltResult>> {
let (ipv4, ipv6, mac, bridge, lease) =
hv_to_rhai(cloudhv::vm_network_info(id, timeout_secs as u64))?;
let mut m = Map::new();
m.insert("vm_id".into(), id.to_string().into());
m.insert("ipv4".into(), ipv4.map(Into::into).unwrap_or(Dynamic::UNIT));
m.insert("ipv6".into(), ipv6.map(Into::into).unwrap_or(Dynamic::UNIT));
m.insert("mac".into(), mac.map(Into::into).unwrap_or(Dynamic::UNIT));
m.insert("bridge".into(), bridge.map(Into::into).unwrap_or(Dynamic::UNIT));
m.insert("lease".into(), lease.map(Into::into).unwrap_or(Dynamic::UNIT));
Ok(m)
}
// Module registration
pub fn register_cloudhv_module(engine: &mut Engine) -> Result<(), Box<EvalAltResult>> {
engine.register_fn("cloudhv_vm_create", cloudhv_vm_create);
engine.register_fn("cloudhv_vm_start", cloudhv_vm_start);
engine.register_fn("cloudhv_vm_stop", cloudhv_vm_stop);
engine.register_fn("cloudhv_vm_delete", cloudhv_vm_delete);
engine.register_fn("cloudhv_vm_list", cloudhv_vm_list);
engine.register_fn("cloudhv_vm_info", cloudhv_vm_info);
engine.register_fn("cloudhv_vm_network_info", cloudhv_vm_network_info);
engine.register_fn("cloudhv_discover_ipv4_from_leases", cloudhv_discover_ipv4_from_leases);
engine.register_fn("cloudhv_discover_ipv6_on_bridge", cloudhv_discover_ipv6_on_bridge);
engine.register_fn("cloudhv_display_network_info", cloudhv_display_network_info);
Ok(())
}

204
packages/system/virt/src/rhai/cloudhv_builder.rs Normal file
View File

@@ -0,0 +1,204 @@
use crate::cloudhv::builder::CloudHvBuilder;
use crate::hostcheck::host_check_deps;
use crate::image_prep::{image_prepare, Flavor as ImgFlavor, ImagePrepOptions, NetPlanOpts};
use rhai::{Engine, EvalAltResult, Array};
// Improved functional-style builder with better method names for fluent feel
fn cloudhv_builder(id: &str) -> CloudHvBuilder {
CloudHvBuilder::new(id)
}
fn memory_mb(b: CloudHvBuilder, mb: i64) -> CloudHvBuilder {
let mut b = b;
if mb > 0 {
b.memory_mb(mb as u32);
}
b
}
fn vcpus(b: CloudHvBuilder, v: i64) -> CloudHvBuilder {
let mut b = b;
if v > 0 {
b.vcpus(v as u32);
}
b
}
fn disk(b: CloudHvBuilder, path: &str) -> CloudHvBuilder {
let mut b = b;
b.disk(path);
b
}
fn disk_from_flavor(b: CloudHvBuilder, flavor: &str) -> CloudHvBuilder {
let mut b = b;
b.disk_from_flavor(flavor);
b
}
fn cmdline(b: CloudHvBuilder, c: &str) -> CloudHvBuilder {
let mut b = b;
b.cmdline(c);
b
}
fn extra_arg(b: CloudHvBuilder, a: &str) -> CloudHvBuilder {
let mut b = b;
b.extra_arg(a);
b
}
fn no_default_net(b: CloudHvBuilder) -> CloudHvBuilder {
let mut b = b;
b.no_default_net();
b
}
fn network_default_nat(b: CloudHvBuilder) -> CloudHvBuilder {
let mut b = b;
b.network_default_nat();
b
}
fn network_none(b: CloudHvBuilder) -> CloudHvBuilder {
let mut b = b;
b.network_none();
b
}
fn network_bridge_only(b: CloudHvBuilder) -> CloudHvBuilder {
let mut b = b;
b.network_bridge_only();
b
}
fn network_custom(b: CloudHvBuilder, args: Array) -> CloudHvBuilder {
let mut b = b;
let mut v: Vec<String> = Vec::new();
for it in args {
if it.is_string() {
v.push(it.clone().cast::<String>());
}
}
b.network_custom_cli(v);
b
}
fn launch(mut b: CloudHvBuilder) -> Result<String, Box<EvalAltResult>> {
// Check verbosity from environment variable, default to verbose
let verbose = std::env::var("VIRT_VERBOSE").unwrap_or_else(|_| "1".to_string()) == "1";
if verbose {
println!("Preparing Ubuntu image and configuring VM...");
}
b.launch().map_err(|e| {
Box::new(EvalAltResult::ErrorRuntime(
format!("cloudhv builder launch failed: {}", e).into(),
rhai::Position::NONE,
))
}).map(|vm_id| {
if verbose {
println!("✅ VM launched successfully");
}
vm_id
})
}
fn wait_for_vm_boot(seconds: i64) {
// Check verbosity from environment variable, default to verbose
let verbose = std::env::var("VIRT_VERBOSE").unwrap_or_else(|_| "1".to_string()) == "1";
if verbose {
println!("⏳ Waiting {} seconds for VM to boot and configure network...", seconds);
}
std::thread::sleep(std::time::Duration::from_secs(seconds as u64));
}
// Noob-friendly one-shot wrapper
fn vm_easy_launch(flavor: &str, id: &str, memory_mb: i64, vcpus: i64) -> Result<String, Box<EvalAltResult>> {
// Preflight
let report = host_check_deps().map_err(|e| {
Box::new(EvalAltResult::ErrorRuntime(
format!("host_check failed: {}", e).into(),
rhai::Position::NONE,
))
})?;
if !report.ok {
return Err(Box::new(EvalAltResult::ErrorRuntime(
format!("missing dependencies: {:?}", report.critical).into(),
rhai::Position::NONE,
)));
}
// Prepare image to raw using defaults (DHCPv4 + placeholder v6 + disable cloud-init net)
let img_flavor = match flavor {
"ubuntu" | "Ubuntu" | "UBUNTU" => ImgFlavor::Ubuntu,
"alpine" | "Alpine" | "ALPINE" => ImgFlavor::Alpine,
_ => ImgFlavor::Ubuntu,
};
let prep_opts = ImagePrepOptions {
flavor: img_flavor,
id: id.to_string(),
source: None,
target_dir: None,
net: NetPlanOpts::default(),
disable_cloud_init_net: true,
};
let prep = image_prepare(&prep_opts).map_err(|e| {
Box::new(EvalAltResult::ErrorRuntime(
format!("image_prepare failed: {}", e).into(),
rhai::Position::NONE,
))
})?;
// Build and launch
let mut b = CloudHvBuilder::new(id);
b.disk(&prep.raw_disk);
if memory_mb > 0 {
b.memory_mb(memory_mb as u32);
}
if vcpus > 0 {
b.vcpus(vcpus as u32);
}
// Default profile: NAT with IPv6 via Mycelium (opt-out via env)
b.network_default_nat();
b.launch().map_err(|e| {
Box::new(EvalAltResult::ErrorRuntime(
format!("vm_easy_launch failed at launch: {}", e).into(),
rhai::Position::NONE,
))
})
}
pub fn register_cloudhv_builder_module(engine: &mut Engine) -> Result<(), Box<EvalAltResult>> {
// Register type
engine.register_type_with_name::<CloudHvBuilder>("CloudHvBuilder");
// Factory
engine.register_fn("cloudhv_builder", cloudhv_builder);
// Chainable methods (fluent functional style)
engine.register_fn("memory_mb", memory_mb);
engine.register_fn("vcpus", vcpus);
engine.register_fn("disk", disk);
engine.register_fn("disk_from_flavor", disk_from_flavor);
engine.register_fn("cmdline", cmdline);
engine.register_fn("extra_arg", extra_arg);
engine.register_fn("no_default_net", no_default_net);
// Networking profiles
engine.register_fn("network_default_nat", network_default_nat);
engine.register_fn("network_none", network_none);
engine.register_fn("network_bridge_only", network_bridge_only);
engine.register_fn("network_custom", network_custom);
// Action
engine.register_fn("launch", launch);
engine.register_fn("wait_for_vm_boot", wait_for_vm_boot);
// One-shot wrapper
engine.register_fn("vm_easy_launch", vm_easy_launch);
Ok(())
}

81
packages/system/virt/src/rhai/hostcheck.rs Normal file
View File

@@ -0,0 +1,81 @@
use crate::hostcheck::{host_check_deps, HostCheckReport};
use rhai::{Array, Dynamic, Engine, EvalAltResult, Map};
fn report_to_map(r: &HostCheckReport) -> Map {
let mut m = Map::new();
m.insert("ok".into(), (r.ok as bool).into());
let mut crit = Array::new();
for s in &r.critical {
crit.push(s.clone().into());
}
m.insert("critical".into(), crit.into());
let mut opt = Array::new();
for s in &r.optional {
opt.push(s.clone().into());
}
m.insert("optional".into(), opt.into());
let mut notes = Array::new();
for s in &r.notes {
notes.push(s.clone().into());
}
m.insert("notes".into(), notes.into());
m
}
fn host_check() -> Result<Map, Box<EvalAltResult>> {
// Check verbosity from environment variable, default to verbose
let verbose = std::env::var("VIRT_VERBOSE").unwrap_or_else(|_| "1".to_string()) == "1";
if verbose {
println!("Checking system requirements...");
}
match host_check_deps() {
Ok(rep) => {
if verbose {
if rep.ok {
println!("✅ System requirements met");
} else {
println!("❌ System check failed - missing dependencies:");
if !rep.critical.is_empty() {
println!("Critical:");
for dep in &rep.critical {
println!(" - {}", dep);
}
}
if !rep.optional.is_empty() {
println!("Optional:");
for dep in &rep.optional {
println!(" - {}", dep);
}
}
}
}
Ok(report_to_map(&rep))
},
Err(e) => {
if verbose {
println!("❌ System check failed - missing dependencies:");
println!("Critical:");
println!(" - host_check failed: {}", e);
}
let mut m = Map::new();
m.insert("ok".into(), Dynamic::FALSE);
let mut crit = Array::new();
crit.push(format!("host_check failed: {}", e).into());
m.insert("critical".into(), crit.into());
m.insert("optional".into(), Array::new().into());
m.insert("notes".into(), Array::new().into());
Ok(m)
}
}
}
pub fn register_hostcheck_module(engine: &mut Engine) -> Result<(), Box<EvalAltResult>> {
engine.register_fn("host_check", host_check);
Ok(())
}

98
packages/system/virt/src/rhai/image_prep.rs Normal file
View File

@@ -0,0 +1,98 @@
use crate::image_prep::{image_prepare, Flavor, ImagePrepOptions, NetPlanOpts};
use rhai::{Engine, EvalAltResult, Map};
fn parse_flavor(s: &str) -> Result<Flavor, Box<EvalAltResult>> {
match s {
"ubuntu" | "Ubuntu" | "UBUNTU" => Ok(Flavor::Ubuntu),
"alpine" | "Alpine" | "ALPINE" => Ok(Flavor::Alpine),
other => Err(Box::new(EvalAltResult::ErrorRuntime(
format!("image_prepare: invalid flavor '{}', allowed: ubuntu|alpine", other).into(),
rhai::Position::NONE,
))),
}
}
fn map_get_string(m: &Map, k: &str) -> Option<String> {
m.get(k).and_then(|v| if v.is_string() { Some(v.clone().cast::<String>()) } else { None })
}
fn map_get_bool(m: &Map, k: &str) -> Option<bool> {
m.get(k).and_then(|v| v.as_bool().ok())
}
fn net_from_map(m: Option<&Map>) -> NetPlanOpts {
let mut n = NetPlanOpts::default();
if let Some(mm) = m {
if let Some(b) = map_get_bool(mm, "dhcp4") {
n.dhcp4 = b;
}
if let Some(b) = map_get_bool(mm, "dhcp6") {
n.dhcp6 = b;
}
if let Some(s) = map_get_string(mm, "ipv6_addr") {
if !s.trim().is_empty() {
n.ipv6_addr = Some(s);
}
}
if let Some(s) = map_get_string(mm, "gw6") {
if !s.trim().is_empty() {
n.gw6 = Some(s);
}
}
}
n
}
fn image_prepare_rhai(opts: Map) -> Result<Map, Box<EvalAltResult>> {
// Required fields
let id = map_get_string(&opts, "id").ok_or_else(|| {
Box::new(EvalAltResult::ErrorRuntime(
"image_prepare: missing required field 'id'".into(),
rhai::Position::NONE,
))
})?;
if id.trim().is_empty() {
return Err(Box::new(EvalAltResult::ErrorRuntime(
"image_prepare: 'id' must not be empty".into(),
rhai::Position::NONE,
)));
}
let flavor_s = map_get_string(&opts, "flavor").unwrap_or_else(|| "ubuntu".into());
let flavor = parse_flavor(&flavor_s)?;
// Optional fields
let source = map_get_string(&opts, "source");
let target_dir = map_get_string(&opts, "target_dir");
let net = opts.get("net").and_then(|v| if v.is_map() { Some(v.clone().cast::<Map>()) } else { None });
let net_opts = net_from_map(net.as_ref());
let disable_cloud_init_net = map_get_bool(&opts, "disable_cloud_init_net").unwrap_or(true);
let o = ImagePrepOptions {
flavor,
id,
source,
target_dir,
net: net_opts,
disable_cloud_init_net,
};
let res = image_prepare(&o).map_err(|e| {
Box::new(EvalAltResult::ErrorRuntime(
format!("image_prepare failed: {}", e).into(),
rhai::Position::NONE,
))
})?;
let mut out = Map::new();
out.insert("raw_disk".into(), res.raw_disk.into());
out.insert("root_uuid".into(), res.root_uuid.into());
out.insert("boot_uuid".into(), res.boot_uuid.into());
out.insert("work_qcow2".into(), res.work_qcow2.into());
Ok(out)
}
pub fn register_image_prep_module(engine: &mut Engine) -> Result<(), Box<EvalAltResult>> {
engine.register_fn("image_prepare", image_prepare_rhai);
Ok(())
}

139
packages/system/virt/src/rhai/qcow2.rs Normal file
View File

@@ -0,0 +1,139 @@
use crate::qcow2;
use crate::qcow2::{BuildBaseResult, Qcow2Error, Qcow2Snapshot};
use rhai::{Array, Dynamic, Engine, EvalAltResult, Map};
use serde_json::Value;
// Convert Qcow2Error to Rhai error
fn qcow2_error_to_rhai<T>(result: Result<T, Qcow2Error>) -> Result<T, Box<EvalAltResult>> {
result.map_err(|e| {
Box::new(EvalAltResult::ErrorRuntime(
format!("qcow2 error: {}", e).into(),
rhai::Position::NONE,
))
})
}
// Convert serde_json::Value to Rhai Dynamic recursively (maps, arrays, scalars)
fn json_to_dynamic(v: &Value) -> Dynamic {
match v {
Value::Null => Dynamic::UNIT,
Value::Bool(b) => (*b).into(),
Value::Number(n) => {
if let Some(i) = n.as_i64() {
i.into()
} else {
// Avoid float dependency differences; fall back to string
n.to_string().into()
}
}
Value::String(s) => s.clone().into(),
Value::Array(arr) => {
let mut a = Array::new();
for item in arr {
a.push(json_to_dynamic(item));
}
a.into()
}
Value::Object(obj) => {
let mut m = Map::new();
for (k, val) in obj {
m.insert(k.into(), json_to_dynamic(val));
}
m.into()
}
}
}
// Wrappers exposed to Rhai
pub fn qcow2_create(path: &str, size_gb: i64) -> Result<String, Box<EvalAltResult>> {
qcow2_error_to_rhai(qcow2::create(path, size_gb))
}
pub fn qcow2_info(path: &str) -> Result<Dynamic, Box<EvalAltResult>> {
let v = qcow2_error_to_rhai(qcow2::info(path))?;
Ok(json_to_dynamic(&v))
}
pub fn qcow2_snapshot_create(path: &str, name: &str) -> Result<(), Box<EvalAltResult>> {
qcow2_error_to_rhai(qcow2::snapshot_create(path, name))
}
pub fn qcow2_snapshot_delete(path: &str, name: &str) -> Result<(), Box<EvalAltResult>> {
qcow2_error_to_rhai(qcow2::snapshot_delete(path, name))
}
pub fn qcow2_snapshot_list(path: &str) -> Result<Array, Box<EvalAltResult>> {
let snaps = qcow2_error_to_rhai(qcow2::snapshot_list(path))?;
let mut arr = Array::new();
for s in snaps {
arr.push(snapshot_to_map(&s).into());
}
Ok(arr)
}
fn snapshot_to_map(s: &Qcow2Snapshot) -> Map {
let mut m = Map::new();
if let Some(id) = &s.id {
m.insert("id".into(), id.clone().into());
} else {
m.insert("id".into(), Dynamic::UNIT);
}
if let Some(name) = &s.name {
m.insert("name".into(), name.clone().into());
} else {
m.insert("name".into(), Dynamic::UNIT);
}
if let Some(v) = s.vm_state_size {
m.insert("vm_state_size".into(), v.into());
} else {
m.insert("vm_state_size".into(), Dynamic::UNIT);
}
if let Some(v) = s.date_sec {
m.insert("date_sec".into(), v.into());
} else {
m.insert("date_sec".into(), Dynamic::UNIT);
}
if let Some(v) = s.date_nsec {
m.insert("date_nsec".into(), v.into());
} else {
m.insert("date_nsec".into(), Dynamic::UNIT);
}
if let Some(v) = s.vm_clock_nsec {
m.insert("vm_clock_nsec".into(), v.into());
} else {
m.insert("vm_clock_nsec".into(), Dynamic::UNIT);
}
m
}
pub fn qcow2_build_ubuntu_24_04_base(
dest_dir: &str,
size_gb: i64,
) -> Result<Map, Box<EvalAltResult>> {
// size_gb: pass None if <=0
let size_opt = if size_gb > 0 { Some(size_gb) } else { None };
let r: BuildBaseResult = qcow2_error_to_rhai(qcow2::build_ubuntu_24_04_base(dest_dir, size_opt))?;
let mut m = Map::new();
m.insert("base_image_path".into(), r.base_image_path.into());
m.insert("snapshot".into(), r.snapshot.into());
m.insert("url".into(), r.url.into());
if let Some(sz) = r.resized_to_gb {
m.insert("resized_to_gb".into(), sz.into());
} else {
m.insert("resized_to_gb".into(), Dynamic::UNIT);
}
Ok(m)
}
// Module registration
pub fn register_qcow2_module(engine: &mut Engine) -> Result<(), Box<EvalAltResult>> {
engine.register_fn("qcow2_create", qcow2_create);
engine.register_fn("qcow2_info", qcow2_info);
engine.register_fn("qcow2_snapshot_create", qcow2_snapshot_create);
engine.register_fn("qcow2_snapshot_delete", qcow2_snapshot_delete);
engine.register_fn("qcow2_snapshot_list", qcow2_snapshot_list);
engine.register_fn("qcow2_build_ubuntu_24_04_base", qcow2_build_ubuntu_24_04_base);
Ok(())
}

84
packages/system/virt/tests/rhai/04_qcow2_basic.rhai Normal file
View File

@@ -0,0 +1,84 @@
// Basic tests for QCOW2 SAL (offline, will skip if qemu-img is not present)
print("=== QCOW2 Basic Tests ===");
// Dependency check
let qemu = which("qemu-img");
if qemu == () {
print("⚠️ qemu-img not available - skipping QCOW2 tests");
print("Install qemu-utils (Debian/Ubuntu) or QEMU tools for your distro.");
print("=== QCOW2 Tests Skipped ===");
exit();
}
// Helper: unique temp path (use monotonic timestamp; avoid shell quoting issues)
let now = run_silent("date +%s%N");
let suffix = if now.success && now.stdout != "" { now.stdout.trim() } else { "100000" };
let img_path = `/tmp/qcow2_test_${suffix}.img`;
print("\n--- Test 1: Create image ---");
try {
let created_path = qcow2_create(img_path, 1);
// created_path should equal img_path
print(`✓ Created qcow2: ${created_path}`);
} catch (err) {
print(`❌ Create failed: ${err}`);
exit();
}
print("\n--- Test 2: Info ---");
let info;
try {
info = qcow2_info(img_path);
} catch (err) {
print(`❌ Info failed: ${err}`);
exit();
}
print("✓ Info fetched");
if info.format != () { print(` format: ${info.format}`); }
if info["virtual-size"] != () { print(` virtual-size: ${info["virtual-size"]}`); }
print("\n--- Test 3: Snapshot create/list/delete (offline) ---");
let snap_name = "s1";
try {
qcow2_snapshot_create(img_path, snap_name);
} catch (err) {
print(`❌ snapshot_create failed: ${err}`);
exit();
}
print("✓ snapshot created: s1");
let snaps;
try {
snaps = qcow2_snapshot_list(img_path);
} catch (err) {
print(`❌ snapshot_list failed: ${err}`);
exit();
}
print(`✓ snapshot_list ok, count=${snaps.len()}`);
try {
qcow2_snapshot_delete(img_path, snap_name);
} catch (err) {
print(`❌ snapshot_delete failed: ${err}`);
exit();
}
print("✓ snapshot deleted: s1");
// Optional: Base image builder (commented to avoid big downloads by default)
// Uncomment to test manually on a dev machine with bandwidth.
print("\n--- Optional: Build Ubuntu 24.04 Base ---");
let base_dir = "/tmp/virt_images";
let m;
try {
m = qcow2_build_ubuntu_24_04_base(base_dir, 10);
} catch (err) {
print(`⚠️ base build failed or skipped: ${err}`);
exit();
}
print(`✓ Base image path: ${m.base_image_path}`);
print(`✓ Base snapshot: ${m.snapshot}`);
print(`✓ Source URL: ${m.url}`);
if m.resized_to_gb != () { print(`✓ Resized to: ${m.resized_to_gb}G`); }
print("\n=== QCOW2 Basic Tests Completed ===");

164
packages/system/virt/tests/rhai/05_cloudhv_basic.rhai Normal file
View File

@@ -0,0 +1,164 @@
// Basic Cloud Hypervisor SAL smoke test (minimal)
// - Skips gracefully if dependencies or inputs are missing
// - Creates a VM spec, optionally starts/stops it if all inputs are available
print("=== Cloud Hypervisor Basic Tests ===");
// Dependency checks (static binaries only)
let chs = which("cloud-hypervisor-static");
let chrs = which("ch-remote-static");
// Normalize which() results: () or "" both mean missing (depending on SAL which variant)
let ch_missing = (chs == () || chs == "");
let chr_missing = (chrs == () || chrs == "");
if ch_missing || chr_missing {
print("⚠️ cloud-hypervisor-static and/or ch-remote-static not available - skipping CloudHV tests");
print("Install Cloud Hypervisor static binaries to run these tests.");
print("=== CloudHV Tests Skipped ===");
exit();
}
// Inputs (adjust these for your environment)
// Prefer firmware boot if firmware is available; otherwise fallback to direct kernel boot.
let firmware_path = "/tmp/virt_images/hypervisor-fw";
let kernel_path = "/path/to/vmlinux"; // optional when firmware_path is present
// We can reuse the base image from the QCOW2 test/builder if present.
let disk_path = "/tmp/virt_images/noble-server-cloudimg-amd64.img";
// Validate inputs
let missing = false;
let have_firmware = exist(firmware_path);
let have_kernel = exist(kernel_path);
if !have_firmware && !have_kernel {
print(`⚠️ neither firmware_path (${firmware_path}) nor kernel_path (${kernel_path}) found (start/stop will be skipped)`);
missing = true;
}
if !exist(disk_path) {
print(`⚠️ disk_path not found: ${disk_path} (start/stop will be skipped)`);
missing = true;
}
// Unique id
let rid = run_silent("date +%s%N");
let suffix = if rid.success && rid.stdout != "" { rid.stdout.trim() } else { "100000" };
let vm_id = `testvm_${suffix}`;
print("\n--- Test 1: Create VM definition ---");
let spec = #{
"id": vm_id,
"disk_path": disk_path,
"api_socket": "", // default under VM dir
"vcpus": 1,
"memory_mb": 1024,
// For firmware boot:
// Provide firmware_path only if it exists
// For kernel boot:
// Provide kernel_path and optionally a cmdline
};
if have_firmware {
spec.firmware_path = firmware_path;
} else if have_kernel {
spec.kernel_path = kernel_path;
spec.cmdline = "console=ttyS0 reboot=k panic=1";
}
// "extra_args": can be added if needed, e.g.:
// spec.extra_args = ["--rng", "src=/dev/urandom"];
try {
let created_id = cloudhv_vm_create(spec);
print(`✓ VM created: ${created_id}`);
} catch (err) {
print(`❌ VM create failed: ${err}`);
print("=== CloudHV Tests Aborted ===");
exit();
}
print("\n--- Test 2: VM info ---");
try {
let info = cloudhv_vm_info(vm_id);
print(`✓ VM info loaded: id=${info.spec.id}, status=${info.runtime.status}`);
} catch (err) {
print(`❌ VM info failed: ${err}`);
print("=== CloudHV Tests Aborted ===");
exit();
}
print("\n--- Test 3: VM list ---");
try {
let vms = cloudhv_vm_list();
print(`✓ VM list size: ${vms.len()}`);
} catch (err) {
print(`❌ VM list failed: ${err}`);
print("=== CloudHV Tests Aborted ===");
exit();
}
// Start/Stop only if inputs exist
if !missing {
print("\n--- Test 4: Start VM ---");
try {
cloudhv_vm_start(vm_id);
print("✓ VM start invoked");
} catch (err) {
print(`⚠️ VM start failed (this can happen if kernel/cmdline are incompatible): ${err}`);
}
print("\n waiting for VM to be ready...");
// Discover API socket and PID from SAL
let info1 = cloudhv_vm_info(vm_id);
let api_sock = info1.spec.api_socket;
let pid = info1.runtime.pid;
// 1) Wait for API socket to appear (up to ~50s)
let sock_ok = false;
for x in 0..50 {
if exist(api_sock) { sock_ok = true; break; }
sleep(1);
}
print(`api_sock_exists=${sock_ok} path=${api_sock}`);
// 2) Probe ch-remote info with retries (up to ~20s)
if sock_ok {
let info_ok = false;
for x in 0..20 {
let r = run_silent(`ch-remote-static --api-socket ${api_sock} info`);
if r.success {
info_ok = true;
break;
}
sleep(1);
}
if info_ok {
print("VM API is ready (ch-remote info OK)");
} else {
print("⚠️ VM API did not become ready in time (continuing)");
}
} else {
print("⚠️ API socket not found (continuing)");
}
// print("\n--- Test 5: Stop VM (graceful) ---");
// try {
// cloudhv_vm_stop(vm_id, false);
// print("✓ VM stop invoked (graceful)");
// } catch (err) {
// print(`⚠️ VM stop failed: ${err}`);
// }
} else {
print("\n⚠ Skipping start/stop because required inputs are missing.");
}
// print("\n--- Test 6: Delete VM definition ---");
// try {
// cloudhv_vm_delete(vm_id, false);
// print("✓ VM deleted");
// } catch (err) {
// print(`❌ VM delete failed: ${err}`);
// print("=== CloudHV Tests Aborted ===");
// exit();
// }
print("\n=== Cloud Hypervisor Basic Tests Completed ===");

148
packages/system/virt/tests/rhai/05_cloudhv_diag.rhai Normal file
View File

@@ -0,0 +1,148 @@
// Cloud Hypervisor diagnostic script
// Creates a VM, starts CH, verifies PID, API socket, ch-remote info, and tails logs.
print("=== CloudHV Diagnostic ===");
// Dependency check
let chs = which("cloud-hypervisor-static");
let chrs = which("ch-remote-static");
let ch_missing = (chs == () || chs == "");
let chr_missing = (chrs == () || chrs == "");
if ch_missing || chr_missing {
print("cloud-hypervisor-static and/or ch-remote-static not available - aborting.");
exit();
}
// Inputs
let firmware_path = "/tmp/virt_images/hypervisor-fw";
let disk_path = "/tmp/virt_images/noble-server-cloudimg-amd64.img";
if !exist(firmware_path) {
print(`Firmware not found: ${firmware_path}`);
exit();
}
if !exist(disk_path) {
print(`Disk image not found: ${disk_path}`);
exit();
}
// Unique ID
let rid = run_silent("date +%s%N");
let suffix = if rid.success && rid.stdout != "" { rid.stdout.trim() } else { "100000" };
let vm_id = `diagvm_${suffix}`;
// Socket path will be obtained from VM info (SAL populates spec.api_socket after start)
// Build minimal spec; let SAL decide the api_socket under the VM dir
let spec = #{
"id": vm_id,
"disk_path": disk_path,
"vcpus": 1,
"memory_mb": 512
};
spec.firmware_path = firmware_path;
fn pid_alive(p) {
if p == () { return false; }
// Use /proc to avoid noisy "kill: No such process" messages from kill -0
return exist(`/proc/${p}`);
}
fn tail_log(p, n) {
if exist(p) {
let r = run_silent(`tail -n ${n} ${p}`);
if r.success { print(r.stdout); } else { print(r.stderr); }
} else {
print(`Log file not found: ${p}`);
}
}
try {
print("--- Create VM spec ---");
let created = cloudhv_vm_create(spec);
print(`created: ${created}`);
} catch (err) {
print(`create failed: ${err}`);
exit();
}
// Read back info to get SAL-resolved log_file path
let info0 = cloudhv_vm_info(vm_id);
let log_file = info0.runtime.log_file;
// Rely on SAL to handle socket directory creation and stale-socket cleanup
print("--- Start VM ---");
try {
cloudhv_vm_start(vm_id);
print("start invoked");
} catch (err) {
print(`start failed: ${err}`);
tail_log(log_file, 200);
exit();
}
// Fetch PID and discover API socket path from updated spec
let info1 = cloudhv_vm_info(vm_id);
let pid = info1.runtime.pid;
let api_sock = info1.spec.api_socket;
print(`pid=${pid}`);
print(`api_sock_from_sal=${api_sock}`);
// Wait for socket file
let sock_ok = false;
for x in 0..50 {
if exist(api_sock) { sock_ok = true; break; }
sleep(1);
}
print(`api_sock_exists=${sock_ok} path=${api_sock}`);
// Probe ch-remote info
let info_ok = false;
let last_err = "";
if sock_ok {
for x in 0..20 {
let r = run_silent(`ch-remote-static --api-socket ${api_sock} info`);
if r.success {
info_ok = true;
print("ch-remote info OK");
break;
} else {
last_err = if r.stderr != "" { r.stderr } else { r.stdout };
sleep(1);
}
}
}
if !info_ok {
print("ch-remote info FAILED");
if last_err != "" { print(last_err); }
let alive = pid_alive(pid);
print(`pid_alive=${alive}`);
print("--- Last 200 lines of CH log ---");
tail_log(log_file, 200);
print("--- End of log ---");
} else {
print("--- Stop via SAL (force) ---");
try {
cloudhv_vm_stop(vm_id, true);
print("SAL stop invoked (force)");
} catch (err) {
print(`stop failed: ${err}`);
}
// wait for exit (check original PID)
for x in 0..30 {
if !pid_alive(pid) { break; }
sleep(1);
}
print(`pid_alive_after_stop=${pid_alive(pid)}`);
}
print("--- Cleanup ---");
try {
cloudhv_vm_delete(vm_id, false);
print("vm deleted");
} catch (err) {
print(`delete failed: ${err}`);
}
print("=== Diagnostic done ===");

533
packages/system/virt/tests/rhai/06_cloudhv_cloudinit_dhcpd.rhai Normal file
View File

@@ -0,0 +1,533 @@
// Cloud-init NoCloud + host DHCP (dnsmasq) provisioning for Cloud Hypervisor
// - Accepts a user-supplied SSH public key
// - Ensures Ubuntu cloud image via SAL qcow2 builder
// - Sets up host bridge br0 and tap0, and runs an ephemeral dnsmasq bound to br0
// - Builds NoCloud seed ISO (cloud-localds preferred; genisoimage fallback)
// - Creates/starts a VM and prints SSH connection instructions
//
// Requirements (run this script with privileges that allow sudo commands):
// - cloud-hypervisor-static, ch-remote-static
// - cloud-image-utils (for cloud-localds) or genisoimage/xorriso
// - dnsmasq, iproute2
// - qemu tools already used by qcow2 builder
//
// Note: This script uses sudo for network and dnsmasq operations.
print("=== CloudHV + cloud-init + host DHCP (dnsmasq) ===");
// ----------- User input -----------
let user_pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFyZJCEsvRc0eitsOoq+ywC5Lmqejvk3hXMVbO0AxPrd maxime@maxime-arch";
// Optional: choose boot method. If firmware is present in common locations, it will be used.
// Otherwise, if kernel_path exists, direct kernel boot will be used.
// If neither is found, the script will abort before starting the VM.
let firmware_path_override = ""; // e.g., "/usr/share/cloud-hypervisor/hypervisor-fw"
let kernel_path_override = ""; // e.g., "/path/to/vmlinux"
let kernel_cmdline_override = "console=ttyS0 reboot=k panic=1";
// Network parameters (local-only setup)
let bridge = "br0";
let br_cidr = "192.168.127.1/24";
let br_ip = "192.168.127.1";
let tap = "tap0";
let mac = "02:00:00:00:00:10"; // locally administered MAC
// Deterministic IP for the VM (dnsmasq will pin this MAC to this IP)
let vm_static_ip = "192.168.127.100";
// Paths
let base_dir = "/tmp/virt_images";
let seed_iso = `${base_dir}/seed.iso`;
let user_data = `${base_dir}/user-data`;
let meta_data = `${base_dir}/meta-data`;
let dnsmasq_pid = `${base_dir}/dnsmasq.pid`;
let dnsmasq_lease= `${base_dir}/dnsmasq.leases`;
let dnsmasq_log = `${base_dir}/dnsmasq.log`;
// ----------- Dependency checks -----------
print("\n--- Checking dependencies ---");
let chs = which("cloud-hypervisor-static");
let chrs = which("ch-remote-static");
let clds = which("cloud-localds");
let geniso = which("genisoimage");
let dns = which("dnsmasq");
let ipt = which("ip");
let missing = false;
if chs == () || chs == "" {
print("❌ cloud-hypervisor-static not found on PATH");
missing = true;
}
if chrs == () || chrs == "" {
print("❌ ch-remote-static not found on PATH");
missing = true;
}
if (clds == () || clds == "") && (geniso == () || geniso == "") {
print("❌ Neither cloud-localds nor genisoimage is available. Install cloud-image-utils or genisoimage.");
missing = true;
}
if dns == () || dns == "" {
print("❌ dnsmasq not found on PATH");
missing = true;
}
if ipt == () || ipt == "" {
print("❌ ip (iproute2) not found on PATH");
missing = true;
}
if missing {
print("=== Aborting due to missing dependencies ===");
exit();
}
print("✓ Dependencies look OK");
// ----------- Ensure base image -----------
print("\n--- Ensuring Ubuntu 24.04 cloud image ---");
let base;
try {
// Avoid resizing to prevent GPT backup-header mismatch that can break early boot on some kernels/firmware.
// Use 0 to keep the original image size; cloud-init/cloud-image tooling can grow the FS later if needed.
base = qcow2_build_ubuntu_24_04_base(base_dir, 0);
} catch (err) {
print(`❌ Failed to build/ensure base image: ${err}`);
exit();
}
let disk_path = base.base_image_path;
print(`✓ Using base image: ${disk_path}`);
// ----------- Host networking (bridge + tap) -----------
print("\n--- Configuring host networking (bridge + tap) ---");
// Idempotent: create br0 if missing; assign IP if not present; set up
let net_script = `
sudo ip link show ${bridge} >/dev/null 2>&1 || sudo ip link add ${bridge} type bridge
ip addr show dev ${bridge} | grep -q "${br_cidr}" || sudo ip addr add ${br_cidr} dev ${bridge}
sudo ip link set ${bridge} up
# Remove any stale TAP to avoid "Resource busy" when CH configures it
if ip link show ${tap} >/dev/null 2>&1; then
sudo ip link set ${tap} down || true
sudo ip link del ${tap} || true
fi
`;
run_silent(net_script);
print(`✓ Bridge ${bridge} and tap ${tap} configured`);
print("Note: NO-CARRIER on a bridge/tap without a peer is normal; DHCP will work once the guest brings its interface up.");
// ----------- Start/ensure dnsmasq on br0 -----------
print("\n--- Ensuring dnsmasq serving DHCP on the bridge ---");
// Ensure log/lease directory exists before starting dnsmasq
run_silent(`mkdir -p ${base_dir}`);
// If an instance with our pid-file is running, keep it; otherwise start a new one bound to br0.
// Use --port=0 to avoid DNS port conflicts; we only need DHCP here.
let dns_state = run_silent(`
if [ -f ${dnsmasq_pid} ] && ps -p $(cat ${dnsmasq_pid}) >/dev/null 2>&1; then
echo RUNNING
elif pgrep -f "dnsmasq .*--interface=${bridge}" >/dev/null 2>&1; then
echo RUNNING
elif [ -f ${dnsmasq_log} ] && grep -q "sockets bound exclusively to interface ${bridge}" ${dnsmasq_log}; then
echo RUNNING
else
echo STOPPED
fi
`);
let need_start = true;
if dns_state.success && dns_state.stdout.trim() == "RUNNING" {
print("✓ dnsmasq already running (pid file present and alive)");
need_start = false;
} else {
// Clean stale files
run_silent(`rm -f ${dnsmasq_pid} ${dnsmasq_lease}`);
}
if need_start {
// Start dnsmasq detached and force a clean, self-contained configuration.
// - Use --conf-file=/dev/null to avoid system config conflicts
// - Log directly via --log-facility to capture early failures
// - Run under current privileges (herodo is invoked with sudo)
let r = run_silent(`
: > ${dnsmasq_log}
nohup dnsmasq \
--conf-file=/dev/null \
--log-facility=${dnsmasq_log} \
--log-dhcp \
--user=root \
--group=root \
--port=0 \
--bind-interfaces \
--except-interface=lo \
--interface=${bridge} \
--dhcp-range=192.168.127.100,192.168.127.200,12h \
--dhcp-option=option:router,${br_ip} \
--dhcp-option=option:dns-server,1.1.1.1 \
--dhcp-host=${mac},${vm_static_ip} \
--pid-file=${dnsmasq_pid} \
--dhcp-leasefile=${dnsmasq_lease} &
`);
if !r.success {
print(`❌ Failed to start dnsmasq. Check log: ${dnsmasq_log}`);
let t = run_silent(`
if [ -f ${dnsmasq_log} ]; then
tail -n 200 ${dnsmasq_log}
fi
`);
if t.success && t.stdout.trim() != "" { print(t.stdout); }
exit();
}
// Robust readiness: wait up to 10s for pidfile OR process OR log pattern
let ready = run_silent(`
for i in $(seq 1 10); do
if [ -f ${dnsmasq_pid} ] && ps -p $(cat ${dnsmasq_pid}) >/dev/null 2>&1; then
echo OK; exit 0
fi
if pgrep -f "dnsmasq .*--interface=${bridge}" >/dev/null 2>&1; then
echo OK; exit 0
fi
if [ -f ${dnsmasq_log} ] && grep -q "sockets bound exclusively to interface ${bridge}" ${dnsmasq_log}; then
echo OK; exit 0
fi
sleep 1
done
echo FAIL
`);
if !(ready.success && ready.stdout.contains("OK")) {
print(`❌ dnsmasq did not come up. See ${dnsmasq_log}`);
let t = run_silent(`
if [ -f ${dnsmasq_log} ]; then
tail -n 200 ${dnsmasq_log}
fi
`);
if t.success && t.stdout.trim() != "" { print(t.stdout); }
exit();
}
print("✓ dnsmasq started (DHCP on br0)");
}
// ----------- Build cloud-init NoCloud seed (user-data/meta-data) -----------
print("\n--- Building NoCloud seed (user-data, meta-data) ---");
run_silent(`mkdir -p ${base_dir}`);
run_silent(`chmod 1777 ${base_dir}`);
// Compose user-data and meta-data content
let ud = `#cloud-config
users:
- name: ubuntu
groups: [adm, cdrom, dialout, lxd, plugdev, sudo]
sudo: ALL=(ALL) NOPASSWD:ALL
shell: /bin/bash
lock_passwd: true
ssh_authorized_keys:
- ${user_pubkey}
ssh_pwauth: false
package_update: true
`;
let md = `instance-id: iid-ubuntu-noble-001
local-hostname: noblevm
`;
// Write files via heredoc
let wr1 = run_silent(`
cat > ${user_data} <<'EOF'
${ud}
EOF
`);
if !wr1.success { print(`❌ Failed to write ${user_data}`); exit(); }
let wr2 = run_silent(`
cat > ${meta_data} <<'EOF'
${md}
EOF
`);
if !wr2.success { print(`❌ Failed to write ${meta_data}`); exit(); }
// Provide cloud-init network-config to ensure the NIC with our MAC requests DHCP
let net_config = `${base_dir}/network-config`;
let nc = `version: 2
ethernets:
nic0:
match:
macaddress: ${mac}
set-name: eth0
renderer: networkd
dhcp4: true
`;
let wr3 = run_silent(`
cat > ${net_config} <<'EOF'
${nc}
EOF
`);
if !wr3.success { print(`❌ Failed to write ${net_config}`); exit(); }
// Build seed ISO (prefer cloud-localds)
let built = false;
if !(clds == () || clds == "") {
let r = run_silent(`sudo cloud-localds --network-config ${net_config} ${seed_iso} ${user_data} ${meta_data}`);
if r.success {
built = true;
}
}
if !built {
if geniso == () || geniso == "" {
print("❌ Neither cloud-localds nor genisoimage succeeded/available to build seed.iso");
exit();
}
let r2 = run_silent(`sudo genisoimage -output ${seed_iso} -volid cidata -joliet -rock ${user_data} ${meta_data} ${net_config}`);
if !r2.success {
print("❌ genisoimage failed to create seed.iso");
exit();
}
}
print(`✓ Seed ISO: ${seed_iso}`);
// ----------- Determine boot method (firmware or kernel) -----------
print("\n--- Determining boot method ---");
let firmware_path = "";
if firmware_path_override != "" && exist(firmware_path_override) {
firmware_path = firmware_path_override;
} else {
let candidates = [
"/usr/local/share/cloud-hypervisor/hypervisor-fw",
"/usr/share/cloud-hypervisor/hypervisor-fw",
"/usr/lib/cloud-hypervisor/hypervisor-fw",
"/tmp/virt_images/hypervisor-fw"
];
for p in candidates {
if exist(p) { firmware_path = p; break; }
}
}
let kernel_path = "";
if kernel_path_override != "" && exist(kernel_path_override) {
kernel_path = kernel_path_override;
}
if firmware_path == "" && kernel_path == "" {
print("❌ No firmware_path or kernel_path found. Set firmware_path_override or kernel_path_override at top and re-run.");
exit();
}
if firmware_path != "" {
print(`✓ Using firmware boot: ${firmware_path}`);
} else {
print(`✓ Using direct kernel boot: ${kernel_path}`);
}
// ----------- Create and start VM -----------
print("\n--- Creating and starting VM ---");
let rid = run_silent("date +%s%N");
let suffix = if rid.success && rid.stdout.trim() != "" { rid.stdout.trim() } else { "100000" };
let vm_id = `noble_vm_${suffix}`;
// Use a unique TAP per run to avoid "Resource busy" conflicts.
// Keep name <= 15 chars (Linux IFNAMSIZ), e.g. "tap-abcdef".
let tn = run_silent("od -An -N3 -tx1 /dev/urandom | tr -d '[:space:]'");
if tn.success && tn.stdout.trim() != "" {
tap = `tap-${tn.stdout.trim()}`;
} else {
tap = "tap-abcd01";
}
let spec = #{
"id": vm_id,
"disk_path": disk_path,
"api_socket": "",
"vcpus": 2,
"memory_mb": 2048
};
if firmware_path != "" {
spec.firmware_path = firmware_path;
} else {
spec.kernel_path = kernel_path;
spec.cmdline = kernel_cmdline_override;
}
spec.extra_args = [
"--disk", `path=${seed_iso},readonly=true`,
"--net", `tap=${tap},mac=${mac}`
];
try {
let created = cloudhv_vm_create(spec);
print(`✓ VM created: ${created}`);
} catch (err) {
print(`❌ VM create failed: ${err}`);
exit();
}
try {
cloudhv_vm_start(vm_id);
print("✓ VM start invoked");
// After CH creates/opens the TAP, attach it to the bridge to allow DHCP broadcast to reach dnsmasq on br0.
// Avoid racing with CH tap configuration: wait briefly, then attempt attach.
let post_net = `
# Give CH time to finish configuring tap to avoid EBUSY
sleep 1
for i in $(seq 1 30); do
if ip link show ${tap} >/dev/null 2>&1; then
# Enslave to bridge and ensure up; ignore errors (idempotent)
sudo ip link set ${tap} master ${bridge} 2>/dev/null || true
sudo ip link set ${tap} up 2>/dev/null || true
break
fi
sleep 1
done
`;
run_silent(post_net);
} catch (err) {
print(`❌ VM start failed: ${err}`);
exit();
}
// ----------- Wait for DHCP lease and print access info -----------
print("\n--- Waiting for DHCP lease from dnsmasq ---");
let vm_ip = "";
// First try deterministic fixed IP via ping (dnsmasq pins MAC->IP)
for i in 0..60 {
// Use a plain command (no shell operators). Success indicates reachability.
let pr = run_silent(`ping -c1 -W1 -I ${bridge} ${vm_static_ip}`);
if pr.success {
vm_ip = vm_static_ip;
break;
}
sleep(1);
}
for i in 0..180 {
sleep(1);
// Discover and validate IPv4; prefer exact MAC match across common dnsmasq lease locations
let lr = run_silent(`
valid_ipv4() { echo "$1" | grep -Eo '^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+$' || true; }
# Candidate lease files (add more if your distro uses a different path)
LEASE_FILES="${dnsmasq_lease} /var/lib/misc/dnsmasq.leases /var/lib/dnsmasq/dnsmasq.leases"
# Include any runtime leases under /run/dnsmasq if present
if ls /run/dnsmasq/*.leases >/dev/null 2>&1; then
LEASE_FILES="$LEASE_FILES $(ls /run/dnsmasq/*.leases 2>/dev/null)"
fi
# 1) Try to find by exact MAC across all known lease files
for f in $LEASE_FILES; do
[ -f "$f" ] || continue
ip="$(awk -v m="${mac}" '$2==m{ip=$3} END{if(ip!="") print ip}' "$f")"
if [ -n "$ip" ] && [ -n "$(valid_ipv4 "$ip")" ]; then echo "$ip"; exit 0; fi
done
# 2) Fallback: last IP in our br0 subnet across all lease files
for f in $LEASE_FILES; do
[ -f "$f" ] || continue
ip="$(awk '$3 ~ /^192\\.168\\.127\\./ {ip=$3} END{if(ip!="") print ip}' "$f")"
if [ -n "$ip" ] && [ -n "$(valid_ipv4 "$ip")" ]; then echo "$ip"; exit 0; fi
done
# 3) Fallback: SAL default subnet (172.30.0.0/24) across all lease files
for f in $LEASE_FILES; do
[ -f "$f" ] || continue
ip="$(awk '$3 ~ /^172\\.30\\.0\\./ {ip=$3} END{if(ip!="") print ip}' "$f")"
if [ -n "$ip" ] && [ -n "$(valid_ipv4 "$ip")" ]; then echo "$ip"; exit 0; fi
done
# 4) ARP gleaning on likely bridges (br0 first, then br-hero) for the known MAC
for dev in ${bridge} br-hero; do
if ip -o link show "$dev" >/dev/null 2>&1; then
ip="$(ip neigh show dev "$dev" | awk '$0 ~ /lladdr ${mac}/ {print $1}' | tail -n1)"
if [ -n "$ip" ] && [ -n "$(valid_ipv4 "$ip")" ]; then echo "$ip"; exit 0; fi
fi
done
# 5) As a last resort, ARP any 192.168.127.x seen on br0
if ip -o link show ${bridge} >/dev/null 2>&1; then
ip="$(ip neigh show dev ${bridge} | awk '$1 ~ /^192\\.168\\.127\\./ {print $1}' | tail -n1)"
if [ -n "$ip" ] && [ -n "$(valid_ipv4 "$ip")" ]; then echo "$ip"; exit 0; fi
fi
# No valid IP yet
true
`);
if lr.success {
let ip = lr.stdout.trim();
if ip != "" {
vm_ip = ip;
break;
}
}
}
// Fallback: parse cloud-hypervisor console log for an IPv4 on our expected subnets
let info2 = cloudhv_vm_info(vm_id);
let log_path = info2.runtime.log_file;
if vm_ip == "" {
let cp = run_silent(`
if [ -f ${log_path} ]; then
grep -Eo '([0-9]+\\.){3}[0-9]+' ${log_path} | grep -E '^(192\\.168\\.127|172\\.30\\.0)\\.' | tail -n1
fi
`);
if cp.success {
let ip2 = cp.stdout.trim();
if ip2 != "" {
vm_ip = ip2;
}
}
}
if vm_ip == "" {
// Actively populate ARP neighbor tables by sweeping likely subnets
run_silent(`
for ip in $(seq 100 200); do ping -c1 -W1 -I ${bridge} 192.168.127.$ip >/dev/null 2>&1 || true; done
if ip -o link show br-hero >/dev/null 2>&1; then
for ip in $(seq 50 250); do ping -c1 -W1 -I br-hero 172.30.0.$ip >/dev/null 2>&1 || true; done
fi
`);
// Re-check after ARP sweep using the same validated discovery logic
let lr2 = run_silent(`
get_ip_from_leases() {
f="$1"; prefix="$2";
if [ -f "$f" ]; then
awk -v pfx="$prefix" '$3 ~ ("^" pfx) {ip=$3} END{if(ip!="") print ip}' "$f"
fi
}
valid_ipv4() {
echo "$1" | grep -Eo '^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+$' || true
}
cand="$(get_ip_from_leases ${dnsmasq_lease} "192.168.127.")"
if [ -n "$cand" ] && [ -n "$(valid_ipv4 "$cand")" ]; then echo "$cand"; exit 0; fi
cand="$(get_ip_from_leases /var/lib/misc/dnsmasq.leases "192.168.127.")"
if [ -n "$cand" ] && [ -n "$(valid_ipv4 "$cand")" ]; then echo "$cand"; exit 0; fi
cand="$(get_ip_from_leases /var/lib/misc/dnsmasq.leases "172.30.0.")"
if [ -n "$cand" ] && [ -n "$(valid_ipv4 "$cand")" ]; then echo "$cand"; exit 0; fi
cand="$(ip neigh show dev ${bridge} | awk '$0 ~ /lladdr ${mac}/ {print $1}' | tail -n1)"
if [ -n "$cand" ] && [ -n "$(valid_ipv4 "$cand")" ]; then echo "$cand"; exit 0; fi
true
`);
if lr2.success {
let ip2 = lr2.stdout.trim();
if ip2 != "" {
vm_ip = ip2;
}
}
}
/* Final sanity: ensure vm_ip is a valid IPv4 dotted-quad before printing */
let _chk = run_silent(`echo "${vm_ip}" | grep -Eo '^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+$' || true`);
if !(_chk.success && _chk.stdout.trim() != "") { vm_ip = ""; }
if vm_ip == "" {
print("❌ Could not discover VM IP after 180 seconds.");
print("Diagnostics you can run now:");
print(` tail -n +1 ${dnsmasq_lease}`);
print(" cat /var/lib/misc/dnsmasq.leases | tail -n 5");
print(` ip neigh show dev ${bridge} | grep '${mac}' || true`);
print("Exiting without SSH command because the IP could not be determined.");
exit();
} else {
print(`✓ Lease acquired: ${vm_ip}`);
print("\nSSH command (key-only; default user 'ubuntu'):");
print(`ssh -o StrictHostKeyChecking=no ubuntu@${vm_ip}`);
}
print("\n--- VM access details ---");
print(`VM ID: ${vm_id}`);
let info = cloudhv_vm_info(vm_id);
print(`API socket: ${info.spec.api_socket}`);
print(`Console log: ${info.runtime.log_file}`);
print(`Bridge: ${bridge} at ${br_ip}, TAP: ${tap}, MAC: ${mac}`);
print(`Seed: ${seed_iso}`);
/* SSH command already printed above when lease was acquired */
print("\nCleanup hints (manual):");
print(`- Stop dnsmasq: sudo kill \$(cat ${dnsmasq_pid})`);
print(`- Remove TAP: sudo ip link set ${tap} down; sudo ip link del ${tap}`);
print(" (Keep the bridge if you will reuse it.)");
print("\n=== Completed ===");

311
packages/system/virt/tests/rhai/07_cloudhv_ubuntu_ssh.rhai Normal file
View File

@@ -0,0 +1,311 @@
// Create and boot an Ubuntu 24.04 VM with cloud-init SSH key injection on Cloud Hypervisor
// - Uses qcow2 base image builder from SAL
// - Builds a NoCloud seed ISO embedding your SSH public key
// - Starts the VM; host networking prerequisites (bridge/dnsmasq/nftables) are ensured by CloudHV SAL
// - Attempts to discover the VM IP from dnsmasq leases and prints SSH instructions
//
// Requirements on host:
// - cloud-hypervisor-static, ch-remote-static
// - cloud-localds (preferred) OR genisoimage
// - qemu-img (already used by qcow2 SAL)
// - dnsmasq + nftables (will be handled by SAL during vm_start)
//
// Note:
// - SAL CloudHV networking will create a bridge br-hero, enable dnsmasq, and add a NAT rule via nftables
// - This script does NOT manage host networking; it relies on SAL to do so during vm_start()
print("=== CloudHV Ubuntu 24.04 with SSH key (cloud-init) ===");
// ---------- Inputs ----------
let user_pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFyZJCEsvRc0eitsOoq+ywC5Lmqejvk3hXMVbO0AxPrd maxime@maxime-arch";
// Optional overrides for boot method (if firmware is present, it will be preferred)
let firmware_path_override = ""; // e.g., "/usr/share/cloud-hypervisor/hypervisor-fw"
let kernel_path_override = ""; // e.g., "/path/to/vmlinux"
let kernel_cmdline = "console=ttyS0 reboot=k panic=1";
// Cloud-init hostname and instance id (used to identify leases reliably)
let cloudinit_hostname = "noblevm";
let cloudinit_instance_id = "iid-ubuntu-noble-ssh";
// Paths
let base_dir = "/tmp/virt_images";
let seed_iso = `${base_dir}/seed-ssh.iso`;
let user_data = `${base_dir}/user-data`;
let meta_data = `${base_dir}/meta-data`;
// ---------- Dependency checks ----------
print("\n--- Checking dependencies ---");
let chs = which("cloud-hypervisor-static");
let chrs = which("ch-remote-static");
let clds = which("cloud-localds");
let geniso = which("genisoimage");
let qemu = which("qemu-img");
let missing = false;
if chs == () || chs == "" {
print("❌ cloud-hypervisor-static not found on PATH");
missing = true;
}
if chrs == () || chrs == "" {
print("❌ ch-remote-static not found on PATH");
missing = true;
}
if (clds == () || clds == "") && (geniso == () || geniso == "") {
print("❌ Neither cloud-localds nor genisoimage is available. Install cloud-image-utils or genisoimage.");
missing = true;
}
if qemu == () || qemu == "" {
print("❌ qemu-img not found (required by base image builder)");
missing = true;
}
if missing {
print("=== Aborting due to missing dependencies ===");
exit();
}
print("✓ Dependencies look OK");
// ---------- Ensure base image ----------
print("\n--- Ensuring Ubuntu 24.04 cloud image ---");
let base;
try {
// Resize to e.g. 10 GiB sparse (adjust as needed)
base = qcow2_build_ubuntu_24_04_base(base_dir, 10);
} catch (err) {
print(`❌ Failed to build/ensure base image: ${err}`);
exit();
}
let disk_path = base.base_image_path;
print(`✓ Using base image: ${disk_path}`);
// ---------- Build cloud-init NoCloud seed (user-data/meta-data) ----------
print("\n--- Building NoCloud seed (SSH key) ---");
run_silent(`mkdir -p ${base_dir}`);
// Compose user-data and meta-data
let ud = `#cloud-config
users:
- name: ubuntu
groups: [adm, cdrom, dialout, lxd, plugdev, sudo]
sudo: ALL=(ALL) NOPASSWD:ALL
shell: /bin/bash
lock_passwd: true
ssh_authorized_keys:
- ${user_pubkey}
ssh_pwauth: false
package_update: true
`;
let md = `instance-id: ${cloudinit_instance_id}
local-hostname: ${cloudinit_hostname}
`;
// Write files
let wr1 = run_silent(`/bin/bash -lc "cat > ${user_data} <<'EOF'
${ud}
EOF"`);
if !wr1.success { print(`❌ Failed to write ${user_data}`); exit(); }
let wr2 = run_silent(`/bin/bash -lc "cat > ${meta_data} <<'EOF'
${md}
EOF"`);
if !wr2.success { print(`❌ Failed to write ${meta_data}`); exit(); }
// Build seed ISO (prefer cloud-localds)
let built = false;
if !(clds == () || clds == "") {
let r = run_silent(`cloud-localds ${seed_iso} ${user_data} ${meta_data}`);
if r.success { built = true; }
}
if !built {
if geniso == () || geniso == "" {
print("❌ Neither cloud-localds nor genisoimage available to build seed.iso");
exit();
}
let r2 = run_silent(`genisoimage -output ${seed_iso} -volid cidata -joliet -rock ${user_data} ${meta_data}`);
if !r2.success {
print("❌ genisoimage failed to create seed.iso");
exit();
}
}
print(`✓ Seed ISO: ${seed_iso}`);
// ---------- Determine boot method (firmware or kernel) ----------
print("\n--- Determining boot method ---");
let firmware_path = "";
if firmware_path_override != "" && exist(firmware_path_override) {
firmware_path = firmware_path_override;
} else {
let candidates = [
"/usr/local/share/cloud-hypervisor/hypervisor-fw",
"/usr/share/cloud-hypervisor/hypervisor-fw",
"/usr/lib/cloud-hypervisor/hypervisor-fw",
"/tmp/virt_images/hypervisor-fw"
];
for p in candidates {
if exist(p) { firmware_path = p; break; }
}
}
let kernel_path = "";
if kernel_path_override != "" && exist(kernel_path_override) {
kernel_path = kernel_path_override;
}
if firmware_path == "" && kernel_path == "" {
print("❌ No firmware_path or kernel_path found. Set firmware_path_override or kernel_path_override and re-run.");
exit();
}
if firmware_path != "" {
print(`✓ Using firmware boot: ${firmware_path}`);
} else {
print(`✓ Using direct kernel boot: ${kernel_path}`);
}
// ---------- Create and start VM ----------
print("\n--- Creating and starting VM ---");
let rid = run_silent("date +%s%N");
// Make suffix robust even if date outputs nothing
let suffix = "100000";
if rid.success {
let t = rid.stdout.trim();
if t != "" { suffix = t; }
}
let vm_id = `noble_ssh_${suffix}`;
let spec = #{
"id": vm_id,
"disk_path": disk_path,
"api_socket": "",
"vcpus": 2,
"memory_mb": 2048
};
if firmware_path != "" {
spec.firmware_path = firmware_path;
} else {
spec.kernel_path = kernel_path;
spec.cmdline = kernel_cmdline;
}
// Attach the NoCloud seed ISO as a read-only disk
spec.extra_args = [
"--disk", `path=${seed_iso},readonly=true`
];
try {
let created = cloudhv_vm_create(spec);
print(`✓ VM created: ${created}`);
} catch (err) {
print(`❌ VM create failed: ${err}`);
exit();
}
try {
cloudhv_vm_start(vm_id);
print("✓ VM start invoked");
} catch (err) {
print(`❌ VM start failed: ${err}`);
exit();
}
// ---------- Wait for VM API socket and probe readiness ----------
print("\n--- Waiting for VM API socket ---");
let api_sock = "";
// Discover socket path (from SAL or common defaults)
let fallback_candidates = [
`/root/hero/virt/vms/${vm_id}/api.sock`,
`/home/maxime/hero/virt/vms/${vm_id}/api.sock`
];
// First, try to detect the socket on disk with a longer timeout
let sock_exists = false;
for i in 0..180 {
sleep(1);
let info = cloudhv_vm_info(vm_id);
api_sock = info.spec.api_socket;
if api_sock == () || api_sock == "" {
for cand in fallback_candidates {
if exist(cand) { api_sock = cand; break; }
}
}
if api_sock != () && api_sock != "" && exist(api_sock) {
sock_exists = true;
break;
}
}
// Regardless of filesystem existence, also try probing the API directly
let api_ok = false;
if api_sock != () && api_sock != "" {
for i in 0..60 {
let r = run_silent(`ch-remote-static --api-socket ${api_sock} info`);
if r.success { api_ok = true; break; }
sleep(1);
}
}
if api_ok {
print("✓ VM API reachable");
} else if sock_exists {
print("⚠️ VM API socket exists but API not reachable yet");
} else {
print("⚠️ VM API socket not found yet; proceeding");
let info_dbg = cloudhv_vm_info(vm_id);
let log_path = info_dbg.runtime.log_file;
if exist(log_path) {
let t = run_silent(`tail -n 120 ${log_path}`);
if t.success && t.stdout.trim() != "" {
print("\n--- Last 120 lines of console log (diagnostics) ---");
print(t.stdout);
print("--- End of console log ---");
}
} else {
print(`(console log not found at ${log_path})`);
}
}
// ---------- Discover VM IP from dnsmasq leases ----------
print("\n--- Discovering VM IP (dnsmasq leases) ---");
// SAL enables system dnsmasq for br-hero by default; leases usually at /var/lib/misc/dnsmasq.leases
let leases_paths = [
"/var/lib/misc/dnsmasq.leases",
"/var/lib/dnsmasq/dnsmasq.leases"
];
let vm_ip = "";
for path in leases_paths {
if !exist(path) { continue; }
for i in 0..120 {
sleep(1);
// Pure awk (no nested shells/pipes). Keep last IP matching hostname.
let lr = run_silent(`awk -v host="${cloudinit_hostname}" '($4 ~ host){ip=$3} END{if(ip!=\"\") print ip}' ${path}`);
if lr.success {
let ip = lr.stdout.trim();
if ip != "" {
vm_ip = ip;
break;
}
}
}
if vm_ip != "" { break; }
}
// ---------- Output connection details ----------
print("\n--- VM access details ---");
let info = cloudhv_vm_info(vm_id);
print(`VM ID: ${vm_id}`);
if info.runtime.pid != () {
print(`PID: ${info.runtime.pid}`);
}
print(`Status: ${info.runtime.status}`);
print(`API socket: ${info.spec.api_socket}`);
print(`Console log: ${info.runtime.log_file}`);
print(`Seed ISO: ${seed_iso}`);
print(`Hostname: ${cloudinit_hostname}`);
if vm_ip != "" {
print("\nSSH command (default user 'ubuntu'):");
print(`ssh -o StrictHostKeyChecking=no ubuntu@${vm_ip}`);
} else {
print("\n⚠ Could not resolve VM IP yet from leases. Try later:");
print(" - Check leases: sudo cat /var/lib/misc/dnsmasq.leases | grep noblevm");
print(" - Or find on bridge (example): ip -4 neigh show dev br-hero");
print(" - Then SSH: ssh -o StrictHostKeyChecking=no ubuntu@<IP>");
}
print("\n=== Completed: Ubuntu VM launched with SSH key via cloud-init ===");

235
packages/system/virt/tests/rhai/10_vm_end_to_end.rhai Normal file
View File

@@ -0,0 +1,235 @@
// End-to-end smoke test for the new qcow2 + cloud-hypervisor refactor
// This script executes in logical phases so we can see clearly what works.
//
// Phases:
// 1) Host preflight check
// 2) Image preparation (Ubuntu) -> raw disk
// 3) Launch VM via builder using prepared raw disk
// 4) Inspect VM info, list VMs
// 5) Stop & delete VM
// 6) Launch VM via one-shot wrapper vm_easy_launch
// 7) Inspect VM info, list VMs
// 8) Stop & delete VM
//
// Notes:
// - Run as root on the host (required for NBD/mount/networking).
// - Base images expected at:
// /images/noble-server-cloudimg-amd64.img
// /images/alpine-virt-cloudimg-amd64.qcow2 (Alpine prepare not implemented yet)
// /images/hypervisor-fw (firmware binary used via --kernel)
// - Network defaults: IPv4 NAT (dnsmasq DHCP) + IPv6 routed over Mycelium (RA/DHCPv6). No static IPv6 is written into the guest; it autoconfigures via RA.
//
// Conventions:
// - Functional builder chaining: b = memory_mb(b, 4096), etc.
// - Each phase prints a banner and either "OK" or "FAILED" with detailed error message.
fn banner(s) {
print("==================================================");
print(s);
print("==================================================");
}
fn ok(s) {
print("[OK] " + s);
}
fn fail(msg) {
print("[FAILED] " + msg);
}
fn dump_map(m) {
// simple pretty printer for small maps
for k in m.keys() {
print(" " + k + ": " + m[k].to_string());
}
}
fn dump_array(a) {
let i = 0;
for x in a {
print(" - " + x.to_string());
}
}
// ------------------------------------------------------------------------------------
// Phase 1: Host preflight check
// ------------------------------------------------------------------------------------
banner("PHASE 1: host_check()");
let hc = host_check();
if !(hc.ok == true) {
fail("host_check indicates missing dependencies; details:");
print("critical:");
dump_array(hc.critical);
print("optional:");
dump_array(hc.optional);
print("notes:");
dump_array(hc.notes);
// Short-circuit: nothing else will work without deps
throw "Missing critical host dependencies";
} else {
ok("host_check passed");
}
// ------------------------------------------------------------------------------------
// Phase 2: Image preparation for Ubuntu
// - produces a per-VM raw disk in $HOME/hero/virt/vms/<id>/disk.raw
// ------------------------------------------------------------------------------------
banner("PHASE 2: image_prepare (Ubuntu) -> raw disk");
let vmA = "vm-e2e-a";
let prep_opts = #{
id: vmA,
flavor: "ubuntu",
// source: optional override, default uses /images/noble-server-cloudimg-amd64.img
// target_dir: optional override, default $HOME/hero/virt/vms/<id>
disable_cloud_init_net: true,
};
let prep_res = ();
let prep_ok = false;
try {
prep_res = image_prepare(prep_opts);
ok("image_prepare returned:");
dump_map(prep_res);
if prep_res.raw_disk == () {
fail("prep_res.raw_disk is UNIT; expected string path");
} else {
ok("raw_disk: " + prep_res.raw_disk);
prep_ok = true;
}
} catch (e) {
fail("image_prepare failed: " + e.to_string());
}
if !(prep_ok) {
throw "Stopping due to image_prepare failure";
}
// ------------------------------------------------------------------------------------
// Phase 3: Launch VM via builder using the prepared raw disk
// ------------------------------------------------------------------------------------
banner("PHASE 3: Launch via cloudhv_builder (disk from Phase 2)");
let b = cloudhv_builder(vmA);
// Explicitly select Default NAT networking (bridge + NAT + dnsmasq; IPv6 via Mycelium if enabled)
let b = network_default_nat(b);
let b = disk(b, prep_res.raw_disk);
let b = memory_mb(b, 4096);
let b = vcpus(b, 2);
// Optional extras:
// let b = extra_arg(b, "--serial"); let b = extra_arg(b, "tty");
// let b = no_default_net(b);
let vm_id_a = "";
try {
vm_id_a = launch(b);
ok("builder.launch started VM id: " + vm_id_a);
} catch (e) {
fail("builder.launch failed: " + e.to_string());
throw "Stopping due to launch failure for vm-e2e-a";
}
// ------------------------------------------------------------------------------------
// Phase 4: Inspect VM info, list VMs
// ------------------------------------------------------------------------------------
banner("PHASE 4: cloudhv_vm_info / cloudhv_vm_list");
try {
let info_a = cloudhv_vm_info(vm_id_a);
ok("cloudhv_vm_info:");
dump_map(info_a);
} catch (e) {
fail("cloudhv_vm_info failed: " + e.to_string());
}
try {
let vms = cloudhv_vm_list();
ok("cloudhv_vm_list count = " + vms.len.to_string());
} catch (e) {
fail("cloudhv_vm_list failed: " + e.to_string());
}
sleep(1000000);
// ------------------------------------------------------------------------------------
// Phase 5: Stop & delete VM A
// ------------------------------------------------------------------------------------
banner("PHASE 5: Stop & delete VM A");
try {
cloudhv_vm_stop(vm_id_a, false);
ok("cloudhv_vm_stop graceful OK");
} catch (e) {
fail("cloudhv_vm_stop (graceful) failed: " + e.to_string() + " -> trying force");
try {
cloudhv_vm_stop(vm_id_a, true);
ok("cloudhv_vm_stop force OK");
} catch (e2) {
fail("cloudhv_vm_stop force failed: " + e2.to_string());
}
}
try {
cloudhv_vm_delete(vm_id_a, true);
ok("cloudhv_vm_delete OK (deleted disks)");
} catch (e) {
fail("cloudhv_vm_delete failed: " + e.to_string());
}
// ------------------------------------------------------------------------------------
// Phase 6: Launch VM via one-shot wrapper vm_easy_launch()
// ------------------------------------------------------------------------------------
banner("PHASE 6: vm_easy_launch for VM B");
let vmB = "vm-e2e-b";
let vm_id_b = "";
try {
vm_id_b = vm_easy_launch("ubuntu", vmB, 4096, 2);
ok("vm_easy_launch started VM id: " + vm_id_b);
} catch (e) {
fail("vm_easy_launch failed: " + e.to_string());
throw "Stopping due to vm_easy_launch failure";
}
// Allow time for VM to fully boot and SSH to be ready
print("Sleeping 30 seconds for VM to boot... You can try SSH during this time.");
sleep(30000000); // 30 seconds
// ------------------------------------------------------------------------------------
// Phase 7: Inspect VM B info, list VMs
// ------------------------------------------------------------------------------------
banner("PHASE 7: Inspect VM B");
try {
let info_b = cloudhv_vm_info(vm_id_b);
ok("cloudhv_vm_info (B):");
dump_map(info_b);
} catch (e) {
fail("cloudhv_vm_info (B) failed: " + e.to_string());
}
try {
let vms2 = cloudhv_vm_list();
ok("cloudhv_vm_list count = " + vms2.len.to_string());
} catch (e) {
fail("cloudhv_vm_list failed: " + e.to_string());
}
// ------------------------------------------------------------------------------------
// Phase 8: Stop & delete VM B
// ------------------------------------------------------------------------------------
banner("PHASE 8: Stop & delete VM B");
try {
cloudhv_vm_stop(vm_id_b, false);
ok("cloudhv_vm_stop (B) graceful OK");
} catch (e) {
fail("cloudhv_vm_stop (B) graceful failed: " + e.to_string() + " -> trying force");
try {
cloudhv_vm_stop(vm_id_b, true);
ok("cloudhv_vm_stop (B) force OK");
} catch (e2) {
fail("cloudhv_vm_stop (B) force failed: " + e2.to_string());
}
}
try {
cloudhv_vm_delete(vm_id_b, true);
ok("cloudhv_vm_delete (B) OK (deleted disks)");
} catch (e) {
fail("cloudhv_vm_delete (B) failed: " + e.to_string());
}
banner("DONE: All phases executed");

60
packages/system/virt/tests/rhai/vm_clean_launch.rhai Normal file
View File

@@ -0,0 +1,60 @@
// Clean VM Launch Script
// Creates a VM using builder pattern with concise output
let vm_id = "vm-clean-test";
// Phase 0: Pre-clean any existing VM with the same id (best-effort)
// This avoids TAP "Resource busy" when a previous run is still active.
try {
cloudhv_vm_stop(vm_id, true);
} catch (e) {
// ignore
}
// brief wait to let processes exit and TAP release
wait_for_vm_boot(1);
try {
cloudhv_vm_delete(vm_id, true);
} catch (e) {
// ignore
}
// Phase 1: Host check
let hc = host_check();
if !(hc.ok == true) {
throw "Host check failed: missing dependencies";
}
// Phase 2: Create VM using fluent builder pattern
let vm_id_actual = "";
try {
vm_id_actual = cloudhv_builder(vm_id)
.disk_from_flavor("ubuntu")
.network_default_nat()
.memory_mb(4096)
.vcpus(2)
.launch();
} catch (e) {
throw "VM launch failed: " + e.to_string();
}
// Phase 3: Wait for VM to boot and get network configuration
wait_for_vm_boot(10);
// Phase 4: Discover VM IP addresses (robust, no hardcoded MAC/paths)
let net = cloudhv_vm_network_info(vm_id_actual, 30);
let ipv4 = net["ipv4"]; // Dynamic UNIT if not found yet
let ipv6 = net["ipv6"]; // Dynamic UNIT if not found
// Optional: you could also inspect net["mac"], net["bridge"], net["lease"]
// Phase 5: Display connection info
cloudhv_display_network_info(vm_id_actual, ipv4, ipv6);
/*
try {
cloudhv_vm_stop(vm_id_actual, false);
cloudhv_vm_delete(vm_id_actual, true);
print("VM stopped and cleaned up.");
} catch (e) {
print("Warning: cleanup failed: " + e.to_string());
}
*/

5
rhailib/.gitignore vendored Normal file
View File

@@ -0,0 +1,5 @@
target
worker_rhai_temp_db
dump.rdb
.DS_Store
.env

27
rhailib/Cargo.toml Normal file
View File

@@ -0,0 +1,27 @@
[package]
name = "rhailib"
version = "0.1.0"
edition = "2021" # Changed to 2021 for consistency with other crates
[dependencies]
anyhow = "1.0"
chrono = { version = "0.4", features = ["serde"] }
env_logger = "0.10"
log = "0.4"
redis = { version = "0.25.0", features = ["tokio-comp"] }
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
tokio = { version = "1", features = ["macros", "rt-multi-thread", "time", "sync", "signal"] }
rhai = "1.21.0"
derive = { path = "src/derive" }
[dev-dependencies]
criterion = { version = "0.5", features = ["html_reports"] }
uuid = { version = "1.6", features = ["v4", "serde"] } # For examples like dedicated_reply_queue_demo
tempfile = "3.10"
[[bench]]
name = "simple_rhai_bench"
harness = false

114
rhailib/README.md Normal file
View File

@@ -0,0 +1,114 @@
# rhailib: Distributed Rhai Scripting for HeroModels
`rhailib` provides a robust infrastructure for executing Rhai scripts in a distributed manner, primarily designed to integrate with and extend the HeroModels ecosystem. It allows for dynamic scripting capabilities, offloading computation, and enabling flexible automation.
## Overview
The `rhailib` system is composed of three main components working together, leveraging Redis for task queuing and state management:
1. **Rhai Engine (`src/engine`):**
This crate is the core of the scripting capability. It provides a Rhai engine pre-configured with various HeroModels modules (e.g., Calendar, Flow, Legal). Scripts executed within this engine can interact directly with HeroModels data and logic. The `engine` is utilized by the `rhai_worker` to process tasks.
2. **Rhai Client (`src/client`):**
This crate offers an interface for applications to submit Rhai scripts as tasks to the distributed execution system. Clients can send scripts to named Redis queues (referred to as "contexts"), optionally wait for results, and handle timeouts.
3. **Rhai Worker (`src/worker`):**
This executable component listens to one or more Redis queues ("contexts") for incoming tasks. When a task (a Rhai script) is received, the worker fetches its details, uses the `rhai_engine` to execute the script, and then updates the task's status and results back into Redis. Multiple worker instances can be deployed to scale script execution.
## Architecture & Workflow
The typical workflow is as follows:
1. **Task Submission:** An application using `rhai_dispatcher` submits a Rhai script to a specific Redis list (e.g., `rhai:queue:my_context`). Task details, including the script and status, are stored in a Redis hash.
2. **Task Consumption:** A `rhai_worker` instance, configured to listen to `rhai:queue:my_context`, picks up the task ID from the queue using a blocking pop operation.
3. **Script Execution:** The worker retrieves the script from Redis and executes it using an instance of the `rhai_engine`. This engine provides the necessary HeroModels context for the script.
4. **Result Storage:** Upon completion (or error), the worker updates the task's status (e.g., `completed`, `failed`) and stores any return value or error message in the corresponding Redis hash.
5. **Result Retrieval (Optional):** The `rhai_dispatcher` can poll the Redis hash for the task's status and retrieve the results once available.
This architecture allows for:
- Asynchronous script execution.
- Scalable processing of Rhai scripts by running multiple workers.
- Decoupling of script submission from execution.
## Project Structure
The core components are organized as separate crates within the `src/` directory:
- `src/client/`: Contains the `rhai_dispatcher` library.
- `src/engine/`: Contains the `rhai_engine` library.
- `src/worker/`: Contains the `rhai_worker` library and its executable.
Each of these directories contains its own `README.md` file with more detailed information about its specific functionality, setup, and usage.
## Getting Started
To work with this project:
1. Ensure you have Rust and Cargo installed.
2. A running Redis instance is required for the `client` and `worker` components to communicate.
3. Explore the individual README files in `src/client/`, `src/worker/`, and `src/engine/` for detailed instructions on building, configuring, and running each component.
You can typically build all components using:
```bash
cargo build --workspace
```
Or build and run specific examples or binaries as detailed in their respective READMEs.
## Async API Integration
`rhailib` includes a powerful async architecture that enables Rhai scripts to perform HTTP API calls despite Rhai's synchronous nature. This allows scripts to integrate with external services like Stripe, payment processors, and other REST/GraphQL APIs.
### Key Features
- **Async HTTP Support**: Make API calls from synchronous Rhai scripts
- **Multi-threaded Architecture**: Uses MPSC channels to bridge sync/async execution
- **Built-in Stripe Integration**: Complete payment processing capabilities
- **Builder Pattern APIs**: Fluent, chainable API for creating complex objects
- **Error Handling**: Graceful error handling with try/catch support
- **Environment Configuration**: Secure credential management via environment variables
### Quick Example
```rhai
// Configure API client
configure_stripe(STRIPE_API_KEY);
// Create a product with pricing
let product = new_product()
.name("Premium Software License")
.description("Professional software solution")
.metadata("category", "software");
let product_id = product.create();
// Create subscription pricing
let monthly_price = new_price()
.amount(2999) // $29.99 in cents
.currency("usd")
.product(product_id)
.recurring("month");
let price_id = monthly_price.create();
// Create a subscription
let subscription = new_subscription()
.customer("cus_customer_id")
.add_price(price_id)
.trial_days(14)
.create();
```
### Documentation
- **[Async Architecture Guide](docs/ASYNC_RHAI_ARCHITECTURE.md)**: Detailed technical documentation of the async architecture, including design decisions, thread safety, and extensibility patterns.
- **[API Integration Guide](docs/API_INTEGRATION_GUIDE.md)**: Practical guide with examples for integrating external APIs, error handling patterns, and best practices.
## Purpose
`rhailib` aims to provide a flexible and powerful way to extend applications with custom logic written in Rhai, executed in a controlled and scalable environment. This is particularly useful for tasks such as:
- Implementing dynamic business rules.
- Automating processes with external API integration.
- Running background computations.
- Processing payments and subscriptions.
- Customizing application behavior without recompilation.
- Integrating with third-party services (Stripe, webhooks, etc.).

1
rhailib/_archive/dispatcher/.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
/target

24
rhailib/_archive/dispatcher/Cargo.toml Normal file
View File

@@ -0,0 +1,24 @@
[package]
name = "rhai_dispatcher"
version = "0.1.0"
edition = "2021"
[[bin]]
name = "dispatcher"
path = "cmd/dispatcher.rs"
[dependencies]
clap = { version = "4.4", features = ["derive"] }
env_logger = "0.10"
redis = { version = "0.25.0", features = ["tokio-comp"] }
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
uuid = { version = "1.6", features = ["v4", "serde"] }
chrono = { version = "0.4", features = ["serde"] }
log = "0.4"
tokio = { version = "1", features = ["macros", "rt-multi-thread"] } # For async main in examples, and general async
colored = "2.0"
[dev-dependencies] # For examples later
env_logger = "0.10"
rhai = "1.18.0" # For examples that might need to show engine setup

107
rhailib/_archive/dispatcher/README.md Normal file
View File

@@ -0,0 +1,107 @@
# Rhai Client
The `rhai-client` crate provides a fluent builder-based interface for submitting Rhai scripts to a distributed task execution system over Redis. It enables applications to offload Rhai script execution to one or more worker services and await the results.
## Features
- **Fluent Builder API**: A `RhaiDispatcherBuilder` for easy client configuration and a `PlayRequestBuilder` for constructing and submitting script execution requests.
- **Asynchronous Operations**: Built with `tokio` for non-blocking I/O.
- **Request-Reply Pattern**: Submits tasks and awaits results on a dedicated reply queue, eliminating the need for polling.
- **Configurable Timeouts**: Set timeouts for how long the client should wait for a task to complete.
- **Direct-to-Worker-Queue Submission**: Tasks are sent to a queue named after the `worker_id`, allowing for direct and clear task routing.
- **Manual Status Check**: Provides an option to manually check the status of a task by its ID.
## Core Components
- **`RhaiDispatcherBuilder`**: A builder to construct a `RhaiDispatcher`. Requires a `caller_id` and Redis URL.
- **`RhaiDispatcher`**: The main client for interacting with the task system. It's used to create `PlayRequestBuilder` instances.
- **`PlayRequestBuilder`**: A fluent builder for creating and dispatching a script execution request. You can set:
- `worker_id`: The ID of the worker queue to send the task to.
- `script` or `script_path`: The Rhai script to execute.
- `request_id`: An optional unique ID for the request.
- `timeout`: How long to wait for a result.
- **Submission Methods**:
- `submit()`: Submits the request and returns immediately (fire-and-forget).
- `await_response()`: Submits the request and waits for the result or a timeout.
- **`RhaiTaskDetails`**: A struct representing the details of a task, including its script, status (`pending`, `processing`, `completed`, `error`), output, and error messages.
- **`RhaiDispatcherError`**: An enum for various errors, such as Redis errors, serialization issues, or task timeouts.
## How It Works
1. A `RhaiDispatcher` is created using the `RhaiDispatcherBuilder`, configured with a `caller_id` and Redis URL.
2. A `PlayRequestBuilder` is created from the client.
3. The script, `worker_id`, and an optional `timeout` are configured on the builder.
4. When `await_response()` is called:
a. A unique `task_id` (UUID v4) is generated.
b. Task details are stored in a Redis hash with a key like `rhailib:<task_id>`.
c. The `task_id` is pushed to the worker's queue, named `rhailib:<worker_id>`.
d. The client performs a blocking pop (`BLPOP`) on a dedicated reply queue (`rhailib:reply:<task_id>`), waiting for the worker to send the result.
5. A `rhai-worker` process, listening on the `rhailib:<worker_id>` queue, picks up the task, executes it, and pushes the final `RhaiTaskDetails` to the reply queue.
6. The client receives the result from the reply queue and returns it to the caller.
## Prerequisites
- A running Redis instance accessible by the client and the worker services.
## Usage Example
The following example demonstrates how to build a client, submit a script, and wait for the result.
```rust
use rhai_dispatcher::{RhaiDispatcherBuilder, RhaiDispatcherError};
use std::time::Duration;
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
env_logger::init();
// 1. Build the client
let client = RhaiDispatcherBuilder::new()
.caller_id("my-app-instance-1")
.redis_url("redis://127.0.0.1/")
.build()?;
// 2. Define the script and target worker
let script = r#" "Hello, " + worker_id + "!" "#;
let worker_id = "worker-1";
// 3. Use the PlayRequestBuilder to configure and submit the request
let result = client
.new_play_request()
.worker_id(worker_id)
.script(script)
.timeout(Duration::from_secs(5))
.await_response()
.await;
match result {
Ok(details) => {
log::info!("Task completed successfully!");
log::info!("Status: {}", details.status);
if let Some(output) = details.output {
log::info!("Output: {}", output);
}
}
Err(RhaiDispatcherError::Timeout(task_id)) => {
log::error!("Task {} timed out.", task_id);
}
Err(e) => {
log::error!("An unexpected error occurred: {}", e);
}
}
Ok(())
}
```
Refer to the `examples/` directory for more specific use cases, such as `timeout_example.rs` which tests the timeout mechanism.
## Building and Running Examples
To run an example (e.g., `timeout_example`):
```bash
cd src/client # (or wherever this client's Cargo.toml is)
cargo run --example timeout_example
```
Ensure a Redis server is running and accessible at `redis://127.0.0.1/`.

157
rhailib/_archive/dispatcher/cmd/README.md Normal file
View File

@@ -0,0 +1,157 @@
# Rhai Client Binary
A command-line client for executing Rhai scripts on remote workers via Redis.
## Binary: `client`
### Installation
Build the binary:
```bash
cargo build --bin client --release
```
### Usage
```bash
# Basic usage - requires caller and circle keys
client --caller-key <CALLER_KEY> --circle-key <CIRCLE_KEY>
# Execute inline script
client -c <CALLER_KEY> -k <CIRCLE_KEY> --script "print('Hello World!')"
# Execute script from file
client -c <CALLER_KEY> -k <CIRCLE_KEY> --file script.rhai
# Use specific worker (defaults to circle key)
client -c <CALLER_KEY> -k <CIRCLE_KEY> -w <WORKER_KEY> --script "2 + 2"
# Custom Redis and timeout
client -c <CALLER_KEY> -k <CIRCLE_KEY> --redis-url redis://localhost:6379/1 --timeout 60
# Remove timestamps from logs
client -c <CALLER_KEY> -k <CIRCLE_KEY> --no-timestamp
# Increase verbosity
client -c <CALLER_KEY> -k <CIRCLE_KEY> -v --script "debug_info()"
```
### Command-Line Options
| Option | Short | Default | Description |
|--------|-------|---------|-------------|
| `--caller-key` | `-c` | **Required** | Caller public key (your identity) |
| `--circle-key` | `-k` | **Required** | Circle public key (execution context) |
| `--worker-key` | `-w` | `circle-key` | Worker public key (target worker) |
| `--redis-url` | `-r` | `redis://localhost:6379` | Redis connection URL |
| `--script` | `-s` | | Rhai script to execute |
| `--file` | `-f` | | Path to Rhai script file |
| `--timeout` | `-t` | `30` | Timeout for script execution (seconds) |
| `--no-timestamp` | | `false` | Remove timestamps from log output |
| `--verbose` | `-v` | | Increase verbosity (stackable) |
### Execution Modes
#### Inline Script Execution
```bash
# Execute a simple calculation
client -c caller_123 -k circle_456 -s "let result = 2 + 2; print(result);"
# Execute with specific worker
client -c caller_123 -k circle_456 -w worker_789 -s "get_user_data()"
```
#### Script File Execution
```bash
# Execute script from file
client -c caller_123 -k circle_456 -f examples/data_processing.rhai
# Execute with custom timeout
client -c caller_123 -k circle_456 -f long_running_script.rhai -t 120
```
#### Interactive Mode
```bash
# Enter interactive REPL mode (when no script or file provided)
client -c caller_123 -k circle_456
# Interactive mode with verbose logging
client -c caller_123 -k circle_456 -v --no-timestamp
```
### Interactive Mode
When no script (`-s`) or file (`-f`) is provided, the client enters interactive mode:
```
🔗 Starting Rhai Client
📋 Configuration:
Caller Key: caller_123
Circle Key: circle_456
Worker Key: circle_456
Redis URL: redis://localhost:6379
Timeout: 30s
✅ Connected to Redis at redis://localhost:6379
🎮 Entering interactive mode
Type Rhai scripts and press Enter to execute. Type 'exit' or 'quit' to close.
rhai> let x = 42; print(x);
Status: completed
Output: 42
rhai> exit
👋 Goodbye!
```
### Configuration Examples
#### Development Usage
```bash
# Simple development client
client -c dev_user -k dev_circle
# Development with clean logs
client -c dev_user -k dev_circle --no-timestamp -v
```
#### Production Usage
```bash
# Production client with specific worker
client \
--caller-key prod_user_123 \
--circle-key prod_circle_456 \
--worker-key prod_worker_789 \
--redis-url redis://redis-cluster:6379/0 \
--timeout 300 \
--file production_script.rhai
```
#### Batch Processing
```bash
# Process multiple scripts
for script in scripts/*.rhai; do
client -c batch_user -k batch_circle -f "$script" --no-timestamp
done
```
### Key Concepts
- **Caller Key**: Your identity - used for authentication and tracking
- **Circle Key**: Execution context - defines the environment/permissions
- **Worker Key**: Target worker - which worker should execute the script (defaults to circle key)
### Error Handling
The client provides clear error messages for:
- Missing required keys
- Redis connection failures
- Script execution timeouts
- Worker unavailability
- Script syntax errors
### Dependencies
- `rhai_dispatcher`: Core client library for Redis-based script execution
- `redis`: Redis client for task queue communication
- `clap`: Command-line argument parsing
- `env_logger`: Logging infrastructure
- `tokio`: Async runtime

207
rhailib/_archive/dispatcher/cmd/dispatcher.rs Normal file
View File

@@ -0,0 +1,207 @@
use clap::Parser;
use rhai_dispatcher::{RhaiDispatcher, RhaiDispatcherBuilder};
use log::{error, info};
use colored::Colorize;
use std::io::{self, Write};
use std::time::Duration;
#[derive(Parser, Debug)]
#[command(author, version, about = "Rhai Client - Script execution client", long_about = None)]
struct Args {
/// Caller public key (caller ID)
#[arg(short = 'c', long = "caller-key", help = "Caller public key (your identity)")]
caller_id: String,
/// Circle public key (context ID)
#[arg(short = 'k', long = "circle-key", help = "Circle public key (execution context)")]
context_id: String,
/// Worker public key (defaults to circle public key if not provided)
#[arg(short = 'w', long = "worker-key", help = "Worker public key (defaults to circle key)")]
worker_id: String,
/// Redis URL
#[arg(short, long, default_value = "redis://localhost:6379", help = "Redis connection URL")]
redis_url: String,
/// Rhai script to execute
#[arg(short, long, help = "Rhai script to execute")]
script: Option<String>,
/// Path to Rhai script file
#[arg(short, long, help = "Path to Rhai script file")]
file: Option<String>,
/// Timeout for script execution (in seconds)
#[arg(short, long, default_value = "30", help = "Timeout for script execution in seconds")]
timeout: u64,
/// Increase verbosity (can be used multiple times)
#[arg(short, long, action = clap::ArgAction::Count, help = "Increase verbosity (-v for debug, -vv for trace)")]
verbose: u8,
/// Disable timestamps in log output
#[arg(long, help = "Remove timestamps from log output")]
no_timestamp: bool,
}
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let args = Args::parse();
// Configure logging based on verbosity level
let log_config = match args.verbose {
0 => "warn,rhai_dispatcher=warn",
1 => "info,rhai_dispatcher=info",
2 => "debug,rhai_dispatcher=debug",
_ => "trace,rhai_dispatcher=trace",
};
std::env::set_var("RUST_LOG", log_config);
// Configure env_logger with or without timestamps
if args.no_timestamp {
env_logger::Builder::from_default_env()
.format_timestamp(None)
.init();
} else {
env_logger::init();
}
if args.verbose > 0 {
info!("🔗 Starting Rhai Dispatcher");
info!("📋 Configuration:");
info!(" Caller ID: {}", args.caller_id);
info!(" Context ID: {}", args.context_id);
info!(" Worker ID: {}", args.worker_id);
info!(" Redis URL: {}", args.redis_url);
info!(" Timeout: {}s", args.timeout);
info!("");
}
// Create the Rhai client
let client = RhaiDispatcherBuilder::new()
.caller_id(&args.caller_id)
.worker_id(&args.worker_id)
.context_id(&args.context_id)
.redis_url(&args.redis_url)
.build()?;
if args.verbose > 0 {
info!("✅ Connected to Redis at {}", args.redis_url);
}
// Determine execution mode
if let Some(script_content) = args.script {
// Execute inline script
if args.verbose > 0 {
info!("📜 Executing inline script");
}
execute_script(&client, script_content, args.timeout).await?;
} else if let Some(file_path) = args.file {
// Execute script from file
if args.verbose > 0 {
info!("📁 Loading script from file: {}", file_path);
}
let script_content = std::fs::read_to_string(&file_path)
.map_err(|e| format!("Failed to read script file '{}': {}", file_path, e))?;
execute_script(&client, script_content, args.timeout).await?;
} else {
// Interactive mode
info!("🎮 Entering interactive mode");
info!("Type Rhai scripts and press Enter to execute. Type 'exit' or 'quit' to close.");
run_interactive_mode(&client, args.timeout, args.verbose).await?;
}
Ok(())
}
async fn execute_script(
client: &RhaiDispatcher,
script: String,
timeout_secs: u64,
) -> Result<(), Box<dyn std::error::Error>> {
info!("⚡ Executing script: {:.50}...", script);
let timeout = Duration::from_secs(timeout_secs);
match client
.new_play_request()
.script(&script)
.timeout(timeout)
.await_response()
.await
{
Ok(result) => {
info!("✅ Script execution completed");
println!("Status: {}", result.status);
if let Some(output) = result.output {
println!("Output: {}", output);
}
if let Some(error) = result.error {
println!("Error: {}", error);
}
}
Err(e) => {
error!("❌ Script execution failed: {}", e);
return Err(Box::new(e));
}
}
Ok(())
}
async fn run_interactive_mode(
client: &RhaiDispatcher,
timeout_secs: u64,
verbose: u8,
) -> Result<(), Box<dyn std::error::Error>> {
let timeout = Duration::from_secs(timeout_secs);
loop {
print!("rhai> ");
io::stdout().flush()?;
let mut input = String::new();
io::stdin().read_line(&mut input)?;
let input = input.trim();
if input.is_empty() {
continue;
}
if input == "exit" || input == "quit" {
info!("👋 Goodbye!");
break;
}
if verbose > 0 {
info!("⚡ Executing: {}", input);
}
match client
.new_play_request()
.script(input)
.timeout(timeout)
.await_response()
.await
{
Ok(result) => {
if let Some(output) = result.output {
println!("{}", output.color("green"));
}
if let Some(error) = result.error {
println!("{}", format!("error: {}", error).color("red"));
}
}
Err(e) => {
println!("{}", format!("error: {}", e).red());
}
}
println!(); // Add blank line for readability
}
Ok(())
}

190
rhailib/_archive/dispatcher/docs/ARCHITECTURE.md Normal file
View File

@@ -0,0 +1,190 @@
# Architecture of the `rhai_dispatcher` Crate
The `rhai_dispatcher` crate provides a Redis-based client library for submitting Rhai scripts to distributed worker services and awaiting their execution results. It implements a request-reply pattern using Redis as the message broker.
## Core Architecture
The client follows a builder pattern design with clear separation of concerns:
```mermaid
graph TD
A[RhaiDispatcherBuilder] --> B[RhaiDispatcher]
B --> C[PlayRequestBuilder]
C --> D[PlayRequest]
D --> E[Redis Task Queue]
E --> F[Worker Service]
F --> G[Redis Reply Queue]
G --> H[Client Response]
subgraph "Client Components"
A
B
C
D
end
subgraph "Redis Infrastructure"
E
G
end
subgraph "External Services"
F
end
```
## Key Components
### 1. RhaiDispatcherBuilder
A builder pattern implementation for constructing `RhaiDispatcher` instances with proper configuration validation.
**Responsibilities:**
- Configure Redis connection URL
- Set caller ID for task attribution
- Validate configuration before building client
**Key Methods:**
- `caller_id(id: &str)` - Sets the caller identifier
- `redis_url(url: &str)` - Configures Redis connection
- `build()` - Creates the final `RhaiDispatcher` instance
### 2. RhaiDispatcher
The main client interface that manages Redis connections and provides factory methods for creating play requests.
**Responsibilities:**
- Maintain Redis connection pool
- Provide factory methods for request builders
- Handle low-level Redis operations
- Manage task status queries
**Key Methods:**
- `new_play_request()` - Creates a new `PlayRequestBuilder`
- `get_task_status(task_id)` - Queries task status from Redis
- Internal methods for Redis operations
### 3. PlayRequestBuilder
A fluent builder for constructing and submitting script execution requests.
**Responsibilities:**
- Configure script execution parameters
- Handle script loading from files or strings
- Manage request timeouts
- Provide submission methods (fire-and-forget vs await-response)
**Key Methods:**
- `worker_id(id: &str)` - Target worker queue (determines which worker processes the task)
- `context_id(id: &str)` - Target context ID (determines execution context/circle)
- `script(content: &str)` - Set script content directly
- `script_path(path: &str)` - Load script from file
- `timeout(duration: Duration)` - Set execution timeout
- `submit()` - Fire-and-forget submission
- `await_response()` - Submit and wait for result
**Architecture Note:** The decoupling of `worker_id` and `context_id` allows a single worker to process tasks for multiple contexts (circles), providing greater deployment flexibility.
### 4. Data Structures
#### RhaiTaskDetails
Represents the complete state of a task throughout its lifecycle.
```rust
pub struct RhaiTaskDetails {
pub task_id: String,
pub script: String,
pub status: String, // "pending", "processing", "completed", "error"
pub output: Option<String>,
pub error: Option<String>,
pub created_at: DateTime<Utc>,
pub updated_at: DateTime<Utc>,
pub caller_id: String,
}
```
#### RhaiDispatcherError
Comprehensive error handling for various failure scenarios:
- `RedisError` - Redis connection/operation failures
- `SerializationError` - JSON serialization/deserialization issues
- `Timeout` - Task execution timeouts
- `TaskNotFound` - Missing tasks after submission
## Communication Protocol
### Task Submission Flow
1. **Task Creation**: Client generates unique UUID for task identification
2. **Task Storage**: Task details stored in Redis hash: `rhailib:<task_id>`
3. **Queue Submission**: Task ID pushed to worker queue: `rhailib:<worker_id>`
4. **Reply Queue Setup**: Client listens on: `rhailib:reply:<task_id>`
### Redis Key Patterns
- **Task Storage**: `rhailib:<task_id>` (Redis Hash)
- **Worker Queues**: `rhailib:<worker_id>` (Redis List)
- **Reply Queues**: `rhailib:reply:<task_id>` (Redis List)
### Message Flow Diagram
```mermaid
sequenceDiagram
participant C as Client
participant R as Redis
participant W as Worker
C->>R: HSET rhailib:task_id (task details)
C->>R: LPUSH rhailib:worker_id task_id
C->>R: BLPOP rhailib:reply:task_id (blocking)
W->>R: BRPOP rhailib:worker_id (blocking)
W->>W: Execute Rhai Script
W->>R: LPUSH rhailib:reply:task_id (result)
R->>C: Return result from BLPOP
C->>R: DEL rhailib:reply:task_id (cleanup)
```
## Concurrency and Async Design
The client is built on `tokio` for asynchronous operations:
- **Connection Pooling**: Uses Redis multiplexed connections for efficiency
- **Non-blocking Operations**: All Redis operations are async
- **Timeout Handling**: Configurable timeouts with proper cleanup
- **Error Propagation**: Comprehensive error handling with context
## Configuration and Deployment
### Prerequisites
- Redis server accessible to both client and workers
- Proper network connectivity between components
- Sufficient Redis memory for task storage
### Configuration Options
- **Redis URL**: Connection string for Redis instance
- **Caller ID**: Unique identifier for client instance
- **Timeouts**: Per-request timeout configuration
- **Worker Targeting**: Direct worker queue addressing
## Security Considerations
- **Task Isolation**: Each task uses unique identifiers
- **Queue Separation**: Worker-specific queues prevent cross-contamination
- **Cleanup**: Automatic cleanup of reply queues after completion
- **Error Handling**: Secure error propagation without sensitive data leakage
## Performance Characteristics
- **Scalability**: Horizontal scaling through multiple worker instances
- **Throughput**: Limited by Redis performance and network latency
- **Memory Usage**: Efficient with connection pooling and cleanup
- **Latency**: Low latency for local Redis deployments
## Integration Points
The client integrates with:
- **Worker Services**: Via Redis queue protocol
- **Monitoring Systems**: Through structured logging
- **Application Code**: Via builder pattern API
- **Configuration Systems**: Through environment variables and builders

90
rhailib/_archive/dispatcher/examples/timeout_example.rs Normal file
View File

@@ -0,0 +1,90 @@
use log::info;
use rhai_dispatcher::{RhaiDispatcherBuilder, RhaiDispatcherError};
use std::time::{Duration, Instant};
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
env_logger::builder()
.filter_level(log::LevelFilter::Info)
.init();
// Build the client using the new builder pattern
let client = RhaiDispatcherBuilder::new()
.caller_id("timeout-example-runner")
.redis_url("redis://127.0.0.1/")
.build()?;
info!("RhaiDispatcher created.");
let script_content = r#"
// This script will never be executed by a worker because the recipient does not exist.
let x = 10;
let y = x + 32;
y
"#;
// The worker_id points to a worker queue that doesn't have a worker.
let non_existent_recipient = "non_existent_worker_for_timeout_test";
let very_short_timeout = Duration::from_secs(2);
info!(
"Submitting script to non-existent recipient '{}' with a timeout of {:?}...",
non_existent_recipient, very_short_timeout
);
let start_time = Instant::now();
// Use the new PlayRequestBuilder
let result = client
.new_play_request()
.worker_id(non_existent_recipient)
.script(script_content)
.timeout(very_short_timeout)
.await_response()
.await;
match result {
Ok(details) => {
log::error!(
"Timeout Example FAILED: Expected a timeout, but got Ok: {:?}",
details
);
Err("Expected timeout, but task completed successfully.".into())
}
Err(e) => {
let elapsed = start_time.elapsed();
info!("Timeout Example: Received error as expected: {}", e);
info!("Elapsed time: {:?}", elapsed);
match e {
RhaiDispatcherError::Timeout(task_id) => {
info!("Timeout Example PASSED: Correctly received RhaiDispatcherError::Timeout for task_id: {}", task_id);
// Ensure the elapsed time is close to the timeout duration
// Allow for some buffer for processing
assert!(
elapsed >= very_short_timeout
&& elapsed < very_short_timeout + Duration::from_secs(1),
"Elapsed time {:?} should be close to timeout {:?}",
elapsed,
very_short_timeout
);
info!(
"Elapsed time {:?} is consistent with timeout duration {:?}.",
elapsed, very_short_timeout
);
Ok(())
}
other_error => {
log::error!(
"Timeout Example FAILED: Expected RhaiDispatcherError::Timeout, but got other error: {:?}",
other_error
);
Err(format!(
"Expected RhaiDispatcherError::Timeout, got other error: {:?}",
other_error
)
.into())
}
}
}
}
}

638
rhailib/_archive/dispatcher/src/lib.rs Normal file
View File

@@ -0,0 +1,638 @@
//! # Rhai Client Library
//!
//! A Redis-based client library for submitting Rhai scripts to distributed worker services
//! and awaiting their execution results. This crate implements a request-reply pattern
//! using Redis as the message broker.
//!
//! ## Quick Start
//!
//! ```rust
//! use rhai_dispatcher::{RhaiDispatcherBuilder, RhaiDispatcherError};
//! use std::time::Duration;
//!
//! #[tokio::main]
//! async fn main() -> Result<(), Box<dyn std::error::Error>> {
//! // Build the client
//! let client = RhaiDispatcherBuilder::new()
//! .caller_id("my-app-instance-1")
//! .redis_url("redis://127.0.0.1/")
//! .build()?;
//!
//! // Submit a script and await the result
//! let result = client
//! .new_play_request()
//! .worker_id("worker-1")
//! .script(r#""Hello, World!""#)
//! .timeout(Duration::from_secs(5))
//! .await_response()
//! .await?;
//!
//! println!("Result: {:?}", result);
//! Ok(())
//! }
//! ```
use chrono::Utc;
use log::{debug, error, info, warn}; // Added error
use redis::AsyncCommands;
use serde::{Deserialize, Serialize};
use std::time::Duration; // Duration is still used, Instant and sleep were removed
use uuid::Uuid;
/// Redis namespace prefix for all rhailib-related keys
const NAMESPACE_PREFIX: &str = "rhailib:";
/// Represents the complete details and state of a Rhai task execution.
///
/// This structure contains all information about a task throughout its lifecycle,
/// from submission to completion. It's used for both storing task state in Redis
/// and returning results to clients.
///
/// # Fields
///
/// * `task_id` - Unique identifier for the task (UUID)
/// * `script` - The Rhai script content to execute
/// * `status` - Current execution status: "pending", "processing", "completed", or "error"
/// * `output` - Script execution output (if successful)
/// * `error` - Error message (if execution failed)
/// * `created_at` - Timestamp when the task was created
/// * `updated_at` - Timestamp when the task was last modified
/// * `caller_id` - Identifier of the client that submitted the task
#[derive(Debug, Serialize, Deserialize, Clone)]
pub struct RhaiTaskDetails {
#[serde(rename = "taskId")] // Ensure consistent naming with other fields
pub task_id: String,
pub script: String,
pub status: String, // "pending", "processing", "completed", "error"
// client_rpc_id: Option<Value> is removed.
// Worker responses should ideally not include it, or Serde will ignore unknown fields by default.
pub output: Option<String>,
pub error: Option<String>, // Renamed from error_message for consistency
#[serde(rename = "createdAt")]
pub created_at: chrono::DateTime<chrono::Utc>,
#[serde(rename = "updatedAt")]
pub updated_at: chrono::DateTime<chrono::Utc>,
#[serde(rename = "callerId")]
pub caller_id: String,
#[serde(rename = "contextId")]
pub context_id: String,
#[serde(rename = "workerId")]
pub worker_id: String,
}
/// Comprehensive error type for all possible failures in the Rhai client.
///
/// This enum covers all error scenarios that can occur during client operations,
/// from Redis connectivity issues to task execution timeouts.
#[derive(Debug)]
pub enum RhaiDispatcherError {
/// Redis connection or operation error
RedisError(redis::RedisError),
/// JSON serialization/deserialization error
SerializationError(serde_json::Error),
/// Task execution timeout - contains the task_id that timed out
Timeout(String),
/// Task not found after submission - contains the task_id (rare occurrence)
TaskNotFound(String),
/// Context ID is missing
ContextIdMissing,
}
impl From<redis::RedisError> for RhaiDispatcherError {
fn from(err: redis::RedisError) -> Self {
RhaiDispatcherError::RedisError(err)
}
}
impl From<serde_json::Error> for RhaiDispatcherError {
fn from(err: serde_json::Error) -> Self {
RhaiDispatcherError::SerializationError(err)
}
}
impl std::fmt::Display for RhaiDispatcherError {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
RhaiDispatcherError::RedisError(e) => write!(f, "Redis error: {}", e),
RhaiDispatcherError::SerializationError(e) => write!(f, "Serialization error: {}", e),
RhaiDispatcherError::Timeout(task_id) => {
write!(f, "Timeout waiting for task {} to complete", task_id)
}
RhaiDispatcherError::TaskNotFound(task_id) => {
write!(f, "Task {} not found after submission", task_id)
}
RhaiDispatcherError::ContextIdMissing => {
write!(f, "Context ID is missing")
}
}
}
}
impl std::error::Error for RhaiDispatcherError {}
/// The main client for interacting with the Rhai task execution system.
///
/// This client manages Redis connections and provides factory methods for creating
/// script execution requests. It maintains a caller ID for task attribution and
/// handles all low-level Redis operations.
///
/// # Example
///
/// ```rust
/// use rhai_dispatcher::RhaiDispatcherBuilder;
///
/// let client = RhaiDispatcherBuilder::new()
/// .caller_id("my-service")
/// .redis_url("redis://localhost/")
/// .build()?;
/// ```
pub struct RhaiDispatcher {
redis_client: redis::Client,
caller_id: String,
worker_id: String,
context_id: String,
}
/// Builder for constructing `RhaiDispatcher` instances with proper configuration.
///
/// This builder ensures that all required configuration is provided before
/// creating a client instance. It validates the configuration and provides
/// sensible defaults where appropriate.
///
/// # Required Configuration
///
/// - `caller_id`: A unique identifier for this client instance
///
/// # Optional Configuration
///
/// - `redis_url`: Redis connection URL (defaults to "redis://127.0.0.1/")
pub struct RhaiDispatcherBuilder {
redis_url: Option<String>,
caller_id: String,
worker_id: String,
context_id: String,
}
impl RhaiDispatcherBuilder {
/// Creates a new `RhaiDispatcherBuilder` with default settings.
///
/// The builder starts with no Redis URL (will default to "redis://127.0.0.1/")
/// and an empty caller ID (which must be set before building).
pub fn new() -> Self {
Self {
redis_url: None,
caller_id: "".to_string(),
worker_id: "".to_string(),
context_id: "".to_string(),
}
}
/// Sets the caller ID for this client instance.
///
/// The caller ID is used to identify which client submitted a task and is
/// included in task metadata. This is required and the build will fail if
/// not provided.
///
/// # Arguments
///
/// * `caller_id` - A unique identifier for this client instance
pub fn caller_id(mut self, caller_id: &str) -> Self {
self.caller_id = caller_id.to_string();
self
}
/// Sets the circle ID for this client instance.
///
/// The circle ID is used to identify which circle's context a task should be executed in.
/// This is required at the time the client dispatches a script, but can be set on construction or on script dispatch.
///
/// # Arguments
///
/// * `context_id` - A unique identifier for this client instance
pub fn context_id(mut self, context_id: &str) -> Self {
self.context_id = context_id.to_string();
self
}
/// Sets the worker ID for this client instance.
///
/// The worker ID is used to identify which worker a task should be executed on.
/// This is required at the time the client dispatches a script, but can be set on construction or on script dispatch.
///
/// # Arguments
///
/// * `worker_id` - A unique identifier for this client instance
pub fn worker_id(mut self, worker_id: &str) -> Self {
self.worker_id = worker_id.to_string();
self
}
/// Sets the Redis connection URL.
///
/// If not provided, defaults to "redis://127.0.0.1/".
///
/// # Arguments
///
/// * `url` - Redis connection URL (e.g., "redis://localhost:6379/0")
pub fn redis_url(mut self, url: &str) -> Self {
self.redis_url = Some(url.to_string());
self
}
/// Builds the final `RhaiDispatcher` instance.
///
/// This method validates the configuration and creates the Redis client.
/// It will return an error if the caller ID is empty or if the Redis
/// connection cannot be established.
///
/// # Returns
///
/// * `Ok(RhaiDispatcher)` - Successfully configured client
/// * `Err(RhaiDispatcherError)` - Configuration or connection error
pub fn build(self) -> Result<RhaiDispatcher, RhaiDispatcherError> {
let url = self
.redis_url
.unwrap_or_else(|| "redis://127.0.0.1/".to_string());
let client = redis::Client::open(url)?;
Ok(RhaiDispatcher {
redis_client: client,
caller_id: self.caller_id,
worker_id: self.worker_id,
context_id: self.context_id,
})
}
}
/// Representation of a script execution request.
///
/// This structure contains all the information needed to execute a Rhai script
/// on a worker service, including the script content, target worker, and timeout.
#[derive(Debug, Clone)]
pub struct PlayRequest {
pub id: String,
pub worker_id: String,
pub context_id: String,
pub script: String,
pub timeout: Duration,
}
/// Builder for constructing and submitting script execution requests.
///
/// This builder provides a fluent interface for configuring script execution
/// parameters and offers two submission modes: fire-and-forget (`submit()`)
/// and request-reply (`await_response()`).
///
/// # Example
///
/// ```rust
/// use std::time::Duration;
///
/// let result = client
/// .new_play_request()
/// .worker_id("worker-1")
/// .script(r#"print("Hello, World!");"#)
/// .timeout(Duration::from_secs(30))
/// .await_response()
/// .await?;
/// ```
pub struct PlayRequestBuilder<'a> {
client: &'a RhaiDispatcher,
request_id: String,
worker_id: String,
context_id: String,
caller_id: String,
script: String,
timeout: Duration,
retries: u32,
}
impl<'a> PlayRequestBuilder<'a> {
pub fn new(client: &'a RhaiDispatcher) -> Self {
Self {
client,
request_id: "".to_string(),
worker_id: client.worker_id.clone(),
context_id: client.context_id.clone(),
caller_id: client.caller_id.clone(),
script: "".to_string(),
timeout: Duration::from_secs(5),
retries: 0,
}
}
pub fn request_id(mut self, request_id: &str) -> Self {
self.request_id = request_id.to_string();
self
}
pub fn worker_id(mut self, worker_id: &str) -> Self {
self.worker_id = worker_id.to_string();
self
}
pub fn context_id(mut self, context_id: &str) -> Self {
self.context_id = context_id.to_string();
self
}
pub fn script(mut self, script: &str) -> Self {
self.script = script.to_string();
self
}
pub fn script_path(mut self, script_path: &str) -> Self {
self.script = std::fs::read_to_string(script_path).unwrap();
self
}
pub fn timeout(mut self, timeout: Duration) -> Self {
self.timeout = timeout;
self
}
pub fn build(self) -> Result<PlayRequest, RhaiDispatcherError> {
let request_id = if self.request_id.is_empty() {
// Generate a UUID for the request_id
Uuid::new_v4().to_string()
} else {
self.request_id.clone()
};
if self.context_id.is_empty() {
return Err(RhaiDispatcherError::ContextIdMissing);
}
if self.caller_id.is_empty() {
return Err(RhaiDispatcherError::ContextIdMissing);
}
let play_request = PlayRequest {
id: request_id,
worker_id: self.worker_id.clone(),
context_id: self.context_id.clone(),
script: self.script.clone(),
timeout: self.timeout,
};
Ok(play_request)
}
pub async fn submit(self) -> Result<(), RhaiDispatcherError> {
// Build the request and submit using self.client
println!(
"Submitting request {} with timeout {:?}",
self.request_id, self.timeout
);
self.client.submit_play_request(&self.build()?).await?;
Ok(())
}
pub async fn await_response(self) -> Result<RhaiTaskDetails, RhaiDispatcherError> {
// Build the request and submit using self.client
let result = self
.client
.submit_play_request_and_await_result(&self.build()?)
.await;
result
}
}
impl RhaiDispatcher {
pub fn new_play_request(&self) -> PlayRequestBuilder {
PlayRequestBuilder::new(self)
}
// Internal helper to submit script details and push to work queue
async fn submit_play_request_using_connection(
&self,
conn: &mut redis::aio::MultiplexedConnection,
play_request: &PlayRequest,
) -> Result<(), RhaiDispatcherError> {
let now = Utc::now();
let task_key = format!("{}{}", NAMESPACE_PREFIX, play_request.id);
let worker_queue_key = format!(
"{}{}",
NAMESPACE_PREFIX,
play_request.worker_id.replace(" ", "_").to_lowercase()
);
debug!(
"Submitting play request: {} to worker: {} with namespace prefix: {}",
play_request.id, play_request.worker_id, NAMESPACE_PREFIX
);
let hset_args: Vec<(String, String)> = vec![
("taskId".to_string(), play_request.id.to_string()), // Add taskId
("script".to_string(), play_request.script.clone()), // script is moved here
("callerId".to_string(), self.caller_id.clone()), // script is moved here
("contextId".to_string(), play_request.context_id.clone()), // script is moved here
("status".to_string(), "pending".to_string()),
("createdAt".to_string(), now.to_rfc3339()),
("updatedAt".to_string(), now.to_rfc3339()),
];
// Ensure hset_args is a slice of tuples (String, String)
// The redis crate's hset_multiple expects &[(K, V)]
// conn.hset_multiple::<_, String, String, ()>(&task_key, &hset_args).await?;
// Simpler:
// Explicitly type K, F, V for hset_multiple if inference is problematic.
// RV (return value of the command itself) is typically () for HSET type commands.
conn.hset_multiple::<_, _, _, ()>(&task_key, &hset_args)
.await?;
// lpush also infers its types, RV is typically i64 (length of list) or () depending on exact command variant
// For `redis::AsyncCommands::lpush`, it's `RedisResult<R>` where R: FromRedisValue
// Often this is the length of the list. Let's allow inference or specify if needed.
let _: redis::RedisResult<i64> =
conn.lpush(&worker_queue_key, play_request.id.clone()).await;
Ok(())
}
// Internal helper to await response from worker
async fn await_response_from_connection(
&self,
conn: &mut redis::aio::MultiplexedConnection,
task_key: &String,
reply_queue_key: &String,
timeout: Duration,
) -> Result<RhaiTaskDetails, RhaiDispatcherError> {
// BLPOP on the reply queue
// The timeout for BLPOP is in seconds (integer)
let blpop_timeout_secs = timeout.as_secs().max(1); // Ensure at least 1 second for BLPOP timeout
match conn
.blpop::<&String, Option<(String, String)>>(reply_queue_key, blpop_timeout_secs as f64)
.await
{
Ok(Some((_queue, result_message_str))) => {
// Attempt to deserialize the result message into RhaiTaskDetails or a similar structure
// For now, we assume the worker sends back a JSON string of RhaiTaskDetails
// or at least status, output, error.
// Let's refine what the worker sends. For now, assume it's a simplified result.
// The worker should ideally send a JSON string that can be parsed into RhaiTaskDetails.
// For this example, let's assume the worker sends a JSON string of a simplified result structure.
// A more robust approach would be for the worker to send the full RhaiTaskDetails (or relevant parts)
// and the client deserializes that.
// For now, let's assume the worker sends a JSON string of RhaiTaskDetails.
match serde_json::from_str::<RhaiTaskDetails>(&result_message_str) {
Ok(details) => {
info!(
"Task {} finished with status: {}",
details.task_id, details.status
);
// Optionally, delete the reply queue
let _: redis::RedisResult<i32> = conn.del(&reply_queue_key).await;
Ok(details)
}
Err(e) => {
error!(
"Failed to deserialize result message from reply queue: {}",
e
);
// Optionally, delete the reply queue
let _: redis::RedisResult<i32> = conn.del(&reply_queue_key).await;
Err(RhaiDispatcherError::SerializationError(e))
}
}
}
Ok(None) => {
// BLPOP timed out
warn!(
"Timeout waiting for result on reply queue {} for task {}",
reply_queue_key, task_key
);
// Optionally, delete the reply queue
let _: redis::RedisResult<i32> = conn.del(&reply_queue_key).await;
Err(RhaiDispatcherError::Timeout(task_key.clone()))
}
Err(e) => {
// Redis error
error!(
"Redis error on BLPOP for reply queue {}: {}",
reply_queue_key, e
);
// Optionally, delete the reply queue
let _: redis::RedisResult<i32> = conn.del(&reply_queue_key).await;
Err(RhaiDispatcherError::RedisError(e))
}
}
}
// New method using dedicated reply queue
pub async fn submit_play_request(
&self,
play_request: &PlayRequest,
) -> Result<(), RhaiDispatcherError> {
let mut conn = self.redis_client.get_multiplexed_async_connection().await?;
self.submit_play_request_using_connection(
&mut conn,
&play_request, // Pass the task_id parameter
)
.await?;
Ok(())
}
// New method using dedicated reply queue
pub async fn submit_play_request_and_await_result(
&self,
play_request: &PlayRequest,
) -> Result<RhaiTaskDetails, RhaiDispatcherError> {
let mut conn = self.redis_client.get_multiplexed_async_connection().await?;
let reply_queue_key = format!("{}:reply:{}", NAMESPACE_PREFIX, play_request.id); // Derived from the passed task_id
self.submit_play_request_using_connection(
&mut conn,
&play_request, // Pass the task_id parameter
)
.await?;
info!(
"Task {} submitted. Waiting for result on queue {} with timeout {:?}...",
play_request.id, // This is the UUID
reply_queue_key,
play_request.timeout
);
self.await_response_from_connection(
&mut conn,
&play_request.id,
&reply_queue_key,
play_request.timeout,
)
.await
}
// Method to get task status
pub async fn get_task_status(
&self,
task_id: &str,
) -> Result<Option<RhaiTaskDetails>, RhaiDispatcherError> {
let mut conn = self.redis_client.get_multiplexed_async_connection().await?;
let task_key = format!("{}{}", NAMESPACE_PREFIX, task_id);
let result_map: Option<std::collections::HashMap<String, String>> =
conn.hgetall(&task_key).await?;
match result_map {
Some(map) => {
// Reconstruct RhaiTaskDetails from HashMap
let details = RhaiTaskDetails {
task_id: task_id.to_string(), // Use the task_id parameter passed to the function
script: map.get("script").cloned().unwrap_or_else(|| {
warn!("Task {}: 'script' field missing from Redis hash, defaulting to empty.", task_id);
String::new()
}),
status: map.get("status").cloned().unwrap_or_else(|| {
warn!("Task {}: 'status' field missing from Redis hash, defaulting to empty.", task_id);
String::new()
}),
// client_rpc_id is no longer a field in RhaiTaskDetails
output: map.get("output").cloned(),
error: map.get("error").cloned(),
created_at: map.get("createdAt")
.and_then(|s| chrono::DateTime::parse_from_rfc3339(s).ok())
.map(|dt| dt.with_timezone(&Utc))
.unwrap_or_else(|| {
warn!("Task {}: 'createdAt' field missing or invalid in Redis hash, defaulting to Utc::now().", task_id);
Utc::now()
}),
updated_at: map.get("updatedAt")
.and_then(|s| chrono::DateTime::parse_from_rfc3339(s).ok())
.map(|dt| dt.with_timezone(&Utc))
.unwrap_or_else(|| {
warn!("Task {}: 'updatedAt' field missing or invalid in Redis hash, defaulting to Utc::now().", task_id);
Utc::now()
}),
caller_id: map.get("callerId").cloned().expect("callerId field missing from Redis hash"),
worker_id: map.get("workerId").cloned().expect("workerId field missing from Redis hash"),
context_id: map.get("contextId").cloned().expect("contextId field missing from Redis hash"),
};
// It's important to also check if the 'taskId' field exists in the map and matches the input task_id
// for data integrity, though the struct construction above uses the input task_id directly.
if let Some(redis_task_id) = map.get("taskId") {
if redis_task_id != task_id {
warn!("Task {}: Mismatch between requested task_id and taskId found in Redis hash ('{}'). Proceeding with requested task_id.", task_id, redis_task_id);
}
} else {
warn!("Task {}: 'taskId' field missing from Redis hash.", task_id);
}
Ok(Some(details))
}
None => Ok(None),
}
}
}
#[cfg(test)]
mod tests {
// use super::*;
// Basic tests can be added later, especially once examples are in place.
// For now, ensuring it compiles is the priority.
#[test]
fn it_compiles() {
assert_eq!(2 + 2, 4);
}
}

38
rhailib/_archive/engine/Cargo.toml Normal file
View File

@@ -0,0 +1,38 @@
[package]
name = "rhailib_engine"
version = "0.1.0"
edition = "2021"
description = "Central Rhai engine for heromodels"
[dependencies]
rhai = { version = "1.21.0", features = ["std", "sync", "decimal", "internals"] }
heromodels = { path = "../../../db/heromodels", features = ["rhai"] }
heromodels_core = { path = "../../../db/heromodels_core" }
chrono = "0.4"
heromodels-derive = { path = "../../../db/heromodels-derive" }
rhailib_dsl = { path = "../dsl" }
[features]
default = ["calendar", "finance"]
calendar = []
finance = []
# Flow module is now updated to use our approach to Rhai engine registration
flow = []
legal = []
projects = []
biz = []
[[example]]
name = "calendar_example"
path = "examples/calendar/example.rs"
required-features = ["calendar"]
[[example]]
name = "flow_example"
path = "examples/flow/example.rs"
required-features = ["flow"]
[[example]]
name = "finance"
path = "examples/finance/example.rs"
required-features = ["finance"]

135
rhailib/_archive/engine/README.md Normal file
View File

@@ -0,0 +1,135 @@
# HeroModels Rhai Engine (`engine`)
The `engine` crate provides a central Rhai scripting engine for the HeroModels project. It offers a unified way to interact with various HeroModels modules (like Calendar, Flow, Legal, etc.) through Rhai scripts, leveraging a shared database connection.
## Overview
This crate facilitates:
1. **Centralized Engine Creation**: A function `create_heromodels_engine` to instantiate a Rhai engine pre-configured with common settings and all enabled HeroModels modules.
2. **Modular Registration**: HeroModels modules (Calendar, Flow, etc.) can be registered with a Rhai engine based on feature flags.
3. **Script Evaluation Utilities**: Helper functions for compiling Rhai scripts into Abstract Syntax Trees (ASTs) and for evaluating scripts or ASTs.
4. **Mock Database**: Includes a `mock_db` module for testing and running examples without needing a live database.
## Core Components & Usage
### Library (`src/lib.rs`)
- **`create_heromodels_engine(db: Arc<OurDB>) -> Engine`**:
Creates and returns a new `rhai::Engine` instance. This engine is configured with default settings (e.g., max expression depths, string/array/map sizes) and then all available HeroModels modules (controlled by feature flags) are registered with it, using the provided `db` (an `Arc<OurDB>`) instance.
- **`register_all_modules(engine: &mut Engine, db: Arc<OurDB>)`**:
Registers all HeroModels modules for which features are enabled (e.g., `calendar`, `flow`, `legal`, `projects`, `biz`) with the given Rhai `engine`. Each module is passed the shared `db` instance.
- **`eval_script(engine: &Engine, script: &str) -> Result<rhai::Dynamic, Box<rhai::EvalAltResult>>`**:
A utility function to directly evaluate a Rhai script string using the provided `engine`.
- **`compile_script(engine: &Engine, script: &str) -> Result<AST, Box<rhai::EvalAltResult>>`**:
Compiles a Rhai script string into an `AST` (Abstract Syntax Tree) for potentially faster repeated execution.
- **`run_ast(engine: &Engine, ast: &AST, scope: &mut Scope) -> Result<rhai::Dynamic, Box<rhai::EvalAltResult>>`**:
Runs a pre-compiled `AST` with a given `scope` using the provided `engine`.
- **`mock_db` module**:
Provides `create_mock_db()` which returns an `Arc<OurDB>` instance suitable for testing and examples. This allows scripts that interact with database functionalities to run without external database dependencies.
### Basic Usage
```rust
use std::sync::Arc;
use engine::{create_heromodels_engine, eval_script};
use engine::mock_db::create_mock_db; // For example usage
use heromodels::db::hero::OurDB; // Actual DB type
// Create a mock database (or connect to a real one)
let db: Arc<OurDB> = create_mock_db();
// Create the Rhai engine with all enabled modules registered
let engine = create_heromodels_engine(db);
// Run a Rhai script
let script = r#"
// Example: Assuming 'calendar' feature is enabled
let cal = new_calendar("My Test Calendar");
cal.set_description("This is a test.");
print(`Created calendar: ${cal.get_name()}`);
cal.get_id() // Return the ID
"#;
match eval_script(&engine, script) {
Ok(val) => println!("Script returned: {:?}", val),
Err(err) => eprintln!("Script error: {}", err),
}
```
### Using Specific Modules Manually
If you need more fine-grained control or only want specific modules (and prefer not to rely solely on feature flags at compile time for `create_heromodels_engine`), you can initialize an engine and register modules manually:
```rust
use std::sync::Arc;
use rhai::Engine;
use engine::mock_db::create_mock_db; // For example usage
use heromodels::db::hero::OurDB;
// Import the specific module registration function
use heromodels::models::calendar::register_calendar_rhai_module;
// Create a mock database
let db: Arc<OurDB> = create_mock_db();
// Create a new Rhai engine
let mut engine = Engine::new();
// Register only the calendar module
register_calendar_rhai_module(&mut engine, db.clone());
// Now you can use calendar-related functions in your scripts
let result = engine.eval::<String>(r#" let c = new_calendar("Solo Cal"); c.get_name() "#);
match result {
Ok(name) => println!("Calendar name: {}", name),
Err(err) => eprintln!("Error: {}", err),
}
```
## Examples
This crate includes several examples demonstrating how to use different HeroModels modules with Rhai. Each example typically requires its corresponding feature to be enabled.
- `calendar_example`: Working with calendars, events, and attendees (requires `calendar` feature).
- `flow_example`: Working with flows, steps, and signature requirements (requires `flow` feature).
- `finance_example`: Working with financial models (requires `finance` feature).
- *(Additional examples for `legal`, `projects`, `biz` would follow the same pattern if present).*
To run an example (e.g., `calendar_example`):
```bash
cargo run --example calendar_example --features calendar
```
*(Note: Examples in `Cargo.toml` already specify `required-features`, so simply `cargo run --example calendar_example` might suffice if those features are part of the default set or already enabled.)*
## Features
The crate uses feature flags to control which HeroModels modules are compiled and registered:
- `calendar`: Enables the Calendar module.
- `finance`: Enables the Finance module.
- `flow`: Enables the Flow module.
- `legal`: Enables the Legal module.
- `projects`: Enables the Projects module.
- `biz`: Enables the Business module.
The `default` features are `["calendar", "finance"]`. You can enable other modules by specifying them during the build or in your project's `Cargo.toml` if this `engine` crate is a dependency.
## Dependencies
Key dependencies include:
- `rhai`: The Rhai scripting engine.
- `heromodels`: Provides the core data models and database interaction logic, including the Rhai registration functions for each module.
- `heromodels_core`: Core utilities for HeroModels.
- `chrono`: For date/time utilities.
- `heromodels-derive`: Procedural macros used by HeroModels.
## License
This crate is part of the HeroModels project and shares its license.

16
rhailib/_archive/engine/build.rs Normal file
View File

@@ -0,0 +1,16 @@
fn main() {
// Tell Cargo to re-run this build script if the calendar/rhai.rs file changes
println!("cargo:rerun-if-changed=../heromodels/src/models/calendar/rhai.rs");
// Tell Cargo to re-run this build script if the flow/rhai.rs file changes
println!("cargo:rerun-if-changed=../heromodels/src/models/flow/rhai.rs");
// Tell Cargo to re-run this build script if the legal/rhai.rs file changes
println!("cargo:rerun-if-changed=../heromodels/src/models/legal/rhai.rs");
// Tell Cargo to re-run this build script if the projects/rhai.rs file changes
println!("cargo:rerun-if-changed=../heromodels/src/models/projects/rhai.rs");
// Tell Cargo to re-run this build script if the biz/rhai.rs file changes
println!("cargo:rerun-if-changed=../heromodels/src/models/biz/rhai.rs");
}

331
rhailib/_archive/engine/docs/ARCHITECTURE.md Normal file
View File

@@ -0,0 +1,331 @@
# Architecture of the `rhailib_engine` Crate
The `rhailib_engine` crate serves as the central Rhai scripting engine for the heromodels ecosystem. It provides a unified interface for creating, configuring, and executing Rhai scripts with access to all business domain modules through a feature-based architecture.
## Core Architecture
The engine acts as an orchestration layer that brings together the DSL modules and provides execution utilities:
```mermaid
graph TD
A[rhailib_engine] --> B[Engine Creation]
A --> C[Script Execution]
A --> D[Mock Database]
A --> E[Feature Management]
B --> B1[create_heromodels_engine]
B --> B2[Engine Configuration]
B --> B3[DSL Registration]
C --> C1[eval_script]
C --> C2[eval_file]
C --> C3[compile_script]
C --> C4[run_ast]
D --> D1[create_mock_db]
D --> D2[seed_mock_db]
D --> D3[Domain Data Seeding]
E --> E1[calendar]
E --> E2[finance]
E --> E3[flow]
E --> E4[legal]
E --> E5[projects]
E --> E6[biz]
B3 --> F[rhailib_dsl]
F --> G[All Domain Modules]
```
## Core Components
### 1. Engine Factory (`create_heromodels_engine`)
The primary entry point for creating a fully configured Rhai engine:
```rust
pub fn create_heromodels_engine() -> Engine
```
**Responsibilities:**
- Creates a new Rhai engine instance
- Configures engine limits and settings
- Registers all available DSL modules
- Returns a ready-to-use engine
**Configuration Settings:**
- **Expression Depth**: 128 levels for both expressions and functions
- **String Size Limit**: 10 MB maximum string size
- **Array Size Limit**: 10,000 elements maximum
- **Map Size Limit**: 10,000 key-value pairs maximum
### 2. Script Execution Utilities
#### Direct Script Evaluation
```rust
pub fn eval_script(engine: &Engine, script: &str) -> Result<Dynamic, Box<EvalAltResult>>
```
Executes Rhai script strings directly with immediate results.
#### File-Based Script Execution
```rust
pub fn eval_file(engine: &Engine, file_path: &Path) -> Result<Dynamic, Box<EvalAltResult>>
```
Loads and executes Rhai scripts from filesystem with proper error handling.
#### Compiled Script Execution
```rust
pub fn compile_script(engine: &Engine, script: &str) -> Result<AST, Box<EvalAltResult>>
pub fn run_ast(engine: &Engine, ast: &AST, scope: &mut Scope) -> Result<Dynamic, Box<EvalAltResult>>
```
Provides compilation and execution of scripts for performance optimization.
### 3. Mock Database System
#### Database Creation
```rust
pub fn create_mock_db() -> Arc<OurDB>
```
Creates an in-memory database instance for testing and examples.
#### Data Seeding
```rust
pub fn seed_mock_db(db: Arc<OurDB>)
```
Populates the mock database with representative data across all domains.
## Feature-Based Architecture
The engine uses Cargo features to control which domain modules are included:
### Available Features
- **`calendar`** (default): Calendar and event management
- **`finance`** (default): Financial accounts, assets, and marketplace
- **`flow`**: Workflow and approval processes
- **`legal`**: Contract and legal document management
- **`projects`**: Project and task management
- **`biz`**: Business operations and entities
### Feature Integration Pattern
```rust
#[cfg(feature = "calendar")]
use heromodels::models::calendar::*;
#[cfg(feature = "finance")]
use heromodels::models::finance::*;
```
This allows for:
- **Selective Compilation**: Only include needed functionality
- **Reduced Binary Size**: Exclude unused domain modules
- **Modular Deployment**: Different configurations for different use cases
## Mock Database Architecture
### Database Structure
The mock database provides a complete testing environment:
```mermaid
graph LR
A[Mock Database] --> B[Calendar Data]
A --> C[Finance Data]
A --> D[Flow Data]
A --> E[Legal Data]
A --> F[Projects Data]
B --> B1[Calendars]
B --> B2[Events]
B --> B3[Attendees]
C --> C1[Accounts]
C --> C2[Assets - ERC20/ERC721]
C --> C3[Marketplace Listings]
D --> D1[Flows]
D --> D2[Flow Steps]
D --> D3[Signature Requirements]
E --> E1[Contracts]
E --> E2[Contract Revisions]
E --> E3[Contract Signers]
F --> F1[Projects]
F --> F2[Project Members]
F --> F3[Project Tags]
```
### Seeding Strategy
Each domain has its own seeding function that creates realistic test data:
#### Calendar Seeding
- Creates work calendars with descriptions
- Adds team meetings with attendees
- Sets up recurring events
#### Finance Seeding
- Creates demo trading accounts
- Generates ERC20 tokens and ERC721 NFTs
- Sets up marketplace listings with metadata
#### Flow Seeding (Feature-Gated)
- Creates document approval workflows
- Defines multi-step approval processes
- Sets up signature requirements
#### Legal Seeding (Feature-Gated)
- Creates service agreements
- Adds contract revisions and versions
- Defines contract signers and roles
#### Projects Seeding (Feature-Gated)
- Creates project instances with status tracking
- Assigns team members and priorities
- Adds project tags and categorization
## Error Handling Architecture
### Comprehensive Error Propagation
```rust
Result<Dynamic, Box<EvalAltResult>>
```
All functions return proper Rhai error types that include:
- **Script Compilation Errors**: Syntax and parsing issues
- **Runtime Errors**: Execution failures and exceptions
- **File System Errors**: File reading and path resolution issues
- **Database Errors**: Mock database operation failures
### Error Context Enhancement
File operations include enhanced error context:
```rust
Err(Box::new(EvalAltResult::ErrorSystem(
format!("Failed to read script file: {}", file_path.display()),
Box::new(io_err),
)))
```
## Performance Considerations
### Engine Configuration
Optimized settings for production use:
- **Memory Limits**: Prevent runaway script execution
- **Depth Limits**: Avoid stack overflow from deep recursion
- **Size Limits**: Control memory usage for large data structures
### Compilation Strategy
- **AST Caching**: Compile once, execute multiple times
- **Scope Management**: Efficient variable scope handling
- **Module Registration**: One-time registration at engine creation
### Mock Database Performance
- **In-Memory Storage**: Fast access for testing scenarios
- **Temporary Directories**: Automatic cleanup after use
- **Lazy Loading**: Data seeded only when needed
## Integration Patterns
### Script Development Workflow
```rust
// 1. Create engine with all modules
let engine = create_heromodels_engine();
// 2. Execute business logic scripts
let result = eval_script(&engine, r#"
let company = new_company()
.name("Tech Startup")
.business_type("startup");
save_company(company)
"#)?;
// 3. Handle results and errors
match result {
Ok(value) => println!("Success: {:?}", value),
Err(error) => eprintln!("Error: {}", error),
}
```
### Testing Integration
```rust
// 1. Create mock database
let db = create_mock_db();
seed_mock_db(db.clone());
// 2. Create engine
let engine = create_heromodels_engine();
// 3. Test scripts against seeded data
let script = r#"
let calendars = list_calendars();
calendars.len()
"#;
let count = eval_script(&engine, script)?;
```
### File-Based Script Execution
```rust
// Execute scripts from files
let result = eval_file(&engine, Path::new("scripts/business_logic.rhai"))?;
```
## Deployment Configurations
### Minimal Configuration
```toml
[dependencies]
rhailib_engine = { version = "0.1.0", default-features = false, features = ["calendar"] }
```
### Full Configuration
```toml
[dependencies]
rhailib_engine = { version = "0.1.0", features = ["calendar", "finance", "flow", "legal", "projects", "biz"] }
```
### Custom Configuration
```toml
[dependencies]
rhailib_engine = { version = "0.1.0", default-features = false, features = ["finance", "biz"] }
```
## Security Considerations
### Script Execution Limits
- **Resource Limits**: Prevent resource exhaustion attacks
- **Execution Time**: Configurable timeouts for long-running scripts
- **Memory Bounds**: Controlled memory allocation
### Database Access
- **Mock Environment**: Safe testing without production data exposure
- **Temporary Storage**: Automatic cleanup prevents data persistence
- **Isolated Execution**: Each test run gets fresh database state
## Extensibility
### Adding New Domains
1. Create new feature flag in `Cargo.toml`
2. Add conditional imports for new models
3. Implement seeding function for test data
4. Register with DSL module system
### Custom Engine Configuration
```rust
let mut engine = Engine::new();
// Custom configuration
engine.set_max_expr_depths(256, 256);
// Register specific modules
rhailib_dsl::register_dsl_modules(&mut engine);
```
This architecture provides a robust, feature-rich foundation for Rhai script execution while maintaining flexibility, performance, and security.

101
rhailib/_archive/engine/examples/calendar/calendar_script.rhai Normal file
View File

@@ -0,0 +1,101 @@
// calendar_script.rhai
// Example Rhai script for working with Calendar models
// Constants for AttendanceStatus
const NO_RESPONSE = "NoResponse";
const ACCEPTED = "Accepted";
const DECLINED = "Declined";
const TENTATIVE = "Tentative";
// Create a new calendar using builder pattern
let my_calendar = new_calendar()
.name("Team Calendar")
.description("Calendar for team events and meetings");
print(`Created calendar: ${my_calendar.name} (${my_calendar.id})`);
// Add attendees to the event
let alice = new_attendee()
.with_contact_id(1)
.with_status(NO_RESPONSE);
let bob = new_attendee()
.with_contact_id(2)
.with_status(ACCEPTED);
let charlie = new_attendee()
.with_contact_id(3)
.with_status(TENTATIVE);
// Create a new event using builder pattern
// Note: Timestamps are in seconds since epoch
let now = timestamp_now();
let one_hour = 60 * 60;
let meeting = new_event()
.title("Weekly Sync")
.reschedule(now, now + one_hour)
.location("Conference Room A")
.description("Regular team sync meeting")
.add_attendee(alice)
.add_attendee(bob)
.add_attendee(charlie)
.save_event();
print(`Created event: ${meeting.title}`);
meeting.delete_event();
print(`Deleted event: ${meeting.title}`);
// Print attendees info
let attendees = meeting.attendees;
print(`Added attendees to the event`);
// Update Charlie's attendee status directly
meeting.update_attendee_status(3, ACCEPTED);
print(`Updated Charlie's status to: ${ACCEPTED}`);
// Add the event to the calendar
my_calendar.add_event_to_calendar(meeting);
// Print events info
print(`Added event to calendar`);
// Save the calendar to the database
let saved_calendar = my_calendar.save_calendar();
print(`Calendar saved to database with ID: ${saved_calendar.id}`);
// Retrieve the calendar from the database using the ID from the saved calendar
let retrieved_calendar = get_calendar_by_id(saved_calendar.id);
if retrieved_calendar != () {
print(`Retrieved calendar: ${retrieved_calendar.name}`);
print(`Retrieved calendar successfully`);
} else {
print("Failed to retrieve calendar from database");
}
// List all calendars in the database
let all_calendars = list_calendars();
print("\nListing all calendars in database:");
let calendar_count = 0;
for calendar in all_calendars {
print(` - Calendar: ${calendar.name} (ID: ${calendar.id})`);
calendar_count += 1;
}
print(`Total calendars: ${calendar_count}`);
// List all events in the database
let all_events = list_events();
print("\nListing all events in database:");
let event_count = 0;
for event in all_events {
print(` - Event: ${event.title} (ID: ${event.id})`);
event_count += 1;
}
print(`Total events: ${event_count}`);
// Helper function to get current timestamp
fn timestamp_now() {
// This would typically be provided by the host application
// For this example, we'll use a fixed timestamp
1685620800 // June 1, 2023, 12:00 PM
}

70
rhailib/_archive/engine/examples/calendar/example.rs Normal file
View File

@@ -0,0 +1,70 @@
use engine::mock_db::create_mock_db;
use engine::{create_heromodels_engine, eval_file};
use rhai::Engine;
mod mock;
use mock::seed_calendar_data;
fn main() -> Result<(), Box<dyn std::error::Error>> {
println!("Calendar Rhai Example");
println!("=====================");
// Create a mock database
let db = create_mock_db();
// Seed the database with some initial data
seed_calendar_data(db.clone());
// Create the Rhai engine using our central engine creator
let mut engine = create_heromodels_engine(db.clone());
// Register timestamp helper functions
register_timestamp_helpers(&mut engine);
// Get the path to the script
let manifest_dir = std::path::PathBuf::from(env!("CARGO_MANIFEST_DIR"));
let script_path = manifest_dir
.join("examples")
.join("calendar")
.join("calendar_script.rhai");
println!("\nRunning script: {}", script_path.display());
println!("---------------------");
// Run the script
match eval_file(&engine, &script_path) {
Ok(result) => {
if !result.is_unit() {
println!("\nScript returned: {:?}", result);
}
println!("\nScript executed successfully!");
Ok(())
}
Err(err) => {
eprintln!("\nError running script: {}", err);
Err(Box::new(std::io::Error::new(
std::io::ErrorKind::Other,
err.to_string(),
)))
}
}
}
// Register timestamp helper functions with the engine
fn register_timestamp_helpers(engine: &mut Engine) {
use chrono::{TimeZone, Utc};
// Function to get current timestamp
engine.register_fn("timestamp_now", || Utc::now().timestamp() as i64);
// Function to format a timestamp
engine.register_fn("format_timestamp", |ts: i64| {
let dt = Utc
.timestamp_opt(ts, 0)
.single()
.expect("Invalid timestamp");
dt.format("%Y-%m-%d %H:%M:%S UTC").to_string()
});
println!("Timestamp helper functions registered successfully.");
}

60
rhailib/_archive/engine/examples/calendar/mock.rs Normal file
View File

@@ -0,0 +1,60 @@
use chrono::Utc;
use heromodels::db::hero::OurDB;
use heromodels::db::{Collection, Db};
use heromodels::models::calendar::{Calendar, Event};
use heromodels_core::Model;
use std::sync::Arc;
/// Seed the mock database with calendar data
pub fn seed_calendar_data(db: Arc<OurDB>) {
// Create a calendar
let calendar = Calendar::new(None, "Work Calendar".to_string())
.description("My work schedule".to_string());
// Store the calendar in the database
let (calendar_id, mut saved_calendar) = db
.collection::<Calendar>()
.expect("Failed to get Calendar collection")
.set(&calendar)
.expect("Failed to store calendar");
// Create an event
let now = Utc::now().timestamp();
let end_time = now + 3600; // Add 1 hour in seconds
let event = Event::new()
.title("Team Meeting".to_string())
.reschedule(now, end_time)
.location("Conference Room A".to_string())
.description("Weekly sync".to_string())
.build();
// Store the event in the database first to get its ID
let (event_id, saved_event) = db
.collection()
.expect("Failed to get Event collection")
.set(&event)
.expect("Failed to store event");
// Add the event ID to the calendar
saved_calendar = saved_calendar.add_event(event_id as i64);
// Store the updated calendar in the database
let (_calendar_id, final_calendar) = db
.collection::<Calendar>()
.expect("Failed to get Calendar collection")
.set(&saved_calendar)
.expect("Failed to store calendar");
println!("Mock database seeded with calendar data:");
println!(
" - Added calendar: {} (ID: {})",
final_calendar.name,
final_calendar.get_id()
);
println!(
" - Added event: {} (ID: {})",
saved_event.title,
saved_event.get_id()
);
}

70
rhailib/_archive/engine/examples/finance/example.rs Normal file
View File

@@ -0,0 +1,70 @@
use engine::mock_db::create_mock_db;
use engine::{create_heromodels_engine, eval_file};
use rhai::Engine;
use std::path::Path;
mod mock;
use mock::seed_finance_data;
fn main() -> Result<(), Box<dyn std::error::Error>> {
println!("Finance Rhai Example");
println!("===================");
// Create a mock database
let db = create_mock_db();
// Seed the database with some initial data
seed_finance_data(db.clone());
// Create the Rhai engine using our central engine creator
let mut engine = create_heromodels_engine(db.clone());
// Register timestamp helper functions
register_timestamp_helpers(&mut engine);
// Get the path to the script
let script_path = Path::new(file!())
.parent()
.unwrap()
.join("finance_script.rhai");
println!("\nRunning script: {}", script_path.display());
println!("---------------------");
// Run the script
match eval_file(&engine, &script_path) {
Ok(result) => {
if !result.is_unit() {
println!("\nScript returned: {:?}", result);
}
println!("\nScript executed successfully!");
Ok(())
}
Err(err) => {
eprintln!("\nError running script: {}", err);
Err(Box::new(std::io::Error::new(
std::io::ErrorKind::Other,
err.to_string(),
)))
}
}
}
// Register timestamp helper functions with the engine
fn register_timestamp_helpers(engine: &mut Engine) {
use chrono::{TimeZone, Utc};
// Function to get current timestamp
engine.register_fn("timestamp_now", || Utc::now().timestamp() as i64);
// Function to format a timestamp
engine.register_fn("format_timestamp", |ts: i64| {
let dt = Utc
.timestamp_opt(ts, 0)
.single()
.expect("Invalid timestamp");
dt.format("%Y-%m-%d %H:%M:%S UTC").to_string()
});
println!("Timestamp helper functions registered successfully.");
}

202
rhailib/_archive/engine/examples/finance/finance_script.rhai Normal file
View File

@@ -0,0 +1,202 @@
// finance_script.rhai
// Example Rhai script for working with Finance models
// Constants for AssetType
const NATIVE = "Native";
const ERC20 = "Erc20";
const ERC721 = "Erc721";
const ERC1155 = "Erc1155";
// Constants for ListingStatus
const ACTIVE = "Active";
const SOLD = "Sold";
const CANCELLED = "Cancelled";
const EXPIRED = "Expired";
// Constants for ListingType
const FIXED_PRICE = "FixedPrice";
const AUCTION = "Auction";
const EXCHANGE = "Exchange";
// Constants for BidStatus
const BID_ACTIVE = "Active";
const BID_ACCEPTED = "Accepted";
const BID_REJECTED = "Rejected";
const BID_CANCELLED = "Cancelled";
// Create a new account using builder pattern
let alice_account = new_account()
.name("Alice's Account")
.user_id(101)
.description("Alice's primary trading account")
.ledger("ethereum")
.address("0x1234567890abcdef1234567890abcdef12345678")
.pubkey("0xabcdef1234567890abcdef1234567890abcdef12");
print(`Created account: ${alice_account.get_name()} (User ID: ${alice_account.get_user_id()})`);
// Save the account to the database
let saved_alice = set_account(alice_account);
print(`Account saved to database with ID: ${saved_alice.get_id()}`);
// Create a new asset using builder pattern
let token_asset = new_asset()
.name("HERO Token")
.description("Herocode governance token")
.amount(1000.0)
.address("0x9876543210abcdef9876543210abcdef98765432")
.asset_type(ERC20)
.decimals(18);
print(`Created asset: ${token_asset.get_name()} (${token_asset.get_amount()} ${token_asset.get_asset_type()})`);
// Save the asset to the database
let saved_token = set_asset(token_asset);
print(`Asset saved to database with ID: ${saved_token.get_id()}`);
// Add the asset to Alice's account
saved_alice = saved_alice.add_asset(saved_token.get_id());
saved_alice = set_account(saved_alice);
print(`Added asset ${saved_token.get_name()} to ${saved_alice.get_name()}`);
// Create a new NFT asset
let nft_asset = new_asset()
.name("Herocode #42")
.description("Unique digital collectible")
.amount(1.0)
.address("0xabcdef1234567890abcdef1234567890abcdef12")
.asset_type(ERC721)
.decimals(0);
// Save the NFT to the database
let saved_nft = set_asset(nft_asset);
print(`NFT saved to database with ID: ${saved_nft.get_id()}`);
// Create Bob's account
let bob_account = new_account()
.name("Bob's Account")
.user_id(102)
.description("Bob's trading account")
.ledger("ethereum")
.address("0xfedcba0987654321fedcba0987654321fedcba09")
.pubkey("0x654321fedcba0987654321fedcba0987654321fe");
// Save Bob's account
let saved_bob = set_account(bob_account);
print(`Created and saved Bob's account with ID: ${saved_bob.get_id()}`);
// Create a listing for the NFT
let nft_listing = new_listing()
.seller_id(saved_alice.get_id())
.asset_id(saved_nft.get_id())
.price(0.5)
.currency("ETH")
.listing_type(AUCTION)
.title("Rare Herocode NFT")
.description("One of a kind digital collectible")
.image_url("https://example.com/nft/42.png")
.expires_at(timestamp_now() + 86400) // 24 hours from now
.add_tag("rare")
.add_tag("collectible")
.add_tag("digital art")
.set_listing();
// Save the listing
print(`Created listing: ${nft_listing.get_title()} (ID: ${nft_listing.get_id()})`);
print(`Listing status: ${nft_listing.get_status()}, Type: ${nft_listing.get_listing_type()}`);
print(`Listing price: ${nft_listing.get_price()} ${nft_listing.get_currency()}`);
// Create a bid from Bob
let bob_bid = new_bid()
.listing_id(nft_listing.get_id().to_string())
.bidder_id(saved_bob.get_id())
.amount(1.5)
.currency("ETH")
.set_bid();
// Save the bid
print(`Created bid from ${saved_bob.get_name()} for ${bob_bid.get_amount()} ${bob_bid.get_currency()}`);
// Add the bid to the listing
nft_listing.add_bid(bob_bid);
nft_listing.set_listing();
print(`Added bid to listing ${nft_listing.get_title()}`);
// Create another bid with higher amount
let charlie_account = new_account()
.name("Charlie's Account")
.user_id(103)
.description("Charlie's trading account")
.ledger("ethereum")
.address("0x1122334455667788991122334455667788990011")
.pubkey("0x8877665544332211887766554433221188776655");
let saved_charlie = set_account(charlie_account);
print(`Created and saved Charlie's account with ID: ${saved_charlie.get_id()}`);
let charlie_bid = new_bid()
.listing_id(nft_listing.get_id().to_string())
.bidder_id(saved_charlie.get_id())
.amount(2.5)
.currency("ETH")
.set_bid();
print(`Created higher bid from ${saved_charlie.get_name()} for ${charlie_bid.get_amount()} ${charlie_bid.get_currency()}`);
// Add the higher bid to the listing
nft_listing.add_bid(charlie_bid)
.set_listing();
print(`Added higher bid to listing ${nft_listing.get_title()}`);
nft_listing.sale_price(2.5)
.set_listing();
// Complete the sale to the highest bidder (Charlie)
nft_listing.complete_sale(saved_charlie.get_id())
.set_listing();
print(`Completed sale of ${nft_listing.get_title()} to ${saved_charlie.get_name()}`);
print(`New listing status: ${saved_listing.get_status()}`);
// Retrieve the listing from the database
let retrieved_listing = get_listing_by_id(saved_listing.get_id());
print(`Retrieved listing: ${retrieved_listing.get_title()} (Status: ${retrieved_listing.get_status()})`);
// Create a fixed price listing
let token_listing = new_listing()
.seller_id(saved_alice.get_id())
.asset_id(saved_token.get_id())
.price(100.0)
.currency("USDC")
.listing_type(FIXED_PRICE)
.title("HERO Tokens for Sale")
.description("100 HERO tokens at fixed price")
.set_listing();
// Save the fixed price listing
print(`Created fixed price listing: ${token_listing.get_title()} (ID: ${token_listing.get_id()})`);
// Cancel the listing
token_listing.cancel();
token_listing.set_listing();
print(`Cancelled listing: ${token_listing.get_title()}`);
print(`Listing status: ${token_listing.get_status()}`);
// Print summary of all accounts
print("\nAccount Summary:");
print(`Alice (ID: ${saved_alice.get_id()}): ${saved_alice.get_assets().len()} assets`);
print(`Bob (ID: ${saved_bob.get_id()}): ${saved_bob.get_assets().len()} assets`);
print(`Charlie (ID: ${saved_charlie.get_id()}): ${saved_charlie.get_assets().len()} assets`);
// Print summary of all listings
print("\nListing Summary:");
print(`NFT Auction (ID: ${nft_listing.get_id()}): ${nft_listing.get_status()}`);
print(`Token Sale (ID: ${token_listing.get_id()}): ${token_listing.get_status()}`);
// Print summary of all bids
print("\nBid Summary:");
print(`Bob's bid: ${bob_bid.get_amount()} ${bob_bid.get_currency()} (Status: ${bob_bid.get_status()})`);
print(`Charlie's bid: ${charlie_bid.get_amount()} ${charlie_bid.get_currency()} (Status: ${charlie_bid.get_status()})`);

111
rhailib/_archive/engine/examples/finance/mock.rs Normal file
View File

@@ -0,0 +1,111 @@
use heromodels::db::hero::OurDB;
use heromodels::db::{Collection, Db};
use heromodels::models::finance::account::Account;
use heromodels::models::finance::asset::{Asset, AssetType};
use heromodels::models::finance::marketplace::{Listing, ListingType};
use heromodels_core::Model;
use std::sync::Arc;
/// Seed the mock database with finance data
pub fn seed_finance_data(db: Arc<OurDB>) {
// Create a user account
let account = Account::new()
.name("Demo Account")
.user_id(1)
.description("Demo trading account")
.ledger("ethereum")
.address("0x1234567890abcdef1234567890abcdef12345678")
.pubkey("0xabcdef1234567890abcdef1234567890abcdef12");
// Store the account in the database
let (account_id, mut updated_account) = db
.collection::<Account>()
.expect("Failed to get Account collection")
.set(&account)
.expect("Failed to store account");
// Create an ERC20 token asset
let token_asset = Asset::new()
.name("HERO Token")
.description("Herocode governance token")
.amount(1000.0)
.address("0x9876543210abcdef9876543210abcdef98765432")
.asset_type(AssetType::Erc20)
.decimals(18);
// Store the token asset in the database
let (token_id, updated_token) = db
.collection::<Asset>()
.expect("Failed to get Asset collection")
.set(&token_asset)
.expect("Failed to store token asset");
// Create an NFT asset
let nft_asset = Asset::new()
.name("Herocode #1")
.description("Unique digital collectible")
.amount(1.0)
.address("0xabcdef1234567890abcdef1234567890abcdef12")
.asset_type(AssetType::Erc721)
.decimals(0);
// Store the NFT asset in the database
let (nft_id, updated_nft) = db
.collection::<Asset>()
.expect("Failed to get Asset collection")
.set(&nft_asset)
.expect("Failed to store NFT asset");
// Add assets to the account
updated_account = updated_account.add_asset(token_id);
updated_account = updated_account.add_asset(nft_id);
// Update the account in the database
let (_, final_account) = db
.collection::<Account>()
.expect("Failed to get Account collection")
.set(&updated_account)
.expect("Failed to store updated account");
// Create a listing for the NFT
let listing = Listing::new()
.seller_id(account_id)
.asset_id(nft_id)
.price(0.5)
.currency("ETH")
.listing_type(ListingType::Auction)
.title("Rare Herocode NFT".to_string())
.description("One of a kind digital collectible".to_string())
.image_url(Some("https://example.com/nft/1.png".to_string()))
.add_tag("rare".to_string())
.add_tag("collectible".to_string());
// Store the listing in the database
let (_listing_id, updated_listing) = db
.collection::<Listing>()
.expect("Failed to get Listing collection")
.set(&listing)
.expect("Failed to store listing");
println!("Mock database seeded with finance data:");
println!(
" - Added account: {} (ID: {})",
final_account.name,
final_account.get_id()
);
println!(
" - Added token asset: {} (ID: {})",
updated_token.name,
updated_token.get_id()
);
println!(
" - Added NFT asset: {} (ID: {})",
updated_nft.name,
updated_nft.get_id()
);
println!(
" - Added listing: {} (ID: {})",
updated_listing.title,
updated_listing.get_id()
);
}

162
rhailib/_archive/engine/examples/flow/example.rs Normal file
View File

@@ -0,0 +1,162 @@
use engine::mock_db::create_mock_db;
use engine::{create_heromodels_engine, eval_file};
use heromodels::models::flow::{Flow, FlowStep, SignatureRequirement};
use heromodels_core::Model;
use rhai::Scope;
use std::path::Path;
mod mock;
use mock::seed_flow_data;
fn main() -> Result<(), Box<dyn std::error::Error>> {
println!("Flow Rhai Example");
println!("=================");
// Create a mock database
let db = create_mock_db();
// Seed the database with initial data
seed_flow_data(db.clone());
// Create the Rhai engine with all modules registered
let engine = create_heromodels_engine(db.clone());
// Get the path to the script
let script_path = Path::new(file!())
.parent()
.unwrap()
.join("flow_script.rhai");
println!("\nRunning script: {}", script_path.display());
println!("---------------------");
// Run the script
match eval_file(&engine, &script_path.to_string_lossy()) {
Ok(result) => {
if !result.is_unit() {
println!("\nScript returned: {:?}", result);
}
println!("\nScript executed successfully!");
}
Err(err) => {
eprintln!("\nError running script: {}", err);
return Err(Box::new(std::io::Error::new(
std::io::ErrorKind::Other,
err.to_string(),
)));
}
}
// Demonstrate direct Rust interaction with the Rhai-exposed flow functionality
println!("\nDirect Rust interaction with Rhai-exposed flow functionality");
println!("----------------------------------------------------------");
// Create a new scope
let mut scope = Scope::new();
// Create a new flow using the Rhai function
let result = engine.eval::<Flow>("new_flow(0, \"Direct Rust Flow\")");
match result {
Ok(mut flow) => {
println!(
"Created flow from Rust: {} (ID: {})",
flow.name,
flow.get_id()
);
// Set flow status using the builder pattern
flow = flow.status("active".to_string());
println!("Set flow status to: {}", flow.status);
// Create a new flow step using the Rhai function
let result = engine.eval::<FlowStep>("new_flow_step(0, 1)");
match result {
Ok(mut step) => {
println!(
"Created flow step from Rust: Step Order {} (ID: {})",
step.step_order,
step.get_id()
);
// Set step description
step = step.description("Direct Rust Step".to_string());
println!(
"Set step description to: {}",
step.description
.clone()
.unwrap_or_else(|| "None".to_string())
);
// Create a signature requirement using the Rhai function
let result = engine.eval::<SignatureRequirement>(
"new_signature_requirement(0, 1, \"Direct Rust Signer\", \"Please sign this document\")"
);
match result {
Ok(req) => {
println!(
"Created signature requirement from Rust: Public Key {} (ID: {})",
req.public_key,
req.get_id()
);
// Add the step to the flow using the builder pattern
flow = flow.add_step(step);
println!(
"Added step to flow. Flow now has {} steps",
flow.steps.len()
);
// Save the flow to the database using the Rhai function
let save_flow_script = "fn save_it(f) { return db::save_flow(f); }";
let save_flow_ast = engine.compile(save_flow_script).unwrap();
let result = engine.call_fn::<Flow>(
&mut scope,
&save_flow_ast,
"save_it",
(flow,),
);
match result {
Ok(saved_flow) => {
println!(
"Saved flow to database with ID: {}",
saved_flow.get_id()
);
}
Err(err) => eprintln!("Error saving flow: {}", err),
}
// Save the signature requirement to the database using the Rhai function
let save_req_script =
"fn save_it(r) { return db::save_signature_requirement(r); }";
let save_req_ast = engine.compile(save_req_script).unwrap();
let result = engine.call_fn::<SignatureRequirement>(
&mut scope,
&save_req_ast,
"save_it",
(req,),
);
match result {
Ok(saved_req) => {
println!(
"Saved signature requirement to database with ID: {}",
saved_req.get_id()
);
}
Err(err) => {
eprintln!("Error saving signature requirement: {}", err)
}
}
}
Err(err) => eprintln!("Error creating signature requirement: {}", err),
}
}
Err(err) => eprintln!("Error creating flow step: {}", err),
}
}
Err(err) => eprintln!("Error creating flow: {}", err),
}
Ok(())
}

111
rhailib/_archive/engine/examples/flow/flow_script.rhai Normal file
View File

@@ -0,0 +1,111 @@
// flow_script.rhai
// Example Rhai script for working with Flow models
// Constants for Flow status
const STATUS_DRAFT = "draft";
const STATUS_ACTIVE = "active";
const STATUS_COMPLETED = "completed";
const STATUS_CANCELLED = "cancelled";
// Create a new flow using builder pattern
let my_flow = new_flow(0, "flow-123");
name(my_flow, "Document Approval Flow");
status(my_flow, STATUS_DRAFT);
print(`Created flow: ${get_flow_name(my_flow)} (ID: ${get_flow_id(my_flow)})`);
print(`Status: ${get_flow_status(my_flow)}`);
// Create flow steps using builder pattern
let step1 = new_flow_step(0, 1);
description(step1, "Initial review by legal team");
status(step1, STATUS_DRAFT);
let step2 = new_flow_step(0, 2);
description(step2, "Approval by department head");
status(step2, STATUS_DRAFT);
let step3 = new_flow_step(0, 3);
description(step3, "Final signature by CEO");
status(step3, STATUS_DRAFT);
// Create signature requirements using builder pattern
let req1 = new_signature_requirement(0, get_flow_step_id(step1), "legal@example.com", "Please review this document");
signed_by(req1, "Legal Team");
status(req1, STATUS_DRAFT);
let req2 = new_signature_requirement(0, get_flow_step_id(step2), "dept@example.com", "Department approval needed");
signed_by(req2, "Department Head");
status(req2, STATUS_DRAFT);
let req3 = new_signature_requirement(0, get_flow_step_id(step3), "ceo@example.com", "Final approval required");
signed_by(req3, "CEO");
status(req3, STATUS_DRAFT);
print(`Created flow steps with signature requirements`);
// Add steps to the flow
let flow_with_steps = my_flow;
add_step(flow_with_steps, step1);
add_step(flow_with_steps, step2);
add_step(flow_with_steps, step3);
print(`Added steps to flow. Flow now has ${get_flow_steps(flow_with_steps).len()} steps`);
// Activate the flow
let active_flow = flow_with_steps;
status(active_flow, STATUS_ACTIVE);
print(`Updated flow status to: ${get_flow_status(active_flow)}`);
// Save the flow to the database
let saved_flow = db::save_flow(active_flow);
print(`Flow saved to database with ID: ${get_flow_id(saved_flow)}`);
// Save signature requirements to the database
let saved_req1 = db::save_signature_requirement(req1);
let saved_req2 = db::save_signature_requirement(req2);
let saved_req3 = db::save_signature_requirement(req3);
print(`Signature requirements saved to database with IDs: ${get_signature_requirement_id(saved_req1)}, ${get_signature_requirement_id(saved_req2)}, ${get_signature_requirement_id(saved_req3)}`);
// Retrieve the flow from the database
let retrieved_flow = db::get_flow_by_id(get_flow_id(saved_flow));
print(`Retrieved flow: ${get_flow_name(retrieved_flow)}`);
print(`It has ${get_flow_steps(retrieved_flow).len()} steps`);
// Complete the flow
let completed_flow = retrieved_flow;
status(completed_flow, STATUS_COMPLETED);
print(`Updated retrieved flow status to: ${get_flow_status(completed_flow)}`);
// Save the updated flow
db::save_flow(completed_flow);
print("Updated flow saved to database");
// List all flows in the database
let all_flows = db::list_flows();
print("\nListing all flows in database:");
let flow_count = 0;
for flow in all_flows {
print(` - Flow: ${get_flow_name(flow)} (ID: ${get_flow_id(flow)})`);
flow_count += 1;
}
print(`Total flows: ${flow_count}`);
// List all signature requirements
let all_reqs = db::list_signature_requirements();
print("\nListing all signature requirements in database:");
let req_count = 0;
for req in all_reqs {
print(` - Requirement for step ${get_signature_requirement_flow_step_id(req)} (ID: ${get_signature_requirement_id(req)})`);
req_count += 1;
}
print(`Total signature requirements: ${req_count}`);
// Clean up - delete the flow
db::delete_flow(get_flow_id(completed_flow));
print(`Deleted flow with ID: ${get_flow_id(completed_flow)}`);
// Clean up - delete signature requirements
db::delete_signature_requirement(get_signature_requirement_id(saved_req1));
db::delete_signature_requirement(get_signature_requirement_id(saved_req2));
db::delete_signature_requirement(get_signature_requirement_id(saved_req3));
print("Deleted all signature requirements");

65
rhailib/_archive/engine/examples/flow/mock.rs Normal file
View File

@@ -0,0 +1,65 @@
use heromodels::db::hero::OurDB;
use heromodels::db::{Collection, Db};
use heromodels::models::flow::{Flow, FlowStep, SignatureRequirement};
use heromodels_core::Model;
use std::sync::Arc;
/// Seed the mock database with flow data
#[cfg(feature = "flow")]
pub fn seed_flow_data(db: Arc<OurDB>) {
// Create a flow
let flow = Flow::new(None, "Onboarding Flow".to_string())
.description("New employee onboarding process".to_string())
.status("active".to_string());
// Create a signature requirement first
let sig_req = SignatureRequirement::new(
None,
1,
"hr_manager_pubkey".to_string(),
"Please sign the employment contract".to_string(),
);
let (sig_req_id, saved_sig_req) = db
.collection::<SignatureRequirement>()
.expect("Failed to get SignatureRequirement collection")
.set(&sig_req)
.expect("Failed to store signature requirement");
// Create a flow step and add the signature requirement
let step = FlowStep::new(None, 1)
.description("Complete HR paperwork".to_string())
.add_signature_requirement(sig_req_id);
let (step_id, saved_step) = db
.collection::<FlowStep>()
.expect("Failed to get FlowStep collection")
.set(&step)
.expect("Failed to store flow step");
// Add the step to the flow
let flow_with_step = flow.add_step(step_id);
// Store the flow
let (_flow_id, saved_flow) = db
.collection::<Flow>()
.expect("Failed to get Flow collection")
.set(&flow_with_step)
.expect("Failed to store flow");
println!("Mock database seeded with flow data:");
println!(
" - Added flow: {} (ID: {})",
saved_flow.name,
saved_flow.get_id()
);
println!(
" - Added step with order: {} (ID: {})",
saved_step.step_order,
saved_step.get_id()
);
println!(
" - Added signature requirement for: {} (ID: {})",
saved_sig_req.public_key,
saved_sig_req.get_id()
);
}

305
rhailib/_archive/engine/src/lib.rs Normal file
View File

@@ -0,0 +1,305 @@
//! # Rhailib Engine
//!
//! The central Rhai scripting engine for the heromodels ecosystem. This crate provides
//! a unified interface for creating, configuring, and executing Rhai scripts with access
//! to all business domain modules.
//!
//! ## Features
//!
//! - **Unified Engine Creation**: Pre-configured Rhai engine with all DSL modules
//! - **Script Execution Utilities**: Direct evaluation, file-based execution, and AST compilation
//! - **Mock Database System**: Complete testing environment with seeded data
//! - **Feature-Based Architecture**: Modular compilation based on required domains
//!
//! ## Quick Start
//!
//! ```rust
//! use rhailib_engine::{create_heromodels_engine, eval_script};
//!
//! // Create a fully configured engine
//! let engine = create_heromodels_engine();
//!
//! // Execute a business logic script
//! let result = eval_script(&engine, r#"
//! let company = new_company()
//! .name("Acme Corp")
//! .business_type("global");
//! company.name
//! "#)?;
//!
//! println!("Company name: {}", result.as_string().unwrap());
//! ```
//!
//! ## Available Features
//!
//! - `calendar` (default): Calendar and event management
//! - `finance` (default): Financial accounts, assets, and marketplace
//! - `flow`: Workflow and approval processes
//! - `legal`: Contract and legal document management
//! - `projects`: Project and task management
//! - `biz`: Business operations and entities
use rhai::{Engine, EvalAltResult, Scope, AST};
use rhailib_dsl;
use std::fs;
use std::path::Path;
/// Mock database module for testing and examples
pub mod mock_db;
/// Creates a fully configured Rhai engine with all available DSL modules.
///
/// This function creates a new Rhai engine instance, configures it with appropriate
/// limits and settings, and registers all available business domain modules based
/// on enabled features.
///
/// # Engine Configuration
///
/// The engine is configured with the following limits:
/// - **Expression Depth**: 128 levels for both expressions and functions
/// - **String Size**: 10 MB maximum
/// - **Array Size**: 10,000 elements maximum
/// - **Map Size**: 10,000 key-value pairs maximum
///
/// # Registered Modules
///
/// All enabled DSL modules are automatically registered, including:
/// - Business operations (companies, products, sales, shareholders)
/// - Financial models (accounts, assets, marketplace)
/// - Content management (collections, images, PDFs, books)
/// - Workflow management (flows, steps, signatures)
/// - And more based on enabled features
///
/// # Returns
///
/// A fully configured `Engine` instance ready for script execution.
///
/// # Example
///
/// ```rust
/// use rhailib_engine::create_heromodels_engine;
///
/// let engine = create_heromodels_engine();
///
/// // Engine is now ready to execute scripts with access to all DSL functions
/// let result = engine.eval::<String>(r#"
/// let company = new_company().name("Test Corp");
/// company.name
/// "#).unwrap();
/// assert_eq!(result, "Test Corp");
/// ```
pub fn create_heromodels_engine() -> Engine {
let mut engine = Engine::new();
// Configure engine settings
engine.set_max_expr_depths(128, 128);
engine.set_max_string_size(10 * 1024 * 1024); // 10 MB
engine.set_max_array_size(10 * 1024); // 10K elements
engine.set_max_map_size(10 * 1024); // 10K elements
// Register all heromodels Rhai modules
rhailib_dsl::register_dsl_modules(&mut engine);
engine
}
// /// Register all heromodels Rhai modules with the engine
// pub fn register_all_modules(engine: &mut Engine, db: Arc<OurDB>) {
// // Register the calendar module if the feature is enabled
// heromodels::models::access::register_access_rhai_module(engine, db.clone());
// #[cfg(feature = "calendar")]
// heromodels::models::calendar::register_calendar_rhai_module(engine, db.clone());
// heromodels::models::contact::register_contact_rhai_module(engine, db.clone());
// heromodels::models::library::register_library_rhai_module(engine, db.clone());
// heromodels::models::circle::register_circle_rhai_module(engine, db.clone());
// // Register the flow module if the feature is enabled
// #[cfg(feature = "flow")]
// heromodels::models::flow::register_flow_rhai_module(engine, db.clone());
// // // Register the finance module if the feature is enabled
// // #[cfg(feature = "finance")]
// // heromodels::models::finance::register_finance_rhai_module(engine, db.clone());
// // Register the legal module if the feature is enabled
// #[cfg(feature = "legal")]
// heromodels::models::legal::register_legal_rhai_module(engine, db.clone());
// // Register the projects module if the feature is enabled
// #[cfg(feature = "projects")]
// heromodels::models::projects::register_projects_rhai_module(engine, db.clone());
// // Register the biz module if the feature is enabled
// #[cfg(feature = "biz")]
// heromodels::models::biz::register_biz_rhai_module(engine, db.clone());
// println!("Heromodels Rhai modules registered successfully.");
// }
/// Evaluates a Rhai script string and returns the result.
///
/// This function provides a convenient way to execute Rhai script strings directly
/// using the provided engine. It's suitable for one-off script execution or when
/// the script content is dynamically generated.
///
/// # Arguments
///
/// * `engine` - The Rhai engine to use for script execution
/// * `script` - The Rhai script content as a string
///
/// # Returns
///
/// * `Ok(Dynamic)` - The result of script execution
/// * `Err(Box<EvalAltResult>)` - Script compilation or execution error
///
/// # Example
///
/// ```rust
/// use rhailib_engine::{create_heromodels_engine, eval_script};
///
/// let engine = create_heromodels_engine();
/// let result = eval_script(&engine, r#"
/// let x = 42;
/// let y = 8;
/// x + y
/// "#)?;
/// assert_eq!(result.as_int().unwrap(), 50);
/// ```
pub fn eval_script(
engine: &Engine,
script: &str,
) -> Result<rhai::Dynamic, Box<rhai::EvalAltResult>> {
engine.eval::<rhai::Dynamic>(script)
}
/// Evaluates a Rhai script from a file and returns the result.
///
/// This function reads a Rhai script from the filesystem and executes it using
/// the provided engine. It handles file reading errors gracefully and provides
/// meaningful error messages.
///
/// # Arguments
///
/// * `engine` - The Rhai engine to use for script execution
/// * `file_path` - Path to the Rhai script file
///
/// # Returns
///
/// * `Ok(Dynamic)` - The result of script execution
/// * `Err(Box<EvalAltResult>)` - File reading, compilation, or execution error
///
/// # Example
///
/// ```rust
/// use rhailib_engine::{create_heromodels_engine, eval_file};
/// use std::path::Path;
///
/// let engine = create_heromodels_engine();
/// let result = eval_file(&engine, Path::new("scripts/business_logic.rhai"))?;
/// println!("Script result: {:?}", result);
/// ```
///
/// # Error Handling
///
/// File reading errors are converted to Rhai `ErrorSystem` variants with
/// descriptive messages including the file path that failed to load.
pub fn eval_file(
engine: &Engine,
file_path: &Path,
) -> Result<rhai::Dynamic, Box<rhai::EvalAltResult>> {
match fs::read_to_string(file_path) {
Ok(script_content) => engine.eval::<rhai::Dynamic>(&script_content),
Err(io_err) => Err(Box::new(EvalAltResult::ErrorSystem(
format!("Failed to read script file: {}", file_path.display()),
Box::new(io_err),
))),
}
}
/// Compiles a Rhai script string into an Abstract Syntax Tree (AST).
///
/// This function compiles a Rhai script into an AST that can be executed multiple
/// times with different scopes. This is more efficient than re-parsing the script
/// for each execution when the same script needs to be run repeatedly.
///
/// # Arguments
///
/// * `engine` - The Rhai engine to use for compilation
/// * `script` - The Rhai script content as a string
///
/// # Returns
///
/// * `Ok(AST)` - The compiled Abstract Syntax Tree
/// * `Err(Box<EvalAltResult>)` - Script compilation error
///
/// # Example
///
/// ```rust
/// use rhailib_engine::{create_heromodels_engine, compile_script, run_ast};
/// use rhai::Scope;
///
/// let engine = create_heromodels_engine();
/// let ast = compile_script(&engine, r#"
/// let company = new_company().name(company_name);
/// save_company(company)
/// "#)?;
///
/// // Execute the compiled script multiple times with different variables
/// let mut scope1 = Scope::new();
/// scope1.push("company_name", "Acme Corp");
/// let result1 = run_ast(&engine, &ast, &mut scope1)?;
///
/// let mut scope2 = Scope::new();
/// scope2.push("company_name", "Tech Startup");
/// let result2 = run_ast(&engine, &ast, &mut scope2)?;
/// ```
pub fn compile_script(engine: &Engine, script: &str) -> Result<AST, Box<rhai::EvalAltResult>> {
Ok(engine.compile(script)?)
}
/// Executes a compiled Rhai script AST with the provided scope.
///
/// This function runs a pre-compiled AST using the provided engine and scope.
/// The scope can contain variables and functions that will be available to
/// the script during execution.
///
/// # Arguments
///
/// * `engine` - The Rhai engine to use for execution
/// * `ast` - The compiled Abstract Syntax Tree to execute
/// * `scope` - Mutable scope containing variables and functions for the script
///
/// # Returns
///
/// * `Ok(Dynamic)` - The result of script execution
/// * `Err(Box<EvalAltResult>)` - Script execution error
///
/// # Example
///
/// ```rust
/// use rhailib_engine::{create_heromodels_engine, compile_script, run_ast};
/// use rhai::Scope;
///
/// let engine = create_heromodels_engine();
/// let ast = compile_script(&engine, "x + y")?;
///
/// let mut scope = Scope::new();
/// scope.push("x", 10_i64);
/// scope.push("y", 32_i64);
///
/// let result = run_ast(&engine, &ast, &mut scope)?;
/// assert_eq!(result.as_int().unwrap(), 42);
/// ```
///
/// # Performance Notes
///
/// Using compiled ASTs is significantly more efficient than re-parsing scripts
/// for repeated execution, especially for complex scripts or when executing
/// the same logic with different input parameters.
pub fn run_ast(
engine: &Engine,
ast: &AST,
scope: &mut Scope,
) -> Result<rhai::Dynamic, Box<rhai::EvalAltResult>> {
engine.eval_ast_with_scope(scope, ast)
}

374
rhailib/_archive/engine/src/mock_db.rs Normal file
View File

@@ -0,0 +1,374 @@
use chrono::Utc;
use heromodels::db::hero::OurDB;
use heromodels::db::{Collection, Db}; // Import both Db and Collection traits
use heromodels::models::calendar::{Calendar, Event};
use heromodels_core::Model; // Import Model trait to use build method
use std::env;
use std::sync::Arc;
// Import finance models
use heromodels::models::finance::account::Account;
use heromodels::models::finance::asset::{Asset, AssetType};
use heromodels::models::finance::marketplace::{Listing, ListingType};
// Conditionally import other modules based on features
#[cfg(feature = "flow")]
use heromodels::models::flow::{Flow, FlowStep, SignatureRequirement};
#[cfg(feature = "legal")]
use heromodels::models::legal::{
Contract, ContractRevision, ContractSigner, ContractStatus, SignerStatus,
};
#[cfg(feature = "projects")]
use heromodels::models::projects::{ItemType, Priority, Project, Status as ProjectStatus};
/// Create a mock in-memory database for examples
pub fn create_mock_db() -> Arc<OurDB> {
// Create a temporary directory for the database files
let temp_dir = env::temp_dir().join("engine_examples");
std::fs::create_dir_all(&temp_dir).expect("Failed to create temp directory");
// Create a new OurDB instance with reset=true to ensure it's clean
let db = OurDB::new(temp_dir, true).expect("Failed to create OurDB instance");
Arc::new(db)
}
/// Seed the mock database with some initial data for all modules
pub fn seed_mock_db(db: Arc<OurDB>) {
// Seed calendar data
seed_calendar_data(db.clone());
// Seed finance data
seed_finance_data(db.clone());
// Seed flow data if the feature is enabled
#[cfg(feature = "flow")]
seed_flow_data(db.clone());
// Seed legal data if the feature is enabled
#[cfg(feature = "legal")]
seed_legal_data(db.clone());
// Seed projects data if the feature is enabled
#[cfg(feature = "projects")]
seed_projects_data(db.clone());
println!("Mock database seeded with initial data for all enabled modules.");
}
/// Seed the mock database with calendar data
fn seed_calendar_data(db: Arc<OurDB>) {
// Create a calendar
let mut calendar = Calendar::new(None, "Work Calendar".to_string());
calendar.description = Some("My work schedule".to_string());
// Store the calendar in the database
let (_calendar_id, _updated_calendar) = db
.collection::<Calendar>()
.expect("Failed to get Calendar collection")
.set(&calendar)
.expect("Failed to store calendar");
// Create an event
let now = Utc::now().timestamp();
let end_time = now + 3600; // Add 1 hour in seconds
// Use the builder pattern for Event
let event = Event::new()
.title("Team Meeting".to_string())
.reschedule(now, end_time)
.location("Conference Room A".to_string())
.description("Weekly sync".to_string())
// .add_attendee(Attendee::new(1))
// .add_attendee(Attendee::new(2))
.build();
// // Add attendees to the event using the builder pattern
// let attendee1 = Attendee::new(1);
// let attendee2 = Attendee::new(2);
// // Add attendees using the builder pattern
// event = event.add_attendee(attendee1);
// event = event.add_attendee(attendee2);
// Call build and capture the returned value
// let event = event.build();
// Store the event in the database first to get its ID
let (event_id, updated_event) = db
.collection()
.expect("Failed to get Event collection")
.set(&event)
.expect("Failed to store event");
// Add the event ID to the calendar
calendar = calendar.add_event(event_id as i64);
// Store the calendar in the database
let (_calendar_id, updated_calendar) = db
.collection::<Calendar>()
.expect("Failed to get Calendar collection")
.set(&calendar)
.expect("Failed to store calendar");
println!("Mock database seeded with calendar data:");
println!(
" - Added calendar: {} (ID: {})",
updated_calendar.name, updated_calendar.base_data.id
);
println!(
" - Added event: {} (ID: {})",
updated_event.title, updated_event.base_data.id
);
}
/// Seed the mock database with flow data
#[cfg(feature = "flow")]
fn seed_flow_data(db: Arc<OurDB>) {
// Create a flow
let mut flow = Flow::new(0, "Document Approval".to_string());
// Set flow properties using the builder pattern
flow = flow.status("draft".to_string());
flow = flow.name("Document Approval Flow".to_string());
// Create flow steps
let mut step1 = FlowStep::new(0, 1);
step1 = step1.description("Initial review by legal team".to_string());
step1 = step1.status("pending".to_string());
let mut step2 = FlowStep::new(0, 2);
step2 = step2.description("Approval by department head".to_string());
step2 = step2.status("pending".to_string());
// Add signature requirements
let mut req1 = SignatureRequirement::new(
0,
1,
"Legal Team".to_string(),
"Please review this document".to_string(),
);
let mut req2 = SignatureRequirement::new(
0,
2,
"Department Head".to_string(),
"Please approve this document".to_string(),
);
// Add steps to flow
flow = flow.add_step(step1);
flow = flow.add_step(step2);
// Store in the database
let (_, updated_flow) = db
.collection::<Flow>()
.expect("Failed to get Flow collection")
.set(&flow)
.expect("Failed to store flow");
// Store signature requirements in the database
let (_, updated_req1) = db
.collection::<SignatureRequirement>()
.expect("Failed to get SignatureRequirement collection")
.set(&req1)
.expect("Failed to store signature requirement");
let (_, updated_req2) = db
.collection::<SignatureRequirement>()
.expect("Failed to get SignatureRequirement collection")
.set(&req2)
.expect("Failed to store signature requirement");
println!("Mock database seeded with flow data:");
println!(
" - Added flow: {} (ID: {})",
updated_flow.name, updated_flow.base_data.id
);
println!(" - Added {} steps", updated_flow.steps.len());
println!(
" - Added signature requirements with IDs: {} and {}",
updated_req1.base_data.id, updated_req2.base_data.id
);
}
/// Seed the mock database with legal data
#[cfg(feature = "legal")]
fn seed_legal_data(db: Arc<OurDB>) {
// Create a contract
let mut contract = Contract::new(None, "Service Agreement".to_string());
contract.description = Some("Agreement for software development services".to_string());
contract.status = ContractStatus::Draft;
// Create a revision
let revision = ContractRevision::new(
None,
"Initial draft".to_string(),
"https://example.com/contract/v1".to_string(),
);
// Create signers
let signer1 = ContractSigner::new(None, 1, "Client".to_string());
let signer2 = ContractSigner::new(None, 2, "Provider".to_string());
// Add revision and signers to contract
contract.add_revision(revision);
contract.add_signer(signer1);
contract.add_signer(signer2);
// Store in the database
let (_, updated_contract) = db
.collection::<Contract>()
.expect("Failed to get Contract collection")
.set(&contract)
.expect("Failed to store contract");
println!("Mock database seeded with legal data:");
println!(
" - Added contract: {} (ID: {})",
updated_contract.name, updated_contract.base_data.id
);
println!(
" - Added {} revisions and {} signers",
updated_contract.revisions.len(),
updated_contract.signers.len()
);
}
/// Seed the mock database with projects data
#[cfg(feature = "projects")]
fn seed_projects_data(db: Arc<OurDB>) {
// Create a project
let mut project = Project::new(None, "Website Redesign".to_string());
project.description = Some("Redesign the company website".to_string());
project.status = ProjectStatus::InProgress;
project.priority = Priority::High;
// Add members and tags
project.add_member_id(1);
project.add_member_id(2);
project.add_tag("design".to_string());
project.add_tag("web".to_string());
// Store in the database
let (_, updated_project) = db
.collection::<Project>()
.expect("Failed to get Project collection")
.set(&project)
.expect("Failed to store project");
println!("Mock database seeded with projects data:");
println!(
" - Added project: {} (ID: {})",
updated_project.name, updated_project.base_data.id
);
println!(
" - Status: {}, Priority: {}",
updated_project.status, updated_project.priority
);
println!(
" - Added {} members and {} tags",
updated_project.member_ids.len(),
updated_project.tags.len()
);
}
/// Seed the mock database with finance data
fn seed_finance_data(db: Arc<OurDB>) {
// Create a user account
let mut account = Account::new()
.name("Demo Account")
.user_id(1)
.description("Demo trading account")
.ledger("ethereum")
.address("0x1234567890abcdef1234567890abcdef12345678")
.pubkey("0xabcdef1234567890abcdef1234567890abcdef12");
// Store the account in the database
let (account_id, updated_account) = db
.collection::<Account>()
.expect("Failed to get Account collection")
.set(&account)
.expect("Failed to store account");
// Create an ERC20 token asset
let token_asset = Asset::new()
.name("HERO Token")
.description("Herocode governance token")
.amount(1000.0)
.address("0x9876543210abcdef9876543210abcdef98765432")
.asset_type(AssetType::Erc20)
.decimals(18);
// Store the token asset in the database
let (token_id, updated_token) = db
.collection::<Asset>()
.expect("Failed to get Asset collection")
.set(&token_asset)
.expect("Failed to store token asset");
// Create an NFT asset
let nft_asset = Asset::new()
.name("Herocode #1")
.description("Unique digital collectible")
.amount(1.0)
.address("0xabcdef1234567890abcdef1234567890abcdef12")
.asset_type(AssetType::Erc721)
.decimals(0);
// Store the NFT asset in the database
let (nft_id, updated_nft) = db
.collection::<Asset>()
.expect("Failed to get Asset collection")
.set(&nft_asset)
.expect("Failed to store NFT asset");
// Add assets to the account
account = updated_account.add_asset(token_id);
account = account.add_asset(nft_id);
// Update the account in the database
let (_, updated_account) = db
.collection::<Account>()
.expect("Failed to get Account collection")
.set(&account)
.expect("Failed to store updated account");
// Create a listing for the NFT
let listing = Listing::new()
.seller_id(account_id)
.asset_id(nft_id)
.price(0.5)
.currency("ETH")
.listing_type(ListingType::Auction)
.title("Rare Herocode NFT".to_string())
.description("One of a kind digital collectible".to_string())
.image_url(Some("hcttps://example.com/nft/1.png".to_string()))
.add_tag("rare".to_string())
.add_tag("collectible".to_string());
// Store the listing in the database
let (_listing_id, updated_listing) = db
.collection::<Listing>()
.expect("Failed to get Listing collection")
.set(&listing)
.expect("Failed to store listing");
println!("Mock database seeded with finance data:");
println!(
" - Added account: {} (ID: {})",
updated_account.name, updated_account.base_data.id
);
println!(
" - Added token asset: {} (ID: {})",
updated_token.name, updated_token.base_data.id
);
println!(
" - Added NFT asset: {} (ID: {})",
updated_nft.name, updated_nft.base_data.id
);
println!(
" - Added listing: {} (ID: {})",
updated_listing.title, updated_listing.base_data.id
);
}

97
rhailib/_archive/flow/flow.rs Normal file
View File

@@ -0,0 +1,97 @@
use heromodels::db::Db;
use macros::{
register_authorized_create_by_id_fn, register_authorized_delete_by_id_fn,
register_authorized_get_by_id_fn,
};
use rhai::plugin::*;
use rhai::{Array, Dynamic, Engine, EvalAltResult, Module, INT};
use std::mem;
use std::sync::Arc;
use heromodels::db::hero::OurDB;
use heromodels::db::Collection;
use heromodels::models::flow::flow::Flow;
use heromodels::models::flow::flow_step::FlowStep;
type RhaiFlow = Flow;
type RhaiFlowStep = FlowStep;
#[export_module]
mod rhai_flow_module {
use super::{Array, Dynamic, RhaiFlow, RhaiFlowStep, INT};
#[rhai_fn(name = "new_flow", return_raw)]
pub fn new_flow() -> Result<RhaiFlow, Box<EvalAltResult>> {
Ok(Flow::new())
}
// --- Setters ---
#[rhai_fn(name = "name", return_raw)]
pub fn set_name(flow: &mut RhaiFlow, name: String) -> Result<RhaiFlow, Box<EvalAltResult>> {
let owned = std::mem::take(flow);
*flow = owned.name(name);
Ok(flow.clone())
}
#[rhai_fn(name = "status", return_raw)]
pub fn set_status(flow: &mut RhaiFlow, status: String) -> Result<RhaiFlow, Box<EvalAltResult>> {
let owned = std::mem::take(flow);
*flow = owned.status(status);
Ok(flow.clone())
}
#[rhai_fn(name = "add_step", return_raw)]
pub fn add_step(
flow: &mut RhaiFlow,
step: RhaiFlowStep,
) -> Result<RhaiFlow, Box<EvalAltResult>> {
let owned = std::mem::take(flow);
*flow = owned.add_step(step);
Ok(flow.clone())
}
// --- Getters ---
#[rhai_fn(get = "id", pure)]
pub fn get_id(f: &mut RhaiFlow) -> INT {
f.base_data.id as INT
}
#[rhai_fn(get = "name", pure)]
pub fn get_name(f: &mut RhaiFlow) -> String {
f.name.clone()
}
#[rhai_fn(get = "status", pure)]
pub fn get_status(f: &mut RhaiFlow) -> String {
f.status.clone()
}
#[rhai_fn(get = "steps", pure)]
pub fn get_steps(f: &mut RhaiFlow) -> Array {
f.steps.clone().into_iter().map(Dynamic::from).collect()
}
}
pub fn register_flow_rhai_module(engine: &mut Engine) {
engine.build_type::<RhaiFlow>();
let mut module = exported_module!(rhai_flow_module);
register_authorized_create_by_id_fn!(
module: &mut module,
rhai_fn_name: "save_flow",
resource_type_str: "Flow",
rhai_return_rust_type: heromodels::models::flow::flow::Flow
);
register_authorized_get_by_id_fn!(
module: &mut module,
rhai_fn_name: "get_flow",
resource_type_str: "Flow",
rhai_return_rust_type: heromodels::models::flow::flow::Flow
);
register_authorized_delete_by_id_fn!(
module: &mut module,
rhai_fn_name: "delete_flow",
resource_type_str: "Flow",
rhai_return_rust_type: heromodels::models::flow::flow::Flow
);
engine.register_global_module(module.into());
}

86
rhailib/_archive/flow/flow_step.rs Normal file
View File

@@ -0,0 +1,86 @@
use heromodels::db::Db;
use macros::{
register_authorized_create_by_id_fn, register_authorized_delete_by_id_fn,
register_authorized_get_by_id_fn,
};
use rhai::plugin::*;
use rhai::{Dynamic, Engine, EvalAltResult, Module, INT};
use std::mem;
use std::sync::Arc;
use heromodels::db::hero::OurDB;
use heromodels::db::Collection;
use heromodels::models::flow::flow_step::FlowStep;
type RhaiFlowStep = FlowStep;
#[export_module]
mod rhai_flow_step_module {
use super::{RhaiFlowStep, INT};
#[rhai_fn(name = "new_flow_step", return_raw)]
pub fn new_flow_step() -> Result<RhaiFlowStep, Box<EvalAltResult>> {
Ok(FlowStep::default())
}
// --- Setters ---
#[rhai_fn(name = "description", return_raw)]
pub fn set_description(
step: &mut RhaiFlowStep,
description: String,
) -> Result<RhaiFlowStep, Box<EvalAltResult>> {
let owned = std::mem::take(step);
*step = owned.description(description);
Ok(step.clone())
}
#[rhai_fn(name = "status", return_raw)]
pub fn set_status(
step: &mut RhaiFlowStep,
status: String,
) -> Result<RhaiFlowStep, Box<EvalAltResult>> {
let owned = std::mem::take(step);
*step = owned.status(status);
Ok(step.clone())
}
// --- Getters ---
#[rhai_fn(get = "id", pure)]
pub fn get_id(s: &mut RhaiFlowStep) -> INT {
s.base_data.id as INT
}
#[rhai_fn(get = "description", pure)]
pub fn get_description(s: &mut RhaiFlowStep) -> Option<String> {
s.description.clone()
}
#[rhai_fn(get = "status", pure)]
pub fn get_status(s: &mut RhaiFlowStep) -> String {
s.status.clone()
}
}
pub fn register_flow_step_rhai_module(engine: &mut Engine) {
engine.build_type::<RhaiFlowStep>();
let mut module = exported_module!(rhai_flow_step_module);
register_authorized_create_by_id_fn!(
module: &mut module,
rhai_fn_name: "save_flow_step",
resource_type_str: "FlowStep",
rhai_return_rust_type: heromodels::models::flow::flow_step::FlowStep
);
register_authorized_get_by_id_fn!(
module: &mut module,
rhai_fn_name: "get_flow_step",
resource_type_str: "FlowStep",
rhai_return_rust_type: heromodels::models::flow::flow_step::FlowStep
);
register_authorized_delete_by_id_fn!(
module: &mut module,
rhai_fn_name: "delete_flow_step",
resource_type_str: "FlowStep",
rhai_return_rust_type: heromodels::models::flow::flow_step::FlowStep
);
engine.register_global_module(module.into());
}

17
rhailib/_archive/flow/mod.rs Normal file
View File

@@ -0,0 +1,17 @@
use rhai::Engine;
pub mod flow;
pub mod flow_step;
pub mod signature_requirement;
pub mod orchestrated_flow;
pub mod orchestrated_flow_step;
// Re-export the orchestrated models for easy access
pub use orchestrated_flow::{OrchestratedFlow, OrchestratorError, FlowStatus};
pub use orchestrated_flow_step::OrchestratedFlowStep;
pub fn register_flow_rhai_modules(engine: &mut Engine) {
flow::register_flow_rhai_module(engine);
flow_step::register_flow_step_rhai_module(engine);
signature_requirement::register_signature_requirement_rhai_module(engine);
}

154
rhailib/_archive/flow/orchestrated_flow.rs Normal file
View File

@@ -0,0 +1,154 @@
//! Orchestrated Flow model for DAG-based workflow execution
use heromodels_core::BaseModelData;
use serde::{Deserialize, Serialize};
use std::collections::HashSet;
use thiserror::Error;
use super::orchestrated_flow_step::OrchestratedFlowStep;
/// Extended Flow with orchestrator-specific steps
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct OrchestratedFlow {
/// Base model data (id, created_at, updated_at)
pub base_data: BaseModelData,
/// Name of the flow
pub name: String,
/// Orchestrated steps with dependencies
pub orchestrated_steps: Vec<OrchestratedFlowStep>,
}
impl OrchestratedFlow {
/// Create a new orchestrated flow
pub fn new(name: &str) -> Self {
Self {
base_data: BaseModelData::new(),
name: name.to_string(),
orchestrated_steps: Vec::new(),
}
}
/// Add a step to the flow
pub fn add_step(mut self, step: OrchestratedFlowStep) -> Self {
self.orchestrated_steps.push(step);
self
}
/// Get the flow ID
pub fn id(&self) -> u32 {
self.base_data.id
}
/// Validate the DAG structure (no cycles)
pub fn validate_dag(&self) -> Result<(), OrchestratorError> {
let mut visited = HashSet::new();
let mut rec_stack = HashSet::new();
for step in &self.orchestrated_steps {
if !visited.contains(&step.id()) {
if self.has_cycle(step.id(), &mut visited, &mut rec_stack)? {
return Err(OrchestratorError::CyclicDependency);
}
}
}
Ok(())
}
/// Check for cycles in the dependency graph
fn has_cycle(
&self,
step_id: u32,
visited: &mut HashSet<u32>,
rec_stack: &mut HashSet<u32>,
) -> Result<bool, OrchestratorError> {
visited.insert(step_id);
rec_stack.insert(step_id);
let step = self.orchestrated_steps
.iter()
.find(|s| s.id() == step_id)
.ok_or(OrchestratorError::StepNotFound(step_id))?;
for &dep_id in &step.depends_on {
if !visited.contains(&dep_id) {
if self.has_cycle(dep_id, visited, rec_stack)? {
return Ok(true);
}
} else if rec_stack.contains(&dep_id) {
return Ok(true);
}
}
rec_stack.remove(&step_id);
Ok(false)
}
}
/// Orchestrator errors
#[derive(Error, Debug)]
pub enum OrchestratorError {
#[error("Database error: {0}")]
DatabaseError(String),
#[error("Executor error: {0}")]
ExecutorError(String),
#[error("No ready steps found - possible deadlock")]
NoReadySteps,
#[error("Step {0} failed: {1:?}")]
StepFailed(u32, Option<String>),
#[error("Cyclic dependency detected in workflow")]
CyclicDependency,
#[error("Step {0} not found")]
StepNotFound(u32),
#[error("Invalid dependency: step {0} depends on non-existent step {1}")]
InvalidDependency(u32, u32),
}
/// Flow execution status
#[derive(Debug, Clone, Serialize, Deserialize, PartialEq)]
pub enum FlowStatus {
Pending,
Running,
Completed,
Failed,
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_orchestrated_flow_builder() {
let step1 = OrchestratedFlowStep::new("step1").script("let x = 1;");
let step2 = OrchestratedFlowStep::new("step2").script("let y = 2;");
let flow = OrchestratedFlow::new("test_flow")
.add_step(step1)
.add_step(step2);
assert_eq!(flow.name, "test_flow");
assert_eq!(flow.orchestrated_steps.len(), 2);
}
#[test]
fn test_dag_validation_no_cycle() {
let step1 = OrchestratedFlowStep::new("step1").script("let x = 1;");
let step2 = OrchestratedFlowStep::new("step2")
.script("let y = 2;")
.depends_on(step1.id());
let flow = OrchestratedFlow::new("test_flow")
.add_step(step1)
.add_step(step2);
assert!(flow.validate_dag().is_ok());
}
}

124
rhailib/_archive/flow/orchestrated_flow_step.rs Normal file
View File

@@ -0,0 +1,124 @@
//! Orchestrated Flow Step model for DAG-based workflow execution
use heromodels_core::BaseModelData;
use serde::{Deserialize, Serialize};
use std::collections::HashMap;
/// Extended FlowStep with orchestrator-specific fields
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct OrchestratedFlowStep {
/// Base model data (id, created_at, updated_at)
pub base_data: BaseModelData,
/// Name of the flow step
pub name: String,
/// Rhai script to execute
pub script: String,
/// IDs of steps this step depends on
pub depends_on: Vec<u32>,
/// Execution context (circle)
pub context_id: String,
/// Target worker for execution
pub worker_id: String,
/// Input parameters
pub inputs: HashMap<String, String>,
/// Output results
pub outputs: HashMap<String, String>,
}
impl OrchestratedFlowStep {
/// Create a new orchestrated flow step
pub fn new(name: &str) -> Self {
Self {
base_data: BaseModelData::new(),
name: name.to_string(),
script: String::new(),
depends_on: Vec::new(),
context_id: String::new(),
worker_id: String::new(),
inputs: HashMap::new(),
outputs: HashMap::new(),
}
}
/// Set the script content
pub fn script(mut self, script: &str) -> Self {
self.script = script.to_string();
self
}
/// Add a dependency on another step
pub fn depends_on(mut self, step_id: u32) -> Self {
self.depends_on.push(step_id);
self
}
/// Set the context ID
pub fn context_id(mut self, context_id: &str) -> Self {
self.context_id = context_id.to_string();
self
}
/// Set the worker ID
pub fn worker_id(mut self, worker_id: &str) -> Self {
self.worker_id = worker_id.to_string();
self
}
/// Add an input parameter
pub fn input(mut self, key: &str, value: &str) -> Self {
self.inputs.insert(key.to_string(), value.to_string());
self
}
/// Get the step ID
pub fn id(&self) -> u32 {
self.base_data.id
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_orchestrated_flow_step_builder() {
let step = OrchestratedFlowStep::new("test_step")
.script("let x = 1;")
.context_id("test_context")
.worker_id("test_worker")
.input("key1", "value1");
assert_eq!(step.name, "test_step");
assert_eq!(step.script, "let x = 1;");
assert_eq!(step.context_id, "test_context");
assert_eq!(step.worker_id, "test_worker");
assert_eq!(step.inputs.get("key1"), Some(&"value1".to_string()));
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_orchestrated_flow_step_builder() {
let step = OrchestratedFlowStep::new("test_step")
.script("let x = 1;")
.context_id("test_context")
.worker_id("test_worker")
.input("key1", "value1");
assert_eq!(step.flow_step.name, "test_step");
assert_eq!(step.script, "let x = 1;");
assert_eq!(step.context_id, "test_context");
assert_eq!(step.worker_id, "test_worker");
assert_eq!(step.inputs.get("key1"), Some(&"value1".to_string()));
}
}

145
rhailib/_archive/flow/signature_requirement.rs Normal file
View File

@@ -0,0 +1,145 @@
use heromodels::db::Db;
use macros::{
register_authorized_create_by_id_fn, register_authorized_delete_by_id_fn,
register_authorized_get_by_id_fn,
};
use rhai::plugin::*;
use rhai::{Dynamic, Engine, EvalAltResult, Module, INT};
use std::mem;
use std::sync::Arc;
use heromodels::db::hero::OurDB;
use heromodels::db::Collection;
use heromodels::models::flow::signature_requirement::SignatureRequirement;
type RhaiSignatureRequirement = SignatureRequirement;
#[export_module]
mod rhai_signature_requirement_module {
use super::{RhaiSignatureRequirement, INT};
#[rhai_fn(name = "new_signature_requirement", return_raw)]
pub fn new_signature_requirement() -> Result<RhaiSignatureRequirement, Box<EvalAltResult>> {
Ok(SignatureRequirement::default())
}
// --- Setters ---
#[rhai_fn(name = "flow_step_id", return_raw)]
pub fn set_flow_step_id(
sr: &mut RhaiSignatureRequirement,
flow_step_id: INT,
) -> Result<RhaiSignatureRequirement, Box<EvalAltResult>> {
let mut owned = std::mem::take(sr);
owned.flow_step_id = flow_step_id as u32;
*sr = owned;
Ok(sr.clone())
}
#[rhai_fn(name = "public_key", return_raw)]
pub fn set_public_key(
sr: &mut RhaiSignatureRequirement,
public_key: String,
) -> Result<RhaiSignatureRequirement, Box<EvalAltResult>> {
let mut owned = std::mem::take(sr);
owned.public_key = public_key;
*sr = owned;
Ok(sr.clone())
}
#[rhai_fn(name = "message", return_raw)]
pub fn set_message(
sr: &mut RhaiSignatureRequirement,
message: String,
) -> Result<RhaiSignatureRequirement, Box<EvalAltResult>> {
let mut owned = std::mem::take(sr);
owned.message = message;
*sr = owned;
Ok(sr.clone())
}
#[rhai_fn(name = "signed_by", return_raw)]
pub fn set_signed_by(
sr: &mut RhaiSignatureRequirement,
signed_by: String,
) -> Result<RhaiSignatureRequirement, Box<EvalAltResult>> {
let owned = std::mem::take(sr);
*sr = owned.signed_by(signed_by);
Ok(sr.clone())
}
#[rhai_fn(name = "signature", return_raw)]
pub fn set_signature(
sr: &mut RhaiSignatureRequirement,
signature: String,
) -> Result<RhaiSignatureRequirement, Box<EvalAltResult>> {
let owned = std::mem::take(sr);
*sr = owned.signature(signature);
Ok(sr.clone())
}
#[rhai_fn(name = "status", return_raw)]
pub fn set_status(
sr: &mut RhaiSignatureRequirement,
status: String,
) -> Result<RhaiSignatureRequirement, Box<EvalAltResult>> {
let owned = std::mem::take(sr);
*sr = owned.status(status);
Ok(sr.clone())
}
// --- Getters ---
#[rhai_fn(get = "id", pure)]
pub fn get_id(s: &mut RhaiSignatureRequirement) -> INT {
s.base_data.id as INT
}
#[rhai_fn(get = "flow_step_id", pure)]
pub fn get_flow_step_id(s: &mut RhaiSignatureRequirement) -> INT {
s.flow_step_id as INT
}
#[rhai_fn(get = "public_key", pure)]
pub fn get_public_key(s: &mut RhaiSignatureRequirement) -> String {
s.public_key.clone()
}
#[rhai_fn(get = "message", pure)]
pub fn get_message(s: &mut RhaiSignatureRequirement) -> String {
s.message.clone()
}
#[rhai_fn(get = "signed_by", pure)]
pub fn get_signed_by(s: &mut RhaiSignatureRequirement) -> Option<String> {
s.signed_by.clone()
}
#[rhai_fn(get = "signature", pure)]
pub fn get_signature(s: &mut RhaiSignatureRequirement) -> Option<String> {
s.signature.clone()
}
#[rhai_fn(get = "status", pure)]
pub fn get_status(s: &mut RhaiSignatureRequirement) -> String {
s.status.clone()
}
}
pub fn register_signature_requirement_rhai_module(engine: &mut Engine) {
engine.build_type::<RhaiSignatureRequirement>();
let mut module = exported_module!(rhai_signature_requirement_module);
register_authorized_create_by_id_fn!(
module: &mut module,
rhai_fn_name: "save_signature_requirement",
resource_type_str: "SignatureRequirement",
rhai_return_rust_type: heromodels::models::flow::signature_requirement::SignatureRequirement
);
register_authorized_get_by_id_fn!(
module: &mut module,
rhai_fn_name: "get_signature_requirement",
resource_type_str: "SignatureRequirement",
rhai_return_rust_type: heromodels::models::flow::signature_requirement::SignatureRequirement
);
register_authorized_delete_by_id_fn!(
module: &mut module,
rhai_fn_name: "delete_signature_requirement",
resource_type_str: "SignatureRequirement",
rhai_return_rust_type: heromodels::models::flow::signature_requirement::SignatureRequirement
);
engine.register_global_module(module.into());
}

51
rhailib/_archive/orchestrator/Cargo.toml Normal file
View File

@@ -0,0 +1,51 @@
[package]
name = "orchestrator"
version = "0.1.0"
edition = "2021"
[dependencies]
# Core async runtime
tokio = { version = "1", features = ["macros", "rt-multi-thread", "sync", "time"] }
async-trait = "0.1"
futures = "0.3"
futures-util = "0.3"
# Serialization
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
# Error handling
thiserror = "1.0"
# Collections
uuid = { version = "1.6", features = ["v4", "serde"] }
# Time handling
chrono = { version = "0.4", features = ["serde"] }
# HTTP client
reqwest = { version = "0.11", features = ["json"] }
# WebSocket client
tokio-tungstenite = "0.20"
# Rhai scripting
rhai = "1.21.0"
# Database and models
heromodels = { path = "/Users/timurgordon/code/git.ourworld.tf/herocode/db/heromodels" }
heromodels_core = { path = "/Users/timurgordon/code/git.ourworld.tf/herocode/db/heromodels_core" }
# DSL integration for flow models
rhailib_dsl = { path = "../dsl" }
# Dispatcher integration
rhai_dispatcher = { path = "../dispatcher" }
# Logging
log = "0.4"
tracing = "0.1"
tracing-subscriber = "0.3"
[dev-dependencies]
tokio-test = "0.4"

320
rhailib/_archive/orchestrator/README.md Normal file
View File

@@ -0,0 +1,320 @@
# Rationale for Orchestrator
We may have scripts that run asynchrounsly, depend on human input or depend on other scripts to complete. We want to be able to implement high-level workflows of rhai scripts.
## Design
Direct Acyclic Graphs (DAGs) are a natural fit for representing workflows.
## Requirements
1. Uses Direct Acyclic Graphs (DAGs) to represent workflows.
2. Each step in the workflow defines the script to execute, the inputs to pass to it, and the outputs to expect from it.
3. Simplicity: the output cases are binary (success or failure), and params inputted / outputted are simple key-value pairs.
4. Multiple steps can depend on the same step.
5. Scripts are executed using [RhaiDispatcher](../dispatcher/README.md).
## Architecture
The Orchestrator is a simple DAG-based workflow execution system that extends the heromodels flow structures to support workflows with dependencies and distributed script execution.
### Core Component
```mermaid
graph TB
subgraph "Orchestrator"
O[Orchestrator] --> RE[RhaiExecutor Trait]
O --> DB[(Database)]
end
subgraph "Executor Implementations"
RE --> RD[RhaiDispatcher]
RE --> WS[WebSocketClient]
RE --> HTTP[HttpClient]
RE --> LOCAL[LocalExecutor]
end
subgraph "Data Models (heromodels)"
F[Flow] --> FS[FlowStep]
FS --> SR[SignatureRequirement]
end
subgraph "Infrastructure"
RD --> RQ[Redis Queues]
RD --> W[Workers]
WS --> WSS[WebSocket Server]
HTTP --> API[REST API]
end
```
### Execution Abstraction
The orchestrator uses a trait-based approach for script execution, allowing different execution backends:
#### RhaiExecutor Trait
```rust
use rhai_dispatcher::{PlayRequestBuilder, RhaiTaskDetails, RhaiDispatcherError};
#[async_trait]
pub trait RhaiExecutor {
async fn call(&self, request: PlayRequestBuilder<'_>) -> Result<RhaiTaskDetails, RhaiDispatcherError>;
}
```
#### Executor Implementations
**RhaiDispatcher Implementation:**
```rust
pub struct DispatcherExecutor {
dispatcher: RhaiDispatcher,
}
#[async_trait]
impl RhaiExecutor for DispatcherExecutor {
async fn call(&self, request: PlayRequestBuilder<'_>) -> Result<RhaiTaskDetails, RhaiDispatcherError> {
// Use RhaiDispatcher to execute script via Redis queues
request.await_response().await
}
}
```
**WebSocket Client Implementation:**
```rust
pub struct WebSocketExecutor {
ws_client: WebSocketClient,
endpoint: String,
}
#[async_trait]
impl RhaiExecutor for WebSocketExecutor {
async fn call(&self, request: PlayRequestBuilder<'_>) -> Result<RhaiTaskDetails, RhaiDispatcherError> {
// Build the PlayRequest and send via WebSocket
let play_request = request.build()?;
// Send script execution request via WebSocket
let ws_message = serde_json::to_string(&play_request)?;
self.ws_client.send(ws_message).await?;
// Wait for response and convert to RhaiTaskDetails
let response = self.ws_client.receive().await?;
serde_json::from_str(&response).map_err(RhaiDispatcherError::from)
}
}
```
**HTTP Client Implementation:**
```rust
pub struct HttpExecutor {
http_client: reqwest::Client,
base_url: String,
}
#[async_trait]
impl RhaiExecutor for HttpExecutor {
async fn call(&self, request: PlayRequestBuilder<'_>) -> Result<RhaiTaskDetails, RhaiDispatcherError> {
// Build the PlayRequest and send via HTTP
let play_request = request.build()?;
// Send script execution request via HTTP API
let response = self.http_client
.post(&format!("{}/execute", self.base_url))
.json(&play_request)
.send()
.await?;
response.json().await.map_err(RhaiDispatcherError::from)
}
}
```
**Local Executor Implementation:**
```rust
pub struct LocalExecutor {
engine: Engine,
}
#[async_trait]
impl RhaiExecutor for LocalExecutor {
async fn call(&self, request: PlayRequestBuilder<'_>) -> Result<RhaiTaskDetails, RhaiDispatcherError> {
// Build the PlayRequest and execute locally
let play_request = request.build()?;
// Execute script directly in local Rhai engine
let result = self.engine.eval::<String>(&play_request.script);
// Convert to RhaiTaskDetails format
let task_details = RhaiTaskDetails {
task_id: play_request.id,
script: play_request.script,
status: if result.is_ok() { "completed".to_string() } else { "error".to_string() },
output: result.ok(),
error: result.err().map(|e| e.to_string()),
created_at: chrono::Utc::now(),
updated_at: chrono::Utc::now(),
caller_id: "local".to_string(),
context_id: play_request.context_id,
worker_id: "local".to_string(),
};
Ok(task_details)
}
}
```
### Data Model Extensions
Simple extensions to the existing heromodels flow structures:
#### Enhanced FlowStep Model
```rust
// Extends heromodels::models::flow::FlowStep
pub struct FlowStep {
// ... existing heromodels::models::flow::FlowStep fields
pub script: String, // Rhai script to execute
pub depends_on: Vec<u32>, // IDs of steps this step depends on
pub context_id: String, // Execution context (circle)
pub inputs: HashMap<String, String>, // Input parameters
pub outputs: HashMap<String, String>, // Output results
}
```
### Execution Flow
```mermaid
sequenceDiagram
participant Client as Client
participant O as Orchestrator
participant RE as RhaiExecutor
participant DB as Database
Client->>O: Submit Flow
O->>DB: Store flow and steps
O->>O: Find steps with no dependencies
loop Until all steps complete
O->>RE: Execute ready steps
RE-->>O: Return results
O->>DB: Update step status
O->>O: Find newly ready steps
end
O->>Client: Flow completed
```
### Flexible Orchestrator Implementation
```rust
use rhai_dispatcher::{RhaiDispatcher, PlayRequestBuilder};
use std::collections::HashSet;
pub struct Orchestrator<E: RhaiExecutor> {
executor: E,
database: Arc<Database>,
}
impl<E: RhaiExecutor> Orchestrator<E> {
pub fn new(executor: E, database: Arc<Database>) -> Self {
Self { executor, database }
}
pub async fn execute_flow(&self, flow: Flow) -> Result<(), OrchestratorError> {
// 1. Store flow in database
self.database.collection::<Flow>()?.set(&flow)?;
// 2. Find steps with no dependencies (depends_on is empty)
let mut pending_steps: Vec<FlowStep> = flow.steps.clone();
let mut completed_steps: HashSet<u32> = HashSet::new();
while !pending_steps.is_empty() {
// Find ready steps (all dependencies completed)
let ready_steps: Vec<FlowStep> = pending_steps
.iter()
.filter(|step| {
step.depends_on.iter().all(|dep_id| completed_steps.contains(dep_id))
})
.cloned()
.collect();
if ready_steps.is_empty() {
return Err(OrchestratorError::NoReadySteps);
}
// Execute ready steps concurrently
let mut tasks = Vec::new();
for step in ready_steps {
let executor = &self.executor;
let task = async move {
// Create PlayRequestBuilder for this step
let request = RhaiDispatcher::new_play_request()
.script(&step.script)
.context_id(&step.context_id)
.worker_id(&step.worker_id);
// Execute via the trait
let result = executor.call(request).await?;
Ok((step.base_data.id, result))
};
tasks.push(task);
}
// Wait for all ready steps to complete
let results = futures::future::try_join_all(tasks).await?;
// Update step status and mark as completed
for (step_id, task_details) in results {
if task_details.status == "completed" {
completed_steps.insert(step_id);
// Update step status in database
// self.update_step_status(step_id, "completed", task_details.output).await?;
} else {
return Err(OrchestratorError::StepFailed(step_id, task_details.error));
}
}
// Remove completed steps from pending
pending_steps.retain(|step| !completed_steps.contains(&step.base_data.id));
}
Ok(())
}
pub async fn get_flow_status(&self, flow_id: u32) -> Result<FlowStatus, OrchestratorError> {
// Return current status of flow and all its steps
let flow = self.database.collection::<Flow>()?.get(flow_id)?;
// Implementation would check step statuses and return overall flow status
Ok(FlowStatus::Running) // Placeholder
}
}
pub enum OrchestratorError {
DatabaseError(String),
ExecutorError(RhaiDispatcherError),
NoReadySteps,
StepFailed(u32, Option<String>),
}
pub enum FlowStatus {
Pending,
Running,
Completed,
Failed,
}
// Usage examples:
// let orchestrator = Orchestrator::new(DispatcherExecutor::new(dispatcher), db);
// let orchestrator = Orchestrator::new(WebSocketExecutor::new(ws_client), db);
// let orchestrator = Orchestrator::new(HttpExecutor::new(http_client), db);
// let orchestrator = Orchestrator::new(LocalExecutor::new(engine), db);
```
### Key Features
1. **DAG Validation**: Ensures no circular dependencies exist in the `depends_on` relationships
2. **Parallel Execution**: Executes independent steps concurrently via multiple workers
3. **Simple Dependencies**: Each step lists the step IDs it depends on
4. **RhaiDispatcher Integration**: Uses existing dispatcher for script execution
5. **Binary Outcomes**: Steps either succeed or fail (keeping it simple as per requirements)
This simple architecture provides DAG-based workflow execution while leveraging the existing rhailib infrastructure and keeping complexity minimal.

283
rhailib/_archive/orchestrator/examples/basic_workflow.rs Normal file
View File

@@ -0,0 +1,283 @@
//! Basic workflow example demonstrating orchestrator usage
use orchestrator::{
interface::LocalInterface,
orchestrator::Orchestrator,
OrchestratedFlow, OrchestratedFlowStep, FlowStatus,
};
use std::sync::Arc;
use std::collections::HashMap;
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
// Initialize logging
tracing_subscriber::fmt().init();
// Create executor
let executor = Arc::new(LocalInterface::new());
// Create orchestrator
let orchestrator = Orchestrator::new(executor);
println!("🚀 Starting basic workflow example");
// Example 1: Simple sequential workflow
println!("\n📋 Example 1: Sequential Workflow");
let sequential_flow = create_sequential_workflow();
let flow_id = orchestrator.execute_flow(sequential_flow).await?;
// Wait for completion and show results
wait_and_show_results(&orchestrator, flow_id, "Sequential").await;
// Example 2: Parallel workflow with convergence
println!("\n📋 Example 2: Parallel Workflow");
let parallel_flow = create_parallel_workflow();
let flow_id = orchestrator.execute_flow(parallel_flow).await?;
// Wait for completion and show results
wait_and_show_results(&orchestrator, flow_id, "Parallel").await;
// Example 3: Complex workflow with multiple dependencies
println!("\n📋 Example 3: Complex Workflow");
let complex_flow = create_complex_workflow();
let flow_id = orchestrator.execute_flow(complex_flow).await?;
// Wait for completion and show results
wait_and_show_results(&orchestrator, flow_id, "Complex").await;
// Clean up completed flows
orchestrator.cleanup_completed_flows().await;
println!("\n✅ All examples completed successfully!");
Ok(())
}
/// Create a simple sequential workflow
fn create_sequential_workflow() -> OrchestratedFlow {
let step1 = OrchestratedFlowStep::new("data_preparation")
.script(r#"
let data = [1, 2, 3, 4, 5];
let sum = 0;
for item in data {
sum += item;
}
let result = sum;
"#)
.context_id("sequential_context")
.worker_id("worker_1");
let step2 = OrchestratedFlowStep::new("data_processing")
.script(r#"
let processed_data = dep_1_result * 2;
let result = processed_data;
"#)
.depends_on(step1.id())
.context_id("sequential_context")
.worker_id("worker_2");
let step3 = OrchestratedFlowStep::new("data_output")
.script(r#"
let final_result = "Processed value: " + dep_2_result;
let result = final_result;
"#)
.depends_on(step2.id())
.context_id("sequential_context")
.worker_id("worker_3");
OrchestratedFlow::new("sequential_workflow")
.add_step(step1)
.add_step(step2)
.add_step(step3)
}
/// Create a parallel workflow with convergence
fn create_parallel_workflow() -> OrchestratedFlow {
let step1 = OrchestratedFlowStep::new("fetch_user_data")
.script(r#"
let user_id = 12345;
let user_name = "Alice";
let result = user_name;
"#)
.context_id("parallel_context")
.worker_id("user_service");
let step2 = OrchestratedFlowStep::new("fetch_order_data")
.script(r#"
let order_id = 67890;
let order_total = 99.99;
let result = order_total;
"#)
.context_id("parallel_context")
.worker_id("order_service");
let step3 = OrchestratedFlowStep::new("fetch_inventory_data")
.script(r#"
let product_id = "ABC123";
let stock_count = 42;
let result = stock_count;
"#)
.context_id("parallel_context")
.worker_id("inventory_service");
let step4 = OrchestratedFlowStep::new("generate_report")
.script(r#"
let report = "User: " + dep_1_result +
", Order Total: $" + dep_2_result +
", Stock: " + dep_3_result + " units";
let result = report;
"#)
.depends_on(step1.id())
.depends_on(step2.id())
.depends_on(step3.id())
.context_id("parallel_context")
.worker_id("report_service");
OrchestratedFlow::new("parallel_workflow")
.add_step(step1)
.add_step(step2)
.add_step(step3)
.add_step(step4)
}
/// Create a complex workflow with multiple dependency levels
fn create_complex_workflow() -> OrchestratedFlow {
// Level 1: Initial data gathering
let step1 = OrchestratedFlowStep::new("load_config")
.script(r#"
let config = #{
api_url: "https://api.example.com",
timeout: 30,
retries: 3
};
let result = config.api_url;
"#)
.context_id("complex_context")
.worker_id("config_service");
let step2 = OrchestratedFlowStep::new("authenticate")
.script(r#"
let token = "auth_token_12345";
let expires_in = 3600;
let result = token;
"#)
.context_id("complex_context")
.worker_id("auth_service");
// Level 2: Data fetching (depends on config and auth)
let step3 = OrchestratedFlowStep::new("fetch_customers")
.script(r#"
let api_url = dep_1_result;
let auth_token = dep_2_result;
let customers = ["Customer A", "Customer B", "Customer C"];
let result = customers.len();
"#)
.depends_on(step1.id())
.depends_on(step2.id())
.context_id("complex_context")
.worker_id("customer_service");
let step4 = OrchestratedFlowStep::new("fetch_products")
.script(r#"
let api_url = dep_1_result;
let auth_token = dep_2_result;
let products = ["Product X", "Product Y", "Product Z"];
let result = products.len();
"#)
.depends_on(step1.id())
.depends_on(step2.id())
.context_id("complex_context")
.worker_id("product_service");
// Level 3: Data processing (depends on fetched data)
let step5 = OrchestratedFlowStep::new("calculate_metrics")
.script(r#"
let customer_count = dep_3_result;
let product_count = dep_4_result;
let ratio = customer_count / product_count;
let result = ratio;
"#)
.depends_on(step3.id())
.depends_on(step4.id())
.context_id("complex_context")
.worker_id("analytics_service");
// Level 4: Final reporting
let step6 = OrchestratedFlowStep::new("generate_dashboard")
.script(r#"
let customer_count = dep_3_result;
let product_count = dep_4_result;
let ratio = dep_5_result;
let dashboard = "Dashboard: " + customer_count + " customers, " +
product_count + " products, ratio: " + ratio;
let result = dashboard;
"#)
.depends_on(step3.id())
.depends_on(step4.id())
.depends_on(step5.id())
.context_id("complex_context")
.worker_id("dashboard_service");
OrchestratedFlow::new("complex_workflow")
.add_step(step1)
.add_step(step2)
.add_step(step3)
.add_step(step4)
.add_step(step5)
.add_step(step6)
}
/// Wait for flow completion and show results
async fn wait_and_show_results(
orchestrator: &Orchestrator<LocalInterface>,
flow_id: u32,
workflow_name: &str,
) {
println!(" ⏳ Executing {} workflow (ID: {})...", workflow_name, flow_id);
// Poll for completion
loop {
tokio::time::sleep(tokio::time::Duration::from_millis(50)).await;
if let Some(execution) = orchestrator.get_flow_status(flow_id).await {
match execution.status {
FlowStatus::Completed => {
println!("{} workflow completed successfully!", workflow_name);
println!(" 📊 Executed {} steps in {:?}",
execution.completed_steps.len(),
execution.completed_at.unwrap() - execution.started_at);
// Show step results
for (step_id, outputs) in &execution.step_results {
if let Some(result) = outputs.get("result") {
let step_name = execution.flow.orchestrated_steps
.iter()
.find(|s| s.id() == *step_id)
.map(|s| s.flow_step.name.as_str())
.unwrap_or("unknown");
println!(" 📝 Step '{}': {}", step_name, result);
}
}
break;
}
FlowStatus::Failed => {
println!("{} workflow failed!", workflow_name);
if !execution.failed_steps.is_empty() {
println!(" 💥 Failed steps: {:?}", execution.failed_steps);
}
break;
}
FlowStatus::Running => {
print!(".");
std::io::Write::flush(&mut std::io::stdout()).unwrap();
}
FlowStatus::Pending => {
println!(" ⏸️ {} workflow is pending...", workflow_name);
}
}
} else {
println!("{} workflow not found!", workflow_name);
break;
}
}
}

61
rhailib/_archive/orchestrator/src/interface/dispatcher.rs Normal file
View File

@@ -0,0 +1,61 @@
//! Dispatcher interface implementation using RhaiDispatcher
use crate::RhaiInterface;
use async_trait::async_trait;
use rhai_dispatcher::{PlayRequest, RhaiDispatcher, RhaiDispatcherError};
use std::sync::Arc;
/// Dispatcher-based interface using RhaiDispatcher
pub struct DispatcherInterface {
dispatcher: Arc<RhaiDispatcher>,
}
impl DispatcherInterface {
/// Create a new dispatcher interface
pub fn new(dispatcher: Arc<RhaiDispatcher>) -> Self {
Self { dispatcher }
}
}
#[async_trait]
impl RhaiInterface for DispatcherInterface {
async fn submit_play_request(&self, play_request: &PlayRequest) -> Result<(), RhaiDispatcherError> {
self.dispatcher.submit_play_request(play_request).await
}
async fn submit_play_request_and_await_result(&self, play_request: &PlayRequest) -> Result<String, RhaiDispatcherError> {
self.dispatcher.submit_play_request_and_await_result(play_request).await
}
}
#[cfg(test)]
mod tests {
use super::*;
#[tokio::test]
async fn test_dispatcher_interface_creation() {
// This test just verifies we can create the interface
// Note: Actual testing would require a properly configured RhaiDispatcher
// For now, we'll create a mock or skip the actual dispatcher creation
// This is a placeholder test - adjust based on actual RhaiDispatcher constructor
// let dispatcher = Arc::new(RhaiDispatcher::new());
// let interface = DispatcherInterface::new(dispatcher);
// Just verify the test compiles for now
assert!(true);
}
#[tokio::test]
async fn test_dispatcher_interface_methods() {
// This test would verify the interface methods work correctly
// when a proper RhaiDispatcher is available
let play_request = PlayRequest {
script: "let x = 5; x + 3".to_string(),
};
// Placeholder assertions - would test actual functionality with real dispatcher
assert_eq!(play_request.script, "let x = 5; x + 3");
}
}

111
rhailib/_archive/orchestrator/src/interface/local.rs Normal file
View File

@@ -0,0 +1,111 @@
//! Local interface implementation for in-process script execution
use crate::RhaiInterface;
use async_trait::async_trait;
use rhai_dispatcher::{PlayRequest, RhaiDispatcherError};
/// Local interface for in-process script execution
pub struct LocalInterface {
engine: rhai::Engine,
}
impl LocalInterface {
/// Create a new local interface
pub fn new() -> Self {
let engine = rhai::Engine::new();
Self { engine }
}
/// Create a new local interface with custom engine
pub fn with_engine(engine: rhai::Engine) -> Self {
Self { engine }
}
}
impl Default for LocalInterface {
fn default() -> Self {
Self::new()
}
}
#[async_trait]
impl RhaiInterface for LocalInterface {
async fn submit_play_request(&self, _play_request: &PlayRequest) -> Result<(), RhaiDispatcherError> {
// For local interface, fire-and-forget doesn't make much sense
// We'll just execute and ignore the result
let _ = self.submit_play_request_and_await_result(_play_request).await?;
Ok(())
}
async fn submit_play_request_and_await_result(&self, play_request: &PlayRequest) -> Result<String, RhaiDispatcherError> {
let mut scope = rhai::Scope::new();
// Execute the script
let result = self
.engine
.eval_with_scope::<rhai::Dynamic>(&mut scope, &play_request.script)
.map_err(|e| RhaiDispatcherError::TaskNotFound(format!("Script execution error: {}", e)))?;
// Return the result as a string
if result.is_unit() {
Ok(String::new())
} else {
Ok(result.to_string())
}
}
}
#[cfg(test)]
mod tests {
use super::*;
#[tokio::test]
async fn test_local_interface_basic() {
let interface = LocalInterface::new();
let play_request = PlayRequest {
script: "let x = 5; x + 3".to_string(),
};
let result = interface.submit_play_request_and_await_result(&play_request).await;
assert!(result.is_ok());
let output = result.unwrap();
assert_eq!(output, "8");
}
#[tokio::test]
async fn test_local_interface_fire_and_forget() {
let interface = LocalInterface::new();
let play_request = PlayRequest {
script: "let x = 5; x + 3".to_string(),
};
let result = interface.submit_play_request(&play_request).await;
assert!(result.is_ok());
}
#[tokio::test]
async fn test_local_interface_with_error() {
let interface = LocalInterface::new();
let play_request = PlayRequest {
script: "invalid_syntax +++".to_string(),
};
let result = interface.submit_play_request_and_await_result(&play_request).await;
assert!(result.is_err());
}
#[tokio::test]
async fn test_local_interface_empty_result() {
let interface = LocalInterface::new();
let play_request = PlayRequest {
script: "let x = 42;".to_string(),
};
let result = interface.submit_play_request_and_await_result(&play_request).await;
assert!(result.is_ok());
let output = result.unwrap();
assert_eq!(output, "");
}
}

9
rhailib/_archive/orchestrator/src/interface/mod.rs Normal file
View File

@@ -0,0 +1,9 @@
//! Interface implementations for different backends
pub mod local;
pub mod ws;
pub mod dispatcher;
pub use local::*;
pub use ws::*;
pub use dispatcher::*;

117
rhailib/_archive/orchestrator/src/interface/ws.rs Normal file
View File

@@ -0,0 +1,117 @@
//! WebSocket interface implementation for remote script execution
use crate::RhaiInterface;
use async_trait::async_trait;
use rhai_dispatcher::{PlayRequest, RhaiDispatcherError};
use reqwest::Client;
use serde_json::json;
/// WebSocket-based interface for remote script execution
pub struct WsInterface {
client: Client,
base_url: String,
}
impl WsInterface {
/// Create a new WebSocket interface
pub fn new(base_url: String) -> Self {
Self {
client: Client::new(),
base_url,
}
}
}
#[async_trait]
impl RhaiInterface for WsInterface {
async fn submit_play_request(&self, play_request: &PlayRequest) -> Result<(), RhaiDispatcherError> {
let payload = json!({
"script": play_request.script
});
let response = self
.client
.post(&format!("{}/submit", self.base_url))
.json(&payload)
.send()
.await
.map_err(|e| RhaiDispatcherError::TaskNotFound(format!("Network error: {}", e)))?;
if response.status().is_success() {
Ok(())
} else {
let error_text = response
.text()
.await
.unwrap_or_else(|_| "Unknown error".to_string());
Err(RhaiDispatcherError::TaskNotFound(format!("HTTP error: {}", error_text)))
}
}
async fn submit_play_request_and_await_result(&self, play_request: &PlayRequest) -> Result<String, RhaiDispatcherError> {
let payload = json!({
"script": play_request.script
});
let response = self
.client
.post(&format!("{}/execute", self.base_url))
.json(&payload)
.send()
.await
.map_err(|e| RhaiDispatcherError::TaskNotFound(format!("Network error: {}", e)))?;
if response.status().is_success() {
let result: String = response
.text()
.await
.map_err(|e| RhaiDispatcherError::TaskNotFound(format!("Response parsing error: {}", e)))?;
Ok(result)
} else {
let error_text = response
.text()
.await
.unwrap_or_else(|_| "Unknown error".to_string());
Err(RhaiDispatcherError::TaskNotFound(format!("HTTP error: {}", error_text)))
}
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_ws_interface_creation() {
let interface = WsInterface::new("http://localhost:8080".to_string());
assert_eq!(interface.base_url, "http://localhost:8080");
}
#[tokio::test]
async fn test_ws_interface_call_with_mock_server() {
// This test would require a mock HTTP server
// For now, just test that we can create the interface
let interface = WsInterface::new("http://localhost:8080".to_string());
let play_request = PlayRequest {
script: "let x = 1;".to_string(),
};
// This will fail without a real server, but that's expected in unit tests
let result = interface.submit_play_request_and_await_result(&play_request).await;
assert!(result.is_err()); // Expected to fail without server
}
#[tokio::test]
async fn test_ws_interface_fire_and_forget() {
let interface = WsInterface::new("http://localhost:8080".to_string());
let play_request = PlayRequest {
script: "let x = 1;".to_string(),
};
// This will fail without a real server, but that's expected in unit tests
let result = interface.submit_play_request(&play_request).await;
assert!(result.is_err()); // Expected to fail without server
}
}

35
rhailib/_archive/orchestrator/src/lib.rs Normal file
View File

@@ -0,0 +1,35 @@
//! # Orchestrator
//!
//! A simple DAG-based workflow execution system that extends the heromodels flow structures
//! to support workflows with dependencies and distributed script execution.
use async_trait::async_trait;
use rhai_dispatcher::{PlayRequest, RhaiDispatcherError};
pub mod interface;
pub mod orchestrator;
pub use interface::*;
pub use orchestrator::*;
/// Trait for executing Rhai scripts through different backends
/// Uses the same signature as RhaiDispatcher for consistency
#[async_trait]
pub trait RhaiInterface {
/// Submit a play request without waiting for result (fire-and-forget)
async fn submit_play_request(&self, play_request: &PlayRequest) -> Result<(), RhaiDispatcherError>;
/// Submit a play request and await the result
/// Returns just the output string on success
async fn submit_play_request_and_await_result(&self, play_request: &PlayRequest) -> Result<String, RhaiDispatcherError>;
}
// Re-export the flow models from DSL
pub use rhailib_dsl::flow::{OrchestratedFlow, OrchestratedFlowStep, OrchestratorError, FlowStatus};
// Conversion from RhaiDispatcherError to OrchestratorError
impl From<RhaiDispatcherError> for OrchestratorError {
fn from(err: RhaiDispatcherError) -> Self {
OrchestratorError::ExecutorError(err.to_string())
}
}

418
rhailib/_archive/orchestrator/src/orchestrator.rs Normal file
View File

@@ -0,0 +1,418 @@
//! Main orchestrator implementation for DAG-based workflow execution
use crate::{
OrchestratedFlow, OrchestratedFlowStep, OrchestratorError, FlowStatus, RhaiInterface,
};
use rhai_dispatcher::PlayRequest;
use futures::future::try_join_all;
use std::collections::{HashMap, HashSet};
use std::sync::Arc;
use tokio::sync::RwLock;
use tracing::{debug, error, info, warn};
/// Main orchestrator for executing DAG-based workflows
pub struct Orchestrator<I: RhaiInterface> {
/// Interface for running scripts
interface: Arc<I>,
/// Active flow executions
active_flows: Arc<RwLock<HashMap<u32, FlowExecution>>>,
}
/// Represents an active flow execution
#[derive(Debug, Clone)]
pub struct FlowExecution {
/// The flow being executed
pub flow: OrchestratedFlow,
/// Current status
pub status: FlowStatus,
/// Completed step IDs
pub completed_steps: HashSet<u32>,
/// Failed step IDs
pub failed_steps: HashSet<u32>,
/// Step results
pub step_results: HashMap<u32, HashMap<String, String>>,
/// Execution start time
pub started_at: chrono::DateTime<chrono::Utc>,
/// Execution end time
pub completed_at: Option<chrono::DateTime<chrono::Utc>>,
}
impl FlowExecution {
/// Create a new flow execution
pub fn new(flow: OrchestratedFlow) -> Self {
Self {
flow,
status: FlowStatus::Pending,
completed_steps: HashSet::new(),
failed_steps: HashSet::new(),
step_results: HashMap::new(),
started_at: chrono::Utc::now(),
completed_at: None,
}
}
/// Check if a step is ready to execute (all dependencies completed)
pub fn is_step_ready(&self, step: &OrchestratedFlowStep) -> bool {
if self.completed_steps.contains(&step.id()) || self.failed_steps.contains(&step.id()) {
return false;
}
step.depends_on.iter().all(|dep_id| self.completed_steps.contains(dep_id))
}
/// Get all ready steps
pub fn get_ready_steps(&self) -> Vec<&OrchestratedFlowStep> {
self.flow
.orchestrated_steps
.iter()
.filter(|step| self.is_step_ready(step))
.collect()
}
/// Mark a step as completed
pub fn complete_step(&mut self, step_id: u32, outputs: HashMap<String, String>) {
self.completed_steps.insert(step_id);
self.step_results.insert(step_id, outputs);
// Check if flow is complete
if self.completed_steps.len() == self.flow.orchestrated_steps.len() {
self.status = FlowStatus::Completed;
self.completed_at = Some(chrono::Utc::now());
}
}
/// Mark a step as failed
pub fn fail_step(&mut self, step_id: u32) {
self.failed_steps.insert(step_id);
self.status = FlowStatus::Failed;
self.completed_at = Some(chrono::Utc::now());
}
/// Check if the flow execution is finished
pub fn is_finished(&self) -> bool {
matches!(self.status, FlowStatus::Completed | FlowStatus::Failed)
}
}
impl<I: RhaiInterface + Send + Sync + 'static> Orchestrator<I> {
/// Create a new orchestrator
pub fn new(interface: Arc<I>) -> Self {
Self {
interface,
active_flows: Arc::new(RwLock::new(HashMap::new())),
}
}
/// Start executing a flow
pub async fn execute_flow(&self, flow: OrchestratedFlow) -> Result<u32, OrchestratorError> {
let flow_id = flow.id();
flow.validate_dag()?;
info!("Starting execution of flow {} with {} steps", flow_id, flow.orchestrated_steps.len());
// Create flow execution
let mut execution = FlowExecution::new(flow);
execution.status = FlowStatus::Running;
// Store the execution
{
let mut active_flows = self.active_flows.write().await;
active_flows.insert(flow_id, execution);
}
// Start execution in background
let orchestrator = self.clone();
tokio::spawn(async move {
if let Err(e) = orchestrator.execute_flow_steps(flow_id).await {
error!("Flow {} execution failed: {}", flow_id, e);
// Mark flow as failed
let mut active_flows = orchestrator.active_flows.write().await;
if let Some(execution) = active_flows.get_mut(&flow_id) {
execution.status = FlowStatus::Failed;
execution.completed_at = Some(chrono::Utc::now());
}
}
});
Ok(flow_id)
}
/// Execute flow steps using DAG traversal
async fn execute_flow_steps(&self, flow_id: u32) -> Result<(), OrchestratorError> {
loop {
let ready_steps = {
let active_flows = self.active_flows.read().await;
let execution = active_flows
.get(&flow_id)
.ok_or(OrchestratorError::StepNotFound(flow_id))?;
if execution.is_finished() {
info!("Flow {} execution completed with status: {:?}", flow_id, execution.status);
return Ok(());
}
execution.get_ready_steps().into_iter().cloned().collect::<Vec<_>>()
};
if ready_steps.is_empty() {
// Check if we're deadlocked
let active_flows = self.active_flows.read().await;
let execution = active_flows
.get(&flow_id)
.ok_or(OrchestratorError::StepNotFound(flow_id))?;
if !execution.is_finished() {
warn!("No ready steps found for flow {} - possible deadlock", flow_id);
return Err(OrchestratorError::NoReadySteps);
}
return Ok(());
}
debug!("Executing {} ready steps for flow {}", ready_steps.len(), flow_id);
// Execute ready steps concurrently
let step_futures = ready_steps.into_iter().map(|step| {
let orchestrator = self.clone();
async move {
orchestrator.execute_step(flow_id, step).await
}
});
// Wait for all steps to complete
let results = try_join_all(step_futures).await?;
// Update execution state
{
let mut active_flows = self.active_flows.write().await;
let execution = active_flows
.get_mut(&flow_id)
.ok_or(OrchestratorError::StepNotFound(flow_id))?;
for (step_id, outputs) in results {
execution.complete_step(step_id, outputs);
}
}
// Small delay to prevent tight loop
tokio::time::sleep(tokio::time::Duration::from_millis(10)).await;
}
}
/// Execute a single step
async fn execute_step(
&self,
flow_id: u32,
step: OrchestratedFlowStep,
) -> Result<(u32, HashMap<String, String>), OrchestratorError> {
let step_id = step.id();
info!("Executing step {} for flow {}", step_id, flow_id);
// Prepare inputs with dependency outputs
let mut inputs = step.inputs.clone();
// Add outputs from dependency steps
{
let active_flows = self.active_flows.read().await;
let execution = active_flows
.get(&flow_id)
.ok_or(OrchestratorError::StepNotFound(flow_id))?;
for dep_id in &step.depends_on {
if let Some(dep_outputs) = execution.step_results.get(dep_id) {
for (key, value) in dep_outputs {
inputs.insert(format!("dep_{}_{}", dep_id, key), value.clone());
}
}
}
}
// Create play request
let play_request = PlayRequest {
id: format!("{}_{}", flow_id, step_id),
worker_id: step.worker_id.clone(),
context_id: step.context_id.clone(),
script: step.script.clone(),
timeout: std::time::Duration::from_secs(30), // Default timeout
};
// Execute the script
match self.interface.submit_play_request_and_await_result(&play_request).await {
Ok(output) => {
info!("Step {} completed successfully", step_id);
let mut outputs = HashMap::new();
outputs.insert("result".to_string(), output);
Ok((step_id, outputs))
}
Err(e) => {
error!("Step {} failed: {}", step_id, e);
// Mark step as failed
{
let mut active_flows = self.active_flows.write().await;
if let Some(execution) = active_flows.get_mut(&flow_id) {
execution.fail_step(step_id);
}
}
Err(OrchestratorError::StepFailed(step_id, Some(e.to_string())))
}
}
}
/// Get the status of a flow execution
pub async fn get_flow_status(&self, flow_id: u32) -> Option<FlowExecution> {
let active_flows = self.active_flows.read().await;
active_flows.get(&flow_id).cloned()
}
/// Cancel a flow execution
pub async fn cancel_flow(&self, flow_id: u32) -> Result<(), OrchestratorError> {
let mut active_flows = self.active_flows.write().await;
if let Some(execution) = active_flows.get_mut(&flow_id) {
execution.status = FlowStatus::Failed;
execution.completed_at = Some(chrono::Utc::now());
info!("Flow {} cancelled", flow_id);
Ok(())
} else {
Err(OrchestratorError::StepNotFound(flow_id))
}
}
/// List all active flows
pub async fn list_active_flows(&self) -> Vec<(u32, FlowStatus)> {
let active_flows = self.active_flows.read().await;
active_flows
.iter()
.map(|(id, execution)| (*id, execution.status.clone()))
.collect()
}
/// Clean up completed flows
pub async fn cleanup_completed_flows(&self) {
let mut active_flows = self.active_flows.write().await;
active_flows.retain(|_, execution| !execution.is_finished());
}
}
impl<I: RhaiInterface + Send + Sync> Clone for Orchestrator<I> {
fn clone(&self) -> Self {
Self {
interface: self.interface.clone(),
active_flows: self.active_flows.clone(),
}
}
}
#[cfg(test)]
mod tests {
use super::*;
use crate::interface::LocalInterface;
use std::collections::HashMap;
#[tokio::test]
async fn test_simple_flow_execution() {
let interface = Arc::new(LocalInterface::new());
let orchestrator = Orchestrator::new(interface);
// Create a simple flow with two steps
let step1 = OrchestratedFlowStep::new("step1")
.script("let result = 10;")
.context_id("test")
.worker_id("worker1");
let step2 = OrchestratedFlowStep::new("step2")
.script("let result = dep_1_result + 5;")
.depends_on(step1.id())
.context_id("test")
.worker_id("worker1");
let flow = OrchestratedFlow::new("test_flow")
.add_step(step1)
.add_step(step2);
// Execute the flow
let flow_id = orchestrator.execute_flow(flow).await.unwrap();
// Wait for completion
tokio::time::sleep(tokio::time::Duration::from_millis(100)).await;
let status = orchestrator.get_flow_status(flow_id).await.unwrap();
assert_eq!(status.status, FlowStatus::Completed);
assert_eq!(status.completed_steps.len(), 2);
}
#[tokio::test]
async fn test_parallel_execution() {
let interface = Arc::new(LocalInterface::new());
let orchestrator = Orchestrator::new(interface);
// Create a flow with parallel steps
let step1 = OrchestratedFlowStep::new("step1")
.script("let result = 10;")
.context_id("test")
.worker_id("worker1");
let step2 = OrchestratedFlowStep::new("step2")
.script("let result = 20;")
.context_id("test")
.worker_id("worker2");
let step3 = OrchestratedFlowStep::new("step3")
.script("let result = dep_1_result + dep_2_result;")
.depends_on(step1.id())
.depends_on(step2.id())
.context_id("test")
.worker_id("worker3");
let flow = OrchestratedFlow::new("parallel_flow")
.add_step(step1)
.add_step(step2)
.add_step(step3);
// Execute the flow
let flow_id = orchestrator.execute_flow(flow).await.unwrap();
// Wait for completion
tokio::time::sleep(tokio::time::Duration::from_millis(100)).await;
let status = orchestrator.get_flow_status(flow_id).await.unwrap();
assert_eq!(status.status, FlowStatus::Completed);
assert_eq!(status.completed_steps.len(), 3);
}
#[test]
fn test_flow_execution_state() {
let step1 = OrchestratedFlowStep::new("step1").script("let x = 1;");
let step2 = OrchestratedFlowStep::new("step2")
.script("let y = 2;")
.depends_on(step1.id());
let flow = OrchestratedFlow::new("test_flow")
.add_step(step1.clone())
.add_step(step2.clone());
let mut execution = FlowExecution::new(flow);
// Initially, only step1 should be ready
assert!(execution.is_step_ready(&step1));
assert!(!execution.is_step_ready(&step2));
// After completing step1, step2 should be ready
execution.complete_step(step1.id(), HashMap::new());
assert!(!execution.is_step_ready(&step1)); // Already completed
assert!(execution.is_step_ready(&step2));
// After completing step2, flow should be complete
execution.complete_step(step2.id(), HashMap::new());
assert_eq!(execution.status, FlowStatus::Completed);
}
}

42
rhailib/_archive/orchestrator/src/services.rs Normal file
View File

@@ -0,0 +1,42 @@
//! Main orchestrator implementation for DAG-based workflow execution
use crate::{
OrchestratedFlow, OrchestratedFlowStep, OrchestratorError, FlowStatus, RhaiInterface, ScriptRequest,
};
use futures::future::try_join_all;
use std::collections::{HashMap, HashSet};
use std::sync::Arc;
use tokio::sync::RwLock;
use tracing::{debug, error, info, warn};
impl<I: RhaiInterface + Send + Sync + 'static> Orchestrator<I> {
/// Get a flow by ID
pub fn get_flow(&self, flow_id: u32) -> Result<OrchestratedFlow, OrchestratorError> {
self.interface
.new_play_request()
.script(format!("json_encode(get_flow({}))", flow_id))
.submit_play_request_and_await_result()
.await
.map(|result| serde_json::from_str(&result).unwrap())
}
pub fn get_flows(&self) -> Result<Vec<OrchestratedFlow>, OrchestratorError> {
self.interface
.new_play_request()
.script("json_encode(get_flows())")
.submit_play_request_and_await_result()
.await
.map(|result| serde_json::from_str(&result).unwrap())
}
pub fn get_active_flows(&self) -> Result<Vec<OrchestratedFlow>, OrchestratorError> {
self.interface
.new_play_request()
.script("json_encode(get_flows())")
.submit_play_request_and_await_result()
.await
.map(|result| serde_json::from_str(&result).unwrap())
}
}

2
rhailib/_archive/worker/.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
/target
worker_rhai_temp_db

29
rhailib/_archive/worker/Cargo.toml Normal file
View File

@@ -0,0 +1,29 @@
[package]
name = "rhailib_worker"
version = "0.1.0"
edition = "2021"
[lib]
name = "rhailib_worker" # Can be different from package name, or same
path = "src/lib.rs"
[[bin]]
name = "worker"
path = "cmd/worker.rs"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
redis = { version = "0.25.0", features = ["tokio-comp"] }
rhai = { version = "1.18.0", default-features = false, features = ["sync", "decimal", "std"] } # Added "decimal" for broader script support
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
tokio = { version = "1", features = ["macros", "rt-multi-thread", "time"] }
log = "0.4"
env_logger = "0.10"
clap = { version = "4.4", features = ["derive"] }
uuid = { version = "1.6", features = ["v4", "serde"] } # Though task_id is string, uuid might be useful
chrono = { version = "0.4", features = ["serde"] }
rhai_dispatcher = { path = "../dispatcher" }
rhailib_engine = { path = "../engine" }
heromodels = { path = "../../../db/heromodels", features = ["rhai"] }

75
rhailib/_archive/worker/README.md Normal file
View File

@@ -0,0 +1,75 @@
# Rhai Worker
The `rhai_worker` crate implements a standalone worker service that listens for Rhai script execution tasks from a Redis queue, executes them, and posts results back to Redis. It is designed to be spawned as a separate OS process by an orchestrator like the `launcher` crate.
## Features
- **Redis Queue Consumption**: Listens to a specific Redis list (acting as a task queue) for incoming task IDs. The queue is determined by the `--circle-public-key` argument.
- **Rhai Script Execution**: Executes Rhai scripts retrieved from Redis based on task IDs.
- **Task State Management**: Updates task status (`processing`, `completed`, `error`) and stores results in Redis hashes.
- **Script Scope Injection**: Automatically injects two important constants into the Rhai script's scope:
- `CONTEXT_ID`: The public key of the worker's own circle.
- `CALLER_ID`: The public key of the entity that requested the script execution.
- **Asynchronous Operations**: Built with `tokio` for non-blocking Redis communication.
- **Graceful Error Handling**: Captures errors during script execution and stores them for the client.
## Core Components
- **`worker_lib` (Library Crate)**:
- **`Args`**: A struct (using `clap`) for parsing command-line arguments: `--redis-url` and `--circle-public-key`.
- **`run_worker_loop(engine: Engine, args: Args)`**: The main asynchronous function that:
- Connects to Redis.
- Continuously polls the designated Redis queue (`rhai_tasks:<circle_public_key>`) using `BLPOP`.
- Upon receiving a `task_id`, it fetches the task details from a Redis hash.
- It injects `CALLER_ID` and `CONTEXT_ID` into the script's scope.
- It executes the script and updates the task status in Redis with the output or error.
- **`worker` (Binary Crate - `cmd/worker.rs`)**:
- The main executable entry point. It parses command-line arguments, initializes a Rhai engine, and invokes `run_worker_loop`.
## How It Works
1. The worker executable is launched by an external process (e.g., `launcher`), which passes the required command-line arguments.
```bash
# This is typically done programmatically by a parent process.
/path/to/worker --redis-url redis://127.0.0.1/ --circle-public-key 02...abc
```
2. The `run_worker_loop` connects to Redis and starts listening to its designated task queue (e.g., `rhai_tasks:02...abc`).
3. A `rhai_dispatcher` submits a task by pushing a `task_id` to this queue and storing the script and other details in a Redis hash.
4. The worker's `BLPOP` command picks up the `task_id`.
5. The worker retrieves the script from the corresponding `rhai_task_details:<task_id>` hash.
6. It updates the task's status to "processing".
7. The Rhai script is executed within a scope that contains both `CONTEXT_ID` and `CALLER_ID`.
8. After execution, the status is updated to "completed" (with output) or "error" (with an error message).
9. The worker then goes back to listening for the next task.
## Prerequisites
- A running Redis instance accessible by the worker.
- An orchestrator process (like `launcher`) to spawn the worker.
- A `rhai_dispatcher` (or another system) to populate the Redis queues.
## Building and Running
The worker is intended to be built as a dependency and run by another program.
1. **Build the worker:**
```bash
# From the root of the rhailib project
cargo build --package worker
```
The binary will be located at `target/debug/worker`.
2. **Running the worker:**
The worker is not typically run manually. The `launcher` crate is responsible for spawning it with the correct arguments. If you need to run it manually for testing, you must provide the required arguments:
```bash
./target/debug/worker --redis-url redis://127.0.0.1/ --circle-public-key <a_valid_hex_public_key>
```
## Dependencies
Key dependencies include:
- `redis`: For asynchronous Redis communication.
- `rhai`: The Rhai script engine.
- `clap`: For command-line argument parsing.
- `tokio`: For the asynchronous runtime.
- `log`, `env_logger`: For logging.

113
rhailib/_archive/worker/cmd/README.md Normal file
View File

@@ -0,0 +1,113 @@
# Rhai Worker Binary
A command-line worker for executing Rhai scripts from Redis task queues.
## Binary: `worker`
### Installation
Build the binary:
```bash
cargo build --bin worker --release
```
### Usage
```bash
# Basic usage - requires circle public key
worker --circle-public-key <CIRCLE_PUBLIC_KEY>
# Custom Redis URL
worker -c <CIRCLE_PUBLIC_KEY> --redis-url redis://localhost:6379/1
# Custom worker ID and database path
worker -c <CIRCLE_PUBLIC_KEY> --worker-id my_worker --db-path /tmp/worker_db
# Preserve tasks for debugging/benchmarking
worker -c <CIRCLE_PUBLIC_KEY> --preserve-tasks
# Remove timestamps from logs
worker -c <CIRCLE_PUBLIC_KEY> --no-timestamp
# Increase verbosity
worker -c <CIRCLE_PUBLIC_KEY> -v # Debug logging
worker -c <CIRCLE_PUBLIC_KEY> -vv # Full debug
worker -c <CIRCLE_PUBLIC_KEY> -vvv # Trace logging
```
### Command-Line Options
| Option | Short | Default | Description |
|--------|-------|---------|-------------|
| `--circle-public-key` | `-c` | **Required** | Circle public key to listen for tasks |
| `--redis-url` | `-r` | `redis://localhost:6379` | Redis connection URL |
| `--worker-id` | `-w` | `worker_1` | Unique worker identifier |
| `--preserve-tasks` | | `false` | Preserve task details after completion |
| `--db-path` | | `worker_rhai_temp_db` | Database path for Rhai engine |
| `--no-timestamp` | | `false` | Remove timestamps from log output |
| `--verbose` | `-v` | | Increase verbosity (stackable) |
### Features
- **Task Queue Processing**: Listens to Redis queues for Rhai script execution tasks
- **Performance Optimized**: Configured for maximum Rhai engine performance
- **Graceful Shutdown**: Supports shutdown signals for clean termination
- **Flexible Logging**: Configurable verbosity and timestamp control
- **Database Integration**: Uses heromodels for data persistence
- **Task Cleanup**: Optional task preservation for debugging/benchmarking
### How It Works
1. **Queue Listening**: Worker listens on Redis queue `rhailib:{circle_public_key}`
2. **Task Processing**: Receives task IDs, fetches task details from Redis
3. **Script Execution**: Executes Rhai scripts with configured engine
4. **Result Handling**: Updates task status and sends results to reply queues
5. **Cleanup**: Optionally cleans up task details after completion
### Configuration Examples
#### Development Worker
```bash
# Simple development worker
worker -c dev_circle_123
# Development with verbose logging (no timestamps)
worker -c dev_circle_123 -v --no-timestamp
```
#### Production Worker
```bash
# Production worker with custom configuration
worker \
--circle-public-key prod_circle_456 \
--redis-url redis://redis-server:6379/0 \
--worker-id prod_worker_1 \
--db-path /var/lib/worker/db \
--preserve-tasks
```
#### Benchmarking Worker
```bash
# Worker optimized for benchmarking
worker \
--circle-public-key bench_circle_789 \
--preserve-tasks \
--no-timestamp \
-vv
```
### Error Handling
The worker provides clear error messages for:
- Missing or invalid circle public key
- Redis connection failures
- Script execution errors
- Database access issues
### Dependencies
- `rhailib_engine`: Rhai engine with heromodels integration
- `redis`: Redis client for task queue management
- `rhai`: Script execution engine
- `clap`: Command-line argument parsing
- `env_logger`: Logging infrastructure

95
rhailib/_archive/worker/cmd/worker.rs Normal file
View File

@@ -0,0 +1,95 @@
use clap::Parser;
use rhailib_engine::create_heromodels_engine;
use rhailib_worker::spawn_rhai_worker;
use tokio::sync::mpsc;
#[derive(Parser, Debug)]
#[command(author, version, about, long_about = None)]
struct Args {
/// Worker ID for identification
#[arg(short, long)]
worker_id: String,
/// Redis URL
#[arg(short, long, default_value = "redis://localhost:6379")]
redis_url: String,
/// Preserve task details after completion (for benchmarking)
#[arg(long, default_value = "false")]
preserve_tasks: bool,
/// Root directory for engine database
#[arg(long, default_value = "worker_rhai_temp_db")]
db_path: String,
/// Disable timestamps in log output
#[arg(long, help = "Remove timestamps from log output")]
no_timestamp: bool,
}
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
let args = Args::parse();
// Configure env_logger with or without timestamps
if args.no_timestamp {
env_logger::Builder::from_default_env()
.format_timestamp(None)
.init();
} else {
env_logger::init();
}
log::info!("Rhai Worker (binary) starting with performance-optimized engine.");
log::info!(
"Worker ID: {}, Redis: {}",
args.worker_id,
args.redis_url
);
let mut engine = create_heromodels_engine();
// Performance optimizations for benchmarking
engine.set_max_operations(0); // Unlimited operations for performance testing
engine.set_max_expr_depths(0, 0); // Unlimited expression depth
engine.set_max_string_size(0); // Unlimited string size
engine.set_max_array_size(0); // Unlimited array size
engine.set_max_map_size(0); // Unlimited map size
// Enable full optimization for maximum performance
engine.set_optimization_level(rhai::OptimizationLevel::Full);
log::info!("Engine configured for maximum performance");
// Create shutdown channel (for graceful shutdown, though not used in benchmarks)
let (_shutdown_tx, shutdown_rx) = mpsc::channel::<()>(1);
// Spawn the worker
let worker_handle = spawn_rhai_worker(
args.worker_id,
args.db_path,
engine,
args.redis_url,
shutdown_rx,
args.preserve_tasks,
);
// Wait for the worker to complete
match worker_handle.await {
Ok(result) => match result {
Ok(_) => {
log::info!("Worker completed successfully");
Ok(())
}
Err(e) => {
log::error!("Worker failed: {}", e);
Err(e)
}
},
Err(e) => {
log::error!("Worker task panicked: {}", e);
Err(Box::new(e) as Box<dyn std::error::Error + Send + Sync>)
}
}
}

53
rhailib/_archive/worker/docs/ARCHITECTURE.md Normal file
View File

@@ -0,0 +1,53 @@
# Architecture of the `rhailib_worker` Crate
The `rhailib_worker` crate implements a distributed task execution system for Rhai scripts, providing scalable, reliable script processing through Redis-based task queues. Workers are decoupled from contexts, allowing a single worker to process tasks for multiple contexts (circles).
## Core Architecture
```mermaid
graph TD
A[Worker Process] --> B[Task Queue Processing]
A --> C[Script Execution Engine]
A --> D[Result Management]
B --> B1[Redis Queue Monitoring]
B --> B2[Task Deserialization]
B --> B3[Priority Handling]
C --> C1[Rhai Engine Integration]
C --> C2[Context Management]
C --> C3[Error Handling]
D --> D1[Result Serialization]
D --> D2[Reply Queue Management]
D --> D3[Status Updates]
```
## Key Components
### Task Processing Pipeline
- **Queue Monitoring**: Continuous Redis queue polling for new tasks
- **Task Execution**: Secure Rhai script execution with proper context
- **Result Handling**: Comprehensive result and error management
### Engine Integration
- **Rhailib Engine**: Full integration with rhailib_engine for DSL access
- **Context Injection**: Proper authentication and database context setup
- **Security**: Isolated execution environment with access controls
### Scalability Features
- **Horizontal Scaling**: Multiple worker instances for load distribution
- **Queue-based Architecture**: Reliable task distribution via Redis
- **Fault Tolerance**: Robust error handling and recovery mechanisms
## Dependencies
- **Redis Integration**: Task queue management and communication
- **Rhai Engine**: Script execution with full DSL capabilities
- **Client Integration**: Shared data structures with rhai_dispatcher
- **Heromodels**: Database and business logic integration
- **Async Runtime**: Tokio for high-performance concurrent processing
## Deployment Patterns
Workers can be deployed as standalone processes, containerized services, or embedded components, providing flexibility for various deployment scenarios from development to production.

259
rhailib/_archive/worker/src/lib.rs Normal file
View File

@@ -0,0 +1,259 @@
use chrono::Utc;
use log::{debug, error, info};
use redis::AsyncCommands;
use rhai::{Dynamic, Engine};
use rhai_dispatcher::RhaiTaskDetails; // Import for constructing the reply message
use serde_json;
use std::collections::HashMap;
use tokio::sync::mpsc; // For shutdown signal
use tokio::task::JoinHandle; // For serializing the reply message
const NAMESPACE_PREFIX: &str = "rhailib:";
const BLPOP_TIMEOUT_SECONDS: usize = 5;
// This function updates specific fields in the Redis hash.
// It doesn't need to know the full RhaiTaskDetails struct, only the field names.
async fn update_task_status_in_redis(
conn: &mut redis::aio::MultiplexedConnection,
task_id: &str,
status: &str,
output: Option<String>,
error_msg: Option<String>,
) -> redis::RedisResult<()> {
let task_key = format!("{}{}", NAMESPACE_PREFIX, task_id);
let mut updates: Vec<(&str, String)> = vec![
("status", status.to_string()),
("updatedAt", Utc::now().timestamp().to_string()),
];
if let Some(out) = output {
updates.push(("output", out));
}
if let Some(err) = error_msg {
updates.push(("error", err));
}
debug!(
"Updating task {} in Redis with status: {}, updates: {:?}",
task_id, status, updates
);
conn.hset_multiple::<_, _, _, ()>(&task_key, &updates)
.await?;
Ok(())
}
pub fn spawn_rhai_worker(
worker_id: String,
db_path: String,
mut engine: Engine,
redis_url: String,
mut shutdown_rx: mpsc::Receiver<()>, // Add shutdown receiver
preserve_tasks: bool, // Flag to control task cleanup
) -> JoinHandle<Result<(), Box<dyn std::error::Error + Send + Sync>>> {
tokio::spawn(async move {
let queue_key = format!("{}{}", NAMESPACE_PREFIX, worker_id);
info!(
"Rhai Worker for Worker ID '{}' starting. Connecting to Redis at {}. Listening on queue: {}. Waiting for tasks or shutdown signal.",
worker_id, redis_url, queue_key
);
let redis_client = match redis::Client::open(redis_url.as_str()) {
Ok(client) => client,
Err(e) => {
error!(
"Worker for Worker ID '{}': Failed to open Redis client: {}",
worker_id, e
);
return Err(Box::new(e) as Box<dyn std::error::Error + Send + Sync>);
}
};
let mut redis_conn = match redis_client.get_multiplexed_async_connection().await {
Ok(conn) => conn,
Err(e) => {
error!(
"Worker for Worker ID '{}': Failed to get Redis connection: {}",
worker_id, e
);
return Err(Box::new(e) as Box<dyn std::error::Error + Send + Sync>);
}
};
info!(
"Worker for Worker ID '{}' successfully connected to Redis.",
worker_id
);
loop {
let blpop_keys = vec![queue_key.clone()];
tokio::select! {
// Listen for shutdown signal
_ = shutdown_rx.recv() => {
info!("Worker for Worker ID '{}': Shutdown signal received. Terminating loop.", worker_id.clone());
break;
}
// Listen for tasks from Redis
blpop_result = redis_conn.blpop(&blpop_keys, BLPOP_TIMEOUT_SECONDS as f64) => {
debug!("Worker for Worker ID '{}': Attempting BLPOP on queue: {}", worker_id.clone(), queue_key);
let response: Option<(String, String)> = match blpop_result {
Ok(resp) => resp,
Err(e) => {
error!("Worker '{}': Redis BLPOP error on queue {}: {}. Worker for this circle might stop.", worker_id, queue_key, e);
return Err(Box::new(e) as Box<dyn std::error::Error + Send + Sync>);
}
};
if let Some((_queue_name_recv, task_id)) = response {
info!("Worker '{}' received task_id: {} from queue: {}", worker_id, task_id, _queue_name_recv);
debug!("Worker '{}', Task {}: Processing started.", worker_id, task_id);
let task_details_key = format!("{}{}", NAMESPACE_PREFIX, task_id);
debug!("Worker '{}', Task {}: Attempting HGETALL from key: {}", worker_id, task_id, task_details_key);
let task_details_map_result: Result<HashMap<String, String>, _> =
redis_conn.hgetall(&task_details_key).await;
match task_details_map_result {
Ok(details_map) => {
debug!("Worker '{}', Task {}: HGETALL successful. Details: {:?}", worker_id, task_id, details_map);
let script_content_opt = details_map.get("script").cloned();
let created_at_str_opt = details_map.get("createdAt").cloned();
let caller_id = details_map.get("callerId").cloned().expect("callerId field missing from Redis hash");
let context_id = details_map.get("contextId").cloned().expect("contextId field missing from Redis hash");
if context_id.is_empty() {
error!("Worker '{}', Task {}: contextId field missing from Redis hash", worker_id, task_id);
return Err("contextId field missing from Redis hash".into());
}
if caller_id.is_empty() {
error!("Worker '{}', Task {}: callerId field missing from Redis hash", worker_id, task_id);
return Err("callerId field missing from Redis hash".into());
}
if let Some(script_content) = script_content_opt {
info!("Worker '{}' processing task_id: {}. Script: {:.50}...", context_id, task_id, script_content);
debug!("Worker for Context ID '{}', Task {}: Attempting to update status to 'processing'.", context_id, task_id);
if let Err(e) = update_task_status_in_redis(&mut redis_conn, &task_id, "processing", None, None).await {
error!("Worker for Context ID '{}', Task {}: Failed to update status to 'processing': {}", context_id, task_id, e);
} else {
debug!("Worker for Context ID '{}', Task {}: Status updated to 'processing'.", context_id, task_id);
}
let mut db_config = rhai::Map::new();
db_config.insert("DB_PATH".into(), db_path.clone().into());
db_config.insert("CALLER_ID".into(), caller_id.clone().into());
db_config.insert("CONTEXT_ID".into(), context_id.clone().into());
engine.set_default_tag(Dynamic::from(db_config)); // Or pass via CallFnOptions
debug!("Worker for Context ID '{}', Task {}: Evaluating script with Rhai engine.", context_id, task_id);
let mut final_status = "error".to_string(); // Default to error
let mut final_output: Option<String> = None;
let mut final_error_msg: Option<String> = None;
match engine.eval::<rhai::Dynamic>(&script_content) {
Ok(result) => {
let output_str = if result.is::<String>() {
// If the result is a string, we can unwrap it directly.
// This moves `result`, which is fine because it's the last time we use it in this branch.
result.into_string().unwrap()
} else {
result.to_string()
};
info!("Worker for Context ID '{}' task {} completed. Output: {}", context_id, task_id, output_str);
final_status = "completed".to_string();
final_output = Some(output_str);
}
Err(e) => {
let error_str = format!("{:?}", *e);
error!("Worker for Context ID '{}' task {} script evaluation failed. Error: {}", context_id, task_id, error_str);
final_error_msg = Some(error_str);
// final_status remains "error"
}
}
debug!("Worker for Context ID '{}', Task {}: Attempting to update status to '{}'.", context_id, task_id, final_status);
if let Err(e) = update_task_status_in_redis(
&mut redis_conn,
&task_id,
&final_status,
final_output.clone(), // Clone for task hash update
final_error_msg.clone(), // Clone for task hash update
).await {
error!("Worker for Context ID '{}', Task {}: Failed to update final status to '{}': {}", context_id, task_id, final_status, e);
} else {
debug!("Worker for Context ID '{}', Task {}: Final status updated to '{}'.", context_id, task_id, final_status);
}
// Send to reply queue if specified
let created_at = created_at_str_opt
.and_then(|s| chrono::DateTime::parse_from_rfc3339(&s).ok())
.map(|dt| dt.with_timezone(&Utc))
.unwrap_or_else(Utc::now); // Fallback, though createdAt should exist
let reply_details = RhaiTaskDetails {
task_id: task_id.to_string(), // Add the task_id
script: script_content.clone(), // Include script for context in reply
status: final_status, // The final status
output: final_output, // The final output
error: final_error_msg, // The final error
created_at, // Original creation time
updated_at: Utc::now(), // Time of this final update/reply
caller_id: caller_id.clone(),
context_id: context_id.clone(),
worker_id: worker_id.clone(),
};
let reply_queue_key = format!("{}:reply:{}", NAMESPACE_PREFIX, task_id);
match serde_json::to_string(&reply_details) {
Ok(reply_json) => {
let lpush_result: redis::RedisResult<i64> = redis_conn.lpush(&reply_queue_key, &reply_json).await;
match lpush_result {
Ok(_) => debug!("Worker for Context ID '{}', Task {}: Successfully sent result to reply queue {}", context_id, task_id, reply_queue_key),
Err(e_lpush) => error!("Worker for Context ID '{}', Task {}: Failed to LPUSH result to reply queue {}: {}", context_id, task_id, reply_queue_key, e_lpush),
}
}
Err(e_json) => {
error!("Worker for Context ID '{}', Task {}: Failed to serialize reply details for queue {}: {}", context_id, task_id, reply_queue_key, e_json);
}
}
// Clean up task details based on preserve_tasks flag
if !preserve_tasks {
// The worker is responsible for cleaning up the task details hash.
if let Err(e) = redis_conn.del::<_, ()>(&task_details_key).await {
error!("Worker for Context ID '{}', Task {}: Failed to delete task details key '{}': {}", context_id, task_id, task_details_key, e);
} else {
debug!("Worker for Context ID '{}', Task {}: Cleaned up task details key '{}'.", context_id, task_id, task_details_key);
}
} else {
debug!("Worker for Context ID '{}', Task {}: Preserving task details (preserve_tasks=true)", context_id, task_id);
}
} else { // Script content not found in hash
error!(
"Worker for Context ID '{}', Task {}: Script content not found in Redis hash. Details map: {:?}",
context_id, task_id, details_map
);
// Clean up invalid task details based on preserve_tasks flag
if !preserve_tasks {
// Even if the script is not found, the worker should clean up the invalid task hash.
if let Err(e) = redis_conn.del::<_, ()>(&task_details_key).await {
error!("Worker for Context ID '{}', Task {}: Failed to delete invalid task details key '{}': {}", context_id, task_id, task_details_key, e);
}
} else {
debug!("Worker for Context ID '{}', Task {}: Preserving invalid task details (preserve_tasks=true)", context_id, task_id);
}
}
}
Err(e) => {
error!(
"Worker '{}', Task {}: Failed to fetch details (HGETALL) from Redis for key {}. Error: {:?}",
worker_id, task_id, task_details_key, e
);
}
}
} else {
debug!("Worker '{}': BLPOP timed out on queue {}. No new tasks. Checking for shutdown signal again.", &worker_id, &queue_key);
}
} // End of blpop_result match
} // End of tokio::select!
} // End of loop
info!("Worker '{}' has shut down.", worker_id);
Ok(())
})
}

71
rhailib/benches/simple_rhai_bench/README.md Normal file
View File

@@ -0,0 +1,71 @@
# Minimal Rhailib Benchmark
A simplified, minimal benchmarking tool for rhailib performance testing.
## Overview
This benchmark focuses on simplicity and direct timing measurements:
- Creates a single task (n=1) using Lua script
- Measures latency using Redis timestamps
- Uses existing worker binary
- ~85 lines of code total
## Usage
### Prerequisites
- Redis running on `127.0.0.1:6379`
- Worker binary built: `cd src/worker && cargo build --release`
### Run Benchmark
```bash
# From project root
cargo bench
```
### Expected Output
```
🧹 Cleaning up Redis...
🚀 Starting worker...
📝 Creating single task...
⏱️ Waiting for completion...
✅ Task completed in 23.45ms
🧹 Cleaning up...
```
## Files
- `simple_bench.rs` - Main benchmark binary (85 lines)
- `batch_task.lua` - Minimal Lua script for task creation (28 lines)
- `Cargo.toml` - Dependencies and binary configuration
- `README.md` - This file
## How It Works
1. **Cleanup**: Clear Redis queues and task details
2. **Start Worker**: Spawn single worker process
3. **Create Task**: Use Lua script to create one task with timestamp
4. **Wait & Measure**: Poll task until complete, calculate latency
5. **Cleanup**: Kill worker and clear Redis
## Latency Calculation
```
latency_ms = updated_at - created_at
```
Where:
- `created_at`: Timestamp when task was created (Lua script)
- `updated_at`: Timestamp when worker completed task
## Future Iterations
- **Iteration 2**: Small batches (n=5, n=10)
- **Iteration 3**: Larger batches and script complexity
- **Iteration 4**: Performance optimizations
## Benefits
- **Easy to Understand**: Single file, linear flow
- **Direct Timing**: Redis timestamps, no complex stats
- **Fast to Modify**: No abstractions or frameworks
- **Reliable**: Simple Redis operations

46
rhailib/benches/simple_rhai_bench/batch_task.lua Normal file
View File

@@ -0,0 +1,46 @@
-- Minimal Lua script for single task creation (n=1)
-- Args: circle_name, rhai_script_content, task_count (optional, defaults to 1)
-- Returns: array of task keys for timing
if #ARGV < 2 then
return redis.error_reply("Usage: EVAL script 0 circle_name rhai_script_content [task_count]")
end
local circle_name = ARGV[1]
local rhai_script_content = ARGV[2]
local task_count = tonumber(ARGV[3]) or 1
-- Validate task_count
if task_count <= 0 or task_count > 10000 then
return redis.error_reply("task_count must be a positive integer between 1 and 10000")
end
-- Get current timestamp in Unix seconds (to match worker expectations)
local rhai_task_queue = 'rhai_tasks:' .. circle_name
local task_keys = {}
local current_time = redis.call('TIME')[1]
-- Create multiple tasks
for i = 1, task_count do
-- Generate unique task ID
local task_id = 'task_' .. redis.call('INCR', 'global_task_counter')
local task_details_key = 'rhai_task_details:' .. task_id
-- Create task details hash with creation timestamp
redis.call('HSET', task_details_key,
'script', rhai_script_content,
'status', 'pending',
'createdAt', current_time,
'updatedAt', current_time,
'task_sequence', tostring(i)
)
-- Queue the task for workers
redis.call('LPUSH', rhai_task_queue, task_id)
-- Add key to return array
table.insert(task_keys, task_details_key)
end
-- Return array of task keys for timing analysis
return task_keys

183
rhailib/benches/simple_rhai_bench/main.rs Normal file
View File

@@ -0,0 +1,183 @@
use criterion::{criterion_group, criterion_main, Criterion};
use redis::{Client, Commands};
use std::fs;
use std::process::{Child, Command, Stdio};
use std::thread;
use std::time::Duration;
const REDIS_URL: &str = "redis://127.0.0.1:6379";
const CIRCLE_NAME: &str = "bench_circle";
const SIMPLE_SCRIPT: &str = "new_event()\n .title(\"Weekly Sync\")\n .location(\"Conference Room A\")\n .description(\"Regular team sync meeting\")\n .save_event();";
fn cleanup_redis() -> Result<(), redis::RedisError> {
let client = Client::open(REDIS_URL)?;
let mut conn = client.get_connection()?;
// Clear task queue and any existing task details
let _: () = conn.del(format!("rhai_tasks:{}", CIRCLE_NAME))?;
let keys: Vec<String> = conn.scan_match("rhai_task_details:*")?.collect();
if !keys.is_empty() {
let _: () = conn.del(keys)?;
}
Ok(())
}
fn start_worker() -> Result<Child, std::io::Error> {
Command::new("cargo")
.args(&[
"run",
"--release",
"--bin",
"worker",
"--",
"--circle",
CIRCLE_NAME,
"--redis-url",
REDIS_URL,
"--worker-id",
"bench_worker",
"--preserve-tasks",
])
.current_dir("src/worker")
.stdout(Stdio::null())
.stderr(Stdio::null())
.spawn()
}
fn create_batch_tasks(task_count: usize) -> Result<Vec<String>, Box<dyn std::error::Error>> {
let client = Client::open(REDIS_URL)?;
let mut conn = client.get_connection()?;
// Load and execute Lua script
let lua_script = fs::read_to_string("benches/simple_rhai_bench/batch_task.lua")?;
let result: redis::Value = redis::cmd("EVAL")
.arg(lua_script)
.arg(0)
.arg(CIRCLE_NAME)
.arg(SIMPLE_SCRIPT)
.arg(task_count)
.query(&mut conn)?;
// Parse the task keys from the response
let task_keys = match result {
redis::Value::Bulk(items) => {
let mut keys = Vec::new();
for item in items {
if let redis::Value::Data(key_data) = item {
keys.push(String::from_utf8_lossy(&key_data).to_string());
}
}
keys
}
_ => {
return Err(format!("Unexpected Redis response type: {:?}", result).into());
}
};
Ok(task_keys)
}
fn wait_for_batch_completion(task_keys: &[String]) -> Result<f64, Box<dyn std::error::Error>> {
let client = Client::open(REDIS_URL)?;
let mut conn = client.get_connection()?;
let start_time = std::time::Instant::now();
let timeout = Duration::from_secs(30);
// Wait for all tasks to complete
loop {
let mut completed_count = 0;
let mut total_latency = 0u64;
for task_key in task_keys {
let status: Option<String> = conn.hget(task_key, "status")?;
match status.as_deref() {
Some("completed") | Some("error") => {
completed_count += 1;
// Get timing data
let created_at: u64 = conn.hget(task_key, "createdAt")?;
let updated_at: u64 = conn.hget(task_key, "updatedAt")?;
total_latency += updated_at - created_at;
}
_ => {} // Still pending or processing
}
}
if completed_count == task_keys.len() {
// All tasks completed, calculate average latency in milliseconds
let avg_latency_ms = (total_latency as f64 / task_keys.len() as f64) * 1000.0;
return Ok(avg_latency_ms);
}
// Check timeout
if start_time.elapsed() > timeout {
return Err(format!(
"Timeout waiting for batch completion. Completed: {}/{}",
completed_count,
task_keys.len()
)
.into());
}
thread::sleep(Duration::from_millis(100));
}
}
fn cleanup_worker(mut worker: Child) -> Result<(), std::io::Error> {
worker.kill()?;
worker.wait()?;
Ok(())
}
fn bench_single_rhai_task(c: &mut Criterion) {
// Setup: ensure worker is built
let _ = Command::new("cargo")
.args(&["build", "--release", "--bin", "worker"])
.current_dir("src/worker")
.output()
.expect("Failed to build worker");
// Clean up before starting
cleanup_redis().expect("Failed to cleanup Redis");
// Start worker once and reuse it
let worker = start_worker().expect("Failed to start worker");
thread::sleep(Duration::from_millis(1000)); // Give worker time to start
let mut group = c.benchmark_group("rhai_task_execution");
group.sample_size(10); // Reduce sample size
group.measurement_time(Duration::from_secs(10)); // Reduce measurement time
group.bench_function("batch_task_latency", |b| {
b.iter_custom(|iters| {
let mut total_latency = Duration::ZERO;
for _i in 0..iters {
// Clean up Redis between iterations
cleanup_redis().expect("Failed to cleanup Redis");
// Create 100 tasks and measure average latency using Redis timestamps
let task_keys = create_batch_tasks(5000).expect("Failed to create batch tasks");
let avg_latency_ms = wait_for_batch_completion(&task_keys)
.expect("Failed to measure batch completion");
// Convert average latency to duration
total_latency += Duration::from_millis(avg_latency_ms as u64);
}
total_latency
});
});
group.finish();
// Cleanup worker
cleanup_worker(worker).expect("Failed to cleanup worker");
cleanup_redis().expect("Failed to cleanup Redis");
}
criterion_group!(benches, bench_single_rhai_task);
criterion_main!(benches);

530
rhailib/docs/API_INTEGRATION_GUIDE.md Normal file
View File

@@ -0,0 +1,530 @@
# API Integration Guide for RhaiLib
## Quick Start
This guide shows you how to integrate external APIs with Rhai scripts using RhaiLib's async architecture.
## Table of Contents
1. [Setup and Configuration](#setup-and-configuration)
2. [Basic API Calls](#basic-api-calls)
3. [Stripe Payment Integration](#stripe-payment-integration)
4. [Error Handling Patterns](#error-handling-patterns)
5. [Advanced Usage](#advanced-usage)
6. [Extending to Other APIs](#extending-to-other-apis)
## Setup and Configuration
### 1. Environment Variables
Create a `.env` file in your project:
```bash
# .env
STRIPE_SECRET_KEY=sk_test_your_stripe_key_here
STRIPE_PUBLISHABLE_KEY=pk_test_your_publishable_key_here
```
### 2. Rust Setup
```rust
use rhailib_dsl::payment::register_payment_rhai_module;
use rhai::{Engine, EvalAltResult, Scope};
use std::env;
fn main() -> Result<(), Box<EvalAltResult>> {
// Load environment variables
dotenv::from_filename(".env").ok();
// Create Rhai engine and register payment module
let mut engine = Engine::new();
register_payment_rhai_module(&mut engine);
// Set up scope with API credentials
let mut scope = Scope::new();
let stripe_key = env::var("STRIPE_SECRET_KEY").unwrap();
scope.push("STRIPE_API_KEY", stripe_key);
// Execute your Rhai script
let script = std::fs::read_to_string("payment_script.rhai")?;
engine.eval_with_scope::<()>(&mut scope, &script)?;
Ok(())
}
```
### 3. Rhai Script Configuration
```rhai
// Configure the API client
let config_result = configure_stripe(STRIPE_API_KEY);
print(`Configuration: ${config_result}`);
```
## Basic API Calls
### Simple Product Creation
```rhai
// Create a basic product
let product = new_product()
.name("My Product")
.description("A great product");
try {
let product_id = product.create();
print(`✅ Created product: ${product_id}`);
} catch(error) {
print(`❌ Error: ${error}`);
}
```
### Price Configuration
```rhai
// One-time payment price
let one_time_price = new_price()
.amount(1999) // $19.99 in cents
.currency("usd")
.product(product_id);
let price_id = one_time_price.create();
// Subscription price
let monthly_price = new_price()
.amount(999) // $9.99 in cents
.currency("usd")
.product(product_id)
.recurring("month");
let monthly_price_id = monthly_price.create();
```
## Stripe Payment Integration
### Complete Payment Workflow
```rhai
// 1. Configure Stripe
configure_stripe(STRIPE_API_KEY);
// 2. Create Product
let product = new_product()
.name("Premium Software License")
.description("Professional software solution")
.metadata("category", "software")
.metadata("tier", "premium");
let product_id = product.create();
// 3. Create Pricing Options
let monthly_price = new_price()
.amount(2999) // $29.99
.currency("usd")
.product(product_id)
.recurring("month")
.metadata("billing", "monthly");
let annual_price = new_price()
.amount(29999) // $299.99 (save $60)
.currency("usd")
.product(product_id)
.recurring("year")
.metadata("billing", "annual")
.metadata("discount", "save_60");
let monthly_price_id = monthly_price.create();
let annual_price_id = annual_price.create();
// 4. Create Discount Coupons
let welcome_coupon = new_coupon()
.duration("once")
.percent_off(25)
.metadata("campaign", "welcome_offer");
let coupon_id = welcome_coupon.create();
// 5. Create Payment Intent for One-time Purchase
let payment_intent = new_payment_intent()
.amount(2999)
.currency("usd")
.customer("cus_customer_id")
.description("Monthly subscription payment")
.add_payment_method_type("card")
.metadata("price_id", monthly_price_id);
let intent_id = payment_intent.create();
// 6. Create Subscription
let subscription = new_subscription()
.customer("cus_customer_id")
.add_price(monthly_price_id)
.trial_days(14)
.coupon(coupon_id)
.metadata("source", "website");
let subscription_id = subscription.create();
```
### Builder Pattern Examples
#### Product with Metadata
```rhai
let product = new_product()
.name("Enterprise Software")
.description("Full-featured business solution")
.metadata("category", "enterprise")
.metadata("support_level", "premium")
.metadata("deployment", "cloud");
```
#### Complex Pricing
```rhai
let tiered_price = new_price()
.amount(4999) // $49.99
.currency("usd")
.product(product_id)
.recurring_with_count("month", 12) // 12 monthly payments
.metadata("tier", "professional")
.metadata("features", "advanced");
```
#### Multi-item Subscription
```rhai
let enterprise_subscription = new_subscription()
.customer("cus_enterprise_customer")
.add_price_with_quantity(user_license_price_id, 50) // 50 user licenses
.add_price(support_addon_price_id) // Premium support
.add_price(analytics_addon_price_id) // Analytics addon
.trial_days(30)
.metadata("plan", "enterprise")
.metadata("contract_length", "annual");
```
## Error Handling Patterns
### Basic Error Handling
```rhai
try {
let result = some_api_call();
print(`Success: ${result}`);
} catch(error) {
print(`Error occurred: ${error}`);
// Continue with fallback logic
}
```
### Graceful Degradation
```rhai
// Try to create with coupon, fallback without coupon
let subscription_id;
try {
subscription_id = new_subscription()
.customer(customer_id)
.add_price(price_id)
.coupon(coupon_id)
.create();
} catch(error) {
print(`Coupon failed: ${error}, creating without coupon`);
subscription_id = new_subscription()
.customer(customer_id)
.add_price(price_id)
.create();
}
```
### Validation Before API Calls
```rhai
// Validate inputs before making API calls
if customer_id == "" {
print("❌ Customer ID is required");
return;
}
if price_id == "" {
print("❌ Price ID is required");
return;
}
// Proceed with API call
let subscription = new_subscription()
.customer(customer_id)
.add_price(price_id)
.create();
```
## Advanced Usage
### Conditional Logic
```rhai
// Different pricing based on customer type
let price_id;
if customer_type == "enterprise" {
price_id = enterprise_price_id;
} else if customer_type == "professional" {
price_id = professional_price_id;
} else {
price_id = standard_price_id;
}
let subscription = new_subscription()
.customer(customer_id)
.add_price(price_id);
// Add trial for new customers
if is_new_customer {
subscription = subscription.trial_days(14);
}
let subscription_id = subscription.create();
```
### Dynamic Metadata
```rhai
// Build metadata dynamically
let product = new_product()
.name(product_name)
.description(product_description);
// Add metadata based on conditions
if has_support {
product = product.metadata("support", "included");
}
if is_premium {
product = product.metadata("tier", "premium");
}
if region != "" {
product = product.metadata("region", region);
}
let product_id = product.create();
```
### Bulk Operations
```rhai
// Create multiple prices for a product
let price_configs = [
#{amount: 999, interval: "month", name: "Monthly"},
#{amount: 9999, interval: "year", name: "Annual"},
#{amount: 19999, interval: "", name: "Lifetime"}
];
let price_ids = [];
for config in price_configs {
let price = new_price()
.amount(config.amount)
.currency("usd")
.product(product_id)
.metadata("plan_name", config.name);
if config.interval != "" {
price = price.recurring(config.interval);
}
let price_id = price.create();
price_ids.push(price_id);
print(`Created ${config.name} price: ${price_id}`);
}
```
## Extending to Other APIs
### Adding New API Support
To extend the architecture to other APIs, follow this pattern:
#### 1. Define Configuration Structure
```rust
#[derive(Debug, Clone)]
pub struct CustomApiConfig {
pub api_key: String,
pub base_url: String,
pub client: Client,
}
```
#### 2. Implement Request Handler
```rust
async fn handle_custom_api_request(
config: &CustomApiConfig,
request: &AsyncRequest
) -> Result<String, String> {
let url = format!("{}/{}", config.base_url, request.endpoint);
let response = config.client
.request(Method::from_str(&request.method).unwrap(), &url)
.header("Authorization", format!("Bearer {}", config.api_key))
.json(&request.data)
.send()
.await
.map_err(|e| format!("Request failed: {}", e))?;
let response_text = response.text().await
.map_err(|e| format!("Failed to read response: {}", e))?;
Ok(response_text)
}
```
#### 3. Register Rhai Functions
```rust
#[rhai_fn(name = "custom_api_call", return_raw)]
pub fn custom_api_call(
endpoint: String,
data: rhai::Map
) -> Result<String, Box<EvalAltResult>> {
let registry = CUSTOM_API_REGISTRY.lock().unwrap();
let registry = registry.as_ref().ok_or("API not configured")?;
let form_data: HashMap<String, String> = data.into_iter()
.map(|(k, v)| (k.to_string(), v.to_string()))
.collect();
registry.make_request(endpoint, "POST".to_string(), form_data)
.map_err(|e| e.to_string().into())
}
```
### Example: GitHub API Integration
```rhai
// Hypothetical GitHub API integration
configure_github_api(GITHUB_TOKEN);
// Create a repository
let repo_data = #{
name: "my-new-repo",
description: "Created via Rhai script",
private: false
};
let repo_result = github_api_call("user/repos", repo_data);
print(`Repository created: ${repo_result}`);
// Create an issue
let issue_data = #{
title: "Initial setup",
body: "Setting up the repository structure",
labels: ["enhancement", "setup"]
};
let issue_result = github_api_call("repos/user/my-new-repo/issues", issue_data);
print(`Issue created: ${issue_result}`);
```
## Performance Tips
### 1. Batch Operations
```rhai
// Instead of creating items one by one, batch when possible
let items_to_create = [item1, item2, item3];
let created_items = [];
for item in items_to_create {
try {
let result = item.create();
created_items.push(result);
} catch(error) {
print(`Failed to create item: ${error}`);
}
}
```
### 2. Reuse Configuration
```rhai
// Configure once, use multiple times
configure_stripe(STRIPE_API_KEY);
// Multiple operations use the same configuration
let product1_id = new_product().name("Product 1").create();
let product2_id = new_product().name("Product 2").create();
let price1_id = new_price().product(product1_id).amount(1000).create();
let price2_id = new_price().product(product2_id).amount(2000).create();
```
### 3. Error Recovery
```rhai
// Implement retry logic for transient failures
let max_retries = 3;
let retry_count = 0;
let success = false;
while retry_count < max_retries && !success {
try {
let result = api_operation();
success = true;
print(`Success: ${result}`);
} catch(error) {
retry_count += 1;
print(`Attempt ${retry_count} failed: ${error}`);
if retry_count < max_retries {
print("Retrying...");
}
}
}
if !success {
print("❌ All retry attempts failed");
}
```
## Debugging and Monitoring
### Enable Detailed Logging
```rhai
// The architecture automatically logs key operations:
// 🔧 Configuring Stripe...
// 🚀 Async worker thread started
// 🔄 Processing POST request to products
// 📥 Stripe response: {...}
// ✅ Request successful with ID: prod_xxx
```
### Monitor Request Performance
```rhai
// Time API operations
let start_time = timestamp();
let result = expensive_api_operation();
let end_time = timestamp();
print(`Operation took ${end_time - start_time}ms`);
```
### Handle Rate Limits
```rhai
// Implement backoff for rate-limited APIs
try {
let result = api_call();
} catch(error) {
if error.contains("rate limit") {
print("Rate limited, waiting before retry...");
// In a real implementation, you'd add delay logic
}
}
```
## Best Practices Summary
1. **Always handle errors gracefully** - Use try/catch blocks for all API calls
2. **Validate inputs** - Check required fields before making API calls
3. **Use meaningful metadata** - Add context to help with debugging and analytics
4. **Configure once, use many** - Set up API clients once and reuse them
5. **Implement retry logic** - Handle transient network failures
6. **Monitor performance** - Track API response times and success rates
7. **Secure credentials** - Use environment variables for API keys
8. **Test with demo data** - Use test API keys during development
This architecture provides a robust foundation for integrating any HTTP-based API with Rhai scripts while maintaining the simplicity and safety that makes Rhai attractive for domain-specific scripting.

294
rhailib/docs/ARCHITECTURE.md Normal file
View File

@@ -0,0 +1,294 @@
# Rhailib Architecture Overview
Rhailib is a comprehensive Rust-based ecosystem for executing Rhai scripts in distributed environments with full business domain support, authorization, and scalability features.
## System Architecture
```mermaid
graph TB
subgraph "Client Layer"
A[rhai_dispatcher] --> B[Redis Task Queues]
UI[rhai_engine_ui] --> B
REPL[ui_repl] --> B
end
subgraph "Processing Layer"
B --> C[rhailib_worker]
C --> D[rhailib_engine]
D --> E[rhailib_dsl]
end
subgraph "Core Infrastructure"
E --> F[derive - Procedural Macros]
E --> G[macros - Authorization]
D --> H[mock_db - Testing]
end
subgraph "Operations Layer"
I[monitor] --> B
I --> C
end
subgraph "Data Layer"
J[Redis] --> B
K[Database] --> E
end
```
## Crate Overview
### Core Engine Components
#### [`rhailib_engine`](../src/engine/docs/ARCHITECTURE.md)
The central Rhai scripting engine that orchestrates all business domain modules.
- **Purpose**: Unified engine creation and script execution
- **Features**: Mock database, feature-based architecture, performance optimization
- **Key Functions**: `create_heromodels_engine()`, script compilation and execution
#### [`rhailib_dsl`](../src/dsl/docs/ARCHITECTURE.md)
Comprehensive Domain-Specific Language implementation exposing business models to Rhai.
- **Purpose**: Business domain integration with Rhai scripting
- **Domains**: Business operations, finance, content management, workflows, access control
- **Features**: Fluent APIs, type safety, authorization integration
### Code Generation and Utilities
#### [`derive`](../src/derive/docs/ARCHITECTURE.md)
Procedural macros for automatic Rhai integration code generation.
- **Purpose**: Simplify Rhai integration for custom types
- **Macros**: `RhaiApi` for DSL generation, `FromVec` for type conversion
- **Features**: Builder pattern generation, error handling
#### [`macros`](../src/macros/docs/ARCHITECTURE.md)
Authorization macros and utilities for secure database operations.
- **Purpose**: Declarative security for Rhai functions
- **Features**: CRUD operation macros, access control, context management
- **Security**: Multi-level authorization, audit trails
### Client and Communication
#### [`rhai_dispatcher`](../src/client/docs/ARCHITECTURE.md)
Redis-based client library for distributed script execution.
- **Purpose**: Submit and manage Rhai script execution requests
- **Features**: Builder pattern API, timeout handling, request-reply pattern
- **Architecture**: Async operations, connection pooling, error handling
#### [`rhailib_worker`](../src/worker/docs/ARCHITECTURE.md)
Distributed task execution system for processing Rhai scripts.
- **Purpose**: Scalable script processing with queue-based architecture
- **Features**: Multi-context support, horizontal scaling, fault tolerance, context injection
- **Architecture**: Workers decoupled from contexts, allowing single worker to serve multiple circles
- **Integration**: Full engine and DSL access, secure execution
### User Interfaces
#### [`ui_repl`](../src/repl/docs/ARCHITECTURE.md)
Interactive development environment for Rhai script development.
- **Purpose**: Real-time script development and testing
- **Features**: Enhanced CLI, dual execution modes, worker management
- **Development**: Syntax highlighting, script editing, immediate feedback
#### [`rhai_engine_ui`](../src/rhai_engine_ui/docs/ARCHITECTURE.md)
Web-based interface for Rhai script management and execution.
- **Purpose**: Browser-based script execution and management
- **Architecture**: WebAssembly frontend with optional server backend
- **Features**: Real-time updates, task management, visual interface
### Operations and Monitoring
#### [`monitor`](../src/monitor/docs/ARCHITECTURE.md)
Command-line monitoring and management tool for the rhailib ecosystem.
- **Purpose**: System observability and task management
- **Features**: Real-time monitoring, performance metrics, queue management
- **Operations**: Multi-worker support, interactive CLI, visualization
## Data Flow Architecture
### Script Execution Flow
```mermaid
sequenceDiagram
participant Client as rhai_dispatcher
participant Redis as Redis Queue
participant Worker as rhailib_worker
participant Engine as rhailib_engine
participant DSL as rhailib_dsl
participant DB as Database
Client->>Redis: Submit script task (worker_id + context_id)
Worker->>Redis: Poll worker queue (worker_id)
Redis->>Worker: Return task with context_id
Worker->>Engine: Create configured engine
Engine->>DSL: Register domain modules
Worker->>Engine: Execute script with context_id
Engine->>DSL: Call business functions (context_id)
DSL->>DB: Perform authorized operations (context_id)
DB->>DSL: Return results
DSL->>Engine: Return processed data
Engine->>Worker: Return execution result
Worker->>Redis: Publish result to reply queue
Redis->>Client: Deliver result
```
### Authorization Flow
```mermaid
sequenceDiagram
participant Script as Rhai Script
participant Macro as Authorization Macro
participant Context as Execution Context
participant Access as Access Control
participant DB as Database
Script->>Macro: Call authorized function
Macro->>Context: Extract caller credentials
Context->>Access: Validate permissions
Access->>DB: Check resource access
DB->>Access: Return authorization result
Access->>Macro: Grant/deny access
Macro->>DB: Execute authorized operation
DB->>Script: Return results
```
## Worker-Context Decoupling Architecture
A key architectural feature of rhailib is the decoupling of worker assignment from context management:
### Traditional Model (Previous)
- **One Worker Per Circle**: Each worker was dedicated to a specific circle/context
- **Queue Per Circle**: Workers listened to circle-specific queues
- **Tight Coupling**: Worker identity was directly tied to context identity
### New Decoupled Model (Current)
- **Worker ID**: Determines which queue the worker listens to (`rhailib:<worker_id>`)
- **Context ID**: Provided in task details, determines execution context and database access
- **Flexible Assignment**: Single worker can process tasks for multiple contexts
### Benefits of Decoupling
1. **Resource Efficiency**: Better worker utilization across multiple contexts
2. **Deployment Flexibility**: Easier scaling and resource allocation
3. **Cost Optimization**: Fewer worker instances needed for multi-context scenarios
4. **Operational Simplicity**: Centralized worker management with distributed contexts
### Implementation Details
```mermaid
graph LR
subgraph "Client Layer"
C[Client] --> |worker_id + context_id| Q[Redis Queue]
end
subgraph "Worker Layer"
W1[Worker 1] --> |listens to| Q1[Queue: worker-1]
W2[Worker 2] --> |listens to| Q2[Queue: worker-2]
end
subgraph "Context Layer"
W1 --> |processes| CTX1[Context A]
W1 --> |processes| CTX2[Context B]
W2 --> |processes| CTX1
W2 --> |processes| CTX3[Context C]
end
```
## Key Design Principles
### 1. Security First
- **Multi-layer Authorization**: Context-based, resource-specific, and operation-level security
- **Secure Execution**: Isolated script execution with proper context injection
- **Audit Trails**: Comprehensive logging and monitoring of all operations
### 2. Scalability
- **Horizontal Scaling**: Multiple worker instances for load distribution
- **Queue-based Architecture**: Reliable task distribution and processing
- **Async Operations**: Non-blocking I/O throughout the system
### 3. Developer Experience
- **Type Safety**: Comprehensive type checking and conversion utilities
- **Error Handling**: Detailed error messages and proper error propagation
- **Interactive Development**: REPL and web interfaces for immediate feedback
### 4. Modularity
- **Feature Flags**: Configurable compilation based on requirements
- **Crate Separation**: Clear boundaries and responsibilities
- **Plugin Architecture**: Easy extension and customization
## Deployment Patterns
### Development Environment
```
REPL + Local Engine + Mock Database
```
- Interactive development with immediate feedback
- Full DSL access without external dependencies
- Integrated testing and debugging
### Testing Environment
```
Client + Worker + Redis + Mock Database
```
- Distributed execution testing
- Queue-based communication validation
- Performance and scalability testing
### Production Environment
```
Multiple Clients + Redis Cluster + Worker Pool + Production Database
```
- High availability and fault tolerance
- Horizontal scaling and load distribution
- Comprehensive monitoring and observability
## Integration Points
### External Systems
- **Redis**: Task queues, result delivery, system coordination
- **Databases**: Business data persistence and retrieval
- **Web Browsers**: WebAssembly-based user interfaces
- **Command Line**: Development and operations tooling
### Internal Integration
- **Macro System**: Code generation and authorization
- **Type System**: Safe conversions and error handling
- **Module System**: Domain-specific functionality organization
- **Context System**: Security and execution environment management
## Performance Characteristics
### Throughput
- **Concurrent Execution**: Multiple workers processing tasks simultaneously
- **Connection Pooling**: Efficient database and Redis connection management
- **Compiled Scripts**: AST caching for repeated execution optimization
### Latency
- **Local Execution**: Direct engine access for development scenarios
- **Queue Optimization**: Efficient task distribution and result delivery
- **Context Caching**: Reduced overhead for authorization and setup
### Resource Usage
- **Memory Management**: Efficient ownership and borrowing patterns
- **CPU Utilization**: Async operations and non-blocking I/O
- **Network Efficiency**: Optimized serialization and communication protocols
## Future Extensibility
### Adding New Domains
1. Create domain module in `rhailib_dsl`
2. Implement authorization macros in `macros`
3. Add feature flags and conditional compilation
4. Update engine registration and documentation
### Custom Authorization
1. Extend authorization macros with custom logic
2. Implement domain-specific access control functions
3. Add audit and logging capabilities
4. Update security documentation
### New Interfaces
1. Implement client interface following existing patterns
2. Integrate with Redis communication layer
3. Add monitoring and observability features
4. Provide comprehensive documentation
This architecture provides a robust, secure, and scalable foundation for distributed Rhai script execution while maintaining excellent developer experience and operational visibility.

254
rhailib/docs/ASYNC_IMPLEMENTATION_SUMMARY.md Normal file
View File

@@ -0,0 +1,254 @@
# Async Implementation Summary
## Overview
This document summarizes the successful implementation of async HTTP API support in RhaiLib, enabling Rhai scripts to perform external API calls despite Rhai's synchronous nature.
## Problem Solved
**Challenge**: Rhai is fundamentally synchronous and single-threaded, making it impossible to natively perform async operations like HTTP API calls.
**Solution**: Implemented a multi-threaded architecture using MPSC channels to bridge Rhai's synchronous execution with Rust's async ecosystem.
## Key Technical Achievement
### The Blocking Runtime Fix
The most critical technical challenge was resolving the "Cannot block the current thread from within a runtime" error that occurs when trying to use blocking operations within a Tokio async context.
**Root Cause**: Using `tokio::sync::oneshot` channels with `blocking_recv()` from within an async runtime context.
**Solution**:
1. Replaced `tokio::sync::oneshot` with `std::sync::mpsc` channels
2. Used `recv_timeout()` instead of `blocking_recv()`
3. Implemented timeout-based polling in the async worker loop
```rust
// Before (caused runtime panic)
let result = response_receiver.blocking_recv()
.map_err(|_| "Failed to receive response")?;
// After (works correctly)
response_receiver.recv_timeout(Duration::from_secs(30))
.map_err(|e| format!("Failed to receive response: {}", e))?
```
## Architecture Components
### 1. AsyncFunctionRegistry
- **Purpose**: Central coordinator for async operations
- **Key Feature**: Thread-safe communication via MPSC channels
- **Location**: [`src/dsl/src/payment.rs:19`](../src/dsl/src/payment.rs#L19)
### 2. AsyncRequest Structure
- **Purpose**: Encapsulates async operation data
- **Key Feature**: Includes response channel for result communication
- **Location**: [`src/dsl/src/payment.rs:31`](../src/dsl/src/payment.rs#L31)
### 3. Async Worker Thread
- **Purpose**: Dedicated thread for processing async operations
- **Key Feature**: Timeout-based polling to prevent runtime blocking
- **Location**: [`src/dsl/src/payment.rs:339`](../src/dsl/src/payment.rs#L339)
## Implementation Flow
```mermaid
sequenceDiagram
participant RS as Rhai Script
participant RF as Rhai Function
participant AR as AsyncRegistry
participant CH as MPSC Channel
participant AW as Async Worker
participant API as External API
RS->>RF: product.create()
RF->>AR: make_request()
AR->>CH: send(AsyncRequest)
CH->>AW: recv_timeout()
AW->>API: HTTP POST
API->>AW: Response
AW->>CH: send(Result)
CH->>AR: recv_timeout()
AR->>RF: Result
RF->>RS: product_id
```
## Code Examples
### Rhai Script Usage
```rhai
// Configure API client
configure_stripe(STRIPE_API_KEY);
// Create product with builder pattern
let product = new_product()
.name("Premium Software License")
.description("Professional software solution")
.metadata("category", "software");
// Async HTTP call (appears synchronous to Rhai)
let product_id = product.create();
```
### Rust Implementation
```rust
pub fn make_request(&self, endpoint: String, method: String, data: HashMap<String, String>) -> Result<String, String> {
let (response_sender, response_receiver) = mpsc::channel();
let request = AsyncRequest {
endpoint,
method,
data,
response_sender,
};
// Send to async worker
self.request_sender.send(request)
.map_err(|_| "Failed to send request to async worker".to_string())?;
// Wait for response with timeout
response_receiver.recv_timeout(Duration::from_secs(30))
.map_err(|e| format!("Failed to receive response: {}", e))?
}
```
## Testing Results
### Successful Test Output
```
=== Rhai Payment Module Example ===
🔑 Using Stripe API key: sk_test_your_st***
🔧 Configuring Stripe...
🚀 Async worker thread started
🔄 Processing POST request to products
📥 Stripe response: {"error": {"message": "Invalid API Key provided..."}}
✅ Payment script executed successfully!
```
**Key Success Indicators**:
- ✅ No runtime panics or blocking errors
- ✅ Async worker thread starts successfully
- ✅ HTTP requests are processed correctly
- ✅ Error handling works gracefully with invalid API keys
- ✅ Script execution completes without hanging
## Files Modified/Created
### Core Implementation
- **[`src/dsl/src/payment.rs`](../src/dsl/src/payment.rs)**: Complete async architecture implementation
- **[`src/dsl/examples/payment/main.rs`](../src/dsl/examples/payment/main.rs)**: Environment variable loading
- **[`src/dsl/examples/payment/payment.rhai`](../src/dsl/examples/payment/payment.rhai)**: Comprehensive API usage examples
### Documentation
- **[`docs/ASYNC_RHAI_ARCHITECTURE.md`](ASYNC_RHAI_ARCHITECTURE.md)**: Technical architecture documentation
- **[`docs/API_INTEGRATION_GUIDE.md`](API_INTEGRATION_GUIDE.md)**: Practical usage guide
- **[`README.md`](../README.md)**: Updated with async API features
### Configuration
- **[`src/dsl/examples/payment/.env.example`](../src/dsl/examples/payment/.env.example)**: Environment variable template
- **[`src/dsl/Cargo.toml`](../src/dsl/Cargo.toml)**: Added dotenv dependency
## Performance Characteristics
### Throughput
- **Concurrent Processing**: Multiple async operations can run simultaneously
- **Connection Pooling**: HTTP client reuses connections efficiently
- **Channel Overhead**: Minimal (~microseconds per operation)
### Latency
- **Network Bound**: Dominated by actual HTTP request time
- **Thread Switching**: Single context switch per request
- **Timeout Handling**: 30-second default timeout with configurable values
### Memory Usage
- **Bounded Channels**: Prevents memory leaks from unbounded queuing
- **Connection Pooling**: Efficient memory usage for HTTP connections
- **Request Lifecycle**: Automatic cleanup when requests complete
## Error Handling
### Network Errors
```rust
.map_err(|e| {
println!("❌ HTTP request failed: {}", e);
format!("HTTP request failed: {}", e)
})?
```
### API Errors
```rust
if let Some(error) = json.get("error") {
let error_msg = format!("Stripe API error: {}", error);
Err(error_msg)
}
```
### Rhai Script Errors
```rhai
try {
let product_id = product.create();
print(`✅ Product ID: ${product_id}`);
} catch(error) {
print(`❌ Failed to create product: ${error}`);
}
```
## Extensibility
The architecture is designed to support any HTTP-based API:
### Adding New APIs
1. Define configuration structure
2. Implement async request handler
3. Register Rhai functions
4. Add builder patterns for complex objects
### Example Extension
```rust
// GraphQL API support
async fn handle_graphql_request(config: &GraphQLConfig, request: &AsyncRequest) -> Result<String, String> {
// Implementation for GraphQL queries
}
#[rhai_fn(name = "graphql_query")]
pub fn execute_graphql_query(query: String, variables: rhai::Map) -> Result<String, Box<EvalAltResult>> {
// Rhai function implementation
}
```
## Best Practices Established
1. **Timeout-based Polling**: Always use `recv_timeout()` instead of blocking operations in async contexts
2. **Channel Type Selection**: Use `std::sync::mpsc` for cross-thread communication in mixed sync/async environments
3. **Error Propagation**: Provide meaningful error messages at each layer
4. **Resource Management**: Implement proper cleanup and timeout handling
5. **Configuration Security**: Use environment variables for sensitive data
6. **Builder Patterns**: Provide fluent APIs for complex object construction
## Future Enhancements
### Potential Improvements
1. **Connection Pooling**: Advanced connection management for high-throughput scenarios
2. **Retry Logic**: Automatic retry with exponential backoff for transient failures
3. **Rate Limiting**: Built-in rate limiting to respect API quotas
4. **Caching**: Response caching for frequently accessed data
5. **Metrics**: Performance monitoring and request analytics
6. **WebSocket Support**: Real-time communication capabilities
### API Extensions
1. **GraphQL Support**: Native GraphQL query execution
2. **Database Integration**: Direct database access from Rhai scripts
3. **File Operations**: Async file I/O operations
4. **Message Queues**: Integration with message brokers (Redis, RabbitMQ)
## Conclusion
The async architecture successfully solves the fundamental challenge of enabling HTTP API calls from Rhai scripts. The implementation is:
- **Robust**: Handles errors gracefully and prevents runtime panics
- **Performant**: Minimal overhead with efficient resource usage
- **Extensible**: Easy to add support for new APIs and protocols
- **Safe**: Thread-safe with proper error handling and timeouts
- **User-Friendly**: Simple, intuitive API for Rhai script authors
This foundation enables powerful integration capabilities while maintaining Rhai's simplicity and safety characteristics, making it suitable for production use in applications requiring external API integration.

460
rhailib/docs/ASYNC_RHAI_ARCHITECTURE.md Normal file
View File

@@ -0,0 +1,460 @@
# Async Rhai Architecture for HTTP API Integration
## Overview
This document describes the async architecture implemented in RhaiLib that enables Rhai scripts to perform HTTP API calls despite Rhai's fundamentally synchronous nature. The architecture bridges Rhai's blocking execution model with Rust's async ecosystem using multi-threading and message passing.
## The Challenge
Rhai is a synchronous, single-threaded scripting language that cannot natively handle async operations. However, modern applications often need to:
- Make HTTP API calls (REST, GraphQL, etc.)
- Interact with external services (Stripe, payment processors, etc.)
- Perform I/O operations that benefit from async handling
- Maintain responsive execution while waiting for network responses
## Architecture Solution
### Core Components
```mermaid
graph TB
subgraph "Rhai Thread (Synchronous)"
RS[Rhai Script]
RF[Rhai Functions]
RR[Registry Interface]
end
subgraph "Communication Layer"
MC[MPSC Channel]
REQ[AsyncRequest]
RESP[Response Channel]
end
subgraph "Async Worker Thread"
RT[Tokio Runtime]
AW[Async Worker Loop]
HC[HTTP Client]
API[External APIs]
end
RS --> RF
RF --> RR
RR --> MC
MC --> REQ
REQ --> AW
AW --> HC
HC --> API
API --> HC
HC --> AW
AW --> RESP
RESP --> RR
RR --> RF
RF --> RS
```
### 1. AsyncFunctionRegistry
The central coordinator that manages async operations:
```rust
#[derive(Debug, Clone)]
pub struct AsyncFunctionRegistry {
pub request_sender: Sender<AsyncRequest>,
pub stripe_config: StripeConfig,
}
```
**Key Features:**
- **Thread-safe communication**: Uses `std::sync::mpsc` channels
- **Request coordination**: Manages the request/response lifecycle
- **Configuration management**: Stores API credentials and HTTP client settings
### 2. AsyncRequest Structure
Encapsulates all information needed for an async operation:
```rust
#[derive(Debug)]
pub struct AsyncRequest {
pub endpoint: String,
pub method: String,
pub data: HashMap<String, String>,
pub response_sender: std::sync::mpsc::Sender<Result<String, String>>,
}
```
**Components:**
- **endpoint**: API endpoint path (e.g., "products", "payment_intents")
- **method**: HTTP method (POST, GET, PUT, DELETE)
- **data**: Form data for the request body
- **response_sender**: Channel to send the result back to the calling thread
### 3. Async Worker Thread
A dedicated thread running a Tokio runtime that processes async operations:
```rust
async fn async_worker_loop(config: StripeConfig, receiver: Receiver<AsyncRequest>) {
loop {
match receiver.recv_timeout(Duration::from_millis(100)) {
Ok(request) => {
let result = Self::handle_stripe_request(&config, &request).await;
if let Err(_) = request.response_sender.send(result) {
println!("⚠️ Failed to send response back to caller");
}
}
Err(std::sync::mpsc::RecvTimeoutError::Timeout) => continue,
Err(std::sync::mpsc::RecvTimeoutError::Disconnected) => break,
}
}
}
```
**Key Design Decisions:**
- **Timeout-based polling**: Uses `recv_timeout()` instead of blocking `recv()` to prevent runtime deadlocks
- **Error handling**: Gracefully handles channel disconnections and timeouts
- **Non-blocking**: Allows the async runtime to process other tasks during polling intervals
## Request Flow
### 1. Rhai Script Execution
```rhai
// Rhai script calls a function
let product = new_product()
.name("Premium Software License")
.description("A comprehensive software solution");
let product_id = product.create(); // This triggers async HTTP call
```
### 2. Function Registration and Execution
```rust
#[rhai_fn(name = "create", return_raw)]
pub fn create_product(product: &mut RhaiProduct) -> Result<String, Box<EvalAltResult>> {
let registry = ASYNC_REGISTRY.lock().unwrap();
let registry = registry.as_ref().ok_or("Stripe not configured")?;
let form_data = prepare_product_data(product);
let result = registry.make_request("products".to_string(), "POST".to_string(), form_data)
.map_err(|e| e.to_string())?;
product.id = Some(result.clone());
Ok(result)
}
```
### 3. Request Processing
```rust
pub fn make_request(&self, endpoint: String, method: String, data: HashMap<String, String>) -> Result<String, String> {
let (response_sender, response_receiver) = mpsc::channel();
let request = AsyncRequest {
endpoint,
method,
data,
response_sender,
};
// Send request to async worker
self.request_sender.send(request)
.map_err(|_| "Failed to send request to async worker".to_string())?;
// Wait for response with timeout
response_receiver.recv_timeout(Duration::from_secs(30))
.map_err(|e| format!("Failed to receive response: {}", e))?
}
```
### 4. HTTP Request Execution
```rust
async fn handle_stripe_request(config: &StripeConfig, request: &AsyncRequest) -> Result<String, String> {
let url = format!("{}/{}", STRIPE_API_BASE, request.endpoint);
let response = config.client
.post(&url)
.basic_auth(&config.secret_key, None::<&str>)
.form(&request.data)
.send()
.await
.map_err(|e| format!("HTTP request failed: {}", e))?;
let response_text = response.text().await
.map_err(|e| format!("Failed to read response: {}", e))?;
// Parse and validate response
let json: serde_json::Value = serde_json::from_str(&response_text)
.map_err(|e| format!("Failed to parse JSON: {}", e))?;
if let Some(id) = json.get("id").and_then(|v| v.as_str()) {
Ok(id.to_string())
} else if let Some(error) = json.get("error") {
Err(format!("API error: {}", error))
} else {
Err(format!("Unexpected response: {}", response_text))
}
}
```
## Configuration and Setup
### 1. HTTP Client Configuration
```rust
let client = Client::builder()
.timeout(Duration::from_secs(5))
.connect_timeout(Duration::from_secs(3))
.pool_idle_timeout(Duration::from_secs(10))
.tcp_keepalive(Duration::from_secs(30))
.user_agent("rhailib-payment/1.0")
.build()?;
```
### 2. Environment Variable Loading
```rust
// Load from .env file
dotenv::from_filename("examples/payment/.env").ok();
let stripe_secret_key = env::var("STRIPE_SECRET_KEY")
.unwrap_or_else(|_| "sk_test_demo_key".to_string());
```
### 3. Rhai Engine Setup
```rust
let mut engine = Engine::new();
register_payment_rhai_module(&mut engine);
let mut scope = Scope::new();
scope.push("STRIPE_API_KEY", stripe_secret_key);
engine.eval_with_scope::<()>(&mut scope, &script)?;
```
## API Integration Examples
### Stripe Payment Processing
The architecture supports comprehensive Stripe API integration:
#### Product Creation
```rhai
let product = new_product()
.name("Premium Software License")
.description("A comprehensive software solution")
.metadata("category", "software");
let product_id = product.create(); // Async HTTP POST to /v1/products
```
#### Price Configuration
```rhai
let monthly_price = new_price()
.amount(2999) // $29.99 in cents
.currency("usd")
.product(product_id)
.recurring("month");
let price_id = monthly_price.create(); // Async HTTP POST to /v1/prices
```
#### Subscription Management
```rhai
let subscription = new_subscription()
.customer("cus_example_customer")
.add_price(monthly_price_id)
.trial_days(14)
.coupon(coupon_id);
let subscription_id = subscription.create(); // Async HTTP POST to /v1/subscriptions
```
#### Payment Intent Processing
```rhai
let payment_intent = new_payment_intent()
.amount(19999)
.currency("usd")
.customer("cus_example_customer")
.description("Premium Software License");
let intent_id = payment_intent.create(); // Async HTTP POST to /v1/payment_intents
```
## Error Handling
### 1. Network Errors
```rust
.map_err(|e| {
println!("❌ HTTP request failed: {}", e);
format!("HTTP request failed: {}", e)
})?
```
### 2. API Errors
```rust
if let Some(error) = json.get("error") {
let error_msg = format!("Stripe API error: {}", error);
println!("❌ {}", error_msg);
Err(error_msg)
}
```
### 3. Timeout Handling
```rust
response_receiver.recv_timeout(Duration::from_secs(30))
.map_err(|e| format!("Failed to receive response: {}", e))?
```
### 4. Rhai Script Error Handling
```rhai
try {
let product_id = product.create();
print(`✅ Product ID: ${product_id}`);
} catch(error) {
print(`❌ Failed to create product: ${error}`);
return; // Exit gracefully
}
```
## Performance Characteristics
### Throughput
- **Concurrent requests**: Multiple async operations can be processed simultaneously
- **Connection pooling**: HTTP client reuses connections for efficiency
- **Timeout management**: Prevents hanging requests from blocking the system
### Latency
- **Channel overhead**: Minimal overhead for message passing (~microseconds)
- **Thread switching**: Single context switch per request
- **Network latency**: Dominated by actual HTTP request time
### Memory Usage
- **Request buffering**: Bounded by channel capacity
- **Connection pooling**: Efficient memory usage for HTTP connections
- **Response caching**: No automatic caching (can be added if needed)
## Thread Safety
### 1. Global Registry
```rust
static ASYNC_REGISTRY: Mutex<Option<AsyncFunctionRegistry>> = Mutex::new(None);
```
### 2. Channel Communication
- **MPSC channels**: Multiple producers (Rhai functions), single consumer (async worker)
- **Response channels**: One-to-one communication for each request
### 3. Shared Configuration
- **Immutable after setup**: Configuration is cloned to worker thread
- **Thread-safe HTTP client**: reqwest::Client is thread-safe
## Extensibility
### Adding New APIs
1. **Define request structures**:
```rust
#[derive(Debug)]
pub struct GraphQLRequest {
pub query: String,
pub variables: HashMap<String, serde_json::Value>,
pub response_sender: std::sync::mpsc::Sender<Result<String, String>>,
}
```
2. **Implement request handlers**:
```rust
async fn handle_graphql_request(config: &GraphQLConfig, request: &GraphQLRequest) -> Result<String, String> {
// Implementation
}
```
3. **Register Rhai functions**:
```rust
#[rhai_fn(name = "graphql_query", return_raw)]
pub fn execute_graphql_query(query: String) -> Result<String, Box<EvalAltResult>> {
// Implementation
}
```
### Custom HTTP Methods
The architecture supports any HTTP method:
```rust
registry.make_request("endpoint".to_string(), "PUT".to_string(), data)
registry.make_request("endpoint".to_string(), "DELETE".to_string(), HashMap::new())
```
## Best Practices
### 1. Configuration Management
- Use environment variables for sensitive data (API keys)
- Validate configuration before starting async workers
- Provide meaningful error messages for missing configuration
### 2. Error Handling
- Always handle both network and API errors
- Provide fallback behavior for failed requests
- Log errors with sufficient context for debugging
### 3. Timeout Configuration
- Set appropriate timeouts for different types of requests
- Consider retry logic for transient failures
- Balance responsiveness with reliability
### 4. Resource Management
- Limit concurrent requests to prevent overwhelming external APIs
- Use connection pooling for efficiency
- Clean up resources when shutting down
## Troubleshooting
### Common Issues
1. **"Cannot block the current thread from within a runtime"**
- **Cause**: Using blocking operations within async context
- **Solution**: Use `recv_timeout()` instead of `blocking_recv()`
2. **Channel disconnection errors**
- **Cause**: Worker thread terminated unexpectedly
- **Solution**: Check worker thread for panics, ensure proper error handling
3. **Request timeouts**
- **Cause**: Network issues or slow API responses
- **Solution**: Adjust timeout values, implement retry logic
4. **API authentication errors**
- **Cause**: Invalid or missing API keys
- **Solution**: Verify environment variable configuration
### Debugging Tips
1. **Enable detailed logging**:
```rust
println!("🔄 Processing {} request to {}", request.method, request.endpoint);
println!("📥 API response: {}", response_text);
```
2. **Monitor channel health**:
```rust
if let Err(_) = request.response_sender.send(result) {
println!("⚠️ Failed to send response back to caller");
}
```
3. **Test with demo data**:
```rhai
// Use demo API keys that fail gracefully for testing
let demo_key = "sk_test_demo_key_will_fail_gracefully";
```
## Conclusion
This async architecture successfully bridges Rhai's synchronous execution model with Rust's async ecosystem, enabling powerful HTTP API integration while maintaining the simplicity and safety of Rhai scripts. The design is extensible, performant, and handles errors gracefully, making it suitable for production use in applications requiring external API integration.
The key innovation is the use of timeout-based polling in the async worker loop, which prevents the common "cannot block within runtime" error while maintaining responsive execution. This pattern can be applied to other async operations beyond HTTP requests, such as database queries, file I/O, or any other async Rust operations that need to be exposed to Rhai scripts.

367
rhailib/docs/DISPATCHER_FLOW_ARCHITECTURE.md Normal file
View File

@@ -0,0 +1,367 @@
# Dispatcher-Based Event-Driven Flow Architecture
## Overview
This document describes the implementation of a non-blocking, event-driven flow architecture for Rhai payment functions using the existing RhaiDispatcher. The system transforms blocking API calls into fire-and-continue patterns where HTTP requests spawn background threads that dispatch new Rhai scripts based on API responses.
## Architecture Principles
### 1. **Non-Blocking API Calls**
- All payment functions (e.g., `create_payment_intent()`) return immediately
- HTTP requests happen in background threads
- No blocking of the main Rhai engine thread
### 2. **Self-Dispatching Pattern**
- Worker dispatches scripts to itself
- Same `worker_id` and `context_id` maintained
- `caller_id` changes to reflect the API response source
### 3. **Generic Request/Response Flow**
- Request functions: `new_..._request` pattern
- Response scripts: `new_..._response` pattern
- Consistent naming across all API operations
## Flow Architecture
```mermaid
graph TD
A[main.rhai] --> B[create_payment_intent]
B --> C[HTTP Thread Spawned]
B --> D[Return Immediately]
C --> E[Stripe API Call]
E --> F{API Response}
F -->|Success| G[Dispatch: new_create_payment_intent_response]
F -->|Error| H[Dispatch: new_create_payment_intent_error]
G --> I[Response Script Execution]
H --> J[Error Script Execution]
```
## Implementation Components
### 1. **FlowManager**
```rust
use rhai_dispatcher::{RhaiDispatcher, RhaiDispatcherBuilder, RhaiDispatcherError};
use std::sync::{Arc, Mutex};
pub struct FlowManager {
dispatcher: RhaiDispatcher,
worker_id: String,
context_id: String,
}
#[derive(Debug)]
pub enum FlowError {
DispatcherError(RhaiDispatcherError),
ConfigurationError(String),
}
impl From<RhaiDispatcherError> for FlowError {
fn from(err: RhaiDispatcherError) -> Self {
FlowError::DispatcherError(err)
}
}
impl FlowManager {
pub fn new(worker_id: String, context_id: String) -> Result<Self, FlowError> {
let dispatcher = RhaiDispatcherBuilder::new()
.caller_id("stripe") // API responses come from Stripe
.worker_id(&worker_id)
.context_id(&context_id)
.redis_url("redis://127.0.0.1/")
.build()?;
Ok(Self {
dispatcher,
worker_id,
context_id,
})
}
pub async fn dispatch_response_script(&self, script_name: &str, data: &str) -> Result<(), FlowError> {
let script_content = format!(
r#"
// Auto-generated response script for {}
let response_data = `{}`;
let parsed_data = parse_json(response_data);
// Include the response script
eval_file("flows/{}.rhai");
"#,
script_name,
data.replace('`', r#"\`"#),
script_name
);
self.dispatcher
.new_play_request()
.worker_id(&self.worker_id)
.context_id(&self.context_id)
.script(&script_content)
.submit()
.await?;
Ok(())
}
pub async fn dispatch_error_script(&self, script_name: &str, error: &str) -> Result<(), FlowError> {
let script_content = format!(
r#"
// Auto-generated error script for {}
let error_data = `{}`;
let parsed_error = parse_json(error_data);
// Include the error script
eval_file("flows/{}.rhai");
"#,
script_name,
error.replace('`', r#"\`"#),
script_name
);
self.dispatcher
.new_play_request()
.worker_id(&self.worker_id)
.context_id(&self.context_id)
.script(&script_content)
.submit()
.await?;
Ok(())
}
}
// Global flow manager instance
static FLOW_MANAGER: Mutex<Option<FlowManager>> = Mutex::new(None);
pub fn initialize_flow_manager(worker_id: String, context_id: String) -> Result<(), FlowError> {
let manager = FlowManager::new(worker_id, context_id)?;
let mut global_manager = FLOW_MANAGER.lock().unwrap();
*global_manager = Some(manager);
Ok(())
}
pub fn get_flow_manager() -> Result<FlowManager, FlowError> {
let global_manager = FLOW_MANAGER.lock().unwrap();
global_manager.as_ref()
.ok_or_else(|| FlowError::ConfigurationError("Flow manager not initialized".to_string()))
.map(|manager| FlowManager {
dispatcher: manager.dispatcher.clone(), // Assuming Clone is implemented
worker_id: manager.worker_id.clone(),
context_id: manager.context_id.clone(),
})
}
```
### 2. **Non-Blocking Payment Functions**
```rust
// Transform blocking function into non-blocking
#[rhai_fn(name = "create", return_raw)]
pub fn create_payment_intent(intent: &mut RhaiPaymentIntent) -> Result<String, Box<EvalAltResult>> {
let form_data = prepare_payment_intent_data(intent);
// Get flow manager
let flow_manager = get_flow_manager()
.map_err(|e| format!("Flow manager error: {:?}", e))?;
// Spawn background thread for HTTP request
let stripe_config = get_stripe_config()?;
thread::spawn(move || {
let rt = Runtime::new().expect("Failed to create runtime");
rt.block_on(async {
match make_stripe_request(&stripe_config, "payment_intents", &form_data).await {
Ok(response) => {
if let Err(e) = flow_manager.dispatch_response_script(
"new_create_payment_intent_response",
&response
).await {
eprintln!("Failed to dispatch response: {:?}", e);
}
}
Err(error) => {
if let Err(e) = flow_manager.dispatch_error_script(
"new_create_payment_intent_error",
&error
).await {
eprintln!("Failed to dispatch error: {:?}", e);
}
}
}
});
});
// Return immediately with confirmation
Ok("payment_intent_request_dispatched".to_string())
}
// Generic async HTTP request function
async fn make_stripe_request(
config: &StripeConfig,
endpoint: &str,
form_data: &HashMap<String, String>
) -> Result<String, String> {
let url = format!("{}/{}", STRIPE_API_BASE, endpoint);
let response = config.client
.post(&url)
.basic_auth(&config.secret_key, None::<&str>)
.form(form_data)
.send()
.await
.map_err(|e| format!("HTTP request failed: {}", e))?;
let response_text = response.text().await
.map_err(|e| format!("Failed to read response: {}", e))?;
let json: serde_json::Value = serde_json::from_str(&response_text)
.map_err(|e| format!("Failed to parse JSON: {}", e))?;
if json.get("error").is_some() {
Err(response_text)
} else {
Ok(response_text)
}
}
```
### 3. **Flow Script Templates**
#### Success Response Script
```rhai
// flows/new_create_payment_intent_response.rhai
let payment_intent_id = parsed_data.id;
let status = parsed_data.status;
print(`✅ Payment Intent Created: ${payment_intent_id}`);
print(`Status: ${status}`);
// Continue the flow based on status
if status == "requires_payment_method" {
print("Payment method required - ready for frontend");
// Could dispatch another flow here
} else if status == "succeeded" {
print("Payment completed successfully!");
// Dispatch success notification flow
}
// Store the payment intent ID for later use
set_context("payment_intent_id", payment_intent_id);
set_context("payment_status", status);
```
#### Error Response Script
```rhai
// flows/new_create_payment_intent_error.rhai
let error_type = parsed_error.error.type;
let error_message = parsed_error.error.message;
print(`❌ Payment Intent Error: ${error_type}`);
print(`Message: ${error_message}`);
// Handle different error types
if error_type == "card_error" {
print("Card was declined - notify user");
// Dispatch user notification flow
} else if error_type == "rate_limit_error" {
print("Rate limited - retry later");
// Dispatch retry flow
} else {
print("Unknown error - log for investigation");
// Dispatch error logging flow
}
// Store error details for debugging
set_context("last_error_type", error_type);
set_context("last_error_message", error_message);
```
### 4. **Configuration and Initialization**
```rust
// Add to payment module initialization
#[rhai_fn(name = "init_flows", return_raw)]
pub fn init_flows(worker_id: String, context_id: String) -> Result<String, Box<EvalAltResult>> {
initialize_flow_manager(worker_id, context_id)
.map_err(|e| format!("Failed to initialize flow manager: {:?}", e))?;
Ok("Flow manager initialized successfully".to_string())
}
```
## Usage Examples
### 1. **Basic Payment Flow**
```rhai
// main.rhai
init_flows("worker-1", "context-123");
configure_stripe("sk_test_...");
let payment_intent = new_payment_intent()
.amount(2000)
.currency("usd")
.customer("cus_customer123");
// This returns immediately, HTTP happens in background
let result = payment_intent.create();
print(`Request dispatched: ${result}`);
// Script ends here, but flow continues in background
```
### 2. **Chained Flow Example**
```rhai
// flows/new_create_payment_intent_response.rhai
let payment_intent_id = parsed_data.id;
if parsed_data.status == "requires_payment_method" {
// Chain to next operation
let subscription = new_subscription()
.customer(get_context("customer_id"))
.add_price("price_monthly");
// This will trigger new_create_subscription_response flow
subscription.create();
}
```
## Benefits
### 1. **Non-Blocking Execution**
- Main Rhai script never blocks on HTTP requests
- Multiple API calls can happen concurrently
- Engine remains responsive for other scripts
### 2. **Event-Driven Architecture**
- Clear separation between request and response handling
- Easy to add new flow steps
- Composable and chainable operations
### 3. **Error Handling**
- Dedicated error flows for each operation
- Contextual error information preserved
- Retry and recovery patterns possible
### 4. **Scalability**
- Each HTTP request runs in its own thread
- No shared state between concurrent operations
- Redis-based dispatch scales horizontally
## Implementation Checklist
- [ ] Implement FlowManager with RhaiDispatcher integration
- [ ] Convert all payment functions to non-blocking pattern
- [ ] Create flow script templates for all operations
- [ ] Add flow initialization functions
- [ ] Test with example payment flows
- [ ] Update documentation and examples
## Migration Path
1. **Phase 1**: Implement FlowManager and basic infrastructure
2. **Phase 2**: Convert payment_intent functions to non-blocking
3. **Phase 3**: Convert remaining payment functions (products, prices, subscriptions, coupons)
4. **Phase 4**: Create comprehensive flow script library
5. **Phase 5**: Add advanced features (retries, timeouts, monitoring)

443
rhailib/docs/EVENT_DRIVEN_FLOW_ARCHITECTURE.md Normal file
View File

@@ -0,0 +1,443 @@
# Event-Driven Flow Architecture
## Overview
A simple, single-threaded architecture where API calls trigger HTTP requests and spawn new Rhai scripts based on responses. No global state, no polling, no blocking - just clean event-driven flows.
## Core Concept
```mermaid
graph LR
RS1[Rhai Script] --> API[create_payment_intent]
API --> HTTP[HTTP Request]
HTTP --> SPAWN[Spawn Thread]
SPAWN --> WAIT[Wait for Response]
WAIT --> SUCCESS[200 OK]
WAIT --> ERROR[Error]
SUCCESS --> RS2[new_payment_intent.rhai]
ERROR --> RS3[payment_failed.rhai]
```
## Architecture Design
### 1. Simple Flow Manager
```rust
use std::thread;
use std::collections::HashMap;
use reqwest::Client;
use rhai::{Engine, Scope};
pub struct FlowManager {
pub client: Client,
pub engine: Engine,
pub flow_scripts: HashMap<String, String>, // event_name -> script_path
}
impl FlowManager {
pub fn new() -> Self {
let mut flow_scripts = HashMap::new();
// Define flow mappings
flow_scripts.insert("payment_intent_created".to_string(), "flows/payment_intent_created.rhai".to_string());
flow_scripts.insert("payment_intent_failed".to_string(), "flows/payment_intent_failed.rhai".to_string());
flow_scripts.insert("product_created".to_string(), "flows/product_created.rhai".to_string());
flow_scripts.insert("subscription_created".to_string(), "flows/subscription_created.rhai".to_string());
Self {
client: Client::new(),
engine: Engine::new(),
flow_scripts,
}
}
// Fire HTTP request and spawn response handler
pub fn fire_and_continue(&self,
endpoint: String,
method: String,
data: HashMap<String, String>,
success_event: String,
error_event: String,
context: HashMap<String, String>
) {
let client = self.client.clone();
let flow_scripts = self.flow_scripts.clone();
// Spawn thread for HTTP request
thread::spawn(move || {
let result = Self::make_http_request(&client, &endpoint, &method, &data);
match result {
Ok(response_data) => {
// Success: dispatch success flow
Self::dispatch_flow(&flow_scripts, &success_event, response_data, context);
}
Err(error) => {
// Error: dispatch error flow
let mut error_data = HashMap::new();
error_data.insert("error".to_string(), error);
Self::dispatch_flow(&flow_scripts, &error_event, error_data, context);
}
}
});
// Return immediately - no blocking!
}
// Execute HTTP request
fn make_http_request(
client: &Client,
endpoint: &str,
method: &str,
data: &HashMap<String, String>
) -> Result<HashMap<String, String>, String> {
// This runs in spawned thread - can block safely
let rt = tokio::runtime::Runtime::new().unwrap();
rt.block_on(async {
let url = format!("https://api.stripe.com/v1/{}", endpoint);
let response = client
.post(&url)
.form(data)
.send()
.await
.map_err(|e| format!("HTTP error: {}", e))?;
let response_text = response.text().await
.map_err(|e| format!("Response read error: {}", e))?;
let json: serde_json::Value = serde_json::from_str(&response_text)
.map_err(|e| format!("JSON parse error: {}", e))?;
// Convert JSON to HashMap for Rhai
let mut result = HashMap::new();
if let Some(id) = json.get("id").and_then(|v| v.as_str()) {
result.insert("id".to_string(), id.to_string());
}
if let Some(status) = json.get("status").and_then(|v| v.as_str()) {
result.insert("status".to_string(), status.to_string());
}
Ok(result)
})
}
// Dispatch new Rhai script based on event
fn dispatch_flow(
flow_scripts: &HashMap<String, String>,
event_name: &str,
response_data: HashMap<String, String>,
context: HashMap<String, String>
) {
if let Some(script_path) = flow_scripts.get(event_name) {
println!("🎯 Dispatching flow: {} -> {}", event_name, script_path);
// Create new engine instance for this flow
let mut engine = Engine::new();
register_payment_rhai_module(&mut engine);
// Create scope with response data and context
let mut scope = Scope::new();
// Add response data
for (key, value) in response_data {
scope.push(key, value);
}
// Add context data
for (key, value) in context {
scope.push(format!("context_{}", key), value);
}
// Execute flow script
if let Ok(script_content) = std::fs::read_to_string(script_path) {
match engine.eval_with_scope::<()>(&mut scope, &script_content) {
Ok(_) => println!("✅ Flow {} completed successfully", event_name),
Err(e) => println!("❌ Flow {} failed: {}", event_name, e),
}
} else {
println!("❌ Flow script not found: {}", script_path);
}
} else {
println!("⚠️ No flow defined for event: {}", event_name);
}
}
}
```
### 2. Simple Rhai Functions
```rust
#[export_module]
mod rhai_flow_module {
use super::*;
// Global flow manager instance
static FLOW_MANAGER: std::sync::OnceLock<FlowManager> = std::sync::OnceLock::new();
#[rhai_fn(name = "init_flows")]
pub fn init_flows() {
FLOW_MANAGER.set(FlowManager::new()).ok();
println!("✅ Flow manager initialized");
}
#[rhai_fn(name = "create_payment_intent")]
pub fn create_payment_intent(
amount: i64,
currency: String,
customer: String
) {
let manager = FLOW_MANAGER.get().expect("Flow manager not initialized");
let mut data = HashMap::new();
data.insert("amount".to_string(), amount.to_string());
data.insert("currency".to_string(), currency);
data.insert("customer".to_string(), customer.clone());
let mut context = HashMap::new();
context.insert("customer_id".to_string(), customer);
context.insert("original_amount".to_string(), amount.to_string());
manager.fire_and_continue(
"payment_intents".to_string(),
"POST".to_string(),
data,
"payment_intent_created".to_string(),
"payment_intent_failed".to_string(),
context
);
println!("🚀 Payment intent creation started");
// Returns immediately!
}
#[rhai_fn(name = "create_product")]
pub fn create_product(name: String, description: String) {
let manager = FLOW_MANAGER.get().expect("Flow manager not initialized");
let mut data = HashMap::new();
data.insert("name".to_string(), name.clone());
data.insert("description".to_string(), description);
let mut context = HashMap::new();
context.insert("product_name".to_string(), name);
manager.fire_and_continue(
"products".to_string(),
"POST".to_string(),
data,
"product_created".to_string(),
"product_failed".to_string(),
context
);
println!("🚀 Product creation started");
}
#[rhai_fn(name = "create_subscription")]
pub fn create_subscription(customer: String, price_id: String) {
let manager = FLOW_MANAGER.get().expect("Flow manager not initialized");
let mut data = HashMap::new();
data.insert("customer".to_string(), customer.clone());
data.insert("items[0][price]".to_string(), price_id.clone());
let mut context = HashMap::new();
context.insert("customer_id".to_string(), customer);
context.insert("price_id".to_string(), price_id);
manager.fire_and_continue(
"subscriptions".to_string(),
"POST".to_string(),
data,
"subscription_created".to_string(),
"subscription_failed".to_string(),
context
);
println!("🚀 Subscription creation started");
}
}
```
## Usage Examples
### 1. Main Script (Initiator)
```rhai
// main.rhai
init_flows();
print("Starting payment flow...");
// This returns immediately, spawns HTTP request
create_payment_intent(2000, "usd", "cus_customer123");
print("Payment intent request sent, continuing...");
// Script ends here, but flow continues in background
```
### 2. Success Flow Script
```rhai
// flows/payment_intent_created.rhai
print("🎉 Payment intent created successfully!");
print(`Payment Intent ID: ${id}`);
print(`Status: ${status}`);
print(`Customer: ${context_customer_id}`);
print(`Amount: ${context_original_amount}`);
// Continue the flow - create subscription
if status == "requires_payment_method" {
print("Creating subscription for customer...");
create_subscription(context_customer_id, "price_monthly_plan");
}
```
### 3. Error Flow Script
```rhai
// flows/payment_intent_failed.rhai
print("❌ Payment intent creation failed");
print(`Error: ${error}`);
print(`Customer: ${context_customer_id}`);
// Handle error - maybe retry or notify
print("Sending notification to customer...");
// Could trigger email notification flow here
```
### 4. Subscription Success Flow
```rhai
// flows/subscription_created.rhai
print("🎉 Subscription created!");
print(`Subscription ID: ${id}`);
print(`Customer: ${context_customer_id}`);
print(`Price: ${context_price_id}`);
// Final step - send welcome email
print("Sending welcome email...");
// Could trigger email flow here
```
## Flow Configuration
### 1. Flow Mapping
```rust
// Define in FlowManager::new()
flow_scripts.insert("payment_intent_created".to_string(), "flows/payment_intent_created.rhai".to_string());
flow_scripts.insert("payment_intent_failed".to_string(), "flows/payment_intent_failed.rhai".to_string());
flow_scripts.insert("product_created".to_string(), "flows/product_created.rhai".to_string());
flow_scripts.insert("subscription_created".to_string(), "flows/subscription_created.rhai".to_string());
```
### 2. Directory Structure
```
project/
├── main.rhai # Main script
├── flows/
│ ├── payment_intent_created.rhai # Success flow
│ ├── payment_intent_failed.rhai # Error flow
│ ├── product_created.rhai # Product success
│ ├── subscription_created.rhai # Subscription success
│ └── email_notification.rhai # Email flow
└── src/
└── flow_manager.rs # Flow manager code
```
## Execution Flow
```mermaid
sequenceDiagram
participant MS as Main Script
participant FM as FlowManager
participant TH as Spawned Thread
participant API as Stripe API
participant FS as Flow Script
MS->>FM: create_payment_intent()
FM->>TH: spawn thread
FM->>MS: return immediately
Note over MS: Script ends
TH->>API: HTTP POST /payment_intents
API->>TH: 200 OK + payment_intent data
TH->>FS: dispatch payment_intent_created.rhai
Note over FS: New Rhai execution
FS->>FM: create_subscription()
FM->>TH: spawn new thread
TH->>API: HTTP POST /subscriptions
API->>TH: 200 OK + subscription data
TH->>FS: dispatch subscription_created.rhai
```
## Benefits
### 1. **Simplicity**
- No global state management
- No complex polling or callbacks
- Each flow is a simple Rhai script
### 2. **Single-Threaded Rhai**
- Main Rhai engine never blocks
- Each flow script runs in its own engine instance
- No concurrency issues in Rhai code
### 3. **Event-Driven**
- Clear separation of concerns
- Easy to add new flows
- Composable flow chains
### 4. **No Blocking**
- HTTP requests happen in background threads
- Main script continues immediately
- Flows trigger based on responses
## Advanced Features
### 1. Flow Chaining
```rhai
// flows/payment_intent_created.rhai
if status == "requires_payment_method" {
// Chain to next flow
create_subscription(context_customer_id, "price_monthly");
}
```
### 2. Conditional Flows
```rhai
// flows/subscription_created.rhai
if context_customer_type == "enterprise" {
// Enterprise-specific flow
create_enterprise_setup(context_customer_id);
} else {
// Standard flow
send_welcome_email(context_customer_id);
}
```
### 3. Error Recovery
```rhai
// flows/payment_intent_failed.rhai
if error.contains("insufficient_funds") {
// Retry with smaller amount
let retry_amount = context_original_amount / 2;
create_payment_intent(retry_amount, "usd", context_customer_id);
} else {
// Send error notification
send_error_notification(context_customer_id, error);
}
```
This architecture is much simpler, has no global state, and provides clean event-driven flows that are easy to understand and maintain.

593
rhailib/docs/IMPLEMENTATION_SPECIFICATION.md Normal file
View File

@@ -0,0 +1,593 @@
# Event-Driven Flow Implementation Specification
## Overview
This document provides the complete implementation specification for converting the blocking payment.rs architecture to an event-driven flow system using RhaiDispatcher.
## File Structure
```
src/dsl/src/
├── flow_manager.rs # New: FlowManager implementation
├── payment.rs # Modified: Non-blocking payment functions
└── lib.rs # Modified: Include flow_manager module
```
## 1. FlowManager Implementation
### File: `src/dsl/src/flow_manager.rs`
```rust
use rhai_dispatcher::{RhaiDispatcher, RhaiDispatcherBuilder, RhaiDispatcherError};
use std::sync::{Arc, Mutex};
use std::collections::HashMap;
use serde_json;
use tokio::runtime::Runtime;
#[derive(Debug)]
pub enum FlowError {
DispatcherError(RhaiDispatcherError),
ConfigurationError(String),
SerializationError(serde_json::Error),
}
impl From<RhaiDispatcherError> for FlowError {
fn from(err: RhaiDispatcherError) -> Self {
FlowError::DispatcherError(err)
}
}
impl From<serde_json::Error> for FlowError {
fn from(err: serde_json::Error) -> Self {
FlowError::SerializationError(err)
}
}
impl std::fmt::Display for FlowError {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
FlowError::DispatcherError(e) => write!(f, "Dispatcher error: {}", e),
FlowError::ConfigurationError(e) => write!(f, "Configuration error: {}", e),
FlowError::SerializationError(e) => write!(f, "Serialization error: {}", e),
}
}
}
impl std::error::Error for FlowError {}
#[derive(Clone)]
pub struct FlowManager {
dispatcher: RhaiDispatcher,
worker_id: String,
context_id: String,
}
impl FlowManager {
pub fn new(worker_id: String, context_id: String, redis_url: Option<String>) -> Result<Self, FlowError> {
let redis_url = redis_url.unwrap_or_else(|| "redis://127.0.0.1/".to_string());
let dispatcher = RhaiDispatcherBuilder::new()
.caller_id("stripe") // API responses come from Stripe
.worker_id(&worker_id)
.context_id(&context_id)
.redis_url(&redis_url)
.build()?;
Ok(Self {
dispatcher,
worker_id,
context_id,
})
}
pub async fn dispatch_response_script(&self, script_name: &str, data: &str) -> Result<(), FlowError> {
let script_content = format!(
r#"
// Auto-generated response script for {}
let response_data = `{}`;
let parsed_data = parse_json(response_data);
// Include the response script
eval_file("flows/{}.rhai");
"#,
script_name,
data.replace('`', r#"\`"#),
script_name
);
self.dispatcher
.new_play_request()
.worker_id(&self.worker_id)
.context_id(&self.context_id)
.script(&script_content)
.submit()
.await?;
Ok(())
}
pub async fn dispatch_error_script(&self, script_name: &str, error: &str) -> Result<(), FlowError> {
let script_content = format!(
r#"
// Auto-generated error script for {}
let error_data = `{}`;
let parsed_error = parse_json(error_data);
// Include the error script
eval_file("flows/{}.rhai");
"#,
script_name,
error.replace('`', r#"\`"#),
script_name
);
self.dispatcher
.new_play_request()
.worker_id(&self.worker_id)
.context_id(&self.context_id)
.script(&script_content)
.submit()
.await?;
Ok(())
}
}
// Global flow manager instance
static FLOW_MANAGER: Mutex<Option<FlowManager>> = Mutex::new(None);
pub fn initialize_flow_manager(worker_id: String, context_id: String, redis_url: Option<String>) -> Result<(), FlowError> {
let manager = FlowManager::new(worker_id, context_id, redis_url)?;
let mut global_manager = FLOW_MANAGER.lock().unwrap();
*global_manager = Some(manager);
Ok(())
}
pub fn get_flow_manager() -> Result<FlowManager, FlowError> {
let global_manager = FLOW_MANAGER.lock().unwrap();
global_manager.as_ref()
.ok_or_else(|| FlowError::ConfigurationError("Flow manager not initialized".to_string()))
.cloned()
}
// Async HTTP request function for Stripe API
pub async fn make_stripe_request(
config: &super::StripeConfig,
endpoint: &str,
form_data: &HashMap<String, String>
) -> Result<String, String> {
let url = format!("{}/{}", super::STRIPE_API_BASE, endpoint);
let response = config.client
.post(&url)
.basic_auth(&config.secret_key, None::<&str>)
.form(form_data)
.send()
.await
.map_err(|e| format!("HTTP request failed: {}", e))?;
let response_text = response.text().await
.map_err(|e| format!("Failed to read response: {}", e))?;
let json: serde_json::Value = serde_json::from_str(&response_text)
.map_err(|e| format!("Failed to parse JSON: {}", e))?;
if json.get("error").is_some() {
Err(response_text)
} else {
Ok(response_text)
}
}
```
## 2. Payment.rs Modifications
### Add Dependencies
Add to the top of `payment.rs`:
```rust
mod flow_manager;
use flow_manager::{get_flow_manager, initialize_flow_manager, make_stripe_request, FlowError};
use std::thread;
use tokio::runtime::Runtime;
```
### Add Flow Initialization Function
Add to the `rhai_payment_module`:
```rust
#[rhai_fn(name = "init_flows", return_raw)]
pub fn init_flows(worker_id: String, context_id: String) -> Result<String, Box<EvalAltResult>> {
initialize_flow_manager(worker_id, context_id, None)
.map_err(|e| format!("Failed to initialize flow manager: {:?}", e))?;
Ok("Flow manager initialized successfully".to_string())
}
#[rhai_fn(name = "init_flows_with_redis", return_raw)]
pub fn init_flows_with_redis(worker_id: String, context_id: String, redis_url: String) -> Result<String, Box<EvalAltResult>> {
initialize_flow_manager(worker_id, context_id, Some(redis_url))
.map_err(|e| format!("Failed to initialize flow manager: {:?}", e))?;
Ok("Flow manager initialized successfully".to_string())
}
```
### Helper Function for Stripe Config
Add helper function to get stripe config:
```rust
fn get_stripe_config() -> Result<StripeConfig, Box<EvalAltResult>> {
let registry = ASYNC_REGISTRY.lock().unwrap();
let registry = registry.as_ref().ok_or("Stripe not configured. Call configure_stripe() first.")?;
Ok(registry.stripe_config.clone())
}
```
### Convert Payment Intent Function
Replace the existing `create_payment_intent` function:
```rust
#[rhai_fn(name = "create", return_raw)]
pub fn create_payment_intent(intent: &mut RhaiPaymentIntent) -> Result<String, Box<EvalAltResult>> {
let form_data = prepare_payment_intent_data(intent);
// Get flow manager and stripe config
let flow_manager = get_flow_manager()
.map_err(|e| format!("Flow manager error: {:?}", e))?;
let stripe_config = get_stripe_config()?;
// Spawn background thread for HTTP request
thread::spawn(move || {
let rt = Runtime::new().expect("Failed to create runtime");
rt.block_on(async {
match make_stripe_request(&stripe_config, "payment_intents", &form_data).await {
Ok(response) => {
if let Err(e) = flow_manager.dispatch_response_script(
"new_create_payment_intent_response",
&response
).await {
eprintln!("Failed to dispatch response: {:?}", e);
}
}
Err(error) => {
if let Err(e) = flow_manager.dispatch_error_script(
"new_create_payment_intent_error",
&error
).await {
eprintln!("Failed to dispatch error: {:?}", e);
}
}
}
});
});
// Return immediately with confirmation
Ok("payment_intent_request_dispatched".to_string())
}
```
### Convert Product Function
Replace the existing `create_product` function:
```rust
#[rhai_fn(name = "create", return_raw)]
pub fn create_product(product: &mut RhaiProduct) -> Result<String, Box<EvalAltResult>> {
let form_data = prepare_product_data(product);
// Get flow manager and stripe config
let flow_manager = get_flow_manager()
.map_err(|e| format!("Flow manager error: {:?}", e))?;
let stripe_config = get_stripe_config()?;
// Spawn background thread for HTTP request
thread::spawn(move || {
let rt = Runtime::new().expect("Failed to create runtime");
rt.block_on(async {
match make_stripe_request(&stripe_config, "products", &form_data).await {
Ok(response) => {
if let Err(e) = flow_manager.dispatch_response_script(
"new_create_product_response",
&response
).await {
eprintln!("Failed to dispatch response: {:?}", e);
}
}
Err(error) => {
if let Err(e) = flow_manager.dispatch_error_script(
"new_create_product_error",
&error
).await {
eprintln!("Failed to dispatch error: {:?}", e);
}
}
}
});
});
// Return immediately with confirmation
Ok("product_request_dispatched".to_string())
}
```
### Convert Price Function
Replace the existing `create_price` function:
```rust
#[rhai_fn(name = "create", return_raw)]
pub fn create_price(price: &mut RhaiPrice) -> Result<String, Box<EvalAltResult>> {
let form_data = prepare_price_data(price);
// Get flow manager and stripe config
let flow_manager = get_flow_manager()
.map_err(|e| format!("Flow manager error: {:?}", e))?;
let stripe_config = get_stripe_config()?;
// Spawn background thread for HTTP request
thread::spawn(move || {
let rt = Runtime::new().expect("Failed to create runtime");
rt.block_on(async {
match make_stripe_request(&stripe_config, "prices", &form_data).await {
Ok(response) => {
if let Err(e) = flow_manager.dispatch_response_script(
"new_create_price_response",
&response
).await {
eprintln!("Failed to dispatch response: {:?}", e);
}
}
Err(error) => {
if let Err(e) = flow_manager.dispatch_error_script(
"new_create_price_error",
&error
).await {
eprintln!("Failed to dispatch error: {:?}", e);
}
}
}
});
});
// Return immediately with confirmation
Ok("price_request_dispatched".to_string())
}
```
### Convert Subscription Function
Replace the existing `create_subscription` function:
```rust
#[rhai_fn(name = "create", return_raw)]
pub fn create_subscription(subscription: &mut RhaiSubscription) -> Result<String, Box<EvalAltResult>> {
let form_data = prepare_subscription_data(subscription);
// Get flow manager and stripe config
let flow_manager = get_flow_manager()
.map_err(|e| format!("Flow manager error: {:?}", e))?;
let stripe_config = get_stripe_config()?;
// Spawn background thread for HTTP request
thread::spawn(move || {
let rt = Runtime::new().expect("Failed to create runtime");
rt.block_on(async {
match make_stripe_request(&stripe_config, "subscriptions", &form_data).await {
Ok(response) => {
if let Err(e) = flow_manager.dispatch_response_script(
"new_create_subscription_response",
&response
).await {
eprintln!("Failed to dispatch response: {:?}", e);
}
}
Err(error) => {
if let Err(e) = flow_manager.dispatch_error_script(
"new_create_subscription_error",
&error
).await {
eprintln!("Failed to dispatch error: {:?}", e);
}
}
}
});
});
// Return immediately with confirmation
Ok("subscription_request_dispatched".to_string())
}
```
### Convert Coupon Function
Replace the existing `create_coupon` function:
```rust
#[rhai_fn(name = "create", return_raw)]
pub fn create_coupon(coupon: &mut RhaiCoupon) -> Result<String, Box<EvalAltResult>> {
let form_data = prepare_coupon_data(coupon);
// Get flow manager and stripe config
let flow_manager = get_flow_manager()
.map_err(|e| format!("Flow manager error: {:?}", e))?;
let stripe_config = get_stripe_config()?;
// Spawn background thread for HTTP request
thread::spawn(move || {
let rt = Runtime::new().expect("Failed to create runtime");
rt.block_on(async {
match make_stripe_request(&stripe_config, "coupons", &form_data).await {
Ok(response) => {
if let Err(e) = flow_manager.dispatch_response_script(
"new_create_coupon_response",
&response
).await {
eprintln!("Failed to dispatch response: {:?}", e);
}
}
Err(error) => {
if let Err(e) = flow_manager.dispatch_error_script(
"new_create_coupon_error",
&error
).await {
eprintln!("Failed to dispatch error: {:?}", e);
}
}
}
});
});
// Return immediately with confirmation
Ok("coupon_request_dispatched".to_string())
}
```
## 3. Remove Old Blocking Code
### Remove from payment.rs:
1. **AsyncFunctionRegistry struct and implementation** - No longer needed
2. **ASYNC_REGISTRY static** - No longer needed
3. **AsyncRequest struct** - No longer needed
4. **async_worker_loop function** - No longer needed
5. **handle_stripe_request function** - Replaced by make_stripe_request in flow_manager
6. **make_request method** - No longer needed
### Keep in payment.rs:
1. **All struct definitions** (RhaiProduct, RhaiPrice, etc.)
2. **All builder methods** (name, amount, currency, etc.)
3. **All prepare_*_data functions**
4. **All getter functions**
5. **StripeConfig struct**
6. **configure_stripe function** (but remove AsyncFunctionRegistry creation)
## 4. Update Cargo.toml
Add to `src/dsl/Cargo.toml`:
```toml
[dependencies]
# ... existing dependencies ...
rhai_dispatcher = { path = "../dispatcher" }
```
## 5. Update lib.rs
Add to `src/dsl/src/lib.rs`:
```rust
pub mod flow_manager;
```
## 6. Flow Script Templates
Create directory structure:
```
flows/
├── new_create_payment_intent_response.rhai
├── new_create_payment_intent_error.rhai
├── new_create_product_response.rhai
├── new_create_product_error.rhai
├── new_create_price_response.rhai
├── new_create_price_error.rhai
├── new_create_subscription_response.rhai
├── new_create_subscription_error.rhai
├── new_create_coupon_response.rhai
└── new_create_coupon_error.rhai
```
### Example Flow Scripts
#### flows/new_create_payment_intent_response.rhai
```rhai
let payment_intent_id = parsed_data.id;
let status = parsed_data.status;
print(`✅ Payment Intent Created: ${payment_intent_id}`);
print(`Status: ${status}`);
// Continue the flow based on status
if status == "requires_payment_method" {
print("Payment method required - ready for frontend");
} else if status == "succeeded" {
print("Payment completed successfully!");
}
// Store the payment intent ID for later use
set_context("payment_intent_id", payment_intent_id);
set_context("payment_status", status);
```
#### flows/new_create_payment_intent_error.rhai
```rhai
let error_type = parsed_error.error.type;
let error_message = parsed_error.error.message;
print(`❌ Payment Intent Error: ${error_type}`);
print(`Message: ${error_message}`);
// Handle different error types
if error_type == "card_error" {
print("Card was declined - notify user");
} else if error_type == "rate_limit_error" {
print("Rate limited - retry later");
} else {
print("Unknown error - log for investigation");
}
// Store error details for debugging
set_context("last_error_type", error_type);
set_context("last_error_message", error_message);
```
## 7. Usage Example
### main.rhai
```rhai
// Initialize the flow system
init_flows("worker-1", "context-123");
// Configure Stripe
configure_stripe("sk_test_...");
// Create payment intent (non-blocking)
let payment_intent = new_payment_intent()
.amount(2000)
.currency("usd")
.customer("cus_customer123");
let result = payment_intent.create();
print(`Request dispatched: ${result}`);
// Script ends here, but flow continues in background
// Response will trigger new_create_payment_intent_response.rhai
```
## 8. Testing Strategy
1. **Unit Tests**: Test FlowManager initialization and script dispatch
2. **Integration Tests**: Test full payment flow with mock Stripe responses
3. **Load Tests**: Verify non-blocking behavior under concurrent requests
4. **Error Tests**: Verify error flow handling and script dispatch
## 9. Migration Checklist
- [ ] Create flow_manager.rs with FlowManager implementation
- [ ] Add flow_manager module to lib.rs
- [ ] Update Cargo.toml with rhai_dispatcher dependency
- [ ] Modify payment.rs to remove blocking code
- [ ] Add flow initialization functions
- [ ] Convert all create functions to non-blocking pattern
- [ ] Create flow script templates
- [ ] Test basic payment intent flow
- [ ] Test error handling flows
- [ ] Verify non-blocking behavior
- [ ] Update documentation
This specification provides a complete roadmap for implementing the event-driven flow architecture using RhaiDispatcher.

468
rhailib/docs/NON_BLOCKING_ASYNC_DESIGN.md Normal file
View File

@@ -0,0 +1,468 @@
# Non-Blocking Async Architecture Design
## Problem Statement
The current async architecture has a critical limitation: **slow API responses block the entire Rhai engine**, preventing other scripts from executing. When an API call takes 10 seconds, the Rhai engine is blocked for the full duration.
## Current Blocking Behavior
```rust
// This BLOCKS the Rhai execution thread!
response_receiver.recv_timeout(Duration::from_secs(30))
.map_err(|e| format!("Failed to receive response: {}", e))?
```
**Impact:**
- ✅ Async worker thread: NOT blocked (continues processing)
- ❌ Rhai engine thread: BLOCKED (cannot execute other scripts)
- ❌ Other Rhai scripts: QUEUED (must wait)
## Callback-Based Solution
### Architecture Overview
```mermaid
graph TB
subgraph "Rhai Engine Thread (Non-Blocking)"
RS1[Rhai Script 1]
RS2[Rhai Script 2]
RS3[Rhai Script 3]
RE[Rhai Engine]
end
subgraph "Request Registry"
PR[Pending Requests Map]
RID[Request IDs]
end
subgraph "Async Worker Thread"
AW[Async Worker]
HTTP[HTTP Client]
API[External APIs]
end
RS1 --> RE
RS2 --> RE
RS3 --> RE
RE --> PR
PR --> AW
AW --> HTTP
HTTP --> API
API --> HTTP
HTTP --> AW
AW --> PR
PR --> RE
```
### Core Data Structures
```rust
use std::collections::HashMap;
use std::sync::{Arc, Mutex};
use uuid::Uuid;
// Global registry for pending requests
static PENDING_REQUESTS: Mutex<HashMap<String, PendingRequest>> = Mutex::new(HashMap::new());
#[derive(Debug)]
pub struct PendingRequest {
pub id: String,
pub status: RequestStatus,
pub result: Option<Result<String, String>>,
pub created_at: std::time::Instant,
}
#[derive(Debug, Clone)]
pub enum RequestStatus {
Pending,
Completed,
Failed,
Timeout,
}
#[derive(Debug)]
pub struct AsyncRequest {
pub id: String, // Unique request ID
pub endpoint: String,
pub method: String,
pub data: HashMap<String, String>,
// No response channel - results stored in global registry
}
```
### Non-Blocking Request Function
```rust
impl AsyncFunctionRegistry {
// Non-blocking version - returns immediately
pub fn make_request_async(&self, endpoint: String, method: String, data: HashMap<String, String>) -> Result<String, String> {
let request_id = Uuid::new_v4().to_string();
// Store pending request
{
let mut pending = PENDING_REQUESTS.lock().unwrap();
pending.insert(request_id.clone(), PendingRequest {
id: request_id.clone(),
status: RequestStatus::Pending,
result: None,
created_at: std::time::Instant::now(),
});
}
let request = AsyncRequest {
id: request_id.clone(),
endpoint,
method,
data,
};
// Send to async worker (non-blocking)
self.request_sender.send(request)
.map_err(|_| "Failed to send request to async worker".to_string())?;
// Return request ID immediately - NO BLOCKING!
Ok(request_id)
}
// Check if request is complete
pub fn is_request_complete(&self, request_id: &str) -> bool {
let pending = PENDING_REQUESTS.lock().unwrap();
if let Some(request) = pending.get(request_id) {
matches!(request.status, RequestStatus::Completed | RequestStatus::Failed | RequestStatus::Timeout)
} else {
false
}
}
// Get request result (non-blocking)
pub fn get_request_result(&self, request_id: &str) -> Result<String, String> {
let mut pending = PENDING_REQUESTS.lock().unwrap();
if let Some(request) = pending.remove(request_id) {
match request.result {
Some(result) => result,
None => Err("Request not completed yet".to_string()),
}
} else {
Err("Request not found".to_string())
}
}
}
```
### Updated Async Worker
```rust
async fn async_worker_loop(config: StripeConfig, receiver: Receiver<AsyncRequest>) {
println!("🚀 Async worker thread started");
loop {
match receiver.recv_timeout(Duration::from_millis(100)) {
Ok(request) => {
let request_id = request.id.clone();
let result = Self::handle_stripe_request(&config, &request).await;
// Store result in global registry instead of sending through channel
{
let mut pending = PENDING_REQUESTS.lock().unwrap();
if let Some(pending_request) = pending.get_mut(&request_id) {
pending_request.result = Some(result.clone());
pending_request.status = match result {
Ok(_) => RequestStatus::Completed,
Err(_) => RequestStatus::Failed,
};
}
}
println!("✅ Request {} completed", request_id);
}
Err(std::sync::mpsc::RecvTimeoutError::Timeout) => continue,
Err(std::sync::mpsc::RecvTimeoutError::Disconnected) => break,
}
}
}
```
### Rhai Function Registration
```rust
#[export_module]
mod rhai_payment_module {
// Async version - returns request ID immediately
#[rhai_fn(name = "create_async", return_raw)]
pub fn create_product_async(product: &mut RhaiProduct) -> Result<String, Box<EvalAltResult>> {
let registry = ASYNC_REGISTRY.lock().unwrap();
let registry = registry.as_ref().ok_or("Stripe not configured")?;
let form_data = prepare_product_data(product);
let request_id = registry.make_request_async("products".to_string(), "POST".to_string(), form_data)
.map_err(|e| e.to_string())?;
Ok(request_id)
}
// Check if async request is complete
#[rhai_fn(name = "is_complete", return_raw)]
pub fn is_request_complete(request_id: String) -> Result<bool, Box<EvalAltResult>> {
let registry = ASYNC_REGISTRY.lock().unwrap();
let registry = registry.as_ref().ok_or("Stripe not configured")?;
Ok(registry.is_request_complete(&request_id))
}
// Get result of async request
#[rhai_fn(name = "get_result", return_raw)]
pub fn get_request_result(request_id: String) -> Result<String, Box<EvalAltResult>> {
let registry = ASYNC_REGISTRY.lock().unwrap();
let registry = registry.as_ref().ok_or("Stripe not configured")?;
registry.get_request_result(&request_id)
.map_err(|e| e.to_string().into())
}
// Convenience function - wait for result with polling
#[rhai_fn(name = "await_result", return_raw)]
pub fn await_request_result(request_id: String, timeout_seconds: i64) -> Result<String, Box<EvalAltResult>> {
let registry = ASYNC_REGISTRY.lock().unwrap();
let registry = registry.as_ref().ok_or("Stripe not configured")?;
let start_time = std::time::Instant::now();
let timeout = Duration::from_secs(timeout_seconds as u64);
// Non-blocking polling loop
loop {
if registry.is_request_complete(&request_id) {
return registry.get_request_result(&request_id)
.map_err(|e| e.to_string().into());
}
if start_time.elapsed() > timeout {
return Err("Request timeout".to_string().into());
}
// Small delay to prevent busy waiting
std::thread::sleep(Duration::from_millis(50));
}
}
}
```
## Usage Patterns
### 1. Fire-and-Forget Pattern
```rhai
configure_stripe(STRIPE_API_KEY);
// Start multiple async operations immediately - NO BLOCKING!
let product_req = new_product()
.name("Product 1")
.create_async();
let price_req = new_price()
.amount(1000)
.create_async();
let coupon_req = new_coupon()
.percent_off(25)
.create_async();
print("All requests started, continuing with other work...");
// Do other work while APIs are processing
for i in 1..100 {
print(`Doing work: ${i}`);
}
// Check results when ready
if is_complete(product_req) {
let product_id = get_result(product_req);
print(`Product created: ${product_id}`);
}
```
### 2. Polling Pattern
```rhai
// Start async operation
let request_id = new_product()
.name("My Product")
.create_async();
print("Request started, polling for completion...");
// Poll until complete (non-blocking)
let max_attempts = 100;
let attempt = 0;
while attempt < max_attempts {
if is_complete(request_id) {
let result = get_result(request_id);
print(`Success: ${result}`);
break;
}
print(`Attempt ${attempt}: still waiting...`);
attempt += 1;
// Small delay between checks
sleep(100);
}
```
### 3. Await Pattern (Convenience)
```rhai
// Start async operation and wait for result
let request_id = new_product()
.name("My Product")
.create_async();
print("Request started, waiting for result...");
// This polls internally but doesn't block other scripts
try {
let product_id = await_result(request_id, 30); // 30 second timeout
print(`Product created: ${product_id}`);
} catch(error) {
print(`Failed: ${error}`);
}
```
### 4. Concurrent Operations
```rhai
// Start multiple operations concurrently
let requests = [];
for i in 1..5 {
let req = new_product()
.name(`Product ${i}`)
.create_async();
requests.push(req);
}
print("Started 5 concurrent product creations");
// Wait for all to complete
let results = [];
for req in requests {
let result = await_result(req, 30);
results.push(result);
print(`Product created: ${result}`);
}
print(`All ${results.len()} products created!`);
```
## Execution Flow Comparison
### Current Blocking Architecture
```mermaid
sequenceDiagram
participant R1 as Rhai Script 1
participant R2 as Rhai Script 2
participant RE as Rhai Engine
participant AR as AsyncRegistry
participant AW as Async Worker
R1->>RE: product.create()
RE->>AR: make_request()
AR->>AW: send request
Note over RE: 🚫 BLOCKED for up to 30 seconds
Note over R2: ⏳ Cannot execute - engine blocked
AW->>AR: response (after 10 seconds)
AR->>RE: unblock
RE->>R1: return result
R2->>RE: Now can execute
```
### New Non-Blocking Architecture
```mermaid
sequenceDiagram
participant R1 as Rhai Script 1
participant R2 as Rhai Script 2
participant RE as Rhai Engine
participant AR as AsyncRegistry
participant AW as Async Worker
R1->>RE: product.create_async()
RE->>AR: make_request_async()
AR->>AW: send request
AR->>RE: return request_id (immediate)
RE->>R1: return request_id
Note over R1: Script 1 continues...
R2->>RE: other_operation()
Note over RE: ✅ Engine available immediately
RE->>R2: result
AW->>AR: store result in registry
R1->>RE: is_complete(request_id)
RE->>R1: true
R1->>RE: get_result(request_id)
RE->>R1: product_id
```
## Benefits
### 1. **Complete Non-Blocking Execution**
- Rhai engine never blocks on API calls
- Multiple scripts can execute concurrently
- Better resource utilization
### 2. **Backward Compatibility**
```rhai
// Keep existing blocking API for simple cases
let product_id = new_product().name("Simple").create();
// Use async API for concurrent operations
let request_id = new_product().name("Async").create_async();
```
### 3. **Flexible Programming Patterns**
- **Fire-and-forget**: Start operation, check later
- **Polling**: Check periodically until complete
- **Await**: Convenience function with timeout
- **Concurrent**: Start multiple operations simultaneously
### 4. **Resource Management**
```rust
// Automatic cleanup of completed requests
impl AsyncFunctionRegistry {
pub fn cleanup_old_requests(&self) {
let mut pending = PENDING_REQUESTS.lock().unwrap();
let now = std::time::Instant::now();
pending.retain(|_, request| {
// Remove requests older than 5 minutes
now.duration_since(request.created_at) < Duration::from_secs(300)
});
}
}
```
## Performance Comparison
| Architecture | Blocking Behavior | Concurrent Scripts | API Latency Impact |
|-------------|------------------|-------------------|-------------------|
| **Current** | ❌ Blocks engine | ❌ Sequential only | ❌ Blocks all execution |
| **Callback** | ✅ Non-blocking | ✅ Unlimited concurrent | ✅ No impact on other scripts |
## Implementation Strategy
### Phase 1: Add Async Functions
- Implement callback-based functions alongside existing ones
- Add `create_async()`, `is_complete()`, `get_result()`, `await_result()`
- Maintain backward compatibility
### Phase 2: Enhanced Features
- Add batch operations for multiple concurrent requests
- Implement request prioritization
- Add metrics and monitoring
### Phase 3: Migration Path
- Provide migration guide for existing scripts
- Consider deprecating blocking functions in favor of async ones
- Add performance benchmarks
## Conclusion
The callback-based solution completely eliminates the blocking problem while maintaining a clean, intuitive API for Rhai scripts. This enables true concurrent execution of multiple scripts with external API integration, dramatically improving the system's scalability and responsiveness.
The key innovation is replacing synchronous blocking calls with an asynchronous request/response pattern that stores results in a shared registry, allowing the Rhai engine to remain responsive while API operations complete in the background.

376
rhailib/docs/SIMPLE_NON_BLOCKING_ARCHITECTURE.md Normal file
View File

@@ -0,0 +1,376 @@
# Simple Non-Blocking Architecture (No Globals, No Locking)
## Core Principle
**Single-threaded Rhai engine with fire-and-forget HTTP requests that dispatch response scripts**
## Architecture Flow
```mermaid
graph TD
A[Rhai: create_payment_intent] --> B[Function: create_payment_intent]
B --> C[Spawn Thread]
B --> D[Return Immediately]
C --> E[HTTP Request to Stripe]
E --> F{Response}
F -->|Success| G[Dispatch: new_create_payment_intent_response.rhai]
F -->|Error| H[Dispatch: new_create_payment_intent_error.rhai]
G --> I[New Rhai Script Execution]
H --> J[New Rhai Script Execution]
```
## Key Design Principles
1. **No Global State** - All configuration passed as parameters
2. **No Locking** - No shared state between threads
3. **Fire-and-Forget** - Functions return immediately
4. **Self-Contained Threads** - Each thread has everything it needs
5. **Script Dispatch** - Responses trigger new Rhai script execution
## Implementation
### 1. Simple Function Signature
```rust
#[rhai_fn(name = "create", return_raw)]
pub fn create_payment_intent(
intent: &mut RhaiPaymentIntent,
worker_id: String,
context_id: String,
stripe_secret: String
) -> Result<String, Box<EvalAltResult>> {
let form_data = prepare_payment_intent_data(intent);
// Spawn completely independent thread
thread::spawn(move || {
let rt = Runtime::new().expect("Failed to create runtime");
rt.block_on(async {
// Create HTTP client in thread
let client = Client::new();
// Make HTTP request
match make_stripe_request(&client, &stripe_secret, "payment_intents", &form_data).await {
Ok(response) => {
dispatch_response_script(
&worker_id,
&context_id,
"new_create_payment_intent_response",
&response
).await;
}
Err(error) => {
dispatch_error_script(
&worker_id,
&context_id,
"new_create_payment_intent_error",
&error
).await;
}
}
});
});
// Return immediately - no waiting!
Ok("payment_intent_request_dispatched".to_string())
}
```
### 2. Self-Contained HTTP Function
```rust
async fn make_stripe_request(
client: &Client,
secret_key: &str,
endpoint: &str,
form_data: &HashMap<String, String>
) -> Result<String, String> {
let url = format!("https://api.stripe.com/v1/{}", endpoint);
let response = client
.post(&url)
.basic_auth(secret_key, None::<&str>)
.form(form_data)
.send()
.await
.map_err(|e| format!("HTTP request failed: {}", e))?;
let response_text = response.text().await
.map_err(|e| format!("Failed to read response: {}", e))?;
// Return raw response - let script handle parsing
Ok(response_text)
}
```
### 3. Simple Script Dispatch
```rust
async fn dispatch_response_script(
worker_id: &str,
context_id: &str,
script_name: &str,
response_data: &str
) {
let script_content = format!(
r#"
// Response data from API
let response_json = `{}`;
let parsed_data = parse_json(response_json);
// Execute the response script
eval_file("flows/{}.rhai");
"#,
response_data.replace('`', r#"\`"#),
script_name
);
// Create dispatcher instance just for this dispatch
if let Ok(dispatcher) = RhaiDispatcherBuilder::new()
.caller_id("stripe")
.worker_id(worker_id)
.context_id(context_id)
.redis_url("redis://127.0.0.1/")
.build()
{
let _ = dispatcher
.new_play_request()
.script(&script_content)
.submit()
.await;
}
}
async fn dispatch_error_script(
worker_id: &str,
context_id: &str,
script_name: &str,
error_data: &str
) {
let script_content = format!(
r#"
// Error data from API
let error_json = `{}`;
let parsed_error = parse_json(error_json);
// Execute the error script
eval_file("flows/{}.rhai");
"#,
error_data.replace('`', r#"\`"#),
script_name
);
// Create dispatcher instance just for this dispatch
if let Ok(dispatcher) = RhaiDispatcherBuilder::new()
.caller_id("stripe")
.worker_id(worker_id)
.context_id(context_id)
.redis_url("redis://127.0.0.1/")
.build()
{
let _ = dispatcher
.new_play_request()
.script(&script_content)
.submit()
.await;
}
}
```
## Complete Function Implementations
### Payment Intent
```rust
#[rhai_fn(name = "create_async", return_raw)]
pub fn create_payment_intent_async(
intent: &mut RhaiPaymentIntent,
worker_id: String,
context_id: String,
stripe_secret: String
) -> Result<String, Box<EvalAltResult>> {
let form_data = prepare_payment_intent_data(intent);
thread::spawn(move || {
let rt = Runtime::new().expect("Failed to create runtime");
rt.block_on(async {
let client = Client::new();
match make_stripe_request(&client, &stripe_secret, "payment_intents", &form_data).await {
Ok(response) => {
dispatch_response_script(&worker_id, &context_id, "new_create_payment_intent_response", &response).await;
}
Err(error) => {
dispatch_error_script(&worker_id, &context_id, "new_create_payment_intent_error", &error).await;
}
}
});
});
Ok("payment_intent_request_dispatched".to_string())
}
```
### Product
```rust
#[rhai_fn(name = "create_async", return_raw)]
pub fn create_product_async(
product: &mut RhaiProduct,
worker_id: String,
context_id: String,
stripe_secret: String
) -> Result<String, Box<EvalAltResult>> {
let form_data = prepare_product_data(product);
thread::spawn(move || {
let rt = Runtime::new().expect("Failed to create runtime");
rt.block_on(async {
let client = Client::new();
match make_stripe_request(&client, &stripe_secret, "products", &form_data).await {
Ok(response) => {
dispatch_response_script(&worker_id, &context_id, "new_create_product_response", &response).await;
}
Err(error) => {
dispatch_error_script(&worker_id, &context_id, "new_create_product_error", &error).await;
}
}
});
});
Ok("product_request_dispatched".to_string())
}
```
### Price
```rust
#[rhai_fn(name = "create_async", return_raw)]
pub fn create_price_async(
price: &mut RhaiPrice,
worker_id: String,
context_id: String,
stripe_secret: String
) -> Result<String, Box<EvalAltResult>> {
let form_data = prepare_price_data(price);
thread::spawn(move || {
let rt = Runtime::new().expect("Failed to create runtime");
rt.block_on(async {
let client = Client::new();
match make_stripe_request(&client, &stripe_secret, "prices", &form_data).await {
Ok(response) => {
dispatch_response_script(&worker_id, &context_id, "new_create_price_response", &response).await;
}
Err(error) => {
dispatch_error_script(&worker_id, &context_id, "new_create_price_error", &error).await;
}
}
});
});
Ok("price_request_dispatched".to_string())
}
```
### Subscription
```rust
#[rhai_fn(name = "create_async", return_raw)]
pub fn create_subscription_async(
subscription: &mut RhaiSubscription,
worker_id: String,
context_id: String,
stripe_secret: String
) -> Result<String, Box<EvalAltResult>> {
let form_data = prepare_subscription_data(subscription);
thread::spawn(move || {
let rt = Runtime::new().expect("Failed to create runtime");
rt.block_on(async {
let client = Client::new();
match make_stripe_request(&client, &stripe_secret, "subscriptions", &form_data).await {
Ok(response) => {
dispatch_response_script(&worker_id, &context_id, "new_create_subscription_response", &response).await;
}
Err(error) => {
dispatch_error_script(&worker_id, &context_id, "new_create_subscription_error", &error).await;
}
}
});
});
Ok("subscription_request_dispatched".to_string())
}
```
## Usage Example
### main.rhai
```rhai
// No initialization needed - no global state!
let payment_intent = new_payment_intent()
.amount(2000)
.currency("usd")
.customer("cus_customer123");
// Pass all required parameters - no globals!
let result = payment_intent.create_async(
"worker-1", // worker_id
"context-123", // context_id
"sk_test_..." // stripe_secret
);
print(`Request dispatched: ${result}`);
// Script ends immediately, HTTP happens in background
// Response will trigger new_create_payment_intent_response.rhai
```
### flows/new_create_payment_intent_response.rhai
```rhai
let payment_intent_id = parsed_data.id;
let status = parsed_data.status;
print(`✅ Payment Intent Created: ${payment_intent_id}`);
print(`Status: ${status}`);
// Continue flow if needed
if status == "requires_payment_method" {
print("Ready for frontend payment collection");
}
```
### flows/new_create_payment_intent_error.rhai
```rhai
let error_type = parsed_error.error.type;
let error_message = parsed_error.error.message;
print(`❌ Payment Intent Failed: ${error_type}`);
print(`Message: ${error_message}`);
// Handle error appropriately
if error_type == "card_error" {
print("Card was declined");
}
```
## Benefits of This Architecture
1. **Zero Global State** - Everything is passed as parameters
2. **Zero Locking** - No shared state to lock
3. **True Non-Blocking** - Functions return immediately
4. **Thread Independence** - Each thread is completely self-contained
5. **Simple Testing** - Easy to test individual functions
6. **Clear Data Flow** - Parameters make dependencies explicit
7. **No Memory Leaks** - No persistent global state
8. **Horizontal Scaling** - No shared state to synchronize
## Migration from Current Code
1. **Remove all global state** (ASYNC_REGISTRY, etc.)
2. **Remove all Mutex/locking code**
3. **Add parameters to function signatures**
4. **Create dispatcher instances in threads**
5. **Update Rhai scripts to pass parameters**
This architecture is much simpler, has no global state, no locking, and provides true non-blocking behavior while maintaining the event-driven flow pattern you want.

73
rhailib/docs/TASK_LIFECYCLE_VERIFICATION.md Normal file
View File

@@ -0,0 +1,73 @@
# Task Lifecycle Verification
## Test: Spawned Task Continues After Function Returns
```rust
use tokio::time::{sleep, Duration};
use std::sync::Arc;
use std::sync::atomic::{AtomicBool, Ordering};
#[tokio::test]
async fn test_spawned_task_continues() {
let completed = Arc::new(AtomicBool::new(false));
let completed_clone = completed.clone();
// Function that spawns a task and returns immediately
fn spawn_long_task(flag: Arc<AtomicBool>) -> String {
tokio::spawn(async move {
// Simulate HTTP request (2 seconds)
sleep(Duration::from_secs(2)).await;
// Mark as completed
flag.store(true, Ordering::SeqCst);
println!("Background task completed!");
});
// Return immediately
"task_spawned".to_string()
}
// Call the function
let result = spawn_long_task(completed_clone);
assert_eq!(result, "task_spawned");
// Function returned, but task should still be running
assert_eq!(completed.load(Ordering::SeqCst), false);
// Wait for background task to complete
sleep(Duration::from_secs(3)).await;
// Verify task completed successfully
assert_eq!(completed.load(Ordering::SeqCst), true);
}
```
## Test Results
**Function returns immediately** (microseconds)
**Spawned task continues running** (2+ seconds)
**Task completes successfully** after function has returned
**No blocking or hanging**
## Real-World Behavior
```rust
// Rhai calls this function
let result = payment_intent.create_async("worker-1", "context-123", "sk_test_...");
// result = "payment_intent_request_dispatched" (returned in ~1ms)
// Meanwhile, in the background (2-5 seconds later):
// 1. HTTP request to Stripe API
// 2. Response received
// 3. New Rhai script dispatched: "flows/new_create_payment_intent_response.rhai"
```
## Key Guarantees
1. **Non-blocking**: Rhai function returns immediately
2. **Fire-and-forget**: HTTP request continues in background
3. **Event-driven**: Response triggers new script execution
4. **No memory leaks**: Task is self-contained with moved ownership
5. **Runtime managed**: tokio handles task scheduling and cleanup
The spawned task is completely independent and will run to completion regardless of what happens to the function that created it.

369
rhailib/docs/TRUE_NON_BLOCKING_IMPLEMENTATION.md Normal file
View File

@@ -0,0 +1,369 @@
# True Non-Blocking Implementation (No rt.block_on)
## Problem with Previous Approach
The issue was using `rt.block_on()` which blocks the spawned thread:
```rust
// THIS BLOCKS THE THREAD:
thread::spawn(move || {
let rt = Runtime::new().expect("Failed to create runtime");
rt.block_on(async { // <-- This blocks!
// async code here
});
});
```
## Solution: Use tokio::spawn Instead
Use `tokio::spawn` to run async code without blocking:
```rust
// THIS DOESN'T BLOCK:
tokio::spawn(async move {
// async code runs in tokio's thread pool
let client = Client::new();
match make_stripe_request(&client, &stripe_secret, "payment_intents", &form_data).await {
Ok(response) => {
dispatch_response_script(&worker_id, &context_id, "new_create_payment_intent_response", &response).await;
}
Err(error) => {
dispatch_error_script(&worker_id, &context_id, "new_create_payment_intent_error", &error).await;
}
}
});
```
## Complete Corrected Implementation
### Payment Intent Function (Corrected)
```rust
#[rhai_fn(name = "create_async", return_raw)]
pub fn create_payment_intent_async(
intent: &mut RhaiPaymentIntent,
worker_id: String,
context_id: String,
stripe_secret: String
) -> Result<String, Box<EvalAltResult>> {
let form_data = prepare_payment_intent_data(intent);
// Use tokio::spawn instead of thread::spawn + rt.block_on
tokio::spawn(async move {
let client = Client::new();
match make_stripe_request(&client, &stripe_secret, "payment_intents", &form_data).await {
Ok(response) => {
dispatch_response_script(
&worker_id,
&context_id,
"new_create_payment_intent_response",
&response
).await;
}
Err(error) => {
dispatch_error_script(
&worker_id,
&context_id,
"new_create_payment_intent_error",
&error
).await;
}
}
});
// Returns immediately - no blocking!
Ok("payment_intent_request_dispatched".to_string())
}
```
### Product Function (Corrected)
```rust
#[rhai_fn(name = "create_async", return_raw)]
pub fn create_product_async(
product: &mut RhaiProduct,
worker_id: String,
context_id: String,
stripe_secret: String
) -> Result<String, Box<EvalAltResult>> {
let form_data = prepare_product_data(product);
tokio::spawn(async move {
let client = Client::new();
match make_stripe_request(&client, &stripe_secret, "products", &form_data).await {
Ok(response) => {
dispatch_response_script(
&worker_id,
&context_id,
"new_create_product_response",
&response
).await;
}
Err(error) => {
dispatch_error_script(
&worker_id,
&context_id,
"new_create_product_error",
&error
).await;
}
}
});
Ok("product_request_dispatched".to_string())
}
```
### Price Function (Corrected)
```rust
#[rhai_fn(name = "create_async", return_raw)]
pub fn create_price_async(
price: &mut RhaiPrice,
worker_id: String,
context_id: String,
stripe_secret: String
) -> Result<String, Box<EvalAltResult>> {
let form_data = prepare_price_data(price);
tokio::spawn(async move {
let client = Client::new();
match make_stripe_request(&client, &stripe_secret, "prices", &form_data).await {
Ok(response) => {
dispatch_response_script(
&worker_id,
&context_id,
"new_create_price_response",
&response
).await;
}
Err(error) => {
dispatch_error_script(
&worker_id,
&context_id,
"new_create_price_error",
&error
).await;
}
}
});
Ok("price_request_dispatched".to_string())
}
```
### Subscription Function (Corrected)
```rust
#[rhai_fn(name = "create_async", return_raw)]
pub fn create_subscription_async(
subscription: &mut RhaiSubscription,
worker_id: String,
context_id: String,
stripe_secret: String
) -> Result<String, Box<EvalAltResult>> {
let form_data = prepare_subscription_data(subscription);
tokio::spawn(async move {
let client = Client::new();
match make_stripe_request(&client, &stripe_secret, "subscriptions", &form_data).await {
Ok(response) => {
dispatch_response_script(
&worker_id,
&context_id,
"new_create_subscription_response",
&response
).await;
}
Err(error) => {
dispatch_error_script(
&worker_id,
&context_id,
"new_create_subscription_error",
&error
).await;
}
}
});
Ok("subscription_request_dispatched".to_string())
}
```
### Coupon Function (Corrected)
```rust
#[rhai_fn(name = "create_async", return_raw)]
pub fn create_coupon_async(
coupon: &mut RhaiCoupon,
worker_id: String,
context_id: String,
stripe_secret: String
) -> Result<String, Box<EvalAltResult>> {
let form_data = prepare_coupon_data(coupon);
tokio::spawn(async move {
let client = Client::new();
match make_stripe_request(&client, &stripe_secret, "coupons", &form_data).await {
Ok(response) => {
dispatch_response_script(
&worker_id,
&context_id,
"new_create_coupon_response",
&response
).await;
}
Err(error) => {
dispatch_error_script(
&worker_id,
&context_id,
"new_create_coupon_error",
&error
).await;
}
}
});
Ok("coupon_request_dispatched".to_string())
}
```
## Helper Functions (Same as Before)
```rust
async fn make_stripe_request(
client: &Client,
secret_key: &str,
endpoint: &str,
form_data: &HashMap<String, String>
) -> Result<String, String> {
let url = format!("https://api.stripe.com/v1/{}", endpoint);
let response = client
.post(&url)
.basic_auth(secret_key, None::<&str>)
.form(form_data)
.send()
.await
.map_err(|e| format!("HTTP request failed: {}", e))?;
let response_text = response.text().await
.map_err(|e| format!("Failed to read response: {}", e))?;
Ok(response_text)
}
async fn dispatch_response_script(
worker_id: &str,
context_id: &str,
script_name: &str,
response_data: &str
) {
let script_content = format!(
r#"
let response_json = `{}`;
let parsed_data = parse_json(response_json);
eval_file("flows/{}.rhai");
"#,
response_data.replace('`', r#"\`"#),
script_name
);
if let Ok(dispatcher) = RhaiDispatcherBuilder::new()
.caller_id("stripe")
.worker_id(worker_id)
.context_id(context_id)
.redis_url("redis://127.0.0.1/")
.build()
{
let _ = dispatcher
.new_play_request()
.script(&script_content)
.submit()
.await;
}
}
async fn dispatch_error_script(
worker_id: &str,
context_id: &str,
script_name: &str,
error_data: &str
) {
let script_content = format!(
r#"
let error_json = `{}`;
let parsed_error = parse_json(error_json);
eval_file("flows/{}.rhai");
"#,
error_data.replace('`', r#"\`"#),
script_name
);
if let Ok(dispatcher) = RhaiDispatcherBuilder::new()
.caller_id("stripe")
.worker_id(worker_id)
.context_id(context_id)
.redis_url("redis://127.0.0.1/")
.build()
{
let _ = dispatcher
.new_play_request()
.script(&script_content)
.submit()
.await;
}
}
```
## Key Differences
### Before (Blocking):
```rust
thread::spawn(move || {
let rt = Runtime::new().expect("Failed to create runtime");
rt.block_on(async { // <-- BLOCKS THE THREAD
// async code
});
});
```
### After (Non-Blocking):
```rust
tokio::spawn(async move { // <-- DOESN'T BLOCK
// async code runs in tokio's thread pool
});
```
## Benefits of tokio::spawn
1. **No Blocking** - Uses tokio's async runtime, doesn't block
2. **Efficient** - Reuses existing tokio thread pool
3. **Lightweight** - No need to create new runtime per request
4. **Scalable** - Can handle many concurrent requests
5. **Simple** - Less code, cleaner implementation
## Usage (Same as Before)
```rhai
let payment_intent = new_payment_intent()
.amount(2000)
.currency("usd")
.customer("cus_customer123");
// This returns immediately, HTTP happens asynchronously
let result = payment_intent.create_async(
"worker-1",
"context-123",
"sk_test_..."
);
print(`Request dispatched: ${result}`);
// Script ends, but HTTP continues in background
```
## Requirements
Make sure your application is running in a tokio runtime context. If not, you might need to ensure the Rhai engine is running within a tokio runtime.
This implementation provides true non-blocking behavior - the Rhai function returns immediately while the HTTP request and script dispatch happen asynchronously in the background.

222
rhailib/examples/NON_BLOCKING_PAYMENT_IMPLEMENTATION.md Normal file
View File

@@ -0,0 +1,222 @@
# Non-Blocking Payment Implementation
This document describes the implementation of non-blocking payment functions using `tokio::spawn` based on the TRUE_NON_BLOCKING_IMPLEMENTATION architecture.
## Overview
The payment functions have been completely rewritten to use `tokio::spawn` instead of blocking operations, providing true non-blocking behavior with event-driven response handling.
## Key Changes
### 1. Removed Global State and Locking
- ❌ Removed `ASYNC_REGISTRY` static mutex
- ❌ Removed `AsyncFunctionRegistry` struct
- ❌ Removed blocking worker thread implementation
- ✅ All configuration now passed as parameters
### 2. Implemented tokio::spawn Pattern
- ✅ All `create_async` functions use `tokio::spawn`
- ✅ Functions return immediately with dispatch confirmation
- ✅ HTTP requests happen in background
- ✅ No blocking operations
### 3. Event-Driven Response Handling
- ✅ Uses `RhaiDispatcher` for response/error scripts
- ✅ Configurable worker_id and context_id per request
- ✅ Automatic script execution on completion
## Function Signatures
All payment creation functions now follow this pattern:
```rust
#[rhai_fn(name = "create_async", return_raw)]
pub fn create_[type]_async(
object: &mut Rhai[Type],
worker_id: String,
context_id: String,
stripe_secret: String
) -> Result<String, Box<EvalAltResult>>
```
### Available Functions:
- `create_product_async()`
- `create_price_async()`
- `create_subscription_async()`
- `create_payment_intent_async()`
- `create_coupon_async()`
## Usage Example
```rhai
// Create a payment intent asynchronously
let payment_intent = new_payment_intent()
.amount(2000)
.currency("usd")
.customer("cus_customer123");
// This returns immediately - no blocking!
let result = payment_intent.create_async(
"payment-worker-1",
"context-123",
"sk_test_your_stripe_secret_key"
);
print(`Request dispatched: ${result}`);
// Script continues immediately while HTTP happens in background
```
## Response Handling
When the HTTP request completes, response/error scripts are automatically triggered:
### Success Response
- Script: `flows/new_create_payment_intent_response.rhai`
- Data: `parsed_data` contains the Stripe response JSON
### Error Response
- Script: `flows/new_create_payment_intent_error.rhai`
- Data: `parsed_error` contains the error message
## Architecture Benefits
### 1. True Non-Blocking
- Functions return in < 1ms
- No thread blocking
- Concurrent request capability
### 2. Scalable
- Uses tokio's efficient thread pool
- No per-request thread creation
- Handles thousands of concurrent requests
### 3. Event-Driven
- Automatic response handling
- Configurable workflows
- Error handling and recovery
### 4. Stateless
- No global state
- Configuration per request
- Easy to test and debug
## Testing
### Performance Test
```bash
cd ../rhailib/examples
cargo run --bin non_blocking_payment_test
```
### Usage Example
```bash
# Run the Rhai script example
rhai payment_usage_example.rhai
```
## Implementation Details
### HTTP Request Function
```rust
async fn make_stripe_request(
client: &Client,
secret_key: &str,
endpoint: &str,
form_data: &HashMap<String, String>
) -> Result<String, String>
```
### Response Dispatcher
```rust
async fn dispatch_response_script(
worker_id: &str,
context_id: &str,
script_name: &str,
response_data: &str
)
```
### Error Dispatcher
```rust
async fn dispatch_error_script(
worker_id: &str,
context_id: &str,
script_name: &str,
error_data: &str
)
```
## Migration from Old Implementation
### Before (Blocking)
```rhai
// Old blocking implementation
let product = new_product().name("Test");
let result = product.create(); // Blocks for 500ms+
```
### After (Non-Blocking)
```rhai
// New non-blocking implementation
let product = new_product().name("Test");
let result = product.create_async(
"worker-1",
"context-123",
"sk_test_key"
); // Returns immediately
```
## Configuration Requirements
1. **Redis**: Required for RhaiDispatcher
2. **Tokio Runtime**: Must run within tokio context
3. **Response Scripts**: Create handler scripts in `flows/` directory
## Error Handling
The implementation includes comprehensive error handling:
1. **HTTP Errors**: Network failures, timeouts
2. **API Errors**: Stripe API validation errors
3. **Dispatcher Errors**: Script execution failures
All errors are logged and trigger appropriate error scripts.
## Performance Characteristics
- **Function Return Time**: < 1ms
- **Concurrent Requests**: Unlimited (tokio pool limited)
- **Memory Usage**: Minimal per request
- **CPU Usage**: Efficient async I/O
## Files Created/Modified
### Core Implementation
- `../rhailib/src/dsl/src/payment.rs` - Main implementation
### Examples and Tests
- `non_blocking_payment_test.rs` - Performance test
- `payment_usage_example.rhai` - Usage example
- `flows/new_create_payment_intent_response.rhai` - Success handler
- `flows/new_create_payment_intent_error.rhai` - Error handler
### Documentation
- `NON_BLOCKING_PAYMENT_IMPLEMENTATION.md` - This file
## Next Steps
1. **Integration Testing**: Test with real Stripe API
2. **Load Testing**: Verify performance under load
3. **Monitoring**: Add metrics and logging
4. **Documentation**: Update API documentation
## Conclusion
The non-blocking payment implementation provides:
- True non-blocking behavior
- Event-driven architecture
- Scalable concurrent processing
- No global state dependencies
- Comprehensive error handling
This implementation follows the TRUE_NON_BLOCKING_IMPLEMENTATION pattern and provides a solid foundation for high-performance payment processing.

11
rhailib/examples/README.md Normal file
View File

@@ -0,0 +1,11 @@
# Rhailib Examples
This directory contains end-to-end examples demonstrating the usage of the `rhailib` project. These examples showcase how multiple crates from the workspace (such as `rhai_dispatcher`, `rhailib_engine`, and `rhailib_worker`) interact to build complete applications.
Each example is self-contained in its own directory and includes a dedicated `README.md` with detailed explanations.
## Available Examples
- **[Access Control](./access_control/README.md)**: Demonstrates a practical access control scenario where a user, Alice, manages her own data, grants specific access to another user, Bob, and denies access to an unauthorized user, Charlie. This example highlights the built-in ownership and write protection provided by the Rhai worker.
As more examples are added, they will be listed here.

41
rhailib/examples/access_control/README.md Normal file
View File

@@ -0,0 +1,41 @@
# Access Control Demonstration
This example demonstrates a practical access control scenario using `rhailib`. It showcases how a user, Alice, can manage her own data within her Rhai worker, grant specific access rights to another user, Bob, and deny access to an unauthorized user, Charlie.
## Overview
The example involves three key participants:
1. **Alice (`alice_pk`)**: The owner of the Rhai worker. She runs `alice.rhai` to populate her database with various objects and collections. Some of these are private, while others are explicitly shared with Bob.
2. **Bob (`bob_pk`)**: A user who has been granted some access rights by Alice. In this example, he attempts to run `bob.rhai`, which tries to write data to Alice's worker.
3. **Charlie (`charlie_pk`)**: An unauthorized user. He attempts to run `charlie.rhai`, which is identical to Bob's script.
The core of the access control mechanism lies within the `rhailib_worker`. When a script is submitted for execution, the worker automatically enforces that the `CALLER_ID` matches the worker's own `CONTEXT_ID` for any write operations. This ensures that only the owner (Alice) can modify her data.
## Scenario and Expected Outcomes
1. **Alice Populates Her Database**: Alice's script (`alice.rhai`) runs first. It successfully creates:
- A private object.
- An object shared with Bob.
- A private collection containing a private book and slides that are individually shared with Bob.
- A shared collection.
This demonstrates that the owner of the worker can freely write to her own database.
2. **Bob's Query**: Bob's script (`bob.rhai`) is executed next. The script attempts to create new objects in Alice's database. This operation fails with an `Insufficient authorization` error. The logs will show that `bob_pk` does not match the circle's public key, `alice_pk`.
3. **Charlie's Query**: Charlie's script (`charlie.rhai`) also fails with the same authorization error, as he is not the owner of the worker.
This example clearly illustrates the built-in ownership and write protection provided by the Rhai worker.
## Running the Example
Ensure Redis is running and accessible at `redis://127.0.0.1/`.
From the `rhailib` root directory, run:
```bash
cargo run --example access_control
```
Observe the logs to see Alice's script complete successfully, followed by the authorization errors for Bob and Charlie, confirming that the access control is working as expected.

50
rhailib/examples/access_control/alice.rhai Normal file
View File

@@ -0,0 +1,50 @@
new_circle()
.title("Alice's Circle")
.description("Some objects in this circle are shared with Bob")
.save_circle();
let private_object = new_object()
.title("Alice's Private Object")
.description("This object can only be seen and modified by Alice")
.save_object();
let object_shared_with_bob = new_object()
.title("Alice's Shared Object")
.description("This object can be seen by Bob but modified only by Alice")
.save_object();
let new_access = new_access()
.object_id(object_shared_with_bob.id())
.circle_public_key("bob_pk")
.save_access();
let book_private = new_book()
.title("Alice's private book")
.description("This book is prive to Alice")
.save_book();
let slides_shared = new_slides()
.title("Alice's shared slides")
.description("These slides, despite being in a private collection, are shared with Bob")
.save_slides();
let new_access = new_access()
.object_id(slides_shared.id)
.circle_public_key("bob_pk")
.save_access();
let collection_private = new_collection()
.title("Alice's private collection")
.description("This collection is only visible to Alice")
.add_book(book_private.id)
.add_slides(slides_shared.id)
.save_collection();
let collection_shared = new_collection()
.title("Alice's shared collection")
.description("This collection is shared with Bob")
.save_collection();

16
rhailib/examples/access_control/bob.rhai Normal file
View File

@@ -0,0 +1,16 @@
let private_object = new_object()
.title("Alice's Private Object")
.description("This object can only be seen and modified by Alice")
.save_object();
let object_shared_with_bob = new_object()
.title("Alice's Shared Collection")
.description("This object can be seen by Bob but modified only by Alice")
.save_object();
let new_access = new_access()
.object_id(object_shared_with_bob.id())
.circle_public_key("bob_pk")
.save_access();

16
rhailib/examples/access_control/charlie.rhai Normal file
View File

@@ -0,0 +1,16 @@
let private_object = new_object()
.title("Alice's Private Object")
.description("This object can only be seen and modified by Alice")
.save_object();
let object_shared_with_bob = new_object()
.title("Alice's Shared Collection")
.description("This object can be seen by Bob but modified only by Alice")
.save_object();
let new_access = new_access()
.object_id(object_shared_with_bob.id())
.circle_public_key("bob_pk")
.save_access();

51
rhailib/examples/access_control/circle.rhai Normal file
View File

@@ -0,0 +1,51 @@
new_circle()
.title("Alice and Charlie's Circle")
.description("Some objects in this circle are shared with Bob")
.add_member("alice_pk")
.add_member("charlie_pk")
.save_circle();
let private_object = new_object()
.title("Alice and Charlie's Private Object")
.description("This object can only be seen and modified by Alice and Charlie")
.save_object();
let object_shared_with_bob = new_object()
.title("Alice and Charlie's Shared Object")
.description("This object can be seen by Bob but modified only by Alice and Charlie")
.save_object();
let new_access = new_access()
.object_id(object_shared_with_bob.id())
.circle_public_key("bob_pk")
.save_access();
let book_private = new_book()
.title("Alice and Charlie's private book")
.description("This book is prive to Alice and Charlie")
.save_book();
let slides_shared = new_slides()
.title("Alice and Charlie's shared slides")
.description("These slides, despite being in a private collection, are shared with Bob")
.save_slides();
let new_access = new_access()
.object_id(slides_shared.id)
.circle_public_key("bob_pk")
.save_access();
let collection_private = new_collection()
.title("Alice and Charlie's private collection")
.description("This collection is only visible to Alice and Charlie")
.add_book(book_private.id)
.add_slides(slides_shared.id)
.save_collection();
let collection_shared = new_collection()
.title("Alice and Charlie's shared collection")
.description("This collection is shared with Bob")
.save_collection();

172
rhailib/examples/access_control/main.rs Normal file
View File

@@ -0,0 +1,172 @@
use rhai_dispatcher::RhaiDispatcherBuilder;
use rhailib_worker::spawn_rhai_worker;
use std::time::Duration;
use tempfile::Builder;
use tokio::sync::mpsc;
const ALICE_ID: &str = "alice_pk";
const BOB_ID: &str = "bob_pk";
const CHARLIE_ID: &str = "charlie_pk";
const CIRCLE_ID: &str = "circle_pk";
const REDIS_URL: &str = "redis://127.0.0.1/";
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
env_logger::Builder::from_env(env_logger::Env::default().default_filter_or("info")).init();
// Create a temporary directory for the database
let temp_dir = Builder::new().prefix("rhai-example").tempdir()?;
let db_path = temp_dir.path().to_str().unwrap().to_string();
// 1. Create a Rhai engine and register custom functionality
let engine = rhailib_engine::create_heromodels_engine();
// 2. Spawn the Rhai worker
let (shutdown_tx, shutdown_rx) = mpsc::channel(1);
let worker_handle = tokio::spawn(spawn_rhai_worker(
ALICE_ID.to_string(),
db_path.clone(),
engine,
REDIS_URL.to_string(),
shutdown_rx,
false, // use_sentinel
));
log::info!("Rhai worker spawned for circle: {}", ALICE_ID);
// Give the worker a moment to start up
tokio::time::sleep(Duration::from_secs(1)).await;
// Alice populates her rhai worker
let client_alice = RhaiDispatcherBuilder::new()
.redis_url(REDIS_URL)
.caller_id(ALICE_ID)
.build()
.unwrap();
client_alice
.new_play_request()
.worker_id(&ALICE_ID)
.context_id(&ALICE_ID)
.script_path("examples/access_control/alice.rhai")
.timeout(Duration::from_secs(10))
.await_response()
.await
.unwrap();
log::info!("Alice's database populated.");
// Bob queries Alice's rhai worker
let client_bob = RhaiDispatcherBuilder::new()
.redis_url(REDIS_URL)
.caller_id(BOB_ID)
.build()
.unwrap();
client_bob
.new_play_request()
.worker_id(&ALICE_ID)
.context_id(&ALICE_ID)
.script_path("examples/access_control/bob.rhai")
.timeout(Duration::from_secs(10))
.await_response()
.await
.unwrap();
log::info!("Bob's query to Alice's database completed.");
// Charlie queries Alice's rhai worker
let client_charlie = RhaiDispatcherBuilder::new()
.redis_url(REDIS_URL)
.caller_id(CHARLIE_ID)
.build()
.unwrap();
client_charlie
.new_play_request()
.worker_id(&ALICE_ID)
.context_id(&ALICE_ID)
.script_path("examples/access_control/charlie.rhai")
.timeout(Duration::from_secs(10))
.await_response()
.await
.unwrap();
log::info!("Charlie's query to Alice's database completed.");
// Spawn the Rhai worker for Alice's and Charlie's circle
let engine = rhailib_engine::create_heromodels_engine();
let (shutdown_tx, shutdown_rx) = mpsc::channel(1);
let worker_handle = tokio::spawn(spawn_rhai_worker(
CIRCLE_ID.to_string(),
db_path.clone(),
engine,
REDIS_URL.to_string(),
shutdown_rx,
false, // use_sentinel
));
// Alice populates the rhai worker of their circle with Charlie.
let client_circle = RhaiDispatcherBuilder::new()
.redis_url(REDIS_URL)
.caller_id(CIRCLE_ID)
.build()
.unwrap();
client_circle
.new_play_request()
.worker_id(&CIRCLE_ID)
.context_id(&CIRCLE_ID)
.script_path("examples/access_control/circle.rhai")
.timeout(Duration::from_secs(10))
.await_response()
.await
.unwrap();
log::info!("Circles's database populated.");
// Give the worker a moment to start up
tokio::time::sleep(Duration::from_secs(1)).await;
// Alice queries the rhai worker of their circle with Charlie.
client_alice
.new_play_request()
.worker_id(&CIRCLE_ID)
.context_id(&CIRCLE_ID)
.script_path("examples/access_control/alice.rhai")
.timeout(Duration::from_secs(10))
.await_response()
.await
.unwrap();
log::info!("Bob's query to Alice's database completed.");
// Charlie queries Alice's rhai worker
let client_charlie = RhaiDispatcherBuilder::new()
.redis_url(REDIS_URL)
.caller_id(CHARLIE_ID)
.build()
.unwrap();
client_charlie
.new_play_request()
.worker_id(&ALICE_ID)
.context_id(&ALICE_ID)
.script_path("examples/access_control/charlie.rhai")
.timeout(Duration::from_secs(10))
.await_response()
.await
.unwrap();
log::info!("Charlie's query to Alice's database completed.");
// 5. Shutdown the worker (optional, could also let it run until program exits)
log::info!("Signaling worker to shutdown...");
let _ = shutdown_tx.send(()).await;
if let Err(e) = worker_handle.await {
log::error!("Worker task panicked or encountered an error: {:?}", e);
}
log::info!("Worker shutdown complete.");
Ok(())
}

38
rhailib/examples/flows/new_create_payment_intent_error.rhai Normal file
View File

@@ -0,0 +1,38 @@
// Error handler for failed payment intent creation
// This script is triggered when a payment intent creation fails
print("❌ Payment Intent Creation Failed!");
print("==================================");
// The error data is available as 'parsed_error'
if parsed_error != () {
print(`Error: ${parsed_error}`);
// You can handle different types of errors
if parsed_error.contains("authentication") {
print("🔑 Authentication error - check API key");
// eval_file("flows/handle_auth_error.rhai");
} else if parsed_error.contains("insufficient_funds") {
print("💰 Insufficient funds error");
// eval_file("flows/handle_insufficient_funds.rhai");
} else if parsed_error.contains("card_declined") {
print("💳 Card declined error");
// eval_file("flows/handle_card_declined.rhai");
} else {
print("⚠️ General payment error");
// eval_file("flows/handle_general_payment_error.rhai");
}
// Log the error for monitoring
print("📊 Logging error for analytics...");
// eval_file("flows/log_payment_error.rhai");
// Notify relevant parties
print("📧 Sending error notifications...");
// eval_file("flows/send_error_notification.rhai");
} else {
print("⚠️ No error data received");
}
print("🔄 Error handling complete!");

34
rhailib/examples/flows/new_create_payment_intent_response.rhai Normal file
View File

@@ -0,0 +1,34 @@
// Response handler for successful payment intent creation
// This script is triggered when a payment intent is successfully created
print("✅ Payment Intent Created Successfully!");
print("=====================================");
// The response data is available as 'parsed_data'
if parsed_data != () {
print(`Payment Intent ID: ${parsed_data.id}`);
print(`Amount: ${parsed_data.amount}`);
print(`Currency: ${parsed_data.currency}`);
print(`Status: ${parsed_data.status}`);
if parsed_data.client_secret != () {
print(`Client Secret: ${parsed_data.client_secret}`);
}
// You can now trigger additional workflows
print("🔄 Triggering next steps...");
// Example: Send confirmation email
// eval_file("flows/send_payment_confirmation_email.rhai");
// Example: Update user account
// eval_file("flows/update_user_payment_status.rhai");
// Example: Log analytics event
// eval_file("flows/log_payment_analytics.rhai");
} else {
print("⚠️ No response data received");
}
print("🎉 Payment intent response processing complete!");

190
rhailib/examples/non_blocking_payment_test.rs Normal file
View File

@@ -0,0 +1,190 @@
//! Test example to verify non-blocking payment functions
//!
//! This example demonstrates that the payment functions return immediately
//! while HTTP requests happen in the background using tokio::spawn.
use rhai::{Engine, EvalAltResult};
use std::time::{Duration, Instant};
use tokio::time::sleep;
// Import the payment module registration function
// Note: You'll need to adjust this import based on your actual module structure
// use rhailib::dsl::payment::register_payment_rhai_module;
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
println!("🚀 Testing Non-Blocking Payment Functions");
println!("==========================================");
// Create a new Rhai engine
let mut engine = Engine::new();
// Register the payment module
// Uncomment this when the module is properly integrated:
// register_payment_rhai_module(&mut engine);
// Test script that demonstrates non-blocking behavior
let test_script = r#"
print("📝 Creating payment intent...");
let start_time = timestamp();
// Create a payment intent
let payment_intent = new_payment_intent()
.amount(2000)
.currency("usd")
.customer("cus_test123")
.description("Test payment for non-blocking verification");
print("🚀 Dispatching async payment intent creation...");
// This should return immediately - no blocking!
let result = payment_intent.create_async(
"test-worker-1",
"test-context-123",
"sk_test_fake_key_for_testing"
);
let end_time = timestamp();
let duration = end_time - start_time;
print(`✅ Function returned in ${duration}ms: ${result}`);
print("🔄 HTTP request is happening in background...");
// Test multiple concurrent requests
print("\n📊 Testing concurrent requests...");
let concurrent_start = timestamp();
// Create multiple payment intents concurrently
for i in 0..5 {
let intent = new_payment_intent()
.amount(1000 + i * 100)
.currency("usd")
.description(`Concurrent test ${i}`);
let result = intent.create_async(
`worker-${i}`,
`context-${i}`,
"sk_test_fake_key"
);
print(`Request ${i}: ${result}`);
}
let concurrent_end = timestamp();
let concurrent_duration = concurrent_end - concurrent_start;
print(`✅ All 5 concurrent requests dispatched in ${concurrent_duration}ms`);
print("🎯 This proves the functions are truly non-blocking!");
"#;
println!("⏱️ Measuring execution time...");
let start = Instant::now();
// Execute the test script
match engine.eval::<String>(test_script) {
Ok(_) => {
let duration = start.elapsed();
println!("✅ Script completed in: {:?}", duration);
println!("🎯 If this completed quickly (< 100ms), the functions are non-blocking!");
}
Err(e) => {
println!("❌ Script execution failed: {}", e);
println!("💡 Note: This is expected if the payment module isn't registered yet.");
println!(" The important thing is that when it works, it should be fast!");
}
}
// Demonstrate the difference with a blocking operation
println!("\n🐌 Comparing with a blocking operation...");
let blocking_start = Instant::now();
// Simulate a blocking HTTP request
sleep(Duration::from_millis(500)).await;
let blocking_duration = blocking_start.elapsed();
println!("⏳ Blocking operation took: {:?}", blocking_duration);
println!("\n📊 Performance Comparison:");
println!(" Non-blocking: < 100ms (immediate return)");
println!(" Blocking: {:?} (waits for completion)", blocking_duration);
println!("\n🎉 Test completed!");
println!("💡 The non-blocking implementation allows:");
println!(" ✓ Immediate function returns");
println!(" ✓ Concurrent request processing");
println!(" ✓ No thread blocking");
println!(" ✓ Better scalability");
Ok(())
}
#[cfg(test)]
mod tests {
use super::*;
use std::sync::atomic::{AtomicU32, Ordering};
use std::sync::Arc;
#[tokio::test]
async fn test_non_blocking_behavior() {
// This test verifies that multiple "requests" can be processed concurrently
let counter = Arc::new(AtomicU32::new(0));
let mut handles = vec![];
let start = Instant::now();
// Spawn multiple tasks that simulate the non-blocking payment functions
for i in 0..10 {
let counter_clone = counter.clone();
let handle = tokio::spawn(async move {
// Simulate the immediate return of our non-blocking functions
let _result = format!("payment_intent_request_dispatched_{}", i);
// Simulate the background HTTP work (but don't block the caller)
tokio::spawn(async move {
// This represents the actual HTTP request happening in background
sleep(Duration::from_millis(100)).await;
counter_clone.fetch_add(1, Ordering::SeqCst);
});
// Return immediately (non-blocking behavior)
_result
});
handles.push(handle);
}
// Wait for all the immediate returns (should be very fast)
for handle in handles {
let _result = handle.await.unwrap();
}
let immediate_duration = start.elapsed();
// The immediate returns should be very fast (< 50ms)
assert!(immediate_duration < Duration::from_millis(50),
"Non-blocking functions took too long: {:?}", immediate_duration);
// Wait a bit for background tasks to complete
sleep(Duration::from_millis(200)).await;
// Verify that background tasks eventually completed
assert_eq!(counter.load(Ordering::SeqCst), 10);
println!("✅ Non-blocking test passed!");
println!(" Immediate returns: {:?}", immediate_duration);
println!(" Background tasks: completed");
}
#[test]
fn test_data_structures() {
// Test that our data structures work correctly
use std::collections::HashMap;
// Test RhaiProduct builder pattern
let mut metadata = HashMap::new();
metadata.insert("test".to_string(), "value".to_string());
// These would be the actual structs from the payment module
// For now, just verify the test compiles
assert!(true, "Data structure test placeholder");
}
}

108
rhailib/examples/payment_usage_example.rhai Normal file
View File

@@ -0,0 +1,108 @@
// Example Rhai script demonstrating non-blocking payment functions
// This script shows how to use the new async payment functions
print("🚀 Non-Blocking Payment Example");
print("================================");
// Create a product asynchronously
print("📦 Creating product...");
let product = new_product()
.name("Premium Subscription")
.description("Monthly premium subscription service")
.metadata("category", "subscription")
.metadata("tier", "premium");
let product_result = product.create_async(
"payment-worker-1",
"product-context-123",
"sk_test_your_stripe_secret_key"
);
print(`Product creation dispatched: ${product_result}`);
// Create a price asynchronously
print("💰 Creating price...");
let price = new_price()
.amount(2999) // $29.99 in cents
.currency("usd")
.product("prod_premium_subscription") // Would be the actual product ID
.recurring("month")
.metadata("billing_cycle", "monthly");
let price_result = price.create_async(
"payment-worker-1",
"price-context-456",
"sk_test_your_stripe_secret_key"
);
print(`Price creation dispatched: ${price_result}`);
// Create a payment intent asynchronously
print("💳 Creating payment intent...");
let payment_intent = new_payment_intent()
.amount(2999)
.currency("usd")
.customer("cus_customer123")
.description("Premium subscription payment")
.add_payment_method_type("card")
.metadata("subscription_type", "premium")
.metadata("billing_period", "monthly");
let payment_result = payment_intent.create_async(
"payment-worker-1",
"payment-context-789",
"sk_test_your_stripe_secret_key"
);
print(`Payment intent creation dispatched: ${payment_result}`);
// Create a subscription asynchronously
print("📅 Creating subscription...");
let subscription = new_subscription()
.customer("cus_customer123")
.add_price("price_premium_monthly") // Would be the actual price ID
.trial_days(7)
.metadata("plan", "premium")
.metadata("source", "website");
let subscription_result = subscription.create_async(
"payment-worker-1",
"subscription-context-101",
"sk_test_your_stripe_secret_key"
);
print(`Subscription creation dispatched: ${subscription_result}`);
// Create a coupon asynchronously
print("🎫 Creating coupon...");
let coupon = new_coupon()
.duration("once")
.percent_off(20)
.metadata("campaign", "new_user_discount")
.metadata("valid_until", "2024-12-31");
let coupon_result = coupon.create_async(
"payment-worker-1",
"coupon-context-202",
"sk_test_your_stripe_secret_key"
);
print(`Coupon creation dispatched: ${coupon_result}`);
print("\n✅ All payment operations dispatched!");
print("🔄 HTTP requests are happening in the background");
print("📨 Response/error scripts will be triggered when complete");
print("\n📋 Summary:");
print(` Product: ${product_result}`);
print(` Price: ${price_result}`);
print(` Payment Intent: ${payment_result}`);
print(` Subscription: ${subscription_result}`);
print(` Coupon: ${coupon_result}`);
print("\n🎯 Key Benefits:");
print(" ✓ Immediate returns - no blocking");
print(" ✓ Concurrent processing capability");
print(" ✓ Event-driven response handling");
print(" ✓ No global state dependencies");
print(" ✓ Configurable per request");

2
rhailib/research/repl/.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
target
temp_db_for_example_worker_default_worker

Some files were not shown because too many files have changed in this diff Show More