Files
wehub-resource-sync 426e9eeabd
Benchmark Bridge Tests / benchmark (bunx @biomejs/biome check packages/lifeops-bench/src, benchmark-lint) (push) Waiting to run
Benchmark Bridge Tests / benchmark (bunx vitest run --config packages/lifeops-bench/vitest.config.ts --root packages/lifeops-bench --passWithNoTests, benchmark-tests) (push) Waiting to run
Build Agent Image / build-and-push (push) Waiting to run
Chat shell gestures / Chat shell gesture + parity e2e (push) Waiting to run
Cloud Gateway Discord / Test (push) Waiting to run
Cloud Gateway Webhook / Test (push) Waiting to run
Cloud Tests / lint-and-types (push) Waiting to run
Cloud Tests / unit-tests (push) Waiting to run
Cloud Tests / integration-tests (push) Waiting to run
Cloud Tests / e2e-tests (push) Blocked by required conditions
CodeQL Advanced / Analyze (javascript-typescript) (push) Waiting to run
Deploy Apps Worker (Product 2) / Determine environment (push) Waiting to run
Deploy Apps Worker (Product 2) / Deploy apps worker to apps-control host (${{ needs.determine-env.outputs.environment }}) (push) Blocked by required conditions
Deploy Eliza Provisioning Worker / Determine environment (push) Waiting to run
Deploy Eliza Provisioning Worker / Deploy worker to Hetzner host (${{ needs.determine-env.outputs.environment }} @ ${{ needs.determine-env.outputs.deployment_sha }}) (push) Blocked by required conditions
Dev Smoke / Classify changed paths (push) Waiting to run
Dev Smoke / bun run dev onboarding chat (push) Blocked by required conditions
Dev Smoke / Vite HMR dependency-level smoke (push) Blocked by required conditions
Electrobun Submodule Guard / electrobun gitlink is fetchable (push) Waiting to run
Publish @elizaos/example-code / check_npm (push) Waiting to run
Publish @elizaos/example-code / publish_npm (push) Blocked by required conditions
Publish @elizaos/plugin-elizacloud / verify_version (push) Waiting to run
Publish @elizaos/plugin-elizacloud / publish_npm (push) Blocked by required conditions
Sandbox Live Smoke / Sandbox live smoke (push) Waiting to run
Snap Build & Test / Build Snap (amd64) (push) Waiting to run
Snap Build & Test / Build Snap (arm64) (push) Waiting to run
supply-chain / sbom (push) Waiting to run
supply-chain / vulnerability-scan (push) Waiting to run
Build, Push & Deploy to Phala Cloud / build-and-push (push) Waiting to run
Test Packaging / Validate Packaging Configs (push) Waiting to run
Test Packaging / PyPI on Python ${{ matrix.python }} (push) Waiting to run
Test Packaging / Pack & Test JS Tarballs (push) Waiting to run
Test Packaging / elizaos CLI global-install smoke (node + bun) (push) Waiting to run
UI Fixture E2E / ui-fixture-e2e (push) Waiting to run
UI Fixture E2E / fixture-e2e (push) Waiting to run
UI Story Gate / story-gate (push) Waiting to run
vault-ci / test (macos-latest) (push) Waiting to run
vault-ci / test (ubuntu-latest) (push) Waiting to run
vault-ci / test (windows-latest) (push) Waiting to run
vault-ci / app-core wiring tests (push) Waiting to run
verify-patches / verify patches/CHECKSUMS.sha256 (push) Waiting to run
Voice Benchmark Smoke / voice-emotion fixture smoke (push) Waiting to run
Voice Benchmark Smoke / voiceagentbench fixture smoke (push) Waiting to run
Voice Benchmark Smoke / voicebench-quality unit smoke (push) Waiting to run
Voice Benchmark Smoke / voicebench TypeScript unit (no audio) (push) Waiting to run
Voice Benchmark Smoke / voice bench smoke summary (push) Blocked by required conditions
Windows CI / windows ([bun run --cwd packages/app-core test bun run --cwd packages/elizaos test bun run --cwd packages/cloud/shared test], app-and-cli) (push) Waiting to run
Windows CI / windows ([bun run --cwd packages/scenario-runner test bun run --cwd packages/vault test bun run --cwd packages/security test bun run --cwd plugins/plugin-coding-tools test], framework-packages) (push) Waiting to run
Windows CI / windows ([bun run --cwd plugins/plugin-elizacloud test bun run --cwd plugins/plugin-discord test bun run --cwd plugins/plugin-anthropic test bun run --cwd plugins/plugin-openai test bun run --cwd plugins/plugin-app-control test bun run --cwd plugins/pl… (push) Waiting to run
Windows CI / windows ([node packages/scripts/run-turbo.mjs run build --filter=@elizaos/core --filter=@elizaos/shared --filter=@elizaos/agent --concurrency=4 node packages/scripts/run-bash-linux-only.mjs scripts/verify-riscv64-buildpaths.sh node packages/scripts/run… (push) Waiting to run
Windows CI / windows ([node packages/scripts/run-turbo.mjs run typecheck --filter=@elizaos/core --filter=@elizaos/shared --filter=@elizaos/cloud-shared --concurrency=4 bun run --cwd packages/core test bun run --cwd packages/shared test], core-runtime, 75) (push) Waiting to run
Test Packaging / Build & Test PyPI Package (push) Waiting to run
Voice Workbench / headless workbench (mocked backends) (push) Has been cancelled
Voice Workbench / real acoustic lane (nightly, provisioned only) (push) Has been cancelled
ci / test (push) Has been cancelled
ci / lint-and-format (push) Has been cancelled
ci / build (push) Has been cancelled
ci / dev-startup (push) Has been cancelled
gitleaks / gitleaks (push) Has been cancelled
Markdown Links / Relative Markdown Links (push) Has been cancelled
Quality (Extended) / Homepage Build (PR smoke) (push) Has been cancelled
Quality (Extended) / Comment-only diff guard (push) Has been cancelled
Quality (Extended) / Format + Type Safety Ratchet (push) Has been cancelled
Quality (Extended) / Develop Gate (secret scan + UI determinism) (push) Has been cancelled
Quality (Extended) / Develop Gate (lint) (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 12:43:05 +08:00

280 lines
9.0 KiB
TypeScript

/**
* Offline composed end-to-end check for multi-account coding-agent selection.
*
* Proves the WHOLE pipeline through real code, no server / no live OAuth:
* real app-core AccountPool (reading real-format credential files in a temp
* state dir) → installed globalThis selector bridge → orchestrator
* AcpService.spawnSession → a REAL spawned subprocess that receives the
* injected per-account credential and records it.
*
* The only stand-in is the coding-agent binary itself (a tiny fake "acpx" that
* logs its injected env and exits 0) — exactly the piece your real Claude/Codex
* subscription CLI provides. Point ELIZA_ACP_CLI at the real binary + connect
* real accounts to run the same flow for true live-key validation.
*
* Run: bun --conditions=eliza-source \
* plugins/plugin-agent-orchestrator/scripts/compose-multi-account-e2e.ts
*/
import {
chmodSync,
mkdtempSync,
readFileSync,
rmSync,
writeFileSync,
} from "node:fs";
import { tmpdir } from "node:os";
import path from "node:path";
import { saveAccount } from "@elizaos/auth/account-storage";
// Import the pool from app-core SRC, not the package barrel: app-core has no
// `eliza-source` export condition, so the barrel resolves to (possibly stale)
// dist — which may predate the coding-agent selector bridge. The src path
// guarantees we install the bridge under test.
import { getDefaultAccountPool } from "../../../packages/app-core/src/services/account-pool.ts";
import { AcpService } from "../src/services/acp-service.ts";
const FAR_FUTURE = Date.now() + 10 * 365 * 24 * 60 * 60 * 1000;
const home = mkdtempSync(path.join(tmpdir(), "ma-compose-e2e-"));
process.env.ELIZA_HOME = home;
process.env.ELIZA_STATE_DIR = home;
process.env.ELIZA_ACP_STATE_DIR = path.join(home, "acp");
// Parent creds that MUST be dropped so the selected account authenticates.
process.env.ANTHROPIC_API_KEY = "sk-ant-api-PARENT-must-drop";
process.env.OPENAI_API_KEY = "sk-openai-PARENT-must-drop";
const proofFile = path.join(home, "agent-proof.jsonl");
process.env.ELIZA_MA_PROOF_FILE = proofFile; // ELIZA_ prefix → forwarded to child
// Fake "acpx": records the credentials injected into its env, then exits 0 so
// the session reaches `ready`. (Selection + injection happen on `sessions new`.)
const fakeCli = path.join(home, "fake-acpx.mjs");
writeFileSync(
fakeCli,
`#!/usr/bin/env node
import { appendFileSync } from "node:fs";
appendFileSync(process.env.ELIZA_MA_PROOF_FILE, JSON.stringify({
argv: process.argv.slice(2),
cwd: process.cwd(),
CLAUDE_CODE_OAUTH_TOKEN: process.env.CLAUDE_CODE_OAUTH_TOKEN ?? null,
CODEX_HOME: process.env.CODEX_HOME ?? null,
ANTHROPIC_API_KEY: process.env.ANTHROPIC_API_KEY ?? null,
OPENAI_API_KEY: process.env.OPENAI_API_KEY ?? null,
}) + "\\n");
process.exit(0);
`,
{ mode: 0o755 },
);
chmodSync(fakeCli, 0o755);
function mkAccount(
providerId: "anthropic-subscription" | "openai-codex",
id: string,
access: string,
organizationId?: string,
) {
saveAccount({
id,
providerId,
label: id,
source: "oauth",
credentials: { access, refresh: `${access}-r`, expires: FAR_FUTURE },
createdAt: Date.now(),
updatedAt: Date.now(),
...(organizationId ? { organizationId } : {}),
});
}
const checks: Array<{ name: string; ok: boolean; detail?: string }> = [];
function check(name: string, ok: boolean, detail?: string) {
checks.push({ name, ok, ...(detail ? { detail } : {}) });
}
function runtime() {
return {
logger: {
debug() {},
info() {},
warn() {},
error(...a: unknown[]) {
console.error("[acp]", ...a);
},
},
getSetting: (key: string) =>
({
ELIZA_ACP_TRANSPORT: "cli",
ELIZA_ACP_CLI: fakeCli,
ELIZA_CODING_ACCOUNT_STRATEGY: "least-used",
})[key],
services: new Map(),
} as never;
}
function readProof(): Array<Record<string, unknown>> {
try {
return readFileSync(proofFile, "utf-8")
.split("\n")
.filter(Boolean)
.map((l) => JSON.parse(l));
} catch {
return [];
}
}
async function main() {
mkAccount("anthropic-subscription", "claude-A", "oat-AAA");
mkAccount("anthropic-subscription", "claude-B", "oat-BBB");
mkAccount("openai-codex", "codex-A", "codex-tok", "org_codexA");
getDefaultAccountPool(); // installs the globalThis coding-agent selector bridge
const acp = new AcpService(runtime());
await acp.start();
const wd = path.join(home, "wd");
// Two consecutive Claude spawns must land on DISTINCT accounts (least-used).
const s1 = await acp.spawnSession({
agentType: "claude",
workdir: wd,
name: "c1",
});
const s2 = await acp.spawnSession({
agentType: "claude",
workdir: wd,
name: "c2",
});
const a1 = (s1.metadata as Record<string, unknown>)?.account as
| Record<string, unknown>
| undefined;
const a2 = (s2.metadata as Record<string, unknown>)?.account as
| Record<string, unknown>
| undefined;
check(
"claude spawn 1 selected an account",
Boolean(a1?.accountId),
String(a1?.accountId),
);
check(
"claude spawn 2 selected an account",
Boolean(a2?.accountId),
String(a2?.accountId),
);
check(
"two claude spawns used DISTINCT accounts (round-robin least-used)",
Boolean(a1?.accountId) && a1?.accountId !== a2?.accountId,
`${a1?.accountId} vs ${a2?.accountId}`,
);
// Follow-up prompts use the cli transport's fresh subprocess path. It must
// re-resolve credentials for the SAME selected session/account rather than
// drifting to a different least-used account.
await acp.sendToSession(s1.sessionId, "follow-up prompt for c1");
// One Codex spawn → per-account CODEX_HOME materialized.
const s3 = await acp.spawnSession({
agentType: "codex",
workdir: wd,
name: "x1",
});
const a3 = (s3.metadata as Record<string, unknown>)?.account as
| Record<string, unknown>
| undefined;
check(
"codex spawn selected the codex account",
a3?.providerId === "openai-codex",
String(a3?.accountId),
);
const proof = readProof();
const claudeLines = proof.filter(
(p) => typeof p.CLAUDE_CODE_OAUTH_TOKEN === "string",
);
const codexLines = proof.filter((p) => typeof p.CODEX_HOME === "string");
const claudeTokens = new Set(
claudeLines.map((p) => p.CLAUDE_CODE_OAUTH_TOKEN),
);
const argv = (p: Record<string, unknown>): string[] =>
Array.isArray(p.argv) ? p.argv.map(String) : [];
const hasArgs = (p: Record<string, unknown>, needles: string[]): boolean => {
const args = argv(p);
return needles.every((needle) => args.includes(needle));
};
const c1Spawn = claudeLines.find((p) =>
hasArgs(p, ["claude", "sessions", "new", "--name", "c1"]),
);
const c1FollowUp = claudeLines.find((p) =>
hasArgs(p, ["claude", "prompt", "-s", "c1"]),
);
check(
"real subprocess received an injected Claude OAuth token",
claudeLines.length >= 3,
`${claudeLines.length} claude invocations`,
);
check(
"the two Claude subprocesses got DISTINCT injected tokens",
claudeTokens.size >= 2,
[...claudeTokens].join(", "),
);
check(
"parent ANTHROPIC_API_KEY was DROPPED from claude subprocess env",
claudeLines.every((p) => p.ANTHROPIC_API_KEY === null),
);
check(
"Claude follow-up subprocess reused spawn 1's selected account token",
Boolean(c1Spawn?.CLAUDE_CODE_OAUTH_TOKEN) &&
c1Spawn?.CLAUDE_CODE_OAUTH_TOKEN === c1FollowUp?.CLAUDE_CODE_OAUTH_TOKEN,
`${String(c1Spawn?.CLAUDE_CODE_OAUTH_TOKEN)} -> ${String(
c1FollowUp?.CLAUDE_CODE_OAUTH_TOKEN,
)}`,
);
check(
"codex subprocess received a per-account CODEX_HOME",
codexLines.length >= 1 &&
String(codexLines[0]?.CODEX_HOME).includes("_codex-home"),
String(codexLines[0]?.CODEX_HOME),
);
check(
"parent OPENAI_API_KEY was DROPPED from codex subprocess env",
codexLines.every((p) => p.OPENAI_API_KEY === null),
);
// The materialized auth.json carries the selected account's token + account_id.
const codexHome = String(codexLines[0]?.CODEX_HOME ?? "");
let authOk = false;
try {
const authJson = JSON.parse(
readFileSync(path.join(codexHome, "auth.json"), "utf-8"),
);
authOk =
authJson.auth_mode === "chatgpt" &&
authJson.tokens?.access_token === "codex-tok" &&
authJson.tokens?.account_id === "org_codexA";
} catch {
authOk = false;
}
check(
"codex auth.json has the selected account's token + account_id",
authOk,
);
await acp.stop();
}
main()
.then(() => {
const failed = checks.filter((c) => !c.ok);
for (const c of checks) {
console.log(
`${c.ok ? "PASS" : "FAIL"} ${c.name}${c.detail ? ` [${c.detail}]` : ""}`,
);
}
console.log(
`\n${checks.length - failed.length}/${checks.length} checks passed`,
);
rmSync(home, { recursive: true, force: true });
process.exit(failed.length === 0 ? 0 : 1);
})
.catch((err) => {
console.error("E2E harness error:", err);
rmSync(home, { recursive: true, force: true });
process.exit(2);
});