greentic-start-dev 0.6.25001429544

Greentic lifecycle runner for start/restart/stop orchestration
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287

# Coding Agent Guide

This document is the operational source of truth for coding agents and maintainers working in `greentic-start`.

If you only want a gentle human introduction, read the [README](../README.md) first.

## What This Repo Owns

`greentic-start` owns local lifecycle execution for Greentic bundles.

In practice, that means:

- starting a bundle
- stopping a running bundle
- restarting selected services
- loading runtime config from the bundle
- launching local helper services
- exposing local ingress
- optionally exposing the admin API

It also contains app-flow execution glue around `greentic_runner_desktop::run_pack_with_options(...)`.

For broader ownership boundaries, see [ownership.md](ownership.md).

## The Commands

The `clap` surface is defined in [src/cli_args.rs](/projects/ai/greentic-ng/greentic-start/src/cli_args.rs:8).

Available commands:

- `greentic-start start`
- `greentic-start up`
- `greentic-start stop`
- `greentic-start restart`

Important behavior:

- `up` is an alias for `start`
- if no explicit subcommand is provided, argument normalization inserts `start`
- legacy `demo` prefix is stripped during argument normalization

That behavior lives in [src/cli_args.rs](/projects/ai/greentic-ng/greentic-start/src/cli_args.rs:201) and is wired in [src/lib.rs](/projects/ai/greentic-ng/greentic-start/src/lib.rs:79).

## How `start` Is Used

The usual entrypoint is:

```bash
greentic-start start --bundle /path/to/bundle
```

The runtime path is:

1. parse CLI args
2. normalize legacy/default command forms
3. resolve bundle/config paths
4. initialize logging
5. load runtime demo config
6. apply CLI overrides
7. apply tunnel behavior
8. start services and ingress

The main orchestration lives in [src/lib.rs](/projects/ai/greentic-ng/greentic-start/src/lib.rs:113) and [src/runtime.rs](/projects/ai/greentic-ng/greentic-start/src/runtime.rs:742).

## `start` Options

These are the supported `start` and `restart` flags from [src/cli_args.rs](/projects/ai/greentic-ng/greentic-start/src/cli_args.rs:24).

### Bundle and targeting

- `--bundle <path>`
  Points at the bundle root to run.
- `--config <path>`
  Uses an explicit runtime config path instead of bundle auto-resolution.
- `--tenant <name>`
  Overrides the tenant.
- `--team <name>`
  Overrides the team.

Bundle/config resolution is handled through [src/bundle_config.rs](/projects/ai/greentic-ng/greentic-start/src/bundle_config.rs:20).

### NATS

- `--nats off`
  Do not use NATS.
- `--nats on`
  Enable NATS and spawn the bundled/local runtime-managed instance.
- `--nats external`
  Use NATS without spawning it locally.
- `--nats-url <url>`
  Overrides the NATS URL.
- `--no-nats`
  Hidden legacy flag that conflicts with `--nats`.

The override behavior is implemented in [src/lib.rs](/projects/ai/greentic-ng/greentic-start/src/lib.rs:388).

Practical meaning:

- `off` disables NATS features
- `on` means `greentic-start` may spawn NATS
- `external` means the runtime expects an already-running NATS server

### Tunnels

- `--cloudflared on|off`
  Enables or disables Cloudflare Tunnel.
- `--cloudflared-binary <path>`
  Uses a specific `cloudflared` binary.
- `--ngrok on|off`
  Enables or disables ngrok.
- `--ngrok-binary <path>`
  Uses a specific `ngrok` binary.

Important automatic behavior from [src/lib.rs](/projects/ai/greentic-ng/greentic-start/src/lib.rs:194):

- if tunnel flags were not explicitly set, `.greentic/tunnel.json` may influence tunnel mode
- if no deployer packs are detected, local dev mode may auto-enable `cloudflared`
- if still not explicit, the runtime may prompt for tunnel selection in interactive use
- if `--ngrok on` and `--cloudflared on` are both present, `ngrok` wins unless you intentionally override the combination

### Runner selection

- `--runner-binary <path>`
  Uses a specific runner binary when external runner integration paths need it.

Note:

- app-flow execution in this repo also uses embedded desktop-runner execution via [src/runner_exec.rs](/projects/ai/greentic-ng/greentic-start/src/runner_exec.rs:28)
- do not assume `--runner-binary` changes every execution path

### Restart targeting

- `--restart all`
- `--restart cloudflared`
- `--restart ngrok`
- `--restart nats`
- `--restart gateway`
- `--restart egress`
- `--restart subscriptions`

These values are defined in [src/cli_args.rs](/projects/ai/greentic-ng/greentic-start/src/cli_args.rs:120).

Behavior:

- `restart` with no explicit targets becomes `all`
- targeted restarts affect service restart handling during startup/orchestration

That defaulting is applied in [src/lib.rs](/projects/ai/greentic-ng/greentic-start/src/lib.rs:85).

### Logging and terminal output

- `--log-dir <dir>`
  Writes logs to a specific directory.
- `--verbose`
  Sets higher terminal log detail.
- `--quiet`
  Reduces terminal noise.

Logging initialization happens in [src/lib.rs](/projects/ai/greentic-ng/greentic-start/src/lib.rs:137).

### Admin API

- `--admin`
  Enables the mTLS admin API endpoint.
- `--admin-port <port>`
  Sets the admin port. Default is `8443`.
- `--admin-certs-dir <dir>`
  Points at the cert directory containing `server.crt`, `server.key`, and `ca.crt`.
- `--admin-allowed-clients <cn1,cn2,...>`
  Restricts allowed client certificate common names.

The admin server is started from [src/lib.rs](/projects/ai/greentic-ng/greentic-start/src/lib.rs:337) and implemented in [src/admin_server.rs](/projects/ai/greentic-ng/greentic-start/src/admin_server.rs:77).

## `stop` Options

The `stop` command supports the flags defined in [src/cli_args.rs](/projects/ai/greentic-ng/greentic-start/src/cli_args.rs:64).

- `--bundle <path>`
- `--state-dir <path>`
- `--tenant <name>`
- `--team <name>`

The stop request entrypoint is [src/lib.rs](/projects/ai/greentic-ng/greentic-start/src/lib.rs:93).

Use `stop` when you want to shut down an already-running runtime cleanly.

## Automatic Behaviors Agents Must Remember

### Command normalization

- `greentic-start --bundle /tmp/x` behaves like `greentic-start start --bundle /tmp/x`
- `greentic-start demo start ...` still works because the legacy `demo` prefix is stripped

### GREENTIC environment defaults

At startup, [src/lib.rs](/projects/ai/greentic-ng/greentic-start/src/lib.rs:115) ensures:

- `GREENTIC_PROVIDER_CORE_ONLY=0`
- `GREENTIC_ENV=dev` if it is not already set

Do not accidentally break these unless the contract is intentionally changing.

### Setup-derived tunnel behavior

App startup currently consumes setup-derived tunnel configuration from `.greentic/tunnel.json`, but that does not mean all setup answers are automatically merged into app-flow runtime config.

### Provider setup versus app runtime

Provider setup has a dedicated persisted-config envelope flow:

- write config envelope in [src/provider_config_envelope.rs](/projects/ai/greentic-ng/greentic-start/src/provider_config_envelope.rs:59)
- read and reapply that config in [src/providers.rs](/projects/ai/greentic-ng/greentic-start/src/providers.rs:131)

App-flow execution is different:

- [src/messaging_app.rs](/projects/ai/greentic-ng/greentic-start/src/messaging_app.rs:205) forwards `input`, `tenant`, `team`, and `correlation_id`
- [src/event_router.rs](/projects/ai/greentic-ng/greentic-start/src/event_router.rs:30) forwards event payloads directly
- [src/runner_exec.rs](/projects/ai/greentic-ng/greentic-start/src/runner_exec.rs:100) passes the payload through as `RunOptions.input`

If you are debugging “why did my app node not receive setup config,” do not assume `greentic-start` automatically merges app setup values into `component.exec`.

## App Flow Execution Notes

The embedded app-flow runner path is in [src/runner_exec.rs](/projects/ai/greentic-ng/greentic-start/src/runner_exec.rs:28).

Current important details:

- flow input is written to the run directory as `input.json`
- `flow.log` is initialized under the bundle log directory
- secrets manager injection is passed into `RunOptions.secrets_manager`
- execution runs through `greentic_runner_desktop::run_pack_with_options(...)`

This is the first file to inspect when live bundle execution differs from direct runner behavior.

## Logs and State

Expect runtime data under the bundle:

- `logs/`
- `state/`
- `.greentic/`

Useful logs:

- `logs/operator.log`
- `logs/flow.log`

Useful run artifacts:

- `state/runs/.../input.json`
- `state/runs/.../run.json`
- `state/runs/.../summary.txt`

## Recommended Validation Commands

For this repo:

```bash
cargo check
cargo test
cargo build
```

For one test:

```bash
cargo test -p greentic-start test_name_here
```

For a fuller local pass:

```bash
bash ci/local_check.sh
```

## Documentation Rule For Future Changes

If you change:

- command flags
- startup defaults
- tunnel selection behavior
- restart semantics
- admin API behavior
- app-flow execution wiring

update this document and the human-facing [README](../README.md) together.