kodegen_tools_browser 0.10.11

KODEGEN.ᴀɪ: Memory-efficient, Blazing-Fast, MCP tools for code generation agents.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283

//! Browser instance manager for resource-efficient browser sharing
//!
//! Ensures only one browser runs at a time, shared across all tools.
//!
//! # Architecture
//!
//! Uses `Arc<Mutex<Option<BrowserWrapper>>>` pattern:
//! - Thread-safe lazy initialization via Mutex check
//! - Automatic browser launch on first use
//! - Shared access from multiple tools
//! - Proper cleanup on shutdown
//! - Health checking and automatic crash recovery
//!
//! # Async Lock Requirements
//!
//! CRITICAL: Must use `tokio::sync::Mutex`, NOT `parking_lot::RwLock`
//! - Browser operations are async (`.await` everywhere)
//! - Cannot hold sync locks across `.await` points
//! - tokio::sync::Mutex is Send-safe for async contexts
//!
//! Reference: packages/tools-citescrape/src/web_search/manager.rs

use anyhow::Result;
use chromiumoxide::page::Page;
use std::sync::{Arc, OnceLock};
use tokio::sync::Mutex;
use tracing::info;

use crate::browser::{BrowserWrapper, launch_browser};

// Global singleton instance
static GLOBAL_MANAGER: OnceLock<Arc<BrowserManager>> = OnceLock::new();

/// Singleton manager for browser instances with health checking and crash recovery
///
/// Manages browser lifecycle to ensure:
/// - Only one browser instance exists at a time (lazy-loaded)
/// - Automatic launch on first use (~2-3s first call, instant after)
/// - Health checking on every access to detect crashes
/// - Automatic crash recovery (transparent to callers)
/// - Thread-safe access from multiple tools
/// - Proper cleanup when dropped or shutdown
///
/// # Performance Characteristics
///
/// - First `get_or_launch()`: ~2-3 seconds (launches Chrome)
/// - Subsequent calls (healthy browser): ~10-50ms (health check + mutex lock)
/// - Recovery from crash: ~2-3 seconds (detects + closes + re-launches)
/// - Memory: ~150MB per browser instance (Chrome process)
///
/// # Health Checking and Crash Recovery
///
/// Every call to `get_or_launch()` performs a health check via `browser.version()`
/// CDP command. If the browser has crashed, it is automatically cleaned up and
/// a new instance is launched. This provides transparent recovery without requiring
/// MCP server restarts.
///
/// # Pattern Source
///
/// Based on: packages/tools-citescrape/src/web_search/manager.rs:14-122
pub struct BrowserManager {
    browser: Arc<Mutex<Option<BrowserWrapper>>>,
    current_page: Arc<Mutex<Option<Page>>>,
}

impl BrowserManager {
    /// Get the global singleton BrowserManager instance
    ///
    /// This ensures only one browser instance runs process-wide.
    /// All tools should use this method instead of creating their own managers.
    ///
    /// # Thread Safety
    /// Uses `OnceLock` for atomic initialization - safe to call from multiple threads.
    /// First caller initializes, concurrent callers block until initialization completes.
    ///
    /// # Performance
    /// - First call: ~50ns (creates BrowserManager struct)
    /// - Subsequent calls: ~5ns (atomic pointer load)
    /// - Browser launch still lazy on first `get_or_launch()` call (~2-3s)
    ///
    /// # Example
    /// ```rust
    /// let manager = BrowserManager::global();
    /// let browser_arc = manager.get_or_launch().await?;
    /// ```
    #[must_use]
    pub fn global() -> Arc<BrowserManager> {
        GLOBAL_MANAGER
            .get_or_init(|| Arc::new(BrowserManager::new()))
            .clone()
    }

    /// Create a new BrowserManager (private - use global() instead)
    ///
    /// Browser will be lazy-loaded on first `get_or_launch()` call.
    ///
    /// This is now private to prevent accidental creation of multiple managers.
    /// External code should use `BrowserManager::global()`.
    fn new() -> Self {
        Self {
            browser: Arc::new(Mutex::new(None)),
            current_page: Arc::new(Mutex::new(None)),
        }
    }

    /// Get or launch the shared browser instance with health checking and auto-recovery
    ///
    /// # Health Check and Recovery Flow
    /// 1. Lock browser mutex
    /// 2. If browser exists, check health via version() CDP command
    /// 3. If unhealthy, close crashed browser and remove from cache
    /// 4. If no browser or was unhealthy, launch new instance
    /// 5. Return healthy browser
    ///
    /// # First Call
    /// - ~2-3s (launches browser)
    ///
    /// # Subsequent Calls (healthy browser)
    /// - <1ms (mutex lock + Arc clone)
    ///
    /// # Recovery from Crash
    /// - ~2-3s (detects crash + closes + re-launches)
    /// - Automatic, no user intervention required
    ///
    /// # Returns
    /// Arc to the browser Mutex - caller locks it to access BrowserWrapper
    ///
    /// # Example
    /// ```rust
    /// let manager = BrowserManager::global();
    /// let browser_arc = manager.get_or_launch().await?;
    /// let browser_guard = browser_arc.lock().await;
    /// if let Some(wrapper) = browser_guard.as_ref() {
    ///     let page = wrapper.browser().new_page("https://httpbin.org/html").await?;
    /// }
    /// ```
    pub async fn get_or_launch(&self) -> Result<Arc<Mutex<Option<BrowserWrapper>>>> {
        let mut guard = self.browser.lock().await;

        // Health check: if browser exists, verify it's alive
        if let Some(wrapper) = guard.as_ref() {
            match wrapper.browser().version().await {
                Ok(_) => {
                    tracing::debug!("Browser health check passed, reusing existing browser");
                    // Browser is healthy, return it
                    drop(guard); // Release lock
                    return Ok(self.browser.clone());
                }
                Err(e) => {
                    tracing::warn!("Browser health check failed: {}. Triggering recovery...", e);

                    // Take ownership and clean up crashed browser
                    if let Some(mut crashed_wrapper) = guard.take() {
                        // Best-effort cleanup (may fail if process already dead)
                        let _ = crashed_wrapper.browser_mut().close().await;
                        let _ = crashed_wrapper.browser_mut().wait().await;
                        crashed_wrapper.cleanup_temp_dir();
                    }

                    tracing::info!("Crashed browser cleaned up, launching new instance");
                }
            }
        }

        // No browser exists or previous one crashed - launch new one
        tracing::info!("Launching browser (first time or after recovery)");
        let (browser, handler, user_data_dir) = launch_browser().await?;
        let wrapper = BrowserWrapper::new(browser, handler, user_data_dir);
        *guard = Some(wrapper);
        drop(guard);

        Ok(self.browser.clone())
    }

    /// Shutdown the browser if running
    ///
    /// Explicitly closes the browser process and cleans up resources.
    /// Safe to call multiple times (subsequent calls are no-ops).
    ///
    /// # Critical Implementation Note
    ///
    /// We must call BOTH:
    /// 1. `browser.close().await` - Sends close command to Chrome
    /// 2. `browser.wait().await` - Waits for process to fully exit
    ///
    /// WHY: `BrowserWrapper::drop()` only aborts the handler task.
    /// It does NOT close the browser process. Without explicit close(),
    /// Chrome process becomes a zombie and logs warnings.
    ///
    /// # Example from citescrape
    /// ```rust
    /// // packages/tools-citescrape/src/web_search/manager.rs:99-114
    /// if let Some(mut wrapper) = browser_lock.take() {
    ///     info!("Shutting down browser");
    ///     
    ///     // 1. Close the browser
    ///     if let Err(e) = wrapper.browser_mut().close().await {
    ///         tracing::warn!("Failed to close browser cleanly: {}", e);
    ///     }
    ///     
    ///     // 2. Wait for process to fully exit
    ///     if let Err(e) = wrapper.browser_mut().wait().await {
    ///         tracing::warn!("Failed to wait for browser exit: {}", e);
    ///     }
    ///     
    ///     // 3. Now drop the wrapper (calls handler.abort())
    ///     drop(wrapper);
    /// }
    /// ```
    ///
    /// Based on: packages/tools-citescrape/src/web_search/manager.rs:88-122
    pub async fn shutdown(&self) -> Result<()> {
        let mut guard = self.browser.lock().await;

        if let Some(mut wrapper) = guard.take() {
            info!("Shutting down browser");

            // Close browser gracefully
            if let Err(e) = wrapper.browser_mut().close().await {
                tracing::warn!("Failed to close browser cleanly: {}", e);
            }

            // Wait for process to fully exit
            if let Err(e) = wrapper.browser_mut().wait().await {
                tracing::warn!("Failed to wait for browser exit: {}", e);
            }

            // Cleanup temp directory
            wrapper.cleanup_temp_dir();

            drop(wrapper);
        }

        Ok(())
    }

    /// Get the current active page, if one exists
    ///
    /// Returns the page set by the most recent navigate() call.
    /// Other browser tools (type_text, click, etc.) should use this
    /// to get the page to interact with.
    pub async fn get_current_page(&self) -> Option<Page> {
        self.current_page.lock().await.clone()
    }

    /// Set the current active page
    ///
    /// Called by navigate() to store the page for other tools to use.
    /// Replaces any previously stored page (which gets automatically dropped/closed).
    pub async fn set_current_page(&self, page: Page) {
        *self.current_page.lock().await = Some(page);
    }

    /// Check if browser is currently running
    ///
    /// Non-blocking check of browser state.
    pub async fn is_browser_running(&self) -> bool {
        self.browser.lock().await.is_some()
    }
}

impl Drop for BrowserManager {
    fn drop(&mut self) {
        // Cleanup happens via BrowserWrapper::drop() automatically
        // However, this is NOT a clean shutdown - it only aborts the handler
        // For clean shutdown, call shutdown().await before dropping
        info!("BrowserManager dropping - browser will be cleaned up");
    }
}

// ShutdownHook implementation for MCP server integration
#[cfg(feature = "server")]
use kodegen_server_http::ShutdownHook;

#[cfg(feature = "server")]
impl ShutdownHook for BrowserManager {
    fn shutdown(&self) -> std::pin::Pin<Box<dyn std::future::Future<Output = Result<()>> + Send + '_>> {
        Box::pin(async move {
            BrowserManager::shutdown(self).await
        })
    }
}