ralph-workflow 0.7.18

PROMPT-driven multi-agent orchestrator for git repos
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311

//! File I/O hardening utilities for `.agent/` files.
//!
//! This module focuses on preventing partial writes and catching obvious
//! corruption (e.g. zero-length or binary files) in small, text-based agent
//! artifacts like `PLAN.md` and `commit-message.txt`.

use std::path::Path;

use crate::workspace::Workspace;

// Clock-read helper in boundary module (io.rs stem → exempt from forbid_read_clock).
include!("io.rs");

/// Maximum reasonable file size for agent text files (10MB).
pub const MAX_AGENT_FILE_SIZE: u64 = 10 * 1024 * 1024;

/// Write file content atomically using the workspace abstraction.
///
/// This delegates to `Workspace::write_atomic()` which:
/// - In production (`WorkspaceFs`): Uses temp file + rename for true atomicity
/// - In tests (`MemoryWorkspace`): Simple write (in-memory is inherently atomic)
///
/// This ensures the file is either fully written or not written at all,
/// preventing partial writes or corruption from crashes/interruptions.
///
/// # Arguments
///
/// * `workspace` - The workspace for file operations
/// * `path` - Relative path within the workspace
/// * `content` - Content to write
///
/// # Errors
///
/// Returns error if the operation fails.
pub fn write_file_atomic_with_workspace(
    workspace: &dyn Workspace,
    path: &Path,
    content: &str,
) -> std::io::Result<()> {
    workspace.write_atomic(path, content)
}

/// Validate that a file is readable UTF-8 text and within size limits using workspace.
///
/// This is the workspace-based version of `verify_file_not_corrupted`.
///
/// Returns `Ok(true)` if the file appears valid, `Ok(false)` if corrupt, or `Err`
/// on access error.
///
/// # Arguments
///
/// * `workspace` - The workspace for file operations
/// * `path` - Relative path within the workspace
///
/// # Errors
///
/// Returns error if the operation fails.
pub fn verify_file_not_corrupted_with_workspace(
    workspace: &dyn Workspace,
    path: &Path,
) -> std::io::Result<bool> {
    let content = workspace.read_bytes(path)?;

    // Check size limits
    if content.is_empty() || content.len() as u64 > MAX_AGENT_FILE_SIZE {
        return Ok(false);
    }

    // Check if valid UTF-8
    let Ok(text) = String::from_utf8(content) else {
        return Ok(false);
    };

    // Null bytes are a simple indicator of binary corruption.
    Ok(!text.contains('\0'))
}

/// Verify that the filesystem is ready for `.agent/` file operations.
///
/// Checks:
/// - Directory exists and is writable
/// - No obviously stale lock files (best-effort)
///
/// Verify that the filesystem is ready for `.agent/` file operations using workspace.
///
/// This is the workspace-based version of `check_filesystem_ready`.
///
/// Checks:
/// - Directory exists and is writable (creates if needed)
/// - No obviously stale lock files (best-effort)
///
/// # Arguments
///
/// * `workspace` - The workspace for file operations
/// * `path` - Relative path within the workspace to check
///
/// # Errors
///
/// Returns error if the operation fails.
pub fn check_filesystem_ready_with_workspace(
    workspace: &dyn Workspace,
    path: &Path,
) -> std::io::Result<()> {
    // Create directory if it doesn't exist
    if !workspace.is_dir(path) {
        workspace.create_dir_all(path)?;
    }

    // Check writability using a tiny temp file
    let test_file = path.join(".write_test");
    workspace.write(&test_file, "test")?;
    workspace.remove(&test_file)?;

    // Best-effort stale lock detection: fail only on clear cases.
    if let Some(lock_file) = workspace
        .read_dir(path)
        .ok()
        .and_then(|entries| find_stale_lock(&entries))
    {
        return Err(std::io::Error::other(format!(
            "Stale lock file found: {lock_file}"
        )));
    }

    Ok(())
}

/// Check if a specific XML file is writable and clean up if locked.
///
/// This function performs a surgical check on critical XML files to detect
/// if they are locked by stale processes. It attempts to:
/// 1. Test writability by appending and removing a blank line
/// 2. Detect if file is locked (permission denied during write)
/// 3. Optionally force cleanup of the locked file
///
/// # Arguments
///
/// * `xml_path` - Path to the XML file to check
/// * `force_cleanup` - If true, delete the file if it's locked
///
/// # Returns
///
/// - `Ok(true)` - File is writable
/// - `Ok(false)` - File doesn't exist (not an error)
/// - `Err(...)` - File is locked or not writable
///
/// Check if XML file is writable using workspace abstraction.
///
/// Note: In `MemoryWorkspace`, files are always considered writable since there's
/// no concept of file locking. This function is primarily for testability.
///
/// # Arguments
///
/// * `workspace` - The workspace for file operations
/// * `xml_path` - Relative path to the XML file
/// * `force_cleanup` - If true, delete the file
///
/// # Returns
///
/// - `Ok(true)` - File exists and is writable
/// - `Ok(false)` - File doesn't exist (not an error)
/// - `Err(...)` - File access error
///
/// # Errors
///
/// Returns error if the operation fails.
pub fn check_xml_file_writable_with_workspace(
    workspace: &dyn Workspace,
    xml_path: &Path,
    force_cleanup: bool,
) -> std::io::Result<bool> {
    // If file doesn't exist, it's writable (we can create it)
    if !workspace.exists(xml_path) {
        return Ok(false);
    }

    if force_cleanup {
        workspace.remove(xml_path)?;
        return Ok(false);
    }

    let content = workspace.read(xml_path)?;
    workspace.write(xml_path, &content)?;
    Ok(true)
}

/// Check if a specific XML file is writable before agent retry using workspace.
///
/// This function detects and cleans up locked files from previous agent runs.
///
/// # Arguments
///
/// * `workspace` - The workspace for file operations
/// * `xml_path` - Relative path to the XML file
/// * `logger` - Logger for diagnostic messages
///
/// # Returns
///
/// `Ok(())` if file is writable or was successfully cleaned up.
/// `Err(...)` if cleanup failed.
///
/// # Errors
///
/// Returns error if the operation fails.
pub fn check_and_cleanup_xml_before_retry_with_workspace(
    workspace: &dyn Workspace,
    xml_path: &Path,
    logger: &crate::logger::Logger,
) -> std::io::Result<()> {
    match check_xml_file_writable_with_workspace(workspace, xml_path, false) {
        Ok(true | false) => Ok(()),
        Err(e) => {
            logger.warn(&format!(
                "XML file {} error: {}. Attempting cleanup...",
                xml_path.display(),
                e
            ));

            match check_xml_file_writable_with_workspace(workspace, xml_path, true) {
                Ok(_) => {
                    logger.info(&format!(
                        "Successfully cleaned up file: {}",
                        xml_path.display()
                    ));
                    Ok(())
                }
                Err(cleanup_err) => {
                    logger.error(&format!(
                        "Failed to cleanup file {}: {}",
                        xml_path.display(),
                        cleanup_err
                    ));
                    Err(cleanup_err)
                }
            }
        }
    }
}

/// Check and clean up all XML files in .agent/tmp/ directory using workspace.
///
/// This is the workspace-based version of `cleanup_stale_xml_files`.
///
/// # Arguments
///
/// * `workspace` - The workspace for file operations
/// * `tmp_dir` - Relative path to .agent/tmp/ directory
/// * `force_cleanup` - If true, delete files
///
/// # Returns
///
/// A summary of what was found and cleaned up.
///
/// # Errors
///
/// Returns error if the operation fails.
pub fn cleanup_stale_xml_files_with_workspace(
    workspace: &dyn Workspace,
    tmp_dir: &Path,
    force_cleanup: bool,
) -> std::io::Result<String> {
    if !workspace.is_dir(tmp_dir) {
        return Ok("Directory doesn't exist yet - nothing to clean".to_string());
    }

    let entries = workspace.read_dir(tmp_dir)?;

    let results: Vec<_> = entries
        .iter()
        .filter_map(|entry| {
            let path = entry.path();
            let extension = path.extension().and_then(|s| s.to_str())?;
            if extension != "xml" {
                return None;
            }
            Some((path, extension == "xml"))
        })
        .collect();

    let (writable, cleaned, report): (usize, usize, Vec<String>) = if force_cleanup {
        let cleaned: Vec<_> = results
            .iter()
            .filter(|(path, _)| workspace.exists(path))
            .filter_map(|(path, _)| {
                workspace.remove(path).ok()?;
                Some(format!("  🗑 Removed file: {}", path.display()))
            })
            .collect();
        (0, cleaned.len(), cleaned)
    } else {
        let report: Vec<_> = results
            .iter()
            .map(|(path, _)| format!("{} is writable", path.display()))
            .collect();
        (results.len(), 0, report)
    };

    let summary = format!(
        "XML file check complete: {} writable, {} locked, {} cleaned",
        writable, 0, cleaned
    );

    if report.is_empty() {
        Ok(summary)
    } else {
        Ok(format!("{}\n{}", summary, report.join("\n")))
    }
}

#[cfg(test)]
mod tests;