feat: Webhook system + CLI tool #2
133
README.md
133
README.md
@@ -1,68 +1,91 @@
|
||||
# HarborForge Project Plan
|
||||
# HarborForge Backend
|
||||
|
||||
## Overview
|
||||
HarborForge is a dual UI/automation platform where humans + AI agents operate through a unified issue-driven workflow. The plan below tracks the Python/FastAPI backend, React frontend, and Python CLI, designed to run on a 1 vCPU + 1 GB RAM Docker Compose stack with MySQL persistence.
|
||||
Agent/人类协同任务管理平台 - FastAPI 后端
|
||||
|
||||
## Workstreams & Task Breakdown
|
||||
## API Endpoints (21)
|
||||
|
||||
### 1. Architecture & Platform Foundation
|
||||
- Document system components: API service, React SPA, Python CLI/bot runner, MySQL, webhook dispatcher, optional worker queue.
|
||||
- Define communication contracts (REST+webhook) and env/secret management.
|
||||
- Create Docker Compose template with lightweight images, explicit resource limits, and volumes for logs/database.
|
||||
- Include `AbstractWizard` initializer as part of deploy script; link to `https://git.hangman-lab.top/hzhang/AbstractWizard` and capture expectations from its README.
|
||||
- Set up logging/metrics hooks (stdout, log file rotation) and persistence directories on shared volume.
|
||||
### Auth
|
||||
- `POST /auth/token` - 登录获取 JWT token
|
||||
- `GET /auth/me` - 获取当前用户信息
|
||||
|
||||
### 2. Authentication & Role-Based Access
|
||||
- Integrate OIDC standard login flow for UI; CLI uses credential files with no interactive login.
|
||||
- Establish credential lifecycle:
|
||||
- Credentials have expiry timestamps and remain in DB flagged as expired.
|
||||
- On usage of expired credential, return new credential + confirmation requirement.
|
||||
- Confirmation must reach backend within 1 minute.
|
||||
- Any random reuse of old credential 3–5 times before confirmation results in deletion; future calls require re-authentication (password/OIDC) to issue a new credential.
|
||||
- Store credential files via `--creds /path` or `HARBORFORGE_CREDENTIAL` env, support rotation via API.
|
||||
- Define RBAC model per project (roles: admin/dev/mgr/ops); admin user created during initialization.
|
||||
- Build admin-only endpoints/UI/CLI to manage roles, permissions, and project assignments.
|
||||
### Issues
|
||||
- `POST /issues` - 创建 issue(支持 resolution 决议案类型)
|
||||
- `GET /issues` - 列表(支持按 project/status/type 过滤)
|
||||
- `GET /issues/{id}` - 详情
|
||||
- `PATCH /issues/{id}` - 更新
|
||||
- `DELETE /issues/{id}` - 删除
|
||||
- `POST /issues/{id}/transition` - 状态变更(触发 webhook)
|
||||
- `GET /search/issues?q=keyword` - 搜索
|
||||
|
||||
### 3. Core Issue/Work Item Platform
|
||||
- Design issue model that supports multiple types (task/story/test), state transitions, dependencies, tags, priority, comments.
|
||||
- Support multi-account/role membership per project and enforce permission matrix at API layer.
|
||||
- Guarantee every user-facing action can be invoked via API/CLI.
|
||||
- Catalog automation touchpoints (issue lifecycle updates, script triggers, deployment actions) for future extension.
|
||||
### Comments
|
||||
- `POST /comments` - 创建评论
|
||||
- `GET /issues/{id}/comments` - 列表
|
||||
- `PATCH /comments/{id}` - 更新
|
||||
- `DELETE /comments/{id}` - 删除
|
||||
|
||||
### 4. Frontend (React)
|
||||
- Define app routes: dashboard, board/list, issue detail, role/project admin, audit/log viewer, automation console.
|
||||
- Implement state management (React Query or equivalent) matching API structure.
|
||||
- Provide UI components for admin role management + webhook configuration.
|
||||
- Surface webhook events and automation status, letting users inspect audit entries.
|
||||
### Projects
|
||||
- `POST /projects` - 创建
|
||||
- `GET /projects` - 列表
|
||||
- `GET /projects/{id}` - 详情
|
||||
- `PATCH /projects/{id}` - 更新
|
||||
- `DELETE /projects/{id}` - 删除
|
||||
|
||||
### 5. CLI & Automation Surface
|
||||
- Build interactive Python CLI mirroring UI flows; commands are rendered differently but invoke same backend APIs.
|
||||
- CLI uses credential files or env tokens; includes runtime prompts for confirmation when credential rotation occurs.
|
||||
- Bot agent runner polls API for pending automations, executes scripts, and emits callbacks via webhook.
|
||||
- Document CLI command set (issue CRUD, role management, automation triggers, logs) and error handling.
|
||||
### Project Members
|
||||
- `POST /projects/{id}/members` - 添加成员
|
||||
- `GET /projects/{id}/members` - 列表
|
||||
- `DELETE /projects/{id}/members/{user_id}` - 移除
|
||||
|
||||
### 6. API Coverage & Webhooks
|
||||
- Enumerate APIs for all core operations: issues, comments, projects, roles, credentials, automation scripts, audit logs.
|
||||
- Design webhook schema and catalog events to support: issue lifecycle, authentication events, automation/script completion.
|
||||
- Ensure webhook delivery is authenticated and configurable; details to be defined during implementation.
|
||||
- Provide API for credential confirmation flows and for requesting new credentials after deletion.
|
||||
### Users
|
||||
- `POST /users` - 注册
|
||||
- `GET /users` - 列表
|
||||
- `GET /users/{id}` - 详情
|
||||
- `PATCH /users/{id}` - 更新
|
||||
|
||||
### 7. Observability & Logging
|
||||
- Log all API invocations to a file on Docker-mounted volume, capped at 10 MB with rotation.
|
||||
- Keep a webhook audit log (which event, trigger source, response status) for troubleshooting.
|
||||
- Provide endpoints/UI to browse recent logs (within retention threshold).
|
||||
### Webhooks
|
||||
- `POST /webhooks` - 创建
|
||||
- `GET /webhooks` - 列表
|
||||
- `GET /webhooks/{id}` - 详情
|
||||
- `PATCH /webhooks/{id}` - 更新
|
||||
- `DELETE /webhooks/{id}` - 删除
|
||||
- `GET /webhooks/{id}/logs` - 投递日志
|
||||
|
||||
### 8. Deployment & Security Posture
|
||||
- Keep `ufw` locked down on `vps.t1` and rely on SSH tunnels (`ssh -L`) for UI/CLI testing.
|
||||
- Document CLI/agent testing setup (SSH tunnel commands, env vars) so Zhi/Hangman can coordinate.
|
||||
- Outline backup strategy for MySQL data directory within the Compose stack.
|
||||
- Confirm `AbstractWizard` handles initial admin/project creation; fall back to Zhi if issues arise.
|
||||
### System
|
||||
- `GET /health` - 健康检查
|
||||
- `GET /version` - 版本信息
|
||||
- `GET /dashboard/stats` - 统计面板
|
||||
|
||||
### 9. Collaboration & Delivery Rhythm
|
||||
- Maintain the new channel with templates for requirements, story cards, milestones, and progress updates.
|
||||
- Use channel to publish deliverables (architecture doc, API spec, deployment instructions, automation scenarios).
|
||||
- Record testing points for UI/CLI without prescribing steps; let Hangman/Zhi define the execution details.
|
||||
## CLI
|
||||
|
||||
---
|
||||
```bash
|
||||
# 环境变量
|
||||
export HARBORFORGE_URL=http://localhost:8000
|
||||
export HARBORFORGE_TOKEN=<your-token>
|
||||
|
||||
Need any section expanded into user stories or backlog cards next?
|
||||
# 命令
|
||||
python3 cli.py login <username> <password>
|
||||
python3 cli.py issues [-p project_id] [-t type] [-s status]
|
||||
python3 cli.py create-issue "title" -p 1 -r 1 [-t resolution --summary "..." --positions "..." --pending "..."]
|
||||
python3 cli.py search "keyword"
|
||||
python3 cli.py transition <issue_id> <new_status>
|
||||
python3 cli.py stats [-p project_id]
|
||||
python3 cli.py projects
|
||||
python3 cli.py users
|
||||
python3 cli.py health
|
||||
python3 cli.py version
|
||||
```
|
||||
|
||||
## 技术栈
|
||||
|
||||
- Python 3.11 + FastAPI
|
||||
- SQLAlchemy + MySQL
|
||||
- JWT (python-jose)
|
||||
- Docker
|
||||
|
||||
## Issue Types
|
||||
|
||||
| Type | 用途 |
|
||||
|------|------|
|
||||
| task | 普通任务 |
|
||||
| story | 用户故事 |
|
||||
| test | 测试用例 |
|
||||
| resolution | 决议案(Agent 僵局提交)|
|
||||
|
||||
Reference in New Issue
Block a user