diff --git a/HarborForge.Cli b/HarborForge.Cli index 9b3edc0..cc649a7 160000 --- a/HarborForge.Cli +++ b/HarborForge.Cli @@ -1 +1 @@ -Subproject commit 9b3edc0ede4a3ba84c121a1c69fa5c1bd1b9b995 +Subproject commit cc649a7fe27d0f2bc3b1790d0fa91931b35d0a02 diff --git a/plans/hf-cross-project-todo.md b/plans/hf-cross-project-todo.md index 5cdcfaa..e32faa3 100644 --- a/plans/hf-cross-project-todo.md +++ b/plans/hf-cross-project-todo.md @@ -10,186 +10,190 @@ - [ ] Finalize MVP scope for first shipping version of `hf` - [ ] Confirm which existing backend routes can be reused vs which new routes are needed -- [ ] Define canonical code-first lookup policy across all resources +- [x] Define canonical code-first lookup policy across all resources - [x] Define permission introspection strategy for `--help` / `--help-brief` - settled as: token → current user → user role → role permissions - `hf user create` remains a special account-manager-token flow and is not gated by ordinary user-token write permission -- [ ] Define JSON output contract for CLI list/get commands -- [ ] Define CLI exit code / stderr conventions +- [x] Define JSON output contract for CLI list/get commands + - current CLI contract: `--json` emits raw success payloads on stdout without a universal envelope; list/get responses should preserve canonical code-bearing fields when backend payloads provide them +- [x] Define CLI exit code / stderr conventions + - current CLI contract: success exits `0`; validation/runtime failures exit `1`; errors go to stderr and successful output goes to stdout - [ ] Define local plugin↔monitor communication protocol over `monitor_port` - [ ] Define release order across submodules - [ ] Define rollback strategy if plugin / monitor bridge is unavailable +> Note: the CLI contract items above are now documented from the currently implemented `HarborForge.Cli` behavior; they can still be refined later if a stricter release contract is needed. + --- ## 1. HarborForge.Cli ### 1.1 Go project scaffold -- [ ] Initialize Go module for `hf` -- [ ] Add binary entrypoint (`cmd/hf/main.go` or equivalent) -- [ ] Add internal package layout (`config`, `help`, `mode`, `passmgr`, `client`, `commands`) -- [ ] Add build instructions to `README.md` -- [ ] Add `.gitignore` for Go artifacts +- [x] Initialize Go module for `hf` +- [x] Add binary entrypoint (`cmd/hf/main.go` or equivalent) +- [x] Add internal package layout (`config`, `help`, `mode`, `passmgr`, `client`, `commands`) +- [x] Add build instructions to `README.md` +- [x] Add `.gitignore` for Go artifacts - [ ] Add repo-config-safe contribution note if needed ### 1.2 Runtime mode detection -- [ ] Implement `which pass_mgr` detection on startup -- [ ] Add runtime mode enum: padded-cell mode / manual mode -- [ ] Block manual credential flags in padded-cell mode -- [ ] Return exact error when forbidden manual token flags are used: - - [ ] `padded-cell installed, --token flag disabled, use command directly` -- [ ] Define equivalent handling for `--acc-mgr-token` and related manual secret flags +- [x] Implement `which pass_mgr` detection on startup +- [x] Add runtime mode enum: padded-cell mode / manual mode +- [x] Block manual credential flags in padded-cell mode +- [x] Return exact error when forbidden manual token flags are used: + - [x] `padded-cell installed, --token flag disabled, use command directly` +- [x] Define equivalent handling for `--acc-mgr-token` and related manual secret flags ### 1.3 Config handling -- [ ] Resolve binary directory correctly at runtime -- [ ] Read `/.hf-config.json` -- [ ] Write/update `base-url` via `hf config --url` -- [ ] Add config validation for malformed/missing config -- [ ] Add `hf config --acc-mgr-token` -- [ ] Implement `pass_mgr set --public --key hf-acc-mgr-token --secret ` -- [ ] Return exact error on failure: - - [ ] `--acc-mgr-token can only be set with padded-cell plugin` +- [x] Resolve binary directory correctly at runtime +- [x] Read `/.hf-config.json` +- [x] Write/update `base-url` via `hf config --url` +- [x] Add config validation for malformed/missing config +- [x] Add `hf config --acc-mgr-token` +- [x] Implement `pass_mgr set --public --key hf-acc-mgr-token --secret ` +- [x] Return exact error on failure: + - [x] `--acc-mgr-token can only be set with padded-cell plugin` ### 1.4 Help system -- [ ] Implement `hf --help` -- [ ] Implement `hf --help-brief` -- [ ] Implement ` --help` -- [ ] Implement ` --help-brief` -- [ ] Implement leaf command `--help` -- [ ] Implement leaf command `--help-brief` -- [ ] Show all subcommands in normal help, marking unavailable ones as `(not permitted)` -- [ ] Hide unavailable commands entirely in `--help-brief` -- [ ] Ensure leaf `--help` for unavailable commands only prints `not permitted` -- [ ] Hide manual auth flags from help in padded-cell mode -- [ ] Show required manual auth flags in help in manual mode -- [ ] Handle special help behavior for `hf user create` +- [x] Implement `hf --help` +- [x] Implement `hf --help-brief` +- [x] Implement ` --help` +- [x] Implement ` --help-brief` +- [x] Implement leaf command `--help` +- [x] Implement leaf command `--help-brief` +- [x] Show all subcommands in normal help, marking unavailable ones as `(not permitted)` +- [x] Hide unavailable commands entirely in `--help-brief` +- [x] Ensure leaf `--help` for unavailable commands only prints `not permitted` +- [x] Hide manual auth flags from help in padded-cell mode +- [x] Show required manual auth flags in help in manual mode +- [x] Handle special help behavior for `hf user create` ### 1.5 Auth/token resolution layer -- [ ] Implement shared normal token resolution helper -- [ ] In padded-cell mode, resolve via `pass_mgr get-secret --key hf-token` -- [ ] In manual mode, require explicit `--token` -- [ ] Emit exact error on missing manual token: - - [ ] `--token required or execute this with pcexec` -- [ ] Ensure `hf --help` never requires token -- [ ] Ensure subcommand help can render even when token is unavailable +- [x] Implement shared normal token resolution helper +- [x] In padded-cell mode, resolve via `pass_mgr get-secret --key hf-token` +- [x] In manual mode, require explicit `--token` +- [x] Emit exact error on missing manual token: + - [x] `--token required or execute this with pcexec` +- [x] Ensure `hf --help` never requires token +- [x] Ensure subcommand help can render even when token is unavailable ### 1.6 Output model -- [ ] Add default human-readable output mode -- [ ] Add `--json` output mode -- [ ] Ensure list outputs include canonical resource code fields -- [ ] Ensure machine-readable output is stable enough for agent use +- [x] Add default human-readable output mode +- [x] Add `--json` output mode +- [x] Ensure list outputs include canonical resource code fields +- [x] Ensure machine-readable output is stable enough for agent use ### 1.7 Base commands -- [ ] Implement `hf version` -- [ ] Implement `hf health` +- [x] Implement `hf version` +- [x] Implement `hf health` ### 1.8 User commands -- [ ] Implement `hf user create` -- [ ] Forbid `--token` on `hf user create` -- [ ] Do not support `--role` on `hf user create` -- [ ] Default created accounts to `guest` -- [ ] In padded-cell mode, auto-generate password with: - - [ ] `pass_mgr generate --key hf --username ` -- [ ] In padded-cell mode, auto-fetch account-manager token with: - - [ ] `pass_mgr get-secret --public --key hf-acc-mgr-token` -- [ ] Emit exact missing-password error: - - [ ] `--pass required or execute with pcexec` -- [ ] Emit exact missing-account-manager-token error: - - [ ] `--acc-mgr-token required or execute with pcexec` -- [ ] Implement `hf user list` -- [ ] Implement `hf user get ` -- [ ] Implement `hf user update ` -- [ ] Implement `hf user activate ` -- [ ] Implement `hf user deactivate ` -- [ ] Implement `hf user delete ` +- [x] Implement `hf user create` +- [x] Forbid `--token` on `hf user create` +- [x] Do not support `--role` on `hf user create` +- [x] Default created accounts to `guest` +- [x] In padded-cell mode, auto-generate password with: + - [x] `pass_mgr generate --key hf --username ` +- [x] In padded-cell mode, auto-fetch account-manager token with: + - [x] `pass_mgr get-secret --public --key hf-acc-mgr-token` +- [x] Emit exact missing-password error: + - [x] `--pass required or execute with pcexec` +- [x] Emit exact missing-account-manager-token error: + - [x] `--acc-mgr-token required or execute with pcexec` +- [x] Implement `hf user list` +- [x] Implement `hf user get ` +- [x] Implement `hf user update ` +- [x] Implement `hf user activate ` +- [x] Implement `hf user deactivate ` +- [x] Implement `hf user delete ` ### 1.9 Role / permission commands -- [ ] Implement `hf role list` -- [ ] Implement `hf role get ` -- [ ] Implement `hf role create` -- [ ] Implement `hf role update` -- [ ] Implement `hf role delete` -- [ ] Implement `hf permission list` -- [ ] Implement `hf role set-permissions` -- [ ] Implement `hf role add-permissions` -- [ ] Implement `hf role remove-permissions` +- [x] Implement `hf role list` +- [x] Implement `hf role get ` +- [x] Implement `hf role create` +- [x] Implement `hf role update` +- [x] Implement `hf role delete` +- [x] Implement `hf permission list` +- [x] Implement `hf role set-permissions` +- [x] Implement `hf role add-permissions` +- [x] Implement `hf role remove-permissions` ### 1.10 Project / milestone commands -- [ ] Implement `hf project list` -- [ ] Implement `hf project get ` -- [ ] Implement `hf project create` -- [ ] Implement `hf project update ` -- [ ] Implement `hf project delete ` -- [ ] Implement `hf project members ` -- [ ] Implement `hf project add-member ` -- [ ] Implement `hf project remove-member ` -- [ ] Implement `hf milestone list --project ` -- [ ] Implement `hf milestone get ` -- [ ] Implement `hf milestone create` -- [ ] Implement `hf milestone update ` -- [ ] Implement `hf milestone delete ` -- [ ] Implement `hf milestone progress ` +- [x] Implement `hf project list` +- [x] Implement `hf project get ` +- [x] Implement `hf project create` +- [x] Implement `hf project update ` +- [x] Implement `hf project delete ` +- [x] Implement `hf project members ` +- [x] Implement `hf project add-member ` +- [x] Implement `hf project remove-member ` +- [x] Implement `hf milestone list --project ` +- [x] Implement `hf milestone get ` +- [x] Implement `hf milestone create` +- [x] Implement `hf milestone update ` +- [x] Implement `hf milestone delete ` +- [x] Implement `hf milestone progress ` ### 1.11 Task commands -- [ ] Implement `hf task list` -- [ ] Add filters: - - [ ] `--project ` - - [ ] `--milestone ` - - [ ] `--status ` - - [ ] `--taken-by ` - - [ ] `--due-today ` - - [ ] repeated `--order-by ` -- [ ] Implement `hf task get ` -- [ ] Implement `hf task create` -- [ ] Implement `hf task update ` -- [ ] Implement `hf task transition ` -- [ ] Implement `hf task take ` -- [ ] Return clear error when task is already taken by someone else -- [ ] Return clear error when caller lacks permission to take task -- [ ] Implement `hf task delete ` -- [ ] Implement `hf task search` +- [x] Implement `hf task list` +- [x] Add filters: + - [x] `--project ` + - [x] `--milestone ` + - [x] `--status ` + - [x] `--taken-by ` + - [x] `--due-today ` + - [x] repeated `--order-by ` +- [x] Implement `hf task get ` +- [x] Implement `hf task create` +- [x] Implement `hf task update ` +- [x] Implement `hf task transition ` +- [x] Implement `hf task take ` +- [x] Return clear error when task is already taken by someone else +- [x] Return clear error when caller lacks permission to take task +- [x] Implement `hf task delete ` +- [x] Implement `hf task search` ### 1.12 Meeting commands -- [ ] Implement `hf meeting list` -- [ ] Implement `hf meeting get ` -- [ ] Implement `hf meeting create` -- [ ] Implement `hf meeting update ` -- [ ] Implement `hf meeting attend ` -- [ ] Ensure attend adds caller to participant list -- [ ] Implement `hf meeting delete ` +- [x] Implement `hf meeting list` +- [x] Implement `hf meeting get ` +- [x] Implement `hf meeting create` +- [x] Implement `hf meeting update ` +- [x] Implement `hf meeting attend ` +- [x] Ensure attend adds caller to participant list +- [x] Implement `hf meeting delete ` ### 1.13 Support commands -- [ ] Implement `hf support list` -- [ ] Implement `hf support get ` -- [ ] Implement `hf support create` -- [ ] Implement `hf support update ` -- [ ] Implement `hf support take ` -- [ ] Implement `hf support transition ` -- [ ] Implement `hf support delete ` +- [x] Implement `hf support list` +- [x] Implement `hf support get ` +- [x] Implement `hf support create` +- [x] Implement `hf support update ` +- [x] Implement `hf support take ` +- [x] Implement `hf support transition ` +- [x] Implement `hf support delete ` ### 1.14 Propose commands -- [ ] Implement `hf propose list --project ` -- [ ] Implement `hf propose get ` -- [ ] Implement `hf propose create` -- [ ] Implement `hf propose update ` -- [ ] Implement `hf propose accept --milestone ` -- [ ] Implement `hf propose reject ` -- [ ] Implement `hf propose reopen ` +- [x] Implement `hf propose list --project ` +- [x] Implement `hf propose get ` +- [x] Implement `hf propose create` +- [x] Implement `hf propose update ` +- [x] Implement `hf propose accept --milestone ` +- [x] Implement `hf propose reject ` +- [x] Implement `hf propose reopen ` ### 1.15 Monitor commands -- [ ] Implement `hf monitor overview` -- [ ] Implement `hf monitor server list` -- [ ] Implement `hf monitor server get ` -- [ ] Implement `hf monitor server create --identifier ` -- [ ] Implement `hf monitor server delete ` -- [ ] Implement `hf monitor api-key generate ` -- [ ] Implement `hf monitor api-key revoke ` +- [x] Implement `hf monitor overview` +- [x] Implement `hf monitor server list` +- [x] Implement `hf monitor server get ` +- [x] Implement `hf monitor server create --identifier ` +- [x] Implement `hf monitor server delete ` +- [x] Implement `hf monitor api-key generate ` +- [x] Implement `hf monitor api-key revoke ` ### 1.16 CLI packaging / release - [ ] Add cross-platform build targets if needed - [ ] Add release artifact naming for `hf` - [ ] Add install documentation -- [ ] Add shell examples for padded-cell and manual mode +- [x] Add shell examples for padded-cell and manual mode ---