feat(arcrun): implement arcrun MVP — open-source AI workflow engine

Phase 1-5 complete per .agents/specs/u6u-core-mvp/:

**Phase 1 — Cherry-pick & cleanup**
- Create arcrun/ from cypher-executor, credentials, builtins, registry
- Remove 9 InkStone Service Bindings (KBDB, REGISTRY, CLINIC_*, AICEO, MINI_ME)
- Rewrite component-loader: 3-layer (builtin → WASM_BUCKET R2 → error)
- Remove autoPublishMissing.ts, proxy.ts (AICEO), execution-logger.ts (KBDB)
- Clean all KV namespace IDs and InkStone internal URLs from config files

**Phase 2 — contract.yaml completeness**
- Add credentials_required to gmail, google_sheets, telegram, line_notify
- Add config_example to all 21 components with annotated field descriptions

**Phase 3 — Credential injection**
- Add credential-injector.ts: AES-GCM decrypt from CREDENTIALS_KV
- Integrate into GraphExecutor before WASM execution
- Structured errors with repair instructions when credential missing

**Phase 4 — CLI (acr)**
- cli/package.json: arcrun package, bin: acr, deps: commander/js-yaml/chalk/ora
- 8 commands: init, creds push, push, run, validate, parts, list, logs
- Standard mode: writes directly to user's CF KV via CF REST API
- acr init: interactive setup with arcrun.dev API Key registration

**Phase 5 — Open source release prep**
- README.md: 5-minute quickstart, component table, workflow YAML syntax
- CONTRIBUTING.md: TinyGo dev env, component scaffolding, submission flow
- Security audit: no InkStone internal URLs/IDs in committed files
- .gitignore: exclude credentials.yaml, .wrangler, *.wasm

https://claude.ai/code/session_01BnCdSLVH8tUed9VrrPavgT
This commit is contained in:
Claude
2026-04-16 04:06:25 +00:00
commit 2707fca32b
155 changed files with 17413 additions and 0 deletions
+93
View File
@@ -0,0 +1,93 @@
// 單元測試:sandboxAcceptance
// Requirements: 2.1, 2.2
import { describe, it, expect } from 'vitest';
import { runSandboxAcceptance } from '../src/actions/sandboxAcceptance';
import type { ComponentContract } from '../src/types';
const BASE_CONTRACT: ComponentContract = {
canonical_id: 'validate_json',
display_name: 'JSON 格式驗證器',
category: 'logic',
version: 'v1',
wasi_target: 'preview1',
stability: 'floating',
runtime_compat: ['cf-workers', 'wazero'],
constraints: {
max_size_kb: 100,
max_cold_start_ms: 50,
no_network_syscall: true,
io_model: 'stdin_stdout_json',
},
input_schema: { type: 'object' },
output_schema: { type: 'object' },
gherkin_tests: [
{ scenario: 'happy', given: '{}', then_contains: '{}' },
{ scenario: 'error', given: '{}', then_contains: '{}' },
],
};
// 建立合法的小型 WASM(最小 WASM magic + version header
function makeMinimalWasm(extraBytes = 0): Uint8Array {
const magic = [0x00, 0x61, 0x73, 0x6d]; // \0asm
const version = [0x01, 0x00, 0x00, 0x00];
const padding = new Array(extraBytes).fill(0x00);
return new Uint8Array([...magic, ...version, ...padding]);
}
describe('runSandboxAcceptance', () => {
it('合法小型 WASM 通過所有步驟', () => {
const wasm = makeMinimalWasm(10);
const result = runSandboxAcceptance(wasm, BASE_CONTRACT);
expect(result.success).toBe(true);
expect(result.component_id).toBe('validate_json');
expect(result.version).toBe('v1');
});
it('步驟 (a):體積超過上限時失敗', () => {
// max_size_kb = 1,但 wasm 超過 1KB
const contract = { ...BASE_CONTRACT, constraints: { ...BASE_CONTRACT.constraints, max_size_kb: 1 } };
const wasm = makeMinimalWasm(2000); // > 1KB
const result = runSandboxAcceptance(wasm, contract);
expect(result.success).toBe(false);
expect(result.failed_step).toBe('size_check');
expect(result.reason).toContain('超過上限');
expect(result.guide_anchor).toBeDefined();
expect(result.component_id).toBe('validate_json');
expect(result.version).toBe('v1');
});
it('步驟 (c):含禁止 syscall 時失敗', () => {
// 在 wasm bytes 中嵌入禁止的 syscall 字串
const syscallStr = 'sock_connect';
const encoder = new TextEncoder();
const syscallBytes = encoder.encode(syscallStr);
const wasm = new Uint8Array([0x00, 0x61, 0x73, 0x6d, 0x01, 0x00, 0x00, 0x00, ...syscallBytes]);
const result = runSandboxAcceptance(wasm, BASE_CONTRACT);
expect(result.success).toBe(false);
expect(result.failed_step).toBe('syscall_scan');
expect(result.reason).toContain('sock_connect');
expect(result.guide_anchor).toBe('#syscall-constraints');
});
it('步驟 (c):含 path_open 時失敗', () => {
const encoder = new TextEncoder();
const syscallBytes = encoder.encode('path_open');
const wasm = new Uint8Array([0x00, 0x61, 0x73, 0x6d, 0x01, 0x00, 0x00, 0x00, ...syscallBytes]);
const result = runSandboxAcceptance(wasm, BASE_CONTRACT);
expect(result.success).toBe(false);
expect(result.failed_step).toBe('syscall_scan');
});
it('size_check 失敗後不執行後續步驟(含禁止 syscall 的大型 wasm', () => {
// 同時違反 size_check 和 syscall_scan
const encoder = new TextEncoder();
const syscallBytes = encoder.encode('sock_connect');
const padding = new Uint8Array(2000); // > 1KB
const wasm = new Uint8Array([0x00, 0x61, 0x73, 0x6d, 0x01, 0x00, 0x00, 0x00, ...syscallBytes, ...padding]);
const contract = { ...BASE_CONTRACT, constraints: { ...BASE_CONTRACT.constraints, max_size_kb: 1 } };
const result = runSandboxAcceptance(wasm, contract);
// 應在 size_check 就停止,不到 syscall_scan
expect(result.failed_step).toBe('size_check');
});
});