attune-system/attune
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
966a5af188d7cdefcceebea5fe06ca4f98a2c14a
attune/crates/worker/src/executor.rs

614 lines
22 KiB
Rust
Raw Blame History

//! Action Executor Module
//!
//! Coordinates the execution of actions by managing the runtime,
//! loading action data, preparing execution context, and collecting results.
use attune_common::error::{Error, Result};
use attune_common::models::{runtime::Runtime as RuntimeModel, Action, Execution, ExecutionStatus};
use attune_common::repositories::execution::{ExecutionRepository, UpdateExecutionInput};
use attune_common::repositories::{FindById, Update};
use serde_json::Value as JsonValue;
use sqlx::PgPool;
use std::collections::HashMap;
use std::path::PathBuf;
use tracing::{debug, error, info, warn};
use crate::artifacts::ArtifactManager;
use crate::runtime::{ExecutionContext, ExecutionResult, RuntimeRegistry};
use crate::secrets::SecretManager;
/// Action executor that orchestrates execution flow
pub struct ActionExecutor {
pool: PgPool,
runtime_registry: RuntimeRegistry,
artifact_manager: ArtifactManager,
secret_manager: SecretManager,
max_stdout_bytes: usize,
max_stderr_bytes: usize,
packs_base_dir: PathBuf,
api_url: String,
}
impl ActionExecutor {
/// Create a new action executor
pub fn new(
pool: PgPool,
runtime_registry: RuntimeRegistry,
artifact_manager: ArtifactManager,
secret_manager: SecretManager,
max_stdout_bytes: usize,
max_stderr_bytes: usize,
packs_base_dir: PathBuf,
api_url: String,
) -> Self {
Self {
pool,
runtime_registry,
artifact_manager,
secret_manager,
max_stdout_bytes,
max_stderr_bytes,
packs_base_dir,
api_url,
}
}
/// Execute an action for the given execution
pub async fn execute(&self, execution_id: i64) -> Result<ExecutionResult> {
info!("Starting execution: {}", execution_id);
// Update execution status to running
if let Err(e) = self
.update_execution_status(execution_id, ExecutionStatus::Running)
.await
{
error!("Failed to update execution status to running: {}", e);
return Err(e);
}
// Load execution from database
let execution = self.load_execution(execution_id).await?;
// Load action from database
let action = self.load_action(&execution).await?;
// Prepare execution context
let context = match self.prepare_execution_context(&execution, &action).await {
Ok(ctx) => ctx,
Err(e) => {
error!("Failed to prepare execution context: {}", e);
self.handle_execution_failure(execution_id, None).await?;
return Err(e);
}
};
// Execute the action
// Note: execute_action should rarely return Err - most failures should be
// captured in ExecutionResult with non-zero exit codes
let result = match self.execute_action(context).await {
Ok(result) => result,
Err(e) => {
error!("Action execution failed catastrophically: {}", e);
// This should only happen for unrecoverable errors like runtime not found
self.handle_execution_failure(execution_id, None).await?;
return Err(e);
}
};
// Store artifacts
if let Err(e) = self.store_execution_artifacts(execution_id, &result).await {
warn!("Failed to store artifacts: {}", e);
// Don't fail the execution just because artifact storage failed
}
// Update execution with result
let is_success = result.is_success();
debug!(
"Execution {} result: exit_code={}, error={:?}, is_success={}",
execution_id, result.exit_code, result.error, is_success
);
if is_success {
self.handle_execution_success(execution_id, &result).await?;
} else {
self.handle_execution_failure(execution_id, Some(&result))
.await?;
}
info!(
"Execution {} completed: {}",
execution_id,
if result.is_success() {
"success"
} else {
"failed"
}
);
Ok(result)
}
/// Load execution from database
async fn load_execution(&self, execution_id: i64) -> Result<Execution> {
debug!("Loading execution: {}", execution_id);
ExecutionRepository::find_by_id(&self.pool, execution_id)
.await?
.ok_or_else(|| Error::not_found("Execution", "id", execution_id.to_string()))
}
/// Load action from database using execution data
async fn load_action(&self, execution: &Execution) -> Result<Action> {
debug!("Loading action: {}", execution.action_ref);
// Try to load by action ID if available
if let Some(action_id) = execution.action {
let action = sqlx::query_as::<_, Action>("SELECT * FROM action WHERE id = $1")
.bind(action_id)
.fetch_optional(&self.pool)
.await?;
if let Some(action) = action {
return Ok(action);
}
}
// Otherwise, parse action_ref and query by pack.ref + action.ref
let parts: Vec<&str> = execution.action_ref.split('.').collect();
if parts.len() != 2 {
return Err(Error::validation(format!(
"Invalid action reference format: {}. Expected format: pack.action",
execution.action_ref
)));
}
let pack_ref = parts[0];
let action_ref = parts[1];
// Query action by pack ref and action ref
let action = sqlx::query_as::<_, Action>(
r#"
SELECT a.*
FROM action a
JOIN pack p ON a.pack = p.id
WHERE p.ref = $1 AND a.ref = $2
"#,
)
.bind(pack_ref)
.bind(action_ref)
.fetch_optional(&self.pool)
.await?
.ok_or_else(|| Error::not_found("Action", "ref", execution.action_ref.clone()))?;
Ok(action)
}
/// Prepare execution context from execution and action data
async fn prepare_execution_context(
&self,
execution: &Execution,
action: &Action,
) -> Result<ExecutionContext> {
debug!(
"Preparing execution context for execution: {}",
execution.id
);
// Extract parameters from execution config
let mut parameters = HashMap::new();
if let Some(config) = &execution.config {
info!("Execution config present: {:?}", config);
// Try to get parameters from config.parameters first
if let Some(params) = config.get("parameters") {
info!("Found config.parameters key");
if let JsonValue::Object(map) = params {
for (key, value) in map {
parameters.insert(key.clone(), value.clone());
}
}
} else if let JsonValue::Object(map) = config {
info!("No config.parameters key, treating entire config as parameters");
// If no parameters key, treat entire config as parameters
// (this handles rule action_params being placed at root level)
for (key, value) in map {
// Skip special keys that aren't action parameters
if key != "context" && key != "env" {
info!("Adding parameter: {} = {:?}", key, value);
parameters.insert(key.clone(), value.clone());
} else {
info!("Skipping special key: {}", key);
}
}
} else {
info!("Config is not an Object, cannot extract parameters");
}
} else {
info!("No execution config present");
}
info!(
"Extracted {} parameters: {:?}",
parameters.len(),
parameters
);
// Prepare standard environment variables
let mut env = HashMap::new();
// Standard execution context variables (see docs/QUICKREF-execution-environment.md)
env.insert("ATTUNE_EXEC_ID".to_string(), execution.id.to_string());
env.insert("ATTUNE_ACTION".to_string(), execution.action_ref.clone());
env.insert("ATTUNE_API_URL".to_string(), self.api_url.clone());
// TODO: Generate execution-scoped API token
// For now, set placeholder to maintain interface compatibility
env.insert("ATTUNE_API_TOKEN".to_string(), "".to_string());
// Add rule and trigger context if execution was triggered by enforcement
if let Some(enforcement_id) = execution.enforcement {
if let Ok(Some(enforcement)) = sqlx::query_as::<
_,
attune_common::models::event::Enforcement,
>("SELECT * FROM enforcement WHERE id = $1")
.bind(enforcement_id)
.fetch_optional(&self.pool)
.await
{
env.insert("ATTUNE_RULE".to_string(), enforcement.rule_ref);
env.insert("ATTUNE_TRIGGER".to_string(), enforcement.trigger_ref);
}
}
// Add context data as environment variables from config
if let Some(config) = &execution.config {
if let Some(context) = config.get("context") {
if let JsonValue::Object(map) = context {
for (key, value) in map {
let env_key = format!("ATTUNE_CONTEXT_{}", key.to_uppercase());
let env_value = match value {
JsonValue::String(s) => s.clone(),
JsonValue::Number(n) => n.to_string(),
JsonValue::Bool(b) => b.to_string(),
_ => serde_json::to_string(value)?,
};
env.insert(env_key, env_value);
}
}
}
}
// Fetch secrets (passed securely via stdin, not environment variables)
let secrets = match self.secret_manager.fetch_secrets_for_action(action).await {
Ok(secrets) => {
debug!(
"Fetched {} secrets for action {} (will be passed via stdin)",
secrets.len(),
action.r#ref
);
secrets
}
Err(e) => {
warn!("Failed to fetch secrets for action {}: {}", action.r#ref, e);
// Don't fail the execution if secrets can't be fetched
// Some actions may not require secrets
HashMap::new()
}
};
// Determine entry point from action
let entry_point = action.entrypoint.clone();
// Default timeout: 5 minutes (300 seconds)
// In the future, this could come from action metadata or execution config
let timeout = Some(300_u64);
// Load runtime information if specified
let runtime_name = if let Some(runtime_id) = action.runtime {
match sqlx::query_as::<_, RuntimeModel>("SELECT * FROM runtime WHERE id = $1")
.bind(runtime_id)
.fetch_optional(&self.pool)
.await
{
Ok(Some(runtime)) => {
debug!(
"Loaded runtime '{}' for action '{}'",
runtime.name, action.r#ref
);
Some(runtime.name.to_lowercase())
}
Ok(None) => {
warn!(
"Runtime ID {} not found for action '{}'",
runtime_id, action.r#ref
);
None
}
Err(e) => {
warn!(
"Failed to load runtime {} for action '{}': {}",
runtime_id, action.r#ref, e
);
None
}
}
} else {
None
};
// Construct code_path for pack actions
// Pack actions have their script files in packs/{pack_ref}/actions/{entrypoint}
let code_path = if action.pack_ref.starts_with("core") || !action.is_adhoc {
// This is a pack action, construct the file path
let action_file_path = self
.packs_base_dir
.join(&action.pack_ref)
.join("actions")
.join(&entry_point);
if action_file_path.exists() {
Some(action_file_path)
} else {
warn!(
"Action file not found at {:?} for action {}",
action_file_path, action.r#ref
);
None
}
} else {
None // Ad-hoc actions don't have files
};
// For shell actions without a file, use the entrypoint as inline code
let code = if runtime_name.as_deref() == Some("shell") && code_path.is_none() {
Some(entry_point.clone())
} else {
None
};
let context = ExecutionContext {
execution_id: execution.id,
action_ref: execution.action_ref.clone(),
parameters,
env,
secrets, // Passed securely via stdin
timeout,
working_dir: None, // Could be configured per action
entry_point,
code,
code_path,
runtime_name,
max_stdout_bytes: self.max_stdout_bytes,
max_stderr_bytes: self.max_stderr_bytes,
parameter_delivery: action.parameter_delivery,
parameter_format: action.parameter_format,
output_format: action.output_format,
};
Ok(context)
}
/// Execute the action using the runtime registry
async fn execute_action(&self, context: ExecutionContext) -> Result<ExecutionResult> {
debug!("Executing action: {}", context.action_ref);
let runtime = self
.runtime_registry
.get_runtime(&context)
.map_err(|e| Error::Internal(e.to_string()))?;
let result = runtime
.execute(context)
.await
.map_err(|e| Error::Internal(e.to_string()))?;
Ok(result)
}
/// Store execution artifacts (logs, results)
async fn store_execution_artifacts(
&self,
execution_id: i64,
result: &ExecutionResult,
) -> Result<()> {
debug!("Storing artifacts for execution: {}", execution_id);
// Store logs
self.artifact_manager
.store_logs(execution_id, &result.stdout, &result.stderr)
.await?;
// Store result if available
if let Some(result_data) = &result.result {
self.artifact_manager
.store_result(execution_id, result_data)
.await?;
}
Ok(())
}
/// Handle successful execution
async fn handle_execution_success(
&self,
execution_id: i64,
result: &ExecutionResult,
) -> Result<()> {
info!(
"Execution {} succeeded (exit_code={}, duration={}ms)",
execution_id, result.exit_code, result.duration_ms
);
// Build comprehensive result with execution metadata
let exec_dir = self.artifact_manager.get_execution_dir(execution_id);
let mut result_data = serde_json::json!({
"exit_code": result.exit_code,
"duration_ms": result.duration_ms,
"succeeded": true,
});
// Include stdout content directly in result
if !result.stdout.is_empty() {
result_data["stdout"] = serde_json::json!(result.stdout);
}
// Include stderr log path only if stderr is non-empty and non-whitespace
if !result.stderr.trim().is_empty() {
let stderr_path = exec_dir.join("stderr.log");
result_data["stderr_log"] = serde_json::json!(stderr_path.to_string_lossy());
}
// Include parsed result if available
if let Some(parsed_result) = &result.result {
result_data["data"] = parsed_result.clone();
}
let input = UpdateExecutionInput {
status: Some(ExecutionStatus::Completed),
result: Some(result_data),
executor: None,
workflow_task: None, // Not updating workflow metadata
};
ExecutionRepository::update(&self.pool, execution_id, input).await?;
Ok(())
}
/// Handle failed execution
async fn handle_execution_failure(
&self,
execution_id: i64,
result: Option<&ExecutionResult>,
) -> Result<()> {
if let Some(r) = result {
error!(
"Execution {} failed (exit_code={}, error={:?}, duration={}ms)",
execution_id, r.exit_code, r.error, r.duration_ms
);
} else {
error!("Execution {} failed during preparation", execution_id);
}
let exec_dir = self.artifact_manager.get_execution_dir(execution_id);
let mut result_data = serde_json::json!({
"succeeded": false,
});
// If we have execution result, include detailed information
if let Some(exec_result) = result {
result_data["exit_code"] = serde_json::json!(exec_result.exit_code);
result_data["duration_ms"] = serde_json::json!(exec_result.duration_ms);
if let Some(ref error) = exec_result.error {
result_data["error"] = serde_json::json!(error);
}
// Include stdout content directly in result
if !exec_result.stdout.is_empty() {
result_data["stdout"] = serde_json::json!(exec_result.stdout);
}
// Include stderr log path only if stderr is non-empty and non-whitespace
if !exec_result.stderr.trim().is_empty() {
let stderr_path = exec_dir.join("stderr.log");
result_data["stderr_log"] = serde_json::json!(stderr_path.to_string_lossy());
}
// Add truncation warnings if applicable
if exec_result.stdout_truncated {
result_data["stdout_truncated"] = serde_json::json!(true);
result_data["stdout_bytes_truncated"] =
serde_json::json!(exec_result.stdout_bytes_truncated);
}
if exec_result.stderr_truncated {
result_data["stderr_truncated"] = serde_json::json!(true);
result_data["stderr_bytes_truncated"] =
serde_json::json!(exec_result.stderr_bytes_truncated);
}
} else {
// No execution result available (early failure during setup/preparation)
// This should be rare - most errors should be captured in ExecutionResult
result_data["error"] = serde_json::json!("Execution failed during preparation");
warn!("Execution {} failed without ExecutionResult - this indicates an early/catastrophic failure", execution_id);
// Check if stderr log exists and is non-empty from artifact storage
let stderr_path = exec_dir.join("stderr.log");
if stderr_path.exists() {
if let Ok(contents) = tokio::fs::read_to_string(&stderr_path).await {
if !contents.trim().is_empty() {
result_data["stderr_log"] =
serde_json::json!(stderr_path.to_string_lossy());
}
}
}
// Check if stdout log exists from artifact storage
let stdout_path = exec_dir.join("stdout.log");
if stdout_path.exists() {
if let Ok(contents) = tokio::fs::read_to_string(&stdout_path).await {
if !contents.is_empty() {
result_data["stdout"] = serde_json::json!(contents);
}
}
}
}
let input = UpdateExecutionInput {
status: Some(ExecutionStatus::Failed),
result: Some(result_data),
executor: None,
workflow_task: None, // Not updating workflow metadata
};
ExecutionRepository::update(&self.pool, execution_id, input).await?;
Ok(())
}
/// Update execution status
async fn update_execution_status(
&self,
execution_id: i64,
status: ExecutionStatus,
) -> Result<()> {
debug!(
"Updating execution {} status to: {:?}",
execution_id, status
);
let input = UpdateExecutionInput {
status: Some(status),
result: None,
executor: None,
workflow_task: None, // Not updating workflow metadata
};
ExecutionRepository::update(&self.pool, execution_id, input).await?;
Ok(())
}
}
#[cfg(test)]
mod tests {
#[test]
fn test_parse_action_reference() {
let action_ref = "mypack.myaction";
let parts: Vec<&str> = action_ref.split('.').collect();
assert_eq!(parts.len(), 2);
assert_eq!(parts[0], "mypack");
assert_eq!(parts[1], "myaction");
}
#[test]
fn test_invalid_action_reference() {
let action_ref = "invalid";
let parts: Vec<&str> = action_ref.split('.').collect();
assert_eq!(parts.len(), 1);
}
}
Reference in New Issue View Git Blame Copy Permalink