4ae18536be
Adds an MCP tool wrapping the inventory-service /search/items endpoint with include_all_characters=true, so questions like 'find me a bracelet with Legendary Acid Ward on any unequipped char' resolve in ONE tool call instead of looping get_inventory over 60+ chars (which timed out at 120s). - agent/tools.py: search_items_global wrapper - agent/mcp_overlord.py: register new tool with detailed schema doc - agent/claude_wrapper.py: include in --allowed-tools whitelist; bump timeout 120s -> 240s - nginx/overlord.conf: bump /api/agent/ proxy timeout 180s -> 300s - CLAUDE.md: brief Claude to USE search_items for cross-char searches
210 lines
7.6 KiB
Python
210 lines
7.6 KiB
Python
"""Subprocess wrapper around `claude -p` (Claude Code in headless JSON mode).
|
|
|
|
Run from cwd=/home/erik/MosswartOverlord so:
|
|
• Sessions persist at ~/.claude/projects/-home-erik-MosswartOverlord/<uuid>.jsonl
|
|
• Project-level .mcp.json is auto-loaded
|
|
• CLAUDE.md in the repo root briefs the agent
|
|
|
|
The `--session-id` flag both creates a new session (first call) and resumes
|
|
an existing one (subsequent calls), so we don't need separate code paths.
|
|
"""
|
|
|
|
from __future__ import annotations
|
|
|
|
import asyncio
|
|
import json
|
|
import logging
|
|
import os
|
|
from dataclasses import dataclass
|
|
from pathlib import Path
|
|
from typing import Any
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
# These can be overridden via env vars for non-prod testing.
|
|
CLAUDE_BIN = os.getenv("CLAUDE_BIN", "/home/erik/.local/bin/claude")
|
|
CLAUDE_CWD = os.getenv("CLAUDE_CWD", "/home/erik/MosswartOverlord")
|
|
# Hard cap on how long a single agent turn may take. Claude Code can spin a
|
|
# while when chaining many tool calls; we don't want to leave a zombie
|
|
# subprocess if something gets stuck.
|
|
CLAUDE_TIMEOUT_S = int(os.getenv("CLAUDE_TIMEOUT_S", "240"))
|
|
|
|
|
|
@dataclass
|
|
class ClaudeResult:
|
|
result: str
|
|
session_id: str
|
|
duration_ms: int
|
|
num_turns: int
|
|
is_error: bool
|
|
raw: dict[str, Any]
|
|
|
|
|
|
class ClaudeError(RuntimeError):
|
|
"""Raised when the claude CLI returns a non-zero exit or unparseable output."""
|
|
|
|
|
|
def _session_exists(session_id: str) -> bool:
|
|
"""True if Claude Code has already persisted a JSONL for this session.
|
|
|
|
Claude Code stores sessions at ~/.claude/projects/<encoded-cwd>/<uuid>.jsonl
|
|
where non-alphanumerics in the cwd are replaced with hyphens.
|
|
"""
|
|
encoded = "".join(c if c.isalnum() else "-" for c in CLAUDE_CWD)
|
|
path = Path.home() / ".claude" / "projects" / encoded / f"{session_id}.jsonl"
|
|
return path.is_file()
|
|
|
|
|
|
async def ask_claude(message: str, session_id: str) -> ClaudeResult:
|
|
"""Send `message` to `claude -p` for `session_id`; return parsed result.
|
|
|
|
On the FIRST message of a session uses `--session-id <uuid>` to create it.
|
|
On subsequent messages uses `--resume <uuid>` because claude rejects
|
|
`--session-id` on existing sessions ("Session ID ... is already in use").
|
|
|
|
Raises ClaudeError on subprocess failure, JSON parse failure, or timeout.
|
|
"""
|
|
if not Path(CLAUDE_BIN).exists():
|
|
raise ClaudeError(f"claude binary not found at {CLAUDE_BIN}")
|
|
if not Path(CLAUDE_CWD).is_dir():
|
|
raise ClaudeError(f"CLAUDE_CWD does not exist: {CLAUDE_CWD}")
|
|
|
|
# Whitelist only our MCP tools so Claude Code can call them without
|
|
# human approval. Names follow the convention mcp__<server>__<tool>.
|
|
# We deliberately omit built-in tools (Bash, Write, Edit, Read, etc.)
|
|
# — the assistant doesn't need them for live-state Q&A and they'd be a
|
|
# security/permissions footgun on an unattended service.
|
|
allowed_tools = ",".join(
|
|
[
|
|
"mcp__overlord__get_live_players",
|
|
"mcp__overlord__get_recent_rares",
|
|
"mcp__overlord__query_telemetry_db",
|
|
"mcp__overlord__get_player_state",
|
|
"mcp__overlord__get_inventory",
|
|
"mcp__overlord__get_inventory_search",
|
|
"mcp__overlord__search_items",
|
|
"mcp__overlord__get_combat_stats",
|
|
"mcp__overlord__get_equipment_cantrips",
|
|
"mcp__overlord__get_quest_status",
|
|
"mcp__overlord__get_server_health",
|
|
"mcp__overlord__suitbuilder_search",
|
|
]
|
|
)
|
|
|
|
# Pick --session-id (creates) vs --resume (continues) based on whether
|
|
# the session JSONL already exists on disk.
|
|
is_new = not _session_exists(session_id)
|
|
session_flag = "--session-id" if is_new else "--resume"
|
|
|
|
args = [
|
|
CLAUDE_BIN,
|
|
"-p",
|
|
session_flag,
|
|
session_id,
|
|
"--output-format",
|
|
"json",
|
|
"--allowed-tools",
|
|
allowed_tools,
|
|
# CRITICAL: dontAsk auto-DENIES anything outside --allowed-tools.
|
|
# Do NOT use bypassPermissions here — that mode ignores the whitelist
|
|
# entirely and lets the model call Bash/Write/Edit/etc. (verified
|
|
# the hard way: it wrote /tmp/owned.sh when prompted to).
|
|
# See https://code.claude.com/docs/en/permission-modes.md
|
|
"--permission-mode",
|
|
"dontAsk",
|
|
]
|
|
|
|
logger.info(
|
|
"claude exec: session=%s mode=%s msg_len=%d cwd=%s",
|
|
session_id,
|
|
"new" if is_new else "resume",
|
|
len(message),
|
|
CLAUDE_CWD,
|
|
)
|
|
|
|
proc = await asyncio.create_subprocess_exec(
|
|
*args,
|
|
stdin=asyncio.subprocess.PIPE,
|
|
stdout=asyncio.subprocess.PIPE,
|
|
stderr=asyncio.subprocess.PIPE,
|
|
cwd=CLAUDE_CWD,
|
|
)
|
|
|
|
try:
|
|
stdout, stderr = await asyncio.wait_for(
|
|
proc.communicate(input=message.encode("utf-8")),
|
|
timeout=CLAUDE_TIMEOUT_S,
|
|
)
|
|
except asyncio.TimeoutError:
|
|
try:
|
|
proc.kill()
|
|
except ProcessLookupError:
|
|
pass
|
|
raise ClaudeError(f"claude timed out after {CLAUDE_TIMEOUT_S}s")
|
|
|
|
if proc.returncode != 0:
|
|
stderr_text = stderr.decode("utf-8", "replace")
|
|
# If we picked the wrong flag (e.g. JSONL deleted from disk between
|
|
# our check and exec, or a never-flushed session), claude prints
|
|
# "Session ID … is already in use." Re-issue with --resume.
|
|
if is_new and "already in use" in stderr_text:
|
|
logger.info("session %s actually exists; retrying with --resume", session_id)
|
|
args2 = list(args)
|
|
args2[2] = "--resume"
|
|
proc2 = await asyncio.create_subprocess_exec(
|
|
*args2,
|
|
stdin=asyncio.subprocess.PIPE,
|
|
stdout=asyncio.subprocess.PIPE,
|
|
stderr=asyncio.subprocess.PIPE,
|
|
cwd=CLAUDE_CWD,
|
|
)
|
|
try:
|
|
stdout, stderr = await asyncio.wait_for(
|
|
proc2.communicate(input=message.encode("utf-8")),
|
|
timeout=CLAUDE_TIMEOUT_S,
|
|
)
|
|
except asyncio.TimeoutError:
|
|
try:
|
|
proc2.kill()
|
|
except ProcessLookupError:
|
|
pass
|
|
raise ClaudeError(f"claude timed out after {CLAUDE_TIMEOUT_S}s")
|
|
if proc2.returncode != 0:
|
|
raise ClaudeError(
|
|
f"claude exited {proc2.returncode} after retry: "
|
|
f"{stderr.decode('utf-8', 'replace')[:500]}"
|
|
)
|
|
else:
|
|
raise ClaudeError(
|
|
f"claude exited {proc.returncode}: {stderr_text[:500]}"
|
|
)
|
|
|
|
raw_text = stdout.decode("utf-8", "replace").strip()
|
|
if not raw_text:
|
|
raise ClaudeError("claude produced empty stdout")
|
|
|
|
# In --output-format json mode the LAST line is the JSON envelope; some
|
|
# earlier lines may be progress. Be tolerant.
|
|
try:
|
|
envelope = json.loads(raw_text)
|
|
except json.JSONDecodeError:
|
|
# Try the last non-empty line
|
|
last = next(
|
|
(line for line in reversed(raw_text.splitlines()) if line.strip()),
|
|
"",
|
|
)
|
|
try:
|
|
envelope = json.loads(last)
|
|
except json.JSONDecodeError as e:
|
|
raise ClaudeError(
|
|
f"claude stdout was not JSON: {raw_text[:500]}"
|
|
) from e
|
|
|
|
return ClaudeResult(
|
|
result=envelope.get("result", ""),
|
|
session_id=envelope.get("session_id", session_id),
|
|
duration_ms=int(envelope.get("duration_ms", 0)),
|
|
num_turns=int(envelope.get("num_turns", 0)),
|
|
is_error=bool(envelope.get("is_error", False)),
|
|
raw=envelope,
|
|
)
|