Skip to content

Add Windows CI and harden runtime lifecycle#69

Open
Zawonyee wants to merge 2 commits into
rebel0789:mainfrom
Zawonyee:agent/windows-ci-runtime-hardening
Open

Add Windows CI and harden runtime lifecycle#69
Zawonyee wants to merge 2 commits into
rebel0789:mainfrom
Zawonyee:agent/windows-ci-runtime-hardening

Conversation

@Zawonyee

Copy link
Copy Markdown

Summary

  • add an Ubuntu/Windows CI matrix and run both smoke and stress coverage
  • reuse the existing safe Windows .cmd/.bat invocation path for tunnel binaries and proxied curl
  • support cooperative q shutdown for non-TTY launchers so runtime and temporary tunnel credentials are cleaned up
  • discard stale runtime status when its recorded launcher PID no longer exists
  • make path, home-directory, symlink, colon-filename, and fake-binary fixtures portable without reducing Linux coverage

Why

CodexPro supports Windows, but CI currently runs only on Ubuntu. On Windows, the documented validation flow failed in several places before reaching the end of the suite:

  • analysis-smoke built a doubled drive path such as C:\\C:\\...
  • bash transcript assertions compared native Windows paths with MSYS/WSL-style output
  • forced launcher termination left a stale runtime status file
  • JavaScript tunnel fixtures could not be executed as Windows binaries
  • stress fixtures assumed Unix filename, symlink, and HOME behavior

The runtime-status failure is user-visible: the local settings/status page can report a stopped launcher as active after an abrupt Windows termination.

Impact

  • Windows becomes a continuously tested platform instead of a best-effort path.
  • Explicit .cmd/.bat tunnel shims use the same quoted cmd.exe wrapper already used by the handoff executor.
  • Non-interactive launchers can request graceful shutdown by writing q to stdin.
  • Stale runtime files self-heal on read when their PID is no longer alive.
  • Existing Linux-only edge-case coverage remains enabled on Linux.

This does not change authentication, tunnel exposure, tool permissions, or default write/bash policy.

Validation

  • npm ci (0 vulnerabilities)
  • npm run build
  • npm run smoke
  • npm run stress
  • npm pack --dry-run
  • git diff --check

All checks passed locally on Windows.

Contributor attribution

One small attribution request: if this is merged directly or ported into another branch, could you please preserve the author metadata from commit fb12f76 (or add Co-authored-by: Zao <zawonyee@163.com>) so GitHub can credit the contribution? Please use whichever merge strategy best fits the project. Thank you.

@Zawonyee Zawonyee marked this pull request as ready for review July 14, 2026 11:17

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: fb12f76aa2

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread scripts/codexpro.mjs
Comment on lines +1102 to +1105
const child = spawn(invocation.command, invocation.args, {
...spawnOptions,
stdio: ['ignore', 'pipe', 'pipe'],
windowsVerbatimArguments: invocation.windowsVerbatimArguments

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Kill the real tunnel process behind Windows shims

When --cloudflared, --ngrok, or --tailscale points at a .cmd/.bat shim, this now records the spawned cmd.exe wrapper in spawnedChildren; cleanupChildren() later only calls child.kill() on that wrapper. On Windows, terminating the wrapper does not terminate the long-running process that the batch file launched, so q/SIGTERM shutdown can leave the tunnel process running after the launcher exits. Please either spawn the underlying executable directly or tear down the process tree for these wrapped invocations.

Useful? React with 👍 / 👎.

Copy link
Copy Markdown
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in 21f7812. Windows batch-file invocations now carry a process-tree cleanup marker, and shutdown uses taskkill.exe /PID <pid> /T /F for the wrapper and its descendants, with the existing direct-child kill as a fallback.

I also added a Windows integration regression in settings-smoke.mjs: the fake cloudflared.cmd records its real Node descendant PID, and the test verifies that PID is gone after the non-TTY q shutdown path.

Verified with npm run build, node scripts/settings-smoke.mjs, and the full npm run smoke suite.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant