ai-workspace-lab/xworkmate-bridge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
255 Commits 9 Branches 86 Tags 19 MiB
Go 91%
Shell 8.9%
57ab5711e1
Go to file
Haitao Pan 57ab5711e1 fix(ci): add openclaw session contract check to validate stage 
The OpenClaw session contract smoke and SSE long-task stream checks used to
live in the Ansible validate role and ran during the Deploy stage. They depend
on the public OpenClaw gateway producing a 'pong' reply, which the bridge
itself cannot guarantee end-to-end. When the gateway returned an empty
completion envelope (CI run 27010307958), the entire Deploy job failed even
though the bridge binary had been installed and was healthy.

Move the lightweight session contract check into the GitHub Actions validate
stage as a new script. Deploy now only asserts the bridge's own state
(binary, ports, /api/ping, /acp/rpc capabilities, routing.resolve), and the
OpenClaw contract check runs in validate where the release-blocking failure
belongs.
2026-06-05 19:29:53 +08:00
.github fix(ci): add openclaw session contract check to validate stage 2026-06-05 19:29:53 +08:00
docs chore: add repomix-output.xml to .gitignore 2026-06-05 02:53:51 +00:00
example feat(acp): implement distributed task router and openclaw gateway ingress 2026-06-02 12:19:27 +08:00
internal fix: remove unused functions and dead code to pass staticcheck 2026-06-05 18:43:15 +08:00
scripts fix(ci): add openclaw session contract check to validate stage 2026-06-05 19:29:53 +08:00
tests Refine bridge routing and remove fallback paths 2026-04-23 15:58:37 +08:00
.dockerignore ci: ship bridge via image ref artifact 2026-04-12 14:23:23 +08:00
.gitignore chore: add repomix-output.xml to .gitignore 2026-06-05 02:53:51 +00:00
AGENTS.md refactor(acp): replace artifact fallback chain with snapshot+export and stable session mapping 2026-06-05 12:07:28 +08:00
Dockerfile Fix Docker image build metadata 2026-04-24 14:59:54 +08:00
go.mod feat: Remote Desktop WebRTC Integration 2026-06-03 10:49:58 +08:00
go.sum feat: Remote Desktop WebRTC Integration 2026-06-03 10:49:58 +08:00
main_test.go add traced bridge version output 2026-04-22 12:28:16 +08:00
main_tools.go Add GitHub Actions pipeline for bridge deploy 2026-04-10 16:17:32 +08:00
main.go Merge branch 'codex/fix-openclaw-probe-terminal' into release/v1.1.4 2026-06-03 16:59:53 +08:00
Makefile Initial standalone ACP bridge repository 2026-04-09 09:49:48 +08:00
README.md fix: enforce openclaw gateway task route 2026-05-03 12:14:31 +08:00

README.md

XWorkmate Bridge

xworkmate-bridge is the standalone repository for the XWorkmate ACP Bridge Server and the embedded Go helper previously stored under xworkmate-app/go/go_core.

What lives here

  • ACP Bridge HTTP/WebSocket server
  • ACP stdio bridge entrypoint
  • Go helper runtime packages used by the ACP bridge
  • Unit tests for bridge routing, RPC contracts, mounts, runtime dispatch, and provider sync

ACP Forwarding Topology

This repository exposes one APP-facing bridge entrypoint and proxies traffic to four independent upstream production services. The APP-facing canonical ACP path is WebSocket /acp; HTTP /acp/rpc remains available for CI, scripts, debugging, and compatibility fallback under https://xworkmate-bridge.svc.plus. OpenClaw task submission is the only dedicated HTTP task route: POST /gateway/openclaw for session.start and follow-up session.message. It is not a global ACP base endpoint.

Architecture topology: docs/architecture/acp-forwarding-topology.md

ADR for the unified APP-facing bridge contract: docs/architecture/adr-unified-bridge-entrypoints.md

Example provider sync config: example/config.yaml

API reference: docs/api-reference.md

Backend API design: docs/backend-api-design.md

Compatibility

For compatibility with xworkmate-app, the built helper binary name remains xworkmate-go-core.

Commands

make test
make build
./build/bin/xworkmate-go-core serve --listen 127.0.0.1:8787

GitHub Actions

This repository includes one GitHub Actions pipeline with four stages:

  • prep: Go static checks
  • build: build the linux/amd64 artifact for the x86 target host and upload it
  • deploy: run Ansible CD with x-evor/playbooks
  • validate: verify the public endpoints after deployment

GitHub Releases are published only after deploy and validate both succeed. In this repository, a published Release means the built image has been deployed to xworkmate-bridge.svc.plus and passed post-deploy validation there.

Deploy stage

The deploy stage checks out:

  • this service repository into xworkmate-bridge/
  • the x-evor/playbooks repository into playbooks/

Then it runs playbooks/deploy_xworkmate_bridge_vhosts.yml, which builds the service for linux/amd64 and deploys it to the target host with Ansible.

Validate stage

The validate stage proves production alignment against the bridge public contract:

  • bridge root and /api/ping
  • strict image / tag / commit / version match against the built image ref
  • upstream ACP capability probes for codex, opencode, and gemini
  • minimal session.start smoke tests through the bridge JSON-RPC contract

Required GitHub secrets:

  • SINGLE_NODE_VPS_SSH_PRIVATE_KEY: private key used by the Actions runner to SSH into the target host
  • WORKSPACE_REPO_TOKEN: token with access to checkout x-evor/playbooks

Optional GitHub secrets:

  • SSH_KNOWN_HOSTS: pre-seeded known_hosts content for stricter host verification

Optional workflow input:

  • internal_service_token: manual dispatch input that is forwarded to Ansible as INTERNAL_SERVICE_TOKEN

Environment

  • ACP_LISTEN_ADDR: listen address for serve mode, default 127.0.0.1:8787
  • OUTPUT_DIR: optional output directory for make build
  • OUTPUT_PATH: optional explicit build path for make build