github/penpot
1
0
Fork 0
mirror of https://github.com/penpot/penpot.git synced 2026-06-10 01:12:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
penpot/.serena/memories/backend/core.md
Michael Panchenko 16dc83616a
Add the ability to launch parallel devenv instances (#9906) 
* 🐳 Split devenv compose for parallel workspaces

Move shared services into an infra compose file and keep the main devenv container plus Valkey in a separate compose file driven by defaults.env. Parameterize host-side ports, container names, source path, and runtime env while keeping container-internal ports fixed for same-origin proxying.

Make tmux startup idempotent, add attach-devenv for the live instance, move shared MinIO user setup to infra startup, and let exporter scripts load backend _env.local overrides.

Co-authored-by: Codex <codex@openai.com>

* 🐳 Run parallel devenv instances against shared infra

Add support for running N parallel devenv instances under separate compose
projects sharing Postgres, MinIO, mailer, and LDAP. Each instance has its
own main container, Valkey, source checkout, tmux session, and host port
range offset by 10000 (3449 -> 13449 -> 23449, etc.).

./manage.sh run-devenv-agentic --n-instances N reconciles the running set
to exactly {ws0..ws(N-1)}: missing instances are created (workspace sync
from the live repo via git ls-files + per-instance env-file generation
under docker/devenv/instances/ + detached tmux startup), surplus instances
are stopped highest-first via compose down (never -v), already-running
instances are left untouched. ws0 binds the live repo at PWD; ws1+ are
scratch clones under ~/.penpot/penpot_workspaces/.

Backend workers (enable-backend-worker) are gated on PENPOT_BACKEND_WORKER
in backend/scripts/_env; ws1+ overlays disable them so async-task
notifications stay bound to a single Valkey Pub/Sub instance.

Compose helpers wrap docker compose with env -i so per-instance overlay
--env-file actually overrides defaults.env -- without the strip, the shell
env from sourcing defaults.env at startup would shadow the overlay (Compose
gives shell precedence over --env-file).

Other:
- Drop network aliases (- main, - redis); use container_name for
  cross-container DNS so multiple instances on the shared network don't
  fight over the same DNS name.
- Pin volume names via name: (PENPOT_*_VOLUME) so volumes survive project
  renames; ws0 keeps the pre-existing physical names (penpotdev_*).
- Remove cross-project depends_on from main.yml (postgres/minio-setup now
  live in penpotdev-infra); manage.sh ensure-infra-up docker-waits on the
  minio-setup one-shot.
- Strict arg parsing in run-devenv / run-devenv-agentic; --n-instances 0
  rejected.
- Remove unused Host-matched server block from the Caddyfile.

Memory mem:devenv/core and developer docs updated.

Co-authored-by: Codex <codex@openai.com>

*  Document and stabilise the parallel-workspace CLI; wire AI agents

Improve parallel-workspaces developer CLI,
and add an opt-in layer that lets four AI
coding agents (Claude Code, opencode, VS Code Copilot, OpenAI Codex CLI)
drive a specific workspace through a single launcher command.

Parallel-workspace semantics
----------------------------

each run-devenv-agentic call brings up one wsN;
--ws N (integer; default 0) targets a specific workspace and auto-starts
ws0 first when N>=1 so the worker invariant holds. --sync is forbidden on
ws0 and re-seeds the workspace from the live repo for ws1+. Stop semantics
mirror the start invariant -- ws0 is the last to stop, shared infra stops
with it, --all walks every instance highest-first. The worker policy
section explains why workers run only on ws0 (Postgres FOR UPDATE
SKIP LOCKED is safe across many workers but the cron dedup primitive is
best-effort, and :telemetry / :audit-log-archive are not idempotent).
Per-instance Valkey Pub/Sub isolation, msgbus topology, and the
"async task notifications miss ws1+ tabs" caveat are stated explicitly.

The mem:prod-infra/core memory captures the same external-services and
task-queue / Pub-Sub topology in agent-readable form, and
mem:backend/core and mem:critical-info now cross-link it so backend work
surfaces the horizontal-scaling constraints from the start.

AI coding agent integration
---------------------------

New top-level .devenv/ directory holds committed templates
(templates/{claude-code,opencode,vscode}.json and templates/codex.toml,
each with \${PENPOT_MCP_PORT} and \${SERENA_MCP_PORT} placeholders) plus
committed shared entries (matching shared/* files for Playwright, the
only workspace-independent server we ship today).

./manage.sh start-coding-agent <claude|opencode|vscode|codex> [--ws N]
launches the chosen client against one workspace. It cd's into the
target's directory (the live repo for ws0; workspace-path "wsN" for ws1+)
and refuses to launch unless (a) the binary is on PATH, (b) the
workspace directory exists for ws1+, and (c) the instance is up
(devenv-main-running) -- the MCP servers only exist while the devenv is
running. The agentic-devenv guide is restructured around this Quick
start path, with a per-client table and a Manual configuration fallback
for clients we don't cover.

Co-Authored-By: Codex <codex@openai.com>
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* ♻️ Scope the shadow devtools to the dev build

---------

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-06-03 15:48:25 +02:00

6.3 KiB
Raw Permalink Blame History

Backend Architecture and Workflow

Backend: JVM Clojure; Integrant; PostgreSQL; Redis/Valkey; RPC; HTTP; storage; mail; audit/logging; workers.

Focused memories

  • RPC, DB helpers, workers, cron: mem:backend/rpc-db-worker-subtleties
  • HTTP sessions, config, storage, media, file data persistence: mem:backend/http-storage-filedata-subtleties
  • Auth flows, permission model, teams, projects, invitations, comments, webhooks, audit: mem:backend/auth-permissions-product-domains
  • Services, task-queue/Pub-Sub topology constraints -> mem:prod-infra/core.

Stable namespace map

  • app.rpc.commands.*: RPC command implementations exposed under /api/rpc/command/<cmd-name>.
  • app.rpc.permissions: permission predicate/check helper factories.
  • app.http.*: HTTP routes and middleware.
  • app.auth.*: provider-specific authentication helpers such as LDAP/OIDC.
  • app.loggers.*: audit, webhook, database, and external log integrations.
  • app.db.* / app.db: next.jdbc wrapper and SQL helpers.
  • app.tasks.*: background task handlers.
  • app.worker: task execution/cron plumbing.
  • app.main: Integrant system map and component wiring.
  • app.config: PENPOT_* env config and feature flags.
  • app.srepl.*: development REPL helpers for manual backend operations (data inspection, migration helpers, one-off admin tasks).
  • app.nitrate, app.rpc.commands.nitrate, and app.rpc.management.nitrate: external Nitrate subscription/organization integration, gated by the :nitrate feature flag and shared-key HTTP calls.

RPC conventions

RPC commands are defined with app.util.services/defmethod and schemas. Use get- prefixes for read operations. Command metadata usually includes auth, docs version, params schema, and result schema. Return plain maps/vectors or raise structured exceptions from app.common.exceptions.

Backend RPC command areas without focused memories include access tokens, binfile, demo, feedback, file snapshots, fonts, management, Nitrate, and webhooks beyond the notes in mem:backend/auth-permissions-product-domains; inspect nearby command tests and command metadata before changing them.

DB conventions

app.db helpers accept cfg, pool, or conn in most places and convert kebab-case to snake_case:

  • db/get, db/get*, db/query, db/insert!, db/update!, db/delete!.
  • Use db/run! for multiple operations on one connection.
  • Use db/tx-run! for transactions.

Database migrations live in backend/src/app/migrations/; pure SQL migrations are under backend/src/app/migrations/sql/. SQL filenames conventionally start with a sequence and verb/table description, e.g. 0026-mod-profile-table-add-is-active-field. Applied migrations are tracked in the migrations table.

For deeper details on transaction semantics, advisory locks, Transit vs JSON helpers, and dev/test DB URLs: mem:backend/rpc-db-worker-subtleties.

Background tasks

A task handler is an Integrant component with ig/assert-key, ig/expand-key, and ig/init-key, returning the function run by the worker. New tasks also need wiring in app.main: handler config, worker registry entry, and cron entry if scheduled.

For worker dispatch, cron, retry semantics, deduplication, and queue internals: mem:backend/rpc-db-worker-subtleties.

REPL

In devenv, backend nREPL is exposed on port 6064.

Non-interactive eval (preferred for agents)

./tools/nrepl-eval.mjs connects to an already-running nREPL server and evaluates code. Session state (defs, in-ns) persists across invocations via a stored session ID in /tmp/penpot-nrepl-session-<host>-<port>.

./tools/nrepl-eval.mjs '(+ 1 2)'                            # single expression
./tools/nrepl-eval.mjs "(require '[my.ns :as ns] :reload)"  # reload after edits
./tools/nrepl-eval.mjs -e                                   # inspect last exception (*e)
./tools/nrepl-eval.mjs --reset-session '(def x 0)'          # discard session, start fresh
./tools/nrepl-eval.mjs <<'EOF'                              # multi-expression heredoc
(def x 10)
(+ x 20)
EOF

Default port is 6064. Use -p <PORT> for a different port. Use -t <MS> to override the 120s timeout. Do not start the nREPL server — assume it is already running.

Interactive REPL

backend/scripts/nrepl starts a REPLy client connected to the running nREPL.

For an in-process backend REPL (where you control the JVM lifecycle), stop the running backend first so port 9090 is free, then run backend/scripts/repl. Useful top-level helpers include (start), (stop), (restart), (run-tests), and (repl/refresh-all). Many app.srepl.main helpers accept the global system var, e.g. manual email or maintenance operations.

Fixtures

Fixtures can populate local data for manual testing/perf work. From the backend REPL, run (app.cli.fixtures/run {:preset :small}); fixture users conventionally look like profileN@example.com with password 123123. Standalone fixture aliases may exist, but check current backend/deps.edn before relying on old command names.

Performance

  • Type Hinting: Use explicit JVM type hints (e.g. ^String, ^long) in performance-critical paths to avoid reflection overhead.
  • Batch inserts: Use db/insert-many! for bulk row inserts — generates a single SQL with multiple parameter tuples. Avoid on very large datasets (SQL length / parameter count limits).
  • Server-side cursors: Use db/plan (fetch-size 1000, forward-only, read-only) or db/cursor for large result sets. Never fetch large collections into memory at once.
  • Transaction discipline: Use tx-run! for writes (opens a transaction), run! for reads (single connection, no transaction). Set :read-only on tx-run! when applicable to let PostgreSQL optimize.

Lint and Format

IMPORTANT: all CLI commands must be executed from the backend/ subdirectory.

  • Linting: pnpm run lint from the repository root.
  • Formatting: pnpm run check-fmt. Use pnpm run fmt to fix. Avoid unrelated whitespace diffs.

Testing

IMPORTANT: all CLI commands must be executed from the backend/ subdirectory.

  • Coverage: If code is added or modified in src/, corresponding tests in test/backend_tests/ must be added or updated.
  • Isolated run: clojure -M:dev:test --focus backend-tests.my-ns-test for a specific test namespace.
  • Regression run: clojure -M:dev:test to ensure no regressions in related functional areas.