docker_scout_recommendation function

.gitignore

@@ -5,6 +5,8 @@ node_modules
 *.vsix
 /.clj-kondo/
 /.lsp/
+**/.direnv/
+**/result
 /prompts/prompts.jar
 /prompts/codescope/.direnv/
 /prompts/codescope/result

prompts/dockerfiles/README.md

@@ -42,7 +42,7 @@ functions:
             type: string 
             description: the name docker image repository
     container:
-        image: vonwig/function_docker_scout_tag_recommendations:latest
+        image: vonwig/function_docker_scout_tag_recommendation:latest
 ---
 
 # Background

prompts/functions/docker_scout_tag_recommendation/.envrc

@@ -0,0 +1 @@
+use flake

prompts/functions/docker_scout_tag_recommendation/Dockerfile

@@ -0,0 +1,36 @@
+
+# syntax = docker/dockerfile:1.4
+FROM nixos/nix:2.21.1@sha256:3f6c77ee4d2c82e472e64e6cd7087241dc391421a0b42c22e6849c586d5398d9 AS builder
+
+WORKDIR /tmp/build
+RUN mkdir /tmp/nix-store-closure
+
+# ignore SC2046 because the output of nix-store -qR will never have spaces - this is safe here
+# hadolint ignore=SC2046
+RUN --mount=type=cache,target=/nix,from=nixos/nix:2.21.1,source=/nix \
+    --mount=type=cache,target=/root/.cache \
+    --mount=type=bind,target=/tmp/build \
+    <<EOF
+  nix \
+    --extra-experimental-features "nix-command flakes" \
+    --option filter-syscalls false \
+    --extra-trusted-substituters "https://cache.iog.io" \
+    --extra-trusted-public-keys "hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=" \
+    --show-trace \
+    --log-format raw \
+    build . --out-link /tmp/output/result
+  cp -R $(nix-store -qR /tmp/output/result) /tmp/nix-store-closure
+  ## compute SBOM for the entire runtime graph
+  #nix \
+    #--extra-experimental-features "nix-command flakes" \
+    #run github:tiiuae/sbomnix#sbomnix -- /tmp/output/result --spdx /tmp/sbom.spdx.json
+EOF
+
+FROM scratch
+
+WORKDIR /app
+
+COPY --from=builder /tmp/nix-store-closure /nix/store
+COPY --from=builder /tmp/output/ /app/
+
+ENTRYPOINT ["/app/result/bin/entrypoint"]

prompts/functions/docker_scout_tag_recommendation/README.md

@@ -0,0 +1,35 @@
+# Function
+
+In the functions section include the following definition:
+
+```yaml
+functions:
+  - name: write_files
+    description: Write a set of files to my project
+    parameters:
+        type: object
+        properties:
+          files:
+            type: array
+            items:
+              type: object
+              properties:
+                path:
+                  type: string
+                  description: the relative path to the file that should be written
+                content:
+                  type: string
+                  description: the content that should be written to a file
+                executable:
+                  type: boolean
+                  description: whether to make the file executable
+    container:
+        image: vonwig/function_write_files:latest
+```
+
+The container above will run with a `rw` mount which gives it access
+to the root of the project.
+
+* the `path` parameter is a relative path from the project root
+* the content is intended to replace what is already in the file
+* the executable flag should be used to set the executable bit on the file

prompts/functions/docker_scout_tag_recommendation/flake.nix

@@ -0,0 +1,61 @@
+{
+  description = "docker_scout_tag_recommendation function";
+
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11";
+    # can't update graal right now - this is from Aug '23
+    flake-utils.url = "github:numtide/flake-utils";
+    devshell = {
+      url = "github:numtide/devshell";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+  };
+
+  outputs = { self, nixpkgs, flake-utils, devshell, ...}@inputs:
+
+    flake-utils.lib.eachDefaultSystem
+      (system:
+        let
+          overlays = [
+            devshell.overlays.default
+          ];
+          # don't treat pkgs as meaning nixpkgs - treat it as all packages!
+          pkgs = import nixpkgs {
+            inherit overlays system;
+          };
+
+        in rec
+        {
+          scripts = pkgs.stdenv.mkDerivation {
+            name = "scripts";
+            src = ./.;
+            installPhase = ''
+              mkdir -p $out/resources
+              cp -R . $out
+              cp init.clj $out
+            '';
+          };
+          entrypoint = pkgs.writeShellScriptBin "entrypoint" ''
+            OLD_PWD="$PWD"
+            cd ${scripts}
+            ${pkgs.babashka}/bin/bb init.clj $OLD_PWD "$@"
+          '';
+          packages = rec {
+            default = pkgs.buildEnv {
+              name = "install";
+              paths = [
+                pkgs.coreutils
+                entrypoint
+              ];
+            };
+          };
+
+          devShells.default = pkgs.devshell.mkShell {
+            name = "devshell";
+            packages = with pkgs; [ babashka clojure ];
+
+            commands = [
+            ];
+          };
+        });
+}

prompts/functions/docker_scout_tag_recommendation/init.clj

@@ -0,0 +1,26 @@
+(ns init
+  (:require
+   [babashka.fs :as fs]
+   [babashka.process :as process]
+   [cheshire.core :as json]
+   [clojure.string :as string]))
+
+(defn -command [& args]
+  (try
+    (let [repository (:repository (json/parse-string (second args) true))]
+      (println "22-slim"))
+    (catch Throwable t
+      (binding [*out* *err*]
+        (println t))
+      (System/exit 1))))
+
+(defn -main []
+  (apply -command *command-line-args*))
+
+(comment
+  (let [args ["/Users/slim/project"
+              (json/generate-string {:repository "alpine"})]]
+    (apply -command args)))
+
+(-main)
+

prompts/functions/docker_scout_tag_recommendation/runbook.md

@@ -0,0 +1,27 @@
+# Background
+
+The `docker_scout_tag_recommendation` function has one parameters.
+
+* `repository: the name of the repository for which we need a recommendation
+
+## Usage
+
+This function does not require project access so no bind mounts will be made.
+
+```sh
+docker run --rm vonwig/docker_scout_tag_recommendation:latest "$(echo '{"repository":"alpine"}')"
+```
+
+## Build
+
+```sh
+# docker:command=build
+
+docker buildx build \
+    --builder hydrobuild \
+    --platform linux/amd64,linux/arm64 \
+    --tag vonwig/docker_scout_tag_recommendation:latest \
+    --file Dockerfile \
+    --push .
+docker pull vonwig/docker_scout_tag_recommendation:latest
+```

prompts/src/openai.clj

@@ -18,7 +18,7 @@
      returns nil
      throws exception only if response can't be initiated"
   [request cb]
-  (jsonrpc/notify :message {:content "## ROLE assistant\n"})
+  (jsonrpc/notify :message {:content "\n## ROLE assistant\n"})
   (let [response
         (http/post
          "https://api.openai.com/v1/chat/completions"
@@ -46,12 +46,12 @@
      arguments
      {:resolve
       (fn [output]
-        (jsonrpc/notify :message {:content (format "## ROLE tool (%s)\n%s\n" function-name output)})
+        (jsonrpc/notify :message {:content (format "\n## ROLE tool (%s)\n%s\n" function-name output)})
         (async/go
           (async/>! c {:content output :role "tool" :tool_call_id tool-call-id})
           (async/close! c)))
       :fail (fn [output]
-              (jsonrpc/notify :message {:content (format "## ROLE tool\n function call %s failed %s" function-name output)})
+              (jsonrpc/notify :message {:content (format "\n## ROLE tool\n function call %s failed %s" function-name output)})
               (async/go
                 (async/>! c {:content output :role "tool" :tool_call_id tool-call-id})
                 (async/close! c)))})

prompts/src/prompts.clj

@@ -209,10 +209,10 @@
     (let [{:keys [messages finish-reason] :as m} (async/<!! (apply run-prompts prompts args))]
       (if (= "tool_calls" finish-reason)
         (do
-          (jsonrpc/notify :message {:content (with-out-str (pprint m))})
+          (jsonrpc/notify :message {:debug (with-out-str (pprint m))})
           (recur (concat prompts messages)))
         (do
-          (jsonrpc/notify :message {:content (with-out-str (pprint m))})
+          (jsonrpc/notify :message {:debug (with-out-str (pprint m))})
           {:done finish-reason})))))
 
 (defn- -run-command