Skip to content

Custom tools: define tools in a GitHub repo and sync them into the catalog#1332

Draft
RhysSullivan wants to merge 21 commits into
mainfrom
apps-custom-tools
Draft

Custom tools: define tools in a GitHub repo and sync them into the catalog#1332
RhysSullivan wants to merge 21 commits into
mainfrom
apps-custom-tools

Conversation

@RhysSullivan

Copy link
Copy Markdown
Collaborator

What

Users can point Executor at a GitHub repo containing tools/*.ts files (defineTool default exports) and sync them into the org tool catalog. Synced tools run in a QuickJS sandbox, declare the integrations they need, and invoke through the normal policy/credential path — the caller picks which connection serves each declared integration at invoke time.

Console: a Custom tools tile in the connect-integration modal (repo + ref + GitHub connection), with a source panel showing published tools, skipped files, and a Sync button. Sync is manual; the repo is the source of truth and git history is the version history.

How

  • packages/plugins/apps: publish pipeline (discover → bundle → collect → commit; descriptor written into the snapshot, commit last, CAS ref updates), git-backed artifact store, per-scope libSQL db, QuickJS sandbox behind a serializable bridge, tenant-partitioned storage. input/output accept Standard Schema (JSON-schema export via ~standard.jsonSchema, validation via ~standard.validate in-sandbox) or a raw JSON schema object; zod is bundled. One tool per file; identity is the file path.
  • GitHub ingest via the REST tree API behind a DI seam (payload limits enforced before fetching blob bodies; symlinks/submodules skipped; re-sync of an unchanged SHA is a no-op).
  • Self-host wiring: apps plugin registered in the host plugin list, per-request resolver routing bridged calls through ctx.execute (policy, credentials, approvals — the caller's elicitation context is threaded through), authenticated sync route.
  • workflows/, ui/, and skills/ folders in a repo are accepted and reported as not supported yet, so repos written now keep working as those land.

Testing

  • Package suites: 54 tests (pipeline atomicity/determinism, CAS races, strict bridge dispatch, binding errors, tenant isolation, symlink filtering — each review finding has a fail-before/pass-after regression test).
  • host-selfhost: 81 tests including a wire e2e that boots the real app composition and, over real HTTP against the GitHub emulator: 401 without auth, sync → publish, catalog listing with the projected connection enum, invoke through real QuickJS with the emulator ledger proving the upstream call, idempotent re-sync, add/remove churn.
  • Walked live against a real private GitHub repo end to end (sync, invoke with real data, add/remove a tool upstream).

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Cloudflare preview

Console https://executor-preview-pr-1332.executor-e2e.workers.dev
MCP https://executor-preview-pr-1332.executor-e2e.workers.dev/mcp
Deployed commit 807d08c

Sign-in is Cloudflare Access (one-time PIN to an allowed email). The preview has its own database and encryption key; it is destroyed when this PR closes.

@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Jul 6, 2026

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Preview URL Updated (UTC)
✅ Deployment successful!
View logs
executor-marketing 807d08c Commit Preview URL

Branch Preview URL
Jul 07 2026, 08:50 AM

@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Jul 6, 2026

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Updated (UTC)
✅ Deployment successful!
View logs
executor-cloud 807d08c Jul 07 2026, 08:51 AM

@pkg-pr-new

pkg-pr-new Bot commented Jul 6, 2026

Copy link
Copy Markdown

Open in StackBlitz

@executor-js/cli

npm i https://pkg.pr.new/@executor-js/cli@1332

@executor-js/config

npm i https://pkg.pr.new/@executor-js/config@1332

@executor-js/execution

npm i https://pkg.pr.new/@executor-js/execution@1332

@executor-js/sdk

npm i https://pkg.pr.new/@executor-js/sdk@1332

@executor-js/codemode-core

npm i https://pkg.pr.new/@executor-js/codemode-core@1332

@executor-js/runtime-quickjs

npm i https://pkg.pr.new/@executor-js/runtime-quickjs@1332

@executor-js/plugin-file-secrets

npm i https://pkg.pr.new/@executor-js/plugin-file-secrets@1332

@executor-js/plugin-graphql

npm i https://pkg.pr.new/@executor-js/plugin-graphql@1332

@executor-js/plugin-keychain

npm i https://pkg.pr.new/@executor-js/plugin-keychain@1332

@executor-js/plugin-mcp

npm i https://pkg.pr.new/@executor-js/plugin-mcp@1332

@executor-js/plugin-onepassword

npm i https://pkg.pr.new/@executor-js/plugin-onepassword@1332

@executor-js/plugin-openapi

npm i https://pkg.pr.new/@executor-js/plugin-openapi@1332

executor

npm i https://pkg.pr.new/executor@1332

commit: 807d08c

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant