Merge pull request #77 from peg/staging

fix(upgrade): remove single-file archive constraint (v0.4.5)

Author: peg

cmd/rampart/cli/setup.go

@@ -46,6 +46,7 @@ Supported AI Agents:
 	cmd.AddCommand(newSetupClaudeCodeCmd(opts))
 	cmd.AddCommand(newSetupClineCmd(opts))
 	cmd.AddCommand(newSetupOpenClawCmd(opts))
+	cmd.AddCommand(newSetupCodexCmd(opts))
 
 	return cmd
 }

cmd/rampart/cli/setup_codex.go

@@ -0,0 +1,187 @@
+// Copyright 2026 The Rampart Authors
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+
+package cli
+
+import (
+	"fmt"
+	"io"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"runtime"
+	"strings"
+
+	"github.com/spf13/cobra"
+)
+
+func newSetupCodexCmd(_ *rootOptions) *cobra.Command {
+	var remove bool
+	var force bool
+
+	cmd := &cobra.Command{
+		Use:   "codex",
+		Short: "Install Rampart wrapper for Codex CLI",
+		Long: `Creates a wrapper script that intercepts all Codex tool calls via
+rampart preload (LD_PRELOAD syscall interception). The wrapper is installed
+at ~/.local/bin/codex and the real codex binary is called through it.
+
+Run 'rampart setup codex --remove' to uninstall.`,
+		RunE: func(cmd *cobra.Command, args []string) error {
+			if runtime.GOOS == "windows" {
+				return fmt.Errorf("setup codex: LD_PRELOAD not supported on Windows — use 'rampart wrap -- codex' instead")
+			}
+
+			out := cmd.OutOrStdout()
+
+			// Find the real codex binary.
+			realCodex, err := exec.LookPath("codex")
+			if err != nil {
+				return fmt.Errorf("setup codex: codex not found in PATH — install it first")
+			}
+
+			// Resolve symlinks so the wrapper doesn't point to itself.
+			realCodex, err = filepath.EvalSymlinks(realCodex)
+			if err != nil {
+				return fmt.Errorf("setup codex: resolve codex path: %w", err)
+			}
+
+			home, err := os.UserHomeDir()
+			if err != nil {
+				return fmt.Errorf("setup codex: resolve home: %w", err)
+			}
+
+			wrapperDir := filepath.Join(home, ".local", "bin")
+			wrapperPath := filepath.Join(wrapperDir, "codex")
+
+			if remove {
+				return removeCodexWrapper(out, wrapperPath)
+			}
+
+			// Safety: don't overwrite if it's already pointing somewhere else.
+			if _, err := os.Stat(wrapperPath); err == nil && !force {
+				data, readErr := os.ReadFile(wrapperPath)
+				if readErr == nil && !containsRampartPreload(string(data)) {
+					return fmt.Errorf("setup codex: %s already exists and is not a Rampart wrapper\n  use --force to overwrite or --remove to uninstall", wrapperPath)
+				}
+			}
+
+			if err := os.MkdirAll(wrapperDir, 0o755); err != nil {
+				return fmt.Errorf("setup codex: create %s: %w", wrapperDir, err)
+			}
+
+			// Find rampart binary path for the wrapper.
+			rampartPath, err := exec.LookPath("rampart")
+			if err != nil {
+				rampartPath = "rampart" // fallback to PATH lookup at runtime
+			}
+
+			wrapper := fmt.Sprintf(`#!/bin/sh
+# Rampart wrapper for Codex — managed by 'rampart setup codex'
+# Intercepts all tool calls via LD_PRELOAD syscall enforcement.
+# Real codex: %s
+# Remove: rampart setup codex --remove
+exec %s preload -- %s "$@"
+`, realCodex, rampartPath, realCodex)
+
+			// Atomic write.
+			tmp, err := os.CreateTemp(wrapperDir, ".rampart-codex-wrapper-*.sh")
+			if err != nil {
+				return fmt.Errorf("setup codex: create temp file: %w", err)
+			}
+			tmpPath := tmp.Name()
+			if _, err := tmp.WriteString(wrapper); err != nil {
+				tmp.Close()
+				os.Remove(tmpPath)
+				return fmt.Errorf("setup codex: write wrapper: %w", err)
+			}
+			if err := tmp.Chmod(0o755); err != nil {
+				tmp.Close()
+				os.Remove(tmpPath)
+				return fmt.Errorf("setup codex: chmod wrapper: %w", err)
+			}
+			tmp.Close()
+			if err := os.Rename(tmpPath, wrapperPath); err != nil {
+				os.Remove(tmpPath)
+				return fmt.Errorf("setup codex: install wrapper: %w", err)
+			}
+
+			fmt.Fprintf(out, "✓ Wrapper installed at %s\n", wrapperPath)
+			fmt.Fprintf(out, "  Wraps: %s\n", realCodex)
+			fmt.Fprintf(out, "  Via:   %s preload\n\n", rampartPath)
+
+			// Check if wrapperDir is on PATH and warn if not.
+			if !isOnPath(wrapperDir) {
+				fmt.Fprintf(out, "⚠ %s is not on your PATH.\n", wrapperDir)
+				fmt.Fprintln(out, "  Add this to your shell config (~/.bashrc, ~/.zshrc):")
+				fmt.Fprintf(out, "    export PATH=\"%s:$PATH\"\n\n", wrapperDir)
+			}
+
+			fmt.Fprintln(out, "✓ Run 'codex' normally — all tool calls are now enforced by Rampart.")
+			fmt.Fprintln(out, "  Uninstall: rampart setup codex --remove")
+			return nil
+		},
+	}
+
+	cmd.Flags().BoolVar(&remove, "remove", false, "Remove the Codex wrapper")
+	cmd.Flags().BoolVar(&force, "force", false, "Overwrite existing wrapper")
+	return cmd
+}
+
+func removeCodexWrapper(out io.Writer, wrapperPath string) error {
+	data, err := os.ReadFile(wrapperPath)
+	if err != nil {
+		if os.IsNotExist(err) {
+			fmt.Fprintf(out, "Nothing to remove — %s does not exist.\n", wrapperPath)
+			return nil
+		}
+		return fmt.Errorf("setup codex: read wrapper: %w", err)
+	}
+	if !containsRampartPreload(string(data)) {
+		return fmt.Errorf("setup codex: %s does not appear to be a Rampart wrapper — refusing to remove", wrapperPath)
+	}
+	// Extract real binary path from the wrapper comment before deleting.
+	realBin := extractRealBinFromWrapper(string(data))
+	if err := os.Remove(wrapperPath); err != nil {
+		return fmt.Errorf("setup codex: remove wrapper: %w", err)
+	}
+	fmt.Fprintf(out, "✓ Wrapper removed from %s\n", wrapperPath)
+	if realBin != "" {
+		fmt.Fprintf(out, "  codex now points to: %s\n", realBin)
+	}
+	return nil
+}
+
+// extractRealBinFromWrapper parses "# Real codex: /path" from the wrapper script.
+func extractRealBinFromWrapper(content string) string {
+	const prefix = "# Real codex: "
+	for _, line := range strings.Split(content, "\n") {
+		if strings.HasPrefix(line, prefix) {
+			return strings.TrimSpace(strings.TrimPrefix(line, prefix))
+		}
+	}
+	return ""
+}
+
+func containsRampartPreload(content string) bool {
+	return strings.Contains(content, "rampart preload") ||
+		strings.Contains(content, "Rampart wrapper")
+}
+
+func isOnPath(dir string) bool {
+	pathEnv := os.Getenv("PATH")
+	for _, p := range filepath.SplitList(pathEnv) {
+		abs, err := filepath.Abs(p)
+		if err != nil {
+			continue
+		}
+		if abs == dir {
+			return true
+		}
+	}
+	return false
+}

cmd/rampart/cli/setup_interactive.go

@@ -62,9 +62,9 @@ func detectAgents() []agentInfo {
 			ManualCmd: "rampart mcp -- cursor",
 		},
 		{
-			Name:      "Codex",
-			HasSetup:  false,
-			ManualCmd: "rampart preload -- codex",
+			Name:     "Codex",
+			HasSetup: true,
+			SetupCmd: "codex",
 		},
 	}
 

cmd/rampart/cli/upgrade.go

@@ -548,11 +548,7 @@ func extractRampartBinary(archive []byte) ([]byte, error) {
 	}
 
 	if len(payload) == 0 {
-		return nil, fmt.Errorf("upgrade: rampart binary not found in archive")
-	}
-	if count > 1 {
-		// Keep strict behavior expected by release layout.
-		return nil, fmt.Errorf("upgrade: archive contains %d files; expected a single binary", count)
+		return nil, fmt.Errorf("upgrade: rampart binary not found in archive (archive had %d regular files)", count)
 	}
 	return payload, nil
 }

cmd/rampart/cli/upgrade_test.go

@@ -35,6 +35,57 @@ func TestExtractRampartBinary(t *testing.T) {
 	}
 }
 
+// TestExtractRampartBinary_GoreleaserLayout tests the real goreleaser archive
+// format which bundles LICENSE and README.md alongside the binary.
+// Regression test for: "archive contains 4 files; expected a single binary"
+func TestExtractRampartBinary_GoreleaserLayout(t *testing.T) {
+	// Mimic actual goreleaser archive layout (flat, no subdirectory prefix):
+	//   rampart        ← the binary
+	//   LICENSE
+	//   README.md
+	//   CHANGELOG.md
+	archive := makeMultiFileArchive(t, map[string][]byte{
+		"rampart":      []byte("real-binary"),
+		"LICENSE":      []byte("Apache 2.0"),
+		"README.md":    []byte("# Rampart"),
+		"CHANGELOG.md": []byte("## v0.4.4"),
+	})
+	got, err := extractRampartBinary(archive)
+	if err != nil {
+		t.Fatalf("extractRampartBinary failed on goreleaser layout: %v", err)
+	}
+	if string(got) != "real-binary" {
+		t.Fatalf("unexpected payload: %q", string(got))
+	}
+}
+
+func makeMultiFileArchive(t *testing.T, files map[string][]byte) []byte {
+	t.Helper()
+	var buf bytes.Buffer
+	gz := gzip.NewWriter(&buf)
+	tw := tar.NewWriter(gz)
+	for name, payload := range files {
+		if err := tw.WriteHeader(&tar.Header{
+			Name:     name,
+			Mode:     0o755,
+			Size:     int64(len(payload)),
+			Typeflag: tar.TypeReg,
+		}); err != nil {
+			t.Fatalf("write header %s: %v", name, err)
+		}
+		if _, err := tw.Write(payload); err != nil {
+			t.Fatalf("write payload %s: %v", name, err)
+		}
+	}
+	if err := tw.Close(); err != nil {
+		t.Fatalf("close tar: %v", err)
+	}
+	if err := gz.Close(); err != nil {
+		t.Fatalf("close gzip: %v", err)
+	}
+	return buf.Bytes()
+}
+
 func TestNewUpgradeCmdAlreadyLatest(t *testing.T) {
 	deps := &upgradeDeps{
 		currentVersion: func(context.Context, commandRunner, func() (string, error)) (string, error) {

policies/standard.yaml

@@ -118,7 +118,7 @@ policies:
     match:
       tool: ["exec"]
     rules:
-      - action: log
+      - action: watch
         when:
           command_matches:
             - "env"
@@ -347,7 +347,7 @@ policies:
     match:
       tool: ["mcp-dangerous"]
     rules:
-      - action: log
+      - action: watch
         message: "Dangerous MCP operation logged (stop/restart/execute/modify)"
 
   - name: block-credential-leaks