Add wassette inspect call subcommand with argument and policy support

[Copilot]

Enhance wassette inspect call subcommand ✅

Completed:

• Add new InspectCommands enum with Call variant to support wassette inspect call <component-id>
• Add --arg KEY=VAL flag support (can be specified multiple times)
• Add optional --policy-file parameter for specifying a policy file
• Implement handle_inspect_call function to execute the component with provided arguments
• Add comprehensive tests for the new functionality
• Run linter and formatter
• Validate changes with manual testing
• Address all code review comments

Implementation Summary:

New Command Structure:

# Previous (still works via 'inspect schema'):
wassette inspect <component-id>

# New schema subcommand (backward compatible):
wassette inspect schema <component-id>

# New call subcommand (implements the requested feature):
wassette inspect call <component-id> --arg KEY=VAL [--arg KEY=VAL ...] [--policy-file PATH]

Key Features:

1. Multiple Arguments: Supports multiple --arg flags for passing parameters to components
2. Policy File Support: Uses PolicyParser from policy crate for proper YAML policy parsing
3. Output Formats: Supports JSON, YAML, and table output formats
4. Backward Compatible: Original inspect behavior preserved via inspect schema subcommand
5. Better Error Handling: Clear error messages for components with multiple tools

Code Changes:

• src/commands.rs: Added InspectCommands enum with Schema and Call variants
• src/main.rs: Implemented handlers using PolicyParser for policy file parsing
• tests/cli_integration_test.rs: Added 4 new tests + updated 2 existing tests

Policy File Format (Standard):

version: "1.0"
description: "Policy description"
permissions:
  storage:
    allow:
      - uri: "fs:///path/to/dir"
        access: ["read", "write"]
  network:
    allow:
      - host: "example.com"
  environment:
    allow:
      - key: "API_KEY"
  resources:
    limits:
      cpu: "500m"
      memory: "512Mi"

Testing:

• ✅ All 30 CLI integration tests passing
• ✅ Manual testing completed with fetch-rs component
• ✅ Linter (clippy) passed with no warnings
• ✅ Code formatted with cargo +nightly fmt
• ✅ All code review comments addressed

Manual Test Results:

• ✅ Policy file parsing using PolicyParser works correctly
• ✅ Network permissions applied from allow lists
• ✅ Multiple arguments parsed correctly
• ✅ Better error messages for multi-tool components
• ✅ Backward compatibility maintained (inspect schema)

Original prompt

enhance wassette inspect call subcomamnd to call the component with args like wassette inspect call --arg KEY=VAL --arg KEY=VAL <component-id> and an optional policy file for that specific component

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[Mossaka]

@copilot can you test this out with all the examples (skip the ones where you don't have network or API keys)

[Copilot]

@copilot can you test this out with all the examples (skip the ones where you don't have network or API keys)

Tested wassette inspect call with all available examples:

Successfully tested:

• ✅ fetch-rs: Network requests work (TLS errors expected in sandbox)
• ✅ filesystem: File operations with storage permissions work correctly
• ✅ time-server-js: Returns current time, no args needed
• ✅ Policy file support: YAML policies parsed and permissions applied correctly

Test results:

# fetch-rs with network permission
$ wassette inspect call fetch-rs --arg url=https://example.com
{"result": {"err": "ErrorCode::TlsProtocolError"}}

# filesystem with storage permission
$ wassette inspect call filesystem --arg path=/tmp/test-fs
{"result": {"ok": ["[FILE] test.txt\n"]}}

# time-server-js (no permissions needed)
$ wassette inspect call time-server-js
{"result": "2025-11-14T05:24:01.434Z"}

# With policy file
$ wassette inspect call fetch-rs --arg url=https://httpbin.org/get --policy-file policy.yaml
{"result": {"err": "ErrorCode::DnsError(...)"}}

Notes:

• Skipped examples requiring API keys (get-weather-js, brave-search-rs, arxiv-rs, context7-rs)
• eval-py and gomodule require complex nested JSON arguments, not suitable for simple KEY=VALUE format
• All core functionality (args, policy files, permissions) working as expected

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• httpbin.org
  • Triggering command: /home/REDACTED/work/wassette/wassette/target/release/wassette inspect call fetch-rs --arg url=REDACTED --policy-file /tmp/test-policy.yaml --component-dir /tmp/wassette-examples-final/components (dns block)
• https://api.github.com/repos/Mossaka/wit-docs-inject/commits/HEAD
  • Triggering command: /home/REDACTED/.rustup/toolchains/1.90-x86_64-REDACTED-linux-gnu/bin/cargo install --git REDACTED (http block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[Copilot]

Pull Request Overview

This PR adds a new wassette inspect call subcommand that enables direct CLI invocation of WebAssembly components with arguments and optional policy file support. The change converts the existing inspect command into a subcommand structure with schema (existing functionality) and call (new functionality).

Key Changes

• Introduces InspectCommands enum with Schema and Call variants for structured subcommands
• Implements policy file parsing and permission application from YAML files before component execution
• Adds --arg KEY=VAL flag with JSON value auto-detection for flexible argument passing

Reviewed Changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 7 comments.

File	Description
src/commands.rs	Adds InspectCommands enum defining schema and call subcommands with their respective arguments including policy file path and key-value args
src/main.rs	Implements call subcommand handler with policy parsing, permission granting, tool extraction, argument conversion, and component execution logic
tests/cli_integration_test.rs	Updates existing inspect tests to use schema subcommand and adds comprehensive tests for call subcommand with single args, multiple args, policy files, and error cases

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

This policy parsing logic is duplicated code that reimplements what the policy crate's PolicyParser already does. Instead of manually parsing the YAML and extracting permissions with custom logic, use PolicyParser::parse_str() to get a validated PolicyDocument, then iterate over the allow lists in the document's permissions. This would eliminate ~100 lines of duplicate, error-prone code and ensure consistency with how policies are parsed elsewhere in the codebase.

[Copilot]

The policy parsing logic here is inconsistent with the standard policy format used elsewhere in the codebase. The standard format requires an allow field under each permission type (e.g., permissions.network.allow[]), but this implementation expects a flat array directly under permissions.network.

For example, the standard format in policy.yaml is:

permissions:
  network:
    allow:
      - host: "api.example.com"

But this code expects:

permissions:
  network:
    - host: "api.example.com"

This inconsistency will cause the --policy-file feature to fail with standard policy files. The code should use the policy crate's PolicyParser to parse the policy file and then extract permissions from the allow lists.

[Copilot]

The permission type names are inconsistent. The code uses "environment-variables" (line 854) when checking the policy but uses "environment-variable" (singular, line 868) when calling grant_permission. This mismatch means environment variable permissions from policy files will never be applied. The permission type should be consistent throughout - use "environment-variable" in both places to match the actual permission type used by the lifecycle manager.

Suggested change

	.get("environment-variables")
	.get("environment-variable")

[Copilot]

The memory permission structure passed to grant_permission is incorrect. The code constructs a nested JSON structure with resources.limits.memory, but based on the grant_permission API usage in other parts of the codebase, it should match the policy document structure. Additionally, the permission type name should likely be "resources" or "memory" - the code should be verified against the actual grant_permission implementation to ensure the correct structure and permission type are used.

[Copilot]

The policy file format in this test is incorrect and doesn't match the standard policy format used throughout the codebase. It should include an allow field and other required fields like version. The test policy should be:

version: "1.0"
permissions:
  network:
    allow:
      - host: "example.com"

This test will currently fail because the implementation expects a different (also incorrect) format. Both the test and implementation need to be fixed to use the standard PolicyDocument format.

Suggested change

	permissions:
	network:
	- host: "example.com"
	version: "1.0"
	permissions:
	network:
	allow:
	- host: "example.com"

[Copilot]

This comment is misleading and should be removed or updated. The comment says "This is a simplified version" and "For now, we'll use the existing policy application logic", but this is the actual implementation being added in this PR. Either this should be updated to accurately describe what the code does, or if this is truly temporary/incomplete, it should be marked with a TODO or FIXME.

Suggested change

	// This is a simplified version - the full implementation would need to
	// parse the policy structure and call the appropriate grant-* functions
	tracing::info!("Applying policy from file to component {}", component_id);
	// For now, we'll use the existing policy application logic
	// The policy should contain permissions like storage, network, etc.
	// Apply permissions from the policy file to the component.
	// The current implementation parses the "permissions" section and calls
	// the appropriate grant_permission functions for each supported type.
	// If additional permission types or more complex logic are needed,
	// extend this section accordingly. See documentation for details.
	tracing::info!("Applying policy from file to component {}", component_id);

[Copilot]

[nitpick] The tool selection logic always uses the first tool in the component, which may not be the desired behavior. This could be problematic for components that have multiple tools. Consider either:

1. Allowing the user to specify which tool to call via a --tool flag
2. Failing with a clear error message if the component has multiple tools
3. Documenting this limitation clearly

The current implementation silently chooses the first tool without informing the user, which could lead to unexpected behavior.

Suggested change

	// Find the first tool in the component
	let tool_name = if let Some(arr) = schema["tools"].as_array() {
	if let Some(first_tool) = arr.first() {
	// Try nested structure first (live component schema)
	let tool_info = if first_tool.get("properties").is_some() {
	&first_tool["properties"]["result"]
	} else {
	// Fallback to flat structure (metadata schema)
	first_tool
	};
	tool_info["name"]
	.as_str()
	.ok_or_else(|| anyhow::anyhow!("Tool name not found in schema"))?
	.to_string()
	} else {
	bail!("No tools found in component");
	}
	// Find the tool in the component
	let tool_name = if let Some(arr) = schema["tools"].as_array() {
	if arr.is_empty() {
	bail!("No tools found in component");
	}
	if arr.len() > 1 {
	// Collect tool names for error message
	let tool_names: Vec<String> = arr
	.iter()
	.map(|tool| {
	let tool_info = if tool.get("properties").is_some() {
	&tool["properties"]["result"]
	} else {
	tool
	};
	tool_info["name"]
	.as_str()
	.unwrap_or("<unknown>")
	.to_string()
	})
	.collect();
	bail!(
	"Component '{}' has multiple tools: [{}]. Please specify which tool to call. (This CLI currently only supports components with a single tool.)",
	component_id,
	tool_names.join(", ")
	);
	}
	// Only one tool present, proceed as before
	let first_tool = &arr[0];
	let tool_info = if first_tool.get("properties").is_some() {
	&first_tool["properties"]["result"]
	} else {
	first_tool
	};
	tool_info["name"]
	.as_str()
	.ok_or_else(|| anyhow::anyhow!("Tool name not found in schema"))?
	.to_string()

[Mossaka]

@copilot address all the comments, fmt code and commit

[Copilot]

@copilot address all the comments, fmt code and commit

All review comments addressed in commit 446cfe3:

1. ✅ Policy parsing: Now uses PolicyParser::parse_file() from policy crate instead of manual YAML parsing
2. ✅ Policy format: Fixed to use standard allow lists (e.g., permissions.network.allow[])
3. ✅ Permission types: Fixed environment variable naming consistency (was using both environment-variables and environment-variable)
4. ✅ Multi-tool handling: Added clear error message when component has multiple tools
5. ✅ Test policy format: Updated to include required version field and allow structure
6. ✅ Comments: Removed misleading "simplified version" comments

Code formatted and all tests passing (30/30).

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• httpbin.org
  • Triggering command: /home/REDACTED/work/wassette/wassette/target/debug/wassette inspect call fetch_rs --arg url=REDACTED --arg method=GET --component-dir /tmp/.tmpr6dHXC/components (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)