feat: multi-agent support, unified CLI, and extractors (#37)

* feat: add multi-agent data model with OpenAI and Google pricing

Introduce agent_type dimension across the data model to support Codex CLI
and Gemini CLI alongside Claude Code. Rename claude_version → agent_version
and claude_helpfulness → agent_helpfulness with backward-compatible Pydantic
validators. Add pricing for 9 OpenAI/Google models and agent_type filter
to analytics queries.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: add Codex CLI and Gemini CLI extractors with registry-based discovery

Introduce a SessionExtractor protocol and three implementations (Claude Code,
Codex CLI, Gemini CLI) behind an extractor registry. list_local_sessions() and
sync now dispatch through the registry, enabling multi-agent session discovery
and ingestion from ~/.codex/ and ~/.gemini/ alongside ~/.claude/.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: add unified `primer` CLI with init, server, hook, mcp, and doctor commands

Replaces ~8 manual steps (python -m, scripts/, raw uvicorn, manual settings edits)
with a single `pip install . && primer init && primer server start` workflow.

Adds click-based CLI with commands: init, setup, server {start,stop,status,logs},
hook {install,uninstall,status}, mcp {install,uninstall,serve}, sync, doctor,
and configure {get,set,list}. Includes config.toml bridge, launchd/systemd/pidfile
server management, and refactored hook installer.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* test: increase CLI test coverage to 95% (was ~55%)

Add 40+ tests across server_manager, setup, server, sync, doctor,
configure, and config modules using monkeypatch — no real infrastructure.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: prevent PRIMER_ADMIN_API_KEY env leak between tests

The init test's load_config_into_env() set env vars without monkeypatch,
causing test_admin_headers to see a stale admin key. Fix both the source
(delenv in init test) and the victim (patch ADMIN_API_KEY in mcp fixture).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: sort imports in init.py to satisfy ruff I001 in CI

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: address bugbot review comments

- Fix invalid systemd directive `StandardErrorOutput` → `StandardError`
- Close log file descriptor after spawning background server process
- Key cumulative token tracker per model to avoid cross-model deltas
- Only count `ExecCommandBegin` events (not paired End) for tool calls
- Populate `agent_type_counts` in overview stats from session data

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: address second round of bugbot comments

- Escape special chars in TOML string serializer (`\`, `"`)
- Read engineer ID from nested `engineer` key in setup response
- Escape XML special chars in launchd plist env values
- Fix operator precedence in Gemini extractor usage metadata access
- Remove dead `_project_path_to_dir_name` and `_find_transcript` from reader

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: add Astro marketing website with landing, docs, blog, and deployment

Implements the marketing website plan using Astro 5 with Tailwind v4,
React islands for interactive components, and MDX content collections
for the blog. Includes dark hero, feature grid, comparison table,
pricing page, and GitHub Pages deployment workflow.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: address third round of bugbot comments

- Preserve comments in config.toml by doing line-level replacement in
  set_value instead of full round-trip through tomllib
- Coerce string values to int/float/bool before storing in TOML
- Mask sensitive values in `configure set` output (consistent with get/list)
- Scope S603 suppression to cli/ and hook/ via per-file-ignores
- Use exact session_id match in Gemini telemetry lookup instead of
  substring matching on raw log lines

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: add agent_type_counts to frontend OverviewStats type

Aligns the TypeScript interface with the backend schema that now
returns agent type distribution data.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: address fourth round of bugbot comments

- Merge _extract_session_id and _extract_project_path into single
  _extract_session_meta to avoid reading each rollout file twice
- Use check=False in systemd stop to handle gracefully when server
  isn't running instead of crashing with CalledProcessError

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: address fifth round of bugbot comments

- Preserve leading whitespace in config line replacement
- Guard API key truncation for short keys in doctor command
- XML-escape log path in launchd plist generation

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: add Codex CLI and Gemini CLI sessions to seed script

Extend seed_data.py with multi-agent support so the dashboard shows
realistic Codex/Gemini data alongside Claude Code. Also bump the ingest
rate limit from 120/min to 300/min to avoid 429s during seeding.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: mask short sensitive values in configure output

Short sensitive values (<=12 chars) were displayed in full by
`configure get`, `configure set`, and `configure list`. Now they
show "***" consistent with the doctor command.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

Author: ccf

.github/workflows/website.yml

@@ -0,0 +1,52 @@
+name: Deploy Website
+
+on:
+  push:
+    branches: [main]
+    paths:
+      - "website/**"
+      - "brand/**"
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+concurrency:
+  group: "pages"
+  cancel-in-progress: false
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "22"
+          cache: "npm"
+          cache-dependency-path: website/package-lock.json
+
+      - name: Install dependencies
+        run: cd website && npm ci
+
+      - name: Build website
+        run: cd website && npm run build
+
+      - name: Upload artifact
+        uses: actions/upload-pages-artifact@v3
+        with:
+          path: website/dist
+
+  deploy:
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    runs-on: ubuntu-latest
+    needs: build
+    steps:
+      - name: Deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@v4

alembic/versions/a1b2c3d4e5f6_add_agent_type_rename_claude_fields.py

@@ -0,0 +1,60 @@
+"""add agent_type, rename claude_version and claude_helpfulness
+
+Revision ID: a1b2c3d4e5f6
+Revises: 7dda515efd1d
+Create Date: 2026-02-27 00:00:00.000000
+
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision: str = "a1b2c3d4e5f6"
+down_revision: Union[str, None] = "7dda515efd1d"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    # --- sessions table ---
+    with op.batch_alter_table("sessions") as batch_op:
+        batch_op.add_column(
+            sa.Column("agent_type", sa.String(30), nullable=False, server_default="claude_code")
+        )
+        batch_op.alter_column("claude_version", new_column_name="agent_version")
+        batch_op.create_index("ix_sessions_agent_type", ["agent_type"])
+
+    # --- session_facets table ---
+    with op.batch_alter_table("session_facets") as batch_op:
+        batch_op.alter_column("claude_helpfulness", new_column_name="agent_helpfulness")
+
+    # --- daily_stats table ---
+    with op.batch_alter_table("daily_stats") as batch_op:
+        batch_op.add_column(
+            sa.Column("agent_type", sa.String(30), nullable=False, server_default="claude_code")
+        )
+        batch_op.drop_constraint("uq_daily_stats_engineer_date")
+        batch_op.create_unique_constraint(
+            "uq_daily_stats_engineer_date", ["engineer_id", "date", "agent_type"]
+        )
+
+
+def downgrade() -> None:
+    # --- daily_stats table ---
+    with op.batch_alter_table("daily_stats") as batch_op:
+        batch_op.drop_constraint("uq_daily_stats_engineer_date")
+        batch_op.create_unique_constraint("uq_daily_stats_engineer_date", ["engineer_id", "date"])
+        batch_op.drop_column("agent_type")
+
+    # --- session_facets table ---
+    with op.batch_alter_table("session_facets") as batch_op:
+        batch_op.alter_column("agent_helpfulness", new_column_name="claude_helpfulness")
+
+    # --- sessions table ---
+    with op.batch_alter_table("sessions") as batch_op:
+        batch_op.drop_index("ix_sessions_agent_type")
+        batch_op.alter_column("agent_version", new_column_name="claude_version")
+        batch_op.drop_column("agent_type")

brand/tokens.css

@@ -0,0 +1,25 @@
+/* Primer Design Tokens — shared across website/ and frontend/ */
+:root {
+  /* Brand */
+  --primer-brand: #6366F1;
+  --primer-foreground: #4338CA;
+  --primer-surface: #EEF2FF;
+  --primer-border: #C7D2FE;
+  --primer-dark: #0F0B2A;
+
+  /* Extended Palette */
+  --primer-50: #EEF2FF;
+  --primer-100: #E0E7FF;
+  --primer-200: #C7D2FE;
+  --primer-400: #818CF8;
+  --primer-500: #6366F1;
+  --primer-600: #4F46E5;
+  --primer-700: #4338CA;
+  --primer-900: #312E81;
+
+  /* Semantic */
+  --primer-success: #16A34A;
+  --primer-warning: #D97706;
+  --primer-critical: #DC2626;
+  --primer-info: #2563EB;
+}

docs/plans/installation-simplification.md

@@ -0,0 +1,169 @@
+# Installation Simplification Plan
+
+## Context
+Primer currently requires ~8 manual steps across Python, Node.js, and shell. This plan introduces a `primer` CLI, a `curl | sh` installer for personal use, and enhanced Docker/Helm for enterprise.
+
+## Current Pain Points
+- No single entry point or CLI — everything is `python -m`, `python scripts/`, or raw curl
+- No `[project.scripts]` in pyproject.toml
+- No daemonization (server runs in foreground terminal)
+- Frontend requires Node.js + separate dev server
+- Docker Compose is minimal (no frontend, no health checks)
+- No Helm chart
+- MCP registration and API key distribution are manual
+
+## 1. Unified `primer` CLI
+
+### Entry Point
+```toml
+# pyproject.toml
+[project.scripts]
+primer = "primer.cli:main"
+```
+
+### Command Tree
+```
+primer init                    # Create ~/.primer/, run migrations, generate config
+primer setup                   # Create identity (name, email from git config)
+primer server start [--fg]     # Start server (background default, foreground for Docker)
+primer server stop             # Stop background server
+primer server status           # Show running state, port, uptime
+primer server logs             # Tail server logs
+primer hook install            # Install SessionEnd hook in Claude Code
+primer hook uninstall          # Remove hook
+primer hook status             # Check hook configuration
+primer mcp install             # Register MCP sidecar
+primer mcp uninstall           # Remove MCP registration
+primer mcp serve               # Run MCP server (used by the registration)
+primer sync                    # Sync local sessions to server
+primer doctor                  # Diagnose issues (connectivity, hook, MCP)
+primer version                 # Show version
+primer configure [set|get]     # View/edit config
+```
+
+### Config Precedence
+1. CLI flags → 2. Environment variables → 3. `~/.primer/config.toml` → 4. PrimerSettings defaults
+
+### Data Directory
+```
+~/.primer/
+  config.toml          # API keys, server URL, port
+  primer.db            # SQLite database
+  frontend-dist/       # Pre-built React app
+  logs/server.log      # Server output
+  server.pid           # PID file for background server
+```
+
+### Server Management
+- macOS: launchd plist at `~/Library/LaunchAgents/dev.primer.server.plist`
+- Linux: systemd user unit at `~/.config/systemd/user/primer.service`
+- Fallback: `nohup` + PID file
+
+## 2. Personal Use: `curl | sh` Installer
+
+```bash
+curl -fsSL https://primer.dev/install.sh | sh
+```
+
+### Steps
+1. **Detect environment**: OS, arch, Python 3.12+, pipx
+2. **Install package**: `pipx install primer` (or `pip install --user`)
+3. **Initialize**: `primer init` — creates ~/.primer/, runs Alembic, generates keys
+4. **Setup identity**: `primer setup --auto` — reads name/email from `git config`
+5. **Install hook**: `primer hook install` — writes to `~/.claude/settings.json`
+6. **Register MCP**: `primer mcp install` — adds MCP sidecar entry
+7. **Download frontend**: Pre-built tarball from GitHub release → `~/.primer/frontend-dist/`
+8. **Start server**: Create launchd plist or systemd unit, start service
+9. **Verify**: Health check + print summary with URLs and key location
+
+### Config File
+```toml
+[server]
+host = "127.0.0.1"
+port = 8000
+database_url = "sqlite:///~/.primer/primer.db"
+admin_api_key = "primer-admin-xxxxxxxx"
+
+[identity]
+api_key = "primer_xxxxxxxx"
+name = "Your Name"
+email = "you@example.com"
+```
+
+## 3. Enterprise: Docker Compose
+
+### New `Dockerfile.frontend`
+Multi-stage: `node:20-alpine` build → `nginx:alpine` serve
+
+### Enhanced `docker-compose.yml`
+- PostgreSQL with health check
+- Server with health check + required env var validation (`${VAR:?message}`)
+- Frontend container (nginx)
+- `.env.docker.example` template
+
+### Enterprise Setup Script
+```bash
+curl -fsSL https://primer.dev/enterprise-setup.sh | sh
+```
+Checks Docker, prompts for PostgreSQL, generates keys, writes .env, runs `docker compose up -d`.
+
+## 4. Enterprise: Kubernetes / Helm
+
+### Chart Structure
+```
+deploy/helm/primer/
+  Chart.yaml, values.yaml
+  templates/
+    deployment-server.yaml    # With HPA
+    deployment-frontend.yaml
+    service-*.yaml
+    ingress.yaml              # With TLS
+    configmap.yaml, secret.yaml
+    migration-job.yaml        # Helm pre-install/pre-upgrade hook
+    hpa.yaml, pdb.yaml
+```
+
+### Key values.yaml
+- Server: 2 replicas, autoscaling 2-10 at 70% CPU
+- External PostgreSQL recommended (with `existingSecret` support)
+- Ingress with TLS
+- Migration job runs before server starts
+
+## 5. Code Changes Required
+
+### `pyproject.toml`
+- Add `[project.scripts]` entry
+- Use `tomllib` (stdlib in 3.12+) for config parsing
+
+### `src/primer/common/config.py`
+- Read `~/.primer/config.toml` as fallback
+- Add `data_dir` property
+
+### `src/primer/server/app.py`
+- Check `~/.primer/frontend-dist/` as fallback for static files
+- Log configuration on startup
+
+### `scripts/install_hook.py`
+- Refactor core logic into `src/primer/hook/installer.py`
+- Script becomes thin wrapper
+
+### `Dockerfile.server`
+- Add `HEALTHCHECK`
+- Use `primer server start --fg` as entry point
+
+## Implementation Sequence
+
+| Phase | Work |
+|---|---|
+| **1** | `primer` CLI core — init, setup, server, hook, mcp, sync, doctor |
+| **2** | `install.sh` script — OS detection, pipx install, launchd/systemd |
+| **3** | Docker improvements — frontend Dockerfile, compose health checks, .env |
+| **4** | Helm chart — deployments, ingress, migration job, HPA |
+| **5** | Documentation — getting-started, deployment, CLI reference |
+
+## Risks
+- PyPI publication needed for `pipx install primer`
+- Pre-built frontend requires CI release pipeline
+- Port 8000 conflicts — auto-detect free port
+- Python 3.12+ requirement — document pyenv/brew install
+- Database migrations on upgrade — `primer server start` should auto-migrate