feat: add agent catalog/auth API and safer orchestrator switching#276
feat: add agent catalog/auth API and safer orchestrator switching#276nikhilachale wants to merge 7 commits into
Conversation
- Implemented AgentsController to handle /agents endpoint, returning a list of supported and installed agents. - Created agent inventory service to manage agent data and detect installed agents. - Updated ProjectSettingsForm to fetch and display agent information, including installed and supported agents. - Enhanced error handling for agent detection and orchestrator restarts. - Added tests for agent catalog and service to ensure correct functionality and error handling.
…flect changes - Added `AuthStatus` method to various agent plugins to check authorization status using CLI probes. - Introduced `authprobe` package to handle common CLI command checks for agent authorization. - Updated backend tests to include scenarios for authorized and unauthorized agents. - Modified frontend API schema to include `authorized` counts and `authStatus` for agents. - Enhanced `ProjectSettingsForm` to display authorized agents and their statuses, including prompts for login when necessary. - Adjusted agent selection logic to prioritize authorized agents and provide feedback for unauthorized or uninstalled agents.
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
There was a problem hiding this comment.
Your free trial has ended. If you'd like to continue receiving code reviews, you can add a payment method here.
There was a problem hiding this comment.
Your free trial has ended. If you'd like to continue receiving code reviews, you can add a payment method here.
…references from API and frontend
| return fmt.Errorf("retire %s: %w", id, ErrIncompleteHandle) | ||
| } | ||
| for attempt := 0; attempt < orchestratorRetireAttempts; attempt++ { | ||
| if err := m.runtime.Destroy(ctx, handle); err != nil { |
There was a problem hiding this comment.
This cutover path can leave the old orchestrator in a misleading state. RetireOrchestrator destroys the runtime before the session is marked terminated; if Destroy succeeds but a later IsAlive, workspace cleanup, or MarkTerminated step fails, the API reports ORCHESTRATOR_REPLACEMENT_INCOMPLETE and the UI tells users the previous orchestrator was kept alive, while the old process may already be gone and the DB row still looks active. For resiliency/UX, either mark terminal intent once destroy is known to have happened, or return a distinct recovery state that does not claim the previous orchestrator was preserved.
2 participants
Summary
This PR adds a daemon-backed agent catalog, exposes installed/authorized agent state to the frontend, and uses that data in project settings so users can choose worker/orchestrator agents more safely.
It also adds orchestrator replacement handling: when the saved orchestrator agent changes, AO starts the replacement first and only retires the previous orchestrator after the new one is up, so a failed replacement does not cause downtime.
A key caveat is that agent-auth/login flows can interfere with replacement startup. If switching agents triggers the agent’s own bootstrap path, the replacement may come up outside AO’s normal orchestrator initialization path and miss the AO orchestrator system prompt.
What Changed
Backend
Added agent inventory service for:
Added optional AgentAuthChecker capability on adapters.
Added shared CLI auth probing helper for adapters with cheap local auth checks.
Added GET /api/v1/agents.
Extended registry inventory entries to carry adapter manifest metadata for user-facing labels.
Added orchestrator replacement flow in the session service:
Added backend tests for agent catalog, controller responses, session replacement behavior, and related project/service wiring.
Frontend
Regenerated API types for the new agents endpoint/DTOs.
Updated ProjectSettingsForm to:
Added/updated tests for the new settings behavior.
Why
Before this change, the UI did not have a daemon-backed view of which agents are actually installed and authenticated on the local machine, and changing orchestrator agent config did not have a clear replacement flow.
This PR makes agent selection more grounded in local runtime state and reduces the chance of downtime during orchestrator switches.
Risks / Caveats
A large part of the file count comes from:
The CLI/runtime/session model is unchanged outside the new inventory/auth and orchestrator replacement paths.
Generated files are included intentionally:
Auth/login flows remain a review risk. If switching agents triggers the agent’s own login/bootstrap flow, that flow can spawn a fresh native session outside AO’s normal orchestrator startup path.
In that case, the replacement session may miss AO’s expected initialization, including the orchestrator system prompt.
The old orchestrator is intentionally preserved on replacement failure, but reviewers should pay close attention to whether
replacement startup still guarantees AO system-prompt delivery.
Closes #275