refactor: remove local workspace runtime, redesign config schema#571
Open
dorey-agent[bot] wants to merge 7 commits into
Open
refactor: remove local workspace runtime, redesign config schema#571dorey-agent[bot] wants to merge 7 commits into
dorey-agent[bot] wants to merge 7 commits into
Conversation
Remove the local subprocess runtime (WorkspaceConfig::Local) and redesign the workspace config schema with versioned format support: - Delete LocalBackend and local_backend module entirely - Replace internally-tagged enum with custom Deserialize/Serialize that supports both v1 (flat fields, deprecated with warning) and v2 (adjacently-tagged: type + options) formats - Rename DockerWorkspaceConfig to DockerWorkspaceOptions - Add schema_version field to AnyclawConfig (default: 1) - Remove local agent validation, binary resolution, and spawn logic - Simplify keepalive_interval (always enabled, Docker-only now) - Add convenience methods docker()/docker_mut() on WorkspaceConfig - Reject type: local with clear error message - Update all examples to v2 format - Regenerate JSON schema BREAKING CHANGE: workspace type "local" is no longer supported. All agents must use Docker containers (type: "docker"). Config schema v2 wraps runtime-specific fields under "options" key. v1 format (flat fields) still accepted with deprecation warning.
added 6 commits
May 10, 2026 21:10
The Local workspace variant is needed by integration tests that spawn agent-mock as a native subprocess. It remains rejected from YAML config (deserialization produces a clear error), but is constructable in code. - Re-add LocalBackend with test-only documentation - Re-add LocalWorkspaceOptions struct (no serde derives for YAML) - Add Local arm to build_backend, fs_sandbox, banner, supervisor - Revert test-helper configs to use Local for agent-mock spawning - Add is_docker() method back for keepalive conditional
…emon_uris These production code paths called .docker() unconditionally, which panics on Local workspace variants used by integration tests. Use match instead.
… YAML Split the test: one verifies supervisor boot with Local config (no YAML), the other verifies Docker config YAML round-trip (requires Docker image).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation
The local subprocess runtime (
WorkspaceConfig::Local) was a development convenience that bypasses all container isolation, proxy enforcement, and resource limits. In production, all agents run in Docker containers. Keeping the local runtime adds code complexity, widens the attack surface, and creates a config path that's never used in real deployments.Additionally, the workspace config schema needed redesign to support future runtime types (e.g., Firecracker, Podman) without breaking changes.
Solution
Remove local runtime entirely:
LocalBackendandlocal_backendmodule (141 lines)WorkspaceConfig::Localvariant andLocalWorkspaceConfigstructis_docker())Redesign config schema with versioning:
schema_version: u32toAnyclawConfig(default: 1)DockerWorkspaceConfig→DockerWorkspaceOptionsDeserializesupports both formats:{ type: "docker", options: { image: "...", ... } }{ type: "docker", image: "...", ... }— emitstracing::warn!type: "local"→ clear error: "workspace type "local" has been removed"BREAKING CHANGE:
type: localis no longer accepted. All agents must use Docker.Testing
cargo test --workspace --exclude anyclaw-integration-tests --exclude anyclaw-services: all pass (1467 tests)cargo clippy --workspace: zero warningscargo +1.95.0 fmt --check --all: cleancargo clippy --workspace --manifest-path ext/Cargo.toml: clean#[ignore](require Docker daemon — previously used local subprocess spawn)Checklist
cargo test)cargo clippy --workspace -- -D warnings)cargo fmt --all -- --check)cargo doc --no-deps --workspace)AGENTS.mdif module structure or public APIs changedCHANGELOG.mdif this is a user-facing binary change[ai-assisted]