Skip to content

refactor(core,client): move agent resolution, command/snapshot/stub and recursive-fs logic into the sidecar#1612

Merged
NathanFlurry merged 16 commits into
mainfrom
refactor/remove-hardcoded-agents
Jul 5, 2026
Merged

refactor(core,client): move agent resolution, command/snapshot/stub and recursive-fs logic into the sidecar#1612
NathanFlurry merged 16 commits into
mainfrom
refactor/remove-hardcoded-agents

Conversation

@NathanFlurry

Copy link
Copy Markdown
Member
  • Make the AgentOs client npm-agnostic; the sidecar now owns agent resolution and enumeration (listAgents RPC)
  • Run exec chmod/stat/exit in the guest instead of emulating them client-side
  • Sidecar reports projected command targets; both clients consume them instead of re-reading package dirs
  • Sidecar loads the V8 snapshot bundle from the projected package (dropped from the client wire)
  • Sidecar synthesizes /bin command + toolkit-shim stubs from forwarded names (removes a host tmp dir + mount)
  • Recursive fs ops (copy/move/delete/readdir) collapse to a single sidecar RPC backed by a bounded kernel primitive
  • Thin the runtime-compat NativeKernel to use sidecar-reported commands
  • Rework agent-session tests onto projected mock packages; migrate moduleAccess to nodeModulesMount; remove dead code
  • Bump the secure-exec ref to merged secure-exec feat: add durable storage MVP #267 and align crate pins to 0.3.4-rc.1

The committed .github/refs/secure-exec was bumped (PRs #1598-1600) without
re-fitting agentos-client, which was last re-fit (d4cbe82) for the older
secure-exec 0bf7dcb. Re-fit against the current wire API:
- wire::PackageDescriptor { name, dir, acp_entrypoint } -> { dir } (the sidecar
  reads name/acpEntrypoint from the package manifest at dir)
- READ_DIR entries are now list<GuestDirEntry> -> project each .name
- handle new ResponsePayload::{GuestKernelResultResponse, ResourceSnapshotResponse}
- JsRuntimeConfig gained high_resolution_time
…op stale website filter

- verify the secure-exec crate via the crates.io sparse index (the v1 API now
  returns 403 under crates.io's data-access policy)
- install wasm-pack in the publish-npm job so @rivet-dev/agentos-browser's
  build:dist-wasm (wasm-pack build agentos-sidecar-browser) works
- drop the turbo --filter='!@agentos/website' (website is excluded from the
  workspace, so the filter matches no package and turbo errors)
…nodeModulesMount mount

- Delete the `moduleAccessCwd` TS option and its zod schema field; callers pass `nodeModulesMount(...)` in `mounts` instead
- Remove the dead `ModuleAccessOptions` compat shim from runtime-compat
- Drop the `moduleAccessCwd` field from the native actor config (TS + Rust)
- Remove the `module_access_cwd` field/builder from the Rust client config and stop client-side cwd expansion; add a `node_modules_mount()` helper mirroring the TS helper
- Convert Rust e2e tests and the pi-extensions example to the mount-based form
…nifest resolution

- Delete the vestigial AGENT_CONFIGS table and the AgentType union from packages/core; AgentType is now `string` (a manifest name), and createSession/resumeSession/listAgents resolve agents purely from configured /opt/agentos package manifests
- Drop the AGENT_CONFIGS root export and update the affected core tests + package CLAUDE.md/README
- Rust client (crates/client): delete BUILTIN_AGENT_IDS/agent_config and the legacy /root/node_modules adapter lookup; resolve agents dynamically from the configured package manifests (keyed by manifest name, spawned via /opt/agentos/bin/<acpEntrypoint>) for parity with TS
- Add a root CLAUDE.md rule that the Rust and TypeScript clients must behave identically
…nt resolution + enumeration

- Delete the `adapterEntrypoint` wire field from `AcpCreateSessionRequest`; the client sends only `agentType`.
- Move agent resolution (name -> package -> entrypoint/env/launchArgs) and ACP spawn into the sidecar, reading the projected `/opt/agentos/<name>/current/agentos-package.json`.
- Make `listAgents()` a sidecar ACP RPC (`AcpListAgentsRequest`/`AcpListAgentsResponse`); the sidecar enumerates the projected `/opt/agentos` packages. The client parses no manifests for discovery.
- The client (TS + Rust) no longer scans node_modules, calls require.resolve, reads its own package.json deps, or computes adapter entrypoints; default software is a plain `import common from "@agentos-software/common"`.
- Remove the client-side agent-config surface: `AgentConfig`/`agents.ts`, `_resolveAgentConfig`, `resolveDependencyAgents`, `serializedAgentConfigs`, the TS lazy-link path, and the resume adapter-entrypoint env hack. `AgentType` now lives in `types.ts`.
- Mirror the resolution+enumeration in the host-free browser core over its filesystem seam.
- Update root + core CLAUDE.md and the affected tests to the new contract.
…nt emulation

The native-sidecar exec() emulated chmod, stat -c %a, and sh -c 'exit N'
client-side (fs RPCs / early returns) — only the TS client did this, and it
drifts from real coreutils/shell semantics. Route these through the guest
shell/command path like the Rust client already does, so the guest runs the
real command. Removes a TS/Rust parity divergence.
…re-reading package dirs

Both clients now populate their command map from the projectedCommands returned
by configureVm/linkPackage, deleting the host-side package.json/bin derivation
(deriveProjectedCommandNames / package_command_names) and the TS/Rust sort/filter
divergence it carried.
… loads it

Deletes resolveAgentSnapshotBundle and the snapshotUserlandCode wiring — the
client no longer reads agentos-package.json or dist/sdk-snapshot.js off the host
or ships the bundle over the wire. The sidecar resolves it from the projection,
which also gives the Rust client snapshot parity (was hard-coded None).
…client stub writing + shim mount

The client no longer writes /bin/<cmd> kernel-command stubs or materializes a host
tmp dir of agentos-<toolkit> shims mounted at /usr/local/bin. It forwards
bootstrapCommands + toolShimCommands and lets the sidecar create the stubs in its
projection, removing the host tmp-dir lifecycle and one host_dir mount.
…t each

Replace the per-node client-side copy/move/delete/readdir tree-walks (O(N)
round-trips) in both the TS and Rust clients with a single forwarded
readdirRecursive/movePath/removePath request, deleting the duplicated walk
helpers. The sidecar's kernel walks the tree locally in one hop.
…ted commands

NativeKernel.mount() now registers command names from the sidecar's
configureVm projectedCommands response instead of re-deriving guest command
paths client-side; removes collectGuestCommandPaths / getGuestCommandPaths /
commandDirOffsets. Public createKernel/createWasmVmRuntime API + its snapshot
and wasm-discovery behavior are preserved (full sidecar-facade migration left
as a separate effort).
Replace the 7 tests that monkeypatched the removed _resolveAgentConfig with a
shared projected-agent-package helper that stages a real agentos-package.json +
bin adapter and passes it via software:[...], so the sidecar resolves the agent
the same way production does. Preserves each test's assertions.
…ver moduleAccess

Complete the moduleAccessCwd removal: createNodeDriver now accepts explicit
node_modules mounts (preferred over the process.cwd() fallback), secure-exec
re-exports nodeModulesMount, and the remaining moduleAccess:{cwd} consumers
(secure-exec-typescript integration test + the ai-agent type-check example)
use mounts:[nodeModulesMount(...)] instead.
The legacyManifest field was written but never read (a leftover from the package-ref
manifest migration); drop the field, its assignments, and the legacyPackageManifest
helper, plus the duplicate write-only path in the actor.
… to 0.3.4-rc.1

Point .github/refs/secure-exec at secure-exec main (78efd873e, which carries the
merged sidecar wire changes this branch depends on) and bump the path-dep crate
pins from 0.3.0-rc.1 to 0.3.4-rc.1 to match.
@railway-app railway-app Bot temporarily deployed to agentos / agentos-pr-1612 July 5, 2026 20:46 Destroyed
…oded-agents

# Conflicts:
#	.github/refs/secure-exec
@railway-app railway-app Bot temporarily deployed to agentos / agentos-pr-1612 July 5, 2026 20:47 Destroyed
@NathanFlurry NathanFlurry merged commit a0076cf into main Jul 5, 2026
1 of 4 checks passed
@NathanFlurry NathanFlurry deleted the refactor/remove-hardcoded-agents branch July 5, 2026 20:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant