feat(core): add pluggable core runtime and fleet host#4791
Conversation
…lti-context, fleet host Claude-Session: https://claude.ai/code/session_012NkuU4PTNL7HuUkRodxyxg
…it, drop dead dispatch tier Pure motion, no behavior change: - Delete always-None tier-3 dispatch shim (src/rpc/dispatch.rs) and its call site - Convert src/core/runtime.rs to a directory module - Extract workspace-bound store init into runtime::context::init_stores - Extract the four background service spawns into runtime::services::spawn_* Groundwork for the CoreBuilder/ServiceSet composition in Phase 1. See docs/plans/pluggable-core/phase-0-defusion.md. Claude-Session: https://claude.ai/code/session_012NkuU4PTNL7HuUkRodxyxg
Introduce a first-class library API for hosting the core: - CoreBuilder::build() runs init only (controllers, master key, RPC token, workspace stores, bootstrap_core_runtime) — no port bound. - CoreRuntime::invoke() dispatches RPC in-process; ::serve() binds the HTTP listener + spawns ServiceSet-selected background services. - ServiceSet presets: desktop() / headless_api() / none(); TokenSource: Fixed(in-memory handoff) / EnvOrFile. - run_server_inner is now a thin shim over the builder (behavior-identical: ServiceSet::desktop, socketio per flag, legacy embedded_core→HostKind). - Re-export CoreBuilder/CoreRuntime/ServiceSet/TokenSource/HostKind from lib.rs. - Add examples/embed_headless.rs (library embedding via ServiceSet::none()). The Tauri shell and CLI keep calling run_server_embedded_with_ready / run_server, which now route through the builder, so all hosts share one path. See docs/plans/pluggable-core/phase-1-corebuilder.md. Claude-Session: https://claude.ai/code/session_012NkuU4PTNL7HuUkRodxyxg
Introduce CoreContext, which owns the load-bearing init order (controllers, master key, RPC bearer, workspace stores, bootstrap_core_runtime) previously inlined in CoreBuilder::build. CoreRuntime now holds an Arc<CoreContext> and exposes it via .context() (host_kind + resolved workspace_dir accessors). Stage A is a facade: store init still targets process globals. This centralizes the sequence as the seam for Stage B (handler-threaded context) and per-context stores. See docs/plans/pluggable-core/phase-2-corecontext.md. Claude-Session: https://claude.ai/code/session_012NkuU4PTNL7HuUkRodxyxg
…, single-source schemas Stage B goal (handlers reach a per-dispatch CoreContext) via a tokio task_local ambient context instead of a 846-site fn-pointer signature sweep: - CoreContext::init registers the first context as the process DEFAULT_CONTEXT. - try_invoke_registered_rpc scopes each handler future to CoreContext::current() (active scope if any, else default); handlers read it via CoreContext::current(). - Controller handlers stay bare fn pointers — zero per-handler churn. - Tests assert the isolation primitive (scope_sets_current_context, nested_scope_overrides_then_restores) — the Phase 3 exit-criterion mechanism. - Re-box the scoped future + raise recursion_limit to 256 (deep axum→tinyagents Send auto-trait solving overflowed with the extra future layer). Registry collapse (drift-elimination half): - all_controller_schemas() now derives from the registered controllers; the parallel build_declared_controller_schemas() and validate_registry's declared-vs-registered cross-check are deleted (drift impossible by construction). Duplicate/empty/required-input checks retained. Obsolete drift tests removed. Rationale for the deviation from the plan's explicit-signature sweep is recorded in docs/plans/pluggable-core/phase-2-corecontext.md. Store-trait per-domain migration (2.c) remains the incremental follow-up. Claude-Session: https://claude.ai/code/session_012NkuU4PTNL7HuUkRodxyxg
…r + reverse proxy
New self-contained binary (src/bin/fleet.rs, [[bin]] openhuman-fleet) that hosts
one openhuman-core per user and fronts them behind one endpoint — the 'manage
teams' host. Separate compile target: zero weight on the desktop/lib build.
- Process-per-user: spawns 'openhuman-core run --jsonrpc-only' per tenant with a
per-user OPENHUMAN_WORKSPACE + minted OPENHUMAN_CORE_TOKEN + channel listeners
off (the ServiceSet::headless_api shape from Phase 1); waits on /health.
- Reverse proxy: axum POST /{user_id}/rpc forwards the JSON-RPC body verbatim to
the tenant core, swapping the client edge token for the tenant core bearer —
wire contract unchanged, so CloudHttpTransport works against the fleet URL.
- Isolation: distinct EdgeToken (client) vs CoreBearer (fleet-only); proxy
rejects token/path-user mismatch; user ids validated as safe path segments.
- 7 unit tests over the pure logic (ports, workspace derivation, id validation,
provisioning, edge-token round-trip, bearer parsing) — all green.
MVP vs production follow-ups (sequential ports, backend membership sync, admin
API for tokens, Docker packaging) documented in
docs/plans/pluggable-core/phase-4-fleet-host.md.
Claude-Session: https://claude.ai/code/session_012NkuU4PTNL7HuUkRodxyxg
…le) + isolation test Turn the ambient-context mechanism into real cross-context isolation for the first domain: - people::store::for_workspace(dir) opens/caches a PeopleStore per workspace (distinct from the single active-user GLOBAL slot), so multiple workspaces' stores coexist in one process. - CoreContext::people() resolves the store for the context's workspace — additive alongside the legacy people::store::get(), so the ~40 existing people handlers are untouched and migrate to CoreContext::current()?.people() incrementally. - Exit test people_store_is_isolated_per_context_workspace: two contexts over distinct workspaces resolve isolated stores; one context resolves the same cached store. Realizes the Phase 3 exit criterion for the first domain. Remaining domains (memory/config/attachments) + RPC_TOKEN/subscriber relocation tracked in docs/plans/pluggable-core/phase-3-multi-context.md. Claude-Session: https://claude.ai/code/session_012NkuU4PTNL7HuUkRodxyxg
…tiple packages This commit updates the Cargo.lock file to replace instances of windows-sys version 0.61.2 and 0.59.0 with 0.60.2, ensuring compatibility and stability across the project. Additionally, the tinyagents package version is updated from 1.7.1 to 1.8.0.
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
📝 WalkthroughWalkthroughThe change adds an embeddable ChangesPluggable core and fleet hosting
Estimated code review effort: 4 (Complex) | ~60 minutes Sequence Diagram(s)sequenceDiagram
participant Host
participant CoreBuilder
participant CoreContext
participant CoreRuntime
participant JSONRPC
Host->>CoreBuilder: configure services and token
CoreBuilder->>CoreContext: build()
CoreContext-->>CoreBuilder: initialized context
CoreBuilder-->>Host: CoreRuntime
Host->>CoreRuntime: invoke(method, params)
CoreRuntime->>JSONRPC: dispatch RPC method
JSONRPC-->>Host: result
sequenceDiagram
participant Client
participant Fleet
participant EdgeAuth
participant TenantCore
Client->>Fleet: POST tenant RPC request
Fleet->>EdgeAuth: validate edge bearer
EdgeAuth-->>Fleet: tenant identity
Fleet->>TenantCore: forward body with core bearer
TenantCore-->>Fleet: JSON-RPC response
Fleet-->>Client: HTTP response
Possibly related PRs
Suggested labels: Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
Comment |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: ddafc44637
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
Actionable comments posted: 17
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@docs/plans/pluggable-core/phase-1-corebuilder.md`:
- Around line 11-17: Update the module-tree fenced code block in the phase-1
core builder plan to declare the text language on its opening fence, preserving
the existing tree content unchanged.
- Around line 21-25: Align the TokenSource documentation with the implemented
API by replacing the planned Env and GeneratedToFile variants with the exposed
EnvOrFile and Fixed variants, while preserving the documented token precedence
and one-time auth::init_rpc_token* initialization behavior.
- Around line 33-41: Update the phase-1 corebuilder guidance to use the
implementation’s actual lifecycle: replace CoreRuntime::start references with
CoreRuntime::serve, and describe readiness as an argument supplied to serve
rather than a CoreBuilder::ready(...) method. Apply the same terminology to the
related examples and consumer instructions, while preserving the documented bind
and readiness timing.
In `@docs/plans/pluggable-core/phase-2-corecontext.md`:
- Around line 119-125: Replace the obsolete old-signature ripgrep check in the
Verification section with validation of the ambient scope at
all::try_invoke_registered_rpc, and require tests that verify
CoreContext::current() propagation through registered RPC invocation.
In `@docs/plans/pluggable-core/phase-4-fleet-host.md`:
- Around line 56-69: Update the architecture diagram’s fenced code block in the
fleet-host plan to specify the text language after the opening fence, preserving
the diagram content unchanged.
- Around line 26-29: Introduce distinct EdgeToken and CoreBearer newtypes, then
replace the raw String representations in EdgeAuth and CoreInstance.core_bearer
and propagate those types through provisioning, lookup, and proxy forwarding.
Add only the conversions or accessors required at external boundaries, ensuring
edge tokens cannot be passed to core-bearer APIs without an explicit conversion.
In `@docs/plans/pluggable-core/README.md`:
- Around line 1-3: Update the status declaration in the Pluggable Core README to
accurately reflect that CoreBuilder, runtime, context, and fleet implementations
already exist, while clearly distinguishing completed work from remaining
planned work.
- Around line 71-84: Update the opening fenced code block in the architecture
overview around CoreBuilder::build and CoreRuntime::start to specify the text
language, preserving the existing diagram content and formatting.
- Around line 160-171: Update the Stage B strategy in the CoreContext plan to
use the implemented ambient task-local context approach instead of adding an
Arc<CoreContext> parameter to ControllerHandler. Remove or revise the associated
plain-function-pointer migration wording, and keep the strategy consistent with
phase-2-corecontext.md as the single authoritative design.
In `@src/bin/fleet.rs`:
- Around line 392-396: Remove the token-printing loop over minted in the daemon
startup flow so bearer credentials are never written to stdout; deliver the edge
tokens only through an authenticated administrative flow or an explicitly
configured restricted secret file.
- Around line 8-15: Update the fleet supervisor and per-tenant core launch flow
around the process-per-user design so each tenant runs under a distinct OS
security identity, such as a dedicated OS user or isolated container, with a
tenant-owned workspace mount. Ensure child processes cannot access other
tenants’ workspaces, and revise the surrounding isolation documentation to
describe the enforced boundary accurately.
- Around line 331-345: Update the tenant startup flow around CoreRuntime::serve
so registration waits for an identity-bearing readiness signal from a healthy
child containing its actual bound port. Use that reported port when constructing
CoreInstance, and only then insert into instances, edge_auth, and minted; ensure
failed spawns or missing/invalid readiness do not leave any tenant registration
behind.
- Around line 201-206: Update the upstream response handling in the match on
upstream so the response created from `(status, bytes).into_response()`
preserves the upstream Content-Type header. Capture the header from resp before
consuming it with resp.bytes().await, then apply it to the returned Axum
response before returning, while keeping the existing status and body behavior
unchanged.
- Around line 245-257: The tenant processes spawned in the Fleet supervisor are
not terminated or removed when the server stops or a child exits. Update the
child process management around the `tokio::process::Command` spawn and the
`Fleet::instances` lifecycle to enable shutdown cleanup via `kill_on_drop(true)`
or explicit kill/wait handling, and remove exited tenants from routing state so
requests are not sent to dead cores.
In `@src/core/runtime/builder.rs`:
- Around line 207-216: Update serve and the background-service helper methods to
accept a child cancellation token, return join handles for every spawned cron,
channel, update, and login-gated task, and retain those handles locally. On
shutdown and before serve returns—including the no-transport path—cancel the
child token and await all handles, ensuring repeated serve calls do not leave
detached or duplicated services.
- Around line 193-199: Update the runtime’s invoke method to execute
jsonrpc::invoke_method inside CoreContext::scope using self.ctx.clone(). Apply
equivalent per-request CoreContext scoping to the HTTP router dispatch so both
RPC entry points use this runtime’s context rather than the global default.
In `@src/core/runtime/context.rs`:
- Around line 109-120: Update the CoreContext initialization flow around
init_stores and Config::load_or_init so configuration is loaded exactly once.
Pass the resulting workspace configuration or resolved path into init_stores,
then reuse that same value for workspace_dir and context construction,
preserving the existing fallback/error behavior consistently.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 777fe9e4-854b-49a1-9d44-c6f45f8cdae3
⛔ Files ignored due to path filters (1)
app/src-tauri/Cargo.lockis excluded by!**/*.lock
📒 Files selected for processing (21)
Cargo.tomldocs/plans/pluggable-core/README.mddocs/plans/pluggable-core/phase-0-defusion.mddocs/plans/pluggable-core/phase-1-corebuilder.mddocs/plans/pluggable-core/phase-2-corecontext.mddocs/plans/pluggable-core/phase-3-multi-context.mddocs/plans/pluggable-core/phase-4-fleet-host.mdexamples/embed_headless.rssrc/bin/fleet.rssrc/core/all.rssrc/core/all_tests.rssrc/core/dispatch.rssrc/core/jsonrpc.rssrc/core/runtime/builder.rssrc/core/runtime/context.rssrc/core/runtime/mod.rssrc/core/runtime/services.rssrc/lib.rssrc/openhuman/people/store.rssrc/rpc/dispatch.rssrc/rpc/mod.rs
💤 Files with no reviewable changes (2)
- src/rpc/dispatch.rs
- src/rpc/mod.rs
There was a problem hiding this comment.
Actionable comments posted: 4
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@src/bin/fleet.rs`:
- Around line 358-360: Require edge_token_output in the CLI argument definition
or validate it before any tenants/cores are spawned, so startup fails when no
credential handoff path is provided. Update the edge-token handling around the
existing args.edge_token_output logic to write directly to the required path and
remove the warning-only branch.
- Around line 176-183: Update bearer_from_headers to recognize the Authorization
scheme case-insensitively, accepting “bearer” and “BEARER” while preserving the
existing token trimming and empty-token filtering; add coverage for a lowercase
scheme if tests for this parser exist.
- Around line 427-445: Update the edge-token output handling in the Unix branch
to explicitly set the opened file’s permissions to 0o600 after opening, covering
existing files as well as newly created ones. For the non-Unix branch, add
equivalent restrictive permission/ACL hardening where supported, or fail closed
rather than writing without enforcing private access.
In `@src/core/runtime/context.rs`:
- Around line 117-128: Update the Config::load_or_init error branch in the
context initialization flow to propagate the configuration error instead of
returning default_root_openhuman_dir() as a fallback workspace. Ensure the
surrounding context construction remains fallible so people() cannot open a
store from an unverified path, while preserving the existing diagnostic log.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: a4294178-a82c-45a2-805b-a8005b2dcd8c
📒 Files selected for processing (7)
docs/plans/pluggable-core/README.mddocs/plans/pluggable-core/phase-1-corebuilder.mddocs/plans/pluggable-core/phase-2-corecontext.mddocs/plans/pluggable-core/phase-4-fleet-host.mdsrc/bin/fleet.rssrc/core/runtime/builder.rssrc/core/runtime/context.rs
✅ Files skipped from review due to trivial changes (4)
- docs/plans/pluggable-core/phase-4-fleet-host.md
- docs/plans/pluggable-core/phase-1-corebuilder.md
- docs/plans/pluggable-core/phase-2-corecontext.md
- docs/plans/pluggable-core/README.md
🚧 Files skipped from review as they are similar to previous changes (1)
- src/core/runtime/builder.rs
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: f574fe8650
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 268bcb671f
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 9d699e61bf
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 72dd3ff0d7
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 7cf59cbf58
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 4eba1e60aa
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 79dd32fb9e
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
🧹 Nitpick comments (2)
src/core/runtime/builder.rs (1)
385-399: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low valueMinor: reuse
self.configfor shutdown cleanup instead of reloading.
serve()already holdsself.config; the shutdown path re-runsConfig::load_or_init().await.unwrap_or_default()purely to clean up owned Ollama, which can diverge from the runtime's resolved workspace config. Consider reusingself.config(falling back only whenNone).🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@src/core/runtime/builder.rs` around lines 385 - 399, The shutdown cleanup in serve() should reuse the already-resolved self.config instead of always calling Config::load_or_init().await. Pass self.config to shutdown_owned_ollama when available, and only load the default configuration when self.config is None, preserving the existing timeout and cleanup behavior.src/core/jsonrpc.rs (1)
1767-1802: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick winStale comment now misdescribes a generic function.
The comment block says
run_server_inneris now a thin shim over the CoreBuilder/CoreRuntime composition and that it reproduces the legacy behavior exactly: all background services on (ServiceSet::desktop), Socket.IO per the caller flag. That description matchesrun_server_inner, but it's now attached torun_server_with_services, which is the generic path also used byrun_server_headless(ServiceSet::headless_api()) and any other futureServiceSet. Leaving this comment here misleadingly implies the function always uses the desktop service set.✏️ Suggested comment fix
- // `run_server_inner` is now a thin shim over the CoreBuilder/CoreRuntime - // composition (Phase 1). It reproduces the legacy behavior exactly: all - // background services on (`ServiceSet::desktop`), Socket.IO per the caller - // flag, and the legacy `embedded_core` → `HostKind` mapping (embedded == - // Tauri shell; standalone splits CLI / Docker via `detect_standalone`). - // See `docs/plans/pluggable-core/phase-1-corebuilder.md`. + // Shared CoreBuilder/CoreRuntime composition path (Phase 1) used by both + // the legacy `run_server_inner` (desktop `ServiceSet`, caller-controlled + // Socket.IO) and `run_server_headless` (`ServiceSet::headless_api()`). + // Applies the legacy `embedded_core` → `HostKind` mapping (embedded == + // Tauri shell; standalone splits CLI / Docker via `detect_standalone`). + // See `docs/plans/pluggable-core/phase-1-corebuilder.md`.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@src/core/jsonrpc.rs` around lines 1767 - 1802, Update the comment above run_server_with_services to describe its generic CoreBuilder/CoreRuntime composition and caller-provided ServiceSet, rather than claiming it always uses ServiceSet::desktop or legacy Socket.IO behavior. Remove the stale run_server_inner-specific and desktop-only statements while retaining accurate context about host-kind and token handling.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In `@src/core/jsonrpc.rs`:
- Around line 1767-1802: Update the comment above run_server_with_services to
describe its generic CoreBuilder/CoreRuntime composition and caller-provided
ServiceSet, rather than claiming it always uses ServiceSet::desktop or legacy
Socket.IO behavior. Remove the stale run_server_inner-specific and desktop-only
statements while retaining accurate context about host-kind and token handling.
In `@src/core/runtime/builder.rs`:
- Around line 385-399: The shutdown cleanup in serve() should reuse the
already-resolved self.config instead of always calling
Config::load_or_init().await. Pass self.config to shutdown_owned_ollama when
available, and only load the default configuration when self.config is None,
preserving the existing timeout and cleanup behavior.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 905b368d-4e34-4482-b062-f15340cdecba
📒 Files selected for processing (10)
src/bin/fleet.rssrc/core/cli.rssrc/core/jsonrpc.rssrc/core/runtime/builder.rssrc/core/runtime/context.rssrc/core/runtime/services.rssrc/openhuman/orchestration/ops.rssrc/openhuman/people/schemas.rssrc/openhuman/people/tools.rstests/raw_coverage/memory_threads_raw_coverage_e2e.rs
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: cbf6951b2a
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 0a9616e411
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| .arg("--port") | ||
| .arg(instance.port.to_string()) | ||
| .env("OPENHUMAN_WORKSPACE", &instance.workspace_dir) | ||
| .env("OPENHUMAN_ACTION_DIR", &instance.action_dir) |
There was a problem hiding this comment.
Set a tenant-scoped projects root for fleet cores
Fresh evidence after the earlier action-dir fix is that this spawn sets only OPENHUMAN_ACTION_DIR; the child still inherits the supervisor's OPENHUMAN_PROJECTS_DIR/HOME, and SecurityPolicy::from_config always injects default_projects_dir() (~/OpenHuman/projects by default) as a ReadWrite trusted root that bypasses workspace_only. In fleet deployments, agents can therefore use absolute paths under that shared projects root and read/write another tenant's project files despite the per-tenant action dir. Set OPENHUMAN_PROJECTS_DIR per tenant (or disable that default trusted root) when spawning.
Useful? React with 👍 / 👎.
Summary
CoreBuilder/CoreRuntimeAPI with explicitServiceSetcontrols.CoreContextisolation and the first workspace-scoped people store.openhuman-fleetprocess-per-user supervisor and authenticated reverse proxy.Problem
Solution
CoreContext, scopes people-store access per context, and fails workspace-bound operations clearly in degraded mode.ServiceSetwhile allowing headless and harness-only embeddings to avoid detached bootstrap jobs.Submission Checklist
Impact
Related
docs/plans/pluggable-core/.AI Authored PR Metadata (required for Codex/Linear PRs)
Linear Issue
Commit & Branch
docs/pluggable-core-plan9d699e61bValidation Run
pnpm --filter openhuman-app format:checkpnpm typecheckcargo test --manifest-path Cargo.toml bootstrap_background_jobs_follow_background_service_flags;cargo test --manifest-path Cargo.toml --lib degraded_context_rejects_workspace_bound_storescargo fmt --check --manifest-path Cargo.toml;cargo check --manifest-path Cargo.tomlpnpm rust:checkValidation Blocked
command:N/Aerror:N/Aimpact:N/ABehavior Changes
Parity Contract
Duplicate / Superseded PR Handling
senamakel:docs/pluggable-core-plan.Summary by CodeRabbit
openhuman-fleetto supervise per-tenant core processes behind a single token-authenticated JSON-RPC reverse-proxy endpoint.