Priority: P1. Part of #988. Pairs with the runtime-image pin bump (#1249) and the backend integration (#1248).
The native-resume stack (software-agent-sdk#3562 + OpenHands#14709 + OpenHands#14671) is e2e-validated against a local SaaS-equivalent rig: real object-store clients (MinIO/S3 and fake-gcs / GoogleCloudFileStore) for both the session blob and the event store, docker rm -f hard recycle, credential-leak gate, and verified safe degradation to bootstrap when the runtime lacks the blob routes — all green for Claude + Codex.
Still unproven in real SaaS (the gaps this issue closes): GCS specifically, Postgres + the enterprise migration 119 (runs in enterprise-server, not the OSS app_server), and the K8s pod/PVC lifecycle (idle-STOP, 14-day TTL, reclaimPolicy=Delete).
Prerequisite (gating)
Before any of the tasks below: merge software-agent-sdk#3562 → build an agent-server image with the blob routes → bump AGENT_SERVER_IMAGE (openhands/app_server/sandbox/sandbox_spec_service.py, currently 1.26.0-python) to that tag on the #14709 commit (#1249) → set OPENHANDS_SHA in deploy/.github/workflows/deploy.yaml.
⚠️ The trap: if you deploy #14709 without the pin bump, the runtime stays on 1.26.0-python (no blob routes) → the restore 404s → resume silently degrades to bootstrap. Staging then goes green on bootstrap resume and you never actually test native — a false pass. The pin bump (#1249) is the gating prerequisite, not optional.
Tasks
Refs
Deploy mechanism + the SaaS-faithful local-rig write-up: the validation-harness comments on this epic. The local rig is parametrized: ACP_SIM_FILE_STORE=s3|google_cloud, SHARED_EVENT_STORAGE_PROVIDER=s3|gcp, ACP_BLOB_STORE=s3|gcs, ACP_EXPECT=native|bootstrap, AGENT_SERVER_IMAGE_TAG=<image>.
Priority: P1. Part of #988. Pairs with the runtime-image pin bump (#1249) and the backend integration (#1248).
The native-resume stack (software-agent-sdk#3562 + OpenHands#14709 + OpenHands#14671) is e2e-validated against a local SaaS-equivalent rig: real object-store clients (MinIO/S3 and fake-gcs /
GoogleCloudFileStore) for both the session blob and the event store,docker rm -fhard recycle, credential-leak gate, and verified safe degradation to bootstrap when the runtime lacks the blob routes — all green for Claude + Codex.Still unproven in real SaaS (the gaps this issue closes): GCS specifically, Postgres + the enterprise migration 119 (runs in
enterprise-server, not the OSS app_server), and the K8s pod/PVC lifecycle (idle-STOP, 14-day TTL,reclaimPolicy=Delete).Prerequisite (gating)
Before any of the tasks below: merge software-agent-sdk#3562 → build an
agent-serverimage with the blob routes → bumpAGENT_SERVER_IMAGE(openhands/app_server/sandbox/sandbox_spec_service.py, currently1.26.0-python) to that tag on the #14709 commit (#1249) → setOPENHANDS_SHAindeploy/.github/workflows/deploy.yaml.Tasks
Deploy → stagingworkflow (orfeaturefor a lower-stakes preview), with the runtime pin ([ACP on Cloud] Deploy: bump AGENT_SERVER_IMAGE to activate native session/load resume #1249) pointed at an SDK#3562 build.acp_session_id, no<<RESUMED CONVERSATION>>marker, codeword recalled.sessions//projects/(neverauth.json/.credentials.json/history.jsonl).Refs
Deploy mechanism + the SaaS-faithful local-rig write-up: the validation-harness comments on this epic. The local rig is parametrized:
ACP_SIM_FILE_STORE=s3|google_cloud,SHARED_EVENT_STORAGE_PROVIDER=s3|gcp,ACP_BLOB_STORE=s3|gcs,ACP_EXPECT=native|bootstrap,AGENT_SERVER_IMAGE_TAG=<image>.