feat(overlays): deliver tools, workflows, and skills via repo-cache overlay sources#530
Open
Zygimantass wants to merge 5 commits into
Open
feat(overlays): deliver tools, workflows, and skills via repo-cache overlay sources#530Zygimantass wants to merge 5 commits into
Zygimantass wants to merge 5 commits into
Conversation
…verlay sources Implements the repo-cache-backed overlay model (OVERLAYS.md): one ordered overlays.sources list drives every tools/workflows/skills surface, so the API and sandboxes always see the same overlay revision set and later sources shadow earlier ones on name collisions. Adding or updating overlay content becomes a Git push plus a values update — no API or sandbox image rebuild. Chart: - new overlays.sources value; the centaur.overlaySources helper compat-maps toolServer.repo/ref/subdir + extraSources when the list is empty - repo-cache DaemonSet repos/refs, API TOOL_DIRS/WORKFLOW_DIRS, the KUBERNETES_TOOLS_* bootstrap sources, sandbox KUBERNETES_WORKFLOW_DIRS, and CENTAUR_SKILL_DIRS (via SESSION_SANDBOX_EXTRA_ENV) all render from the same ordered list - API and workflow-host WORKFLOW_DIRS are the same list, translated only for the mount prefix (/var/lib/centaur/repos vs /home/agent/github) api-rs: - --kubernetes-workflow-dirs: agent-k8s workflow-host sandboxes prefer the explicit overlay-rendered value; tools-repo and baked-in fallbacks preserved Sandbox entrypoint: - copy each CENTAUR_SKILL_DIRS entry into the workspace .agents/skills in overlay order via copy_skill_dir, which replaces same-named skills wholesale so a shadowing skill never inherits stale files; legacy skill sources kept Docs: rewrite extend/overlay around repo-cache overlays and drop the dead overlay.image mechanism from skills/tools/workflows/acme/configuration pages. Amp-Thread-ID: https://ampcode.com/threads/T-019ebbf7-8029-758d-b684-ef3e7ac9712c Co-authored-by: Amp <amp@ampcode.com>
Cloudflare Workers docs preview |
…yout overlays.sources entries now default toolsSubdir/workflowsSubdir/skillsSubdir to tools, workflows, and .agents/skills, so most sources only need repo + ref. A subdir explicitly set to "" disables that surface for the source. Defaults mean a source repo may legitimately lack a defaulted directory (e.g. a skills-only overlay), so missing directories are now skipped everywhere instead of failing: - tools-bootstrap waits only for the repo-cache checkout itself and skips a source whose tools subdir is absent (an init failure is terminal for the Sandbox); the git-clone fallback skips the copy the same way - api-rs ToolGitSource warns instead of erroring when a synced source lacks the tools subdir, and tool-dir collection skips missing dirs in both the repo-cache and direct-clone modes Workflow discovery (workflow_host.py) and the skills entrypoint already skipped missing directories. The toolServer compatibility mapping renders byte-identically. Amp-Thread-ID: https://ampcode.com/threads/T-019ebbf7-8029-758d-b684-ef3e7ac9712c Co-authored-by: Amp <amp@ampcode.com>
skills/tools/workflows pages now state the conventional defaults (tools, workflows, .agents/skills) and that sources without a directory are skipped; configuration reference rows note the defaults. Amp-Thread-ID: https://ampcode.com/threads/T-019ebbf7-8029-758d-b684-ef3e7ac9712c Co-authored-by: Amp <amp@ampcode.com>
Amp-Thread-ID: https://ampcode.com/threads/T-019ebbf7-8029-758d-b684-ef3e7ac9712c Co-authored-by: Amp <amp@ampcode.com>
Three recovery tests read thread-state right after observing chat.stopStream, but recovery clears the render obligation after the stream stops — on a slow runner the assertion sees the seeded obligation still in place (CI failed twice on commits that don't touch slackbotv2). Use the waitFor-on-renderObligation pattern the rest of the file already uses. Amp-Thread-ID: https://ampcode.com/threads/T-019ebbf7-8029-758d-b684-ef3e7ac9712c Co-authored-by: Amp <amp@ampcode.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Implements the repo-cache-backed overlay delivery model (OVERLAYS.md): one ordered
overlays.sourceslist drives tools, workflows, and skills, so the API and sandboxes always see the same overlay revision set, later sources shadow earlier ones on name collisions, and shipping overlay content is a Git push plus a values update — no API or sandbox image rebuild.Values shape
Subdirs default to the conventional layout (
toolsSubdir: tools,workflowsSubdir: workflows,skillsSubdir: .agents/skills), so most sources only needrepo+ref. Directories a repo doesn't contain are skipped at runtime; set a subdir to""to explicitly disable that surface, or to another path to relocate it.When
overlays.sourcesis empty, thecentaur.overlaySourceshelper compat-mapstoolServer.repo/ref/subdir+toolServer.extraSourcesinto the same ordered list (exposingworkflows/and.agents/skills/from each repo), so existing deployments keep working unchanged — the compat rendering is byte-identical.Changes
Chart
TOOL_DIRS/WORKFLOW_DIRS, theKUBERNETES_TOOLS_*bootstrap sources, sandboxKUBERNETES_WORKFLOW_DIRS, andCENTAUR_SKILL_DIRS(delivered throughSESSION_SANDBOX_EXTRA_ENV) all render from the same ordered source listWORKFLOW_DIRSare the same list, translated only for the mount prefix (/var/lib/centaur/reposvs/home/agent/github) — fixing the mismatch where the API could discover an overlay workflow the workflow-host couldn't importapi-rs
--kubernetes-workflow-dirs/KUBERNETES_WORKFLOW_DIRS: agent-k8s workflow-host sandboxes prefer the explicit overlay-rendered value; tools-repo and baked-in fallbacks preservedtools-bootstrapwaits only for the repo-cache checkout and skips a source without a tools tree (an init failure is terminal for the Sandbox), the git-clone fallback guards its copy the same way, andToolGitSourcewarns instead of erroring — required so the defaultedtoolsSubdiris safe for workflows- or skills-only overlay reposSandbox entrypoint
CENTAUR_SKILL_DIRS(colon-separated, overlay order) is copied into the workspace.agents/skills; all skill sources now go throughcopy_skill_dir, which replaces same-named skills wholesale so a shadowing skill never inherits stale files from the skill it replaces (note: this also changes legacy baked-in/mounted sources from file-merge to per-skill replace)Docs
extend/overlayrewritten around repo-cache overlays; the deadoverlay.imagemechanism removed from skills/tools/workflows/acme/configuration pages;public/mdmirrors regeneratedBehavior changes for existing deployments
.agents/skillsfrom extra sources now load into agent workspacesVerification
helm lint+helm templateacross default, multi-sourceoverlays.sources(with defaulted subdirs and""opt-outs), compatextraSources,repoCache.enabled=false, andtoolServer.enabled=falsevalues; compat-path render is byte-identical to the pre-defaults commitcargo test -p centaur-api-server -p centaur-sandbox-agent-k8s(51 passed),cargo fmt --check,cargo clippycleanbash -nplus functional shell tests of the skill-copy/shadowing logic and the tools-bootstrap skip-missing-subdir pathKnown follow-ups
promptPath/personasSubdirare accepted in the schema/helper but not yet consumed by any template (prompt delivery still usesoverlay.systemPrompt)SESSION_SANDBOX_EXTRA_ENV; an operator who setsapiRs.extraEnv.SESSION_SANDBOX_EXTRA_ENVdirectly overrides the rendered list and drops them