Harden worker boot recovery before task dispatch

The worker boot registry now exposes the requested lifecycle states, emits structured trust and prompt-delivery events, and recovers from shell or wrong-target prompt delivery by replaying the last prompt. Supporting fixes keep MCP remote config parsing backwards-compatible and make CLI argument parsing less dependent on ambient config and cwd state so the workspace stays green under full parallel test runs. Constraint: Worker prompts must not be dispatched before a confirmed ready_for_prompt handshake Constraint: Prompt misdelivery recovery must stay minimal and avoid new dependencies Rejected: Keep prompt_accepted and blocked as public lifecycle states | user requested the narrower explicit state set Rejected: Treat url-only MCP server configs as invalid | existing CLI/runtime tests still rely on that shorthand Confidence: high Scope-risk: moderate Reversibility: clean Directive: Preserve prompt_in_flight semantics when extending worker boot; misdelivery detection depends on it Tested: cargo build --workspace; cargo test --workspace Not-tested: Live tmux worker delivery against a real external coding agent pane
2026-04-06 11:18:51 +03:00 · 2026-04-04 14:50:31 +00:00
parent d87fbe6c65
commit 784f07abfa
6 changed files with 398 additions and 88 deletions
--- a/rust/crates/tools/src/lib.rs
+++ b/rust/crates/tools/src/lib.rs
@@ -5031,6 +5031,14 @@ mod tests {
        let observed_output: serde_json::Value = serde_json::from_str(&observed).expect("json");
        assert_eq!(observed_output["status"], "spawning");
        assert_eq!(observed_output["trust_gate_cleared"], true);
+        assert_eq!(
+            observed_output["events"][1]["payload"]["type"],
+            "trust_prompt"
+        );
+        assert_eq!(
+            observed_output["events"][2]["payload"]["resolution"],
+            "auto_allowlisted"
+        );

        let ready = execute_tool(
            "WorkerObserve",
@@ -5063,8 +5071,9 @@ mod tests {
        )
        .expect("WorkerSendPrompt should succeed after ready");
        let accepted_output: serde_json::Value = serde_json::from_str(&accepted).expect("json");
-        assert_eq!(accepted_output["status"], "prompt_accepted");
+        assert_eq!(accepted_output["status"], "running");
        assert_eq!(accepted_output["prompt_delivery_attempts"], 1);
+        assert_eq!(accepted_output["prompt_in_flight"], true);
    }

    #[test]
@@ -5112,6 +5121,14 @@ mod tests {
        assert_eq!(recovered_output["status"], "ready_for_prompt");
        assert_eq!(recovered_output["last_error"]["kind"], "prompt_delivery");
        assert_eq!(recovered_output["replay_prompt"], "Investigate flaky boot");
+        assert_eq!(
+            recovered_output["events"][3]["payload"]["observed_target"],
+            "shell"
+        );
+        assert_eq!(
+            recovered_output["events"][4]["payload"]["recovery_armed"],
+            true
+        );

        let replayed = execute_tool(
            "WorkerSendPrompt",
@@ -5121,8 +5138,9 @@ mod tests {
        )
        .expect("WorkerSendPrompt should replay recovered prompt");
        let replayed_output: serde_json::Value = serde_json::from_str(&replayed).expect("json");
-        assert_eq!(replayed_output["status"], "prompt_accepted");
+        assert_eq!(replayed_output["status"], "running");
        assert_eq!(replayed_output["prompt_delivery_attempts"], 2);
+        assert_eq!(replayed_output["prompt_in_flight"], true);
    }

    #[test]