charles/claude-hooks
1
0
Fork 0
Code Issues 10 Pull requests Projects Releases Packages 1 Wiki Activity Actions

Agents: per-instance container reconciliation (create/remove on CRUD) #52

New issue
Closed
opened 2026-04-18 15:00:54 +00:00 by claude-desktop · 0 comments
claude-desktop commented 2026-04-18 15:00:54 +00:00
Collaborator
Copy link

User story

As an operator, I want each agent instance to have its own long-lived Docker container and state volume, reconciled against the SQLite agents table on startup and on CRUD mutations, so that creating dev-frontend from the dashboard (A6) spins up claude-hooks-dev-frontend with its own /state volume — and deleting it tears everything down without leaving orphans.

Context

Today three containers are hardcoded in the systemd wrapper: claude-hooks-boss, claude-hooks-dev, claude-hooks-reviewer. With A1 landed, the set of containers is dynamic: one per SQLite agents row, named claude-hooks-<instance-name>.

Reconciliation happens at:

  1. Startup — read SQLite, compare with docker ps, create missing, stop+remove extras.
  2. CRUD mutation (from A6) — the HTTP handler calls the same reconcile routine for the affected instance only.

V1 scope: reconcile via shelling out to docker run / docker rm. Later we can evaluate Docker's Go / SDK if the surface grows.

Acceptance criteria

Container naming & volume

  • Container: claude-hooks-<instance-name>.
  • Volume: claude-hooks-<instance-name>-state (mounted at /state in-container).
  • Token env-file: ~/.config/claude-hooks/tokens/<type>shared across instances of the same type per the milestone's non-goal on per-agent tokens.
  • Credentials bind-mount: same path for all instances of a type (reads from the type default in agents.json).

Reconciliation

  • New module src/container-reconcile.ts (or extend src/container.ts):
    • reconcileAll(): Promise<{created: string[], removed: string[], unchanged: string[]}> — compares SQLite agents ↔ running containers.
    • reconcileOne(name): Promise<"created" | "removed" | "unchanged"> — idempotent for a single instance.
  • Startup wiring: call reconcileAll() after loadWebhookConfig(), before startSweeper(). Log the outcome as one line per class (created / removed / unchanged).
  • CRUD hook: A6's create/delete endpoints call reconcileOne(name) after the SQLite mutation commits. A6 does not call docker directly; it always goes through this module.

Lifecycle rules

  • Create: docker run -d --name <container> --restart unless-stopped -v <volume>:/state -v <creds>:/home/claude/.config/claude-code/.credentials.json:ro --env-file <tmpenv> <image>. Same as today's just containers-rebuild path.
  • Remove: docker stop (15s grace) then docker rm. The state volume persists unless the operator passes --wipe via a separate CLI command (not in scope).
  • Config change (image, credentials path): recreate the container; volume survives.

Systemd + justfile

  • Update the systemd unit's ExecStartPre from just containers-up to just agents-sync (new recipe) that invokes the same reconcileAll path the service runs on startup — so pre-service-start has a consistent view.
  • Document in README.md: creating a new instance from the dashboard triggers reconcileOne automatically; just agents-sync is the manual fallback.

Tests

  • reconcileAll with fake docker runner: added row → create called; missing row for running container → remove called; matching → no-op.
  • reconcileOne with a non-existent name → returns "unchanged", no docker calls.
  • Volume name derivation + container name derivation from instance name (edge cases: hyphens, digits, max length).

Out of scope

  • Container image pull on reconcile (the just containers-rebuild recipe handles that separately; reconcile assumes image is local or pullable).
  • Resource limits (cpu / memory) per instance — v1 is unconstrained, matches today.
  • Container health monitoring / restart policy beyond unless-stopped.
  • Wiping the state volume when deleting an instance — explicit operator action via a just wipe-agent <name> recipe, separate story if we decide we need it.

References

  • Tracking issue: #47.
  • Current container lifecycle: justfile recipes containers-up, containers-down, containers-rebuild.
  • Container path conventions: src/container.ts.

Dependencies

  • Blocked by: A1.
  • Blocks: A6 (CRUD triggers reconcile).
  • Branch off: main (after A1 lands).
## User story As an **operator**, I want each agent instance to have its own long-lived Docker container and state volume, reconciled against the SQLite `agents` table on startup and on CRUD mutations, so that creating `dev-frontend` from the dashboard (A6) spins up `claude-hooks-dev-frontend` with its own `/state` volume — and deleting it tears everything down without leaving orphans. ## Context Today three containers are hardcoded in the systemd wrapper: `claude-hooks-boss`, `claude-hooks-dev`, `claude-hooks-reviewer`. With A1 landed, the set of containers is dynamic: one per SQLite `agents` row, named `claude-hooks-<instance-name>`. Reconciliation happens at: 1. **Startup** — read SQLite, compare with `docker ps`, create missing, stop+remove extras. 2. **CRUD mutation** (from A6) — the HTTP handler calls the same reconcile routine for the affected instance only. V1 scope: reconcile via shelling out to `docker run` / `docker rm`. Later we can evaluate Docker's Go / SDK if the surface grows. ## Acceptance criteria ### Container naming & volume - [ ] Container: `claude-hooks-<instance-name>`. - [ ] Volume: `claude-hooks-<instance-name>-state` (mounted at `/state` in-container). - [ ] Token env-file: `~/.config/claude-hooks/tokens/<type>` — **shared across instances of the same type** per the milestone's non-goal on per-agent tokens. - [ ] Credentials bind-mount: same path for all instances of a type (reads from the type default in `agents.json`). ### Reconciliation - [ ] New module `src/container-reconcile.ts` (or extend `src/container.ts`): - `reconcileAll(): Promise<{created: string[], removed: string[], unchanged: string[]}>` — compares SQLite agents ↔ running containers. - `reconcileOne(name): Promise<"created" | "removed" | "unchanged">` — idempotent for a single instance. - [ ] Startup wiring: call `reconcileAll()` after `loadWebhookConfig()`, before `startSweeper()`. Log the outcome as one line per class (created / removed / unchanged). - [ ] CRUD hook: A6's create/delete endpoints call `reconcileOne(name)` after the SQLite mutation commits. A6 does not call `docker` directly; it always goes through this module. ### Lifecycle rules - [ ] Create: `docker run -d --name <container> --restart unless-stopped -v <volume>:/state -v <creds>:/home/claude/.config/claude-code/.credentials.json:ro --env-file <tmpenv> <image>`. Same as today's `just containers-rebuild` path. - [ ] Remove: `docker stop` (15s grace) then `docker rm`. The state volume persists unless the operator passes `--wipe` via a separate CLI command (not in scope). - [ ] Config change (image, credentials path): recreate the container; volume survives. ### Systemd + justfile - [ ] Update the systemd unit's `ExecStartPre` from `just containers-up` to `just agents-sync` (new recipe) that invokes the same reconcileAll path the service runs on startup — so pre-service-start has a consistent view. - [ ] Document in `README.md`: creating a new instance from the dashboard triggers `reconcileOne` automatically; `just agents-sync` is the manual fallback. ### Tests - [ ] `reconcileAll` with fake docker runner: added row → create called; missing row for running container → remove called; matching → no-op. - [ ] `reconcileOne` with a non-existent name → returns `"unchanged"`, no docker calls. - [ ] Volume name derivation + container name derivation from instance name (edge cases: hyphens, digits, max length). ## Out of scope - Container image pull on reconcile (the `just containers-rebuild` recipe handles that separately; reconcile assumes image is local or pullable). - Resource limits (cpu / memory) per instance — v1 is unconstrained, matches today. - Container health monitoring / restart policy beyond `unless-stopped`. - Wiping the state volume when deleting an instance — explicit operator action via a `just wipe-agent <name>` recipe, separate story if we decide we need it. ## References - Tracking issue: #47. - Current container lifecycle: `justfile` recipes `containers-up`, `containers-down`, `containers-rebuild`. - Container path conventions: `src/container.ts`. ## Dependencies - **Blocked by:** A1. - **Blocks:** A6 (CRUD triggers reconcile). - **Branch off:** `main` (after A1 lands).
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
chore/sync-pre-push-from-forge-base
fix/flows-yaml-dispatch-identity
feat/board-tap-to-assign
dev/1107
code-lead/1106
code-lead/1108
dev/1104
code-lead/1103
code-lead/1080
dev/1087
feat/flows-yaml-ci-events
chore/board-drop-stalled-and-density-controls
fix/flows-yaml-routes-always-register
flows-yaml/api-defaults
dev/1023
fix/event-log-history-bleed
fix/janitor-fix-ci-logs-and-cap
dev/1022
fix/board-card-provider
code-lead/1036
dev/1025
code-lead/1020
dev/1017
code-lead/1026
feat/web-shortcut-registry-1018
dev/1015
code-lead/1009
code-lead/1008
dev/975
dev/969
dev/973
dev/967
code-lead/968
code-lead/953
dev/970
dev/976
code-lead/966
code-lead/956
code-lead/951
dev/962
dev/963
dev/977
dev/955
dev/983
dev/961
dev/974
code-lead/950
code-lead/939
dev/941
dev/940
dev/937
dev/938
dev/936
dev/935
feat/web-i18n-fr-locale
feat/spec-editor-ui-polish
chore/drop-legacy-compat
fix/skills-drop-preview-pane
fix/882-skills-safety-rail
dev/911
dev/909
dev/923
dev/917
dev/915
feat/879-sr11-m2-drop-legacy-skill
code-lead/873
dev/881
code-lead/869
dev/867
code-lead/845
code-lead/843
code-lead/844
dev/837
dev/861
dev/849
code-lead/837
code-lead/842
fix/dedup-rebase-inflight
dev/838
code-lead/847
dev/833
code-lead/848
pr/838
code-lead/841
feat/settings-save-bar/836
code-lead/840
dev/846
code-lead/839
dev/832
fix/board-sse-stale-cache
dev/834
dev/835
feat/settings-breadcrumbs
feat/forge-oauth-credentials
refactor/service-config-consolidation
feat/agent-tokens-to-secrets
feat/gitlab-oauth-to-db
feat/authelia-rip-and-voice-fixes
fix/rebase-storm-and-dead-letter
code-lead/797
code-lead/796
dev/811
code-lead/798
dev/810
code-lead/795
dev/808
code-lead/794
dev/805
dev/802
dev/803
feat/avatar-menu-settings-entry
feat/per-agent-token-tracking
dev/793
dev/747
dev/752
code-lead/790
code-lead/759
dev/756
dev/760
dev/741
dev/767
dev/740
dev/709
dev/644
dev/637
boss/614
dev/600
dev/611
dev/585
fix/login-bonus-fixes
boss/544
dev/542
refactor/api-prefix-and-session-gate
dev/489
boss/531
boss/518
dev/499
boss/516
dev/530
dev/517
dev/519
dev/515
dev/522
dev/503
dev/471
boss/329
dev/417
dev/418
dev/402
boss/327
dev/334
dev/332
boss/326
boss/325
dev/331
boss/324
boss/323
boss/322
dev/294
test/s11-task-analytics
dev/262
boss/270
dev/268
foreman/ui-consolidation-spec
dev/234
boss/196
boss/176
boss/164
fix/124-session-persist-bind
boss/52
dev/87
boss/73
dev/77
dev/81
dev/82
boss/79
dev/42
dev/35
boss/7
No results found.
Labels
Clear labels   
area:agents
Agent types, pool scheduling, per-instance config

  
area:dashboard
Dashboard UI and observability surfaces

  
area:database
DB layer — schema, migrations, ORM, raw SQL

  
area:design
UI/UX mockup work — routes to designer agent

  
area:design-review
Design review dispatch — routes to design-reviewer agent

  
area:flows
Flow runner — YAML loader, executor, op registry, expression eval

  
area:infra
Deployment, isolation, containers, systemd units

  
area:meta
Tracking, scaffolding, project setup

  
area:security
Security — routes to reviewer-security (opus)

  
area:sessions
Session-id store, Claude SDK resume logic

  
area:webhook
Forgejo webhook routing and handlers

  
area:workdir
Clone cache, worktrees, git identity

  
security
Security-sensitive issue

  
type:bug
Bug

  
type:chore
Chore

  
type:meta
Tracking or decisions, not implementation work

  
type:user-story
User story

No labels
area:agents
area:dashboard
area:database
area:design
area:design-review
area:flows
area:infra
area:meta
area:security
area:sessions
area:webhook
area:workdir
security
type:bug
type:chore
type:meta
type:user-story
Milestone
Clear milestone
No items
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
code-lead
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
charles/claude-hooks#52
No description provided.