manager: start/restart at will, no approval; refuse self
new manager tools mcp__hyperhive__{start,restart} that delegate to the
existing lifecycle::start / lifecycle::restart on the host. kill was
already at the manager's discretion; rounding out start + restart for
parity so day-to-day container care doesn't have to round-trip through
the operator.
guard: refuse self-targeting on kill/start/restart — the manager would
just be cutting its own legs. spawn (request_spawn) and config changes
(request_apply_commit) still go through the approval queue, since those
are the actual gate. prompt + claude.md updated to make the boundary
explicit. kill now also emits HelperEvent::Killed (it didn't before).
This commit is contained in:
müde
parent
d943bddd9e
commit
ac1b5fde8e
6 changed files with 104 additions and 3 deletions
|
|
@ -267,6 +267,14 @@ pub enum ManagerRequest {
|
|||
Kill {
|
||||
name: String,
|
||||
},
|
||||
/// Start a previously-stopped sub-agent container.
|
||||
Start {
|
||||
name: String,
|
||||
},
|
||||
/// Restart a sub-agent container (stop + start).
|
||||
Restart {
|
||||
name: String,
|
||||
},
|
||||
/// Submit a config commit for the user to approve. `commit_ref` is opaque
|
||||
/// to the host (typically a git sha pointing into the agent's config repo).
|
||||
/// On approval the host applies the change via `nixos-container update`.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue