carverauto/serviceradar
carverauto/serviceradar
2
3
Fork 0
Code Issues 233 Pull requests 24 Projects Releases 254 Packages Wiki Activity Actions 7

feat(addons): migrate Bumblebee scanner to native add-on #3493

Merged
mfreeman451 merged 2 commits from feat/migrate-bumblebee-native-addon into staging 2026-06-01 13:06:09 +00:00
Conversation 1 Commits 2 Files changed 14 +920
mfreeman451 commented 2026-06-01 05:39:11 +00:00
Owner
Copy link

Implements Agent B for issue #3456 / migrate-bumblebee-to-native-addon.

Scope:

  • Adds addons/bumblebee-scan/ native add-on manifest, config schema, default config, systemd service, and timer.
  • Wires bumblebee_scan_addon_bundle into build/native_addons/addon_inventory.bzl for linux/amd64 and linux/arm64 pushed-artifact tarballs.
  • Adds a control-plane BumblebeeAddonPackageSeeder and coordinator child. The seeder is a no-op until real artifact refs are configured, so it will not approve placeholder packages.
  • Adds a DB-backed test that seeds an approved package, creates an assignment, and verifies AgentConfigGenerator + proto output select the amd64 pushed artifact.
  • Updates the OpenSpec proposal/tasks for the addons/bumblebee-scan/ path.

Boundary honored: this does not touch the shared agent-side add-on status/rollback code.

Validation:

  • openspec validate migrate-bumblebee-to-native-addon --strict
  • git diff --check HEAD~2..HEAD
  • mix format lib/serviceradar/plugins/bumblebee_addon_package_seeder.ex lib/serviceradar/cluster/coordinator_children.ex test/serviceradar/plugins/bumblebee_addon_package_seeder_test.exs
  • bazel build --config=remote --action_env=PATH=/Library/Frameworks/Python.framework/Versions/3.13/bin:/usr/bin:/bin:/usr/sbin:/sbin //build/native_addons:bumblebee_scan_addon_bundle
  • MIX_ENV=test mix ecto.migrate + MIX_ENV=test mix test --include integration test/serviceradar/plugins/bumblebee_addon_package_seeder_test.exs against srql-fixtures scratch DB codex_bumblebee_1780292223_81955 (dropped)

Note: local non-remote Bazel build on macOS still hits the existing rules_go Linux toolchain execution issue; the remote build path above passes.

Implements Agent B for issue #3456 / migrate-bumblebee-to-native-addon. Scope: - Adds `addons/bumblebee-scan/` native add-on manifest, config schema, default config, systemd service, and timer. - Wires `bumblebee_scan_addon_bundle` into `build/native_addons/addon_inventory.bzl` for linux/amd64 and linux/arm64 pushed-artifact tarballs. - Adds a control-plane `BumblebeeAddonPackageSeeder` and coordinator child. The seeder is a no-op until real artifact refs are configured, so it will not approve placeholder packages. - Adds a DB-backed test that seeds an approved package, creates an assignment, and verifies `AgentConfigGenerator` + proto output select the amd64 pushed artifact. - Updates the OpenSpec proposal/tasks for the `addons/bumblebee-scan/` path. Boundary honored: this does not touch the shared agent-side add-on status/rollback code. Validation: - `openspec validate migrate-bumblebee-to-native-addon --strict` - `git diff --check HEAD~2..HEAD` - `mix format lib/serviceradar/plugins/bumblebee_addon_package_seeder.ex lib/serviceradar/cluster/coordinator_children.ex test/serviceradar/plugins/bumblebee_addon_package_seeder_test.exs` - `bazel build --config=remote --action_env=PATH=/Library/Frameworks/Python.framework/Versions/3.13/bin:/usr/bin:/bin:/usr/sbin:/sbin //build/native_addons:bumblebee_scan_addon_bundle` - `MIX_ENV=test mix ecto.migrate` + `MIX_ENV=test mix test --include integration test/serviceradar/plugins/bumblebee_addon_package_seeder_test.exs` against srql-fixtures scratch DB `codex_bumblebee_1780292223_81955` (dropped) Note: local non-remote Bazel build on macOS still hits the existing rules_go Linux toolchain execution issue; the remote build path above passes.
Proposal to deliver Bumblebee as a signed pushed-artifact / systemd-timer native
add-on governed by Edge Ops, superseding the ad-hoc standalone deb. Keeps the
non-root agent + root-owned scanner privilege boundary; reuses the merged
control-plane (AddonPackage/Assignment/Status) and delivery-models supervision.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
feat(addons): seed Bumblebee native add-on
Some checks failed
Rust Tests / test-rust (rust/rdp-adapter, cargo) (push) Successful in 1m20s
Details
lint / lint (push) Successful in 1m42s
Details
Secret Scan / gitleaks (pull_request) Successful in 36s
Details
Rust Add-on Interop Test / interop (push) Successful in 1m59s
Details
Fingerprint Licensing / netprobe-fingerprint-licenses (push) Successful in 2m10s
Details
Rust Tests / test-rust (rust/consumers/zen, cargo) (push) Failing after 2m10s
Details
lint / lint (pull_request) Successful in 1m31s
Details
Golang Tests / test-go (push) Successful in 2m18s
Details
Rust Tests / test-rust (rust/rperf-client, cargo) (push) Successful in 1m51s
Details
Rust Tests / test-rust (rust/trapd, cargo) (push) Successful in 1m58s
Details
Rust Tests / test-rust (rust/log-collector, cargo) (push) Successful in 2m42s
Details
Rust Tests / test-rust (//rust/netprobe:netprobe, //build/platforms:linux_x86_64_musl, rust/netprobe, bazel-static) (push) Successful in 3m35s
Details
Rust Tests / test-rust (//rust/netprobe:netprobe, //build/platforms:linux_aarch64_musl, rust/netprobe, bazel-static) (push) Successful in 3m35s
Details
Rust Tests / test-rust (//rust/rperf-server:rperf, rust/rperf-server, bazel) (push) Successful in 4m9s
Details
Rust Tests / test-rust (rust/rdp-connector-probe, cargo) (push) Successful in 3m52s
Details
Rust Tests / test-rust (rust/srql, cargo) (push) Successful in 4m8s
Details
Rust Tests / test-rust (//rust/netprobe:netprobe_test, rust/netprobe, bazel-test) (push) Successful in 5m3s
Details
CI / build (pull_request) Failing after 10m10s
Details
Elixir Quality / Elixir Quality (pull_request) Failing after 26m36s
Details
Netprobe eBPF Verifier / Verify eBPF programs on Linux 5.8 (push) Has been cancelled
Details
Netprobe eBPF Verifier / Verify eBPF programs on Linux 6.x (push) Has been cancelled
Details
Netprobe eBPF Verifier / Verify eBPF refusal on Linux 5.4 (push) Has been cancelled
Details
Netprobe eBPF Verifier / Verify eBPF programs on Linux 5.15 (push) Has been cancelled
Details
17df1618d1
mfreeman451 reviewed 2026-06-01 13:01:14 +00:00
mfreeman451 left a comment
Copy link

lgtm

lgtm
mfreeman451 deleted branch feat/migrate-bumblebee-native-addon 2026-06-01 13:06:09 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
1week

   
2weeks

   
Failed compliance check

   
IP cameras

   
NATS
NATS JetStream

  
Possible security concern

   
Review effort 1/5

   
Review effort 2/5

   
Review effort 3/5

   
Review effort 4/5

   
Review effort 5/5

   
UI

   
aardvark

   
accessibility

   
amd64

   
api

   
arm64

   
auth

   
back-end

   
bgp

   
blog

   
bug
Something isn't working

  
build

   
checkers

   
ci-cd
continuous integration-continuous deployments

  
cleanup

   
cnpg
cloud-native postgres

  
codex

   
core
core service

  
dependencies
Pull requests that update a dependency file

  
device-management

   
documentation
Improvements or additions to documentation

  
duplicate
This issue or pull request already exists

  
dusk

   
ebpf

   
enhancement
New feature or request

  
eta 1d

   
eta 1hr

   
eta 3d

   
eta 3hr

   
feature

   
fieldsurvey

   
github_actions
Pull requests that update GitHub Actions code

  
go
Pull requests that update Go code

  
good first issue
Good for newcomers

  
help wanted
Extra attention is needed

  
invalid
This doesn't seem right

  
javascript
Pull requests that update Javascript code

  
k8s

   
log-collector

   
mapper

   
mtr
multi traceroute

  
needs-triage

   
netflow

   
network-sweep

   
observability

   
oracle
Oracle Linux related issues

  
otel
opentelemetry logs, traces, metrics

  
plug-in

   
proton
timeplus proton streaming database

  
python

   
question
Further information is requested

  
reddit

   
redhat

   
research

   
rperf

   
rperf-checker

   
rust
Pull requests that update rust code

  
sdk

   
security

   
serviceradar-agent

   
serviceradar-agent-gateway

   
serviceradar-web

   
serviceradar-web-ng

   
siem

   
snmp

   
sysmon

   
topology

   
ubiquiti

   
wasm

   
wontfix
This will not be worked on

  
zen-engine
No labels
1week
2weeks
Failed compliance check
IP cameras
NATS
Possible security concern
Review effort 1/5
Review effort 2/5
Review effort 3/5
Review effort 4/5
Review effort 5/5
UI
aardvark
accessibility
amd64
api
arm64
auth
back-end
bgp
blog
bug
build
checkers
ci-cd
cleanup
cnpg
codex
core
dependencies
device-management
documentation
duplicate
dusk
ebpf
enhancement
eta 1d
eta 1hr
eta 3d
eta 3hr
feature
fieldsurvey
github_actions
go
good first issue
help wanted
invalid
javascript
k8s
log-collector
mapper
mtr
needs-triage
netflow
network-sweep
observability
oracle
otel
plug-in
proton
python
question
reddit
redhat
research
rperf
rperf-checker
rust
sdk
security
serviceradar-agent
serviceradar-agent-gateway
serviceradar-web
serviceradar-web-ng
siem
snmp
sysmon
topology
ubiquiti
wasm
wontfix
zen-engine
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
carverauto/serviceradar!3493
No description provided.