feat(agent): ephemeral-helper add-on supervision (delivery-models 3.2) (#3425) #3469

Merged

mfreeman451 merged 1 commit from feat/addon-ephemeral-helper into staging

2026-05-31 16:26:41 +00:00

mfreeman451 commented

2026-05-31 16:24:18 +00:00

Owner

What

delivery-models task 3.2 — ephemeral-helper supervision, the last unimplemented supervision model. This completes the agent-side supervision coverage (config-toggle, agent-sidecar, systemd-service/systemd-timer, ephemeral-helper).

An ephemeral_helper add-on (e.g. remote-access's rdp-adapter) is a short-lived, one-shot binary the agent does not run or supervise. The dispatch:

stages + capability-grants the binary (reusing stageAndCapability — so it benefits from tarball delivery, setcap, and rollback);
registers its resolved path so the consuming subsystem can spawn it on demand (EphemeralHelperPath(id));
on reconcile, deregisters a helper whose assignment was disabled/removed (the staged binary stays on disk; nothing system-level was installed).

classifyAddonSupervision now routes ephemeral_helper to a dedicated addonDispatchEphemeral; the now-unused addonDispatchExternalUnimplemented placeholder is removed since every supervision model is handled.

Also: tasks.md reconciliation

Brought add-native-addon-delivery-models/tasks.md current — 3.1 (systemd dispatch, merged #3467) and 1.2 agent-half (tarball extraction, merged #3468) are marked done, plus 3.2 and 5.2 here. Only two tasks remain in the change, both build/packaging: 1.1 (carve serviceradar-netprobe out of the base agent) and 1.2 build-half (produce the signed per-arch tarball + os-package template).

Verification

Unit-tested: ephemeral registry remember/lookup/reconcile, supervision classification. go build/vet/golangci-lint clean. (No system-level side effects to host-verify — the agent only stages + registers a path; the staging/setcap path it reuses was host-verified in prior slices. Wiring remote-access to call EphemeralHelperPath is part of remote-access's own migration.)

🤖 Generated with Claude Code

## What delivery-models **task 3.2** — `ephemeral-helper` supervision, the last unimplemented supervision model. This completes the agent-side supervision coverage (`config-toggle`, `agent-sidecar`, `systemd-service`/`systemd-timer`, `ephemeral-helper`). An `ephemeral_helper` add-on (e.g. remote-access's `rdp-adapter`) is a short-lived, one-shot binary the agent does **not** run or supervise. The dispatch: - stages + capability-grants the binary (reusing `stageAndCapability` — so it benefits from tarball delivery, setcap, and rollback); - registers its resolved path so the consuming subsystem can spawn it on demand (`EphemeralHelperPath(id)`); - on reconcile, deregisters a helper whose assignment was disabled/removed (the staged binary stays on disk; nothing system-level was installed). `classifyAddonSupervision` now routes `ephemeral_helper` to a dedicated `addonDispatchEphemeral`; the now-unused `addonDispatchExternalUnimplemented` placeholder is removed since every supervision model is handled. ## Also: tasks.md reconciliation Brought `add-native-addon-delivery-models/tasks.md` current — **3.1** (systemd dispatch, merged #3467) and **1.2 agent-half** (tarball extraction, merged #3468) are marked done, plus **3.2** and **5.2** here. Only **two** tasks remain in the change, both build/packaging: **1.1** (carve `serviceradar-netprobe` out of the base agent) and **1.2 build-half** (produce the signed per-arch tarball + os-package template). ## Verification Unit-tested: ephemeral registry remember/lookup/reconcile, supervision classification. `go build`/`vet`/`golangci-lint` clean. (No system-level side effects to host-verify — the agent only stages + registers a path; the staging/setcap path it reuses was host-verified in prior slices. Wiring remote-access to call `EphemeralHelperPath` is part of remote-access's own migration.) 🤖 Generated with [Claude Code](https://claude.com/claude-code)

Rows
Columns