Remove the supervise flag; supervise every bottle

Issue #249: in practice the per-bottle `supervise` flag was never
turned off — all bottles should be supervised. Remove the manifest
flag and make the supervise sidecar unconditional, mirroring egress.

- Reject `supervise:` as a removed bottle key with a migration hint.
- Drop the `supervise` field from ManifestBottle and the extends merge.
- prepare_supervise always returns a SupervisePlan; the plan type is
  now non-optional and the per-backend `is None` guards are gone, so
  the supervise daemon, current-config mount, aliases, and MCP
  registration always render.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01YcU7nerbg8cVj9R4EkpfLJ

bot_bottle/backend/__init__.py

@@ -102,7 +102,7 @@ class BottlePlan(ABC):
         over a published host port)."""
         return "git"
     egress_plan: EgressPlan
-    supervise_plan: SupervisePlan | None
+    supervise_plan: SupervisePlan
     agent_provision: AgentProvisionPlan
 
     @property
@@ -332,7 +332,7 @@ class BottleBackend(ABC, Generic[PlanT, CleanupT]):
         )
         agent_provision_plan = merge_provision_env_vars(agent_provision_plan)
         egress_plan = prepare_egress(manifest_bottle, slug, agent_provision_plan)
-        supervise_plan = prepare_supervise(manifest_bottle, slug)
+        supervise_plan = prepare_supervise(slug)
         git_gate_plan = prepare_git_gate(manifest_bottle, slug)
 
         return self._resolve_plan(
@@ -405,7 +405,7 @@ class BottleBackend(ABC, Generic[PlanT, CleanupT]):
                       agent_provision_plan: AgentProvisionPlan,
                       egress_plan: EgressPlan,
                       git_gate_plan: GitGatePlan,
-                      supervise_plan: SupervisePlan | None,
+                      supervise_plan: SupervisePlan,
                       stage_dir: Path) -> PlanT:
         """Backend-specific plan resolution: image/container names,
         env-file, prompt-file, proxy plan, runtime detection. Called by

bot_bottle/backend/docker/backend.py

@@ -70,7 +70,7 @@ class DockerBottleBackend(BottleBackend["DockerBottlePlan", "DockerBottleCleanup
         agent_provision_plan: AgentProvisionPlan,
         egress_plan: EgressPlan,
         git_gate_plan: GitGatePlan,
-        supervise_plan: SupervisePlan | None,
+        supervise_plan: SupervisePlan,
         stage_dir: Path,
     ) -> DockerBottlePlan:
         return _resolve_plan.resolve_plan(
@@ -94,8 +94,6 @@ class DockerBottleBackend(BottleBackend["DockerBottlePlan", "DockerBottleCleanup
         """Docker bottles reach the supervise sidecar via the
         compose-network alias `supervise:9100`. No per-bottle URL
         plumbing needed; the alias resolves inside the bridge."""
-        if plan.supervise_plan is None:
-            return ""
         return f"http://{SUPERVISE_HOSTNAME}:{SUPERVISE_PORT}/"
 
     def prepare_cleanup(self) -> DockerBottleCleanupPlan:

bot_bottle/backend/docker/compose.py

@@ -14,7 +14,7 @@ Conditional services follow the plan content:
   - agent + sidecars bundle: always.
   - git-gate:  iff plan.git_gate_plan.upstreams.
   - egress:    iff plan.egress_plan.routes.
-  - supervise: iff plan.supervise_plan is not None.
+  - supervise: always (every bottle is supervised, issue #249).
 """
 
 from __future__ import annotations
@@ -119,13 +119,11 @@ def _sidecar_bundle_service(plan: DockerBottlePlan) -> dict[str, Any]:
     image, all daemons under a Python init supervisor.
 
     Daemon subset narrows via `BOT_BOTTLE_SIDECAR_DAEMONS` env.
-    egress is always present; git-gate / supervise are conditional.
+    egress and supervise are always present; git-gate is conditional.
     """
-    daemons: list[str] = ["egress"]
+    daemons: list[str] = ["egress", "supervise"]
     if plan.git_gate_plan.upstreams:
         daemons.append("git-gate")
-    if plan.supervise_plan is not None:
-        daemons.append("supervise")
 
     env: list[str] = [f"BOT_BOTTLE_SIDECAR_DAEMONS={','.join(daemons)}"]
     volumes: list[dict[str, Any]] = []
@@ -160,24 +158,21 @@ def _sidecar_bundle_service(plan: DockerBottlePlan) -> dict[str, Any]:
 
     # --- supervise ----------------------------------------------------
     sp = plan.supervise_plan
-    if sp is not None:
-        env += [
-            f"SUPERVISE_BOTTLE_SLUG={plan.slug}",
-            f"SUPERVISE_QUEUE_DIR={QUEUE_DIR_IN_CONTAINER}",
-            f"SUPERVISE_PORT={SUPERVISE_PORT}",
-        ]
-        volumes.append({
-            "type": "bind",
-            "source": str(sp.queue_dir),
-            "target": QUEUE_DIR_IN_CONTAINER,
-            "read_only": False,
-        })
+    env += [
+        f"SUPERVISE_BOTTLE_SLUG={plan.slug}",
+        f"SUPERVISE_QUEUE_DIR={QUEUE_DIR_IN_CONTAINER}",
+        f"SUPERVISE_PORT={SUPERVISE_PORT}",
+    ]
+    volumes.append({
+        "type": "bind",
+        "source": str(sp.queue_dir),
+        "target": QUEUE_DIR_IN_CONTAINER,
+        "read_only": False,
+    })
 
-    internal_aliases = [EGRESS_HOSTNAME]
+    internal_aliases = [EGRESS_HOSTNAME, SUPERVISE_HOSTNAME]
     if gp.upstreams:
         internal_aliases.append(GIT_GATE_HOSTNAME)
-    if sp is not None:
-        internal_aliases.append(SUPERVISE_HOSTNAME)
 
     service: dict[str, Any] = {
         "image": SIDECAR_BUNDLE_IMAGE,
@@ -231,14 +226,10 @@ def _agent_service(plan: DockerBottlePlan) -> dict[str, Any]:
     if plan.use_runsc:
         service["runtime"] = "runsc"
 
-    volumes: list[dict[str, Any]] = []
-    if plan.supervise_plan is not None:
-        volumes.append(_bind(
-            plan.supervise_plan.current_config_dir,
-            CURRENT_CONFIG_DIR_IN_AGENT,
-        ))
-    if volumes:
-        service["volumes"] = volumes
+    service["volumes"] = [_bind(
+        plan.supervise_plan.current_config_dir,
+        CURRENT_CONFIG_DIR_IN_AGENT,
+    )]
 
     # The init supervisor inside the bundle owns intra-bundle
     # daemon ordering, so the agent only waits for the bundle
@@ -254,12 +245,9 @@ def _agent_proxy_url(plan: DockerBottlePlan) -> str:
 
 
 def _agent_no_proxy(plan: DockerBottlePlan) -> str:
-    """NO_PROXY for the agent: loopback always; supervise hostname
-    when the supervise sidecar is up (MCP long-poll must bypass
-    the egress proxy)."""
-    hosts = ["localhost", "127.0.0.1"]
-    if plan.supervise_plan is not None:
-        hosts.append(SUPERVISE_HOSTNAME)
+    """NO_PROXY for the agent: loopback plus the supervise hostname
+    (MCP long-poll must bypass the egress proxy)."""
+    hosts = ["localhost", "127.0.0.1", SUPERVISE_HOSTNAME]
     return ",".join(hosts)
 
 

bot_bottle/backend/docker/launch.py

@@ -130,12 +130,10 @@ def launch(
             mitmproxy_ca_host_path=egress_ca_host,
             mitmproxy_ca_cert_only_host_path=egress_ca_cert_only,
         )
-        supervise_plan = plan.supervise_plan
-        if supervise_plan is not None:
-            supervise_plan = dataclasses.replace(
-                supervise_plan,
-                internal_network=internal_network,
-            )
+        supervise_plan = dataclasses.replace(
+            plan.supervise_plan,
+            internal_network=internal_network,
+        )
         plan = dataclasses.replace(
             plan,
             git_gate_plan=git_gate_plan,

bot_bottle/backend/docker/resolve_plan.py

@@ -37,7 +37,7 @@ def resolve_plan(
     resolved_env: ResolvedEnv,
     agent_provision_plan: AgentProvisionPlan,
     egress_plan: EgressPlan,
-    supervise_plan: SupervisePlan | None,
+    supervise_plan: SupervisePlan,
     git_gate_plan: GitGatePlan,
     stage_dir: Path,
 ) -> DockerBottlePlan:

bot_bottle/backend/macos_container/backend.py

@@ -52,7 +52,7 @@ class MacosContainerBottleBackend(
         agent_provision_plan: AgentProvisionPlan,
         egress_plan: EgressPlan,
         git_gate_plan: GitGatePlan,
-        supervise_plan: SupervisePlan | None,
+        supervise_plan: SupervisePlan,
         stage_dir: Path,
     ) -> MacosContainerBottlePlan:
         return _resolve_plan.resolve_plan(

bot_bottle/backend/macos_container/launch.py

@@ -222,9 +222,7 @@ def _stamp_agent_urls(
     sidecar_ip: str,
 ) -> MacosContainerBottlePlan:
     proxy_url = f"http://{sidecar_ip}:{EGRESS_PORT}"
-    supervise_url = ""
-    if plan.supervise_plan is not None:
-        supervise_url = f"http://{sidecar_ip}:{SUPERVISE_PORT}/"
+    supervise_url = f"http://{sidecar_ip}:{SUPERVISE_PORT}/"
     git_gate_url = ""
     if plan.git_gate_plan.upstreams:
         git_gate_url = f"http://{sidecar_ip}:{_GIT_HTTP_PORT}"
@@ -341,11 +339,9 @@ def _sidecar_dns() -> str:
 
 
 def _sidecar_daemons(plan: MacosContainerBottlePlan) -> tuple[str, ...]:
-    daemons = ["egress"]
+    daemons = ["egress", "supervise"]
     if plan.git_gate_plan.upstreams:
         daemons += ["git-gate", "git-http"]
-    if plan.supervise_plan is not None:
-        daemons.append("supervise")
     return tuple(daemons)
 
 
@@ -355,12 +351,11 @@ def _sidecar_env_entries(plan: MacosContainerBottlePlan) -> tuple[str, ...]:
         env.extend(sorted(plan.egress_plan.token_env_map.keys()))
     if plan.git_gate_plan.upstreams:
         env.append(f"BOT_BOTTLE_GIT_GATE_READY_FILE={_GIT_GATE_READY_FILE}")
-    if plan.supervise_plan is not None:
-        env += [
-            f"SUPERVISE_BOTTLE_SLUG={plan.slug}",
-            f"SUPERVISE_QUEUE_DIR={QUEUE_DIR_IN_CONTAINER}",
-            f"SUPERVISE_PORT={SUPERVISE_PORT}",
-        ]
+    env += [
+        f"SUPERVISE_BOTTLE_SLUG={plan.slug}",
+        f"SUPERVISE_QUEUE_DIR={QUEUE_DIR_IN_CONTAINER}",
+        f"SUPERVISE_PORT={SUPERVISE_PORT}",
+    ]
     return tuple(env)
 
 
@@ -383,8 +378,7 @@ def _sidecar_mounts(
         ))
 
     sp = plan.supervise_plan
-    if sp is not None:
-        mounts.append((str(sp.queue_dir), QUEUE_DIR_IN_CONTAINER, False))
+    mounts.append((str(sp.queue_dir), QUEUE_DIR_IN_CONTAINER, False))
 
     return tuple(mounts)
 

bot_bottle/backend/macos_container/resolve_plan.py

@@ -30,7 +30,7 @@ def resolve_plan(
     resolved_env: ResolvedEnv,
     agent_provision_plan: AgentProvisionPlan,
     egress_plan: EgressPlan,
-    supervise_plan: SupervisePlan | None,
+    supervise_plan: SupervisePlan,
     git_gate_plan: GitGatePlan,
     stage_dir: Path,
 ) -> MacosContainerBottlePlan:

bot_bottle/backend/resolve_common.py

@@ -92,11 +92,9 @@ def prepare_egress(
     return Egress().prepare(bottle, slug, egress_dir, provision.egress_routes)
 
 
-def prepare_supervise(bottle: ManifestBottle, slug: str) -> SupervisePlan | None:
-    """Prepare the supervise sidecar state dir. Returns None when
-    bottle.supervise is falsy."""
-    if not bottle.supervise:
-        return None
+def prepare_supervise(slug: str) -> SupervisePlan:
+    """Prepare the supervise sidecar state dir. Every bottle is
+    supervised (issue #249), so this always returns a plan."""
     supervise_dir = supervise_state_dir(slug)
     supervise_dir.mkdir(parents=True, exist_ok=True)
     return Supervise().prepare(slug, supervise_dir)

bot_bottle/backend/smolmachines/backend.py

@@ -62,7 +62,7 @@ class SmolmachinesBottleBackend(
         agent_provision_plan: AgentProvisionPlan,
         egress_plan: EgressPlan,
         git_gate_plan: GitGatePlan,
-        supervise_plan: SupervisePlan | None,
+        supervise_plan: SupervisePlan,
         stage_dir: Path,
     ) -> SmolmachinesBottlePlan:
         return _resolve_plan.resolve_plan(

bot_bottle/backend/smolmachines/launch.py

@@ -206,12 +206,10 @@ def _discover_urls(
         )
         agent_git_gate_host = f"{loopback_ip}:{git_gate_host_port}"
 
-    agent_supervise_url = ""
-    if plan.supervise_plan is not None:
-        supervise_host_port = _bundle.bundle_host_port(
-            plan.slug, _SUPERVISE_PORT, host_ip=loopback_ip,
-        )
-        agent_supervise_url = f"http://{loopback_ip}:{supervise_host_port}/"
+    supervise_host_port = _bundle.bundle_host_port(
+        plan.slug, _SUPERVISE_PORT, host_ip=loopback_ip,
+    )
+    agent_supervise_url = f"http://{loopback_ip}:{supervise_host_port}/"
 
     existing_no_proxy = plan.guest_env.get("NO_PROXY", "localhost,127.0.0.1")
     no_proxy = f"{existing_no_proxy},{loopback_ip}"
@@ -299,15 +297,14 @@ def _bundle_launch_spec(
     """Build a BundleLaunchSpec from the resolved inner Plans.
 
     Daemons in the CSV:
-      - egress is always present.
+      - egress and supervise are always present.
       - git-gate + git-http are conditional on plan.git_gate_plan.upstreams.
-      - supervise is conditional on plan.supervise_plan.
 
     Env + volumes are the union of the sidecar daemons' needs, with
     daemon-private values only (HTTPS_PROXY is scoped to the
     egress process by egress_entrypoint.sh — see PRD 0024's bundle
     bind-address PR)."""
-    daemons: list[str] = ["egress"]
+    daemons: list[str] = ["egress", "supervise"]
     env: list[str] = []
     volumes: list[tuple[str, str, bool]] = []
 
@@ -347,23 +344,19 @@ def _bundle_launch_spec(
 
     # --- supervise --------------------------------------------
     sp = plan.supervise_plan
-    if sp is not None:
-        daemons.append("supervise")
-        env += [
-            f"SUPERVISE_BOTTLE_SLUG={plan.slug}",
-            f"SUPERVISE_QUEUE_DIR={QUEUE_DIR_IN_CONTAINER}",
-            f"SUPERVISE_PORT={SUPERVISE_PORT}",
-        ]
-        volumes.append((str(sp.queue_dir), QUEUE_DIR_IN_CONTAINER, False))
+    env += [
+        f"SUPERVISE_BOTTLE_SLUG={plan.slug}",
+        f"SUPERVISE_QUEUE_DIR={QUEUE_DIR_IN_CONTAINER}",
+        f"SUPERVISE_PORT={SUPERVISE_PORT}",
+    ]
+    volumes.append((str(sp.queue_dir), QUEUE_DIR_IN_CONTAINER, False))
 
     # Container ports the agent reaches from the smolvm guest —
     # published on host loopback so the guest can dial via TSI +
     # macOS networking. Egress is always the agent's HTTP/HTTPS proxy.
-    ports_to_publish: list[int] = [_EGRESS_PORT]
+    ports_to_publish: list[int] = [_EGRESS_PORT, _SUPERVISE_PORT]
     if gp.upstreams:
         ports_to_publish.append(_GIT_HTTP_PORT)
-    if sp is not None:
-        ports_to_publish.append(_SUPERVISE_PORT)
 
     return _bundle.BundleLaunchSpec(
         slug=plan.slug,

bot_bottle/backend/smolmachines/resolve_plan.py

@@ -52,7 +52,7 @@ def resolve_plan(
     resolved_env: ResolvedEnv,
     agent_provision_plan: AgentProvisionPlan,
     egress_plan: EgressPlan,
-    supervise_plan: SupervisePlan | None,
+    supervise_plan: SupervisePlan,
     git_gate_plan: GitGatePlan,
     stage_dir: Path,
 ) -> SmolmachinesBottlePlan:

bot_bottle/backend/smolmachines/sidecar_bundle.py

@@ -68,7 +68,8 @@ class BundleLaunchSpec:
     image: str = SIDECAR_BUNDLE_IMAGE
     # Daemon subset CSV for BOT_BOTTLE_SIDECAR_DAEMONS. The
     # supervisor inside the bundle reads it to skip
-    # bottle-irrelevant daemons (e.g. supervise=False bottles).
+    # bottle-irrelevant daemons (e.g. git-gate when a bottle
+    # declares no upstreams).
     daemons_csv: str = "egress"
     # Plain "KEY=VALUE" strings + "KEY" bare names (the bare-name
     # form inherits the value from the docker-run subprocess env,