refactor!: rename project to bot-bottle

Assisted-by: Codex

docs/prds/0024-consolidate-sidecar-bundle.md

@@ -8,7 +8,7 @@
 
 Replace the four per-bottle sidecar containers in the Docker
 backend (pipelock, egress, git-gate, supervise) with a single
-container image — `claude-bottle-sidecars` — that runs all four
+container image — `bot-bottle-sidecars` — that runs all four
 daemons under a small stdlib-Python init supervisor. Same
 per-bottle lifetime, same scope, fewer containers per bottle,
 one Dockerfile to maintain instead of three. Outcome: the
@@ -64,7 +64,7 @@ The feature works when all of the following are observable:
   speak the same protocols on the same well-known in-container
   ports as before; only the container hostname changes.
 - The sandbox-escape suite from PRD 0022 stays green.
-- `docker logs claude-bottle-sidecars-<slug>` shows interleaved
+- `docker logs bot-bottle-sidecars-<slug>` shows interleaved
   output from all four daemons, prefixed by the supervisor with
   the daemon name. Each daemon's exit propagates through the
   supervisor to the container's exit code.
@@ -77,18 +77,18 @@ The feature is **done** when all of the following ship:
 - A new `Dockerfile.sidecars` (multi-stage) that:
   - Copies the `pipelock` binary from the upstream pipelock
     image (currently `ghcr.io/luckypipewrench/pipelock` pinned
-    by digest in `claude_bottle/backend/docker/pipelock.py`).
+    by digest in `bot_bottle/backend/docker/pipelock.py`).
   - Copies the `gitleaks` binary from `zricethezav/gitleaks`
     (currently pinned by digest in `Dockerfile.git-gate`).
   - Installs `mitmdump` (via `pip install mitmproxy==<pinned>`).
   - Installs the system deps `git-daemon` + `openssh-client`
     that git-gate needs.
   - Copies the existing addon + server Python from
-    `claude_bottle/egress_addon.py`, `egress_addon_core.py`,
+    `bot_bottle/egress_addon.py`, `egress_addon_core.py`,
     `yaml_subset.py`, `supervise.py`, `supervise_server.py`.
-  - Drops in a new `claude_bottle/sidecar_init.py` (stdlib
+  - Drops in a new `bot_bottle/sidecar_init.py` (stdlib
     Python) as the container's `ENTRYPOINT`.
-- A new `claude_bottle/sidecar_init.py` — a small Python init
+- A new `bot_bottle/sidecar_init.py` — a small Python init
   supervisor that:
   - Reads which daemons to run from env (defaults: all four).
   - Spawns each as a `subprocess.Popen` with prefixed
@@ -99,13 +99,13 @@ The feature is **done** when all of the following ship:
   - Exits with code 0 only if every child exited 0; otherwise
     exits 1. (Or: any-child-died → tear down the rest and exit
     that child's code — see open question 2.)
-- `claude_bottle/backend/docker/compose.py` renderer updated to
+- `bot_bottle/backend/docker/compose.py` renderer updated to
   emit one `sidecars` service in place of the four. The four
   in-container ports (8888 / 9099 / 9418 / 9100, today) all
   land on the same container; the agent-facing ports
   (HTTPS_PROXY, git-gate-SSH, supervise-MCP) are published as
   before, just from one container instead of three.
-- `claude_bottle/backend/docker/{pipelock,egress,git_gate,supervise}.py`
+- `bot_bottle/backend/docker/{pipelock,egress,git_gate,supervise}.py`
   collapsed: the platform-neutral pieces stay
   (`PipelockProxy`, `Egress`, `GitGate`, `Supervise` ABCs and
   their plans), the docker-specific subclasses lose their
@@ -161,7 +161,7 @@ The feature is **done** when all of the following ship:
 - New `Dockerfile.sidecars` (multi-stage) bringing pipelock,
   mitmproxy, gitleaks, git-daemon, openssh-client, and the
   project's addon + server Python into one image.
-- New `claude_bottle/sidecar_init.py` supervising the four
+- New `bot_bottle/sidecar_init.py` supervising the four
   daemons.
 - `backend/docker/compose.py` renderer collapse (five services
   → two).
@@ -217,12 +217,12 @@ RUN apt-get update \
  && rm -rf /var/lib/apt/lists/*
 
 # Drop in the project's Python addon + server code
-COPY claude_bottle/egress_addon_core.py /app/egress_addon_core.py
-COPY claude_bottle/egress_addon.py      /app/egress_addon.py
-COPY claude_bottle/yaml_subset.py       /app/yaml_subset.py
-COPY claude_bottle/supervise.py         /app/supervise.py
-COPY claude_bottle/supervise_server.py  /app/supervise_server.py
-COPY claude_bottle/sidecar_init.py      /app/sidecar_init.py
+COPY bot_bottle/egress_addon_core.py /app/egress_addon_core.py
+COPY bot_bottle/egress_addon.py      /app/egress_addon.py
+COPY bot_bottle/yaml_subset.py       /app/yaml_subset.py
+COPY bot_bottle/supervise.py         /app/supervise.py
+COPY bot_bottle/supervise_server.py  /app/supervise_server.py
+COPY bot_bottle/sidecar_init.py      /app/sidecar_init.py
 
 # Pull the standalone binaries into the final stage
 COPY --from=pipelock-src /usr/local/bin/pipelock /usr/local/bin/pipelock
@@ -252,7 +252,7 @@ existing Dockerfiles.
 
 ### Init supervisor
 
-`claude_bottle/sidecar_init.py` (sketch — actual code lands as
+`bot_bottle/sidecar_init.py` (sketch — actual code lands as
 part of implementation):
 
 ```python
@@ -287,7 +287,7 @@ of the four. The service inherits the union of the four's
 existing bind mounts; environment variables get prefixed by
 daemon name where they clash (none clash today, but the renderer
 becomes the central place to enforce that). Container hostname
-becomes `sidecars` (or `claude-bottle-sidecars-<slug>` for the
+becomes `sidecars` (or `bot-bottle-sidecars-<slug>` for the
 externally-visible name). The agent service's HTTPS_PROXY and
 git-gate URL move from per-sidecar hostnames to the single
 `sidecars` hostname:
@@ -301,9 +301,9 @@ services:
       GIT_GATE_URL: "git://git-gate:9418/repo"
       MCP_SUPERVISE_URL: "http://supervise:9100"
   pipelock: { image: ghcr.io/luckypipewrench/pipelock:... }
-  egress:   { image: claude-bottle-egress:latest }
-  git-gate: { image: claude-bottle-git-gate:latest }
-  supervise:{ image: claude-bottle-supervise:latest }
+  egress:   { image: bot-bottle-egress:latest }
+  git-gate: { image: bot-bottle-git-gate:latest }
+  supervise:{ image: bot-bottle-supervise:latest }
 
 # After (two services)
 services:
@@ -313,7 +313,7 @@ services:
       GIT_GATE_URL: "git://sidecars:9418/repo"
       MCP_SUPERVISE_URL: "http://sidecars:9100"
   sidecars:
-    image: claude-bottle-sidecars:<pinned>
+    image: bot-bottle-sidecars:<pinned>
     # union of the four prior services' volumes / env / ports
 ```
 
@@ -321,7 +321,7 @@ services:
 
 ### Backend Python collapse
 
-The four `claude_bottle/backend/docker/<sidecar>.py` files keep
+The four `bot_bottle/backend/docker/<sidecar>.py` files keep
 their platform-neutral abstractions (proxy/plan classes) but
 shed the docker-container-lifecycle code that compose-up
 already owns. Container-name helpers consolidate:
@@ -335,7 +335,7 @@ def supervise_container_name(slug): ...
 
 # becomes:
 def sidecar_bundle_container_name(slug: str) -> str:
-    return f"claude-bottle-sidecars-{slug}"
+    return f"bot-bottle-sidecars-{slug}"
 ```
 
 Per-daemon "is the container up?" helpers used by orphan
@@ -356,7 +356,7 @@ This PRD's change is large but mechanical. A pre-merge dry-run:
    and the resulting container runs all four daemons.
 2. Switch the renderer to emit the two-service shape behind an
    env-var feature flag (e.g.
-   `CLAUDE_BOTTLE_SIDECAR_BUNDLE=1`).
+   `BOT_BOTTLE_SIDECAR_BUNDLE=1`).
 3. Update integration tests in-place; flip the default once
    green; delete the flag and the old Dockerfiles in a
    follow-up commit on the same branch.
@@ -379,7 +379,7 @@ rewrite.
 3. **Backend Python collapse.** Drop the vestigial per-container
    `.start()` / `.stop()` methods from `DockerPipelockProxy`,
    `DockerEgress`, `DockerGitGate`, `DockerSupervise` (and from
-   the ABCs in `claude_bottle/{pipelock,egress,git_gate,supervise}.py`).
+   the ABCs in `bot_bottle/{pipelock,egress,git_gate,supervise}.py`).
    These were already documented as vestigial in PRD 0018 ch3.
    Strip vestigial sidecar-instance parameters from
    `launch.launch()` and `prepare.resolve_plan()`. Delete the
@@ -419,10 +419,10 @@ rewrite.
    is signal-killed (negative returncode) so the max is 0; a
    crashed-before-signal daemon's nonzero code wins and reaches
    the operator on container exit.
-3. **Image pin policy.** Pin `claude-bottle-sidecars` by tag
+3. **Image pin policy.** Pin `bot-bottle-sidecars` by tag
    (`:latest` rebuilt per-release) or by digest written into a
-   `CLAUDE_BOTTLE_SIDECAR_IMAGE` env var like the existing
-   `CLAUDE_BOTTLE_PIPELOCK_IMAGE`? Default to env-var override
+   `BOT_BOTTLE_SIDECAR_IMAGE` env var like the existing
+   `BOT_BOTTLE_PIPELOCK_IMAGE`? Default to env-var override
    + a documented tag; digest pinning is an operator opt-in.
 4. **Healthcheck aggregation.** Today each sidecar service has
    its own compose healthcheck and `agent.depends_on:
@@ -448,9 +448,9 @@ rewrite.
 - `Dockerfile.egress`, `Dockerfile.git-gate`,
   `Dockerfile.supervise` — the three Dockerfiles this PRD
   collapses into `Dockerfile.sidecars`.
-- `claude_bottle/backend/docker/compose.py` — the renderer this
+- `bot_bottle/backend/docker/compose.py` — the renderer this
   PRD slims down.
-- `claude_bottle/backend/docker/pipelock.py` — current home of
+- `bot_bottle/backend/docker/pipelock.py` — current home of
   `PIPELOCK_IMAGE` and the pinned digest the bundle's first
   stage reuses.
 - PRD 0017