2026-06-04 12:24:39 -04:00
36 changed files with 114 additions and 70 deletions
@@ -30,7 +30,6 @@ semantics open question.

 from __future__ import annotations

-import os
 import shutil
 import subprocess
 from pathlib import Path
@@ -39,7 +38,6 @@ from ...log import info, warn
 from .bottle_state import (
    mark_preserved,
    per_bottle_dockerfile,
-    per_bottle_dockerfile_path,
    transcript_snapshot_dir,
    write_per_bottle_dockerfile,
 )
@@ -15,30 +15,23 @@ import subprocess
 from pathlib import Path

 from ...log import die
-# Re-exported for the compose renderer + smolmachines launch step
-# (they used to import these from this module before they moved to
-# the platform-neutral pipelock module).
-from ...pipelock import (  # noqa: F401
-    PIPELOCK_CA_CERT_IN_CONTAINER,
-    PIPELOCK_CA_KEY_IN_CONTAINER,
-)


 # Pipelock image, pinned by digest. The digest is the multi-arch image
 # index for ghcr.io/luckypipewrench/pipelock:2.3.0.
 PIPELOCK_IMAGE = os.environ.get(
    "BOT_BOTTLE_PIPELOCK_IMAGE",
-    "ghcr.io/luckypipewrench/pipelock@sha256:3b1a39417b98406ddc5dc2d8fcb42865ddc0c68a43d355db55f0f8cb06bc6de9",
+    "ghcr.io/luckypipewrench/pipelock@sha256:"
+    "3b1a39417b98406ddc5dc2d8fcb42865ddc0c68a43d355db55f0f8cb06bc6de9",
 )

 # Listening port for pipelock's forward proxy.
 PIPELOCK_PORT = os.environ.get("BOT_BOTTLE_PIPELOCK_PORT", "8888")


-# The URL egress dials for its upstream HTTPS_PROXY. egress and
-# pipelock share the same container's network namespace inside the
-# sidecar bundle, so loopback reaches pipelock directly — no docker
-# DNS aliases involved.
+# The URL egress dials for its upstream HTTPS_PROXY. egress and pipelock
+# share the same container's network namespace inside the sidecar bundle, so
+# loopback reaches pipelock directly — no docker DNS aliases involved.
 BUNDLE_LOCAL_PIPELOCK_URL = f"http://127.0.0.1:{PIPELOCK_PORT}"


@@ -61,7 +61,10 @@ REGISTRY_IMAGE = os.environ.get(
 # narrow.
 CRANE_IMAGE = os.environ.get(
    "BOT_BOTTLE_CRANE_IMAGE",
-    "gcr.io/go-containerregistry/crane@sha256:0ae17ecb34315aa7cbff28f6eddee3b7adae0b2f90101260d990804db1eb0084",
+    (
+        "gcr.io/go-containerregistry/crane@sha256:"
+        "0ae17ecb34315aa7cbff28f6eddee3b7adae0b2f90101260d990804db1eb0084"
+    ),
 )


@@ -47,7 +47,6 @@ from __future__ import annotations

 import fcntl
 import json
-import os
 import platform
 import re
 import sqlite3
@@ -41,9 +41,18 @@ def usage() -> None:
    sys.stderr.write("  info      print env, skills, and prompt details for a named agent\n")
    sys.stderr.write("  init      interactively create a new agent and add it to bot-bottle.json\n")
    sys.stderr.write("  list      list available agents or active containers\n")
-    sys.stderr.write("  resume    re-launch a bottle by its identity (continues state from PRD 0016)\n")
-    sys.stderr.write("  start     boot a container for a named agent and attach an interactive session\n")
-    sys.stderr.write("  supervise view + approve/modify/reject pending supervise proposals (PRD 0013)\n\n")
+    sys.stderr.write(
+        "  resume    re-launch a bottle by its identity "
+        "(continues state from PRD 0016)\n"
+    )
+    sys.stderr.write(
+        "  start     boot a container for a named agent and "
+        "attach an interactive session\n"
+    )
+    sys.stderr.write(
+        "  supervise view + approve/modify/reject pending supervise "
+        "proposals (PRD 0013)\n\n"
+    )
    sys.stderr.write(f"Run '{PROG} <command> --help' for command-specific usage.\n")


@@ -51,7 +51,8 @@ def cmd_init(argv: list[str]) -> int:
            die(f"{target_file} exists but is not valid JSON; fix or remove it first")
        if agent_name in (existing.get("agents") or {}):
            sys.stderr.write(
-                f'bot-bottle: agent "{agent_name}" already exists in {target_file}. Overwrite? [y/N] '
+                f'bot-bottle: agent "{agent_name}" already exists in '
+                f'{target_file}. Overwrite? [y/N] '
            )
            sys.stderr.flush()
            ow = read_tty_line()
@@ -71,7 +72,10 @@ def cmd_init(argv: list[str]) -> int:

    # Prompt
    print(file=sys.stderr)
-    info("System prompt — enter text, then a lone '.' on its own line to finish (just '.' to leave empty):")
+    info(
+        "System prompt — enter text, then a lone '.' on its own line to "
+        "finish (just '.' to leave empty):"
+    )
    prompt_lines: list[str] = []
    while True:
        line = read_tty_line()
@@ -99,7 +103,10 @@ def cmd_init(argv: list[str]) -> int:

        if bottle_name in (existing.get("bottles") or {}):
            bottle_exists_already = True
-            info(f"Bottle '{bottle_name}' already exists in {target_file}; agent will reference it.")
+            info(
+                f"Bottle '{bottle_name}' already exists in {target_file}; "
+                f"agent will reference it."
+            )
        else:
            info(f"Creating new bottle '{bottle_name}'.")
            bottle_env = _prompt_for_env_vars()
@@ -131,8 +138,14 @@ def cmd_init(argv: list[str]) -> int:

 def _prompt_for_env_vars() -> dict[str, str]:
    print(file=sys.stderr)
-    info("Env vars — enter each var name then its mode. Press Enter with no name to finish.")
-    info("  Modes:  secret (prompt at runtime) | interpolated (read from host env) | literal (hardcoded value)")
+    info(
+        "Env vars — enter each var name then its mode. Press Enter with "
+        "no name to finish."
+    )
+    info(
+        "  Modes:  secret (prompt at runtime) | interpolated (read from "
+        "host env) | literal (hardcoded value)"
+    )
    out: dict[str, str] = {}
    while True:
        print(file=sys.stderr)
@@ -25,7 +25,7 @@ flow (PRD 0014) at egress and renames the MCP tool.
 from __future__ import annotations

 import dataclasses
-from abc import ABC, abstractmethod
+from abc import ABC
 from dataclasses import dataclass
 from pathlib import Path
 from typing import TYPE_CHECKING
@@ -38,7 +38,12 @@ from mitmproxy import http  # type: ignore[import-not-found]
 # Absolute import (NOT `from .egress_addon_core`) — the
 # container drops both files flat into /app/ so they are sibling
 # top-level modules to mitmdump's loader, not a package.
-from egress_addon_core import Route, decide, is_git_push_request, load_routes  # type: ignore[import-not-found]
+from egress_addon_core import (  # type: ignore[import-not-found]
+    Route,
+    decide,
+    is_git_push_request,
+    load_routes,
+)


 DEFAULT_ROUTES_PATH = "/etc/egress/routes.yaml"
@@ -78,11 +78,13 @@ def parse_routes(payload: object) -> tuple[Route, ...]:
    """
    if not isinstance(payload, dict):
        raise ValueError("routes payload: top-level must be an object")
-    raw = payload.get("routes")
+    payload_dict: dict[str, object] = typing.cast(dict[str, object], payload)
+    raw: object = payload_dict.get("routes")
    if not isinstance(raw, list):
        raise ValueError("routes payload: 'routes' must be a list")
+    raw_list: list[object] = typing.cast(list[object], raw)
    out: list[Route] = []
-    for i, r in enumerate(raw):
+    for i, r in enumerate(raw_list):
        out.append(_parse_one(i, r))
    return tuple(out)

@@ -91,15 +93,17 @@ def _parse_one(idx: int, raw: object) -> Route:
    label = f"route[{idx}]"
    if not isinstance(raw, dict):
        raise ValueError(f"{label}: must be an object (got {type(raw).__name__})")
-    host = raw.get("host")
+    raw_dict: dict[str, object] = typing.cast(dict[str, object], raw)
+    host: object = raw_dict.get("host")
    if not isinstance(host, str) or not host:
        raise ValueError(f"{label}: 'host' must be a non-empty string")

-    path_allow_raw = raw.get("path_allowlist", [])
+    path_allow_raw: object = raw_dict.get("path_allowlist", [])
    if not isinstance(path_allow_raw, list):
        raise ValueError(f"{label} ({host}): 'path_allowlist' must be a list")
+    path_allow_list: list[object] = typing.cast(list[object], path_allow_raw)
    prefixes: list[str] = []
-    for j, p in enumerate(path_allow_raw):
+    for j, p in enumerate(path_allow_list):
        if not isinstance(p, str):
            raise ValueError(
                f"{label} ({host}): path_allowlist[{j}] must be a string"
@@ -111,8 +115,8 @@ def _parse_one(idx: int, raw: object) -> Route:
            )
        prefixes.append(p)

-    auth_scheme = raw.get("auth_scheme", "")
-    token_env = raw.get("token_env", "")
+    auth_scheme: object = raw_dict.get("auth_scheme", "")
+    token_env: object = raw_dict.get("token_env", "")
    if not isinstance(auth_scheme, str):
        raise ValueError(f"{label} ({host}): 'auth_scheme' must be a string")
    if not isinstance(token_env, str):
@@ -32,7 +32,7 @@ from __future__ import annotations
 import dataclasses
 import os
 import shlex
-from abc import ABC, abstractmethod
+from abc import ABC
 from dataclasses import dataclass
 from pathlib import Path

@@ -57,7 +57,6 @@ from .manifest_egress import (
    EgressConfig,
    EgressRoute,
    PipelockRoutePolicy,
-    validate_egress_routes,
 )
 from .manifest_git import GitEntry, GitUser, parse_git_gate_config
 from .manifest_schema import BOTTLE_KEYS
@@ -323,8 +322,11 @@ class Manifest:
            return
        available = ", ".join(self.agents.keys())
        if available:
-            raise ManifestError(f"agent '{name}' not defined in bot-bottle.json. Available: {available}")
-        raise ManifestError(f"agent '{name}' not defined in bot-bottle.json (manifest is empty).")
+            msg = f"agent '{name}' not defined in bot-bottle.json. Available: {available}"
+            raise ManifestError(msg)
+        raise ManifestError(
+            f"agent '{name}' not defined in bot-bottle.json (manifest is empty)."
+        )

    def has_bottle(self, name: str) -> bool:
        return name in self.bottles
@@ -114,7 +114,10 @@ class Agent:

        bottle = d.get("bottle")
        if not isinstance(bottle, str) or not bottle:
-            raise ManifestError(f"agent '{name}' must declare a 'bottle' field naming a defined bottle")
+            raise ManifestError(
+                f"agent '{name}' must declare a 'bottle' field naming a "
+                f"defined bottle"
+            )
        if bottle not in bottle_names:
            available = ", ".join(sorted(bottle_names)) or "(none defined)"
            raise ManifestError(
@@ -126,7 +129,10 @@ class Agent:
        skills_raw = d.get("skills")
        if skills_raw is not None:
            if not isinstance(skills_raw, list):
-                raise ManifestError(f"agent '{name}' skills must be an array (was {type(skills_raw).__name__})")
+                raise ManifestError(
+                    f"agent '{name}' skills must be an array "
+                    f"(was {type(skills_raw).__name__})"
+                )
            collected: list[str] = []
            skills_list = cast(list[object], skills_raw)
            for i, skill in enumerate(skills_list):
@@ -144,7 +150,10 @@ class Agent:
        elif isinstance(prompt_raw, str):
            prompt = prompt_raw
        else:
-            raise ManifestError(f"agent '{name}' prompt must be a string (was {type(prompt_raw).__name__})")
+            raise ManifestError(
+                f"agent '{name}' prompt must be a string "
+                f"(was {type(prompt_raw).__name__})"
+            )

        # git-gate: agents may declare only `git-gate.user` (name/email).
        # `git-gate.repos` is bottle-only — it carries credentials and host trust.
@@ -214,7 +214,8 @@ class EgressRoute:
            collected_roles: list[str] = []
            for r in role_list:
                if not isinstance(r, str):
-                    raise ManifestError(f"{label} role items must be strings (got {type(r).__name__})")
+                    msg = f"{label} role items must be strings (got {type(r).__name__})"
+                    raise ManifestError(msg)
                collected_roles.append(r)
            roles = tuple(collected_roles)
        else:
@@ -30,12 +30,18 @@ def parse_git_upstream(url: str, label: str) -> tuple[str, str, str, str]:
        raise ManifestError(f"{label} must be an ssh:// URL (was {url!r})")
    rest = url[len("ssh://"):]
    if "@" not in rest:
-        raise ManifestError(f"{label} must include a user (e.g. ssh://git@host/path.git); was {url!r}")
+        raise ManifestError(
+            f"{label} must include a user (e.g. ssh://git@host/path.git); "
+            f"was {url!r}"
+        )
    user, _, hostpart = rest.partition("@")
    if not user:
        raise ManifestError(f"{label} user is empty in {url!r}")
    if "/" not in hostpart:
-        raise ManifestError(f"{label} must include a path (e.g. ssh://git@host/path.git); was {url!r}")
+        raise ManifestError(
+            f"{label} must include a path (e.g. ssh://git@host/path.git); "
+            f"was {url!r}"
+        )
    hostport, _, path = hostpart.partition("/")
    if not path:
        raise ManifestError(f"{label} path is empty in {url!r}")
@@ -20,7 +20,7 @@ from __future__ import annotations
 from dataclasses import dataclass
 from pathlib import Path

-from .egress import EGRESS_HOSTNAME, EgressRoute, egress_routes_for_bottle
+from .egress import EgressRoute, egress_routes_for_bottle
 from .supervise import SUPERVISE_HOSTNAME
 from .manifest import Bottle

@@ -40,7 +40,7 @@ import json
 import os
 import time
 import uuid
-from abc import ABC, abstractmethod
+from abc import ABC
 from dataclasses import dataclass
 from datetime import datetime, timezone
 from pathlib import Path
@@ -159,7 +159,10 @@ TOOL_DEFINITIONS: list[dict[str, object]] = [
            "properties": {
                "host": {
                    "type": "string",
-                    "description": "The hostname to allow (e.g. 'api.github.com'). Case-insensitive on match.",
+                    "description": (
+                        "The hostname to allow (e.g. 'api.github.com'). "
+                        "Case-insensitive on match."
+                    ),
                },
                "path_allowlist": {
                    "type": "array",
@@ -24,7 +24,6 @@ this test runs in DinD too — no act_runner skip needed.
 from __future__ import annotations

 import os
-import shutil
 import subprocess
 import tempfile
 import time
@@ -32,7 +31,7 @@ import unittest
 from pathlib import Path

 from bot_bottle import supervise
-from bot_bottle.backend.docker import bottle_state, capability_apply
+from bot_bottle.backend.docker import bottle_state
 from bot_bottle.backend.docker.capability_apply import apply_capability_change
 from bot_bottle.backend.docker.network import (
    network_create_egress,
@@ -12,7 +12,6 @@ localhost-reach / egress-port-bypass probes) lives in chunk 2d."""

 from __future__ import annotations

-import json
 import os
 import subprocess
 import time
@@ -11,7 +11,6 @@ from pathlib import Path
 from bot_bottle.agent_provider import (
    CODEX_HOST_CREDENTIAL_HOSTS,
    agent_provision_plan,
-    runtime_for,
 )
 from bot_bottle.egress import CODEX_HOST_CREDENTIAL_TOKEN_REF

@@ -14,7 +14,7 @@ from __future__ import annotations
 import subprocess
 import unittest
 from typing import Callable
-from unittest.mock import MagicMock, call, patch
+from unittest.mock import patch


 # ---------------------------------------------------------------------------
@@ -6,7 +6,6 @@ the operator confirms.  Mocks the backends and stdin."""

 from __future__ import annotations

-import sys
 import unittest
 from unittest.mock import patch, MagicMock

@@ -9,10 +9,8 @@ All actual launch work is stubbed so no container is created.
 from __future__ import annotations

 import os
-import sys
-import types
 import unittest
-from unittest.mock import MagicMock, patch, call
+from unittest.mock import MagicMock, patch

 import bot_bottle.cli.start as start_mod
 import bot_bottle.cli.tui as tui_mod
@@ -14,7 +14,6 @@ from unittest.mock import MagicMock, patch

 from bot_bottle.agent_provider import (
    AgentProvisionCommand,
-    AgentProvisionDir,
    AgentProvisionFile,
    AgentProvisionPlan,
 )
@@ -6,9 +6,7 @@ import json
 import unittest
 import urllib.error
 from io import BytesIO
-from pathlib import Path
-from tempfile import mkdtemp
-from unittest.mock import MagicMock, call, patch
+from unittest.mock import MagicMock, patch

 from bot_bottle.contrib.gitea.deploy_key_provisioner import (
    GiteaDeployKeyProvisioner,
@@ -3,7 +3,6 @@
 from __future__ import annotations

 import unittest
-from unittest.mock import patch

 from bot_bottle.deploy_key_provisioner import DeployKeyProvisioner, get_provisioner
 from bot_bottle.manifest import ManifestError
@@ -11,7 +11,7 @@ from __future__ import annotations
 import tempfile
 import unittest
 from pathlib import Path
-from unittest.mock import MagicMock, call
+from unittest.mock import MagicMock

 from bot_bottle.agent_provider import AgentProvisionPlan
 from bot_bottle.backend import Bottle, BottleSpec, ExecResult
@@ -7,7 +7,7 @@ auth omission means unauthenticated."""

 import unittest

-from bot_bottle.manifest import ManifestError, EgressRoute, Manifest
+from bot_bottle.manifest import ManifestError, Manifest


 def _bottle(routes):
@@ -10,7 +10,7 @@ import os
 import tempfile
 import unittest
 from pathlib import Path
-from typing import Any, cast
+from typing import cast

 from bot_bottle.manifest import Manifest
 from bot_bottle.pipelock import (
@@ -220,7 +220,11 @@ class TestEgressPrintParity(unittest.TestCase):
                indent_prefix = ln[:idx]
                result.append(ln)
            elif collecting:
-                if ln.startswith(indent_prefix) and "egress" not in ln and ":" not in ln.lstrip()[:20]:
+                if (
+                    ln.startswith(indent_prefix)
+                    and "egress" not in ln
+                    and ":" not in ln.lstrip()[:20]
+                ):
                    result.append(ln)
                else:
                    break
@@ -124,7 +124,9 @@ class TestCleanup(unittest.TestCase):
        )
        results = iter([
            _ok(),  # stop succeeds
-            subprocess.CompletedProcess(args=[], returncode=1, stdout="", stderr="boom"),  # delete fails
+            subprocess.CompletedProcess(
+                args=[], returncode=1, stdout="", stderr="boom"
+            ),  # delete fails
            _ok(),  # bundle rm succeeds
        ])

@@ -11,7 +11,6 @@ import json
 import sqlite3
 import subprocess
 import tempfile
-import threading
 import unittest
 from pathlib import Path
 from unittest.mock import patch
@@ -59,7 +59,9 @@ class TestSmolmachinesResolveEnv(unittest.TestCase):
                    patch("bot_bottle.backend.smolmachines.prepare.PipelockProxy") as mock_pl,
                    patch("bot_bottle.backend.smolmachines.prepare.Egress") as mock_eg,
                    patch("bot_bottle.backend.smolmachines.prepare.Supervise"),
-                    patch("bot_bottle.backend.smolmachines.prepare.agent_provision_plan") as mock_app,
+                    patch(
+                        "bot_bottle.backend.smolmachines.prepare.agent_provision_plan"
+                    ) as mock_app,
                    patch("bot_bottle.backend.smolmachines.prepare.runtime_for"),
                ):
                    mock_gg.return_value.prepare.return_value = MagicMock()
@@ -37,7 +37,11 @@ from bot_bottle.supervise import (
 FIXED_TS = datetime(2026, 5, 25, 12, 0, 0, tzinfo=timezone.utc)


-def _proposal(tool: str = TOOL_EGRESS_BLOCK, proposed: str = "{}", justification: str = "need a route") -> Proposal:
+def _proposal(
+    tool: str = TOOL_EGRESS_BLOCK,
+    proposed: str = "{}",
+    justification: str = "need a route",
+) -> Proposal:
    return Proposal.new(
        bottle_slug="dev",
        tool=tool,
@@ -7,7 +7,6 @@ which hostname will land in pipelock's allowlist on approval."""

 import unittest

-from bot_bottle import supervise
 from bot_bottle.cli import supervise as supervise_cli
 from bot_bottle.supervise import (
    Proposal,
@@ -39,7 +39,6 @@ from bot_bottle.supervise_server import (
    jsonrpc_error,
    jsonrpc_result,
    parse_jsonrpc,
-    serve,
    validate_proposed_file,
 )