feat(orchestrator): slice 6 — source-IP-keyed multi-tenant policy #361
Open
didericis-claude
wants to merge 1 commits from
orchestrator-slice6 into orchestrator-slice5
pull from: orchestrator-slice6
merge into: didericis:orchestrator-slice5
didericis:main
didericis:orchestrator-registration
didericis:orchestrator-lifecycle
didericis:orchestrator-supervise-writers
didericis:orchestrator-supervise-multitenant
didericis:orchestrator-gitgate-multitenant
didericis:orchestrator-rename-gateway
didericis:orchestrator-slice8
didericis:orchestrator-slice7
didericis:prd-orchestrator
didericis:orchestrator-slice5
didericis:orchestrator-slice4
didericis:orchestrator-slice3
didericis:orchestrator-slice2
didericis:ci-kvm-runner
didericis:post-build-image-smoke-test
didericis:firecracker-backend
didericis:issue-330-cached-images
didericis:forge-native-integration
didericis:prd-smolmachines-linux
didericis:claude-forward-host-credentials
didericis:fold-orchestrator-subpackage
didericis:prd-egress-control-plane
didericis:manifest-break-import-cycle
didericis:dlp-supervise-quality-fixes
didericis:table-drive-dlp-tests
didericis:fix-integration-test-failures
didericis:fix/macos-container-relative-dockerfile
didericis:prd-0054-install-script
didericis:commit-bottle-state
didericis:pr-211
didericis:move-codex-auth-to-contrib
didericis:feat/pipelock-skip-scan-extensions
didericis:prd-0049-named-labelled-agents
didericis:harden-git-gate-shell-rendering
Labels
Clear labels
Compat/Breaking
Kind/Bug
Kind/Documentation
Kind/Enhancement
Kind/Feature
Kind/Security
Kind/Testing
Breaking change that won't be backward compatible
Something is not working
Documentation changes
Improve existing functionality
New functionality
This is security issue
Issue or pull request related to testing
Priority
Critical
1
The priority is critical
Priority
High
2
The priority is high
Priority
Low
4
The priority is low
Priority
Medium
3
The priority is medium
Reviewed
Confirmed
1
Issue has been confirmed
Reviewed
Duplicate
2
This issue or pull request already exists
Reviewed
Invalid
3
Invalid issue
Reviewed
Won't Fix
3
This issue won't be fixed
Status
Abandoned
3
Somebody has started to work on this but abandoned work
Status
Blocked
1
Something is blocking this issue or pull request
Status
Need More Info
2
Feedback is required to reproduce issue or to continue work
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
No Assignees
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: didericis/bot-bottle#361
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Delete Branch "orchestrator-slice6"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Slice 6 of PRD 0070, stacked on #360. The orchestrator side of the multi-tenant consolidated sidecar: hold each bottle's sidecar policy and serve it by verified source IP, with live reload — so one shared sidecar can get per-bottle config keyed on who's calling.
registry.py— apolicycolumn (migration v3; opaque JSON the sidecar interprets) onBottleRecord;register(..., policy=),set_policy(id, policy)(live), andattributereturns it (the source-IP-keyed resolution).service.py—launch_bottle(..., policy=)+set_policy.control_plane.py—POST /bottlesacceptspolicy;PUT /bottles/<id>/policylive-reloads it;POST /resolvereturns{bottle_id, policy}for a verified(source_ip, token)— the per-request call the multi-tenant sidecar makes./attributestays identity-only.Scope note (honest): this is the control-plane / state half. The data-plane half — the egress mitmproxy addon (and git-gate) selecting allowlist / DLP / token-injection per client IP by calling
/resolve— is the next slice (route agent bottles through the shared sidecar, #7). The orchestrator stays policy-agnostic: stores + serves the blob verbatim.Tests: registry policy store/update/persist; Orchestrator launch-with-policy + live
set_policy; control-plane/resolvereturns policy (403 on bad token),PUTpolicy updates / 404 / 400. Verified live over HTTP (launch → resolve → PUT reload → resolve reflects). Full suite green.Merge order: #352 → #356 → #357 → #358 → #360 → this.
🤖 Generated with Claude Code
The orchestrator side of the multi-tenant consolidated sidecar: hold each bottle's sidecar policy and serve it by verified source IP, with live reload. One shared sidecar can now get per-bottle config keyed on who's calling. * registry.py — a `policy` column (migration v3, opaque JSON the sidecar interprets) on BottleRecord; `register(..., policy=)` stores it, `set_policy(bottle_id, policy)` updates it live, and `attribute` returns it (the source-IP-keyed resolution). * service.py — `launch_bottle(..., policy=)` and `set_policy`. * control_plane.py — `POST /bottles` accepts `policy`; `PUT /bottles/<id>/policy` live-reloads it; `POST /resolve` returns {bottle_id, policy} for a verified (source_ip, token) — the per-request call the multi-tenant sidecar makes; `/attribute` stays identity-only. Scope note: this is the control-plane / state half. The data-plane half — the egress mitmproxy addon (and git-gate) selecting allowlist / DLP / token-injection per client IP by calling `/resolve` — is the next slice (route agent bottles through the shared sidecar). The orchestrator stays policy-agnostic: it stores and serves the blob verbatim. Tests: registry policy store/update/persist; Orchestrator launch-with-policy + live set_policy; control-plane resolve returns policy (403 on bad token), PUT policy updates / 404 / 400. Verified live over HTTP (launch -> resolve -> PUT reload -> resolve reflects). Full suite green. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01WBMWTEtQdJ4W5UrWuLHCckShould probably change the policy to be a structured type, but is fine for now.
View command line instructions
Checkout
From your project repository, check out a new branch and test the changes.