From 35bd1967905c6d37fbf80c7ff1011a8e45fdb9ea Mon Sep 17 00:00:00 2001 From: Dave Date: Fri, 20 Mar 2026 19:09:02 +0000 Subject: [PATCH] storkit: accept 356_story_start_command_should_say_queued_not_error_when_all_coders_are_busy --- ...r_agent_isolation_and_resource_limiting.md | 71 ------------------- ...eued_not_error_when_all_coders_are_busy.md | 0 2 files changed, 71 deletions(-) delete mode 100644 .storkit/work/1_backlog/329_spike_evaluate_docker_orbstack_for_agent_isolation_and_resource_limiting.md rename .storkit/work/{5_done => 6_archived}/356_story_start_command_should_say_queued_not_error_when_all_coders_are_busy.md (100%) diff --git a/.storkit/work/1_backlog/329_spike_evaluate_docker_orbstack_for_agent_isolation_and_resource_limiting.md b/.storkit/work/1_backlog/329_spike_evaluate_docker_orbstack_for_agent_isolation_and_resource_limiting.md deleted file mode 100644 index 677baa0..0000000 --- a/.storkit/work/1_backlog/329_spike_evaluate_docker_orbstack_for_agent_isolation_and_resource_limiting.md +++ /dev/null @@ -1,71 +0,0 @@ ---- -name: "Evaluate Docker/OrbStack for agent isolation and resource limiting" -agent: coder-opus ---- - -# Spike 329: Evaluate Docker/OrbStack for agent isolation and resource limiting - -## Question - -Investigate running the entire storkit system (server, Matrix bot, agents, web UI) inside a single Docker container, using OrbStack as the macOS runtime for better performance. The goal is to isolate storkit from the host machine — not to isolate agents from each other. - -**Important context:** Storkit developing itself is the dogfood edge case. The primary use case is storkit managing agents that develop *other* projects, driven by multiple users in chat rooms (Matrix, WhatsApp, Slack). Isolation must account for untrusted codebases, multi-user command surfaces, and running against arbitrary repos — not just the single-developer self-hosted setup. - -Currently storkit runs as bare processes on the host with full filesystem and network access. A single container would provide: - -1. **Host isolation** — storkit can't touch anything outside the container -2. **Clean install/uninstall** — `docker run` to start, `docker rm` to remove -3. **Reproducible environment** — same container works on any machine -4. **Distributable product** — `docker pull storkit` for new users -5. **Resource limits** — cap total CPU/memory for the whole system - -## Architecture - -``` -Docker Container (single) -├── storkit server -│ ├── Matrix bot -│ ├── WhatsApp webhook -│ ├── Slack webhook -│ ├── Web UI -│ └── MCP server -├── Agent processes (coder-1, coder-2, coder-opus, qa, mergemaster) -├── Rust toolchain + Node.js + Claude Code CLI -└── /workspace (bind-mounted project repo from host) -``` - -## Key questions to answer: - -- **Performance**: How much slower are cargo builds inside the container on macOS? Compare Docker Desktop vs OrbStack for bind-mounted volumes. -- **Dockerfile**: What's the minimal image for the full stack? Rust toolchain + Node.js + Claude Code CLI + cargo-nextest + git. -- **Bind mounts**: The project repo is bind-mounted from the host. Any filesystem performance concerns with OrbStack? -- **Networking**: Container exposes web UI port (3000). Matrix/WhatsApp/Slack connect outbound. Any issues? -- **API key**: Pass ANTHROPIC_API_KEY as env var to the container. -- **Git**: Git operations happen inside the container on the bind-mounted repo. Commits are visible on the host immediately. -- **Cargo cache**: Use a named Docker volume for ~/.cargo/registry so dependencies persist across container restarts. -- **Claude Code state**: Where does Claude Code store its session data? Needs to persist or be in a volume. -- **OrbStack vs Docker Desktop**: Is OrbStack required for acceptable performance, or does Docker Desktop work too? -- **Server restart**: Does `rebuild_and_restart` work inside a container (re-exec with new binary)? - -## Deliverable: -A proof-of-concept Dockerfile, docker-compose.yml, and a short write-up with findings and performance benchmarks. - -## Hypothesis - -- TBD - -## Timebox - -- TBD - -## Investigation Plan - -- TBD - -## Findings - -- TBD - -## Recommendation - -- TBD diff --git a/.storkit/work/5_done/356_story_start_command_should_say_queued_not_error_when_all_coders_are_busy.md b/.storkit/work/6_archived/356_story_start_command_should_say_queued_not_error_when_all_coders_are_busy.md similarity index 100% rename from .storkit/work/5_done/356_story_start_command_should_say_queued_not_error_when_all_coders_are_busy.md rename to .storkit/work/6_archived/356_story_start_command_should_say_queued_not_error_when_all_coders_are_busy.md