t1433: add provider-aware headless runtime for pulse and workers

[marcusquinn]

Summary

• add a provider-aware headless runtime helper for pulse and worker opencode run dispatches
• persist provider-specific session IDs, enforce direct-provider-only headless routing, and back off providers until auth changes or retry windows expire
• wire pulse/setup/docs/tests so headless automation can pause during rate limits and resume automatically without falling through to Zen

Closes #4115

Summary by CodeRabbit

• New Features

  • Introduced headless runtime dispatch system with provider-aware session management and automatic model rotation across dispatch operations.
  • Added session persistence and backoff handling for improved reliability and provider failover.
  • Enhanced scope management and routing logic for cross-repo dispatch operations.
  • Added support for configurable headless model and provider allowlist in deployment configuration.

• Tests

  • Added comprehensive test coverage for headless runtime dispatch behavior.

• Documentation

  • Updated dispatch documentation with new routing rules and scope boundaries.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the robustness and efficiency of headless OpenCode operations by introducing a sophisticated runtime helper. This helper intelligently manages model selection, persists sessions across runs, and implements a dynamic backoff mechanism for API providers, ensuring that automated tasks can gracefully handle transient failures and rate limits without manual intervention. The changes streamline the execution of pulse and worker dispatches, making the system more resilient and self-correcting.

Highlights

• Headless Runtime Helper: Introduced a new headless-runtime-helper.sh script to manage opencode run dispatches for pulse and worker tasks, providing provider-aware model selection and session management.
• Provider-Aware Model Selection: The helper alternates between configured headless providers/models (e.g., Anthropic Sonnet, OpenAI Codex) and can be restricted by an allowlist, ensuring direct-provider-only headless routing.
• Session Persistence: Implemented persistence of provider-specific OpenCode session IDs per session key, allowing headless runs to continue previous sessions.
• Provider Backoff and Recovery: The system now records provider backoff states for authentication, rate-limit, or general runtime failures, and automatically clears backoff when authentication changes or retry windows expire.
• Integration and Configuration: Updated pulse.md documentation, pulse-wrapper.sh script, and setup.sh to integrate the new helper and ensure proper environment variable propagation for headless runtime configuration.
• Robustness: The helper rejects opencode/* gateway models for headless runs (preventing Zen fallback) and flags successful runs without any model activity as errors, leading to provider backoff.

Changelog

• .agents/scripts/commands/pulse.md
  • Updated opencode run commands to use the new headless-runtime-helper.sh for all headless dispatches.
  • Revised dispatch rules to reflect the helper's capabilities, including model alternation, session persistence, and provider backoff.
• .agents/scripts/headless-runtime-helper.sh
  • Added a new shell script to act as a provider-aware wrapper for OpenCode, managing model selection, session IDs, and provider backoff.
  • Implemented SQLite database integration for persisting provider backoff states, session IDs, and provider rotation information.
  • Developed functions for dynamic model selection, failure classification (rate limit, auth error), and session ID extraction from OpenCode output.
  • Included select, run, backoff, and session subcommands for managing headless runtime behavior.
• .agents/scripts/pulse-wrapper.sh
  • Updated documentation comments to reflect the integration of provider-aware pulse sessions.
  • Modified the PULSE_MODEL variable initialization and updated the opencode run invocation to use the new headless-runtime-helper.sh.
• setup.sh
  • Modified launchd plist and crontab generation to include AIDEVOPS_HEADLESS_MODELS and AIDEVOPS_HEADLESS_PROVIDER_ALLOWLIST environment variables, allowing configuration of the headless runtime helper.
• tests/test-headless-runtime-helper.sh
  • Added a new test script to validate the functionality of the headless-runtime-helper.sh.
  • Included tests for model selection, provider allowlisting, backoff mechanisms, auth change recovery, session persistence, and handling of zero-activity runs.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[coderabbitai]

Warning

Rate limit exceeded

@marcusquinn has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 18 minutes and 40 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 56f96d3f-582b-4da8-9077-2079c53c2bf9

📥 Commits

Reviewing files that changed from the base of the PR and between eeef6f7 and 7062e65.

📒 Files selected for processing (5)

• .agents/scripts/commands/pulse.md
• .agents/scripts/headless-runtime-helper.sh
• .agents/scripts/pulse-wrapper.sh
• setup.sh
• tests/test-headless-runtime-helper.sh

Walkthrough

The changes introduce a provider-aware headless runtime wrapper (headless-runtime-helper.sh) that replaces direct opencode run invocations across pulse dispatch flows. The wrapper manages provider sessions, enforces backoff on auth/rate-limit failures, rotates between providers and models, persists session state via SQLite, and integrates with pulse startup and configuration pipelines.

Changes

Cohort / File(s)	Summary
Documentation & Dispatch Rules .agents/scripts/commands/pulse.md	Updated all dispatch invocations (issues, tasks, missions, batch) to use headless-runtime-helper.sh run instead of direct opencode run; added session-key semantics, bundle-aware agent routing, scope boundary (t1405), lineage context, provider/model orchestration rules, and explicit exclusions for Claude gateway models.
Headless Runtime Wrapper .agents/scripts/headless-runtime-helper.sh	New 769-line Bash script providing provider-aware session and backoff state management via SQLite (state.db); includes provider rotation, model selection, authentication signature tracking, backoff window enforcement, session persistence across runs, and four runtime commands (select, run, backoff, session) with robust error handling and diagnostic output.
Pulse Integration .agents/scripts/pulse-wrapper.sh	Refactored run_pulse to invoke HEADLESS_RUNTIME_HELPER with role=pulse and provider-aware model selection, replacing direct opencode invocation; cleared default PULSE_MODEL value to allow helper-driven selection; added HEADLESS_RUNTIME_HELPER global variable for wrapper location.
Setup & Configuration setup.sh	Extended launchd plist and cron environment setup to conditionally inject AIDEVOPS_HEADLESS_MODELS and AIDEVOPS_HEADLESS_PROVIDER_ALLOWLIST environment variables when headless configuration is present; maintains backward compatibility when headless variables are unset.
Integration Tests tests/test-headless-runtime-helper.sh	New 170-line integration test suite validating helper behavior: syntax checks, model rotation cycling, allowlist enforcement, provider backoff mechanics, auth-change-clears-backoff behavior, session persistence across runs, and zero-activity rejection with backoff state updates.

Sequence Diagram(s)

sequenceDiagram
    participant Dispatch as Pulse Dispatch<br/>(pulse.md)
    participant Helper as headless-runtime-<br/>helper.sh
    participant StateDB as SQLite<br/>state.db
    participant Provider as Provider<br/>(Anthropic/OpenAI)
    participant OpenCode as OpenCode<br/>Runtime

    Dispatch->>Helper: run --role task --session-key task-123<br/>--prompt "execute subtask"
    
    Helper->>Helper: init_state_db if needed
    Helper->>StateDB: check provider_backoff for active windows
    StateDB-->>Helper: backoff status
    
    alt Backoff Active
        Helper-->>Dispatch: skip (backoff window active)
    else Backoff Expired or None
        Helper->>StateDB: get last_provider, rotation state
        StateDB-->>Helper: provider history
        
        Helper->>Helper: choose_model (rotate or override)
        Helper->>Helper: get_auth_signature for selected provider
        
        Helper->>OpenCode: opencode run --model selected_model<br/>--session-id persisted_session<br/>--prompt from file
        OpenCode-->>Helper: output + exit_code
        
        alt Exit Success
            Helper->>Helper: extract_session_id_from_output
            Helper->>StateDB: store_session_id for provider
            Helper-->>Dispatch: return (0)
        else Exit Failure
            Helper->>Helper: classify_failure_reason (rate_limit/auth_error/provider_error)
            Helper->>Helper: parse_retry_after_seconds
            Helper->>StateDB: record_provider_backoff with window
            Helper-->>Dispatch: return (1)
        end
    end

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• t1397: fix pulse-wrapper stuck process — add watchdog timeout #2853: Modifies pulse-wrapper.sh's run_pulse invocation flow to integrate the new headless-runtime-helper wrapper with session and model orchestration logic.
• feat: add self-improvement principle and agent routing to pulse system #2295: Updates pulse dispatch logic in pulse.md/runners.md to formalize agent routing via --agent flag, directly related to the bundle-aware routing introduced here.
• fix: Enforce opencode run for headless dispatch — never use claude CLI #2359: Enforces dispatch rules in pulse.md regarding provider/model selection (excludes Claude gateway models), aligned with the provider orchestration and explicit escalation logic added in this PR.

Poem

🔄 Provider dance begins with care,
Sessions spin through SQLite's lair,
Backoff windows, auth signatures align,
Headless dispatch now flows divine,
Zero Zen, no gateway's snare! ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 5.88% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: introducing a provider-aware headless runtime for pulse and workers, which is the core focus of all modifications.
Linked Issues check	✅ Passed	All requirements from #4115 are met: provider-aware wrapper implemented, session persistence added, no-Zen routing enforced, provider backoff with auth/retry-window handling, and integration across pulse/setup/docs/tests.
Out of Scope Changes check	✅ Passed	All changes are directly scoped to implementing the provider-aware headless runtime. No unrelated modifications to unrelated systems or functionality.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature/provider-aware-headless-runtime

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[alex-solovyev]

Dispatching worker to rebase onto main and resolve merge conflicts.

• Branch: feature/provider-aware-headless-runtime
• Issue: t1433: Add provider-aware headless runtime for pulse and workers #4115
• Action: Rebase onto main, resolve conflicts, push — no functional changes

[coderabbitai]

🧹 Nitpick comments (1)

.agents/scripts/pulse-wrapper.sh (1)

104-105: Design is sound — model selection properly delegated to headless helper.

The empty PULSE_MODEL default is intentional and safe: headless-runtime-helper.sh provides DEFAULT_HEADLESS_MODELS="anthropic/claude-sonnet-4-6,openai/gpt-5.3-codex" as fallback (context snippet 3, line 18). This enables provider rotation without hard-coding a single model here.

Consider adding an existence check for the helper script to surface misconfiguration early rather than failing silently in run_pulse():

🛡️ Optional defensive check

 PULSE_MODEL="${PULSE_MODEL:-}"
 HEADLESS_RUNTIME_HELPER="${HEADLESS_RUNTIME_HELPER:-${SCRIPT_DIR}/headless-runtime-helper.sh}"
+
+if [[ ! -x "$HEADLESS_RUNTIME_HELPER" ]]; then
+	echo "[pulse-wrapper] ERROR: headless-runtime-helper.sh not found or not executable at ${HEADLESS_RUNTIME_HELPER}" >>"$LOGFILE"
+	# Fall back to direct opencode if helper is missing (graceful degradation)
+fi

As per coding guidelines: "Automation scripts - focus on: Reliability and robustness, Clear logging and feedback".

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.agents/scripts/pulse-wrapper.sh around lines 104 - 105, Add a defensive
check that verifies the HEADLESS_RUNTIME_HELPER file exists and is executable
before run_pulse() is invoked: if HEADLESS_RUNTIME_HELPER (the variable set from
SCRIPT_DIR/headless-runtime-helper.sh) is missing or not executable, log a clear
error message referencing HEADLESS_RUNTIME_HELPER and SCRIPT_DIR and exit with a
non‑zero status so misconfiguration is surfaced early; keep PULSE_MODEL default
behavior unchanged and ensure run_pulse() will not proceed when the helper is
absent.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In @.agents/scripts/pulse-wrapper.sh:
- Around line 104-105: Add a defensive check that verifies the
HEADLESS_RUNTIME_HELPER file exists and is executable before run_pulse() is
invoked: if HEADLESS_RUNTIME_HELPER (the variable set from
SCRIPT_DIR/headless-runtime-helper.sh) is missing or not executable, log a clear
error message referencing HEADLESS_RUNTIME_HELPER and SCRIPT_DIR and exit with a
non‑zero status so misconfiguration is surfaced early; keep PULSE_MODEL default
behavior unchanged and ensure run_pulse() will not proceed when the helper is
absent.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 5062987e-c9bd-44b0-9d76-4cb8b82ce168

📥 Commits

Reviewing files that changed from the base of the PR and between 65b7d9d and eeef6f7.

📒 Files selected for processing (5)

• .agents/scripts/commands/pulse.md
• .agents/scripts/headless-runtime-helper.sh
• .agents/scripts/pulse-wrapper.sh
• setup.sh
• tests/test-headless-runtime-helper.sh

[github-actions]

🔍 Code Quality Report

�[0;35m[MONITOR]�[0m Code Review Monitoring Report

�[0;34m[INFO]�[0m Latest Quality Status:
SonarCloud: 0 bugs, 0 vulnerabilities, 396 code smells

�[0;34m[INFO]�[0m Recent monitoring activity:
Wed Mar 11 03:07:30 UTC 2026: Code review monitoring started
Wed Mar 11 03:07:31 UTC 2026: SonarCloud - Bugs: 0, Vulnerabilities: 0, Code Smells: 396

📈 Current Quality Metrics

• BUGS: 0
• CODE SMELLS: 396
• VULNERABILITIES: 0

Generated on: Wed Mar 11 03:07:33 UTC 2026

---

Generated by AI DevOps Framework Code Review Monitoring

[github-actions]

🔍 Code Quality Report

�[0;35m[MONITOR]�[0m Code Review Monitoring Report

�[0;34m[INFO]�[0m Latest Quality Status:
SonarCloud: 0 bugs, 0 vulnerabilities, 396 code smells

�[0;34m[INFO]�[0m Recent monitoring activity:
Wed Mar 11 03:09:06 UTC 2026: Code review monitoring started
Wed Mar 11 03:09:07 UTC 2026: SonarCloud - Bugs: 0, Vulnerabilities: 0, Code Smells: 396

📈 Current Quality Metrics

• BUGS: 0
• CODE SMELLS: 396
• VULNERABILITIES: 0

Generated on: Wed Mar 11 03:09:09 UTC 2026

---

Generated by AI DevOps Framework Code Review Monitoring

[gemini-code-assist]

Code Review

This pull request introduces a robust headless-runtime-helper.sh script to manage headless opencode runs for background workers and the supervisor pulse, handling provider rotation, session persistence, and a sophisticated backoff mechanism. A security audit, however, identified two high-severity command injection vulnerabilities: one in headless-runtime-helper.sh where the backoff set command fails to validate the retry_seconds argument, and another in setup.sh where the _cron_escape function's failure to handle newlines allows crontab injection. Additionally, a critical portability bug and a couple of medium-severity issues were found in the new helper script that could improve robustness and correctness.

I am having trouble creating individual review comments. Click here to see my feedback.

.agents/scripts/headless-runtime-helper.sh (349)

The date command used to parse the stored_retry_after timestamp is not portable and will fail on macOS. The date -j -u -f ... combination is invalid because the -u flag is not compatible with -j on BSD-style date (like on macOS).

This will cause the first part of the || chain to fail, and since GNU date (with -d) is usually not present on macOS, the command will fall back to printf '%s' "0". This sets retry_epoch to 0, causing the backoff to be cleared immediately on every check, rendering the backoff mechanism ineffective on macOS.

To fix this, remove the invalid -u flag from the macOS portion of the command.

		retry_epoch=$(date -j -f '%Y-%m-%dT%H:%M:%SZ' "$stored_retry_after" '+%s' 2>/dev/null || date -u -d "$stored_retry_after" '+%s' 2>/dev/null || printf '%s' "0")

.agents/scripts/headless-runtime-helper.sh (550-554)

The backoff set command takes a retry_seconds argument and passes it directly to the date command without validation. An attacker who can control the arguments to this script can achieve arbitrary command execution via command injection.

Remediation: Validate that retry_seconds is an integer before using it in the date command.

		if [[ "$retry_seconds" != "300" ]]; then
			if [[ ! "$retry_seconds" =~ ^[0-9]+$ ]]; then
				print_error "retry_seconds must be an integer"
				return 1
			fi
			local retry_after
			retry_after=$(date -u -v+"${retry_seconds}"S '+%Y-%m-%dT%H:%M:%SZ' 2>/dev/null || date -u -d "+${retry_seconds} seconds" '+%Y-%m-%dT%H:%M:%SZ' 2>/dev/null || printf '%s' "")
			db_query "UPDATE provider_backoff SET retry_after = '$(sql_escape "$retry_after")' WHERE provider = '$(sql_escape "$provider")';" >/dev/null
		fi

References

1. Employ a defense-in-depth strategy for handling user-provided input. Sanitize input at the entry point using a strict allowlist, and also apply context-specific escaping or safe handling mechanisms (e.g., parameterized queries for SQL, --arg for jq) at each point of use.
2. When parsing delimited data from an untrusted source in a shell script, validate numeric fields before using them in calculations. This provides defense-in-depth against injection attacks that could result from delimiter shifting caused by malicious data.

setup.sh (995)

The setup.sh script is vulnerable to crontab injection via the AIDEVOPS_HEADLESS_MODELS and AIDEVOPS_HEADLESS_PROVIDER_ALLOWLIST environment variables. The _cron_escape function (line 105) only escapes single quotes and does not handle newlines. When these variables are interpolated into the crontab entry string at line 995, an attacker can inject new lines to create arbitrary crontab entries, potentially leading to unauthorized command execution.

Remediation: Modify the _cron_escape function to remove or escape newlines in the input string.

References

1. To prevent command injection from shell metacharacters in crontab entries, wrap variables in single quotes. This is a POSIX-compliant method to prevent all shell expansion, including $(...), backticks, and variable expansion.
2. Employ a defense-in-depth strategy for handling user-provided input. Sanitize input at the entry point using a strict allowlist, and also apply context-specific escaping or safe handling mechanisms (e.g., parameterized queries for SQL, --arg for jq) at each point of use.

.agents/scripts/headless-runtime-helper.sh (95-107)

The fallback behavior in sha256_text when no hashing command is found is to return the original value. This is problematic because it's not a hash and could lead to unexpected behavior in get_auth_signature, especially around detecting auth changes. It's safer to fail fast if a required tool is missing.

I suggest modifying the function to exit with an error if neither shasum nor sha256sum is available.

sha256_text() {
	local value="$1"
	if command -v shasum >/dev/null 2>&1; then
		printf '%s' "$value" | shasum -a 256 | awk '{print $1}'
	elif command -v sha256sum >/dev/null 2>&1; then
		printf '%s' "$value" | sha256sum | awk '{print $1}'
	else
		print_error "FATAL: sha256_text requires 'shasum' or 'sha256sum' but neither was found." >&2
		exit 1
	fi
}

References

1. In shell scripts, functions that wrap a command should propagate its exit code to the caller. Avoid masking potential errors with a hardcoded return 0. Instead, use return $? or capture the exit code and return it (e.g., local rc=$?; return $rc).
2. All functions in shell scripts must have explicit return statements to ensure predictable behavior and exit code propagation.

.agents/scripts/headless-runtime-helper.sh (426)

There is a duplicate "step-finish" string in the set of event types. While this doesn't cause a functional issue in Python sets, it indicates a small oversight. Removing the duplicate will make the code cleaner.

    if event_type in {"text", "tool", "tool-invocation", "tool-result", "step-start", "step_finish", "reasoning"}:

[github-actions]

🔍 Code Quality Report

�[0;35m[MONITOR]�[0m Code Review Monitoring Report

�[0;34m[INFO]�[0m Latest Quality Status:
SonarCloud: 0 bugs, 0 vulnerabilities, 396 code smells

�[0;34m[INFO]�[0m Recent monitoring activity:
Wed Mar 11 03:10:41 UTC 2026: Code review monitoring started
Wed Mar 11 03:10:42 UTC 2026: SonarCloud - Bugs: 0, Vulnerabilities: 0, Code Smells: 396

📈 Current Quality Metrics

• BUGS: 0
• CODE SMELLS: 396
• VULNERABILITIES: 0

Generated on: Wed Mar 11 03:10:44 UTC 2026

---

Generated by AI DevOps Framework Code Review Monitoring

[sonarqubecloud]

Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud