mirror of
https://github.com/NousResearch/hermes-agent.git
synced 2026-06-21 10:22:18 +00:00
fcf6cb3d73
* fix(docker): supervised gateway uses --replace to take over stale holder Inside the s6 container image the per-profile gateway service rendered a bare `hermes gateway run` (no --replace). When a gateway is started OUTSIDE s6 — a stray shell `hermes gateway run`, an agent action, or the Open WebUI helper (scripts/setup_open_webui.sh) — it grabs the per-HERMES_HOME PID lock first. The supervised slot then execs the bare `gateway run`, hits the "Another gateway instance is already running" guard, exits non-zero, and s6 restarts it: a restart loop that floods the log every ~12s and never binds. The container looks up but the gateway is permanently down, and dashboard-only users (no shell) cannot recover. Render the supervised run script as `gateway run --replace` so s6 is authoritative for its slot: it reaps the stale holder via the hardened takeover path (takeover marker + SIGTERM->SIGKILL-with-confirmation + scoped-lock cleanup in gateway/run.py) and binds. This matches the systemd service path, which already builds its argv with --replace (_build_gateway_argv / 'nohup hermes gateway run --replace'), and the intent already documented in _maybe_redirect_run_to_s6_supervision. The existing HERMES_S6_SUPERVISED_CHILD sentinel still prevents the run->start->run redirect recursion. Each profile is scoped to its own HERMES_HOME and s6 guarantees one supervised instance per slot, so there is no legitimate supervised sibling for --replace to clobber. Reported via beta (NS-505): gateway.log showed PID 17907 'running (manual process)' with the guard error repeating every ~12s on v2026.6.5. Adds a regression test asserting every gateway-run exec line in the rendered script (default + named profile, both privilege branches) carries --replace, and updates the existing render-script assertion. * fix(ci): remove stray .venv symlink committed into repo The PR's commit accidentally tracked a .venv symlink pointing at the developer's local venv (mode 120000 -> /home/ben/nous/hermes-agent/.venv). The CI test/e2e/build jobs run `uv venv` to create .venv and failed with `failed to create directory .venv: File exists (os error 17)` because the checkout already contained the symlink. All test shards aborted in <15s during setup, before any test ran. Untrack the symlink and add a bare `.venv` entry to .gitignore (the existing `.venv/` rule only matches a directory, so a symlink slipped through).
139 lines
3.6 KiB
Text
139 lines
3.6 KiB
Text
.DS_Store
|
|
/venv/
|
|
/venv.old/
|
|
/_pycache/
|
|
*.pyc*
|
|
__pycache__/
|
|
.venv/
|
|
.venv
|
|
.vscode/
|
|
.env
|
|
.env.local
|
|
.env.development.local
|
|
.env.test.local
|
|
.env.production.local
|
|
.env.development
|
|
.env.test
|
|
.hermes-docker/
|
|
.notebooklm-home/
|
|
.notebooklm-cli-venv/
|
|
.notebooklm-playwright/
|
|
.pip-cache/
|
|
.uv-cache/
|
|
compose.hermes.local.yml
|
|
export*
|
|
__pycache__/model_tools.cpython-310.pyc
|
|
__pycache__/web_tools.cpython-310.pyc
|
|
logs/
|
|
data/
|
|
.pytest_cache/
|
|
test_durations.json
|
|
.pytest-cache/
|
|
tmp/
|
|
temp_vision_images/
|
|
hermes-*/*
|
|
examples/
|
|
tests/quick_test_dataset.jsonl
|
|
tests/sample_dataset.jsonl
|
|
run_datagen_kimik2-thinking.sh
|
|
run_datagen_megascience_glm4-6.sh
|
|
run_datagen_sonnet.sh
|
|
source-data/*
|
|
run_datagen_megascience_glm4-6.sh
|
|
data/*
|
|
node_modules/
|
|
browser-use/
|
|
agent-browser/
|
|
# Private keys
|
|
*.ppk
|
|
*.pem
|
|
privvy*
|
|
images/
|
|
__pycache__/
|
|
hermes_agent.egg-info/
|
|
wandb/
|
|
testlogs
|
|
|
|
# CLI config (may contain sensitive SSH paths)
|
|
cli-config.yaml
|
|
|
|
# Skills Hub state (lives in ~/.hermes/skills/.hub/ at runtime, but just in case)
|
|
skills/.hub/
|
|
ignored/
|
|
.worktrees/
|
|
environments/benchmarks/evals/
|
|
|
|
# Web UI build output
|
|
hermes_cli/web_dist/
|
|
apps/desktop/build/
|
|
apps/desktop/dist/
|
|
apps/desktop/release/
|
|
apps/desktop/*.tsbuildinfo
|
|
|
|
# Web UI assets — synced from @nous-research/ui at build time via
|
|
# `npm run sync-assets` (see web/package.json).
|
|
web/public/fonts/
|
|
web/public/ds-assets/
|
|
|
|
# Release script temp files
|
|
.release_notes.md
|
|
mini-swe-agent/
|
|
|
|
# Nix
|
|
.direnv/
|
|
.nix-stamps/
|
|
result
|
|
website/static/api/skills-index.json
|
|
# skills.json + skills-meta.json are build artifacts emitted by
|
|
# website/scripts/extract-skills.py during prebuild — keep them out of
|
|
# git for the same reason as skills-index.json (large, generated, change
|
|
# every build).
|
|
website/static/api/skills.json
|
|
website/static/api/skills-meta.json
|
|
# automation-blueprints-index.json is a build artifact emitted by
|
|
# website/scripts/extract-automation-blueprints.py during prebuild.
|
|
website/static/api/automation-blueprints-index.json
|
|
models-dev-upstream/
|
|
|
|
# Local editor / agent tooling (machine-specific; keep in global config, not the repo)
|
|
.codex/
|
|
.cursor/
|
|
.gemini/
|
|
.zed/
|
|
.mcp.json
|
|
opencode.json
|
|
config/mcporter.json
|
|
|
|
hermes_cli/tui_dist/*
|
|
hermes_cli/scripts/
|
|
docs/superpowers/*
|
|
# Working directory for the Hermes Agent's session state (~/.hermes/ at runtime;
|
|
# also created in-repo when an agent operates in this checkout). Plans, audit
|
|
# logs, and per-session caches are never artifacts of the codebase.
|
|
.hermes/
|
|
|
|
# Desktop/bootstrap install marker written into the managed checkout root by the
|
|
# bootstrap installer. It is Hermes-managed runtime state, never a code change —
|
|
# ignore it so `hermes update`'s `git stash push --include-untracked` does not
|
|
# treat it as a local edit and autostash it on every run (#38529).
|
|
.hermes-bootstrap-complete
|
|
|
|
# Interrupted-update breadcrumb + recovery lock written next to the shared venv
|
|
# by `hermes update` / launch-time self-heal. Runtime state, never a code change
|
|
# — ignore so `git status` stays clean and update's autostash skips them.
|
|
.update-incomplete
|
|
.update-incomplete.lock
|
|
|
|
# Tool Search live-test harness output — non-deterministic model transcripts,
|
|
# regenerated by scripts/tool_search_livetest.py. Never an artifact of the repo.
|
|
scripts/out/
|
|
|
|
# Per-release changelog drafts. These exist only transiently during a release
|
|
# cut (passed to `gh release create --notes-file`); the GitHub Release itself
|
|
# stores the published notes. They are not a build artifact and must never be
|
|
# committed to the repo root. See the hermes-release skill.
|
|
RELEASE_v*.md
|
|
|
|
# Desktop demo-run scratch output (hermes writes demo/*.txt during recorded
|
|
# walkthroughs). Throwaway artifacts, never part of the app.
|
|
apps/desktop/demo/
|