refactor: unify ares binaries into single 'ares' binary with subcommands#216
Merged
refactor: unify ares binaries into single 'ares' binary with subcommands#216
Conversation
dreadnode-renovate-bot
Bot
added
area/docs
l50
force-pushed
the
worktree-feat+single-binary
branch
from
039e4bb to
78209f6
Compare
**Changed:** - Removed separate binaries for `ares-cli`, `ares-orchestrator`, and `ares-worker` in favor of a single unified `ares` binary with subcommands for CLI, orchestrator, and worker roles. - Updated all CI/CD workflows, Taskfiles, Ansible templates, and Docker/Warpgate build scripts to reference the new `ares` binary instead of the old split binaries. - Simplified build and deployment steps to only build and copy `ares` (no longer builds or distributes `ares-cli`, `ares-orchestrator`, or `ares-worker`). - Refactored Rust workspace and Cargo.toml to remove `ares-orchestrator` and `ares-worker` as separate workspace members; all orchestrator and worker logic now resides under the `ares` binary. - Updated all task references, systemd unit files, shell scripts, and documentation to use `ares` (and subcommands like `ares orchestrator`, `ares worker`, etc.) in place of the previous binaries. - Consolidated orchestrator, worker, and CLI logic into a single codebase with feature-flag-driven subcommand dispatch. - Refactored orchestrator and worker source directories and main entrypoints to support the unified binary model. - Updated all tool and inventory checks, agent registration, and heartbeat logic to use the new binary naming convention. - Modified all automation, exploitation, and result processing modules to support the new structure. **Removed:** - Deleted the `ares-orchestrator` and `ares-worker` workspace members and their Cargo.toml entries. - Removed all build, deploy, and packaging references to the split binaries from CI/CD, Warpgate, and container templates. - Eliminated duplicated orchestrator and worker entrypoints and binaries. - Removed `ares-orchestrator` and `ares-worker` installation and invocation logic from systemd unit files and EC2/k8s scripts. - Deprecated any split-binary invocation patterns in favor of the unified approach.
…ice commands Changed: - Updated documentation, default values, and task output to use ares worker instead of ares-worker for consistency with the new binary naming in Ansible Redis role and related docs - Modified ares-cli to skip global telemetry initialization when running the orchestrator or worker subcommands, ensuring correct telemetry setup for service commands and preventing duplicate initialization
**Changed:** - Replaced all documentation and code references from `ares-cli` to `ares` to reflect migration to a single unified binary. Updated CLI usage examples, architecture diagrams, and deployment instructions in `.gemini/agents/ares-operator.md`, `AGENTS.md`, `README.md`, `docs/blue.md`, `docs/red.md`, and related docs. - Updated project structure and crate descriptions in `.github/CONTRIBUTING.md` to describe the unified binary model (CLI, orchestrator, and worker). - Adjusted Taskfiles and build output messages in `.taskfiles/blue/Taskfile.yaml`, `.taskfiles/red/Taskfile.yaml`, `.taskfiles/remote/Taskfile.yaml`, and `Taskfile.yaml` to use the `ares` binary instead of `ares-cli`. - Revised all code comments, help output, and user-facing messages in `ares-cli/src/blue/submit.rs`, `ares-cli/src/ops/backfill.rs`, `ares-cli/src/orchestrator/blue/auto_submit.rs`, `ares-cli/src/orchestrator/blue/investigation.rs`, `ares-cli/src/orchestrator/mod.rs`, and `ares-core/src/lib.rs` to reference `ares` instead of `ares-cli`. - Updated documentation paths and references to code locations in `docs/blue.md` and `docs/red.md` to match the new unified crate structure (e.g., orchestrator and worker code now under `ares-cli`). - Modified infrastructure and deployment docs (`docs/infrastructure.md`) and Docker Compose templates to invoke the correct binary and entrypoints. - Clarified crate layout and tool build script references in `tools.yaml` to reflect the unified build process.
… `ares` CLI **Changed:** - Standardized documentation references for Rust agent/orchestrator/worker binaries to use the unified `ares` CLI syntax (e.g., `ares worker` or `ares orchestrator`) instead of legacy binary names like `ares-worker` or `ares-orchestrator` across all relevant README files - Updated example commands, directory structure listings, and descriptive sections to reflect the new CLI approach, improving clarity and consistency for users and aligning with current project naming conventions - Enhanced agent/orchestrator documentation tables to clarify invocation patterns with the new CLI format
…rce files **Removed:** - Deleted the entire `ares-orchestrator` crate, including all Rust source files, configuration, automation logic, state management, result processing, LLM agent loops, blue team investigation orchestrator, and supporting modules - Deleted the entire `ares-worker` crate, including all Rust source files, configuration, task execution loops, tool dispatcher implementations, heartbeat logic, and supporting code - Removed `Cargo.toml` files for both crates, unregistering them from the workspace and eliminating their build configurations and dependencies - Eliminated all code for red team and blue team orchestration, worker task processing, tool execution, Redis-backed state and queue management, and orchestration infrastructure in these components **Changed:** - Project structure no longer includes `ares-orchestrator` or `ares-worker` subdirectories or binaries - All CI, build, and dependency workflows that referenced these crates must be updated to reflect their removal **Why:** - This refactor removes the orchestrator and worker binaries in preparation for a major architecture change, deprecation, or migration to a new orchestration model. All orchestration and agent execution responsibilities previously handled by these Rust components are now removed from the codebase.
**Changed:** - Updated the default value of `redis_ares_worker_binary` to `/usr/local/bin/ares` in both documentation and defaults to remove the hardcoded `worker` argument - Modified `ares-worker@.service.j2` template to append `worker` to the `ExecStart` command, ensuring the service runs the correct subcommand
…cture **Changed:** - Increased investigation run timeout from 15 minutes to 45 minutes and stale threshold from 15 to 50 minutes to accommodate longer-running blue team queries and reduce premature termination - `blue/runner.rs`, `completion.rs` - Increased blue tool execution timeout from 120s to 600s to match worst-case query duration with retries and concurrency - `blue/sub_agent.rs` - Changed investigation report directory structure to include "blue/investigations" subdirectories, improving organization, and simplified report filename to remove redundant "_report" suffix - `blue/investigation.rs` - Updated blue team completion wait deadline from 20 to 45 minutes to align with increased investigation timeouts and avoid early shutdown - `completion.rs` - Updated code comment in tool executor test to clarify correct dispatcher path reference, ensuring clarity for maintenance - `worker/tool_executor.rs` **Removed:** - Removed `ares-orchestrator/ares-worker` from EC2 build source tarball to streamline build packaging and avoid unnecessary files - `.taskfiles/ec2/Taskfile.yaml`
**Changed:** - Updated CLI and configuration to accept `REDIS_URL` as a fallback if `ARES_REDIS_URL` is not set, improving compatibility with environments like Kubernetes where `REDIS_URL` is commonly used - Clarified documentation comment to mention both `ARES_REDIS_URL` and `REDIS_URL` as sources for the Redis URL in the CLI options - Changed error messages and default value logic in orchestrator and worker configs to reflect support for both environment variables
…formats **Added:** - Accept and ignore legacy positional role argument and Python-style `--worker-args.*` flags in the worker CLI command for compatibility **Changed:** - Update worker config to allow `ARES_ROLE` as a fallback for `ARES_WORKER_ROLE` environment variable, improving compatibility with legacy deployments - Enhance operation ID JSON parsing to handle strings prefixed with telemetry or log output, ensuring robust extraction of JSON payloads in orchestrator config - Update main CLI dispatch to support new worker command structure with legacy arguments **Removed:** - Legacy strictness requiring only `ARES_WORKER_ROLE` in worker config; now also accepts `ARES_ROLE` for better migration support
**Changed:** - Enhance redis URL detection to build from REDIS_HOST, REDIS_PORT, REDIS_DB, and REDIS_PASSWORD if ARES_REDIS_URL and REDIS_URL are unset. Improves compatibility with Kubernetes and similar deployments - ares-cli/src/worker/config.rs - Update error message to clarify all accepted redis configuration variables
l50
force-pushed
the
worktree-feat+single-binary
branch
from
4d57aa5 to
1d08ebb
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Key Changes:
ares-cli,ares-orchestrator, andares-workerinto a singlearesbinaryaresinstead of multiple binariesares orchestrator,ares worker)Added:
aresbinary (with subcommands for orchestrator/worker)Cross.toml- Added for custom Dockerfile support in cross-compilationares-cli/src/orchestrator/andares-cli/src/worker/ares-cli/build.rsfor tool inventory generationChanged:
ares-cli,ares-orchestrator, andares-workerreplaced witharesaresbinary and new subcommandsares-orchestratorandares-workercrates; onlyares-cliremains as the main binary crate (renamed output toares)aresbinaryareseverywherearesinterface for all operationsRemoved:
ares-orchestratorandares-workercrates and all referencesares-cli,ares-orchestrator,ares-worker)