feat: add stakpak serve HTTP/SSE server command#518
Merged
Conversation
- Add Serve variant to Commands enum with bind, auth, model, and auto-approve flags - Extract build_agent_client() from get_client() for reuse in serve runtime - Wire MCP server/proxy/client initialization with stakai-native tools - Implement bearer token auth with auto-generation and --no-auth for local dev - Add model resolution with catalog lookup, custom provider/id, and fallback warnings - Add cooperative MCP tool refresh loop (30s) with watch-channel shutdown - Implement graceful shutdown: cancel running sessions, 5s drain deadline, MCP cleanup - Register workspace crates stakpak-agent-core and stakpak-server
kajogo777
requested changes
Feb 12, 2026
…ToolApprovalPolicy - Add ToolApprovalPolicy::with_defaults() as single source of truth for read-only vs mutating tool classification (9 auto-approve, 9 ask) - Add with_overrides() builder for layering profile config on top - Add strip_tool_prefix() in action_for() to fix MCP prefix mismatch (stakpak__view now correctly resolves to the 'view' policy) - Rename AutoApprovePolicy -> ToolApprovalPolicy (no alias) - Rename auto_approve field -> tool_approval on AgentConfig - Rename auto_approve_policy -> tool_approval_policy on AppState - Serve command now uses with_defaults() instead of falling back to None (which required approval for every tool including read-only) - Add 9 unit tests for defaults, overrides, prefix stripping, edge cases
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Adds the
stakpak servesubcommand that boots an HTTP/SSE server runtime, enabling programmatic access to the Stakpak agent via a REST API.Changes Made
CLI surface (
cli/src/commands/mod.rs)Commands::Servevariant with flags:--bind,--auth-token,--show-token,--no-auth,--model,--auto-approve-allbuild_agent_client()fromget_client()for reuse in the serve runtime--no-authfor local devprovider/id→ fallback, with warnings on missServefromrequires_auth()(manages its own auth)New workspace crates
libs/agent-core(stakpak-agent-core) — Runtime primitives: agent run loop, approval FSM, stream assembler, context pipeline, checkpoint envelope, retry logic, tool executor and hook traitslibs/server(stakpak-server) — HTTP server: Axum router with public/protected route split, session manager state machine, session actor with multi-turn orchestration, SSE event log with replay, idempotency store, checkpoint persistence, OpenAPI generation (utoipa)Workspace config (
Cargo.toml,cli/Cargo.toml)stakpak-agent-coreandstakpak-serveras workspace members and dependenciesaxumdependency to CLI crateTesting
cargo test --workspace— 173 CLI + 41 server + agent-core tests)cargo fmt --checkcleancargo clippy --all-targetszero warningsBreaking Changes
None — additive only. Existing commands are unchanged.