feat(v0.1): add per-session RWO PVC foundation for true session state persistence

PR A for #770: docs + migration 007 + RBAC + types foundation.

- 新增 failureKind session-store-evicted,用于区分 PVC 缺失与真协议错误
- 新增 migration 007_v01_session_state_storage:sessions 表增加 storage_* 列 + 索引
- mgr SA RBAC 增量:persistentvolumeclaims: [create, get, list, watch, delete]
- 6 份 SPEC 升级(runtime-assembly / hwlab-manual-dispatch / backend-codex T7b / agentrun-runner / agentrun-mgr / services)
- 显式禁止:fake app-server mock、replacement threadId、runner 启动后 copy/restore、idleTimeoutMs 拉永驻
- selftest 断言更新到 007_v01_session_state_storage

后续 PR B/C 在此基础上接入 mgr 端 PVC 生命周期 + runner 端 mount + backend 端 observability。
This commit is contained in:
Codex
2026-06-03 18:45:13 +08:00
parent cb93992b1c
commit 87beb00bdb
10 changed files with 153 additions and 1 deletions
+3
View File
@@ -342,6 +342,9 @@ rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["create", "get", "list", "watch", "delete"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding