Improve CLI registration management flow

Author: rodion-m

Docs/INSTALLATION.md

@@ -127,7 +127,8 @@ PREFIX="$HOME/Library/Application Support/AgenticSecrets/LocalInstall"
 SOCKET="/tmp/agentic-secrets-core-smoke.sock"
 "$HOME/Applications/AgenticSecrets.app/Contents/MacOS/agentic-secrets-brokerd" serve-once \
   --socket "$SOCKET" \
-  --manifest "$PREFIX/var/agentic-secrets/install-manifest.json" &
+  --manifest "$PREFIX/var/agentic-secrets/install-manifest.json" \
+  --state-dir "$PREFIX/var/agentic-secrets" &
 "$PREFIX/bin/agentic-secrets-shim" --ipc-health \
   --socket "$SOCKET" \
   --manifest "$PREFIX/var/agentic-secrets/install-manifest.json"

Docs/OPERATIONS.md

@@ -44,7 +44,8 @@ PREFIX="$HOME/Library/Application Support/AgenticSecrets/LocalInstall"
 SOCKET="/tmp/agentic-secrets-core-smoke.sock"
 "$HOME/Applications/AgenticSecrets.app/Contents/MacOS/agentic-secrets-brokerd" serve-once \
   --socket "$SOCKET" \
-  --manifest "$PREFIX/var/agentic-secrets/install-manifest.json" &
+  --manifest "$PREFIX/var/agentic-secrets/install-manifest.json" \
+  --state-dir "$PREFIX/var/agentic-secrets" &
 "$PREFIX/bin/agentic-secrets-shim" --ipc-health \
   --socket "$SOCKET" \
   --manifest "$PREFIX/var/agentic-secrets/install-manifest.json"

Sources/App/Services/BrokerStatusController.swift

@@ -344,7 +344,7 @@ struct LocalBrokerStatusController: BrokerStatusControlling {
             )
         }
 
-        try launchAgentPlist(plan: plan).write(to: launchAgent, atomically: true, encoding: .utf8)
+        try Self.launchAgentPlist(plan: plan).write(to: launchAgent, atomically: true, encoding: .utf8)
         try writeManifest(appDestination: appDestination, manifestURL: manifest)
 
         _ = runProcess(executable: "/bin/launchctl", arguments: ["bootout", "gui/\(getuid())", launchAgent.path])
@@ -452,10 +452,11 @@ struct LocalBrokerStatusController: BrokerStatusControlling {
         }
     }
 
-    private func launchAgentPlist(plan: BrokerInstallPlan) -> String {
+    static func launchAgentPlist(plan: BrokerInstallPlan) -> String {
         let daemonPath = "\(plan.appDestinationPath)/Contents/MacOS/agentic-secrets-brokerd".xmlEscaped
         let socketPath = plan.socketPath.xmlEscaped
         let manifestPath = plan.manifestPath.xmlEscaped
+        let stateDirectoryPath = plan.stateDirectoryPath.xmlEscaped
         let stdoutPath = "\(plan.runDirectoryPath)/core.stdout.log".xmlEscaped
         let stderrPath = "\(plan.runDirectoryPath)/core.stderr.log".xmlEscaped
         return """
@@ -473,6 +474,8 @@ struct LocalBrokerStatusController: BrokerStatusControlling {
             <string>\(socketPath)</string>
             <string>--manifest</string>
             <string>\(manifestPath)</string>
+            <string>--state-dir</string>
+            <string>\(stateDirectoryPath)</string>
           </array>
           <key>RunAtLoad</key>
           <true/>

Sources/App/Services/UISmokeRunner.swift

@@ -22,6 +22,7 @@ enum UISmokeRunner {
 
     @MainActor
     private static func run() async throws {
+        cleanSmokeInstallPaths()
         try await testEmptyState()
         try await testSettingsLayout()
         try await testRegisterWizardValidation()
@@ -38,6 +39,7 @@ enum UISmokeRunner {
         try testManagedShellConfigurationCleanup()
         try await testContextActions()
         try await testManagementActions()
+        try await testHealthyDaemonRetriesTransientSnapshotLoad()
         try await testUpdateChecking()
         try testAuditRelatedItemRouting()
         try await testActivationRefreshLoadsMissingSnapshot()
@@ -352,6 +354,7 @@ enum UISmokeRunner {
 
     @MainActor
     private static func testDaemonUnavailableState() async throws {
+        cleanSmokeInstallPaths()
         let store = ControlPlaneStore(
             client: ThrowingControlPlaneClient(),
             brokerController: StubBrokerStatusController(statusValue: unavailableBrokerStatus())
@@ -640,7 +643,11 @@ enum UISmokeRunner {
     @MainActor
     private static func testBrokerInstallPlanState() async throws {
         let plan = smokeInstallPlan(supported: true, missingExecutables: [])
-        try? FileManager.default.removeItem(atPath: plan.prefixPath)
+        let launchAgentPlist = LocalBrokerStatusController.launchAgentPlist(plan: plan)
+        try expect(launchAgentPlist.contains("<string>--state-dir</string>"), "LaunchAgent passes explicit state directory to broker daemon")
+        try expect(launchAgentPlist.contains("<string>\(plan.stateDirectoryPath)</string>"), "LaunchAgent state directory matches install plan")
+        cleanSmokeInstallPaths()
+        defer { cleanSmokeInstallPaths() }
         let installed = BrokerStatus(
             state: .unavailable,
             socketPath: plan.socketPath,
@@ -663,7 +670,6 @@ enum UISmokeRunner {
         try expect(!store.canOpenInstalledApp, "installed app command is unavailable before the app copy exists")
         await store.installOrRepairDaemon()
         try FileManager.default.createDirectory(atPath: plan.appDestinationPath, withIntermediateDirectories: true)
-        defer { try? FileManager.default.removeItem(atPath: plan.prefixPath) }
         try expect(store.brokerStatus.message.contains("Open the installed copy"), "install result explains installed-copy handoff")
         try expect(store.bestDaemonAction == .openInstalledApp, "installed-copy handoff highlights open installed copy as the next action")
         try expect(store.canOpenInstalledApp, "installed app command becomes available when the app copy exists")
@@ -912,15 +918,16 @@ enum UISmokeRunner {
             updateChecker: StubAppUpdateChecker(update: latest),
             updateIgnoreDefaults: ignoredDefaults
         )
+        await store.refresh()
         await store.checkForUpdates(manual: true)
         try expect(store.availableUpdate == latest, "update checker stores available release")
         try expect(store.updateMenuTitle == "Update 9.0.0", "update menu title includes latest version")
         try expect(store.successMessage == "Agentic Secrets 9.0.0 is available", "manual update check reports available release")
         try verifyHostingLayout(
-            ContentView(store: store),
+            DetailView(store: store),
             width: 1180,
             height: 760,
-            label: "content view with update button"
+            label: "detail view with update feedback"
         )
         store.ignoreAvailableUpdate()
         try expect(store.availableUpdate == nil, "noncritical update can be ignored")
@@ -1023,6 +1030,21 @@ enum UISmokeRunner {
         try expect(store.brokerStatus.state == .healthy, "activation refresh keeps daemon status current after snapshot load")
     }
 
+    @MainActor
+    private static func testHealthyDaemonRetriesTransientSnapshotLoad() async throws {
+        let store = ControlPlaneStore(
+            client: FlakySnapshotControlPlaneClient(
+                transientFailuresBeforeSuccess: 2,
+                snapshot: snapshot(cliNames: ["hcloud"])
+            ),
+            brokerController: StubBrokerStatusController(statusValue: healthyBrokerStatus())
+        )
+        await store.refresh()
+        try expect(store.brokerStatus.state == .healthy, "transient snapshot retry starts from a healthy daemon")
+        try expect(store.snapshot?.cliRegistrations.first?.name == "hcloud", "healthy daemon refresh retries transient snapshot IPC failures")
+        try expect(store.errorMessage == nil, "transient snapshot IPC recovery does not leave a stale error")
+    }
+
     @MainActor
     private static func testSelectionSurvivesRefresh() async throws {
         let first = snapshot(cliNames: ["hcloud", "gh"])
@@ -1196,6 +1218,11 @@ enum UISmokeRunner {
             currentAppIsInstalledCopy: false
         )
     }
+
+    private static func cleanSmokeInstallPaths() {
+        try? FileManager.default.removeItem(atPath: "/tmp/agentic-secrets-ui-smoke")
+        try? FileManager.default.removeItem(atPath: "/tmp/agentic-secrets-ui-smoke-home")
+    }
 }
 
 private enum SmokeError: Error, CustomStringConvertible {
@@ -1335,6 +1362,44 @@ private struct ThrowingControlPlaneClient: ControlPlaneClient {
     func exportRedactedAuditJSON() async throws -> String { throw SmokeError.failed("unexpected audit") }
 }
 
+private actor FlakySnapshotControlPlaneClient: ControlPlaneClient {
+    private var remainingFailures: Int
+    private let snapshot: ControlPlaneSnapshot
+
+    init(transientFailuresBeforeSuccess: Int, snapshot: ControlPlaneSnapshot) {
+        self.remainingFailures = transientFailuresBeforeSuccess
+        self.snapshot = snapshot
+    }
+
+    func health() async throws {}
+
+    func loadSnapshot() async throws -> ControlPlaneSnapshot {
+        if remainingFailures > 0 {
+            remainingFailures -= 1
+            throw SmokeError.failed("socket(\"connect: No such file or directory\")")
+        }
+        return snapshot
+    }
+
+    func registerCLI(_ request: ControlPlaneCommandLineToolRegistrationRequest) async throws -> CLIRegistrationSummary { throw SmokeError.failed("unexpected register") }
+    func unregisterCLI(_ request: ControlPlaneNameRequest) async throws -> CLIRegistrationSummary { throw SmokeError.failed("unexpected unregister") }
+    func refreshCLITrust(_ request: ControlPlaneNameRequest) async throws -> CLIRegistrationSummary { throw SmokeError.failed("unexpected refresh trust") }
+    func replaceSecret(_ request: ControlPlaneSecretReplacementRequest) async throws -> ManagedSecretSummary { throw SmokeError.failed("unexpected replace") }
+    func deleteSecret(_ request: ControlPlaneSecretDeletionRequest) async throws { throw SmokeError.failed("unexpected delete") }
+    func upsertAPISessionProfile(_ profile: APISessionProfile) async throws -> APISessionProfileSummary { throw SmokeError.failed("unexpected proxy") }
+    func deleteAPISessionProfile(_ request: ControlPlaneNameRequest) async throws { throw SmokeError.failed("unexpected proxy delete") }
+    func upsertMCPProfile(_ profile: MCPUpstreamProfile) async throws -> MCPProfileSummary { throw SmokeError.failed("unexpected mcp") }
+    func deleteMCPProfile(_ request: ControlPlaneNameRequest) async throws { throw SmokeError.failed("unexpected mcp delete") }
+    func upsertBitwardenBinding(_ binding: BitwardenSecretBinding) async throws -> BitwardenBindingSummary { throw SmokeError.failed("unexpected bws") }
+    func deleteBitwardenBinding(_ request: ControlPlaneNameRequest) async throws { throw SmokeError.failed("unexpected bws delete") }
+    func installAdapter(_ payload: CommandPolicyPackPayload) async throws -> PolicyPackSummary { throw SmokeError.failed("unexpected adapter install") }
+    func revokeAdapter(_ request: ControlPlaneNameRequest) async throws { throw SmokeError.failed("unexpected command policy pack revoke") }
+    func updateCommandPolicy(_ request: ControlPlaneCommandPolicyUpdateRequest) async throws -> CommandPolicySummary { throw SmokeError.failed("unexpected command policy") }
+    func createAPISession(_ request: ControlPlaneAPISessionRequest) async throws -> ControlPlaneAPISessionResponse { throw SmokeError.failed("unexpected API session") }
+    func clearDeliveryGrants() async throws { throw SmokeError.failed("unexpected grants") }
+    func exportRedactedAuditJSON() async throws -> String { throw SmokeError.failed("unexpected audit") }
+}
+
 private struct StubAppUpdateChecker: AppUpdateChecking {
     var update: AppUpdateRelease?
 

Sources/App/Stores/ControlPlaneStore.swift

@@ -123,6 +123,11 @@ final class ControlPlaneStore {
     private let brokerController: any BrokerStatusControlling
     private let updateChecker: any AppUpdateChecking
     private let updateIgnoreDefaults: UserDefaults
+    private static let snapshotLoadRetryDelays: [Duration] = [
+        .milliseconds(120),
+        .milliseconds(250),
+        .milliseconds(500)
+    ]
     @ObservationIgnored private var updateCheckTask: Task<Void, Never>?
 
     init(
@@ -418,10 +423,9 @@ final class ControlPlaneStore {
         } catch {
             if brokerStatus.state == .unavailable || brokerStatus.state == .installing || brokerStatus.state == .repairing || brokerStatus.state == .uninstalling {
                 await recoverFromStartupRaceIfPossible()
-            } else if isDaemonReachabilityError(error) {
-                await recoverFromTransientDaemonRefreshError()
             } else {
-                errorMessage = userFacingError(error)
+                snapshot = nil
+                errorMessage = localStateLoadError(error)
             }
         }
     }
@@ -869,20 +873,17 @@ final class ControlPlaneStore {
         return description
     }
 
-    private func isDaemonReachabilityError(_ error: Error) -> Bool {
+    private func localStateLoadError(_ error: Error) -> String {
         let description = String(describing: error)
-        return description.contains("socket(") || description.contains("connect:")
+        if isDaemonReachabilityError(error) {
+            return "Daemon health check passed, but local state snapshot IPC failed after retrying. Restart or repair the local daemon. Last error: \(description)"
+        }
+        return "Local state could not be loaded: \(description)"
     }
 
-    private func recoverFromTransientDaemonRefreshError() async {
-        errorMessage = nil
-        brokerStatus = await brokerController.status()
-        guard brokerStatus.state == .healthy else { return }
-        do {
-            try await loadSnapshotAfterHealthyStatus()
-        } catch {
-            errorMessage = isDaemonReachabilityError(error) ? nil : userFacingError(error)
-        }
+    private func isDaemonReachabilityError(_ error: Error) -> Bool {
+        let description = String(describing: error)
+        return description.contains("socket(") || description.contains("connect:")
     }
 
     private func recoverFromStartupRaceIfPossible() async {
@@ -892,13 +893,15 @@ final class ControlPlaneStore {
         guard brokerStatus.state == .healthy else { return }
         do {
             try await loadSnapshotAfterHealthyStatus()
+            errorMessage = nil
         } catch {
-            errorMessage = isDaemonReachabilityError(error) ? nil : userFacingError(error)
+            snapshot = nil
+            errorMessage = localStateLoadError(error)
         }
     }
 
     private func loadSnapshotAfterHealthyStatus() async throws {
-        snapshot = try await client.loadSnapshot()
+        snapshot = try await loadSnapshotWithTransientRetry()
         if brokerStatus.state != .healthy {
             brokerStatus = await brokerController.status()
         }
@@ -908,6 +911,26 @@ final class ControlPlaneStore {
         maintainSelections()
     }
 
+    private func loadSnapshotWithTransientRetry() async throws -> ControlPlaneSnapshot {
+        var lastError: Error?
+        let maxAttempts = Self.snapshotLoadRetryDelays.count + 1
+        for attempt in 0..<maxAttempts {
+            do {
+                return try await client.loadSnapshot()
+            } catch {
+                guard isDaemonReachabilityError(error) else {
+                    throw error
+                }
+                lastError = error
+                guard attempt < Self.snapshotLoadRetryDelays.count else {
+                    break
+                }
+                try? await Task.sleep(for: Self.snapshotLoadRetryDelays[attempt])
+            }
+        }
+        throw lastError ?? StoreError.localStateSnapshotUnavailable
+    }
+
     private func commaList(_ value: String) -> [String] {
         value.split(separator: ",").map { $0.trimmingCharacters(in: .whitespacesAndNewlines) }.filter { !$0.isEmpty }
     }
@@ -1035,4 +1058,15 @@ final class ControlPlaneStore {
             }
         }
     }
+
+    enum StoreError: Error, CustomStringConvertible {
+        case localStateSnapshotUnavailable
+
+        var description: String {
+            switch self {
+            case .localStateSnapshotUnavailable:
+                "Local state snapshot is unavailable."
+            }
+        }
+    }
 }