Lab: swamp extension push deadlocks when invoked from inside a swamp workflow step

Description

swamp extension push (and any structural command that calls requireInitializedRepo) hangs indefinitely when invoked as a subprocess from inside a swamp workflow run step. The child process polls forever in waitForPerModelLocks, waiting on per-model locks that are held by its own ancestor — the parent swamp workflow run.

This makes it impossible to use a swamp workflow to orchestrate publishing, which was previously a working pattern.

Steps to reproduce

Define a swamp workflow with a step that runs a command/shell model.
In that step's shell, invoke swamp extension push <manifest> as a subprocess.
Run the workflow with swamp workflow run <name>.
The child push gets to its own requireInitializedRepo call, then logs:
```
[INF] datastore·lock: Waiting for N per-model lock(s) to be released
```
and never proceeds. N is the number of model references in the workflow.

Real-world example — hivemq/swamp-extensions publish workflow:

Run 25510761754 — killed at the GHA 6h max.
Run 25545885311 — killed at our self-imposed 5m timeout, with a verbose trace log showing the lock-wait message.

Root cause

Reading the swamp source at 20260506.233640.0-sha.5729ac50:

swamp workflow run extracts model references from the workflow YAML and acquires per-model locks for all of them — cli/commands/workflow_run.ts:195 (acquireModelLocks(...)). Locks are held for the entire run.
The child swamp extension push calls requireInitializedRepo — cli/commands/extension_push.ts:195.
requireInitializedRepo calls waitForPerModelLocks twice — cli/repo_context.ts:434 and :452.
waitForPerModelLocks polls every 1s for non-stale lock files (repo_context.ts:704-714) and never breaks while any are held. It cannot distinguish locks held by the parent process from locks held by an unrelated writer.

Environment

swamp version: 20260506.233640.0-sha.5729ac50
OS: Ubuntu (GitHub Actions runner, also reproduces locally on macOS)
The behaviour appeared between 2026-05-05 (last green publish run) and 2026-05-07 (first hang). Earlier swamp versions did not deadlock for this pattern.

Affected components

cli/commands/workflow_run.ts
cli/commands/extension_push.ts
cli/repo_context.ts (requireInitializedRepo, waitForPerModelLocks)

Impact

CI/CD pipelines that wrap swamp extension push (or any other structural command) in a swamp workflow are broken. The hang is silent until the runner's max-execution timeout, so depending on the platform you get either a 6h cancellation (default GHA) or whatever your team has configured.

Proposed fixes (any of)

Parent-process annotation. Have swamp workflow run set an env var (e.g. SWAMP_PARENT_LOCK_HOLDER=<pid+lockfile-list>) before invoking child shells, and have waitForPerModelLocks skip locks owned by ancestors.
Bounded wait. Give waitForPerModelLocks a configurable timeout (default several minutes) so deadlocks fail loudly instead of hanging indefinitely.
Release-around-shell. Have swamp workflow run release per-model locks before invoking each step's command/shell body (which runs user code that may recurse into swamp), reacquire after.
Opt-out flag on push. Add --skip-wait-for-locks (or similar) to swamp extension push for trusted CI contexts that know they are running inside a parent swamp.

Workaround

Move the publish loop out of the swamp workflow into plain CI bash. See hivemq/swamp-extensions PR #68 — the GHA workflow now does auth-write, swamp auth whoami, change-detection, and swamp extension push directly, with no swamp workflow run wrapping the push.

Related: feature request #295 (collective-scoped auth keys / OIDC) is independent but reduces the surface area for this kind of CI-side workaround pile-up.

telemetry: emit child entries for follow-up action method invocations

Publish release-candidate / unstable extension versions

extension source rm leaves stale @local/. rows in catalog, blocking later pulls of registry types

extension push drops binaries: field from re-emitted archive manifest.yaml

macOS launchd autoupdate (club.swamp.autoupdate) silently fails — binary stays stale

Clicking @hivemq/honeycomb extension card on /extensions shows 'Something went wrong'

Docs: Update model-definitions.md and workflows.md for direct type execution

Docs: document binaries manifest field in extension-manifest.md

Add an official @swamp/ssh extension for general-purpose SSH (brownfield-friendly)

Accept and display binaries field from extension push metadata

Direct type execution: collapse model create + method run into one command

Per-method telemetry events for workflow runs

Workflow run liveness: orphaned 'running' records when originating CLI process dies mid-run

Provide a CLI-shape primer for AI agents to reduce rediscovery overhead

quality rubric: don't penalize extensions whose upstream constrains them to a single platform

Extension update rejects multiple .ts files extending the same target type within one local extension (regression)

swamp extension push deadlocks when invoked from inside a swamp workflow step

Collective-scoped auth keys + OIDC federation for CI publishing

forEach self.* in modelIdOrName not resolved in runtime execution path

Award leaderboard points for referrals and collective invites

Add agent harness detection and AiTool to telemetry

Workflow-level runtime expressions (env.*, vault.*) not resolved in driverConfig — docker driver receives literal ${{ ... }} strings

Implement W5: Per-fingerprint import URLs + subprocess test harness (extension catalog rearchitecture)

swamp config set crashes with YAML serialization error

datastore compact: VACUUM fails in compiled binary (SQLITE_LIMIT_ATTACHED=0)

Repo-level version gating: minSwampVersion high-water mark for team consistency

Docs: document self.* expressions in modelIdOrName during forEach

Docs: How-to guide for background autoupdating

Manifest version bumps silently ignored for existing local extension aggregates

materialiseExtensions misclassifies pulled rows when manifest name collides with a pulled extension

Local extension edits don't reliably trigger rebundle

Missing unique indexes on user.email and user.username allow duplicate users

Resolve self.* expressions in modelIdOrName during forEach expansion

discord-bot double-sends sign_up notifications

Discord bot sends duplicate signup notifications

Add 'swamp workflow list' as alias for 'swamp workflow search'

Add 'swamp auth status' as alias for 'swamp auth whoami'

Extension bundle cache does not invalidate on source edits

extension pull fails on @local/[email protected] phantom-claim collision when local repo has its own extension

Lab search by numeric issue ID returns no results

W3 sourceToRow writes empty source_mtime — should carry filesystem mtime through Source entity

Warm-start rebundleAndUpdateCatalog should respect terminal RowStates set by reconcile

Implement W4: KindAdapter + unified loader (extension catalog rearchitecture)

Docs: add vault read-secret command to reference manual

Extension layer garbage collection: prune catalog rows + evict orphaned bundles

Docs: document workflow concurrency limits in reference manual

Locally-sourced extension: source_mtime updates without regenerating stale bundle

Extension push: allow shipping executable host helpers (bin/mudroom blocker)

Vault expressions silently deliver __SWAMP_VSEC__ sentinels under the docker driver

First-class shell-shim support for extensions, with registry-level visibility

Local extension model bundles don't rebuild when source changes (no rebuild CLI; manual cache delete breaks the runner)

Configurable concurrency limits for workflow fan-out (forEach, parallel jobs/steps)

feat(security): redact sensitive method arg values from audit log

docs: document swamp datastore compact and GC WAL behaviour

UAT: swamp datastore compact reclaims WAL and catalog space

Plan v4 step 9 literal test untestable under current catalog PK semantics

Cross-process concurrency stress for W2 lifecycle services

UAT additions for W2 lifecycle services (Install/Remove/Upgrade)

Implement W3: ReconcileFromDisk + freshness-as-aggregate-query (extension catalog rearchitecture)

doctor extensions repair: clean catalog-only orphans

Extensions should be able to ship Claude Code skills

Pre-existing TOCTOU windows in YAML repo walkers (findAll directory level + findById)

`swamp datastore setup` migration is not resumable / leaves the repo in a partial state on failure

Built-in models must honor AbortSignal so --timeout works in practice

Reader-lock or lock-free read path for data list/get/search/query

data search: surface jobTag alongside workflowTag and stepTag (follow-up to #237)

global-arg silently strips unknown keys; should reject via strict Zod schema

redmine extension: adopt state machine patterns from @magistr for agent-driven workflows

performance degrades significantly with large SQLite catalog

summarise: timeout/hang on repos with many workflow runs

extension quality/fmt fail on pulled extensions (path mismatch)

vault: add read-secret CLI command for agent-driven secret retrieval

data query: stepName and jobName fields always empty in CEL results

Extension ecosystem: shared utility library, version sync tooling, and HTTP resilience patterns

Agentic CLI improvements: --json stdout isolation, array inputs, and --repo-dir consistency

data delete fails with "Directory not empty (os error 39)" when concurrent writes are active

Extract LockfileRepository (W2 prequel for swamp-club#231)

Extend DatastoreSyncService.markDirty() with optional relPath argument

Implement W2: Lifecycle services own the catalog write (extension catalog rearchitecture)

data·delete logger double-quotes the data name in log output

Workflow-level runtime expressions (env., vault.) not resolved in driverConfig — docker driver receives literal ${{ ... }} strings