@a5c-ai/kradle 5.0.1-staging.3abdf9534c25
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/Dockerfile +31 -0
- package/README.md +187 -0
- package/bin/kradle-demo.mjs +23 -0
- package/bin/kradle-server.mjs +14 -0
- package/dist/kradle-controller-ui.json +3482 -0
- package/dist/kradle-lifecycle.json +201 -0
- package/dist/kradle-runtime-snapshot.json +3125 -0
- package/dist/kradle-summary.json +724 -0
- package/docs/README.md +61 -0
- package/docs/agents/README.md +83 -0
- package/docs/agents/acceptance-test-matrix.md +193 -0
- package/docs/agents/agent-mux-adapter-contract.md +167 -0
- package/docs/agents/agent-mux-source-map.md +310 -0
- package/docs/agents/agent-run-memory-import-spec.md +256 -0
- package/docs/agents/agent-stack-management-spec.md +421 -0
- package/docs/agents/api-contract-spec.md +309 -0
- package/docs/agents/artifacts-writeback-spec.md +145 -0
- package/docs/agents/chart-packaging-spec.md +128 -0
- package/docs/agents/ci-orchestration-spec.md +140 -0
- package/docs/agents/context-assembly-spec.md +219 -0
- package/docs/agents/controller-reconciliation-spec.md +255 -0
- package/docs/agents/crd-schema-spec.md +315 -0
- package/docs/agents/decision-log-open-questions.md +169 -0
- package/docs/agents/developer-implementation-checklist.md +329 -0
- package/docs/agents/dispatching-design.md +262 -0
- package/docs/agents/gaps-agent-mux-to-kradle-crds.md +298 -0
- package/docs/agents/glossary.md +66 -0
- package/docs/agents/implementation-blueprint.md +324 -0
- package/docs/agents/implementation-rollout-slices.md +251 -0
- package/docs/agents/memory-context-integration-spec.md +194 -0
- package/docs/agents/memory-ontology-schema-spec.md +253 -0
- package/docs/agents/memory-operations-runbook.md +121 -0
- package/docs/agents/mvp-vertical-slice-spec.md +146 -0
- package/docs/agents/observability-audit-spec.md +265 -0
- package/docs/agents/operator-runbook.md +174 -0
- package/docs/agents/org-memory-api-payload-examples.md +333 -0
- package/docs/agents/org-memory-controller-sequence-spec.md +181 -0
- package/docs/agents/org-memory-e2e-fixture-plan.md +161 -0
- package/docs/agents/org-memory-ui-implementation-map.md +114 -0
- package/docs/agents/org-memory-vertical-slice-spec.md +168 -0
- package/docs/agents/org-resource-model-delta-spec.md +111 -0
- package/docs/agents/org-route-resource-model-spec.md +183 -0
- package/docs/agents/org-scoping-namespace-spec.md +114 -0
- package/docs/agents/rbac-secrets-management-spec.md +406 -0
- package/docs/agents/repository-page-integration-spec.md +255 -0
- package/docs/agents/resource-contract-examples.md +808 -0
- package/docs/agents/resource-relationship-map.md +190 -0
- package/docs/agents/security-threat-model.md +188 -0
- package/docs/agents/shared-memory-company-brain-spec.md +358 -0
- package/docs/agents/storage-migration-spec.md +168 -0
- package/docs/agents/subagent-orchestration-spec.md +152 -0
- package/docs/agents/system-overview.md +88 -0
- package/docs/agents/tools-mcp-skills-spec.md +189 -0
- package/docs/agents/traceability-matrix.md +79 -0
- package/docs/agents/ui-flow-spec.md +211 -0
- package/docs/agents/ui-ux-system-spec.md +426 -0
- package/docs/agents/workspace-lifecycle-spec.md +166 -0
- package/docs/architecture-spec.md +78 -0
- package/docs/architecture-v2.md +2759 -0
- package/docs/components/control-plane.md +78 -0
- package/docs/components/data-plane.md +69 -0
- package/docs/components/hooks-events.md +67 -0
- package/docs/components/identity-rbac-policy.md +73 -0
- package/docs/components/kubevela-oam.md +70 -0
- package/docs/components/operations-publishing.md +81 -0
- package/docs/components/runners-ci.md +66 -0
- package/docs/components/web-ui.md +94 -0
- package/docs/crd-behaviors-and-relationships.md +3926 -0
- package/docs/external/README.md +47 -0
- package/docs/external/bidirectional-sync-design.md +134 -0
- package/docs/external/cicd-interface.md +64 -0
- package/docs/external/external-backend-controllers.md +170 -0
- package/docs/external/external-backend-crds.md +234 -0
- package/docs/external/external-backend-ui-spec.md +151 -0
- package/docs/external/external-backend-ux-flows.md +115 -0
- package/docs/external/external-object-mapping.md +125 -0
- package/docs/external/git-forge-interface.md +68 -0
- package/docs/external/github-integration-design.md +151 -0
- package/docs/external/issue-tracking-interface.md +66 -0
- package/docs/external/provider-capability-manifests.md +204 -0
- package/docs/external/provider-catalog.md +139 -0
- package/docs/external/provider-rollout-testing.md +78 -0
- package/docs/external/research-results.md +48 -0
- package/docs/external/security-auth-permissions.md +81 -0
- package/docs/external/sync-state-machines.md +108 -0
- package/docs/external/unified-external-backend-model.md +107 -0
- package/docs/external/user-facing-changes.md +67 -0
- package/docs/gaps.md +161 -0
- package/docs/install.md +94 -0
- package/docs/integration-and-design-decisions.md +1530 -0
- package/docs/kradle-design.md +334 -0
- package/docs/local-minikube.md +55 -0
- package/docs/ontology/README.md +32 -0
- package/docs/ontology/bounded-contexts.md +29 -0
- package/docs/ontology/events-and-hooks.md +32 -0
- package/docs/ontology/oam-kubevela.md +32 -0
- package/docs/ontology/operations-and-release.md +25 -0
- package/docs/ontology/personas-and-actors.md +32 -0
- package/docs/ontology/policies-and-invariants.md +33 -0
- package/docs/ontology/problem-space.md +30 -0
- package/docs/ontology/resource-contracts.md +40 -0
- package/docs/ontology/resource-taxonomy.md +42 -0
- package/docs/ontology/runners-and-ci.md +29 -0
- package/docs/ontology/solution-space.md +24 -0
- package/docs/ontology/storage-and-data-boundaries.md +29 -0
- package/docs/ontology/validation-matrix.md +24 -0
- package/docs/ontology/web-ui-excellent-flows.md +32 -0
- package/docs/ontology/workflows.md +39 -0
- package/docs/ontology/world.md +35 -0
- package/docs/openapi.yaml +1291 -0
- package/docs/product-requirements.md +62 -0
- package/docs/requirements-v2.md +235 -0
- package/docs/roadmap-mvp.md +87 -0
- package/docs/sdk-api-reference.md +1108 -0
- package/docs/system-requirements.md +90 -0
- package/docs/system-spec-v2.md +1230 -0
- package/docs/tests/README.md +53 -0
- package/docs/tests/agent-qa-plan.md +63 -0
- package/docs/tests/browser-ui-tests.md +62 -0
- package/docs/tests/ci-quality-gates.md +48 -0
- package/docs/tests/coverage-model.md +64 -0
- package/docs/tests/e2e-scenario-tests.md +53 -0
- package/docs/tests/fixtures-test-data.md +63 -0
- package/docs/tests/observability-reliability-tests.md +54 -0
- package/docs/tests/product-test-matrix.md +145 -0
- package/docs/tests/qa-adoption-roadmap.md +130 -0
- package/docs/tests/qa-automation-plan.md +101 -0
- package/docs/tests/security-compliance-tests.md +57 -0
- package/docs/tests/test-framework-tools.md +88 -0
- package/docs/tests/test-suite-layout.md +121 -0
- package/docs/tests/unit-integration-tests.md +48 -0
- package/docs/todo-kyverno +714 -0
- package/docs/todos.md +4 -0
- package/docs/user-stories.md +78 -0
- package/docs/web-console-spec.md +533 -0
- package/examples/minikube-demo.yaml +190 -0
- package/examples/oam-application.yaml +23 -0
- package/examples/policy-kyverno-pr-title.yaml +18 -0
- package/package.json +66 -0
- package/scripts/build.mjs +29 -0
- package/scripts/setup-minikube.mjs +65 -0
- package/scripts/smoke.mjs +37 -0
- package/scripts/validate-doc-coverage.mjs +152 -0
- package/scripts/validate-package.mjs +95 -0
- package/scripts/validate-ui.mjs +305 -0
- package/src/agent-adapter-controller.js +169 -0
- package/src/agent-approval-controller.js +170 -0
- package/src/agent-context-bundles.js +242 -0
- package/src/agent-dispatch-controller.js +549 -0
- package/src/agent-gateway-config-controller.js +147 -0
- package/src/agent-identity-migration.js +115 -0
- package/src/agent-memory-controller.js +357 -0
- package/src/agent-memory-import.js +327 -0
- package/src/agent-memory-query.js +292 -0
- package/src/agent-memory-repository-source-controller.js +255 -0
- package/src/agent-mux-client.js +589 -0
- package/src/agent-permission-review.js +250 -0
- package/src/agent-persona-controller.js +135 -0
- package/src/agent-project-controller.js +117 -0
- package/src/agent-prompt-composition.js +55 -0
- package/src/agent-provider-config-controller.js +151 -0
- package/src/agent-secret-config-grant-controller.js +282 -0
- package/src/agent-session-transcript-controller.js +189 -0
- package/src/agent-stack-controller.js +421 -0
- package/src/agent-subagent-controller.js +160 -0
- package/src/agent-transport-binding-controller.js +121 -0
- package/src/agent-trigger-controller.js +387 -0
- package/src/agent-workspace-controller.js +702 -0
- package/src/agent-writeback-controller.js +302 -0
- package/src/api-controller.js +621 -0
- package/src/argocd-gitops.js +43 -0
- package/src/artifact-registry-controller.js +542 -0
- package/src/assistant-runtime.js +284 -0
- package/src/async-controller.js +207 -0
- package/src/audit-controller.js +191 -0
- package/src/auth.js +310 -0
- package/src/component-catalog.js +41 -0
- package/src/control-plane.js +136 -0
- package/src/controller-client.js +112 -0
- package/src/controller-ui.js +620 -0
- package/src/data-plane.js +179 -0
- package/src/event-bus.js +397 -0
- package/src/external/conflict-controller.js +225 -0
- package/src/external/github/auth.js +96 -0
- package/src/external/github/cicd.js +180 -0
- package/src/external/github/git-forge.js +240 -0
- package/src/external/github/index.js +144 -0
- package/src/external/github/issue-tracking.js +163 -0
- package/src/external/provider-adapter.js +161 -0
- package/src/external/provider-resource-factory.js +221 -0
- package/src/external/sync-controller.js +235 -0
- package/src/external/webhook-controller.js +144 -0
- package/src/external/write-controller.js +283 -0
- package/src/gitea-backend.js +131 -0
- package/src/gitea-service.js +173 -0
- package/src/handoff.js +98 -0
- package/src/health-probes.js +134 -0
- package/src/hooks-events.js +63 -0
- package/src/hooks-lifecycle.js +117 -0
- package/src/http-server.js +409 -0
- package/src/identity-policy.js +86 -0
- package/src/index.js +71 -0
- package/src/jitsi-agent-bridge.js +141 -0
- package/src/jitsi-meeting-controller.js +291 -0
- package/src/jitsi-sync-controller.js +198 -0
- package/src/kradle-inference-service-controller.js +246 -0
- package/src/kubernetes-controller-async.js +531 -0
- package/src/kubernetes-controller.js +904 -0
- package/src/kubernetes-resource-gateway.js +48 -0
- package/src/model-route-controller.js +364 -0
- package/src/notification-controller.js +178 -0
- package/src/operations.js +112 -0
- package/src/org-scoping.js +5 -0
- package/src/resource-model.js +282 -0
- package/src/runner-controller.js +272 -0
- package/src/runners-ci.js +48 -0
- package/src/runtime.js +196 -0
- package/src/snapshot-cache.js +157 -0
- package/src/virtual-model-controller.js +538 -0
- package/src/virtual-model-hook-bridge.js +200 -0
- package/src/web-ui.js +40 -0
- package/tests/agent-adapter-controller.test.js +361 -0
- package/tests/agent-approval-controller.test.js +173 -0
- package/tests/agent-context-bundles.test.js +278 -0
- package/tests/agent-dispatch-controller.test.js +679 -0
- package/tests/agent-gateway-config-controller.test.js +386 -0
- package/tests/agent-identity-migration.test.js +87 -0
- package/tests/agent-memory-controller.test.js +461 -0
- package/tests/agent-memory-import-snapshot.test.js +477 -0
- package/tests/agent-memory-query.test.js +404 -0
- package/tests/agent-memory-repository-source.test.js +514 -0
- package/tests/agent-mux-client.test.js +389 -0
- package/tests/agent-mux-integration.test.js +971 -0
- package/tests/agent-permission-review-v2.test.js +317 -0
- package/tests/agent-permission-review.test.js +209 -0
- package/tests/agent-persona-controller.test.js +127 -0
- package/tests/agent-project-controller.test.js +302 -0
- package/tests/agent-prompt-composition.test.js +76 -0
- package/tests/agent-provider-config-controller.test.js +376 -0
- package/tests/agent-resources.test.js +303 -0
- package/tests/agent-secret-config-grant.test.js +231 -0
- package/tests/agent-session-transcript-controller.test.js +499 -0
- package/tests/agent-stack-controller.test.js +283 -0
- package/tests/agent-subagent-controller.test.js +201 -0
- package/tests/agent-transport-binding-controller.test.js +294 -0
- package/tests/agent-trigger-controller.test.js +271 -0
- package/tests/agent-trigger-routes.test.js +190 -0
- package/tests/agent-trigger-sources.test.js +245 -0
- package/tests/agent-workspace-controller.test.js +181 -0
- package/tests/agent-writeback.test.js +292 -0
- package/tests/approval-persistence.test.js +171 -0
- package/tests/artifact-registry.test.js +511 -0
- package/tests/assistant-runtime.test.js +506 -0
- package/tests/async-controller.test.js +252 -0
- package/tests/audit-controller.test.js +227 -0
- package/tests/codespace-controller.test.js +318 -0
- package/tests/controller-client.test.js +133 -0
- package/tests/deployment.test.js +527 -0
- package/tests/e2e/lifecycle.test.js +120 -0
- package/tests/event-bus-integration.test.js +355 -0
- package/tests/external-github-forge.test.js +560 -0
- package/tests/external-github-issues-cicd.test.js +520 -0
- package/tests/external-integration.test.js +470 -0
- package/tests/external-persistence.test.js +415 -0
- package/tests/external-provider-adapter.test.js +365 -0
- package/tests/external-resource-model.test.js +223 -0
- package/tests/external-webhook-sync.test.js +287 -0
- package/tests/external-write-conflict.test.js +353 -0
- package/tests/gitea-service.test.js +253 -0
- package/tests/health-check-real.test.js +165 -0
- package/tests/health-probes.test.js +90 -0
- package/tests/hooks-lifecycle.test.js +364 -0
- package/tests/integration/full-flow.test.js +266 -0
- package/tests/jitsi-agent-bridge.test.js +119 -0
- package/tests/jitsi-helm-integration.test.js +77 -0
- package/tests/jitsi-meeting-controller.test.js +170 -0
- package/tests/jitsi-resource-model.test.js +73 -0
- package/tests/jitsi-sync-controller.test.js +112 -0
- package/tests/kradle-inference-service.test.js +689 -0
- package/tests/kradle.test.js +779 -0
- package/tests/memory-search-wiring.test.js +270 -0
- package/tests/model-route-controller.test.js +733 -0
- package/tests/notification-controller.test.js +196 -0
- package/tests/notification-integration.test.js +179 -0
- package/tests/org-scoping.test.js +687 -0
- package/tests/runner-controller.test.js +327 -0
- package/tests/runner-integration.test.js +231 -0
- package/tests/session-cookie-hmac.test.js +151 -0
- package/tests/snapshot-performance.test.js +315 -0
- package/tests/sse-events.test.js +107 -0
- package/tests/virtual-model-controller.test.js +877 -0
- package/tests/virtual-model-hook-bridge.test.js +384 -0
- package/tests/webhook-trigger.test.js +198 -0
- package/tests/workspace-volumes.test.js +312 -0
- package/tests/writeback-persistence.test.js +207 -0
|
@@ -0,0 +1,151 @@
|
|
|
1
|
+
# External backend UI specification
|
|
2
|
+
|
|
3
|
+
## Purpose
|
|
4
|
+
|
|
5
|
+
This document defines the full UI for external backend integrations: provider setup, bindings, sync health, conflicts, write intents, webhooks, and per-resource provider status.
|
|
6
|
+
|
|
7
|
+
## Navigation
|
|
8
|
+
|
|
9
|
+
Add org-scoped routes:
|
|
10
|
+
|
|
11
|
+
| Route | Purpose |
|
|
12
|
+
| --- | --- |
|
|
13
|
+
| `/orgs/[org]/settings/external-backends` | provider list, add provider, health summary. |
|
|
14
|
+
| `/orgs/[org]/settings/external-backends/[provider]` | provider detail, auth, capabilities, rate limits. |
|
|
15
|
+
| `/orgs/[org]/settings/external-backends/[provider]/bindings` | repository/project bindings and interface modes. |
|
|
16
|
+
| `/orgs/[org]/settings/external-backends/[provider]/webhooks` | webhook delivery log, replay, redelivery, failures. |
|
|
17
|
+
| `/orgs/[org]/settings/external-backends/[provider]/sync` | sync state, backfill, cursors, queues. |
|
|
18
|
+
| `/orgs/[org]/settings/external-backends/[provider]/conflicts` | conflicts and resolution. |
|
|
19
|
+
| `/orgs/[org]/settings/external-backends/[provider]/writes` | write intents, approvals, retries. |
|
|
20
|
+
|
|
21
|
+
Repository pages show external backend panels under Settings, Issues, Pull Requests, Runs, Hooks, and Code where relevant.
|
|
22
|
+
|
|
23
|
+
## Provider list page
|
|
24
|
+
|
|
25
|
+
Cards show:
|
|
26
|
+
|
|
27
|
+
- provider name/type;
|
|
28
|
+
- enabled interfaces;
|
|
29
|
+
- auth health;
|
|
30
|
+
- webhook health;
|
|
31
|
+
- rate-limit/degraded state;
|
|
32
|
+
- last backfill;
|
|
33
|
+
- conflicts count;
|
|
34
|
+
- write intents needing attention;
|
|
35
|
+
- repositories bound.
|
|
36
|
+
|
|
37
|
+
Primary actions:
|
|
38
|
+
|
|
39
|
+
- add provider;
|
|
40
|
+
- resync all;
|
|
41
|
+
- pause/resume provider;
|
|
42
|
+
- open YAML.
|
|
43
|
+
|
|
44
|
+
## Add provider wizard
|
|
45
|
+
|
|
46
|
+
Steps:
|
|
47
|
+
|
|
48
|
+
1. Select provider type: GitHub, GitLab, Bitbucket, Azure DevOps, Jira, Linear, Buildkite, CircleCI, Jenkins, Gitea, Custom.
|
|
49
|
+
2. Select hosting: SaaS or self-managed and base URLs.
|
|
50
|
+
3. Select interfaces to enable.
|
|
51
|
+
4. Configure auth and Secret refs.
|
|
52
|
+
5. Validate credentials and capabilities.
|
|
53
|
+
6. Select org/repository/project bindings.
|
|
54
|
+
7. Choose sync ownership modes.
|
|
55
|
+
8. Configure webhook endpoint and secret.
|
|
56
|
+
9. Review generated YAML.
|
|
57
|
+
10. Apply and start initial backfill.
|
|
58
|
+
|
|
59
|
+
## Binding UI
|
|
60
|
+
|
|
61
|
+
Binding rows show:
|
|
62
|
+
|
|
63
|
+
- Kradle target resource;
|
|
64
|
+
- external owner/project/repo key;
|
|
65
|
+
- enabled interfaces;
|
|
66
|
+
- mode per interface;
|
|
67
|
+
- last sync state;
|
|
68
|
+
- native provider URL;
|
|
69
|
+
- conflict count;
|
|
70
|
+
- actions: sync now, edit modes, disconnect, view YAML.
|
|
71
|
+
|
|
72
|
+
## Resource badges
|
|
73
|
+
|
|
74
|
+
Synced resources display:
|
|
75
|
+
|
|
76
|
+
- provider icon/name;
|
|
77
|
+
- native URL;
|
|
78
|
+
- sync phase: current, stale, paused, conflict, degraded, write pending;
|
|
79
|
+
- ownership: mirrored, external-owned, Kradle-owned, bidirectional;
|
|
80
|
+
- last synced time;
|
|
81
|
+
- pending write/conflict indicator.
|
|
82
|
+
|
|
83
|
+
## Conflict resolution UI
|
|
84
|
+
|
|
85
|
+
Conflict detail shows:
|
|
86
|
+
|
|
87
|
+
- resource and native URL;
|
|
88
|
+
- field conflicts;
|
|
89
|
+
- local value;
|
|
90
|
+
- external value;
|
|
91
|
+
- last local generation;
|
|
92
|
+
- provider version/etag;
|
|
93
|
+
- policy recommendation;
|
|
94
|
+
- actions: keep external, apply Kradle, manual edit, ignore unsupported, retry sync.
|
|
95
|
+
|
|
96
|
+
## Write intent UI
|
|
97
|
+
|
|
98
|
+
Write intent detail shows:
|
|
99
|
+
|
|
100
|
+
- actor and source action;
|
|
101
|
+
- target provider/interface;
|
|
102
|
+
- native operation;
|
|
103
|
+
- request preview with secrets redacted;
|
|
104
|
+
- approval state;
|
|
105
|
+
- retry count;
|
|
106
|
+
- provider response summary;
|
|
107
|
+
- linked audit events;
|
|
108
|
+
- actions: approve, reject, retry, cancel, open native object.
|
|
109
|
+
|
|
110
|
+
## Webhook and sync UI
|
|
111
|
+
|
|
112
|
+
Webhook page shows:
|
|
113
|
+
|
|
114
|
+
- delivery ID;
|
|
115
|
+
- event/action;
|
|
116
|
+
- repository/project;
|
|
117
|
+
- received time;
|
|
118
|
+
- signature status;
|
|
119
|
+
- processing phase;
|
|
120
|
+
- response code;
|
|
121
|
+
- normalized event ID;
|
|
122
|
+
- replay action.
|
|
123
|
+
|
|
124
|
+
Sync page shows:
|
|
125
|
+
|
|
126
|
+
- high-watermarks/cursors by interface/resource kind;
|
|
127
|
+
- current queue depth;
|
|
128
|
+
- rate-limit budget;
|
|
129
|
+
- backfill schedule;
|
|
130
|
+
- last full resync;
|
|
131
|
+
- paused/degraded reasons.
|
|
132
|
+
|
|
133
|
+
## Repository settings integration
|
|
134
|
+
|
|
135
|
+
`/orgs/[org]/repositories/[repo]/settings` gains an External Backends section:
|
|
136
|
+
|
|
137
|
+
- current provider binding;
|
|
138
|
+
- interface modes;
|
|
139
|
+
- sync health;
|
|
140
|
+
- branch protection ownership;
|
|
141
|
+
- issue/PR/CI ownership;
|
|
142
|
+
- webhook delivery status;
|
|
143
|
+
- quick link to provider settings.
|
|
144
|
+
|
|
145
|
+
## Acceptance criteria
|
|
146
|
+
|
|
147
|
+
- Users can configure a provider without writing YAML.
|
|
148
|
+
- YAML remains visible for every provider resource.
|
|
149
|
+
- UI never enables unsupported provider operations.
|
|
150
|
+
- Conflicts and write intents are first-class and actionable.
|
|
151
|
+
- Every synced resource shows provider ownership and native link.
|
|
@@ -0,0 +1,115 @@
|
|
|
1
|
+
# External backend UX flows
|
|
2
|
+
|
|
3
|
+
## Purpose
|
|
4
|
+
|
|
5
|
+
This document turns the UI specification into user-facing flows that can become acceptance tests and implementation tickets.
|
|
6
|
+
|
|
7
|
+
## Flow: connect GitHub provider
|
|
8
|
+
|
|
9
|
+
1. Org admin opens `/orgs/a5c/settings/external-backends`.
|
|
10
|
+
2. Clicks `Add provider`.
|
|
11
|
+
3. Selects `GitHub`.
|
|
12
|
+
4. Selects `GitHub App` auth.
|
|
13
|
+
5. Enters or selects Kubernetes Secret refs for app ID, private key, and webhook secret.
|
|
14
|
+
6. Enters installation ID or authorizes installation discovery.
|
|
15
|
+
7. Selects interfaces: Issues, Actions/CI, Git forge.
|
|
16
|
+
8. Runs capability check.
|
|
17
|
+
9. Selects repositories to bind.
|
|
18
|
+
10. Chooses sync modes per interface.
|
|
19
|
+
11. Reviews YAML.
|
|
20
|
+
12. Applies provider and binding.
|
|
21
|
+
13. UI shows initial backfill progress and webhook status.
|
|
22
|
+
|
|
23
|
+
Acceptance:
|
|
24
|
+
|
|
25
|
+
- no token/private key value is shown after entry;
|
|
26
|
+
- unsupported operations are explained;
|
|
27
|
+
- provider and binding resources are created with org labels;
|
|
28
|
+
- initial backfill status appears.
|
|
29
|
+
|
|
30
|
+
## Flow: connect Jira for issues only
|
|
31
|
+
|
|
32
|
+
1. Admin selects `Jira` provider.
|
|
33
|
+
2. UI shows only Issue Tracking interface.
|
|
34
|
+
3. Admin configures base URL, auth Secret, and project keys.
|
|
35
|
+
4. Chooses read-only or bidirectional issue sync.
|
|
36
|
+
5. Applies binding to a Kradle repository or org work board.
|
|
37
|
+
6. Issue pages show Jira badge and native links.
|
|
38
|
+
|
|
39
|
+
Acceptance:
|
|
40
|
+
|
|
41
|
+
- CI/CD and git forge options are disabled;
|
|
42
|
+
- PR and pipeline pages do not claim Jira ownership;
|
|
43
|
+
- Jira rich text conversion warnings are visible when relevant.
|
|
44
|
+
|
|
45
|
+
## Flow: combine GitHub forge with Buildkite CI
|
|
46
|
+
|
|
47
|
+
1. Repository has GitHub binding for git forge and issue tracking.
|
|
48
|
+
2. Admin adds Buildkite provider with CI/CD only.
|
|
49
|
+
3. Admin binds Buildkite pipelines to the same Kradle repository.
|
|
50
|
+
4. Runs page shows GitHub PR context and Buildkite builds together.
|
|
51
|
+
5. Agent trigger rules can match Buildkite failures and write PR comments through GitHub after approval.
|
|
52
|
+
|
|
53
|
+
Acceptance:
|
|
54
|
+
|
|
55
|
+
- separate provider badges are visible;
|
|
56
|
+
- CI actions go to Buildkite, PR comments go to GitHub;
|
|
57
|
+
- audit records show both providers when a flow crosses interfaces.
|
|
58
|
+
|
|
59
|
+
## Flow: resolve sync conflict
|
|
60
|
+
|
|
61
|
+
1. User opens Inbox or provider Conflicts page.
|
|
62
|
+
2. Selects conflict for issue labels.
|
|
63
|
+
3. UI shows local and external values and sync history.
|
|
64
|
+
4. User chooses `Keep external`.
|
|
65
|
+
5. Conflict controller updates Kradle projection and closes conflict.
|
|
66
|
+
6. Audit records decision.
|
|
67
|
+
|
|
68
|
+
Acceptance:
|
|
69
|
+
|
|
70
|
+
- no hidden overwrite occurs;
|
|
71
|
+
- user can inspect native provider link;
|
|
72
|
+
- resolved state is visible in resource detail.
|
|
73
|
+
|
|
74
|
+
## Flow: reviewed external write from agent
|
|
75
|
+
|
|
76
|
+
1. Agent proposes GitHub PR comment or label update.
|
|
77
|
+
2. Kradle creates `ExternalWriteIntent` with request digest.
|
|
78
|
+
3. UI shows approval in Inbox and run detail.
|
|
79
|
+
4. Reviewer approves.
|
|
80
|
+
5. Write controller posts to GitHub.
|
|
81
|
+
6. Webhook or read-back confirms write.
|
|
82
|
+
7. Run detail and PR page show result.
|
|
83
|
+
|
|
84
|
+
Acceptance:
|
|
85
|
+
|
|
86
|
+
- agent cannot write directly without Kradle approval policy;
|
|
87
|
+
- request preview is redacted;
|
|
88
|
+
- native URL and provider response summary are visible.
|
|
89
|
+
|
|
90
|
+
## Flow: webhook recovery
|
|
91
|
+
|
|
92
|
+
1. Webhook delivery fails processing and becomes `DeadLettered`.
|
|
93
|
+
2. Provider page shows failed delivery.
|
|
94
|
+
3. Operator opens delivery detail and sees normalized error.
|
|
95
|
+
4. Operator chooses replay.
|
|
96
|
+
5. Delivery re-enters queue and succeeds or remains dead-lettered with updated attempts.
|
|
97
|
+
|
|
98
|
+
Acceptance:
|
|
99
|
+
|
|
100
|
+
- duplicate replay is idempotent;
|
|
101
|
+
- raw payload access is permission-gated;
|
|
102
|
+
- sync state updates after replay.
|
|
103
|
+
|
|
104
|
+
## Flow: provider rate limit
|
|
105
|
+
|
|
106
|
+
1. Provider reaches low rate-limit threshold.
|
|
107
|
+
2. Provider status becomes `Degraded` or `RateLimited`.
|
|
108
|
+
3. Backfill pauses; webhook ingest continues.
|
|
109
|
+
4. UI shows reset time and impacted interfaces.
|
|
110
|
+
5. Sync resumes after reset.
|
|
111
|
+
|
|
112
|
+
Acceptance:
|
|
113
|
+
|
|
114
|
+
- user actions that require provider writes are disabled or queued by policy;
|
|
115
|
+
- status clearly separates webhook ingestion from API backfill.
|
|
@@ -0,0 +1,125 @@
|
|
|
1
|
+
# External object mapping spec
|
|
2
|
+
|
|
3
|
+
## Purpose
|
|
4
|
+
|
|
5
|
+
This document defines canonical object mappings between provider-native objects and Kradle resources. The goal is loss-aware sync: Kradle should preserve provider identity and important provider-specific fields even when not all fields fit a first-class Kradle resource.
|
|
6
|
+
|
|
7
|
+
## Mapping principles
|
|
8
|
+
|
|
9
|
+
- Preserve native ID, URL, node/global ID, and provider version fields.
|
|
10
|
+
- Normalize common fields into Kradle resources.
|
|
11
|
+
- Store unsupported provider-specific fields in an extension map with schema version.
|
|
12
|
+
- Avoid lossy writes unless the user explicitly accepts field loss.
|
|
13
|
+
- Keep provider-specific rich text formats as source plus rendered Markdown/HTML where safe.
|
|
14
|
+
|
|
15
|
+
## Common external envelope
|
|
16
|
+
|
|
17
|
+
```yaml
|
|
18
|
+
external:
|
|
19
|
+
providerRef: github-a5c
|
|
20
|
+
bindingRef: github-kradle
|
|
21
|
+
interface: gitForge
|
|
22
|
+
nativeKind: pull_request
|
|
23
|
+
nativeId: "123456"
|
|
24
|
+
nativeNumber: 42
|
|
25
|
+
nodeId: PR_kwDO...
|
|
26
|
+
url: https://github.com/a5c-ai/kradle/pull/42
|
|
27
|
+
apiUrl: https://api.github.com/repos/a5c-ai/kradle/pulls/42
|
|
28
|
+
version:
|
|
29
|
+
etag: W/"..."
|
|
30
|
+
updatedAt: 2026-05-11T12:00:00Z
|
|
31
|
+
sha: abcdef1234
|
|
32
|
+
extensions:
|
|
33
|
+
providerType: github
|
|
34
|
+
schemaVersion: github-rest-2022-11-28
|
|
35
|
+
fields: {}
|
|
36
|
+
```
|
|
37
|
+
|
|
38
|
+
## Issue mapping
|
|
39
|
+
|
|
40
|
+
| Provider field | Kradle field |
|
|
41
|
+
| --- | --- |
|
|
42
|
+
| title | `Issue.spec.title` |
|
|
43
|
+
| body/description | `Issue.spec.body` plus `external.extensions.bodyFormat` |
|
|
44
|
+
| state/status | `Issue.status.phase` and `Issue.spec.state` |
|
|
45
|
+
| labels | `Issue.metadata.labels` and issue label projection |
|
|
46
|
+
| assignees | `Issue.spec.assignees` via identity mapping |
|
|
47
|
+
| milestone/sprint/cycle | `Issue.spec.milestone` or extension |
|
|
48
|
+
| comments | issue activity/comment projection |
|
|
49
|
+
| timestamps | `status.createdAt`, `status.updatedAt`, `status.closedAt` |
|
|
50
|
+
|
|
51
|
+
Provider notes:
|
|
52
|
+
|
|
53
|
+
- Jira status transitions need a transition operation, not a simple `state` patch.
|
|
54
|
+
- Linear workflow states map to issue phase plus provider extension.
|
|
55
|
+
- GitHub PR-backed issues link to `PullRequest`.
|
|
56
|
+
|
|
57
|
+
## Pipeline mapping
|
|
58
|
+
|
|
59
|
+
| Provider field | Kradle field |
|
|
60
|
+
| --- | --- |
|
|
61
|
+
| workflow/pipeline name | `Pipeline.spec.workflow` |
|
|
62
|
+
| run/build ID | `Pipeline.external.nativeId` |
|
|
63
|
+
| branch/ref | `Pipeline.spec.ref` |
|
|
64
|
+
| sha | `Pipeline.spec.sha` |
|
|
65
|
+
| status/conclusion | `Pipeline.status.phase` and `status.conclusion` |
|
|
66
|
+
| jobs | `Job` projections |
|
|
67
|
+
| logs | lazy `Artifact`/log ref |
|
|
68
|
+
| artifacts | `AgentArtifact`/`Artifact` projection by digest or native URL |
|
|
69
|
+
| rerun/cancel | `ExternalWriteIntent` operation |
|
|
70
|
+
|
|
71
|
+
## Pull request mapping
|
|
72
|
+
|
|
73
|
+
| Provider field | Kradle field |
|
|
74
|
+
| --- | --- |
|
|
75
|
+
| title/body | `PullRequest.spec.title/body` |
|
|
76
|
+
| number/IID | `external.nativeNumber` |
|
|
77
|
+
| source branch | `PullRequest.spec.head` |
|
|
78
|
+
| target branch | `PullRequest.spec.base` |
|
|
79
|
+
| head SHA | `PullRequest.status.headSha` |
|
|
80
|
+
| merge state | `PullRequest.status.mergeState` |
|
|
81
|
+
| reviewers/reviews | `Review` projections |
|
|
82
|
+
| checks | linked `Pipeline`/`Job`/check projections |
|
|
83
|
+
| labels/assignees | shared issue-like fields where provider supports them |
|
|
84
|
+
|
|
85
|
+
## Repository mapping
|
|
86
|
+
|
|
87
|
+
| Provider field | Kradle field |
|
|
88
|
+
| --- | --- |
|
|
89
|
+
| owner/name/path | `Repository.metadata.name`, `spec.external.owner/path` |
|
|
90
|
+
| visibility | `Repository.spec.visibility` |
|
|
91
|
+
| default branch | `Repository.spec.defaultBranch` |
|
|
92
|
+
| clone URLs | `Repository.status.cloneUrls` |
|
|
93
|
+
| archived/disabled | `Repository.status.phase` and extension |
|
|
94
|
+
| permissions/collaborators | `RepositoryPermission` projections |
|
|
95
|
+
| deploy keys | `SSHKey`/deploy-key projections |
|
|
96
|
+
| branch protection | `BranchProtection`/`RefPolicy` projections |
|
|
97
|
+
|
|
98
|
+
## Rich text conversion
|
|
99
|
+
|
|
100
|
+
Providers may use different body formats:
|
|
101
|
+
|
|
102
|
+
- Markdown: GitHub, GitLab, many Git forges;
|
|
103
|
+
- Atlassian Document Format: Jira Cloud;
|
|
104
|
+
- provider-specific markdown extensions: Linear/GitLab;
|
|
105
|
+
- HTML fragments: some legacy systems.
|
|
106
|
+
|
|
107
|
+
Kradle stores:
|
|
108
|
+
|
|
109
|
+
```yaml
|
|
110
|
+
body:
|
|
111
|
+
markdown: safe normalized markdown
|
|
112
|
+
sourceFormat: atlassian-document-format
|
|
113
|
+
sourceDigest: sha256:...
|
|
114
|
+
renderWarnings: []
|
|
115
|
+
```
|
|
116
|
+
|
|
117
|
+
Writes should preserve source format when possible or mark conversion loss.
|
|
118
|
+
|
|
119
|
+
## Acceptance criteria
|
|
120
|
+
|
|
121
|
+
- Every synced object has an external envelope.
|
|
122
|
+
- Unsupported provider fields are retained in extensions.
|
|
123
|
+
- Writes do not silently drop unsupported fields.
|
|
124
|
+
- Rich text conversion is explicit and testable.
|
|
125
|
+
- Mapping docs are used by provider contract tests.
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
# Git forge interface
|
|
2
|
+
|
|
3
|
+
## Purpose
|
|
4
|
+
|
|
5
|
+
The git forge interface syncs repository, pull request, ref, commit, key, collaborator, and repository policy state. It is the broadest external backend interface and is supported by GitHub, GitLab, Bitbucket, Gitea, and similar systems.
|
|
6
|
+
|
|
7
|
+
## Provider contract
|
|
8
|
+
|
|
9
|
+
```ts
|
|
10
|
+
interface GitForgeProvider {
|
|
11
|
+
listRepositories(cursor): Page<ExternalRepository>;
|
|
12
|
+
getRepository(ref): ExternalRepository;
|
|
13
|
+
createRepository(input): ExternalRepository;
|
|
14
|
+
updateRepository(ref, patch): ExternalRepository;
|
|
15
|
+
listPullRequests(repoRef, cursor): Page<ExternalPullRequest>;
|
|
16
|
+
getPullRequest(ref): ExternalPullRequest;
|
|
17
|
+
createPullRequest(input): ExternalPullRequest;
|
|
18
|
+
updatePullRequest(ref, patch): ExternalPullRequest;
|
|
19
|
+
mergePullRequest(ref, options): ExternalPullRequest;
|
|
20
|
+
listRefs(repoRef, cursor): Page<ExternalRef>;
|
|
21
|
+
getCommit(repoRef, sha): ExternalCommit;
|
|
22
|
+
listDeployKeys(repoRef, cursor): Page<ExternalDeployKey>;
|
|
23
|
+
syncDeployKeys(repoRef, desired): SyncResult;
|
|
24
|
+
listCollaborators(repoRef, cursor): Page<ExternalCollaborator>;
|
|
25
|
+
syncBranchProtection(repoRef, desired): SyncResult;
|
|
26
|
+
}
|
|
27
|
+
```
|
|
28
|
+
|
|
29
|
+
## Resource mapping
|
|
30
|
+
|
|
31
|
+
| External concept | Kradle resource/projection |
|
|
32
|
+
| --- | --- |
|
|
33
|
+
| repository | `Repository` |
|
|
34
|
+
| pull request / merge request | `PullRequest` |
|
|
35
|
+
| review | `Review` |
|
|
36
|
+
| PR comment/review thread | `ReviewComment` projection or activity stream |
|
|
37
|
+
| branch/tag/ref | `GitRef` projection or repository status |
|
|
38
|
+
| commit | `Commit` projection or lazy detail |
|
|
39
|
+
| deploy key/SSH key | `SSHKey` / `RepositoryPermission` / deploy-key projection |
|
|
40
|
+
| collaborator/team permission | `RepositoryPermission` |
|
|
41
|
+
| branch protection | `BranchProtection` / `RefPolicy` |
|
|
42
|
+
| repository webhook | `WebhookSubscription` |
|
|
43
|
+
|
|
44
|
+
## GitHub mapping
|
|
45
|
+
|
|
46
|
+
GitHub repositories map to Kradle `Repository`; GitHub pull requests map to `PullRequest`; PR reviews/comments map to `Review` and activity projections; deploy keys map to SSH key/deploy-key projections; branch protection maps to `BranchProtection` and `RefPolicy` where fields overlap.
|
|
47
|
+
|
|
48
|
+
## Sync rules
|
|
49
|
+
|
|
50
|
+
- Webhooks handle `repository`, `pull_request`, `pull_request_review`, `pull_request_review_comment`, `push`, `create`, `delete`, `branch_protection_rule`, `deploy_key`, and membership/collaborator-related events where available.
|
|
51
|
+
- Backfill lists repositories, PRs, refs, branch protection, keys, and collaborators.
|
|
52
|
+
- PR sync must coordinate with issue sync because provider issue numbers and PR numbers may share namespace.
|
|
53
|
+
- Git operations can use provider clone URLs and provider credentials; Kradle should not require PATs.
|
|
54
|
+
- Branch protection writes require explicit ownership mode and permission review.
|
|
55
|
+
|
|
56
|
+
## User-facing changes
|
|
57
|
+
|
|
58
|
+
- Repository settings show whether GitHub or Kradle owns each setting.
|
|
59
|
+
- PR pages show native provider link, sync state, and conflict status.
|
|
60
|
+
- SSH/deploy key panels show mirrored vs Kradle-managed keys.
|
|
61
|
+
- Branch protection editor can operate read-only, write-through, or reviewed-write depending on sync policy.
|
|
62
|
+
|
|
63
|
+
## Acceptance criteria
|
|
64
|
+
|
|
65
|
+
- A git-forge-only provider can sync repos/PRs/refs without issue or CI support.
|
|
66
|
+
- PR state converges from webhooks and periodic backfill.
|
|
67
|
+
- Branch protection/key writes are explicit and audited.
|
|
68
|
+
- GitHub issue/PR shared numbering does not create duplicate records.
|
|
@@ -0,0 +1,151 @@
|
|
|
1
|
+
# GitHub integration design
|
|
2
|
+
|
|
3
|
+
## Purpose
|
|
4
|
+
|
|
5
|
+
GitHub is the first full external backend provider for Kradle. It can support all three unified interfaces: issue tracking, CI/CD, and git forge. Kradle should integrate through a GitHub App by default, with optional user-attributed actions when a user token is available and admitted.
|
|
6
|
+
|
|
7
|
+
## Authentication model
|
|
8
|
+
|
|
9
|
+
Preferred auth:
|
|
10
|
+
|
|
11
|
+
```yaml
|
|
12
|
+
kind: ExternalBackendProvider
|
|
13
|
+
spec:
|
|
14
|
+
providerType: github
|
|
15
|
+
auth:
|
|
16
|
+
mode: github-app
|
|
17
|
+
appIdSecretRef:
|
|
18
|
+
name: github-app-a5c
|
|
19
|
+
key: app-id
|
|
20
|
+
privateKeySecretRef:
|
|
21
|
+
name: github-app-a5c
|
|
22
|
+
key: private-key.pem
|
|
23
|
+
webhookSecretRef:
|
|
24
|
+
name: github-app-a5c
|
|
25
|
+
key: webhook-secret
|
|
26
|
+
```
|
|
27
|
+
|
|
28
|
+
Flow:
|
|
29
|
+
|
|
30
|
+
1. Kradle signs a GitHub App JWT.
|
|
31
|
+
2. Kradle exchanges it for installation access tokens per org/repository installation.
|
|
32
|
+
3. Tokens are cached only until expiry and never stored in status.
|
|
33
|
+
4. User-attributed actions use GitHub App user access tokens when available and required.
|
|
34
|
+
5. All actions still pass Kradle org/RBAC/admission checks.
|
|
35
|
+
|
|
36
|
+
## GitHub provider capabilities
|
|
37
|
+
|
|
38
|
+
```yaml
|
|
39
|
+
capabilities:
|
|
40
|
+
issueTracking:
|
|
41
|
+
issues: true
|
|
42
|
+
comments: true
|
|
43
|
+
labels: true
|
|
44
|
+
milestones: true
|
|
45
|
+
projects: optional
|
|
46
|
+
cicd:
|
|
47
|
+
actionsWorkflowRuns: true
|
|
48
|
+
workflowJobs: true
|
|
49
|
+
checks: true
|
|
50
|
+
statuses: true
|
|
51
|
+
selfHostedRunners: optional
|
|
52
|
+
gitForge:
|
|
53
|
+
repositories: true
|
|
54
|
+
pullRequests: true
|
|
55
|
+
reviews: true
|
|
56
|
+
refs: true
|
|
57
|
+
commits: true
|
|
58
|
+
deployKeys: true
|
|
59
|
+
branchProtection: true
|
|
60
|
+
collaborators: true
|
|
61
|
+
```
|
|
62
|
+
|
|
63
|
+
## Installation binding
|
|
64
|
+
|
|
65
|
+
```yaml
|
|
66
|
+
kind: ExternalBackendBinding
|
|
67
|
+
spec:
|
|
68
|
+
organizationRef: a5c
|
|
69
|
+
providerRef: github-a5c
|
|
70
|
+
externalRef:
|
|
71
|
+
owner: a5c-ai
|
|
72
|
+
repository: kradle
|
|
73
|
+
installationId: 123456
|
|
74
|
+
interfaces:
|
|
75
|
+
issueTracking:
|
|
76
|
+
enabled: true
|
|
77
|
+
mode: bidirectional
|
|
78
|
+
cicd:
|
|
79
|
+
enabled: true
|
|
80
|
+
mode: external-owned
|
|
81
|
+
gitForge:
|
|
82
|
+
enabled: true
|
|
83
|
+
mode: bidirectional
|
|
84
|
+
```
|
|
85
|
+
|
|
86
|
+
## Webhook events
|
|
87
|
+
|
|
88
|
+
Recommended GitHub events:
|
|
89
|
+
|
|
90
|
+
| Interface | Events |
|
|
91
|
+
| --- | --- |
|
|
92
|
+
| Issue tracking | `issues`, `issue_comment`, `label`, `milestone`, `projects_v2_item` where available. |
|
|
93
|
+
| CI/CD | `workflow_run`, `workflow_job`, `check_run`, `check_suite`, `status`, `push`. |
|
|
94
|
+
| Git forge | `repository`, `pull_request`, `pull_request_review`, `pull_request_review_comment`, `push`, `create`, `delete`, `branch_protection_rule`, `deploy_key`. |
|
|
95
|
+
| Provider lifecycle | `installation`, `installation_repositories`, `meta`. |
|
|
96
|
+
|
|
97
|
+
Webhook delivery handling:
|
|
98
|
+
|
|
99
|
+
- validate signature before parsing;
|
|
100
|
+
- record delivery ID and event type;
|
|
101
|
+
- respond quickly with 2XX after enqueue;
|
|
102
|
+
- process asynchronously through Kradle queue/controller;
|
|
103
|
+
- dedupe by provider, delivery ID, event, and installation;
|
|
104
|
+
- support redelivery and replay.
|
|
105
|
+
|
|
106
|
+
## Backfill and repair
|
|
107
|
+
|
|
108
|
+
Backfill should run when:
|
|
109
|
+
|
|
110
|
+
- provider binding is created;
|
|
111
|
+
- webhook delivery is missed or failed;
|
|
112
|
+
- rate limit window recovers;
|
|
113
|
+
- manual `resync` is requested;
|
|
114
|
+
- native object has stale `lastSyncedAt`;
|
|
115
|
+
- provider installation changes repository access.
|
|
116
|
+
|
|
117
|
+
GitHub backfill strategy:
|
|
118
|
+
|
|
119
|
+
- GraphQL for list hydration where it reduces calls and provides cursors;
|
|
120
|
+
- REST for endpoints with first-class Actions, checks, deploy keys, webhooks, branch protection, and logs;
|
|
121
|
+
- conditional requests with ETags where useful;
|
|
122
|
+
- rate-limit aware scheduling by installation and org.
|
|
123
|
+
|
|
124
|
+
## Write paths
|
|
125
|
+
|
|
126
|
+
| Action | Default mode |
|
|
127
|
+
| --- | --- |
|
|
128
|
+
| create/update issue | write-through or reviewed-write by policy. |
|
|
129
|
+
| comment on issue/PR | write-through for humans, reviewed-write for agents. |
|
|
130
|
+
| update labels | bidirectional with conflict detection. |
|
|
131
|
+
| rerun/cancel workflow | write-through after permission review. |
|
|
132
|
+
| create/update PR | reviewed-write for agents; write-through for authorized humans. |
|
|
133
|
+
| merge PR | external-owned or reviewed-write; require branch protection status. |
|
|
134
|
+
| deploy key update | Kradle-owned or reviewed-write. |
|
|
135
|
+
| branch protection update | reviewed-write unless org policy says Kradle-owned. |
|
|
136
|
+
|
|
137
|
+
## GitHub-specific conflicts
|
|
138
|
+
|
|
139
|
+
- Issue and PR share number namespace; PR-backed issue projections must link to PR.
|
|
140
|
+
- Labels can be edited externally while Kradle has pending desired changes.
|
|
141
|
+
- Branch protection fields may not map 1:1 to Kradle `RefPolicy`.
|
|
142
|
+
- Workflow runs may be rerun externally while Kradle still shows an old attempt.
|
|
143
|
+
- Force-push updates PR head SHA and invalidates cached diff/check context.
|
|
144
|
+
|
|
145
|
+
## UI requirements
|
|
146
|
+
|
|
147
|
+
- Provider setup wizard for GitHub App app ID, private key, webhook secret, installation ID, owner, repository selection, and selected interfaces.
|
|
148
|
+
- Repository settings page shows GitHub binding and per-interface mode.
|
|
149
|
+
- Issue/PR/run pages show native GitHub link, sync status, and conflict banner.
|
|
150
|
+
- Actions/runs page can filter external GitHub Actions vs Kradle-native pipelines.
|
|
151
|
+
- Webhook page shows delivery IDs, replay, redelivery, and backfill status.
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
# Issue tracking interface
|
|
2
|
+
|
|
3
|
+
## Purpose
|
|
4
|
+
|
|
5
|
+
The issue tracking interface syncs externally managed work items into Kradle and optionally writes changes back. It covers issues, comments, labels, milestones, assignees, projects, saved views, reactions, and issue events.
|
|
6
|
+
|
|
7
|
+
## Provider contract
|
|
8
|
+
|
|
9
|
+
A provider implementing this interface should support some or all of:
|
|
10
|
+
|
|
11
|
+
```ts
|
|
12
|
+
interface IssueTrackingProvider {
|
|
13
|
+
listIssues(cursor): Page<ExternalIssue>;
|
|
14
|
+
getIssue(ref): ExternalIssue;
|
|
15
|
+
createIssue(input): ExternalIssue;
|
|
16
|
+
updateIssue(ref, patch): ExternalIssue;
|
|
17
|
+
closeIssue(ref, reason): ExternalIssue;
|
|
18
|
+
listComments(issueRef, cursor): Page<ExternalComment>;
|
|
19
|
+
createComment(issueRef, input): ExternalComment;
|
|
20
|
+
updateComment(commentRef, patch): ExternalComment;
|
|
21
|
+
listLabels(cursor): Page<ExternalLabel>;
|
|
22
|
+
syncLabels(desired): SyncResult;
|
|
23
|
+
listEvents(issueRef, cursor): Page<ExternalIssueEvent>;
|
|
24
|
+
}
|
|
25
|
+
```
|
|
26
|
+
|
|
27
|
+
Capabilities are negotiated; read-only providers can omit mutating operations.
|
|
28
|
+
|
|
29
|
+
## Resource mapping
|
|
30
|
+
|
|
31
|
+
| External concept | Kradle resource/projection |
|
|
32
|
+
| --- | --- |
|
|
33
|
+
| issue/work item | `Issue` |
|
|
34
|
+
| issue comment | `IssueComment` aggregated projection or `Issue.status.comments` summary |
|
|
35
|
+
| label | `IssueLabel` config/projection or labels on `Issue` |
|
|
36
|
+
| milestone | `Milestone` projection or metadata field |
|
|
37
|
+
| assignee | `User`/`Team` references plus external identity mapping |
|
|
38
|
+
| project field | `View`, `Selector`, or provider-specific field projection |
|
|
39
|
+
| linked PR | `PullRequest` edge |
|
|
40
|
+
| issue event | `ExternalSyncEvent` or issue activity stream |
|
|
41
|
+
|
|
42
|
+
## GitHub mapping
|
|
43
|
+
|
|
44
|
+
GitHub Issues map naturally to Kradle `Issue`. GitHub pull requests also have issue numbers and issue-like comments/labels, so the GitHub issue provider must avoid duplicating PR-backed issues. A GitHub issue with `pull_request` metadata should link to the `PullRequest` projection rather than become an independent work item unless the UI explicitly needs a combined activity view.
|
|
45
|
+
|
|
46
|
+
## Sync rules
|
|
47
|
+
|
|
48
|
+
- Webhooks handle `issues`, `issue_comment`, `label`, `milestone`, and assignment events.
|
|
49
|
+
- Backfill/poll handles missed events and periodic consistency checks.
|
|
50
|
+
- Cursor sync stores provider cursor or `updated_at` high-water mark.
|
|
51
|
+
- Writes include idempotency keys where provider supports them; otherwise Kradle stores write intent and native result.
|
|
52
|
+
- Conflicts create `ExternalSyncConflict` when local desired state and external state both changed since last sync.
|
|
53
|
+
|
|
54
|
+
## User-facing changes
|
|
55
|
+
|
|
56
|
+
- Issue pages show external provider badges, native URLs, sync status, and conflict state.
|
|
57
|
+
- Editing an externally owned issue shows whether the change writes through, opens a reviewed change, or is disabled.
|
|
58
|
+
- Comments show source: Kradle, GitHub, imported, or agent.
|
|
59
|
+
- Label management shows external ownership and drift.
|
|
60
|
+
|
|
61
|
+
## Acceptance criteria
|
|
62
|
+
|
|
63
|
+
- A read-only issue provider can mirror issues and comments without write permissions.
|
|
64
|
+
- A bidirectional provider can update title/body/state/labels/comments and detect conflicts.
|
|
65
|
+
- GitHub PR-backed issues link to PRs instead of duplicating work items.
|
|
66
|
+
- Webhook replay and cursor backfill converge to the same state.
|