@synth-deploy/server 1.1.0 → 1.2.0

package/src/api/operations.ts

@@ -183,17 +183,13 @@ export function registerOperationRoutes(
 
           // Trigger operations: construct MonitoringDirective from plan, present for approval
           if (dep.input.type === "trigger" && !result.blocked) {
-            const triggerInput = dep.input as { type: "trigger"; condition: string; responseIntent: string; parameters?: Record<string, unknown> };
-            // Convert plan steps to monitoring probes
-            const probes = result.plan.steps.map((step) => ({
-              command: step.action,
-              label: step.description,
-              parseAs: (step.params?.parseAs === "exitCode" ? "exitCode" : "numeric") as "numeric" | "exitCode",
-            }));
+            const triggerInput = dep.input as { type: "trigger"; condition: string; responseIntent: string };
+            // Use probes from the envoy's trigger planning response (embedded in scriptedPlan reasoning),
+            // or fall back to a default probe. The envoy's planTrigger generates these.
             const directive: import("@synth-deploy/core").MonitoringDirective = {
               id: dep.id,
               operationId: dep.id,
-              probes: probes.length > 0 ? probes : [{
+              probes: [{
                 command: "echo 0",
                 label: "default-probe",
                 parseAs: "numeric" as const,
@@ -203,7 +199,6 @@ export function registerOperationRoutes(
               condition: triggerInput.condition,
               responseIntent: triggerInput.responseIntent,
               responseType: "maintain",
-              responseParameters: triggerInput.parameters,
               environmentId: dep.environmentId,
               partitionId: dep.partitionId,
               status: "active",
@@ -266,7 +261,7 @@ export function registerOperationRoutes(
               decisionType: "plan-generation",
               decision: `Operation plan blocked — infrastructure prerequisites not met`,
               reasoning: result.blockReason ?? result.plan.reasoning,
-              context: { stepCount: result.plan.steps.length, envoyId: planningEnvoy.id, blocked: true },
+              context: { stepCount: result.plan.scriptedPlan.stepSummary.length, envoyId: planningEnvoy.id, blocked: true },
             });
           } else {
             // Plan is valid — transition to awaiting_approval
@@ -279,9 +274,9 @@ export function registerOperationRoutes(
               operationId: dep.id,
               agent: "envoy",
               decisionType: "plan-generation",
-              decision: `Operation plan generated with ${result.plan.steps.length} steps`,
+              decision: `Operation plan generated with ${result.plan.scriptedPlan.stepSummary.length} steps`,
               reasoning: result.plan.reasoning,
-              context: { stepCount: result.plan.steps.length, envoyId: planningEnvoy.id, delta: result.delta },
+              context: { stepCount: result.plan.scriptedPlan.stepSummary.length, envoyId: planningEnvoy.id, delta: result.delta },
             });
           }
         }).catch((err) => {
@@ -400,9 +395,9 @@ export function registerOperationRoutes(
         operationId: deployment.id,
         agent: "envoy",
         decisionType: "plan-generation",
-        decision: `Operation plan submitted with ${parsed.data.plan.steps.length} steps`,
+        decision: `Operation plan submitted with ${parsed.data.plan.scriptedPlan.stepSummary.length} steps`,
         reasoning: parsed.data.plan.reasoning,
-        context: { stepCount: parsed.data.plan.steps.length },
+        context: { stepCount: parsed.data.plan.scriptedPlan.stepSummary.length },
       });
 
       return reply.status(200).send({ deployment });
@@ -456,7 +451,7 @@ export function registerOperationRoutes(
         target: { type: "deployment", id: deployment.id },
         details: parsed.data.modifications
           ? { modifications: parsed.data.modifications }
-          : { planStepCount: deployment.plan?.steps.length ?? 0 },
+          : { planStepCount: deployment.plan?.scriptedPlan.stepSummary.length ?? 0 },
       });
 
       // Composite operations: execute children sequentially
@@ -644,9 +639,14 @@ export function registerOperationRoutes(
       }
 
       // Validate modified plan with envoy if available
-      if (envoyClient) {
+      if (envoyClient && deployment.plan.scriptedPlan) {
         try {
-          const validation = await envoyClient.validatePlan(parsed.data.steps);
+          const modifiedScript: import("@synth-deploy/core").ScriptedPlan = {
+            ...deployment.plan.scriptedPlan,
+            executionScript: parsed.data.executionScript,
+            ...(parsed.data.rollbackScript !== undefined ? { rollbackScript: parsed.data.rollbackScript } : {}),
+          };
+          const validation = await envoyClient.validatePlan(modifiedScript);
           if (!validation.valid) {
             return reply.status(422).send({
               error: "Modified plan failed envoy validation",
@@ -658,34 +658,21 @@ export function registerOperationRoutes(
         }
       }
 
-      // Build structured diff: what changed between old and new steps
-      const oldSteps = deployment.plan.steps;
-      const newSteps = parsed.data.steps;
-      const diffLines: string[] = [];
-      const maxLen = Math.max(oldSteps.length, newSteps.length);
-      for (let i = 0; i < maxLen; i++) {
-        const old = oldSteps[i];
-        const cur = newSteps[i];
-        if (!old) {
-          diffLines.push(`+ Step ${i + 1} (added): ${cur.action} ${cur.target} — ${cur.description}`);
-        } else if (!cur) {
-          diffLines.push(`- Step ${i + 1} (removed): ${old.action} ${old.target} — ${old.description}`);
-        } else if (old.action !== cur.action || old.target !== cur.target || old.description !== cur.description) {
-          diffLines.push(`~ Step ${i + 1} (changed): ${old.action} ${old.target} → ${cur.action} ${cur.target}`);
-          if (old.description !== cur.description) {
-            diffLines.push(`  was: ${old.description}`);
-            diffLines.push(`  now: ${cur.description}`);
-          }
-        }
-      }
-      const diffFromPreviousPlan = diffLines.length > 0
-        ? diffLines.join("\n")
-        : "Steps reordered or metadata changed (actions and targets unchanged)";
+      // Compute diff description
+      const oldScript = deployment.plan.scriptedPlan?.executionScript ?? "";
+      const newScript = parsed.data.executionScript;
+      const diffFromPreviousPlan = oldScript !== newScript
+        ? "Execution script modified by user"
+        : "Plan metadata changed (script unchanged)";
 
       // Apply modifications
       deployment.plan = {
         ...deployment.plan,
-        steps: parsed.data.steps,
+        scriptedPlan: {
+          ...deployment.plan.scriptedPlan,
+          executionScript: parsed.data.executionScript,
+          ...(parsed.data.rollbackScript !== undefined ? { rollbackScript: parsed.data.rollbackScript } : {}),
+        },
         diffFromPreviousPlan,
       };
       deployments.save(deployment);
@@ -702,7 +689,6 @@ export function registerOperationRoutes(
         reasoning: parsed.data.reason,
         context: {
           modifiedBy: actor,
-          stepCount: parsed.data.steps.length,
           reason: parsed.data.reason,
         },
         actor: request.user?.email,
@@ -711,13 +697,13 @@ export function registerOperationRoutes(
         actor,
         action: "operation.modified" as Parameters<typeof telemetry.record>[0]["action"],
         target: { type: "deployment", id: deployment.id },
-        details: { reason: parsed.data.reason, stepCount: parsed.data.steps.length },
+        details: { reason: parsed.data.reason },
       });
       telemetry.record({
         actor,
         action: "agent.recommendation.overridden",
         target: { type: "deployment", id: deployment.id },
-        details: { reason: parsed.data.reason, stepCount: parsed.data.steps.length, diff: diffFromPreviousPlan },
+        details: { reason: parsed.data.reason, diff: diffFromPreviousPlan },
       });
 
       return { deployment, modified: true };
@@ -762,10 +748,9 @@ export function registerOperationRoutes(
       try {
         const validation = await planningClientForValidation.validateRefinementFeedback({
           feedback: parsed.data.feedback,
-          currentPlanSteps: (deployment.plan?.steps ?? []).map((s) => ({
+          currentPlanSummary: (deployment.plan?.scriptedPlan?.stepSummary ?? []).map((s) => ({
             description: s.description,
-            action: s.action,
-            target: s.target,
+            reversible: s.reversible,
           })),
           artifactName: artifact?.name ?? "unknown",
           environmentName: environment?.name ?? "unknown",
@@ -838,9 +823,9 @@ export function registerOperationRoutes(
         operationId: dep.id,
         agent: "envoy",
         decisionType: "plan-generation",
-        decision: `Plan regenerated with user feedback (${result.plan.steps.length} steps)`,
+        decision: `Plan regenerated with user feedback (${result.plan.scriptedPlan.stepSummary.length} steps)`,
         reasoning: result.plan.reasoning,
-        context: { stepCount: result.plan.steps.length, envoyId: planningEnvoy.id, refinementFeedback: parsed.data.feedback },
+        context: { stepCount: result.plan.scriptedPlan.stepSummary.length, envoyId: planningEnvoy.id, refinementFeedback: parsed.data.feedback },
       });
 
       return { deployment: dep, replanned: true };
@@ -947,7 +932,7 @@ export function registerOperationRoutes(
 
       const environment = deployment.environmentId ? environments.get(deployment.environmentId) : undefined;
 
-      // Build the list of completed steps from execution record (or plan as fallback)
+      // Build the list of completed steps from execution record (or plan step summaries as fallback)
       const completedSteps: Array<{
         description: string;
         action: string;
@@ -956,14 +941,14 @@ export function registerOperationRoutes(
         output?: string;
       }> = deployment.executionRecord?.steps.map((s) => ({
         description: s.description,
-        action: deployment.plan?.steps.find((p) => p.description === s.description)?.action ?? "unknown",
-        target: deployment.plan?.steps.find((p) => p.description === s.description)?.target ?? "",
+        action: "script-step",
+        target: "",
         status: s.status,
         output: s.output ?? s.error,
-      })) ?? deployment.plan?.steps.map((s) => ({
+      })) ?? deployment.plan?.scriptedPlan?.stepSummary.map((s) => ({
         description: s.description,
-        action: s.action,
-        target: s.target,
+        action: "script-step",
+        target: "",
         status: "completed" as const,
       })) ?? [];
 
@@ -1008,7 +993,7 @@ export function registerOperationRoutes(
           reasoning: rollbackPlan.reasoning,
           context: {
             requestedBy: actor,
-            stepCount: rollbackPlan.steps.length,
+            stepCount: rollbackPlan.scriptedPlan.stepSummary.length,
             envoyId: targetEnvoy.id,
             deploymentStatus: deployment.status,
           },
@@ -1018,7 +1003,7 @@ export function registerOperationRoutes(
           actor,
           action: "deployment.rollback-plan-requested" as Parameters<typeof telemetry.record>[0]["action"],
           target: { type: "deployment", id: deployment.id },
-          details: { stepCount: rollbackPlan.steps.length },
+          details: { stepCount: rollbackPlan.scriptedPlan.stepSummary.length },
         });
 
         return reply.status(200).send({ deployment, rollbackPlan });
@@ -1075,22 +1060,32 @@ export function registerOperationRoutes(
         agent: "server",
         decisionType: "rollback-execution",
         decision: `Rollback execution initiated for ${artifact?.name ?? getArtifactId(deployment)} v${deployment.version}`,
-        reasoning: `Rollback requested by ${actor}. Executing ${deployment.rollbackPlan.steps.length} rollback step(s).`,
-        context: { initiatedBy: actor, stepCount: deployment.rollbackPlan.steps.length },
+        reasoning: `Rollback requested by ${actor}. Executing ${deployment.rollbackPlan.scriptedPlan.stepSummary.length} rollback step(s).`,
+        context: { initiatedBy: actor, stepCount: deployment.rollbackPlan.scriptedPlan.stepSummary.length },
         actor: request.user?.email,
       });
       telemetry.record({
         actor,
         action: "deployment.rollback-executed" as Parameters<typeof telemetry.record>[0]["action"],
         target: { type: "deployment", id: deployment.id },
-        details: { stepCount: deployment.rollbackPlan.steps.length },
+        details: { stepCount: deployment.rollbackPlan.scriptedPlan.stepSummary.length },
       });
 
       const rollbackClient = new EnvoyClient(targetEnvoy.url);
 
       // Execute the rollback plan as if it were a forward plan — it IS a forward plan
       // (just in the reverse direction). Use an empty no-op plan as the "rollback of rollback".
-      const emptyPlan = { steps: [], reasoning: "No rollback of rollback." };
+      const emptyPlan: import("@synth-deploy/core").OperationPlan = {
+        scriptedPlan: {
+          platform: "bash",
+          executionScript: "# No rollback of rollback",
+          dryRunScript: null,
+          rollbackScript: null,
+          reasoning: "No rollback of rollback.",
+          stepSummary: [],
+        },
+        reasoning: "No rollback of rollback.",
+      };
 
       rollbackClient.executeApprovedPlan({
         operationId: deployment.id,
@@ -1269,7 +1264,7 @@ export function registerOperationRoutes(
                 decisionType: "plan-generation",
                 decision: `Operation plan blocked — infrastructure prerequisites not met`,
                 reasoning: result.blockReason ?? result.plan.reasoning,
-                context: { stepCount: result.plan.steps.length, envoyId: planningEnvoy.id, blocked: true },
+                context: { stepCount: result.plan.scriptedPlan.stepSummary.length, envoyId: planningEnvoy.id, blocked: true },
               });
             } else {
               dep.status = "awaiting_approval" as typeof dep.status;
@@ -1281,9 +1276,9 @@ export function registerOperationRoutes(
                 operationId: dep.id,
                 agent: "envoy",
                 decisionType: "plan-generation",
-                decision: `Operation plan generated with ${result.plan.steps.length} steps`,
+                decision: `Operation plan generated with ${result.plan.scriptedPlan.stepSummary.length} steps`,
                 reasoning: result.plan.reasoning,
-                context: { stepCount: result.plan.steps.length, envoyId: planningEnvoy.id, delta: result.delta },
+                context: { stepCount: result.plan.scriptedPlan.stepSummary.length, envoyId: planningEnvoy.id, delta: result.delta },
               });
             }
           }).catch((err) => {
@@ -1561,13 +1556,13 @@ export function registerOperationRoutes(
     }
 
     // Spawn child operation
-    const triggerInput = triggerOp.input as { type: "trigger"; condition: string; responseIntent: string; parameters?: Record<string, unknown> };
+    const triggerInput = triggerOp.input as { type: "trigger"; condition: string; responseIntent: string };
     const responseType = triggerOp.monitoringDirective?.responseType ?? "maintain";
     const childOp = {
       id: crypto.randomUUID(),
       input: responseType === "deploy"
         ? { type: "deploy" as const, artifactId: "" }
-        : { type: "maintain" as const, intent: triggerInput.responseIntent, parameters: triggerInput.parameters },
+        : { type: "maintain" as const, intent: triggerInput.responseIntent },
       intent: triggerInput.responseIntent,
       lineage: triggerOp.id,
       triggeredBy: "trigger" as const,
@@ -1916,9 +1911,9 @@ export function registerOperationRoutes(
           operationId: childDep.id,
           agent: "envoy",
           decisionType: "plan-generation",
-          decision: `Child operation plan generated with ${result.plan.steps.length} steps`,
+          decision: `Child operation plan generated with ${result.plan.scriptedPlan.stepSummary.length} steps`,
           reasoning: result.plan.reasoning,
-          context: { stepCount: result.plan.steps.length, envoyId: planningEnvoy.id, parentOperationId: parentOp.id },
+          context: { stepCount: result.plan.scriptedPlan.stepSummary.length, envoyId: planningEnvoy.id, parentOperationId: parentOp.id },
         });
       } catch (err) {
         const childDep = deployments.get(childId);
@@ -1952,9 +1947,9 @@ export function registerOperationRoutes(
       // All children planned — build combined summary plan and await approval
       const allChildren = childIds.map((id) => deployments.get(id)).filter(Boolean) as import("@synth-deploy/core").Operation[];
 
-      const combinedSteps = allChildren.flatMap((c, idx) => {
-        if (!c.plan) return [];
-        return c.plan.steps.map((step) => ({
+      const combinedStepSummary = allChildren.flatMap((c, idx) => {
+        if (!c.plan?.scriptedPlan) return [];
+        return c.plan.scriptedPlan.stepSummary.map((step) => ({
           ...step,
           description: `[${idx + 1}/${allChildren.length}: ${c.input.type}] ${step.description}`,
         }));
@@ -1964,10 +1959,35 @@ export function registerOperationRoutes(
         `Step ${idx + 1} (${c.input.type}): ${c.plan?.reasoning ?? "no reasoning"}`
       ).join("\n\n");
 
+      // Combine child execution scripts into a single composite script
+      const combinedScript = allChildren
+        .map((c, idx) => `# --- Child ${idx + 1}/${allChildren.length}: ${c.input.type} ---\n${c.plan?.scriptedPlan?.executionScript ?? "# no script"}`)
+        .join("\n\n");
+
       const parentDep = deployments.get(parentOp.id);
       if (parentDep && parentDep.status === "pending") {
-        parentDep.plan = { steps: combinedSteps, reasoning: combinedReasoning };
-        parentDep.rollbackPlan = { steps: [], reasoning: "Child operations handle their own rollback" };
+        parentDep.plan = {
+          scriptedPlan: {
+            platform: "bash",
+            executionScript: combinedScript,
+            dryRunScript: null,
+            rollbackScript: null,
+            reasoning: combinedReasoning,
+            stepSummary: combinedStepSummary,
+          },
+          reasoning: combinedReasoning,
+        };
+        parentDep.rollbackPlan = {
+          scriptedPlan: {
+            platform: "bash",
+            executionScript: "# Child operations handle their own rollback",
+            dryRunScript: null,
+            rollbackScript: null,
+            reasoning: "Child operations handle their own rollback",
+            stepSummary: [],
+          },
+          reasoning: "Child operations handle their own rollback",
+        };
         parentDep.status = "awaiting_approval" as typeof parentDep.status;
         parentDep.recommendation = computeRecommendation(parentDep, deployments);
         deployments.save(parentDep);
@@ -1979,7 +1999,7 @@ export function registerOperationRoutes(
           decisionType: "composite-plan-ready",
           decision: `All ${allChildren.length} child plans ready — composite awaiting approval`,
           reasoning: combinedReasoning,
-          context: { childIds, totalSteps: combinedSteps.length },
+          context: { childIds, totalSteps: combinedStepSummary.length },
         });
       }
     }

package/src/api/schemas.ts

@@ -245,10 +245,10 @@ export const CreateDeploymentSchema = z.object({
 
 const ChildOperationInputSchema = z.discriminatedUnion("type", [
   z.object({ type: z.literal("deploy"), artifactId: z.string().min(1), artifactVersionId: z.string().optional() }),
-  z.object({ type: z.literal("maintain"), intent: z.string().min(1), parameters: z.record(z.unknown()).optional() }),
+  z.object({ type: z.literal("maintain"), intent: z.string().min(1) }),
   z.object({ type: z.literal("query"), intent: z.string().min(1) }),
   z.object({ type: z.literal("investigate"), intent: z.string().min(1), allowWrite: z.boolean().optional() }),
-  z.object({ type: z.literal("trigger"), condition: z.string().min(1), responseIntent: z.string().min(1), parameters: z.record(z.unknown()).optional() }),
+  z.object({ type: z.literal("trigger"), condition: z.string().min(1), responseIntent: z.string().min(1) }),
 ]);
 
 // --- Operations ---
@@ -284,37 +284,33 @@ export const RejectDeploymentSchema = z.object({
 });
 
 export const ModifyDeploymentPlanSchema = z.object({
-  steps: z.array(z.object({
+  executionScript: z.string().min(1, "Execution script must not be empty"),
+  rollbackScript: z.string().optional(),
+  reason: z.string().min(1),
+});
+
+const ScriptedPlanSchema = z.object({
+  platform: z.enum(["bash", "powershell"]),
+  executionScript: z.string().min(1),
+  dryRunScript: z.string().nullable(),
+  rollbackScript: z.string().nullable(),
+  reasoning: z.string().min(1),
+  stepSummary: z.array(z.object({
     description: z.string().min(1),
-    action: z.string().min(1),
-    target: z.string().min(1),
     reversible: z.boolean(),
-    rollbackAction: z.string().optional(),
-  })).min(1, "Plan must contain at least one step"),
-  reason: z.string().min(1),
+  })),
+  diffFromCurrent: z.array(z.object({ key: z.string(), from: z.string(), to: z.string() })).optional(),
 });
 
 export const SubmitPlanSchema = z.object({
   plan: z.object({
-    steps: z.array(z.object({
-      description: z.string().min(1),
-      action: z.string().min(1),
-      target: z.string().min(1),
-      reversible: z.boolean(),
-      rollbackAction: z.string().optional(),
-    })).min(1),
+    scriptedPlan: ScriptedPlanSchema,
     reasoning: z.string().min(1),
     diffFromCurrent: z.array(z.object({ key: z.string(), from: z.string(), to: z.string() })).optional(),
     diffFromPreviousPlan: z.string().optional(),
   }),
   rollbackPlan: z.object({
-    steps: z.array(z.object({
-      description: z.string().min(1),
-      action: z.string().min(1),
-      target: z.string().min(1),
-      reversible: z.boolean(),
-      rollbackAction: z.string().optional(),
-    })),
+    scriptedPlan: ScriptedPlanSchema,
     reasoning: z.string().min(1),
   }),
 });

package/src/fleet/fleet-executor.ts

@@ -98,12 +98,12 @@ export class FleetExecutor {
 
       const client = this.createEnvoyClient(entry.url, entry.token);
       try {
-        const validation = await client.validatePlan(plan.steps);
+        const validation = await client.validatePlan(plan.scriptedPlan);
         results.push({
           envoyId,
           envoyName: entry.name,
           validated: validation.valid,
-          issues: validation.violations?.map((v) => v.reason),
+          issues: validation.violations,
         });
       } catch (err) {
         results.push({

package/src/graph/graph-executor.ts

@@ -246,7 +246,14 @@ export class GraphExecutor {
             operationId: node.deploymentId ?? node.id,
             plan: enrichedPlan,
             rollbackPlan: {
-              steps: [],
+              scriptedPlan: {
+                platform: "bash",
+                executionScript: "# No rollback plan provided",
+                dryRunScript: null,
+                rollbackScript: null,
+                reasoning: "No rollback plan provided",
+                stepSummary: [],
+              },
               reasoning: "No rollback plan provided",
             },
             artifactType: "graph-node",
@@ -419,7 +426,14 @@ export class GraphExecutor {
           operationId: node.deploymentId ?? nodeId,
           plan,
           rollbackPlan: {
-            steps: [],
+            scriptedPlan: {
+              platform: "bash",
+              executionScript: "# Rollback of rollback not supported",
+              dryRunScript: null,
+              rollbackScript: null,
+              reasoning: "Rollback of rollback not supported",
+              stepSummary: [],
+            },
             reasoning: "Rollback of rollback not supported",
           },
           artifactType: "graph-node-rollback",

package/src/index.ts

@@ -296,13 +296,23 @@ if (process.env.SYNTH_SEED_DEMO !== 'false' && partitions.list().length === 0) {
     environmentId: prodEnv.id as Deployment["environmentId"], version: "2.3.0", status: "succeeded",
     variables: { ...acmePartition.variables, ...prodEnv.variables },
     plan: {
-      steps: [
-        { description: "Stop service", action: "systemctl stop web-app", target: "prd-web-01", reversible: true, rollbackAction: "systemctl start web-app", execPreview: "systemctl stop web-app" },
-        { description: "Backup current binaries", action: "cp -r /opt/web-app/ /opt/web-app.bak/", target: "prd-web-01", reversible: false, execPreview: "cp -r /opt/web-app/ /opt/web-app.bak/" },
-        { description: "Deploy new artifact", action: "tar -xzf web-app-2.3.0.tar.gz -C /opt/web-app/", target: "prd-web-01", reversible: true, rollbackAction: "cp -r /opt/web-app.bak/ /opt/web-app/", execPreview: "tar -xzf /opt/releases/web-app-2.3.0.tar.gz -C /opt/web-app/" },
-        { description: "Apply environment config (1 variable changed: API_ENDPOINT)", action: "envsubst < config.template > /opt/web-app/.env", target: "prd-web-01", reversible: true, rollbackAction: "cp /opt/web-app.bak/.env /opt/web-app/.env", execPreview: "envsubst < /opt/web-app/config.template > /opt/web-app/.env" },
-        { description: "Start service and verify health endpoint → 200 OK", action: "systemctl start web-app && curl -f http://localhost:8080/health", target: "prd-web-01", reversible: true, rollbackAction: "systemctl stop web-app", execPreview: "systemctl start web-app" },
-      ],
+      scriptedPlan: {
+        platform: "bash",
+        executionScript: "#!/usr/bin/env bash\nset -euo pipefail\nsystemctl stop web-app\ncp -r /opt/web-app/ /opt/web-app.bak/\ntar -xzf /opt/releases/web-app-2.3.0.tar.gz -C /opt/web-app/\nenvsubst < /opt/web-app/config.template > /opt/web-app/.env\nsystemctl start web-app\ncurl -f --retry 3 --retry-delay 5 http://localhost:8080/health",
+        dryRunScript: null,
+        rollbackScript: "#!/usr/bin/env bash\nset -euo pipefail\nsystemctl stop web-app\ncp -r /opt/web-app.bak/ /opt/web-app/\ncp /opt/web-app.bak/.env /opt/web-app/.env\nsystemctl start web-app",
+        reasoning: "Standard 5-step deploy: stop, backup, extract, config, start. One config change: API_ENDPOINT updated to v2 endpoint validated in staging for 4h.",
+        stepSummary: [
+          { description: "Stop service", reversible: true },
+          { description: "Backup current binaries", reversible: false },
+          { description: "Deploy new artifact", reversible: true },
+          { description: "Apply environment config (1 variable changed: API_ENDPOINT)", reversible: true },
+          { description: "Start service and verify health endpoint → 200 OK", reversible: true },
+        ],
+        diffFromCurrent: [
+          { key: "API_ENDPOINT", from: "https://api.acme.corp/v1", to: "https://api.acme.corp/v2" },
+        ],
+      },
       reasoning: "Standard 5-step deploy: stop, backup, extract, config, start. One config change: API_ENDPOINT updated to v2 endpoint validated in staging for 4h.",
       diffFromCurrent: [
         { key: "API_ENDPOINT", from: "https://api.acme.corp/v1", to: "https://api.acme.corp/v2" },
@@ -367,12 +377,19 @@ if (process.env.SYNTH_SEED_DEMO !== 'false' && partitions.list().length === 0) {
     environmentId: stagingEnv.id as Deployment["environmentId"], version: "1.13.0-beta.2", status: "running",
     variables: { ...globexPartition.variables, ...stagingEnv.variables },
     plan: {
-      steps: [
-        { description: "Pull latest image from registry", action: "docker pull", target: "registry.internal/api:1.13.0-beta.2", reversible: true, rollbackAction: "docker pull registry.internal/api:1.12.0", execPreview: "docker pull registry.internal/api:1.13.0-beta.2" },
-        { description: "Stop running container", action: "docker stop", target: "api-staging", reversible: true, rollbackAction: "docker start api-staging", execPreview: "docker stop api-staging" },
-        { description: "Start new container with updated image", action: "docker run", target: "registry.internal/api:1.13.0-beta.2", reversible: true, rollbackAction: "docker stop api-staging && docker run ... api:1.12.0", execPreview: "docker run -d --name api-staging --env-file /opt/api/.env -p 8080:8080 registry.internal/api:1.13.0-beta.2" },
-        { description: "Verify health endpoint returns 200", action: "verify health", target: "http://localhost:8080/health", reversible: false, execPreview: "curl -f --retry 3 --retry-delay 5 http://localhost:8080/health" },
-      ],
+      scriptedPlan: {
+        platform: "bash",
+        executionScript: "#!/usr/bin/env bash\nset -euo pipefail\ndocker pull registry.internal/api:1.13.0-beta.2\ndocker stop api-staging\ndocker run -d --name api-staging --env-file /opt/api/.env -p 8080:8080 registry.internal/api:1.13.0-beta.2\ncurl -f --retry 3 --retry-delay 5 http://localhost:8080/health",
+        dryRunScript: null,
+        rollbackScript: "#!/usr/bin/env bash\nset -euo pipefail\ndocker stop api-staging\ndocker pull registry.internal/api:1.12.0\ndocker start api-staging",
+        reasoning: "Container swap: pull new image, stop old container, start new one, verify health. Staging environment — rollback is fast via image tag swap.",
+        stepSummary: [
+          { description: "Pull latest image from registry", reversible: true },
+          { description: "Stop running container", reversible: true },
+          { description: "Start new container with updated image", reversible: true },
+          { description: "Verify health endpoint returns 200", reversible: false },
+        ],
+      },
       reasoning: "Container swap: pull new image, stop old container, start new one, verify health. Staging environment — rollback is fast via image tag swap.",
     },
     debriefEntryIds: [],
@@ -383,14 +400,21 @@ if (process.env.SYNTH_SEED_DEMO !== 'false' && partitions.list().length === 0) {
     environmentId: prodEnv.id as Deployment["environmentId"], version: "3.1.0", status: "awaiting_approval",
     variables: { ...globexPartition.variables, ...prodEnv.variables },
     plan: {
-      steps: [
-        { description: "Drain queue — wait for in-flight jobs to complete", action: "run command", target: "worker-drain", reversible: false, execPreview: "npm run worker:drain --timeout=120" },
-        { description: "Stop worker processes on all nodes", action: "systemctl stop", target: "synth-worker", reversible: true, rollbackAction: "systemctl start synth-worker", execPreview: "systemctl stop synth-worker" },
-        { description: "Deploy new worker binary", action: "copy file", target: "/opt/worker/", reversible: true, rollbackAction: "restore /opt/worker/ from backup", execPreview: "cp -r /opt/releases/worker-3.1.0/* /opt/worker/" },
-        { description: "Update queue concurrency config (WORKER_CONCURRENCY: 4 → 8)", action: "write config", target: "/opt/worker/.env", reversible: true, rollbackAction: "restore previous .env", execPreview: "envsubst < /opt/worker/config.template > /opt/worker/.env" },
-        { description: "Start worker and verify queue depth drops", action: "systemctl start", target: "synth-worker", reversible: true, rollbackAction: "systemctl stop synth-worker", execPreview: "systemctl start synth-worker" },
-        { description: "Verify queue processing resumes within 30s", action: "verify health", target: "http://localhost:9090/metrics", reversible: false, execPreview: "curl -f --retry 6 --retry-delay 5 http://localhost:9090/metrics" },
-      ],
+      scriptedPlan: {
+        platform: "bash",
+        executionScript: "#!/usr/bin/env bash\nset -euo pipefail\nnpm run worker:drain --timeout=120\nsystemctl stop synth-worker\ncp -r /opt/releases/worker-3.1.0/* /opt/worker/\nenvsubst < /opt/worker/config.template > /opt/worker/.env\nsystemctl start synth-worker\ncurl -f --retry 6 --retry-delay 5 http://localhost:9090/metrics",
+        dryRunScript: null,
+        rollbackScript: "#!/usr/bin/env bash\nset -euo pipefail\nsystemctl stop synth-worker\ncp -r /opt/worker.bak/* /opt/worker/\ncp /opt/worker.bak/.env /opt/worker/.env\nsystemctl start synth-worker",
+        reasoning: "Worker upgrade with concurrency increase. Drain first to avoid job loss, then replace binary and config atomically. Queue depth check confirms processing resumed.",
+        stepSummary: [
+          { description: "Drain queue — wait for in-flight jobs to complete", reversible: false },
+          { description: "Stop worker processes on all nodes", reversible: true },
+          { description: "Deploy new worker binary", reversible: true },
+          { description: "Update queue concurrency config (WORKER_CONCURRENCY: 4 → 8)", reversible: true },
+          { description: "Start worker and verify queue depth drops", reversible: true },
+          { description: "Verify queue processing resumes within 30s", reversible: false },
+        ],
+      },
       reasoning: "Worker upgrade with concurrency increase. Drain first to avoid job loss, then replace binary and config atomically. Queue depth check confirms processing resumed.",
     },
     debriefEntryIds: [],

package/tests/composite-operations.test.ts

@@ -24,8 +24,8 @@ vi.mock("../src/agent/envoy-client.js", () => ({
   EnvoyClient: vi.fn().mockImplementation(function (this: any) {
     this.requestPlan = vi.fn().mockResolvedValue({
       blocked: false,
-      plan: { steps: [{ description: "Step 1", action: "run", target: "/app", reversible: false }], reasoning: "test plan" },
-      rollbackPlan: { steps: [], reasoning: "no rollback" },
+      plan: { scriptedPlan: { platform: "bash", executionScript: "echo test", dryRunScript: null, rollbackScript: null, reasoning: "test plan", stepSummary: [{ description: "Step 1", reversible: false }] }, reasoning: "test plan" },
+      rollbackPlan: { scriptedPlan: { platform: "bash", executionScript: "echo rollback", dryRunScript: null, rollbackScript: null, reasoning: "no rollback", stepSummary: [] }, reasoning: "no rollback" },
     });
     this.executeApprovedPlan = vi.fn().mockResolvedValue({});
     this.removeMonitoringDirective = vi.fn().mockResolvedValue({});
@@ -63,7 +63,7 @@ const MOCK_REGISTRY: EnvoyRegistry = {
 } as unknown as EnvoyRegistry;
 
 const MOCK_PLAN: OperationPlan = {
-  steps: [{ description: "Check services", action: "shell", target: "systemctl status", reversible: false }],
+  scriptedPlan: { platform: "bash", executionScript: "systemctl status", dryRunScript: null, rollbackScript: null, reasoning: "standard maintenance check", stepSummary: [{ description: "Check services", reversible: false }] },
   reasoning: "standard maintenance check",
 };
 
@@ -284,8 +284,8 @@ describe("Composite Operations — planning via envoy registry", () => {
       this.requestPlan = vi.fn().mockResolvedValue({
         blocked: true,
         blockReason: "insufficient permissions",
-        plan: { steps: [], reasoning: "" },
-        rollbackPlan: { steps: [], reasoning: "" },
+        plan: { scriptedPlan: { platform: "bash", executionScript: "", dryRunScript: null, rollbackScript: null, reasoning: "", stepSummary: [] }, reasoning: "" },
+        rollbackPlan: { scriptedPlan: { platform: "bash", executionScript: "", dryRunScript: null, rollbackScript: null, reasoning: "", stepSummary: [] }, reasoning: "" },
       });
     });
 
@@ -409,7 +409,7 @@ describe("Composite Operations — approval and execution", () => {
     // Child has a plan but no envoyId, and this ctx has no envoy registry
     seedChild(ctx.deployments, parent.id, {
       plan: MOCK_PLAN,
-      rollbackPlan: { steps: [], reasoning: "" },
+      rollbackPlan: { scriptedPlan: { platform: "bash", executionScript: "", dryRunScript: null, rollbackScript: null, reasoning: "", stepSummary: [] }, reasoning: "" },
     });
 
     await ctx.app.inject({