agentic-orchestrator 0.1.6 → 0.1.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.prettierignore +10 -0
- package/.prettierrc.json +24 -0
- package/CLAUDE.md +3 -2
- package/README.md +71 -48
- package/agentic/orchestrator/defaults/policy.defaults.yaml +1 -1
- package/agentic/orchestrator/prompts/planner.system.md +1 -0
- package/agentic/orchestrator/schemas/agents.schema.json +5 -22
- package/agentic/orchestrator/schemas/gates.schema.json +4 -19
- package/agentic/orchestrator/schemas/index.schema.json +3 -14
- package/agentic/orchestrator/schemas/multi-project.schema.json +2 -8
- package/agentic/orchestrator/schemas/plan.schema.json +6 -26
- package/agentic/orchestrator/schemas/policy.schema.json +19 -81
- package/agentic/orchestrator/schemas/policy.user.schema.json +1 -5
- package/agentic/orchestrator/schemas/qa_test_index.schema.json +5 -29
- package/agentic/orchestrator/schemas/state.schema.json +11 -61
- package/agentic/orchestrator/tools/catalog.json +33 -164
- package/agentic/orchestrator/tools/schemas/input/evidence.latest.input.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/input/feature.delete.input.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/input/feature.get_context.input.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/input/feature.init.input.schema.json +1 -4
- package/agentic/orchestrator/tools/schemas/input/feature.log_append.input.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/input/feature.ready_to_merge.input.schema.json +1 -6
- package/agentic/orchestrator/tools/schemas/input/feature.state_get.input.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/input/feature.state_patch.input.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/input/gates.run.input.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/input/locks.acquire.input.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/input/locks.release.input.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/input/performance.record_outcome.input.schema.json +10 -1
- package/agentic/orchestrator/tools/schemas/input/plan.get.input.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/input/plan.submit.input.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/input/plan.update.input.schema.json +1 -6
- package/agentic/orchestrator/tools/schemas/input/qa.test_index_get.input.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/input/qa.test_index_update.input.schema.json +1 -6
- package/agentic/orchestrator/tools/schemas/input/repo.apply_patch.input.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/input/repo.diff.input.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/input/repo.diff_bundle.input.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/input/repo.ensure_worktree.input.schema.json +1 -4
- package/agentic/orchestrator/tools/schemas/input/repo.read_file.input.schema.json +1 -4
- package/agentic/orchestrator/tools/schemas/input/repo.search.input.schema.json +1 -4
- package/agentic/orchestrator/tools/schemas/input/repo.status.input.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/input/report.feature_summary.input.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/output/collisions.scan.output.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/output/evidence.latest.output.schema.json +1 -4
- package/agentic/orchestrator/tools/schemas/output/feature.delete.output.schema.json +4 -20
- package/agentic/orchestrator/tools/schemas/output/feature.discover_specs.output.schema.json +2 -7
- package/agentic/orchestrator/tools/schemas/output/feature.get_context.output.schema.json +1 -8
- package/agentic/orchestrator/tools/schemas/output/feature.init.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/feature.log_append.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/feature.ready_to_merge.output.schema.json +1 -6
- package/agentic/orchestrator/tools/schemas/output/feature.state_get.output.schema.json +1 -4
- package/agentic/orchestrator/tools/schemas/output/feature.state_patch.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/gates.list.output.schema.json +2 -7
- package/agentic/orchestrator/tools/schemas/output/gates.run.output.schema.json +1 -8
- package/agentic/orchestrator/tools/schemas/output/locks.acquire.output.schema.json +1 -7
- package/agentic/orchestrator/tools/schemas/output/locks.release.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/performance.get_analytics.output.schema.json +22 -2
- package/agentic/orchestrator/tools/schemas/output/plan.get.output.schema.json +1 -4
- package/agentic/orchestrator/tools/schemas/output/plan.submit.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/plan.update.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/qa.test_index_get.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/qa.test_index_update.output.schema.json +1 -4
- package/agentic/orchestrator/tools/schemas/output/repo.apply_patch.output.schema.json +1 -6
- package/agentic/orchestrator/tools/schemas/output/repo.diff.output.schema.json +1 -4
- package/agentic/orchestrator/tools/schemas/output/repo.diff_bundle.output.schema.json +1 -7
- package/agentic/orchestrator/tools/schemas/output/repo.ensure_worktree.output.schema.json +1 -6
- package/agentic/orchestrator/tools/schemas/output/repo.read_file.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/repo.search.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/repo.status.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/report.dashboard.output.schema.json +1 -4
- package/apps/control-plane/scripts/validate-architecture-rules.mjs +16 -5
- package/apps/control-plane/scripts/validate-docker-mcp-contract.mjs +30 -8
- package/apps/control-plane/scripts/validate-mcp-contracts.ts +13 -7
- package/apps/control-plane/src/application/adapters/adapter-registry.ts +35 -15
- package/apps/control-plane/src/application/multi-project-loader.ts +27 -10
- package/apps/control-plane/src/application/services/activity-monitor-service.ts +26 -14
- package/apps/control-plane/src/application/services/collision-queue-service.ts +31 -17
- package/apps/control-plane/src/application/services/cost-tracking-service.ts +23 -16
- package/apps/control-plane/src/application/services/dependency-scheduler-service.ts +12 -4
- package/apps/control-plane/src/application/services/feature-deletion-service.ts +94 -58
- package/apps/control-plane/src/application/services/feature-lifecycle-service.ts +19 -13
- package/apps/control-plane/src/application/services/feature-state-service.ts +29 -19
- package/apps/control-plane/src/application/services/gate-interpolation-service.ts +7 -2
- package/apps/control-plane/src/application/services/gate-service.ts +64 -41
- package/apps/control-plane/src/application/services/instance-isolation-service.ts +1 -1
- package/apps/control-plane/src/application/services/issue-tracker-service.ts +49 -38
- package/apps/control-plane/src/application/services/lock-service.ts +75 -49
- package/apps/control-plane/src/application/services/merge-service.ts +91 -50
- package/apps/control-plane/src/application/services/notifier-service.ts +42 -20
- package/apps/control-plane/src/application/services/patch-service.ts +73 -44
- package/apps/control-plane/src/application/services/performance-analytics-service.ts +8 -6
- package/apps/control-plane/src/application/services/plan-service.ts +148 -89
- package/apps/control-plane/src/application/services/policy-loader-service.ts +10 -4
- package/apps/control-plane/src/application/services/pr-monitor-service.ts +33 -14
- package/apps/control-plane/src/application/services/qa-index-service.ts +20 -16
- package/apps/control-plane/src/application/services/reactions-service.ts +30 -15
- package/apps/control-plane/src/application/services/reporting-service.ts +16 -12
- package/apps/control-plane/src/application/services/run-lease-service.ts +138 -81
- package/apps/control-plane/src/application/tools/tool-metadata.ts +5 -5
- package/apps/control-plane/src/application/tools/tool-router.ts +6 -3
- package/apps/control-plane/src/cli/aop.ts +2 -2
- package/apps/control-plane/src/cli/attach-command-handler.ts +9 -9
- package/apps/control-plane/src/cli/cleanup-command-handler.ts +16 -11
- package/apps/control-plane/src/cli/cli-argument-parser.ts +6 -3
- package/apps/control-plane/src/cli/dashboard-command-handler.ts +28 -8
- package/apps/control-plane/src/cli/delete-command-handler.ts +7 -7
- package/apps/control-plane/src/cli/env-file.ts +115 -0
- package/apps/control-plane/src/cli/help-command-handler.ts +61 -32
- package/apps/control-plane/src/cli/init-command-handler.ts +182 -56
- package/apps/control-plane/src/cli/io.ts +7 -3
- package/apps/control-plane/src/cli/resume-command-handler.ts +21 -13
- package/apps/control-plane/src/cli/retry-command-handler.ts +12 -11
- package/apps/control-plane/src/cli/run-command-handler.ts +12 -8
- package/apps/control-plane/src/cli/send-command-handler.ts +6 -6
- package/apps/control-plane/src/cli/spec-ingestion-service.ts +14 -8
- package/apps/control-plane/src/cli/spec-input-resolver.ts +6 -1
- package/apps/control-plane/src/cli/spec-utils.ts +2 -2
- package/apps/control-plane/src/cli/status-command-handler.ts +13 -12
- package/apps/control-plane/src/cli/tooling.ts +3 -3
- package/apps/control-plane/src/cli/types.ts +1 -1
- package/apps/control-plane/src/core/collisions.ts +27 -10
- package/apps/control-plane/src/core/constants.ts +13 -7
- package/apps/control-plane/src/core/error-codes.ts +1 -1
- package/apps/control-plane/src/core/fs.ts +11 -5
- package/apps/control-plane/src/core/gates.ts +53 -27
- package/apps/control-plane/src/core/git.ts +18 -6
- package/apps/control-plane/src/core/kernel.ts +513 -227
- package/apps/control-plane/src/core/patch.ts +7 -3
- package/apps/control-plane/src/core/path-layout.ts +5 -1
- package/apps/control-plane/src/core/path-rules.ts +19 -5
- package/apps/control-plane/src/core/qa-index.ts +26 -12
- package/apps/control-plane/src/core/response.ts +9 -6
- package/apps/control-plane/src/core/schemas.ts +29 -10
- package/apps/control-plane/src/core/tool-caller.ts +1 -1
- package/apps/control-plane/src/core/workspace-hooks.ts +5 -5
- package/apps/control-plane/src/index.ts +3 -9
- package/apps/control-plane/src/interfaces/cli/bootstrap.ts +79 -35
- package/apps/control-plane/src/mcp/kernel-tool-executor.ts +7 -3
- package/apps/control-plane/src/mcp/mcp-server-adapter.ts +12 -10
- package/apps/control-plane/src/mcp/operation-ledger.ts +18 -8
- package/apps/control-plane/src/mcp/protocol-contract.ts +2 -2
- package/apps/control-plane/src/mcp/runtime-factory.ts +15 -6
- package/apps/control-plane/src/mcp/token-auth-verifier.ts +3 -2
- package/apps/control-plane/src/mcp/token-claims-validator.ts +11 -7
- package/apps/control-plane/src/mcp/tool-authorizer.ts +1 -3
- package/apps/control-plane/src/mcp/tool-client.ts +17 -5
- package/apps/control-plane/src/mcp/tool-contract-validator.ts +17 -8
- package/apps/control-plane/src/mcp/tool-registry-loader.ts +7 -3
- package/apps/control-plane/src/mcp/tool-runtime.ts +66 -39
- package/apps/control-plane/src/mcp/tools-markdown-generator.ts +6 -1
- package/apps/control-plane/src/providers/providers.ts +137 -54
- package/apps/control-plane/src/supervisor/build-wave-executor.ts +44 -25
- package/apps/control-plane/src/supervisor/planning-wave-executor.ts +46 -33
- package/apps/control-plane/src/supervisor/prompt-bundle-loader.ts +1 -1
- package/apps/control-plane/src/supervisor/qa-wave-executor.ts +38 -23
- package/apps/control-plane/src/supervisor/run-coordinator.ts +71 -36
- package/apps/control-plane/src/supervisor/runtime.ts +59 -35
- package/apps/control-plane/src/supervisor/session-orchestrator.ts +48 -31
- package/apps/control-plane/src/supervisor/types.ts +22 -7
- package/apps/control-plane/src/supervisor/worker-decision-loop.ts +30 -20
- package/apps/control-plane/test/activity-monitor.spec.ts +54 -30
- package/apps/control-plane/test/adapter-registry.spec.ts +5 -5
- package/apps/control-plane/test/aop.spec.ts +4 -4
- package/apps/control-plane/test/batch-operations.spec.ts +20 -18
- package/apps/control-plane/test/bootstrap-attach.spec.ts +52 -19
- package/apps/control-plane/test/bootstrap-edge-cases.spec.ts +58 -27
- package/apps/control-plane/test/bootstrap.spec.ts +72 -40
- package/apps/control-plane/test/cleanup-command.spec.ts +86 -32
- package/apps/control-plane/test/cli-helpers.spec.ts +119 -66
- package/apps/control-plane/test/cli.spec.ts +1 -1
- package/apps/control-plane/test/cli.unit.spec.ts +226 -167
- package/apps/control-plane/test/collision-queue.spec.ts +49 -40
- package/apps/control-plane/test/collisions.spec.ts +30 -30
- package/apps/control-plane/test/core-utils.spec.ts +29 -15
- package/apps/control-plane/test/cost-tracking.spec.ts +38 -22
- package/apps/control-plane/test/dashboard-api.integration.spec.ts +68 -36
- package/apps/control-plane/test/dashboard-client.spec.ts +18 -12
- package/apps/control-plane/test/dashboard-command.spec.ts +11 -7
- package/apps/control-plane/test/delete-command-handler.spec.ts +49 -41
- package/apps/control-plane/test/dependency-scheduler.spec.ts +47 -20
- package/apps/control-plane/test/epoch-tracking.spec.ts +9 -9
- package/apps/control-plane/test/feature-deletion-service.spec.ts +60 -52
- package/apps/control-plane/test/feature-lifecycle.spec.ts +36 -17
- package/apps/control-plane/test/gates.spec.ts +101 -81
- package/apps/control-plane/test/git-spawn-error.spec.ts +1 -1
- package/apps/control-plane/test/helpers.ts +10 -6
- package/apps/control-plane/test/incremental-gates.spec.ts +59 -20
- package/apps/control-plane/test/init-wizard.spec.ts +328 -68
- package/apps/control-plane/test/instance-isolation.spec.ts +43 -10
- package/apps/control-plane/test/issue-tracker.spec.ts +368 -128
- package/apps/control-plane/test/kernel-collision-replay.spec.ts +50 -29
- package/apps/control-plane/test/kernel.branches.spec.ts +64 -40
- package/apps/control-plane/test/kernel.coverage.spec.ts +85 -49
- package/apps/control-plane/test/kernel.coverage2.spec.ts +109 -65
- package/apps/control-plane/test/kernel.spec.ts +134 -51
- package/apps/control-plane/test/lock-service.spec.ts +92 -68
- package/apps/control-plane/test/mcp-helpers.spec.ts +53 -39
- package/apps/control-plane/test/mcp.spec.ts +231 -115
- package/apps/control-plane/test/merge-service.spec.ts +142 -94
- package/apps/control-plane/test/multi-project.spec.ts +28 -22
- package/apps/control-plane/test/notifier-service.spec.ts +136 -92
- package/apps/control-plane/test/parallel-gates.spec.ts +51 -35
- package/apps/control-plane/test/patch-service.spec.ts +128 -48
- package/apps/control-plane/test/performance-analytics.spec.ts +99 -63
- package/apps/control-plane/test/plan-service.spec.ts +50 -39
- package/apps/control-plane/test/planning-wave-executor.spec.ts +95 -71
- package/apps/control-plane/test/policy-loader-service.spec.ts +41 -19
- package/apps/control-plane/test/pr-monitor.spec.ts +113 -64
- package/apps/control-plane/test/providers.spec.ts +208 -104
- package/apps/control-plane/test/qa-index-service.spec.ts +31 -33
- package/apps/control-plane/test/qa-index.spec.ts +58 -61
- package/apps/control-plane/test/reactions.spec.ts +88 -45
- package/apps/control-plane/test/response.spec.ts +5 -5
- package/apps/control-plane/test/resume-command.spec.ts +121 -80
- package/apps/control-plane/test/run-coordinator.spec.ts +205 -136
- package/apps/control-plane/test/schema-date-time.spec.ts +49 -41
- package/apps/control-plane/test/service-retry-paths.spec.ts +77 -57
- package/apps/control-plane/test/services.spec.ts +147 -129
- package/apps/control-plane/test/session-management.spec.ts +136 -74
- package/apps/control-plane/test/spec-ingestion.spec.ts +23 -21
- package/apps/control-plane/test/spec-input-resolver.spec.ts +11 -10
- package/apps/control-plane/test/supervisor-collaborators.spec.ts +168 -121
- package/apps/control-plane/test/supervisor.calltool.spec.ts +21 -18
- package/apps/control-plane/test/supervisor.spec.ts +67 -43
- package/apps/control-plane/test/supervisor.unit.spec.ts +195 -126
- package/apps/control-plane/test/token-auth-verifier.spec.ts +29 -14
- package/apps/control-plane/test/tool-registry-loader.spec.ts +51 -27
- package/apps/control-plane/test/tool-runtime.spec.ts +63 -46
- package/apps/control-plane/test/worker-decision-loop.spec.ts +143 -122
- package/apps/control-plane/test/workspace-hooks.spec.ts +61 -23
- package/apps/control-plane/tsconfig.build.json +2 -7
- package/apps/control-plane/tsconfig.json +1 -5
- package/apps/control-plane/vitest.config.ts +7 -7
- package/config/agentic/orchestrator/adapters.yaml +3 -0
- package/config/agentic/orchestrator/agents.yaml +14 -0
- package/config/agentic/orchestrator/gates.yaml +28 -0
- package/config/agentic/orchestrator/policy.yaml +22 -0
- package/config/agentic/orchestrator/prompts/builder.system.md +1 -0
- package/config/agentic/orchestrator/prompts/planner.system.md +16 -0
- package/config/agentic/orchestrator/prompts/qa.system.md +1 -0
- package/dist/apps/control-plane/application/adapters/adapter-registry.js +12 -5
- package/dist/apps/control-plane/application/adapters/adapter-registry.js.map +1 -1
- package/dist/apps/control-plane/application/multi-project-loader.js +26 -9
- package/dist/apps/control-plane/application/multi-project-loader.js.map +1 -1
- package/dist/apps/control-plane/application/services/activity-monitor-service.js +7 -7
- package/dist/apps/control-plane/application/services/activity-monitor-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/collision-queue-service.js +7 -7
- package/dist/apps/control-plane/application/services/collision-queue-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/cost-tracking-service.js +6 -8
- package/dist/apps/control-plane/application/services/cost-tracking-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/dependency-scheduler-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/feature-deletion-service.js +37 -29
- package/dist/apps/control-plane/application/services/feature-deletion-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/feature-lifecycle-service.js +10 -10
- package/dist/apps/control-plane/application/services/feature-lifecycle-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/feature-state-service.js +11 -11
- package/dist/apps/control-plane/application/services/feature-state-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/gate-interpolation-service.js +3 -1
- package/dist/apps/control-plane/application/services/gate-interpolation-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/gate-service.js +26 -26
- package/dist/apps/control-plane/application/services/gate-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/instance-isolation-service.js +1 -1
- package/dist/apps/control-plane/application/services/instance-isolation-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/issue-tracker-service.js +25 -15
- package/dist/apps/control-plane/application/services/issue-tracker-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/lock-service.js +32 -32
- package/dist/apps/control-plane/application/services/lock-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/merge-service.js +41 -27
- package/dist/apps/control-plane/application/services/merge-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/notifier-service.js +29 -15
- package/dist/apps/control-plane/application/services/notifier-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/patch-service.js +21 -19
- package/dist/apps/control-plane/application/services/patch-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/performance-analytics-service.js +4 -4
- package/dist/apps/control-plane/application/services/performance-analytics-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/plan-service.js +33 -33
- package/dist/apps/control-plane/application/services/plan-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/policy-loader-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/pr-monitor-service.js +23 -11
- package/dist/apps/control-plane/application/services/pr-monitor-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/qa-index-service.js +11 -11
- package/dist/apps/control-plane/application/services/qa-index-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/reactions-service.js +13 -9
- package/dist/apps/control-plane/application/services/reactions-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/reporting-service.js +11 -9
- package/dist/apps/control-plane/application/services/reporting-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/run-lease-service.js +34 -33
- package/dist/apps/control-plane/application/services/run-lease-service.js.map +1 -1
- package/dist/apps/control-plane/application/tools/tool-metadata.js +2 -2
- package/dist/apps/control-plane/application/tools/tool-router.js.map +1 -1
- package/dist/apps/control-plane/cli/attach-command-handler.js +9 -9
- package/dist/apps/control-plane/cli/cleanup-command-handler.js +11 -9
- package/dist/apps/control-plane/cli/cleanup-command-handler.js.map +1 -1
- package/dist/apps/control-plane/cli/cli-argument-parser.js +4 -3
- package/dist/apps/control-plane/cli/cli-argument-parser.js.map +1 -1
- package/dist/apps/control-plane/cli/dashboard-command-handler.js +23 -7
- package/dist/apps/control-plane/cli/dashboard-command-handler.js.map +1 -1
- package/dist/apps/control-plane/cli/delete-command-handler.js +7 -7
- package/dist/apps/control-plane/cli/env-file.d.ts +4 -0
- package/dist/apps/control-plane/cli/env-file.js +89 -0
- package/dist/apps/control-plane/cli/env-file.js.map +1 -0
- package/dist/apps/control-plane/cli/help-command-handler.js +58 -30
- package/dist/apps/control-plane/cli/help-command-handler.js.map +1 -1
- package/dist/apps/control-plane/cli/init-command-handler.js +97 -37
- package/dist/apps/control-plane/cli/init-command-handler.js.map +1 -1
- package/dist/apps/control-plane/cli/io.js +2 -2
- package/dist/apps/control-plane/cli/io.js.map +1 -1
- package/dist/apps/control-plane/cli/resume-command-handler.js +9 -9
- package/dist/apps/control-plane/cli/resume-command-handler.js.map +1 -1
- package/dist/apps/control-plane/cli/retry-command-handler.js +12 -11
- package/dist/apps/control-plane/cli/retry-command-handler.js.map +1 -1
- package/dist/apps/control-plane/cli/run-command-handler.js +12 -8
- package/dist/apps/control-plane/cli/run-command-handler.js.map +1 -1
- package/dist/apps/control-plane/cli/send-command-handler.js +6 -6
- package/dist/apps/control-plane/cli/spec-ingestion-service.js +10 -8
- package/dist/apps/control-plane/cli/spec-ingestion-service.js.map +1 -1
- package/dist/apps/control-plane/cli/spec-input-resolver.js.map +1 -1
- package/dist/apps/control-plane/cli/spec-utils.js.map +1 -1
- package/dist/apps/control-plane/cli/status-command-handler.js +8 -8
- package/dist/apps/control-plane/cli/status-command-handler.js.map +1 -1
- package/dist/apps/control-plane/cli/tooling.js +1 -1
- package/dist/apps/control-plane/core/collisions.js +11 -8
- package/dist/apps/control-plane/core/collisions.js.map +1 -1
- package/dist/apps/control-plane/core/constants.js +13 -7
- package/dist/apps/control-plane/core/constants.js.map +1 -1
- package/dist/apps/control-plane/core/error-codes.js +1 -1
- package/dist/apps/control-plane/core/fs.js.map +1 -1
- package/dist/apps/control-plane/core/gates.d.ts +2 -2
- package/dist/apps/control-plane/core/gates.js +26 -19
- package/dist/apps/control-plane/core/gates.js.map +1 -1
- package/dist/apps/control-plane/core/git.js +3 -3
- package/dist/apps/control-plane/core/git.js.map +1 -1
- package/dist/apps/control-plane/core/kernel.d.ts +1 -0
- package/dist/apps/control-plane/core/kernel.js +134 -81
- package/dist/apps/control-plane/core/kernel.js.map +1 -1
- package/dist/apps/control-plane/core/patch.js +7 -3
- package/dist/apps/control-plane/core/patch.js.map +1 -1
- package/dist/apps/control-plane/core/path-layout.d.ts +1 -0
- package/dist/apps/control-plane/core/path-layout.js +4 -1
- package/dist/apps/control-plane/core/path-layout.js.map +1 -1
- package/dist/apps/control-plane/core/path-rules.js +3 -1
- package/dist/apps/control-plane/core/path-rules.js.map +1 -1
- package/dist/apps/control-plane/core/qa-index.js +5 -5
- package/dist/apps/control-plane/core/qa-index.js.map +1 -1
- package/dist/apps/control-plane/core/response.js +3 -3
- package/dist/apps/control-plane/core/response.js.map +1 -1
- package/dist/apps/control-plane/core/schemas.js +10 -6
- package/dist/apps/control-plane/core/schemas.js.map +1 -1
- package/dist/apps/control-plane/core/workspace-hooks.js +3 -3
- package/dist/apps/control-plane/index.d.ts +1 -1
- package/dist/apps/control-plane/index.js +1 -1
- package/dist/apps/control-plane/index.js.map +1 -1
- package/dist/apps/control-plane/interfaces/cli/bootstrap.js +40 -23
- package/dist/apps/control-plane/interfaces/cli/bootstrap.js.map +1 -1
- package/dist/apps/control-plane/mcp/kernel-tool-executor.js +1 -1
- package/dist/apps/control-plane/mcp/kernel-tool-executor.js.map +1 -1
- package/dist/apps/control-plane/mcp/mcp-server-adapter.js +6 -7
- package/dist/apps/control-plane/mcp/mcp-server-adapter.js.map +1 -1
- package/dist/apps/control-plane/mcp/operation-ledger.js +5 -5
- package/dist/apps/control-plane/mcp/operation-ledger.js.map +1 -1
- package/dist/apps/control-plane/mcp/protocol-contract.js +2 -2
- package/dist/apps/control-plane/mcp/runtime-factory.js +2 -2
- package/dist/apps/control-plane/mcp/runtime-factory.js.map +1 -1
- package/dist/apps/control-plane/mcp/token-auth-verifier.js +1 -1
- package/dist/apps/control-plane/mcp/token-auth-verifier.js.map +1 -1
- package/dist/apps/control-plane/mcp/token-claims-validator.js +5 -5
- package/dist/apps/control-plane/mcp/token-claims-validator.js.map +1 -1
- package/dist/apps/control-plane/mcp/tool-authorizer.js +1 -3
- package/dist/apps/control-plane/mcp/tool-authorizer.js.map +1 -1
- package/dist/apps/control-plane/mcp/tool-client.js +2 -2
- package/dist/apps/control-plane/mcp/tool-client.js.map +1 -1
- package/dist/apps/control-plane/mcp/tool-contract-validator.js +3 -3
- package/dist/apps/control-plane/mcp/tool-contract-validator.js.map +1 -1
- package/dist/apps/control-plane/mcp/tool-registry-loader.js +1 -1
- package/dist/apps/control-plane/mcp/tool-registry-loader.js.map +1 -1
- package/dist/apps/control-plane/mcp/tool-runtime.js +17 -17
- package/dist/apps/control-plane/mcp/tool-runtime.js.map +1 -1
- package/dist/apps/control-plane/mcp/tools-markdown-generator.js +6 -1
- package/dist/apps/control-plane/mcp/tools-markdown-generator.js.map +1 -1
- package/dist/apps/control-plane/providers/providers.d.ts +3 -2
- package/dist/apps/control-plane/providers/providers.js +81 -39
- package/dist/apps/control-plane/providers/providers.js.map +1 -1
- package/dist/apps/control-plane/supervisor/build-wave-executor.js +12 -12
- package/dist/apps/control-plane/supervisor/build-wave-executor.js.map +1 -1
- package/dist/apps/control-plane/supervisor/planning-wave-executor.js +19 -16
- package/dist/apps/control-plane/supervisor/planning-wave-executor.js.map +1 -1
- package/dist/apps/control-plane/supervisor/prompt-bundle-loader.js +1 -1
- package/dist/apps/control-plane/supervisor/qa-wave-executor.js +13 -13
- package/dist/apps/control-plane/supervisor/qa-wave-executor.js.map +1 -1
- package/dist/apps/control-plane/supervisor/run-coordinator.js +37 -20
- package/dist/apps/control-plane/supervisor/run-coordinator.js.map +1 -1
- package/dist/apps/control-plane/supervisor/runtime.js +25 -21
- package/dist/apps/control-plane/supervisor/runtime.js.map +1 -1
- package/dist/apps/control-plane/supervisor/session-orchestrator.js +29 -23
- package/dist/apps/control-plane/supervisor/session-orchestrator.js.map +1 -1
- package/dist/apps/control-plane/supervisor/types.d.ts +3 -3
- package/dist/apps/control-plane/supervisor/types.js.map +1 -1
- package/dist/apps/control-plane/supervisor/worker-decision-loop.js +14 -16
- package/dist/apps/control-plane/supervisor/worker-decision-loop.js.map +1 -1
- package/eslint.config.mjs +20 -20
- package/example-configurations/README.md +1 -1
- package/example-configurations/java/agents.yaml +3 -3
- package/example-configurations/java/policy.yaml +1 -1
- package/example-configurations/node/agents.yaml +3 -3
- package/example-configurations/node/policy.yaml +1 -1
- package/package.json +10 -5
- package/packages/web-dashboard/next.config.js +2 -2
- package/packages/web-dashboard/src/app/api/actions/route.ts +25 -9
- package/packages/web-dashboard/src/app/api/events/route.ts +20 -6
- package/packages/web-dashboard/src/app/api/features/[id]/checkout/route.ts +88 -37
- package/packages/web-dashboard/src/app/api/features/[id]/evidence/[artifact]/route.ts +8 -5
- package/packages/web-dashboard/src/app/api/features/[id]/review/route.ts +27 -9
- package/packages/web-dashboard/src/app/api/features/[id]/route.ts +5 -2
- package/packages/web-dashboard/src/app/api/projects/route.ts +5 -5
- package/packages/web-dashboard/src/app/globals.css +10 -2
- package/packages/web-dashboard/src/app/page.tsx +100 -37
- package/packages/web-dashboard/src/lib/aop-client.ts +68 -37
- package/packages/web-dashboard/src/lib/multi-project-config.ts +28 -7
- package/packages/web-dashboard/src/lib/orchestrator-tools.ts +59 -36
- package/packages/web-dashboard/tsconfig.json +3 -11
- package/scripts/nx-safe.mjs +10 -10
- package/spec-files/completed/agentic_orchestrator_cli_delete_command_spec.md +5 -0
- package/spec-files/completed/agentic_orchestrator_feature_gaps_closure_spec.md +189 -90
- package/spec-files/completed/agentic_orchestrator_init_policy_ux_simplification_spec.md +49 -16
- package/spec-files/completed/agentic_orchestrator_mcp_formalization_spec.md +24 -1
- package/spec-files/completed/agentic_orchestrator_single_global_orchestrator_spec.md +9 -0
- package/spec-files/completed/agentic_orchestrator_spec.md +171 -75
- package/spec-files/completed/agentic_orchestrator_validator_hardening_spec.md +25 -17
- package/spec-files/outstanding/agentic_orchestrator_artifact_database_publishing_spec.md +40 -5
- package/spec-files/outstanding/agentic_orchestrator_enterprise_governance_dashboard_spec.md +23 -12
- package/spec-files/outstanding/agentic_orchestrator_knowledge_canary_spec.md +16 -4
- package/spec-files/outstanding/agentic_orchestrator_observability_integrity_diagnostics_spec.md +42 -2
- package/spec-files/outstanding/agentic_orchestrator_performance_improvements_spec.md +209 -130
- package/spec-files/outstanding/agentic_orchestrator_planning_review_quality_spec.md +56 -3
- package/spec-files/outstanding/agentic_orchestrator_productization_commercial_spec.md +77 -10
- package/spec-files/outstanding/agentic_orchestrator_provider_auth_bootstrap_spec.md +384 -0
- package/spec-files/outstanding/agentic_orchestrator_quality_adoption_execution_spec.md +29 -14
- package/spec-files/progress.md +186 -175
- package/tsconfig.json +2 -8
|
@@ -14,6 +14,7 @@
|
|
|
14
14
|
### 0.1 Required Standards
|
|
15
15
|
|
|
16
16
|
All implementation MUST preserve:
|
|
17
|
+
|
|
17
18
|
- deterministic kernel behavior and normalized error envelopes
|
|
18
19
|
- local execution viability when cloud/commercial services are unavailable
|
|
19
20
|
- MCP/in-process transport parity for tool contracts
|
|
@@ -23,6 +24,7 @@ All implementation MUST preserve:
|
|
|
23
24
|
### 0.2 Required Upstream Inputs
|
|
24
25
|
|
|
25
26
|
Implementing agents MUST read:
|
|
27
|
+
|
|
26
28
|
- `README.md`
|
|
27
29
|
- `spec-files/outstanding/agentic_orchestrator_quality_adoption_execution_spec.md`
|
|
28
30
|
- `spec-files/outstanding/agentic_orchestrator_enterprise_governance_dashboard_spec.md`
|
|
@@ -49,6 +51,7 @@ Implementing agents MUST read:
|
|
|
49
51
|
### 0.3 Feature Scope
|
|
50
52
|
|
|
51
53
|
This spec implements:
|
|
54
|
+
|
|
52
55
|
- **P1** Product packaging and entitlement model
|
|
53
56
|
- **P2** Workspace identity and cloud connectivity (`auth`, `whoami`, workspace binding)
|
|
54
57
|
- **P3** Entitlement enforcement and offline cache semantics
|
|
@@ -57,6 +60,7 @@ This spec implements:
|
|
|
57
60
|
- **P6** Team/enterprise dashboard capabilities and tenant-aware APIs
|
|
58
61
|
|
|
59
62
|
Out of scope:
|
|
63
|
+
|
|
60
64
|
- fully automated sales/CRM workflows
|
|
61
65
|
- payment processor selection lock-in (Stripe is default implementation target, not protocol requirement)
|
|
62
66
|
- replacing local `.aop/**` as source of truth
|
|
@@ -68,6 +72,7 @@ Out of scope:
|
|
|
68
72
|
### 1.1 Free vs Paid Value Boundary
|
|
69
73
|
|
|
70
74
|
Customers do not pay for basic local orchestration. They pay for organizational risk reduction and operational scale:
|
|
75
|
+
|
|
71
76
|
- durable audit history across runs/repos/teams
|
|
72
77
|
- enterprise identity, authorization, and compliance evidence
|
|
73
78
|
- usage analytics, cost controls, and executive reporting
|
|
@@ -75,15 +80,16 @@ Customers do not pay for basic local orchestration. They pay for organizational
|
|
|
75
80
|
|
|
76
81
|
### 1.2 Product Packaging (Normative)
|
|
77
82
|
|
|
78
|
-
| Tier
|
|
79
|
-
|
|
80
|
-
| Community (Free)
|
|
81
|
-
| Team (Paid)
|
|
83
|
+
| Tier | Primary Buyer | Included Capabilities | Technical Gate |
|
|
84
|
+
| ----------------- | ----------------- | ----------------------------------------------------------------------------------------- | ------------------------------------------------ |
|
|
85
|
+
| Community (Free) | Individual devs | Local deterministic orchestration, local dashboard, local `.aop` artifacts | `product.mode=community` |
|
|
86
|
+
| Team (Paid) | Eng managers | Multi-user workspace, hosted artifact retention, trend analytics, shared dashboard | `entitlements.features.team_workspace=true` |
|
|
82
87
|
| Enterprise (Paid) | Platform/security | SSO/SAML/OIDC, SCIM, compliance exports, policy packs, long retention, private deployment | `entitlements.features.enterprise_controls=true` |
|
|
83
88
|
|
|
84
89
|
### 1.3 Billable Dimensions
|
|
85
90
|
|
|
86
91
|
Billing MUST be derivable from deterministic metering events:
|
|
92
|
+
|
|
87
93
|
- `active_seats` (distinct active users per billing period)
|
|
88
94
|
- `orchestrated_runs` (count of completed run IDs)
|
|
89
95
|
- `artifact_storage_gb_month` (hosted storage footprint)
|
|
@@ -95,26 +101,32 @@ Billing MUST be derivable from deterministic metering events:
|
|
|
95
101
|
## 2. Architectural Critique of Current State
|
|
96
102
|
|
|
97
103
|
1. **No tenancy model**
|
|
104
|
+
|
|
98
105
|
- Current runtime is repository-local with no first-class `organization/workspace/project` contract.
|
|
99
106
|
- Result: no customer/account boundary for paid features.
|
|
100
107
|
|
|
101
108
|
2. **No entitlement boundary in tool execution path**
|
|
109
|
+
|
|
102
110
|
- `ToolRuntime.callTool()` enforces RBAC and schema, but not plan/tier entitlements.
|
|
103
111
|
- Result: no deterministic paid feature gate.
|
|
104
112
|
|
|
105
113
|
3. **No canonical usage-metering stream for billing**
|
|
114
|
+
|
|
106
115
|
- Cost tracking exists per feature, but there is no auditable, periodized commercial usage event model.
|
|
107
116
|
- Result: cannot invoice reliably.
|
|
108
117
|
|
|
109
118
|
4. **Dashboard is filesystem-local and single-tenant**
|
|
119
|
+
|
|
110
120
|
- Dashboard reads `.aop/**` directly via local API routes.
|
|
111
121
|
- Result: cannot support paid multi-user workspace analytics without a hosted backend.
|
|
112
122
|
|
|
113
123
|
5. **No customer auth lifecycle in CLI**
|
|
124
|
+
|
|
114
125
|
- CLI has no login/whoami/workspace binding flow.
|
|
115
126
|
- Result: no secure binding to subscription and entitlements.
|
|
116
127
|
|
|
117
128
|
6. **Artifact persistence exists but is not yet monetization-connected**
|
|
129
|
+
|
|
118
130
|
- Artifact publishing spec exists, but not tied to product plans, retention SKUs, or workspace-level access.
|
|
119
131
|
- Result: technical capability without commercial control plane.
|
|
120
132
|
|
|
@@ -127,18 +139,22 @@ Billing MUST be derivable from deterministic metering events:
|
|
|
127
139
|
Retain the current deterministic local control-plane as execution engine. Add an optional commercial control hub and sync plane.
|
|
128
140
|
|
|
129
141
|
1. **Local Execution Plane (existing, enhanced)**
|
|
142
|
+
|
|
130
143
|
- Runs orchestrator and writes canonical `.aop/**` artifacts.
|
|
131
144
|
- Emits usage events and optional cloud-sync batches.
|
|
132
145
|
|
|
133
146
|
2. **Commercial Control Hub (new)**
|
|
147
|
+
|
|
134
148
|
- Multi-tenant API for auth, workspaces, entitlements, usage ingest, artifact indexing, and billing summaries.
|
|
135
149
|
- Can be hosted SaaS or self-hosted enterprise deployment.
|
|
136
150
|
|
|
137
151
|
3. **Entitlement Cache Layer (new, local)**
|
|
152
|
+
|
|
138
153
|
- Local signed entitlement snapshot with TTL + grace behavior.
|
|
139
154
|
- Ensures paid features can be enforced deterministically even during temporary cloud outages.
|
|
140
155
|
|
|
141
156
|
4. **Billing/Metering Pipeline (new)**
|
|
157
|
+
|
|
142
158
|
- Usage event ingestion -> aggregation -> invoice line item derivation.
|
|
143
159
|
|
|
144
160
|
### 3.2 Non-Negotiable Boundary Rules
|
|
@@ -161,20 +177,20 @@ innovation:
|
|
|
161
177
|
commercial_productization: false
|
|
162
178
|
|
|
163
179
|
product:
|
|
164
|
-
mode: community
|
|
180
|
+
mode: community # community | team | enterprise
|
|
165
181
|
cloud:
|
|
166
182
|
enabled: false
|
|
167
|
-
endpoint:
|
|
168
|
-
workspace_id:
|
|
183
|
+
endpoint: ''
|
|
184
|
+
workspace_id: ''
|
|
169
185
|
api_token_env: AOP_CLOUD_API_TOKEN
|
|
170
|
-
sync_mode: best_effort
|
|
186
|
+
sync_mode: best_effort # best_effort | required
|
|
171
187
|
sync_triggers:
|
|
172
|
-
- post_run
|
|
188
|
+
- post_run # post_run | manual
|
|
173
189
|
entitlements:
|
|
174
190
|
enabled: false
|
|
175
191
|
cache_ttl_seconds: 900
|
|
176
192
|
grace_period_hours: 168
|
|
177
|
-
fail_mode: grace_then_block_paid
|
|
193
|
+
fail_mode: grace_then_block_paid # allow_cached | grace_then_block_paid
|
|
178
194
|
metering:
|
|
179
195
|
enabled: false
|
|
180
196
|
flush_interval_seconds: 60
|
|
@@ -184,6 +200,7 @@ product:
|
|
|
184
200
|
```
|
|
185
201
|
|
|
186
202
|
Normative behavior:
|
|
203
|
+
|
|
187
204
|
- all productization toggles default off
|
|
188
205
|
- `product.mode=community` implies no paid-only enforcement
|
|
189
206
|
- if `product.mode in {team, enterprise}`, `entitlements.enabled=true` is required
|
|
@@ -223,6 +240,7 @@ Contract:
|
|
|
223
240
|
```
|
|
224
241
|
|
|
225
242
|
Rules:
|
|
243
|
+
|
|
226
244
|
- snapshot must be signed by control hub key and verified locally
|
|
227
245
|
- expired snapshot inside grace can run with warning; outside grace paid features block
|
|
228
246
|
- missing snapshot in team/enterprise mode returns explicit entitlement error for paid operations
|
|
@@ -260,6 +278,7 @@ Event contract:
|
|
|
260
278
|
```
|
|
261
279
|
|
|
262
280
|
Rules:
|
|
281
|
+
|
|
263
282
|
- `event_id` must be deterministic (UUIDv7 allowed; stable dedupe key must also be emitted)
|
|
264
283
|
- flush must be idempotent with server-side dedupe key `(workspace_id,event_id)`
|
|
265
284
|
- local writes are append-only and never block core tool execution in best-effort mode
|
|
@@ -292,18 +311,23 @@ Checkpoint contract:
|
|
|
292
311
|
## 4.5 New Tool Surface
|
|
293
312
|
|
|
294
313
|
1. `entitlements.get` (read-only)
|
|
314
|
+
|
|
295
315
|
- returns active entitlement snapshot and effective capability matrix.
|
|
296
316
|
|
|
297
317
|
2. `usage.summary_get` (read-only)
|
|
318
|
+
|
|
298
319
|
- returns local and remote usage summary for current workspace/project.
|
|
299
320
|
|
|
300
321
|
3. `artifacts.sync_remote` (mutating)
|
|
322
|
+
|
|
301
323
|
- pushes run artifacts and usage events to control hub.
|
|
302
324
|
|
|
303
325
|
4. `billing.subscription_get` (read-only)
|
|
326
|
+
|
|
304
327
|
- returns plan, period usage, and overage status.
|
|
305
328
|
|
|
306
329
|
Required wiring for all tools:
|
|
330
|
+
|
|
307
331
|
- `apps/control-plane/src/core/constants.ts`
|
|
308
332
|
- `apps/control-plane/src/core/kernel.ts`
|
|
309
333
|
- `apps/control-plane/src/application/tools/tool-metadata.ts`
|
|
@@ -316,6 +340,7 @@ Required wiring for all tools:
|
|
|
316
340
|
## 4.6 CLI Surface Changes
|
|
317
341
|
|
|
318
342
|
Add commands:
|
|
343
|
+
|
|
319
344
|
- `aop auth login --endpoint <url> --workspace <id> [--token-env <ENV>]`
|
|
320
345
|
- `aop auth whoami`
|
|
321
346
|
- `aop auth logout`
|
|
@@ -324,6 +349,7 @@ Add commands:
|
|
|
324
349
|
- `aop billing [--json]`
|
|
325
350
|
|
|
326
351
|
Required CLI wiring:
|
|
352
|
+
|
|
327
353
|
- `apps/control-plane/src/cli/types.ts`
|
|
328
354
|
- `apps/control-plane/src/cli/cli-argument-parser.ts`
|
|
329
355
|
- `apps/control-plane/src/cli/help-command-handler.ts`
|
|
@@ -333,6 +359,7 @@ Required CLI wiring:
|
|
|
333
359
|
## 4.7 Error Code Additions
|
|
334
360
|
|
|
335
361
|
Add to `apps/control-plane/src/core/error-codes.ts`:
|
|
362
|
+
|
|
336
363
|
- `entitlement_required`
|
|
337
364
|
- `entitlement_cache_missing`
|
|
338
365
|
- `entitlement_signature_invalid`
|
|
@@ -350,9 +377,11 @@ Add to `apps/control-plane/src/core/error-codes.ts`:
|
|
|
350
377
|
## CP0: Contract Scaffolding and Feature Flags
|
|
351
378
|
|
|
352
379
|
### Goals
|
|
380
|
+
|
|
353
381
|
- add policy/schema/tool/CLI scaffolding with defaults off
|
|
354
382
|
|
|
355
383
|
### File Targets
|
|
384
|
+
|
|
356
385
|
- `agentic/orchestrator/defaults/policy.defaults.yaml`
|
|
357
386
|
- `agentic/orchestrator/schemas/policy.schema.json`
|
|
358
387
|
- `agentic/orchestrator/schemas/policy.user.schema.json`
|
|
@@ -363,10 +392,12 @@ Add to `apps/control-plane/src/core/error-codes.ts`:
|
|
|
363
392
|
- `agentic/orchestrator/tools.md`
|
|
364
393
|
|
|
365
394
|
### Mandatory Checks
|
|
395
|
+
|
|
366
396
|
- `npm run validate:mcp-contracts`
|
|
367
397
|
- `npm run validate:architecture`
|
|
368
398
|
|
|
369
399
|
Exit criteria:
|
|
400
|
+
|
|
370
401
|
- policy loads with new fields
|
|
371
402
|
- tool catalog/schemas/docs are consistent
|
|
372
403
|
|
|
@@ -379,6 +410,7 @@ Exit criteria:
|
|
|
379
410
|
Introduce a control-hub client and local credential binding.
|
|
380
411
|
|
|
381
412
|
### Implementation Targets
|
|
413
|
+
|
|
382
414
|
- `apps/control-plane/src/application/services/cloud-auth-service.ts` (new)
|
|
383
415
|
- `apps/control-plane/src/application/services/workspace-binding-service.ts` (new)
|
|
384
416
|
- `apps/control-plane/src/cli/auth-command-handler.ts` (new)
|
|
@@ -386,15 +418,18 @@ Introduce a control-hub client and local credential binding.
|
|
|
386
418
|
- `.aop/runtime/cloud-auth/session.json` contract helper in `path-layout.ts`
|
|
387
419
|
|
|
388
420
|
### Rules
|
|
421
|
+
|
|
389
422
|
- credentials never stored in plaintext if token env indirection exists
|
|
390
423
|
- `whoami` reads from validated local session + optional remote refresh
|
|
391
424
|
- auth failures must not break non-commercial local operations
|
|
392
425
|
|
|
393
426
|
### Tests
|
|
427
|
+
|
|
394
428
|
- `apps/control-plane/test/cloud-auth-service.spec.ts` (new)
|
|
395
429
|
- `apps/control-plane/test/cli.unit.spec.ts` auth parser/help coverage
|
|
396
430
|
|
|
397
431
|
Exit criteria:
|
|
432
|
+
|
|
398
433
|
- `auth login/whoami/logout` deterministic and tested
|
|
399
434
|
|
|
400
435
|
---
|
|
@@ -406,22 +441,26 @@ Exit criteria:
|
|
|
406
441
|
Enforce paid features through a central entitlement service queried by tool runtime and selected CLI paths.
|
|
407
442
|
|
|
408
443
|
### Implementation Targets
|
|
444
|
+
|
|
409
445
|
- `apps/control-plane/src/application/services/entitlement-service.ts` (new)
|
|
410
446
|
- `apps/control-plane/src/mcp/tool-runtime.ts` (pre-execution entitlement gate)
|
|
411
447
|
- `apps/control-plane/src/application/tools/tool-metadata.ts` (required entitlement tag per paid tool)
|
|
412
448
|
- `apps/control-plane/src/core/kernel.ts` (tool wrappers where needed)
|
|
413
449
|
|
|
414
450
|
### Rules
|
|
451
|
+
|
|
415
452
|
- entitlement checks apply only to paid operations
|
|
416
453
|
- core orchestration commands remain accessible in community mode
|
|
417
454
|
- grace behavior driven solely by policy + cache timestamps
|
|
418
455
|
|
|
419
456
|
### Tests
|
|
457
|
+
|
|
420
458
|
- `apps/control-plane/test/entitlement-service.spec.ts` (new)
|
|
421
459
|
- extend `apps/control-plane/test/tool-runtime.spec.ts`
|
|
422
460
|
- extend `apps/control-plane/test/mcp.spec.ts` for entitlement failures and parity
|
|
423
461
|
|
|
424
462
|
Exit criteria:
|
|
463
|
+
|
|
425
464
|
- paid tool calls blocked deterministically when not entitled
|
|
426
465
|
- no regressions in community flow
|
|
427
466
|
|
|
@@ -434,6 +473,7 @@ Exit criteria:
|
|
|
434
473
|
Emit deterministic usage events from runtime boundaries and flush in batches.
|
|
435
474
|
|
|
436
475
|
### Implementation Targets
|
|
476
|
+
|
|
437
477
|
- `apps/control-plane/src/application/services/usage-metering-service.ts` (new)
|
|
438
478
|
- `apps/control-plane/src/mcp/tool-runtime.ts` (tool invocation events)
|
|
439
479
|
- `apps/control-plane/src/supervisor/run-coordinator.ts` (run lifecycle events)
|
|
@@ -441,15 +481,18 @@ Emit deterministic usage events from runtime boundaries and flush in batches.
|
|
|
441
481
|
- `apps/control-plane/src/cli/usage-command-handler.ts` (new)
|
|
442
482
|
|
|
443
483
|
### Rules
|
|
484
|
+
|
|
444
485
|
- event writes append-only and non-blocking by default
|
|
445
486
|
- dedupe keys required on remote flush
|
|
446
487
|
- local summary always available even when cloud is unavailable
|
|
447
488
|
|
|
448
489
|
### Tests
|
|
490
|
+
|
|
449
491
|
- `apps/control-plane/test/usage-metering-service.spec.ts` (new)
|
|
450
492
|
- integration test for end-to-end run event emission
|
|
451
493
|
|
|
452
494
|
Exit criteria:
|
|
495
|
+
|
|
453
496
|
- usage events generated for run start/end, tool invocations, gate execution
|
|
454
497
|
- local summary and remote flush both deterministic
|
|
455
498
|
|
|
@@ -462,21 +505,25 @@ Exit criteria:
|
|
|
462
505
|
Build on artifact publishing to support control-hub sync and retention-aware indexing.
|
|
463
506
|
|
|
464
507
|
### Implementation Targets
|
|
508
|
+
|
|
465
509
|
- `apps/control-plane/src/application/services/artifact-publisher-service.ts` (extend)
|
|
466
510
|
- `apps/control-plane/src/application/services/cloud-sync-service.ts` (new)
|
|
467
511
|
- `apps/control-plane/src/cli/cloud-sync-command-handler.ts` (new)
|
|
468
512
|
- `apps/control-plane/src/cli/run-command-handler.ts` (post-run sync trigger)
|
|
469
513
|
|
|
470
514
|
### Rules
|
|
515
|
+
|
|
471
516
|
- `sync_mode=best_effort` must not fail base run completion
|
|
472
517
|
- `sync_mode=required` fails paid sync action only, with explicit error
|
|
473
518
|
- checkpoints guarantee idempotent retries
|
|
474
519
|
|
|
475
520
|
### Tests
|
|
521
|
+
|
|
476
522
|
- `apps/control-plane/test/cloud-sync-service.spec.ts` (new)
|
|
477
523
|
- extend run-command tests for post-run sync outcomes
|
|
478
524
|
|
|
479
525
|
Exit criteria:
|
|
526
|
+
|
|
480
527
|
- remote sync supports full run + retry without duplicate logical records
|
|
481
528
|
|
|
482
529
|
---
|
|
@@ -488,20 +535,24 @@ Exit criteria:
|
|
|
488
535
|
Enable workspace-scoped views and paid analytics in dashboard APIs/UI.
|
|
489
536
|
|
|
490
537
|
### Implementation Targets
|
|
538
|
+
|
|
491
539
|
- `packages/web-dashboard/src/lib/aop-client.ts`
|
|
492
540
|
- `packages/web-dashboard/src/lib/types.ts`
|
|
493
541
|
- `packages/web-dashboard/src/app/api/*` routes for workspace/billing/usage
|
|
494
542
|
- `packages/web-dashboard/src/app/page.tsx` (workspace selector, paid analytics cards)
|
|
495
543
|
|
|
496
544
|
### Rules
|
|
545
|
+
|
|
497
546
|
- paid panels hidden when entitlement absent
|
|
498
547
|
- APIs enforce workspace identity server-side, not only UI checks
|
|
499
548
|
|
|
500
549
|
### Tests
|
|
550
|
+
|
|
501
551
|
- dashboard API integration tests for workspace isolation
|
|
502
552
|
- UI tests for entitlement-conditioned rendering
|
|
503
553
|
|
|
504
554
|
Exit criteria:
|
|
555
|
+
|
|
505
556
|
- team dashboards show cross-run metrics and audit trend views per workspace
|
|
506
557
|
|
|
507
558
|
---
|
|
@@ -513,6 +564,7 @@ Exit criteria:
|
|
|
513
564
|
Introduce a new multi-tenant backend service inside this monorepo.
|
|
514
565
|
|
|
515
566
|
### New Workspace Targets
|
|
567
|
+
|
|
516
568
|
- `apps/control-hub-api/` (new)
|
|
517
569
|
- `apps/control-hub-api/src/auth/*`
|
|
518
570
|
- `apps/control-hub-api/src/tenancy/*`
|
|
@@ -523,6 +575,7 @@ Introduce a new multi-tenant backend service inside this monorepo.
|
|
|
523
575
|
- `apps/control-hub-api/src/db/migrations/*`
|
|
524
576
|
|
|
525
577
|
### Minimum API Contract
|
|
578
|
+
|
|
526
579
|
- `GET /v1/whoami`
|
|
527
580
|
- `GET /v1/entitlements/current`
|
|
528
581
|
- `POST /v1/usage/events:ingest`
|
|
@@ -530,6 +583,7 @@ Introduce a new multi-tenant backend service inside this monorepo.
|
|
|
530
583
|
- `GET /v1/billing/subscription`
|
|
531
584
|
|
|
532
585
|
### Data Model (Minimum)
|
|
586
|
+
|
|
533
587
|
- `organizations`
|
|
534
588
|
- `workspaces`
|
|
535
589
|
- `projects`
|
|
@@ -541,6 +595,7 @@ Introduce a new multi-tenant backend service inside this monorepo.
|
|
|
541
595
|
- `artifact_runs`
|
|
542
596
|
|
|
543
597
|
### Exit criteria
|
|
598
|
+
|
|
544
599
|
- control-plane can authenticate and sync against control-hub in staging
|
|
545
600
|
- metering and entitlement endpoints are production-safe with tenant isolation tests
|
|
546
601
|
|
|
@@ -549,17 +604,20 @@ Introduce a new multi-tenant backend service inside this monorepo.
|
|
|
549
604
|
## CP7: Rollout, Migration, and Commercial Readiness
|
|
550
605
|
|
|
551
606
|
### Rollout Phases
|
|
607
|
+
|
|
552
608
|
1. Internal dogfood: community mode + optional auth only.
|
|
553
609
|
2. Pilot customers: team mode with best-effort sync and warning-only overage.
|
|
554
610
|
3. Paid GA: required entitlement checks for paid operations, invoicing enabled.
|
|
555
611
|
4. Enterprise GA: SSO/SCIM/compliance controls enabled by entitlement.
|
|
556
612
|
|
|
557
613
|
### Migration Rules
|
|
614
|
+
|
|
558
615
|
- existing repos require no config changes for community mode
|
|
559
616
|
- `aop init --advanced-policy` adds product section templates
|
|
560
617
|
- paid mode onboarding requires explicit `aop auth login` and workspace bind
|
|
561
618
|
|
|
562
619
|
### Rollback Rules
|
|
620
|
+
|
|
563
621
|
- disable `innovation.commercial_productization` to return to community behavior
|
|
564
622
|
- keep usage/artifact logs; do not delete commercial runtime artifacts on rollback
|
|
565
623
|
|
|
@@ -568,19 +626,23 @@ Introduce a new multi-tenant backend service inside this monorepo.
|
|
|
568
626
|
## 6. Test Strategy (Normative)
|
|
569
627
|
|
|
570
628
|
### 6.1 Unit Tests
|
|
629
|
+
|
|
571
630
|
- entitlement signature and expiry/grace logic
|
|
572
631
|
- metering event generation and dedupe keys
|
|
573
632
|
- cloud sync checkpoint idempotency
|
|
574
633
|
|
|
575
634
|
### 6.2 Integration Tests
|
|
635
|
+
|
|
576
636
|
- end-to-end paid flow: login -> entitlement fetch -> run -> usage flush -> artifact sync
|
|
577
637
|
- tenant isolation: workspace A cannot read workspace B assets
|
|
578
638
|
|
|
579
639
|
### 6.3 Contract/Parity Tests
|
|
640
|
+
|
|
580
641
|
- new tools validated in MCP and in-process modes
|
|
581
642
|
- CLI commands parse/help/bootstrap coverage for `auth`, `cloud sync`, `usage`, `billing`
|
|
582
643
|
|
|
583
644
|
### 6.4 Regression Tests
|
|
645
|
+
|
|
584
646
|
- community mode behavior unchanged when productization disabled
|
|
585
647
|
- run completion unaffected by cloud outage in best-effort mode
|
|
586
648
|
|
|
@@ -602,18 +664,22 @@ Introduce a new multi-tenant backend service inside this monorepo.
|
|
|
602
664
|
## 8. Core Tradeoffs
|
|
603
665
|
|
|
604
666
|
1. **Fail-open reliability vs revenue enforcement**
|
|
667
|
+
|
|
605
668
|
- strict entitlement blocking improves monetization control but risks customer-facing outages.
|
|
606
669
|
- chosen path: core execution always local-safe; paid operations enforce with TTL+grace.
|
|
607
670
|
|
|
608
671
|
2. **Hosted convenience vs data sovereignty**
|
|
672
|
+
|
|
609
673
|
- SaaS enables fast value but regulated customers need self-hosting.
|
|
610
674
|
- chosen path: same APIs for hosted and enterprise self-hosted control-hub.
|
|
611
675
|
|
|
612
676
|
3. **Metering granularity vs runtime overhead**
|
|
677
|
+
|
|
613
678
|
- finer events improve billing accuracy but increase write/flush cost.
|
|
614
679
|
- chosen path: bounded JSONL events, batched flush, deterministic aggregation.
|
|
615
680
|
|
|
616
681
|
4. **Broad paywall vs trust/adoption**
|
|
682
|
+
|
|
617
683
|
- over-gating core capabilities harms OSS adoption.
|
|
618
684
|
- chosen path: keep deterministic orchestration free; monetize team governance, hosted retention, enterprise controls.
|
|
619
685
|
|
|
@@ -638,6 +704,7 @@ Introduce a new multi-tenant backend service inside this monorepo.
|
|
|
638
704
|
## 10. Definition of Done
|
|
639
705
|
|
|
640
706
|
A completed implementation session for this program MUST provide:
|
|
707
|
+
|
|
641
708
|
- phase-by-phase completion notes (CP0-CP7)
|
|
642
709
|
- policy/schema/catalog/tool docs deltas and rationale
|
|
643
710
|
- executed validation/test commands with outcomes
|