Compare commits
No commits in common. "main" and "fix/reattribute-by-branch-prefix" have entirely different histories.
main
...
fix/reattr
370 changed files with 185 additions and 81640 deletions
|
|
@ -1,40 +0,0 @@
|
||||||
---
|
|
||||||
name: crabbox
|
|
||||||
description: Use for remote Linux verification, isolated CI proof, Crabbox lease cleanup, and PR evidence without production deploys or secret forwarding.
|
|
||||||
---
|
|
||||||
|
|
||||||
# Crabbox
|
|
||||||
|
|
||||||
Use Crabbox for remote Linux verification and PR proof only.
|
|
||||||
|
|
||||||
Allowed jobs:
|
|
||||||
|
|
||||||
- `crabbox job run unit`
|
|
||||||
- `crabbox job run lint-phase1b`
|
|
||||||
- `crabbox job run ci-contract`
|
|
||||||
- `crabbox job run phase1b-local-proof`
|
|
||||||
- `crabbox job run sync-smoke`
|
|
||||||
|
|
||||||
Default workflow:
|
|
||||||
|
|
||||||
1. Run `crabbox job run --dry-run ci-contract`.
|
|
||||||
2. Run `crabbox job run --dry-run phase1b-local-proof`.
|
|
||||||
3. Inspect the planned commands and confirm no production secrets or production deploy commands appear.
|
|
||||||
4. Run `crabbox job run ci-contract`.
|
|
||||||
5. Run `crabbox job run phase1b-local-proof`.
|
|
||||||
6. Save the run id, lease id, stdout, downloaded proof JSON, and JUnit output.
|
|
||||||
7. Stop the lease unless the CLI has already stopped it.
|
|
||||||
|
|
||||||
Boundaries:
|
|
||||||
|
|
||||||
- Do not run production deploy commands from Crabbox.
|
|
||||||
- Do not forward production GitHub, Forgejo, OpenRouter, SSH, Bitwarden, or VPS secrets.
|
|
||||||
- Do not target the production `decision-engine` repo for sandbox proof.
|
|
||||||
- Do not mutate the production VPS.
|
|
||||||
- Do not call Crabbox proof equivalent to production proof unless the lease recreates `/opt/teleo-eval`, systemd services, runtime users, DB paths, timers, and deploy scripts.
|
|
||||||
|
|
||||||
Failure handling:
|
|
||||||
|
|
||||||
- If sync sanity fails, stop the lease and retry on a fresh lease.
|
|
||||||
- If a proof script fails, save the full run output and do not summarize it as a pass.
|
|
||||||
- If a remote box has unknown state, stop it instead of debugging against reused state.
|
|
||||||
|
|
@ -1,41 +0,0 @@
|
||||||
---
|
|
||||||
name: decision-engine-refinement
|
|
||||||
description: Use when improving Living IP decision-engine quality, LLM model selection, evaluator prompts, rubrics, replay evals, Rio or Theseus reviewer behavior, or model bakeoffs.
|
|
||||||
---
|
|
||||||
|
|
||||||
# Decision Engine Refinement
|
|
||||||
|
|
||||||
Use this skill for quality work, not infrastructure work. Pentagon.run or Crabbox can run remote jobs; this repo owns model judgment, rubric design, prompt/tool refinement, and proof artifacts.
|
|
||||||
|
|
||||||
## Workflow
|
|
||||||
|
|
||||||
1. Read `docs/llm-refinement-decision-engine.md`.
|
|
||||||
2. Identify the lane: Rio economics, Theseus model integrity, Leo cross-domain, domain factuality, retrieval quality, or prompt/tool self-upgrade.
|
|
||||||
3. Build or reuse a replayable fixture before changing prompts or model assignments.
|
|
||||||
4. Compare baseline vs candidate with the same input, same rubric, and structured verdict format.
|
|
||||||
5. Record false approves, false rejects, useful disagreements, cost, and latency.
|
|
||||||
6. Change runtime prompts/models only after the candidate shows a measured improvement with no critical regression.
|
|
||||||
|
|
||||||
## Hard Rules
|
|
||||||
|
|
||||||
- Do not change live model assignments because one answer sounds better.
|
|
||||||
- Do not use production DB writes to tune prompts.
|
|
||||||
- Do not collapse Rio and Theseus into generic "reviewers".
|
|
||||||
- Do not treat payment, popularity, or engagement as quality approval.
|
|
||||||
- Do not claim production decision-engine improvement without replay evidence and live/staging readback.
|
|
||||||
|
|
||||||
## Agent Responsibilities
|
|
||||||
|
|
||||||
- Rio: incentive design, contribution weights, paid-query effects, market/mechanism reasoning, OPSEC, correlated-prior warnings.
|
|
||||||
- Theseus: model diversity, adversarial evals, disagreement queues, self-upgrade criteria, prompt/tool safety, verifier drift.
|
|
||||||
- Leo: cross-domain synthesis, fallback review, final arbitration where the route or rubric is ambiguous.
|
|
||||||
|
|
||||||
## Expected Artifacts
|
|
||||||
|
|
||||||
- fixture file or DB query used for sampling;
|
|
||||||
- baseline verdict output;
|
|
||||||
- candidate verdict output;
|
|
||||||
- summary JSON with quality, cost, latency, and disagreement metrics;
|
|
||||||
- patch scoped to prompts, model config, rubric docs, or eval harness.
|
|
||||||
|
|
||||||
Run `python3 scripts/check_llm_refinement_contract.py` after editing this surface.
|
|
||||||
|
|
@ -1,82 +0,0 @@
|
||||||
---
|
|
||||||
name: leo-telegram-canary-ops
|
|
||||||
description: Use for live Leo Telegram tests through authenticated Chrome/Computer Use, including memory, KB audit, staged DB writes, screenshots, and clear separation from external outreach.
|
|
||||||
---
|
|
||||||
|
|
||||||
# Leo Telegram Canary Ops
|
|
||||||
|
|
||||||
## Job
|
|
||||||
|
|
||||||
Run Telegram-visible Leo canaries when testing Leo itself, with retained screenshots and DB readbacks.
|
|
||||||
|
|
||||||
## Trigger Phrases
|
|
||||||
|
|
||||||
- "test Leo in Telegram"
|
|
||||||
- "send the Leo group message"
|
|
||||||
- "Telegram-visible proof"
|
|
||||||
- "Chrome Telegram canary"
|
|
||||||
- "Leo remembers conversation"
|
|
||||||
- "staged write through Telegram"
|
|
||||||
|
|
||||||
## Authorization Boundary
|
|
||||||
|
|
||||||
Live Telegram bot messages to the Leo group are authorized when they are test canaries for Leo behavior.
|
|
||||||
|
|
||||||
This is different from external outreach. Do not send external outreach, partner messages, public announcements, or non-test communications without exact authorization.
|
|
||||||
|
|
||||||
## Required Tooling
|
|
||||||
|
|
||||||
Use Computer Use through `node_repl` and the Chrome/Computer Use skill path. Do not use:
|
|
||||||
|
|
||||||
- AppleScript,
|
|
||||||
- `osascript`,
|
|
||||||
- JXA,
|
|
||||||
- System Events,
|
|
||||||
- focus hijacking,
|
|
||||||
- foregrounding hacks.
|
|
||||||
|
|
||||||
## Canary Types
|
|
||||||
|
|
||||||
Name the canary before sending:
|
|
||||||
|
|
||||||
- bot readiness,
|
|
||||||
- memory,
|
|
||||||
- KB audit truth,
|
|
||||||
- proposed-vs-applied truth,
|
|
||||||
- open-ended Cory-style triage,
|
|
||||||
- staged write,
|
|
||||||
- no-canonical-mutation proof,
|
|
||||||
- screenshot/readback proof.
|
|
||||||
|
|
||||||
## Message Discipline
|
|
||||||
|
|
||||||
Use unique markers such as `WL-LIVE-TG-CORY-YYYYMMDD-Tn`.
|
|
||||||
|
|
||||||
Ask Leo for machine-checkable reply markers like:
|
|
||||||
|
|
||||||
- `LIVE_TG_TURN1_ACK`
|
|
||||||
- `LIVE_TG_TURN3_STAGED`
|
|
||||||
- `LIVE_TG_TURN4_READBACK`
|
|
||||||
|
|
||||||
Do not rely only on exact-ID prompts. At least one representative canary should be a vague operator-style prompt such as: Cory says the agents are not working, the KB is in the same state as last night, and Leo should be able to manipulate the KB; ask Leo what that means, what it would inspect first, what fixed means, and how it separates proposed, approved, and applied. Keep this canary read-only unless the task explicitly authorizes a staging or apply step.
|
|
||||||
|
|
||||||
## Required Proof
|
|
||||||
|
|
||||||
After each live Telegram canary:
|
|
||||||
|
|
||||||
1. Capture screenshot.
|
|
||||||
2. Record exact message sent.
|
|
||||||
3. Record Leo reply marker and substance.
|
|
||||||
4. Query DB if the canary involves DB state.
|
|
||||||
5. Record canonical public table counts when proving no mutation.
|
|
||||||
6. Save a local markdown/json artifact.
|
|
||||||
7. Sync artifacts to VPS report dir when relevant.
|
|
||||||
|
|
||||||
## Current Known Proof
|
|
||||||
|
|
||||||
- Live memory and KB audit passed for marker `WL-LIVE-TG-CORY-20260709`.
|
|
||||||
- Live staged write passed for `WL-LIVE-TG-CORY-20260709-T3`.
|
|
||||||
- Readback passed for `WL-LIVE-TG-CORY-20260709-T4`.
|
|
||||||
- Open-ended Cory-style read-only triage passed for `WL-LIVE-TG-CORY-OPEN-20260709`.
|
|
||||||
|
|
||||||
Use `docs/reports/leo-working-state-20260709/current-truth-index.md` for artifact paths.
|
|
||||||
|
|
@ -1,93 +0,0 @@
|
||||||
---
|
|
||||||
name: living-ip-kb-interop
|
|
||||||
description: Use when giving Hermes, OpenClaw, Claude-style, Pentagon, or other external agents safe read/write access patterns for the Living IP knowledge base.
|
|
||||||
---
|
|
||||||
|
|
||||||
# Living IP KB Interop
|
|
||||||
|
|
||||||
Use this skill when an outside agent needs to read from the Living IP knowledge base or propose a write back into it. The default is propose-first, proof-backed, and no-secret.
|
|
||||||
|
|
||||||
## Goal
|
|
||||||
|
|
||||||
Any Hermes, OpenClaw, Claude-style, or Pentagon agent should be able to:
|
|
||||||
|
|
||||||
1. search the knowledge base;
|
|
||||||
2. read a cited file or record;
|
|
||||||
3. propose a source, claim, entity, or correction;
|
|
||||||
4. route the proposal to the right evaluator agents;
|
|
||||||
5. leave a proof artifact that shows inputs, tools, and no denied actions.
|
|
||||||
|
|
||||||
## Read Path
|
|
||||||
|
|
||||||
Prefer deterministic local surfaces before asking an LLM:
|
|
||||||
|
|
||||||
- repository files under the knowledge base checkout;
|
|
||||||
- generated claim indexes from `lib/claim_index.py`;
|
|
||||||
- search helpers in `lib/search.py`;
|
|
||||||
- copied SQLite state through `teleo-db-operator`;
|
|
||||||
- retained proof JSON in `.crabbox-results/` or `proof/`.
|
|
||||||
|
|
||||||
Read outputs must include file paths, source paths, claim/entity IDs when available, and the exact query used.
|
|
||||||
|
|
||||||
## Write Path
|
|
||||||
|
|
||||||
All writes are proposals until the normal review/evaluation pipeline accepts them.
|
|
||||||
|
|
||||||
Allowed proposal targets:
|
|
||||||
|
|
||||||
- source file proposal;
|
|
||||||
- claim file proposal;
|
|
||||||
- entity file proposal;
|
|
||||||
- correction proposal;
|
|
||||||
- route/evaluator proof artifact.
|
|
||||||
|
|
||||||
Required fields:
|
|
||||||
|
|
||||||
- source or rationale;
|
|
||||||
- target domain;
|
|
||||||
- proposed author/agent;
|
|
||||||
- route evidence;
|
|
||||||
- confidence or uncertainty tag;
|
|
||||||
- citations to existing KB context;
|
|
||||||
- proof output path.
|
|
||||||
|
|
||||||
Do not write directly to main. Do not mutate production `pipeline.db`. Use `teleo-db-operator` for any SQLite write, and only after explicit authorization, backup, transaction, and readback.
|
|
||||||
|
|
||||||
## Minimal Tool Contract
|
|
||||||
|
|
||||||
Adapters should expose this shape even if their runtime uses different names:
|
|
||||||
|
|
||||||
- `kb.search(query, domain?, limit?)`
|
|
||||||
- `kb.get(path_or_id)`
|
|
||||||
- `kb.propose_source(markdown, metadata)`
|
|
||||||
- `kb.propose_claim(markdown, metadata)`
|
|
||||||
- `kb.propose_entity(markdown, metadata)`
|
|
||||||
- `kb.route(diff_or_metadata)`
|
|
||||||
- `kb.proof(path, payload)`
|
|
||||||
|
|
||||||
If a runtime cannot implement one of these, record the missing tool as a blocker instead of silently skipping it.
|
|
||||||
|
|
||||||
## Denied Actions
|
|
||||||
|
|
||||||
- raw Bitwarden export;
|
|
||||||
- card, token, or password reads;
|
|
||||||
- production DB writes;
|
|
||||||
- direct pushes to main;
|
|
||||||
- public comments or messages;
|
|
||||||
- hidden Slack, Linear, Telegram, or GitHub sends;
|
|
||||||
- uncited knowledge writes;
|
|
||||||
- model-driven edits without route evidence.
|
|
||||||
|
|
||||||
## Expected Artifact
|
|
||||||
|
|
||||||
Write `.crabbox-results/kb-interop-proof.json` or a caller-specified proof path containing:
|
|
||||||
|
|
||||||
- runtime name;
|
|
||||||
- model/provider if known;
|
|
||||||
- tools invoked;
|
|
||||||
- denied tools not invoked;
|
|
||||||
- query or input fixture;
|
|
||||||
- cited reads;
|
|
||||||
- proposed writes;
|
|
||||||
- route evidence;
|
|
||||||
- verifier result.
|
|
||||||
|
|
@ -1,70 +0,0 @@
|
||||||
---
|
|
||||||
name: nousresearch-hermes-agent
|
|
||||||
description: Use when packaging Living IP agents, skills, prompts, memory, model routing, or decision-engine workflows for NousResearch Hermes Agent.
|
|
||||||
---
|
|
||||||
|
|
||||||
# NousResearch Hermes Agent
|
|
||||||
|
|
||||||
Use this skill to adapt Living IP decision-engine behavior to Hermes Agent. Keep the package fixture-first and no-secret by default.
|
|
||||||
|
|
||||||
## Current External Surface
|
|
||||||
|
|
||||||
As of 2026-06-01, the upstream Hermes Agent README describes:
|
|
||||||
|
|
||||||
- model switching via `hermes model`;
|
|
||||||
- tools via `hermes tools`;
|
|
||||||
- a messaging gateway for Telegram, Discord, Slack, WhatsApp, Signal, and CLI;
|
|
||||||
- built-in skill creation and self-improvement;
|
|
||||||
- cron scheduling;
|
|
||||||
- terminal backends including local, Docker, SSH, Modal, and Daytona;
|
|
||||||
- OpenClaw migration commands.
|
|
||||||
|
|
||||||
Verify upstream docs before depending on a command in code.
|
|
||||||
|
|
||||||
## Living IP Package Shape
|
|
||||||
|
|
||||||
Create a package that includes:
|
|
||||||
|
|
||||||
- agent identity file for Rio or Theseus;
|
|
||||||
- skill instructions copied from repo-owned `.agents/skills/*`;
|
|
||||||
- `living-ip-kb-interop` for read/propose/writeback behavior;
|
|
||||||
- no-secret tool allowlist;
|
|
||||||
- fixture replay command;
|
|
||||||
- model selection notes;
|
|
||||||
- proof output path.
|
|
||||||
|
|
||||||
Do not package production DBs, tokens, API keys, SSH keys, or Bitwarden exports.
|
|
||||||
|
|
||||||
## Rio Package
|
|
||||||
|
|
||||||
Rio Hermes package should focus on:
|
|
||||||
|
|
||||||
- internet finance and mechanism reasoning;
|
|
||||||
- contribution weights and paid-query effects;
|
|
||||||
- OPSEC finance filters;
|
|
||||||
- source-diversity warnings;
|
|
||||||
- fixture tests for false economic reasoning.
|
|
||||||
|
|
||||||
## Theseus Package
|
|
||||||
|
|
||||||
Theseus Hermes package should focus on:
|
|
||||||
|
|
||||||
- model-diversity evals;
|
|
||||||
- disagreement queues;
|
|
||||||
- self-upgrade criteria;
|
|
||||||
- prompt/tool safety;
|
|
||||||
- fixture tests for overconfident or poorly grounded model judgments.
|
|
||||||
|
|
||||||
## Handoff Contract
|
|
||||||
|
|
||||||
Every Hermes handoff must include:
|
|
||||||
|
|
||||||
1. install/config snippet;
|
|
||||||
2. model/provider selection left configurable;
|
|
||||||
3. tool allowlist;
|
|
||||||
4. fixture-first demo;
|
|
||||||
5. no-live-write default;
|
|
||||||
6. proof artifact path;
|
|
||||||
7. known blockers.
|
|
||||||
|
|
||||||
Do not claim Hermes production integration until a Hermes runtime actually executes the fixture and writes proof.
|
|
||||||
|
|
@ -1,70 +0,0 @@
|
||||||
---
|
|
||||||
name: openclaw-agent
|
|
||||||
description: Use when adapting Living IP decision-engine agents, skills, tools, prompt files, or no-secret workflows to OpenClaw agent workspaces.
|
|
||||||
---
|
|
||||||
|
|
||||||
# OpenClaw Agent
|
|
||||||
|
|
||||||
Use this skill to package Living IP decision-engine behavior for OpenClaw workspaces. Treat OpenClaw as a distribution/runtime surface, not a new source of truth.
|
|
||||||
|
|
||||||
## Current External Surface
|
|
||||||
|
|
||||||
As of 2026-06-01, the upstream OpenClaw README describes:
|
|
||||||
|
|
||||||
- Node 24 or Node 22.19+ runtime;
|
|
||||||
- `openclaw onboard --install-daemon`;
|
|
||||||
- Gateway daemon usage;
|
|
||||||
- agent prompt files `AGENTS.md`, `SOUL.md`, and `TOOLS.md`;
|
|
||||||
- workspace skills at `~/.openclaw/workspace/skills/<skill>/SKILL.md`;
|
|
||||||
- model configuration in OpenClaw config;
|
|
||||||
- security guidance for DM pairing, allowlists, and sandboxing.
|
|
||||||
|
|
||||||
Verify upstream docs before depending on a command in code.
|
|
||||||
|
|
||||||
## Living IP Workspace Shape
|
|
||||||
|
|
||||||
Create or update:
|
|
||||||
|
|
||||||
- `AGENTS.md`: scope, repo boundaries, proof requirements;
|
|
||||||
- `SOUL.md`: Rio or Theseus identity;
|
|
||||||
- `TOOLS.md`: bounded tools only;
|
|
||||||
- `skills/decision-engine-refinement/SKILL.md`;
|
|
||||||
- `skills/living-ip-kb-interop/SKILL.md`;
|
|
||||||
- `skills/teleo-db-operator/SKILL.md` only for read-only local copies unless explicitly authorized.
|
|
||||||
|
|
||||||
## Tool Policy
|
|
||||||
|
|
||||||
Default allow:
|
|
||||||
|
|
||||||
- read files;
|
|
||||||
- run local fixture tests;
|
|
||||||
- write proof artifacts;
|
|
||||||
- inspect git diffs;
|
|
||||||
- query copied SQLite DBs read-only.
|
|
||||||
|
|
||||||
Default deny:
|
|
||||||
|
|
||||||
- production DB writes;
|
|
||||||
- token reads;
|
|
||||||
- Bitwarden vault export;
|
|
||||||
- live GitHub PR comments;
|
|
||||||
- public messaging sends;
|
|
||||||
- broad shell automation against host services.
|
|
||||||
|
|
||||||
## Rio And Theseus
|
|
||||||
|
|
||||||
- Rio OpenClaw package: economic reasoning, contribution incentives, paid-query guardrails, OPSEC.
|
|
||||||
- Theseus OpenClaw package: eval integrity, adversarial prompts, model bakeoffs, self-upgrade review.
|
|
||||||
|
|
||||||
## Proof Contract
|
|
||||||
|
|
||||||
An OpenClaw adapter is useful only if it can run a fixture and produce:
|
|
||||||
|
|
||||||
- prompt files used;
|
|
||||||
- tool allowlist;
|
|
||||||
- model selected;
|
|
||||||
- fixture input;
|
|
||||||
- structured verdict output;
|
|
||||||
- proof that no denied tools were invoked.
|
|
||||||
|
|
||||||
Do not claim OpenClaw production readiness until the package runs in an OpenClaw workspace and writes proof.
|
|
||||||
|
|
@ -1,76 +0,0 @@
|
||||||
---
|
|
||||||
name: teleo-db-operator
|
|
||||||
description: Use when reading, auditing, backing up, querying, or safely writing the Teleo pipeline SQLite database, including review_records, audit_log, costs, prs, sources, and contributor feedback loops.
|
|
||||||
---
|
|
||||||
|
|
||||||
# Teleo DB Operator
|
|
||||||
|
|
||||||
Default to read-only. The database is evidence for decision-engine refinement, not a scratchpad.
|
|
||||||
|
|
||||||
## Discover
|
|
||||||
|
|
||||||
1. Read `lib/config.py` for `DB_PATH` and related paths.
|
|
||||||
2. Prefer local or copied DBs over production DBs.
|
|
||||||
3. If using production, record whether access is read-only or write-authorized.
|
|
||||||
4. Never print secret values found near DB paths or shell history.
|
|
||||||
|
|
||||||
## Read Path
|
|
||||||
|
|
||||||
Use `sqlite3` or Python `sqlite3`.
|
|
||||||
|
|
||||||
Recommended read targets:
|
|
||||||
|
|
||||||
- `review_records`: evaluator, model, outcome, rejection reason.
|
|
||||||
- `audit_log`: route decisions, approve/reject events, failure details.
|
|
||||||
- `costs`: model cost by date/stage.
|
|
||||||
- `prs`: status, tier, route compatibility fields, verdicts.
|
|
||||||
- `sources`: priority, feedback, extraction model.
|
|
||||||
|
|
||||||
For refinement work, export aggregated JSON or CSV into `.crabbox-results/` or `proof/`, not raw private DB snapshots.
|
|
||||||
|
|
||||||
## Write Path
|
|
||||||
|
|
||||||
Writes require explicit authorization and a backup.
|
|
||||||
|
|
||||||
Required sequence:
|
|
||||||
|
|
||||||
1. Create a backup or operate on a copy.
|
|
||||||
2. Write the exact SQL in a retained artifact.
|
|
||||||
3. Use `BEGIN IMMEDIATE;`.
|
|
||||||
4. Apply the minimal mutation.
|
|
||||||
5. Read back the changed rows.
|
|
||||||
6. Commit the transaction only after readback is correct.
|
|
||||||
7. Write a blocker artifact instead of guessing if any precondition is missing.
|
|
||||||
|
|
||||||
Never write production prompt/model state as part of an experiment. Experiments should replay fixtures and produce proof first.
|
|
||||||
|
|
||||||
## Safety Boundaries
|
|
||||||
|
|
||||||
- Do not attach, copy, or commit `pipeline.db`.
|
|
||||||
- Do not run broad `UPDATE` or `DELETE` without a `WHERE` clause and a prior row count.
|
|
||||||
- Do not mutate `prs`, `sources`, or contributor state from a model response alone.
|
|
||||||
- Do not treat local copied DB proof as production proof.
|
|
||||||
|
|
||||||
## Useful Queries
|
|
||||||
|
|
||||||
```sql
|
|
||||||
SELECT reviewer, reviewer_model, outcome, rejection_reason, count(*) AS n
|
|
||||||
FROM review_records
|
|
||||||
GROUP BY reviewer, reviewer_model, outcome, rejection_reason
|
|
||||||
ORDER BY n DESC;
|
|
||||||
```
|
|
||||||
|
|
||||||
```sql
|
|
||||||
SELECT event, count(*) AS n
|
|
||||||
FROM audit_log
|
|
||||||
WHERE stage = 'evaluate'
|
|
||||||
GROUP BY event
|
|
||||||
ORDER BY n DESC;
|
|
||||||
```
|
|
||||||
|
|
||||||
```sql
|
|
||||||
SELECT model, stage, calls, input_tokens, output_tokens, cost_usd
|
|
||||||
FROM costs
|
|
||||||
ORDER BY date DESC, cost_usd DESC
|
|
||||||
LIMIT 50;
|
|
||||||
```
|
|
||||||
|
|
@ -1,101 +0,0 @@
|
||||||
---
|
|
||||||
name: teleo-gcp-parity-ops
|
|
||||||
description: Use for Teleo GCP control-plane inventory, Cloud SQL read-only parity, authenticated Chrome routing, VM/runtime comparison, and exact GCP access gates without collapsing VPS proof into GCP proof.
|
|
||||||
---
|
|
||||||
|
|
||||||
# Teleo GCP Parity Ops
|
|
||||||
|
|
||||||
## Working Target
|
|
||||||
|
|
||||||
Prove the real GCP resource, database, runtime, and Cory-answer paths separately.
|
|
||||||
Control-plane inventory alone is not database or Leo parity.
|
|
||||||
|
|
||||||
## Current Verified Inventory
|
|
||||||
|
|
||||||
- Project: `teleo-501523` (`Teleo`).
|
|
||||||
- Authenticated Console account: redacted `b***@livingip.xyz` via `authuser=5`.
|
|
||||||
- VM: `teleo-prod-1`, running in `europe-west6-a`.
|
|
||||||
- VM shape: Debian 12, `e2-standard-4`, 4 vCPU, 16 GB; OS Login metadata is
|
|
||||||
present. Treat the displayed API scope as metadata, not IAM authorization.
|
|
||||||
- Cloud SQL: exactly one instance, `teleo-pgvector-standby`.
|
|
||||||
- Database engine: PostgreSQL `16.14`, Enterprise.
|
|
||||||
- Region/zone: `europe-west6` / `europe-west6-c`, single-zone.
|
|
||||||
- Network: private-only `teleo-staging-net`; public IP disabled.
|
|
||||||
- Connection name: `teleo-501523:europe-west6:teleo-pgvector-standby`.
|
|
||||||
- Cloud SQL Studio loads, but the observed session exposes no enabled existing
|
|
||||||
IAM DB principal and selects built-in password authentication.
|
|
||||||
- Cloud Logging has guest/platform logs but zero seven-day entries matching
|
|
||||||
`leoclean`, `hermes`, `gateway`, `postgres`, or `teleo-kb`; Ops Agent is not
|
|
||||||
installed.
|
|
||||||
- Read-only serial output is current through `2026-07-10T15:57:54Z`. It proves
|
|
||||||
recurring successful `leoclean-cloudsql-memory-sync.service` cycles. The last
|
|
||||||
exact `leoclean-gcp-prod-parallel.service` lifecycle event in the retained
|
|
||||||
buffer is a Hermes start on July 9 with no later exact stop/failure. This is
|
|
||||||
not a current PID, process, or deployed-SHA readback.
|
|
||||||
|
|
||||||
Read these before refreshing:
|
|
||||||
|
|
||||||
- `docs/reports/leo-working-state-20260709/gcp-cloud-sql-t3-live-readonly-current.json`
|
|
||||||
- `docs/reports/leo-working-state-20260709/gcp-cloudsql-studio-parity-gate-current.json`
|
|
||||||
- `docs/reports/leo-working-state-20260709/gcp-parallel-delegation-current.json`
|
|
||||||
- `docs/reports/leo-working-state-20260709/gcp-leo-runtime-observability-current.json`
|
|
||||||
|
|
||||||
## Browser Rule
|
|
||||||
|
|
||||||
Use authenticated Chrome/Computer Use for Console-only facts when CLI auth is
|
|
||||||
stale. Never use AppleScript, `osascript`, JXA, `open`, System Events, or a
|
|
||||||
focus-stealing fallback. Do not inspect cookies, tokens, saved passwords, or
|
|
||||||
secret values.
|
|
||||||
|
|
||||||
## Required Parity Rows
|
|
||||||
|
|
||||||
Track each independently:
|
|
||||||
|
|
||||||
1. control-plane project/VM/Cloud SQL inventory;
|
|
||||||
2. database name, principal, transaction-read-only proof, schema, counts, and
|
|
||||||
selected row identities;
|
|
||||||
3. VM process/service/repo/profile/model/bot configuration;
|
|
||||||
4. no-post `DC-01` through `DC-06` replies and score;
|
|
||||||
5. cleanup and no-mutation readback.
|
|
||||||
|
|
||||||
## Cloud SQL Read-Only Query
|
|
||||||
|
|
||||||
Only after Studio is already authenticated with an existing principal:
|
|
||||||
|
|
||||||
```sql
|
|
||||||
begin transaction read only;
|
|
||||||
select current_database(), current_user,
|
|
||||||
current_setting('transaction_read_only');
|
|
||||||
select count(*) from public.claims;
|
|
||||||
select count(*) from public.sources;
|
|
||||||
select count(*) from public.claim_evidence;
|
|
||||||
select count(*) from public.claim_edges;
|
|
||||||
select count(*) from kb_stage.kb_proposals;
|
|
||||||
rollback;
|
|
||||||
```
|
|
||||||
|
|
||||||
Do not submit a raw password, create a user, change IAM, enable a flag, open
|
|
||||||
browser SSH that creates a key, or mutate infrastructure under this read-only
|
|
||||||
skill.
|
|
||||||
|
|
||||||
## Exact Current Gate
|
|
||||||
|
|
||||||
Database parity is unproven because Studio requires a database credential and
|
|
||||||
did not expose an enabled existing IAM principal. The clear CTA is:
|
|
||||||
|
|
||||||
```text
|
|
||||||
Authenticate Cloud SQL Studio with an already-existing authorized database
|
|
||||||
principal without sharing the credential, then tell Codex: GCP Studio authenticated.
|
|
||||||
```
|
|
||||||
|
|
||||||
Otherwise route IAM/database-user enablement to a separately authorized write
|
|
||||||
window. Once authenticated, run only the read-only transaction above, retain
|
|
||||||
sanitized results, and close the agent-created tab.
|
|
||||||
|
|
||||||
## Claim Ceiling
|
|
||||||
|
|
||||||
Current proof covers the GCP project, VM, Cloud SQL instance, health, version,
|
|
||||||
private routing surface, and bounded serial unit activity. It does not prove
|
|
||||||
current gateway PID/restarts, deployed SHA, profile, model/auth, Telegram bot
|
|
||||||
identity, selected canonical DB, DB contents, VPS-vs-GCP schema/row parity,
|
|
||||||
safe no-post Cory answers, or cutover.
|
|
||||||
|
|
@ -1,70 +0,0 @@
|
||||||
---
|
|
||||||
name: teleo-infra-provenance
|
|
||||||
description: Use when tracing Teleo repo/deploy/runtime provenance, preventing path confusion between GitHub, local checkouts, VPS mirrors, live service cwd, and generated report artifacts.
|
|
||||||
---
|
|
||||||
|
|
||||||
# Teleo Infrastructure Provenance
|
|
||||||
|
|
||||||
## Job
|
|
||||||
|
|
||||||
Prevent incorrect assumptions about where Leo/Teleo code, runtime state, DB state, and evidence live.
|
|
||||||
|
|
||||||
## Trigger Phrases
|
|
||||||
|
|
||||||
- "where is Leo running from"
|
|
||||||
- "VPS provenance"
|
|
||||||
- "teleo-infrastructure repo"
|
|
||||||
- "deploy source"
|
|
||||||
- "why /opt/teleo-eval"
|
|
||||||
- "what is canonical"
|
|
||||||
|
|
||||||
## Surfaces To Separate
|
|
||||||
|
|
||||||
- GitHub/canonical repo truth.
|
|
||||||
- Local Codex workspace checkout.
|
|
||||||
- VPS live deploy/source mirror.
|
|
||||||
- Hermes/leoclean runtime profile.
|
|
||||||
- Postgres canonical DB.
|
|
||||||
- `kb_stage` proposal ledger.
|
|
||||||
- Retained proof artifacts under local `outputs/`.
|
|
||||||
- Synced report artifacts under the VPS profile report directory.
|
|
||||||
|
|
||||||
## Current Known Path Map
|
|
||||||
|
|
||||||
- Repo-local evidence pack: `docs/reports/leo-working-state-20260709/`
|
|
||||||
- VPS deploy/source area: `/opt/teleo-eval/workspaces/deploy-infra`
|
|
||||||
- VPS deploy stamp: `/opt/teleo-eval/.last-deploy-sha`
|
|
||||||
- Auto-sync: `teleo-auto-deploy.timer` checks `main` every two minutes.
|
|
||||||
- VPS profile reports: `/home/teleo/.hermes/profiles/leoclean/kb_stage/reports/`
|
|
||||||
- Live service: `leoclean-gateway.service`
|
|
||||||
|
|
||||||
## Required Readbacks
|
|
||||||
|
|
||||||
Before claiming provenance:
|
|
||||||
|
|
||||||
1. `git -C <path> status --short --branch`
|
|
||||||
2. `git -C <path> rev-parse HEAD`
|
|
||||||
3. `/opt/teleo-eval/.last-deploy-sha`
|
|
||||||
4. latest `teleo-auto-deploy.service` journal decision
|
|
||||||
5. service PID, start timestamp, restart count, `WorkingDirectory`, and `User`
|
|
||||||
6. commit delta and file checksums for the runtime paths being compared
|
|
||||||
7. latest retained report artifact timestamp
|
|
||||||
|
|
||||||
## Common Failure
|
|
||||||
|
|
||||||
Do not say the repo/deploy split is the direct cause of a Leo outage unless
|
|
||||||
evidence ties it to the active failure. The split can be a
|
|
||||||
reproducibility/parity risk without being the immediate runtime cause. A commit
|
|
||||||
present in the deploy checkout or stamp does not prove a gateway restart,
|
|
||||||
runtime-profile change, permission migration, worker enablement, or DB apply.
|
|
||||||
|
|
||||||
## Output
|
|
||||||
|
|
||||||
Return:
|
|
||||||
|
|
||||||
- current repo HEADs,
|
|
||||||
- dirty state,
|
|
||||||
- live service cwd/user,
|
|
||||||
- which path owns code changes,
|
|
||||||
- which path owns runtime reports,
|
|
||||||
- exact stale/provenance risk if any.
|
|
||||||
|
|
@ -1,109 +0,0 @@
|
||||||
---
|
|
||||||
name: teleo-kb-db-change-workflow
|
|
||||||
description: Use for Teleo canonical Postgres changes, proposal normalization, separate review and apply authority, isolated approve_claim canaries, row-level proof, rollback, and production-apply gating.
|
|
||||||
---
|
|
||||||
|
|
||||||
# Teleo KB DB Change Workflow
|
|
||||||
|
|
||||||
## Working Target
|
|
||||||
|
|
||||||
Move one reviewed knowledge change from `kb_stage.kb_proposals` to exact
|
|
||||||
canonical rows without confusing approval with application or silently changing
|
|
||||||
production.
|
|
||||||
|
|
||||||
## State Model
|
|
||||||
|
|
||||||
- `pending_review`: staged, not approved, canonical rows unchanged.
|
|
||||||
- `approved`: reviewed intent exists, but `applied_at` may still be null.
|
|
||||||
- `applied`: the guarded transaction finished and canonical postflight matches.
|
|
||||||
- `packet_ready_not_executed`: rehearsed artifacts exist; production is unchanged.
|
|
||||||
|
|
||||||
Never infer `applied` from chat text, a packet, a clone, or `status=approved`.
|
|
||||||
|
|
||||||
## Canonical Contract
|
|
||||||
|
|
||||||
The strict `approve_claim` v2 payload may create:
|
|
||||||
|
|
||||||
- `public.claims`
|
|
||||||
- `public.sources`
|
|
||||||
- `public.claim_evidence`
|
|
||||||
- `public.claim_edges`
|
|
||||||
- `public.reasoning_tools`
|
|
||||||
|
|
||||||
The lifecycle is split across:
|
|
||||||
|
|
||||||
- `scripts/kb_proposal_normalize.py`: fail-closed rich intent to strict payload.
|
|
||||||
- `scripts/approve_proposal.py`: `kb_review` login approves the exact type/payload.
|
|
||||||
- `scripts/apply_proposal.py`: operator-only `kb_apply` login writes and verifies.
|
|
||||||
- `scripts/kb_apply_prereqs.sql`: roles, immutable approval row, gate functions,
|
|
||||||
ownership, indexes, and exact ACL matrix.
|
|
||||||
- `scripts/run_approve_claim_isolated_container_canary.sh`: disposable runtime
|
|
||||||
proof plus read-only live count/service endpoints.
|
|
||||||
|
|
||||||
## Authority Invariants
|
|
||||||
|
|
||||||
1. `kb_review` and `kb_apply` are separate `NOINHERIT` login roles with no role
|
|
||||||
memberships.
|
|
||||||
2. `kb_gate_owner` is `NOLOGIN` and owns the immutable approval table and three
|
|
||||||
`SECURITY DEFINER` gate functions.
|
|
||||||
3. The legacy three-argument approval overload must be absent.
|
|
||||||
4. Review binds DB role, reviewer principal, type, full payload, timestamp, and
|
|
||||||
note in one immutable row.
|
|
||||||
5. Apply locks and compares that snapshot before writes, verifies every
|
|
||||||
payload-controlled field and exact table deltas, then finishes the ledger.
|
|
||||||
6. Existing semantic evidence/edge rows must match approved weights and owners;
|
|
||||||
a mismatch rolls back.
|
|
||||||
7. `kb_apply` remains a trusted operator-only canonical writer. This design does
|
|
||||||
not claim resistance to a compromised apply credential.
|
|
||||||
|
|
||||||
## Operator Path
|
|
||||||
|
|
||||||
1. Read the proposal and canonical target rows.
|
|
||||||
2. Normalize rich intent; reject malformed, duplicate, lossy, or unsupported
|
|
||||||
candidates instead of guessing.
|
|
||||||
3. Run focused tests:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
.venv/bin/python -m pytest -q \
|
|
||||||
tests/test_kb_proposal_normalize.py \
|
|
||||||
tests/test_approve_proposal.py \
|
|
||||||
tests/test_apply_proposal.py \
|
|
||||||
tests/test_kb_apply_prereqs.py
|
|
||||||
```
|
|
||||||
|
|
||||||
4. Run both disposable canaries from the repo root:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
scripts/run_approve_claim_isolated_container_canary.sh \
|
|
||||||
--output docs/reports/leo-working-state-20260709/approve-claim-clone-canary-current.json
|
|
||||||
|
|
||||||
scripts/run_approve_claim_isolated_container_canary.sh \
|
|
||||||
--normalization-json docs/reports/leo-working-state-20260709/helmer-approve-claim-normalization-current.json \
|
|
||||||
--output docs/reports/leo-working-state-20260709/helmer-approve-claim-clone-canary-current.json
|
|
||||||
```
|
|
||||||
|
|
||||||
5. Require `status=pass`, every check true, expected deltas equal measured
|
|
||||||
deltas, source hashes matching current files, zero live count deltas, stable
|
|
||||||
service endpoints, and independent clone/container/workdir cleanup.
|
|
||||||
6. Treat production deployment, permission migration, worker enablement, and a
|
|
||||||
production proposal apply as separate authorization windows.
|
|
||||||
|
|
||||||
## Current Proof And Claim Ceiling
|
|
||||||
|
|
||||||
The retained generic and Helmer v3 receipts each pass `37/37`. Generic proves
|
|
||||||
`2/2/2/1/1`; Helmer proves `5/13/17/7/1`. Live read-only endpoint counts stayed
|
|
||||||
`1837/4145/4670/4916/17/26`, and the gateway stayed on PID `2999690` with zero
|
|
||||||
restarts during those runs.
|
|
||||||
|
|
||||||
This proves current-source behavior in disposable PostgreSQL and unchanged live
|
|
||||||
count/service endpoints. PR #72 source later auto-synchronized to the VPS
|
|
||||||
checkout without a gateway restart or profile-source delta; the production
|
|
||||||
permission migration was not applied, the apply worker remained disabled and
|
|
||||||
inactive, and Helmer remained unapplied. Checkout synchronization alone is not
|
|
||||||
proof of any of those later state changes. It does not prove byte-for-byte live
|
|
||||||
content.
|
|
||||||
|
|
||||||
Read `docs/reports/leo-working-state-20260709/approve-claim-clone-canary-current.md`
|
|
||||||
and both JSON receipts before making a current claim.
|
|
||||||
Read `docs/reports/leo-working-state-20260709/pr72-vps-auto-deploy-runtime-nonchange-current.md`
|
|
||||||
before describing the VPS deployment state.
|
|
||||||
|
|
@ -1,76 +0,0 @@
|
||||||
---
|
|
||||||
name: teleo-leo-onboarding
|
|
||||||
description: Use when a worker needs fast context on Teleo/Living IP, Leo, the product architecture, current VPS/GCP split, and the July 9 working-state evidence before doing Leo, Teleo, KB, Telegram, VPS, or GCP work.
|
|
||||||
---
|
|
||||||
|
|
||||||
# Teleo / Leo Onboarding
|
|
||||||
|
|
||||||
## Job
|
|
||||||
|
|
||||||
Orient the worker before action. Build a current, proof-linked understanding of the company/product, Leo's role, the infrastructure surfaces, and the exact claim ceiling.
|
|
||||||
|
|
||||||
## Trigger Phrases
|
|
||||||
|
|
||||||
- "onboard to Leo"
|
|
||||||
- "what is Teleo / Living IP"
|
|
||||||
- "load Leo VPS context"
|
|
||||||
- "Fable handoff for Leo"
|
|
||||||
- "before working on Teleo infra"
|
|
||||||
- "explain the architecture"
|
|
||||||
|
|
||||||
## Core Model
|
|
||||||
|
|
||||||
- Teleo is the knowledge/agent infrastructure layer behind Leo.
|
|
||||||
- Leo is the operator-facing agent expected to answer in Telegram, remember operator context, reason from canonical KB state, stage concrete KB changes, and support approved changes becoming canonical DB rows with proof.
|
|
||||||
- The immediate July 9 issue is not generic bot liveness. It is Cory/m3taversal's expectation that approved KB changes move beyond proposal state when appropriate.
|
|
||||||
- The VPS is the currently proven Telegram-visible Leo surface.
|
|
||||||
- GCP is a separate lane. Project, VM, private Cloud SQL inventory, and bounded
|
|
||||||
serial unit activity are current. Current gateway PID/SHA/model/auth,
|
|
||||||
canonical DB rows, Cory answers, and cutover are not proven.
|
|
||||||
|
|
||||||
## Read First
|
|
||||||
|
|
||||||
From the repo root, read:
|
|
||||||
|
|
||||||
1. `docs/reports/leo-working-state-20260709/current-truth-index.md`
|
|
||||||
2. `docs/reports/leo-working-state-20260709/operator-surface-map.md`
|
|
||||||
3. `docs/reports/leo-working-state-20260709/working-leo-definition-20260709.md`
|
|
||||||
4. `docs/reports/leo-working-state-20260709/cory-expected-working-leo-outcomes-20260709.md`
|
|
||||||
5. `docs/reports/leo-working-state-20260709/approve-claim-clone-canary-current.md`
|
|
||||||
6. `docs/reports/leo-working-state-20260709/gcp-cloud-sql-t3-live-readonly-current.md`
|
|
||||||
7. `docs/reports/leo-working-state-20260709/gcp-cloudsql-studio-parity-gate-current.md`
|
|
||||||
8. `docs/reports/leo-working-state-20260709/gcp-leo-runtime-observability-current.md`
|
|
||||||
|
|
||||||
## Required Status Split
|
|
||||||
|
|
||||||
Every status answer must split:
|
|
||||||
|
|
||||||
- `VPS runtime`
|
|
||||||
- `Telegram-visible Leo`
|
|
||||||
- `KB proposal/staging`
|
|
||||||
- `Canonical DB apply`
|
|
||||||
- `GCP parity`
|
|
||||||
- `Runtime/code provenance`
|
|
||||||
|
|
||||||
Do not collapse GCP demo readiness into Telegram completion. Do not collapse proposal approval into canonical DB application.
|
|
||||||
|
|
||||||
## Hard Boundaries
|
|
||||||
|
|
||||||
- Do not do paid route work or introduce paid-route naming.
|
|
||||||
- Do not change live VPS Leo runtime behavior unless explicitly authorized.
|
|
||||||
- Do not production-apply DB packets unless explicitly authorized.
|
|
||||||
- Do not expose secret contents.
|
|
||||||
- Do not treat an old summary as current if a fresh readback is cheap.
|
|
||||||
- Do not call GCP blocked on CLI login when authenticated Chrome can answer the
|
|
||||||
control-plane question. Conversely, do not submit a raw DB password or create
|
|
||||||
IAM/users under a read-only lane.
|
|
||||||
|
|
||||||
## Output Format
|
|
||||||
|
|
||||||
For onboarding handoffs, return:
|
|
||||||
|
|
||||||
1. Product/architecture summary in 8 bullets or fewer.
|
|
||||||
2. Current proof split by VPS, Telegram, DB, GCP.
|
|
||||||
3. Evidence files actually read.
|
|
||||||
4. Exact claim ceiling.
|
|
||||||
5. Next runnable non-production action.
|
|
||||||
|
|
@ -1,54 +0,0 @@
|
||||||
---
|
|
||||||
name: teleo-proof-handoff
|
|
||||||
description: Use to package Leo/Teleo evidence and prompts for Fable, Codex, Opus, or future workers so they can continue without rereading the whole thread.
|
|
||||||
---
|
|
||||||
|
|
||||||
# Teleo Proof Handoff
|
|
||||||
|
|
||||||
## Job
|
|
||||||
|
|
||||||
Create a compact, evidence-indexed handoff that preserves current truth, claim ceilings, exact blockers, and next executable actions.
|
|
||||||
|
|
||||||
## Trigger Phrases
|
|
||||||
|
|
||||||
- "handoff to Fable"
|
|
||||||
- "worker onboarding"
|
|
||||||
- "pack the evidence"
|
|
||||||
- "resume Leo work"
|
|
||||||
- "create continuation prompt"
|
|
||||||
- "what should the next agent know"
|
|
||||||
|
|
||||||
## Required Sections
|
|
||||||
|
|
||||||
1. `current_canary`: the next runnable action and expected result.
|
|
||||||
2. `claim_ceiling`: what cannot be claimed yet.
|
|
||||||
3. `proven`: exact proof bullets with paths.
|
|
||||||
4. `not_proven`: exact remaining gaps.
|
|
||||||
5. `do_not_do`: scope boundaries.
|
|
||||||
6. `files_to_read_first`: no more than 10 files.
|
|
||||||
7. `commands_to_rerun`: freshness checks.
|
|
||||||
8. `next_action`: one non-production action to start now.
|
|
||||||
|
|
||||||
## Blocker Rule
|
|
||||||
|
|
||||||
If a worker claims blocked, require:
|
|
||||||
|
|
||||||
- `current_canary`
|
|
||||||
- `attempted_routes`
|
|
||||||
- `exact_gate`
|
|
||||||
- `clear_CTA`
|
|
||||||
- `next_non_user_action`
|
|
||||||
|
|
||||||
Do not accept vague blockers such as "login blocked", "human-origin proof needed", or "no access" without the exact app/account/route and next CTA.
|
|
||||||
|
|
||||||
## Fable Prompt
|
|
||||||
|
|
||||||
Use `docs/reports/leo-working-state-20260709/fable-leo-teleo-onboarding.md` as the default first prompt.
|
|
||||||
|
|
||||||
## Evidence Index
|
|
||||||
|
|
||||||
Use `docs/reports/leo-working-state-20260709/current-truth-index.md`.
|
|
||||||
|
|
||||||
## Handoff Claim Ceiling
|
|
||||||
|
|
||||||
A handoff is not completion. It is complete only if a future worker can start from retained files and run the named canary without asking for context.
|
|
||||||
|
|
@ -1,120 +0,0 @@
|
||||||
---
|
|
||||||
name: teleo-vps-runtime-ops
|
|
||||||
description: Use for Leo VPS navigation, service health, Docker/Postgres readbacks, clone DB rehearsals, report sync, and runtime stability verification without changing live Leo behavior.
|
|
||||||
---
|
|
||||||
|
|
||||||
# Teleo VPS Runtime Ops
|
|
||||||
|
|
||||||
## Job
|
|
||||||
|
|
||||||
Navigate and verify the VPS safely, with exact readbacks and no surprise live-runtime changes.
|
|
||||||
|
|
||||||
## Trigger Phrases
|
|
||||||
|
|
||||||
- "Leo on VPS"
|
|
||||||
- "check VPS stability"
|
|
||||||
- "navigate Teleo VPS"
|
|
||||||
- "leoclean service"
|
|
||||||
- "run DB rehearsal on VPS"
|
|
||||||
- "sync reports to VPS"
|
|
||||||
|
|
||||||
## Known Surfaces
|
|
||||||
|
|
||||||
- Host: `77.42.65.182`
|
|
||||||
- SSH user: `root`
|
|
||||||
- Local key path is available; never print private key contents.
|
|
||||||
- Service: `leoclean-gateway.service`
|
|
||||||
- DB container: `teleo-pg`
|
|
||||||
- DB: `teleo`
|
|
||||||
- Last retained count endpoints: claims `1837`, sources `4145`, evidence `4670`,
|
|
||||||
edges `4916`, reasoning tools `17`, proposals `26`. Treat these as stale until
|
|
||||||
refreshed.
|
|
||||||
- Profile reports: `/home/teleo/.hermes/profiles/leoclean/kb_stage/reports/`
|
|
||||||
- Deploy/source area: `/opt/teleo-eval/workspaces/deploy-infra`
|
|
||||||
|
|
||||||
## Required Fresh Readbacks
|
|
||||||
|
|
||||||
Before claiming runtime state, read:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
systemctl show leoclean-gateway.service -p ActiveState -p SubState -p MainPID -p NRestarts -p ExecMainStartTimestamp -p User -p WorkingDirectory
|
|
||||||
```
|
|
||||||
|
|
||||||
Before claiming DB state, use `docker exec teleo-pg psql -U postgres -d teleo` and query exact tables/rows.
|
|
||||||
Wrap verification queries in `begin transaction read only; ... rollback;`.
|
|
||||||
|
|
||||||
Before claiming cleanup, query disposable DBs:
|
|
||||||
|
|
||||||
```sql
|
|
||||||
select datname from pg_database where datname like 'teleo%rehearsal%20260709' or datname like 'teleo%packet%20260709';
|
|
||||||
```
|
|
||||||
|
|
||||||
## Auto-Deploy Semantics
|
|
||||||
|
|
||||||
`teleo-auto-deploy.timer` checks `main` every two minutes. A changed checkout
|
|
||||||
HEAD or `.last-deploy-sha` does not by itself prove that Leo restarted or that
|
|
||||||
canonical data changed. For each synchronized commit, also read:
|
|
||||||
|
|
||||||
1. `journalctl -u teleo-auto-deploy.service` for the exact deploy decision;
|
|
||||||
2. the commit delta under `hermes-agent/leoclean-bin/` and
|
|
||||||
`hermes-agent/leoclean-skills/vps/`;
|
|
||||||
3. gateway PID, start timestamp, and restart count;
|
|
||||||
4. `teleo-kb-apply-worker.service` enablement and active state;
|
|
||||||
5. canonical count endpoints in a read-only transaction.
|
|
||||||
|
|
||||||
Treat source checkout sync, runtime profile sync, service restart, permission
|
|
||||||
migration, worker enablement, and canonical DB apply as separate state changes.
|
|
||||||
|
|
||||||
## Mutating Boundaries
|
|
||||||
|
|
||||||
Allowed when needed:
|
|
||||||
|
|
||||||
- read-only service/DB inspection,
|
|
||||||
- disposable clone DB creation and drop for rehearsal,
|
|
||||||
- SQL rollback transactions,
|
|
||||||
- syncing report artifacts to the report directory,
|
|
||||||
- no-secret file checks.
|
|
||||||
|
|
||||||
Not allowed from this skill alone:
|
|
||||||
|
|
||||||
- restarting or changing the live Leo service,
|
|
||||||
- changing live runtime config,
|
|
||||||
- production DB commit/apply,
|
|
||||||
- exposing secret contents,
|
|
||||||
- deleting non-disposable data.
|
|
||||||
|
|
||||||
## Rehearsal Rules
|
|
||||||
|
|
||||||
For DB rehearsals:
|
|
||||||
|
|
||||||
1. Capture production preflight counts.
|
|
||||||
2. Create a disposable DB from live state.
|
|
||||||
3. Run commit SQL only in the disposable DB.
|
|
||||||
4. Run postflight counts.
|
|
||||||
5. Run delete rollback if applicable.
|
|
||||||
6. Drop the disposable DB.
|
|
||||||
7. Verify production counts stayed unchanged.
|
|
||||||
8. Verify the disposable DB no longer exists.
|
|
||||||
|
|
||||||
For the guarded claim-bundle lifecycle, prefer the retained isolated wrapper:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
scripts/run_approve_claim_isolated_container_canary.sh \
|
|
||||||
--output docs/reports/leo-working-state-20260709/approve-claim-clone-canary-current.json
|
|
||||||
```
|
|
||||||
|
|
||||||
It must use a disposable unexposed PostgreSQL container, bind its receipt to
|
|
||||||
current source hashes, compare exact payload projections and table deltas, read
|
|
||||||
live count/service endpoints without writing them, and independently prove the
|
|
||||||
container/workdir are absent afterward. Do not install the candidate code into
|
|
||||||
the live Leo deploy merely to run this canary.
|
|
||||||
|
|
||||||
## Blocker Format
|
|
||||||
|
|
||||||
Do not say "blocked" without:
|
|
||||||
|
|
||||||
- `current_canary`
|
|
||||||
- `attempted_routes`
|
|
||||||
- `exact_gate`
|
|
||||||
- `clear_CTA`
|
|
||||||
- `next_non_user_action`
|
|
||||||
|
|
@ -1,96 +0,0 @@
|
||||||
---
|
|
||||||
name: working-leo-cory-outcomes
|
|
||||||
description: "Use when defining, testing, or repairing Leo against Cory/m3taversal's expected outcomes: Telegram memory, critical reasoning, canonical KB truth, proposed-vs-approved-vs-applied state, and guarded DB manipulation."
|
|
||||||
---
|
|
||||||
|
|
||||||
# Working Leo / Cory Outcomes
|
|
||||||
|
|
||||||
## Job
|
|
||||||
|
|
||||||
Keep Leo work anchored to what Cory/m3taversal appears to mean by "working": not just answers, but remembered context, truthful KB state, and approved concrete changes becoming canonical rows through a guarded proof path.
|
|
||||||
|
|
||||||
## Trigger Phrases
|
|
||||||
|
|
||||||
- "working Leo"
|
|
||||||
- "Cory expected outcomes"
|
|
||||||
- "m3taversal says Leo is broken"
|
|
||||||
- "able to manipulate the knowledge base"
|
|
||||||
- "same state as last night"
|
|
||||||
- "critical reasoning behavior"
|
|
||||||
|
|
||||||
## Definition Of Working
|
|
||||||
|
|
||||||
A working Leo is a Telegram-facing agent that:
|
|
||||||
|
|
||||||
1. Remembers the current operator conversation.
|
|
||||||
2. Grounds KB answers in canonical Teleo Postgres rows when claiming KB truth.
|
|
||||||
3. Distinguishes `proposed`, `pending_review`, `approved`, `applied`, and `not applied`.
|
|
||||||
4. Does not say an approval changed canonical DB state when only `kb_stage` changed.
|
|
||||||
5. Can answer vague, high-level Cory-style incident prompts without being spoon-fed exact proposal IDs.
|
|
||||||
6. Can stage concrete KB changes from Telegram with enough structure for review.
|
|
||||||
7. Can move approved concrete changes through a guarded apply path when authorized.
|
|
||||||
8. Retains Cory's caveats and review notes in source/evidence/proposal rows.
|
|
||||||
9. Produces before/after table-level proof and service stability readback.
|
|
||||||
10. Survives an intentional `leoclean-gateway.service` restart: active before, active after, canonical KB counts unchanged, and a no-post handler smoke still answers.
|
|
||||||
11. For a reviewed graph bundle, produces exact payload-controlled row
|
|
||||||
projections, exact table deltas, source-byte binding, and cleanup proof in a
|
|
||||||
disposable runtime before any production permission or apply window.
|
|
||||||
|
|
||||||
## Current Benchmark Cases
|
|
||||||
|
|
||||||
- Marker memory: `WL-LIVE-TG-CORY-20260709`.
|
|
||||||
- Truth correction: `approved != applied`.
|
|
||||||
- Applied canary: proposal `00957f6c-9883-4015-95a4-6b09367efb0e` and edge `c167933e-d513-4f43-9335-d5d8aeb259f2`.
|
|
||||||
- Staged write canary: proposal `8dfedb3f-3aa4-4200-970f-4c0016f6869f`, status `pending_review`, with no new public canonical rows after the test timestamp.
|
|
||||||
- Open-ended triage canary: `WL-LIVE-TG-CORY-OPEN-20260709`, where Leo inferred the likely failure mode from "agents not working / same state as last night" and explained the proposed, approved, and applied split without exact IDs.
|
|
||||||
- Old rich proposal packets: `14fa5ecc...`, `ac036c9d...`, and `a64df080...` are not to be silently production-applied.
|
|
||||||
- Guarded apply proof: both generic and real Helmer v3 receipts pass `37/37` in
|
|
||||||
disposable PostgreSQL; production Helmer remains unapplied.
|
|
||||||
|
|
||||||
## Cory Direct Questions
|
|
||||||
|
|
||||||
For vague or no-context questions, answer directly and then name the one action
|
|
||||||
that would change the proof:
|
|
||||||
|
|
||||||
- "Did the DB change?": split applied rows, approved-but-unapplied proposals,
|
|
||||||
pending rows, and canceled rows. Say `Approved is not the same as applied`.
|
|
||||||
- "Is Helmer in Leo?": say `no, not canonical` until the exact claims, sources,
|
|
||||||
evidence, edges, reasoning tool, and applied ledger read back from production.
|
|
||||||
- "Did the decision matrix approve it?": verify matrix tables first; reviewer
|
|
||||||
approval is not a matrix vote.
|
|
||||||
- "Are document pointers the blocker?": answer `not just pointer mismatch` and
|
|
||||||
separate files, source refs, canonical source rows, review, and apply.
|
|
||||||
- "Can I demo KB mutation?": split staging-demo truth from canonical-apply truth.
|
|
||||||
- "Did editing SOUL.md change identity?": no canonical identity change without
|
|
||||||
row IDs plus render/sync postflight.
|
|
||||||
|
|
||||||
End no-context answers with exactly one `Next Cory-style follow-up:` line.
|
|
||||||
|
|
||||||
## Required Answer Discipline
|
|
||||||
|
|
||||||
When Leo or a worker answers about KB state, it must say:
|
|
||||||
|
|
||||||
- What source was used: memory, Telegram history, `kb_stage`, canonical `public.*`, or filesystem/runtime.
|
|
||||||
- Which rows/tables changed.
|
|
||||||
- Which proposal IDs are only staged/approved.
|
|
||||||
- Which canonical rows exist.
|
|
||||||
- What remains pending or deferred.
|
|
||||||
|
|
||||||
## Not Done
|
|
||||||
|
|
||||||
Leo is not working just because:
|
|
||||||
|
|
||||||
- the systemd service is active,
|
|
||||||
- Bot API calls work,
|
|
||||||
- a local handler canary passed,
|
|
||||||
- a proposal was approved,
|
|
||||||
- a packet was generated,
|
|
||||||
- a clone rehearsal passed.
|
|
||||||
- `NRestarts=0` was observed without an intentional restart-cycle proof.
|
|
||||||
|
|
||||||
Those are evidence. The target is Telegram-visible behavior plus DB-state truth plus a guarded path to canonical rows.
|
|
||||||
|
|
||||||
## Proof Files
|
|
||||||
|
|
||||||
Use `docs/reports/leo-working-state-20260709/current-truth-index.md` for current artifact paths.
|
|
||||||
For restart survival, use `scripts/collect_leo_restart_survival_proof.py --execute-restart`; expected artifacts are `docs/reports/leo-working-state-20260709/leo-restart-survival-proof-current.json` and `.md`.
|
|
||||||
187
.crabbox.yaml
187
.crabbox.yaml
|
|
@ -1,187 +0,0 @@
|
||||||
profile: teleo-infrastructure-check
|
|
||||||
provider: hetzner
|
|
||||||
target: linux
|
|
||||||
architecture: arm64
|
|
||||||
class: beast
|
|
||||||
ttl: 90m
|
|
||||||
idleTimeout: 20m
|
|
||||||
capacity:
|
|
||||||
market: spot
|
|
||||||
strategy: most-available
|
|
||||||
fallback: on-demand-after-120s
|
|
||||||
actions:
|
|
||||||
workflow: .github/workflows/crabbox.yml
|
|
||||||
job: hydrate
|
|
||||||
runnerLabels:
|
|
||||||
- crabbox
|
|
||||||
runnerVersion: latest
|
|
||||||
ephemeral: true
|
|
||||||
sync:
|
|
||||||
delete: true
|
|
||||||
checksum: false
|
|
||||||
gitSeed: true
|
|
||||||
fingerprint: true
|
|
||||||
timeout: 15m
|
|
||||||
warnFiles: 50000
|
|
||||||
warnBytes: 5368709120
|
|
||||||
failFiles: 150000
|
|
||||||
failBytes: 21474836480
|
|
||||||
exclude:
|
|
||||||
- .cache
|
|
||||||
- .venv
|
|
||||||
- .pytest_cache
|
|
||||||
- .ruff_cache
|
|
||||||
- __pycache__
|
|
||||||
- "*.pyc"
|
|
||||||
- "*.db"
|
|
||||||
- "*.db-wal"
|
|
||||||
- "*.db-shm"
|
|
||||||
- "*.log"
|
|
||||||
- logs
|
|
||||||
- secrets
|
|
||||||
- .env
|
|
||||||
- htmlcov
|
|
||||||
- dist
|
|
||||||
- build
|
|
||||||
- "*.egg-info"
|
|
||||||
- .turbo
|
|
||||||
- node_modules
|
|
||||||
env:
|
|
||||||
allow:
|
|
||||||
- CI
|
|
||||||
- PYTHONWARNINGS
|
|
||||||
- PHASE1B_AGENT_ROUTING_ENABLED
|
|
||||||
ssh:
|
|
||||||
user: crabbox
|
|
||||||
port: "2222"
|
|
||||||
# Ordered fallback ports tried after ssh.port; use [] to disable fallback.
|
|
||||||
fallbackPorts:
|
|
||||||
- "22"
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
ci-contract:
|
|
||||||
provider: hetzner
|
|
||||||
target: linux
|
|
||||||
architecture: arm64
|
|
||||||
class: beast
|
|
||||||
hydrate:
|
|
||||||
actions: true
|
|
||||||
githubRunner: false
|
|
||||||
waitTimeout: 20m
|
|
||||||
keepAliveMinutes: 90
|
|
||||||
actions:
|
|
||||||
workflow: .github/workflows/crabbox.yml
|
|
||||||
job: hydrate
|
|
||||||
shell: true
|
|
||||||
command: >
|
|
||||||
python3 -m pip install -e '.[dev]' &&
|
|
||||||
mkdir -p .crabbox-results &&
|
|
||||||
python3 scripts/check_crabbox_ci_contract.py
|
|
||||||
--output .crabbox-results/crabbox-ci-contract.json &&
|
|
||||||
python3 scripts/check_llm_refinement_contract.py
|
|
||||||
--output .crabbox-results/llm-refinement-contract.json &&
|
|
||||||
python3 scripts/replay_decision_engine_eval.py
|
|
||||||
--output .crabbox-results/decision-engine-eval.json
|
|
||||||
downloads:
|
|
||||||
- .crabbox-results/crabbox-ci-contract.json
|
|
||||||
- .crabbox-results/llm-refinement-contract.json
|
|
||||||
- .crabbox-results/decision-engine-eval.json
|
|
||||||
stop: always
|
|
||||||
|
|
||||||
unit:
|
|
||||||
provider: hetzner
|
|
||||||
target: linux
|
|
||||||
architecture: arm64
|
|
||||||
class: beast
|
|
||||||
hydrate:
|
|
||||||
actions: true
|
|
||||||
githubRunner: false
|
|
||||||
waitTimeout: 20m
|
|
||||||
keepAliveMinutes: 90
|
|
||||||
actions:
|
|
||||||
workflow: .github/workflows/crabbox.yml
|
|
||||||
job: hydrate
|
|
||||||
shell: true
|
|
||||||
command: >
|
|
||||||
python3 -m pip install -e '.[dev]' &&
|
|
||||||
mkdir -p .crabbox-results &&
|
|
||||||
python3 -m pytest --junitxml=.crabbox-results/pytest.xml
|
|
||||||
junit:
|
|
||||||
- .crabbox-results/pytest.xml
|
|
||||||
downloads:
|
|
||||||
- .crabbox-results/pytest.xml
|
|
||||||
stop: always
|
|
||||||
|
|
||||||
lint-phase1b:
|
|
||||||
provider: hetzner
|
|
||||||
target: linux
|
|
||||||
architecture: arm64
|
|
||||||
class: beast
|
|
||||||
hydrate:
|
|
||||||
actions: true
|
|
||||||
githubRunner: false
|
|
||||||
waitTimeout: 20m
|
|
||||||
keepAliveMinutes: 90
|
|
||||||
actions:
|
|
||||||
workflow: .github/workflows/crabbox.yml
|
|
||||||
job: hydrate
|
|
||||||
shell: true
|
|
||||||
command: >
|
|
||||||
python3 -m pip install -e '.[dev]' &&
|
|
||||||
python3 -m ruff check
|
|
||||||
lib/agent_routing.py
|
|
||||||
lib/config.py
|
|
||||||
lib/db.py
|
|
||||||
lib/evaluate.py
|
|
||||||
lib/llm.py
|
|
||||||
lib/post_extract.py
|
|
||||||
telegram/approvals.py
|
|
||||||
scripts/prove_phase1b_local.py
|
|
||||||
tests/test_agent_routing.py
|
|
||||||
tests/test_evaluate_agent_routing.py
|
|
||||||
tests/test_phase1b_end_to_end.py
|
|
||||||
tests/test_eval_parse.py
|
|
||||||
tests/test_contributor.py
|
|
||||||
tests/test_search.py
|
|
||||||
stop: always
|
|
||||||
|
|
||||||
phase1b-local-proof:
|
|
||||||
provider: hetzner
|
|
||||||
target: linux
|
|
||||||
architecture: arm64
|
|
||||||
class: beast
|
|
||||||
hydrate:
|
|
||||||
actions: true
|
|
||||||
githubRunner: false
|
|
||||||
waitTimeout: 20m
|
|
||||||
keepAliveMinutes: 90
|
|
||||||
actions:
|
|
||||||
workflow: .github/workflows/crabbox.yml
|
|
||||||
job: hydrate
|
|
||||||
shell: true
|
|
||||||
command: >
|
|
||||||
python3 -m pip install -e '.[dev]' &&
|
|
||||||
scripts/crabbox_phase1b_proof.sh
|
|
||||||
junit:
|
|
||||||
- .crabbox-results/phase1b-pytest.xml
|
|
||||||
downloads:
|
|
||||||
- .crabbox-results/crabbox-ci-contract.json
|
|
||||||
- proof/phase1b-local-e2e-proof.json
|
|
||||||
- .crabbox-results/phase1b-pytest.xml
|
|
||||||
- .crabbox-results/phase1b-proof-summary.json
|
|
||||||
stop: always
|
|
||||||
|
|
||||||
sync-smoke:
|
|
||||||
provider: hetzner
|
|
||||||
target: linux
|
|
||||||
architecture: arm64
|
|
||||||
class: beast
|
|
||||||
hydrate:
|
|
||||||
actions: false
|
|
||||||
shell: true
|
|
||||||
command: >
|
|
||||||
python3 -m compileall
|
|
||||||
lib
|
|
||||||
tests
|
|
||||||
scripts/prove_phase1b_local.py
|
|
||||||
stop: always
|
|
||||||
|
|
@ -1,21 +0,0 @@
|
||||||
.git
|
|
||||||
.venv
|
|
||||||
__pycache__
|
|
||||||
*.pyc
|
|
||||||
.pytest_cache
|
|
||||||
.ruff_cache
|
|
||||||
.mypy_cache
|
|
||||||
.env
|
|
||||||
*.env
|
|
||||||
secrets/
|
|
||||||
telegram-archives/
|
|
||||||
transcripts/
|
|
||||||
logs/
|
|
||||||
pipeline.db
|
|
||||||
pipeline.db-*
|
|
||||||
*.sqlite
|
|
||||||
*.sqlite3
|
|
||||||
agentcash/
|
|
||||||
.agentcash/
|
|
||||||
.hermes/
|
|
||||||
node_modules/
|
|
||||||
173
.github/workflows/ci.yml
vendored
173
.github/workflows/ci.yml
vendored
|
|
@ -1,173 +0,0 @@
|
||||||
name: ci
|
|
||||||
|
|
||||||
on:
|
|
||||||
pull_request:
|
|
||||||
push:
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
workflow_dispatch:
|
|
||||||
|
|
||||||
permissions:
|
|
||||||
contents: read
|
|
||||||
|
|
||||||
concurrency:
|
|
||||||
group: ci-${{ github.workflow }}-${{ github.ref }}
|
|
||||||
cancel-in-progress: true
|
|
||||||
|
|
||||||
env:
|
|
||||||
PYTHON_VERSION: "3.11"
|
|
||||||
CI: "1"
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
lint:
|
|
||||||
name: Focused lint
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
timeout-minutes: 10
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v4
|
|
||||||
- uses: actions/setup-python@v5
|
|
||||||
with:
|
|
||||||
python-version: ${{ env.PYTHON_VERSION }}
|
|
||||||
- name: Install
|
|
||||||
run: |
|
|
||||||
python -m pip install --upgrade pip
|
|
||||||
python -m pip install -e ".[dev]"
|
|
||||||
- name: Ruff focused surface
|
|
||||||
run: |
|
|
||||||
python -m ruff check \
|
|
||||||
lib/agent_routing.py \
|
|
||||||
lib/config.py \
|
|
||||||
lib/db.py \
|
|
||||||
lib/evaluate.py \
|
|
||||||
lib/llm.py \
|
|
||||||
lib/post_extract.py \
|
|
||||||
ops/apply_gcp_iam_split.py \
|
|
||||||
ops/check_gcp_infra_readiness.py \
|
|
||||||
ops/run_gcp_infra_execute_canary.py \
|
|
||||||
ops/apply_gcp_runtime_baseline.py \
|
|
||||||
ops/check_gcp_service_communications.py \
|
|
||||||
ops/plan_gcp_iam_split.py \
|
|
||||||
ops/redact_sqlite_postgres_restore_canary.py \
|
|
||||||
ops/sqlite_to_postgres_dump.py \
|
|
||||||
ops/verify_gcp_cloudsql_restore_readback.py \
|
|
||||||
telegram/approvals.py \
|
|
||||||
scripts/check_crabbox_ci_contract.py \
|
|
||||||
scripts/check_llm_refinement_contract.py \
|
|
||||||
scripts/replay_decision_engine_eval.py \
|
|
||||||
scripts/prove_phase1b_local.py \
|
|
||||||
tests/test_agent_routing.py \
|
|
||||||
tests/test_decision_engine_replay.py \
|
|
||||||
tests/test_evaluate_agent_routing.py \
|
|
||||||
tests/test_gcp_artifact_workflow.py \
|
|
||||||
tests/test_gcp_infra_execute_canary.py \
|
|
||||||
tests/test_gcp_infra_readiness_checker.py \
|
|
||||||
tests/test_gcp_runtime_baseline_apply.py \
|
|
||||||
tests/test_gcp_service_communications.py \
|
|
||||||
tests/test_gcp_cloudsql_restore_drill.py \
|
|
||||||
tests/test_gcp_cloudsql_restore_readback.py \
|
|
||||||
tests/test_gcp_iam_split_apply.py \
|
|
||||||
tests/test_gcp_iam_split_plan.py \
|
|
||||||
tests/test_gcp_readiness_workflow.py \
|
|
||||||
tests/test_phase1b_end_to_end.py \
|
|
||||||
tests/test_sqlite_to_postgres_dump.py \
|
|
||||||
tests/test_sqlite_postgres_restore_canary_capsule.py \
|
|
||||||
tests/test_eval_parse.py \
|
|
||||||
tests/test_contributor.py \
|
|
||||||
tests/test_search.py
|
|
||||||
- name: Shell syntax
|
|
||||||
run: |
|
|
||||||
bash -n \
|
|
||||||
ops/backup_vps_sqlite_kb.sh \
|
|
||||||
ops/run_gcp_cloudsql_restore_drill.sh \
|
|
||||||
ops/run_sqlite_postgres_restore_canary.sh
|
|
||||||
|
|
||||||
test:
|
|
||||||
name: Unit tests
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
timeout-minutes: 20
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v4
|
|
||||||
- uses: actions/setup-python@v5
|
|
||||||
with:
|
|
||||||
python-version: ${{ env.PYTHON_VERSION }}
|
|
||||||
- name: Install
|
|
||||||
run: |
|
|
||||||
python -m pip install --upgrade pip
|
|
||||||
python -m pip install -e ".[dev]"
|
|
||||||
- name: Pytest
|
|
||||||
run: |
|
|
||||||
mkdir -p .crabbox-results
|
|
||||||
python -m pytest --junitxml=.crabbox-results/pytest.xml
|
|
||||||
- name: Upload test artifact
|
|
||||||
if: always()
|
|
||||||
uses: actions/upload-artifact@v4
|
|
||||||
with:
|
|
||||||
name: teleo-infrastructure-pytest
|
|
||||||
path: .crabbox-results/pytest.xml
|
|
||||||
if-no-files-found: warn
|
|
||||||
|
|
||||||
repo-contracts:
|
|
||||||
name: Repo contracts
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
timeout-minutes: 10
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v4
|
|
||||||
- uses: actions/setup-python@v5
|
|
||||||
with:
|
|
||||||
python-version: ${{ env.PYTHON_VERSION }}
|
|
||||||
- name: Install
|
|
||||||
run: |
|
|
||||||
python -m pip install --upgrade pip
|
|
||||||
python -m pip install -e ".[dev]"
|
|
||||||
- name: Validate repo-owned contract
|
|
||||||
run: |
|
|
||||||
python scripts/check_crabbox_ci_contract.py \
|
|
||||||
--output .crabbox-results/crabbox-ci-contract.json
|
|
||||||
python scripts/check_llm_refinement_contract.py \
|
|
||||||
--output .crabbox-results/llm-refinement-contract.json
|
|
||||||
python scripts/replay_decision_engine_eval.py \
|
|
||||||
--output .crabbox-results/decision-engine-eval.json
|
|
||||||
- name: Upload contract artifacts
|
|
||||||
if: always()
|
|
||||||
uses: actions/upload-artifact@v4
|
|
||||||
with:
|
|
||||||
name: teleo-infrastructure-repo-contracts
|
|
||||||
path: |
|
|
||||||
.crabbox-results/crabbox-ci-contract.json
|
|
||||||
.crabbox-results/llm-refinement-contract.json
|
|
||||||
.crabbox-results/decision-engine-eval.json
|
|
||||||
if-no-files-found: error
|
|
||||||
|
|
||||||
phase1b-local-proof:
|
|
||||||
name: Phase 1B local proof
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
needs:
|
|
||||||
- lint
|
|
||||||
- test
|
|
||||||
- repo-contracts
|
|
||||||
timeout-minutes: 20
|
|
||||||
env:
|
|
||||||
PHASE1B_AGENT_ROUTING_ENABLED: "true"
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v4
|
|
||||||
- uses: actions/setup-python@v5
|
|
||||||
with:
|
|
||||||
python-version: ${{ env.PYTHON_VERSION }}
|
|
||||||
- name: Install
|
|
||||||
run: |
|
|
||||||
python -m pip install --upgrade pip
|
|
||||||
python -m pip install -e ".[dev]"
|
|
||||||
- name: Run proof wrapper
|
|
||||||
run: |
|
|
||||||
scripts/crabbox_phase1b_proof.sh
|
|
||||||
- name: Upload proof artifacts
|
|
||||||
if: always()
|
|
||||||
uses: actions/upload-artifact@v4
|
|
||||||
with:
|
|
||||||
name: teleo-infrastructure-phase1b-proof
|
|
||||||
path: |
|
|
||||||
.crabbox-results/crabbox-ci-contract.json
|
|
||||||
proof/phase1b-local-e2e-proof.json
|
|
||||||
.crabbox-results/phase1b-pytest.xml
|
|
||||||
.crabbox-results/phase1b-proof-summary.json
|
|
||||||
if-no-files-found: warn
|
|
||||||
101
.github/workflows/crabbox.yml
vendored
101
.github/workflows/crabbox.yml
vendored
|
|
@ -1,101 +0,0 @@
|
||||||
name: crabbox
|
|
||||||
|
|
||||||
on:
|
|
||||||
workflow_dispatch:
|
|
||||||
inputs:
|
|
||||||
ref:
|
|
||||||
description: "Git ref to hydrate"
|
|
||||||
required: false
|
|
||||||
type: string
|
|
||||||
crabbox_id:
|
|
||||||
description: "Crabbox lease ID"
|
|
||||||
required: true
|
|
||||||
type: string
|
|
||||||
crabbox_runner_label:
|
|
||||||
description: "Dynamic Crabbox runner label"
|
|
||||||
required: true
|
|
||||||
type: string
|
|
||||||
crabbox_job:
|
|
||||||
description: "Hydration job identifier expected by Crabbox"
|
|
||||||
required: false
|
|
||||||
default: "hydrate"
|
|
||||||
type: string
|
|
||||||
crabbox_keep_alive_minutes:
|
|
||||||
description: "Minutes to keep the hydrated job alive"
|
|
||||||
required: false
|
|
||||||
default: "90"
|
|
||||||
type: string
|
|
||||||
|
|
||||||
permissions:
|
|
||||||
contents: read
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
hydrate:
|
|
||||||
runs-on: [self-hosted, "${{ inputs.crabbox_runner_label }}"]
|
|
||||||
timeout-minutes: 120
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v4
|
|
||||||
with:
|
|
||||||
ref: ${{ inputs.ref || github.ref }}
|
|
||||||
- uses: actions/setup-python@v5
|
|
||||||
with:
|
|
||||||
python-version: "3.11"
|
|
||||||
- name: Hydrate
|
|
||||||
run: |
|
|
||||||
python -m pip install --upgrade pip
|
|
||||||
python -m pip install -e ".[dev]"
|
|
||||||
if [ -f package-lock.json ]; then npm ci; fi
|
|
||||||
if [ -f pnpm-lock.yaml ]; then corepack enable && pnpm install --frozen-lockfile; fi
|
|
||||||
if [ -f go.mod ]; then go mod download; fi
|
|
||||||
- name: Mark Crabbox ready
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
job="${{ inputs.crabbox_job }}"
|
|
||||||
if [ -z "$job" ]; then job=hydrate; fi
|
|
||||||
mkdir -p "$HOME/.crabbox/actions"
|
|
||||||
state="$HOME/.crabbox/actions/${{ inputs.crabbox_id }}.env"
|
|
||||||
env_file="$HOME/.crabbox/actions/${{ inputs.crabbox_id }}.env.sh"
|
|
||||||
services_file="$HOME/.crabbox/actions/${{ inputs.crabbox_id }}.services"
|
|
||||||
write_export() {
|
|
||||||
key="$1"
|
|
||||||
value="${!key-}"
|
|
||||||
if [ -n "$value" ]; then
|
|
||||||
printf 'export %s=%q\n' "$key" "$value"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
{
|
|
||||||
for key in CI GITHUB_ACTIONS GITHUB_WORKSPACE GITHUB_REPOSITORY GITHUB_RUN_ID GITHUB_RUN_NUMBER GITHUB_RUN_ATTEMPT GITHUB_REF GITHUB_REF_NAME GITHUB_SHA GITHUB_EVENT_NAME GITHUB_ACTOR GITHUB_JOB RUNNER_OS RUNNER_ARCH RUNNER_TEMP RUNNER_TOOL_CACHE; do
|
|
||||||
write_export "$key"
|
|
||||||
done
|
|
||||||
} > "${env_file}.tmp"
|
|
||||||
mv "${env_file}.tmp" "$env_file"
|
|
||||||
{
|
|
||||||
echo "# Docker containers visible from the hydrated runner"
|
|
||||||
docker ps --format '{{.Names}}\t{{.Image}}\t{{.Ports}}' 2>/dev/null || true
|
|
||||||
} > "${services_file}.tmp"
|
|
||||||
mv "${services_file}.tmp" "$services_file"
|
|
||||||
tmp="${state}.tmp"
|
|
||||||
{
|
|
||||||
echo "WORKSPACE=${GITHUB_WORKSPACE}"
|
|
||||||
echo "RUN_ID=${GITHUB_RUN_ID}"
|
|
||||||
echo "JOB=${job}"
|
|
||||||
echo "ENV_FILE=${env_file}"
|
|
||||||
echo "SERVICES_FILE=${services_file}"
|
|
||||||
echo "READY_AT=$(date -u +%Y-%m-%dT%H:%M:%SZ)"
|
|
||||||
} > "$tmp"
|
|
||||||
mv "$tmp" "$state"
|
|
||||||
- name: Keep Crabbox job alive
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
minutes="${{ inputs.crabbox_keep_alive_minutes }}"
|
|
||||||
case "$minutes" in
|
|
||||||
''|*[!0-9]*) minutes=90 ;;
|
|
||||||
esac
|
|
||||||
stop="$HOME/.crabbox/actions/${{ inputs.crabbox_id }}.stop"
|
|
||||||
deadline=$(( $(date +%s) + minutes * 60 ))
|
|
||||||
while [ "$(date +%s)" -lt "$deadline" ]; do
|
|
||||||
if [ -f "$stop" ]; then
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
sleep 15
|
|
||||||
done
|
|
||||||
86
.github/workflows/gcp-artifact.yml
vendored
86
.github/workflows/gcp-artifact.yml
vendored
|
|
@ -1,86 +0,0 @@
|
||||||
name: gcp-artifact
|
|
||||||
|
|
||||||
on:
|
|
||||||
push:
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
workflow_dispatch:
|
|
||||||
|
|
||||||
permissions:
|
|
||||||
contents: read
|
|
||||||
id-token: write
|
|
||||||
|
|
||||||
concurrency:
|
|
||||||
group: gcp-artifact-${{ github.ref }}
|
|
||||||
cancel-in-progress: true
|
|
||||||
|
|
||||||
env:
|
|
||||||
PROJECT_ID: teleo-501523
|
|
||||||
REGION: europe-west6
|
|
||||||
ARTIFACT_REPOSITORY: teleo
|
|
||||||
IMAGE_NAME: teleo-pipeline-gcp-staging
|
|
||||||
WORKLOAD_IDENTITY_PROVIDER: projects/785938879453/locations/global/workloadIdentityPools/github-actions/providers/living-ip-github
|
|
||||||
ARTIFACT_SERVICE_ACCOUNT: sa-artifact-builder@teleo-501523.iam.gserviceaccount.com
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
build-smoke-push:
|
|
||||||
name: Build, smoke-run, and push Docker image
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
timeout-minutes: 20
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- id: auth
|
|
||||||
uses: google-github-actions/auth@v2
|
|
||||||
with:
|
|
||||||
workload_identity_provider: ${{ env.WORKLOAD_IDENTITY_PROVIDER }}
|
|
||||||
service_account: ${{ env.ARTIFACT_SERVICE_ACCOUNT }}
|
|
||||||
|
|
||||||
- uses: google-github-actions/setup-gcloud@v2
|
|
||||||
|
|
||||||
- name: Configure Artifact Registry Docker auth
|
|
||||||
run: |
|
|
||||||
gcloud auth configure-docker "${REGION}-docker.pkg.dev" --quiet
|
|
||||||
|
|
||||||
- name: Build, smoke-run, and push
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
set -euo pipefail
|
|
||||||
tag="${GITHUB_SHA::7}"
|
|
||||||
image_uri="${REGION}-docker.pkg.dev/${PROJECT_ID}/${ARTIFACT_REPOSITORY}/${IMAGE_NAME}:${tag}"
|
|
||||||
image_digest="$(gcloud artifacts docker images describe "${image_uri}" --format='value(image_summary.digest)' 2>/dev/null || true)"
|
|
||||||
|
|
||||||
if [[ -n "${image_digest}" ]]; then
|
|
||||||
echo "Image tag already exists; reusing immutable Artifact Registry image."
|
|
||||||
docker pull "${image_uri}@${image_digest}"
|
|
||||||
docker run --rm "${image_uri}@${image_digest}"
|
|
||||||
else
|
|
||||||
docker build \
|
|
||||||
-f Dockerfile.gcp-staging \
|
|
||||||
--label "org.opencontainers.image.source=https://github.com/${GITHUB_REPOSITORY}" \
|
|
||||||
--label "org.opencontainers.image.revision=${GITHUB_SHA}" \
|
|
||||||
--label "livingip.revision=${GITHUB_SHA}" \
|
|
||||||
--label "livingip.surface=teleo-infrastructure" \
|
|
||||||
--label "livingip.tier=gcp-staging" \
|
|
||||||
-t "${image_uri}" \
|
|
||||||
.
|
|
||||||
|
|
||||||
docker run --rm "${image_uri}"
|
|
||||||
docker push "${image_uri}" | tee docker-push.log
|
|
||||||
image_digest="$(awk '/digest: sha256:/ {print $3}' docker-push.log | tail -1)"
|
|
||||||
fi
|
|
||||||
test -n "${image_digest}"
|
|
||||||
|
|
||||||
{
|
|
||||||
echo "image_uri=${image_uri}"
|
|
||||||
echo "image_digest=${image_digest}"
|
|
||||||
echo "image_ref=${image_uri}@${image_digest}"
|
|
||||||
echo "revision=${GITHUB_SHA}"
|
|
||||||
} > gcp-artifact-image.txt
|
|
||||||
|
|
||||||
- name: Upload image receipt
|
|
||||||
uses: actions/upload-artifact@v4
|
|
||||||
with:
|
|
||||||
name: gcp-artifact-image
|
|
||||||
path: gcp-artifact-image.txt
|
|
||||||
if-no-files-found: error
|
|
||||||
132
.github/workflows/gcp-readiness.yml
vendored
132
.github/workflows/gcp-readiness.yml
vendored
|
|
@ -1,132 +0,0 @@
|
||||||
name: gcp-readiness
|
|
||||||
|
|
||||||
on:
|
|
||||||
workflow_dispatch:
|
|
||||||
inputs:
|
|
||||||
service_account:
|
|
||||||
description: GCP service account to impersonate for the read-only readiness probe
|
|
||||||
required: false
|
|
||||||
default: sa-teleo-readiness@teleo-501523.iam.gserviceaccount.com
|
|
||||||
restore_canary_capsule_b64:
|
|
||||||
description: Optional base64-encoded non-secret SQLite-to-Postgres restore canary capsule
|
|
||||||
required: false
|
|
||||||
default: ""
|
|
||||||
|
|
||||||
permissions:
|
|
||||||
contents: read
|
|
||||||
id-token: write
|
|
||||||
|
|
||||||
concurrency:
|
|
||||||
group: gcp-readiness-${{ github.ref }}
|
|
||||||
cancel-in-progress: true
|
|
||||||
|
|
||||||
env:
|
|
||||||
PROJECT_ID: teleo-501523
|
|
||||||
WORKLOAD_IDENTITY_PROVIDER: projects/785938879453/locations/global/workloadIdentityPools/github-actions/providers/living-ip-github
|
|
||||||
READINESS_SERVICE_ACCOUNT: ${{ inputs.service_account || 'sa-teleo-readiness@teleo-501523.iam.gserviceaccount.com' }}
|
|
||||||
RESTORE_CANARY_CAPSULE_B64: ${{ inputs.restore_canary_capsule_b64 || '' }}
|
|
||||||
READINESS_ARTIFACT_DIR: gcp-readiness-artifacts
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
readiness:
|
|
||||||
name: Read-only GCP readiness probe
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
timeout-minutes: 10
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- id: auth
|
|
||||||
uses: google-github-actions/auth@v2
|
|
||||||
with:
|
|
||||||
workload_identity_provider: ${{ env.WORKLOAD_IDENTITY_PROVIDER }}
|
|
||||||
service_account: ${{ env.READINESS_SERVICE_ACCOUNT }}
|
|
||||||
|
|
||||||
- uses: google-github-actions/setup-gcloud@v2
|
|
||||||
|
|
||||||
- name: Install optional restore canary capsule
|
|
||||||
if: ${{ env.RESTORE_CANARY_CAPSULE_B64 != '' }}
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
set -euo pipefail
|
|
||||||
mkdir -p "${READINESS_ARTIFACT_DIR}"
|
|
||||||
capsule_path="${READINESS_ARTIFACT_DIR}/restore-canary-capsule.json"
|
|
||||||
printf '%s' "${RESTORE_CANARY_CAPSULE_B64}" | base64 --decode > "${capsule_path}"
|
|
||||||
python3 -m json.tool "${capsule_path}" >/dev/null
|
|
||||||
echo "TELEO_GCP_RESTORE_CANARY_CAPSULE=${capsule_path}" >> "${GITHUB_ENV}"
|
|
||||||
|
|
||||||
- name: Capture gcloud identity
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
set +e
|
|
||||||
mkdir -p "${READINESS_ARTIFACT_DIR}"
|
|
||||||
{
|
|
||||||
echo "project=${PROJECT_ID}"
|
|
||||||
echo "service_account=${READINESS_SERVICE_ACCOUNT}"
|
|
||||||
echo "workflow_ref=${GITHUB_REF}"
|
|
||||||
echo "revision=${GITHUB_SHA}"
|
|
||||||
} > "${READINESS_ARTIFACT_DIR}/context.txt"
|
|
||||||
gcloud auth list --format=json > "${READINESS_ARTIFACT_DIR}/gcloud-auth-list.json" 2> "${READINESS_ARTIFACT_DIR}/gcloud-auth-list.stderr"
|
|
||||||
echo "$?" > "${READINESS_ARTIFACT_DIR}/gcloud-auth-list.exitcode"
|
|
||||||
gcloud config list --format=json > "${READINESS_ARTIFACT_DIR}/gcloud-config-list.json" 2> "${READINESS_ARTIFACT_DIR}/gcloud-config-list.stderr"
|
|
||||||
echo "$?" > "${READINESS_ARTIFACT_DIR}/gcloud-config-list.exitcode"
|
|
||||||
|
|
||||||
- name: Run readiness checker
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
set +e
|
|
||||||
mkdir -p "${READINESS_ARTIFACT_DIR}"
|
|
||||||
python3 ops/check_gcp_infra_readiness.py \
|
|
||||||
> "${READINESS_ARTIFACT_DIR}/gcp-infra-readiness.json" \
|
|
||||||
2> "${READINESS_ARTIFACT_DIR}/gcp-infra-readiness.stderr"
|
|
||||||
echo "$?" > "${READINESS_ARTIFACT_DIR}/gcp-infra-readiness.exitcode"
|
|
||||||
python3 - <<'PY'
|
|
||||||
import os
|
|
||||||
import json
|
|
||||||
from pathlib import Path
|
|
||||||
|
|
||||||
base = Path(os.environ["READINESS_ARTIFACT_DIR"])
|
|
||||||
report = {
|
|
||||||
"artifact": "github_wif_gcp_readiness_probe",
|
|
||||||
"checker_exitcode": (base / "gcp-infra-readiness.exitcode").read_text().strip(),
|
|
||||||
"stderr_tail": (base / "gcp-infra-readiness.stderr").read_text()[-2000:],
|
|
||||||
}
|
|
||||||
try:
|
|
||||||
payload = json.loads((base / "gcp-infra-readiness.json").read_text() or "{}")
|
|
||||||
except json.JSONDecodeError as exc:
|
|
||||||
report["json_parse_error"] = str(exc)
|
|
||||||
payload = {}
|
|
||||||
if payload:
|
|
||||||
report["pass_count"] = payload.get("pass_count")
|
|
||||||
report["blocked_count"] = payload.get("blocked_count")
|
|
||||||
report["fail_count"] = payload.get("fail_count")
|
|
||||||
report["checks"] = [
|
|
||||||
{
|
|
||||||
"name": check.get("name"),
|
|
||||||
"status": check.get("status"),
|
|
||||||
"required_tier": check.get("required_tier"),
|
|
||||||
"current_tier": check.get("current_tier"),
|
|
||||||
"detail": (check.get("detail") or "")[:500],
|
|
||||||
}
|
|
||||||
for check in payload.get("checks", [])
|
|
||||||
]
|
|
||||||
(base / "gcp-readiness-summary.json").write_text(json.dumps(report, indent=2, sort_keys=True) + "\n")
|
|
||||||
print(json.dumps(report, indent=2, sort_keys=True))
|
|
||||||
PY
|
|
||||||
|
|
||||||
- name: Upload readiness artifacts
|
|
||||||
if: always()
|
|
||||||
uses: actions/upload-artifact@v4
|
|
||||||
with:
|
|
||||||
name: gcp-readiness
|
|
||||||
path: ${{ env.READINESS_ARTIFACT_DIR }}/
|
|
||||||
if-no-files-found: error
|
|
||||||
|
|
||||||
- name: Enforce readiness result
|
|
||||||
if: always()
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
code="$(cat "${READINESS_ARTIFACT_DIR}/gcp-infra-readiness.exitcode" 2>/dev/null || echo 1)"
|
|
||||||
if [ "${code}" != "0" ]; then
|
|
||||||
echo "GCP readiness checker failed with exit code ${code}. See the uploaded gcp-readiness artifact for exact failed checks."
|
|
||||||
exit "${code}"
|
|
||||||
fi
|
|
||||||
2
.gitignore
vendored
2
.gitignore
vendored
|
|
@ -20,8 +20,6 @@ logs/
|
||||||
|
|
||||||
# Test artifacts
|
# Test artifacts
|
||||||
.pytest_cache/
|
.pytest_cache/
|
||||||
.crabbox/
|
|
||||||
.crabbox-results/
|
|
||||||
htmlcov/
|
htmlcov/
|
||||||
.coverage
|
.coverage
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,30 +0,0 @@
|
||||||
FROM python:3.11-slim
|
|
||||||
|
|
||||||
ENV PYTHONDONTWRITEBYTECODE=1
|
|
||||||
ENV PYTHONUNBUFFERED=1
|
|
||||||
ENV PIPELINE_BASE=/opt/teleo-eval
|
|
||||||
|
|
||||||
WORKDIR /app
|
|
||||||
|
|
||||||
RUN apt-get update \
|
|
||||||
&& apt-get install -y --no-install-recommends ca-certificates curl git bash \
|
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
|
||||||
|
|
||||||
COPY pyproject.toml README.md /app/
|
|
||||||
COPY lib /app/lib
|
|
||||||
COPY tests /app/tests
|
|
||||||
COPY scripts /app/scripts
|
|
||||||
COPY fixtures /app/fixtures
|
|
||||||
COPY schemas /app/schemas
|
|
||||||
COPY systemd /app/systemd
|
|
||||||
COPY deploy /app/deploy
|
|
||||||
COPY diagnostics /app/diagnostics
|
|
||||||
COPY telegram /app/telegram
|
|
||||||
COPY teleo-pipeline.py /app/teleo-pipeline.py
|
|
||||||
COPY docker/gcp-staging-smoke.sh /usr/local/bin/gcp-staging-smoke
|
|
||||||
|
|
||||||
RUN pip install --no-cache-dir --upgrade pip \
|
|
||||||
&& pip install --no-cache-dir -e ".[dev]" \
|
|
||||||
&& chmod +x /usr/local/bin/gcp-staging-smoke
|
|
||||||
|
|
||||||
CMD ["/usr/local/bin/gcp-staging-smoke"]
|
|
||||||
|
|
@ -1,43 +0,0 @@
|
||||||
substitutions:
|
|
||||||
_REGION: europe-west6
|
|
||||||
_REPOSITORY: teleo
|
|
||||||
_IMAGE: teleo-pipeline-gcp-staging
|
|
||||||
_TAG: manual-local
|
|
||||||
_REVISION: unknown
|
|
||||||
|
|
||||||
options:
|
|
||||||
logging: CLOUD_LOGGING_ONLY
|
|
||||||
machineType: E2_HIGHCPU_8
|
|
||||||
|
|
||||||
serviceAccount: projects/teleo-501523/serviceAccounts/sa-teleo-cloudbuild@teleo-501523.iam.gserviceaccount.com
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- id: build-staging-image
|
|
||||||
name: gcr.io/cloud-builders/docker
|
|
||||||
args:
|
|
||||||
- build
|
|
||||||
- -f
|
|
||||||
- Dockerfile.gcp-staging
|
|
||||||
- --label
|
|
||||||
- org.opencontainers.image.source=https://github.com/living-ip/teleo-infrastructure
|
|
||||||
- --label
|
|
||||||
- org.opencontainers.image.revision=${_REVISION}
|
|
||||||
- --label
|
|
||||||
- livingip.revision=${_REVISION}
|
|
||||||
- --label
|
|
||||||
- livingip.surface=teleo-infrastructure
|
|
||||||
- --label
|
|
||||||
- livingip.tier=gcp-staging
|
|
||||||
- -t
|
|
||||||
- ${_REGION}-docker.pkg.dev/$PROJECT_ID/${_REPOSITORY}/${_IMAGE}:${_TAG}
|
|
||||||
- .
|
|
||||||
|
|
||||||
- id: smoke-test-image-before-push
|
|
||||||
name: gcr.io/cloud-builders/docker
|
|
||||||
args:
|
|
||||||
- run
|
|
||||||
- --rm
|
|
||||||
- ${_REGION}-docker.pkg.dev/$PROJECT_ID/${_REPOSITORY}/${_IMAGE}:${_TAG}
|
|
||||||
|
|
||||||
images:
|
|
||||||
- ${_REGION}-docker.pkg.dev/$PROJECT_ID/${_REPOSITORY}/${_IMAGE}:${_TAG}
|
|
||||||
|
|
@ -1,185 +0,0 @@
|
||||||
{
|
|
||||||
"artifact": "teleo_gcp_service_communication_contract",
|
|
||||||
"schema_version": 1,
|
|
||||||
"project": "teleo-501523",
|
|
||||||
"region": "europe-west6",
|
|
||||||
"network": "teleo-staging-net",
|
|
||||||
"global_invariants": {
|
|
||||||
"no_public_database_ip": true,
|
|
||||||
"no_broad_ssh_or_rdp": true,
|
|
||||||
"no_default_compute_service_accounts": true,
|
|
||||||
"secret_values_not_stored_in_contract": true,
|
|
||||||
"database_connections_encrypted_only": true
|
|
||||||
},
|
|
||||||
"allowed_paths": [
|
|
||||||
{
|
|
||||||
"name": "github_actions_to_artifact_registry",
|
|
||||||
"purpose": "Build, smoke-run, and push Teleo staging Docker image.",
|
|
||||||
"source": {
|
|
||||||
"type": "github_actions_wif",
|
|
||||||
"repository": "living-ip/teleo-infrastructure"
|
|
||||||
},
|
|
||||||
"identity": "sa-artifact-builder@teleo-501523.iam.gserviceaccount.com",
|
|
||||||
"target": {
|
|
||||||
"type": "artifact_registry",
|
|
||||||
"repository": "projects/teleo-501523/locations/europe-west6/repositories/teleo"
|
|
||||||
},
|
|
||||||
"protocol": "https",
|
|
||||||
"ports": [443],
|
|
||||||
"network_path": "google_apis",
|
|
||||||
"encryption": "tls",
|
|
||||||
"allowed_by": [".github/workflows/gcp-artifact.yml", "roles/artifactregistry.writer"],
|
|
||||||
"forbidden": ["cloudsql.editor", "secretmanager.secretAccessor", "compute.admin"]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "github_actions_to_readiness_probe",
|
|
||||||
"purpose": "Read-only GCP readiness probe with retained artifacts.",
|
|
||||||
"source": {
|
|
||||||
"type": "github_actions_wif",
|
|
||||||
"repository": "living-ip/teleo-infrastructure"
|
|
||||||
},
|
|
||||||
"identity": "sa-teleo-readiness@teleo-501523.iam.gserviceaccount.com",
|
|
||||||
"target": {
|
|
||||||
"type": "gcp_control_plane",
|
|
||||||
"resources": ["artifact_registry", "compute_metadata", "cloudsql_metadata", "secret_metadata", "storage_metadata"]
|
|
||||||
},
|
|
||||||
"protocol": "https",
|
|
||||||
"ports": [443],
|
|
||||||
"network_path": "google_apis",
|
|
||||||
"encryption": "tls",
|
|
||||||
"allowed_by": [".github/workflows/gcp-readiness.yml", "ops/plan_gcp_iam_split.py"],
|
|
||||||
"forbidden": ["artifactregistry.writer", "cloudsql.editor", "secretmanager.secretAccessor"]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "operator_ssh_to_teleo_vms",
|
|
||||||
"purpose": "Emergency/operator shell access only from one retained operator IPv4 /32.",
|
|
||||||
"source": {
|
|
||||||
"type": "operator_ip",
|
|
||||||
"cidrs": ["<operator-ip>/32"]
|
|
||||||
},
|
|
||||||
"identity": "oslogin_operator",
|
|
||||||
"target": {
|
|
||||||
"type": "compute_instance_tags",
|
|
||||||
"tags": ["teleo-prod-ssh", "teleo-staging-ssh"]
|
|
||||||
},
|
|
||||||
"protocol": "tcp",
|
|
||||||
"ports": [22],
|
|
||||||
"network_path": "vpc_firewall",
|
|
||||||
"encryption": "ssh",
|
|
||||||
"allowed_by": ["ops/apply_gcp_runtime_baseline.py", "ops/check_gcp_infra_readiness.py"],
|
|
||||||
"forbidden": ["broad_ipv4_ingress", "broad_ipv6_ingress", "tcp:3389"]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "teleo_vms_to_artifact_registry",
|
|
||||||
"purpose": "Runtime pulls immutable images from Artifact Registry over Private Google Access.",
|
|
||||||
"source": {
|
|
||||||
"type": "compute_service_accounts",
|
|
||||||
"service_accounts": [
|
|
||||||
"sa-teleo-prod-vm@teleo-501523.iam.gserviceaccount.com",
|
|
||||||
"sa-teleo-staging-vm@teleo-501523.iam.gserviceaccount.com"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"identity": "dedicated_vm_service_accounts",
|
|
||||||
"target": {
|
|
||||||
"type": "artifact_registry",
|
|
||||||
"repository": "projects/teleo-501523/locations/europe-west6/repositories/teleo"
|
|
||||||
},
|
|
||||||
"protocol": "https",
|
|
||||||
"ports": [443],
|
|
||||||
"network_path": "private_google_access",
|
|
||||||
"encryption": "tls",
|
|
||||||
"allowed_by": ["roles/artifactregistry.reader", "ops/apply_gcp_runtime_baseline.py"],
|
|
||||||
"forbidden": ["default_compute_service_account", "public_image_registry_required"]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "teleo_vms_to_cloudsql_private",
|
|
||||||
"purpose": "Application and restore readback connections to the private Cloud SQL standby.",
|
|
||||||
"source": {
|
|
||||||
"type": "compute_service_accounts",
|
|
||||||
"service_accounts": [
|
|
||||||
"sa-teleo-prod-vm@teleo-501523.iam.gserviceaccount.com",
|
|
||||||
"sa-teleo-staging-vm@teleo-501523.iam.gserviceaccount.com"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"identity": "dedicated_vm_service_accounts",
|
|
||||||
"target": {
|
|
||||||
"type": "cloudsql_postgres",
|
|
||||||
"instance": "teleo-pgvector-standby",
|
|
||||||
"database": "teleo_kb",
|
|
||||||
"private_network": "projects/teleo-501523/global/networks/teleo-staging-net",
|
|
||||||
"public_ip": false
|
|
||||||
},
|
|
||||||
"protocol": "postgres",
|
|
||||||
"ports": [5432],
|
|
||||||
"network_path": "private_vpc",
|
|
||||||
"encryption": "encrypted_only",
|
|
||||||
"allowed_by": ["ops/apply_gcp_runtime_baseline.py", "ops/check_gcp_infra_readiness.py"],
|
|
||||||
"forbidden": ["public_ip", "ssl_disabled", "authorized_networks_public"]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "cloudsql_import_from_backup_bucket",
|
|
||||||
"purpose": "Cloud SQL import operation reads generated restore SQL from the versioned backup bucket.",
|
|
||||||
"source": {
|
|
||||||
"type": "cloudsql_instance_service_account",
|
|
||||||
"discovered_by": "gcloud sql instances describe teleo-pgvector-standby --format=value(serviceAccountEmailAddress)"
|
|
||||||
},
|
|
||||||
"identity": "cloudsql_instance_service_account",
|
|
||||||
"target": {
|
|
||||||
"type": "gcs_bucket",
|
|
||||||
"bucket": "gs://teleo-501523-prod-backups",
|
|
||||||
"prefix": "kb-dumps/cloudsql-restore-drills/"
|
|
||||||
},
|
|
||||||
"protocol": "https",
|
|
||||||
"ports": [443],
|
|
||||||
"network_path": "google_apis",
|
|
||||||
"encryption": "tls",
|
|
||||||
"allowed_by": ["roles/storage.objectAdmin", "ops/apply_gcp_iam_split.py"],
|
|
||||||
"forbidden": ["allUsers", "allAuthenticatedUsers", "publicAccessPreventionDisabled"]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "restore_drill_operator_to_cloudsql_admin",
|
|
||||||
"purpose": "Operator-triggered Cloud SQL import drill and post-import readback.",
|
|
||||||
"source": {
|
|
||||||
"type": "operator_or_ci_with_explicit_auth",
|
|
||||||
"requires_retained_execute_proof": true
|
|
||||||
},
|
|
||||||
"identity": "sa-teleo-restore-drill@teleo-501523.iam.gserviceaccount.com",
|
|
||||||
"target": {
|
|
||||||
"type": "cloudsql_admin_api",
|
|
||||||
"instance": "teleo-pgvector-standby"
|
|
||||||
},
|
|
||||||
"protocol": "https",
|
|
||||||
"ports": [443],
|
|
||||||
"network_path": "google_apis",
|
|
||||||
"encryption": "tls",
|
|
||||||
"allowed_by": ["roles/cloudsql.editor", "ops/run_gcp_cloudsql_restore_drill.sh"],
|
|
||||||
"forbidden": ["unretained_execute", "raw_password_in_logs"]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "vps_backup_to_gcs_bucket",
|
|
||||||
"purpose": "Source backup artifacts are uploaded to versioned GCS only through an approved backup identity.",
|
|
||||||
"source": {
|
|
||||||
"type": "hetzner_vps_or_operator_export",
|
|
||||||
"host": "teleo@77.42.65.182"
|
|
||||||
},
|
|
||||||
"identity": "approved_backup_writer_or_operator_session",
|
|
||||||
"target": {
|
|
||||||
"type": "gcs_bucket",
|
|
||||||
"bucket": "gs://teleo-501523-prod-backups",
|
|
||||||
"prefix": "kb-dumps/"
|
|
||||||
},
|
|
||||||
"protocol": "https",
|
|
||||||
"ports": [443],
|
|
||||||
"network_path": "google_apis",
|
|
||||||
"encryption": "tls",
|
|
||||||
"allowed_by": ["ops/backup_vps_sqlite_kb.sh", "ops/run_gcp_cloudsql_restore_drill.sh"],
|
|
||||||
"forbidden": ["raw_private_key_in_contract", "database_public_ingress", "unversioned_bucket"]
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"not_proven_by_this_contract": [
|
|
||||||
"that GCP resources currently exist",
|
|
||||||
"that firewall rules are currently applied",
|
|
||||||
"that Cloud SQL import/readback has succeeded",
|
|
||||||
"that production Telegram/Leo traffic has cut over to GCP"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
@ -13,42 +13,25 @@ fi
|
||||||
|
|
||||||
DEPLOY_CHECKOUT="/opt/teleo-eval/workspaces/deploy-infra"
|
DEPLOY_CHECKOUT="/opt/teleo-eval/workspaces/deploy-infra"
|
||||||
PIPELINE_DIR="/opt/teleo-eval/pipeline"
|
PIPELINE_DIR="/opt/teleo-eval/pipeline"
|
||||||
TELEGRAM_DIR="/opt/teleo-eval/telegram"
|
|
||||||
DIAGNOSTICS_DIR="/opt/teleo-eval/diagnostics"
|
DIAGNOSTICS_DIR="/opt/teleo-eval/diagnostics"
|
||||||
AGENT_STATE_DIR="/opt/teleo-eval/ops/agent-state"
|
AGENT_STATE_DIR="/opt/teleo-eval/ops/agent-state"
|
||||||
LEOCLEAN_BIN_DIR="/home/teleo/.hermes/profiles/leoclean/bin"
|
|
||||||
LEOCLEAN_SKILLS_DIR="/home/teleo/.hermes/profiles/leoclean/skills"
|
|
||||||
SYSTEMD_DIR="/etc/systemd/system"
|
|
||||||
STAMP_FILE="/opt/teleo-eval/.last-deploy-sha"
|
STAMP_FILE="/opt/teleo-eval/.last-deploy-sha"
|
||||||
LOG_TAG="auto-deploy"
|
LOG_TAG="auto-deploy"
|
||||||
|
|
||||||
log() { logger -t "$LOG_TAG" "$1"; echo "$(date '+%Y-%m-%d %H:%M:%S') $1"; }
|
log() { logger -t "$LOG_TAG" "$1"; echo "$(date '+%Y-%m-%d %H:%M:%S') $1"; }
|
||||||
|
|
||||||
DEPLOY_REMOTE="${TELEO_DEPLOY_REMOTE:-}"
|
|
||||||
if [ -z "$DEPLOY_REMOTE" ]; then
|
|
||||||
if git -C "$DEPLOY_CHECKOUT" remote get-url github >/dev/null 2>&1; then
|
|
||||||
DEPLOY_REMOTE="github"
|
|
||||||
else
|
|
||||||
DEPLOY_REMOTE="origin"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ ! -d "$DEPLOY_CHECKOUT/.git" ]; then
|
if [ ! -d "$DEPLOY_CHECKOUT/.git" ]; then
|
||||||
log "ERROR: Deploy checkout not found at $DEPLOY_CHECKOUT. Run setup first."
|
log "ERROR: Deploy checkout not found at $DEPLOY_CHECKOUT. Run setup first."
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
cd "$DEPLOY_CHECKOUT"
|
cd "$DEPLOY_CHECKOUT"
|
||||||
if ! git remote get-url "$DEPLOY_REMOTE" >/dev/null 2>&1; then
|
if ! git fetch origin main --quiet 2>&1; then
|
||||||
log "ERROR: deploy remote '$DEPLOY_REMOTE' is not configured"
|
log "ERROR: git fetch failed"
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
if ! git fetch "$DEPLOY_REMOTE" main --quiet 2>&1; then
|
|
||||||
log "ERROR: git fetch failed for $DEPLOY_REMOTE/main"
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
NEW_SHA=$(git rev-parse "$DEPLOY_REMOTE/main")
|
NEW_SHA=$(git rev-parse origin/main)
|
||||||
OLD_SHA=$(cat "$STAMP_FILE" 2>/dev/null || echo "none")
|
OLD_SHA=$(cat "$STAMP_FILE" 2>/dev/null || echo "none")
|
||||||
|
|
||||||
if [ "$NEW_SHA" = "$OLD_SHA" ]; then
|
if [ "$NEW_SHA" = "$OLD_SHA" ]; then
|
||||||
|
|
@ -61,8 +44,8 @@ if ! git checkout main --quiet 2>&1; then
|
||||||
log "ERROR: git checkout main failed — dirty tree or corrupted index"
|
log "ERROR: git checkout main failed — dirty tree or corrupted index"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
if ! git merge --ff-only "$DEPLOY_REMOTE/main" --quiet 2>&1; then
|
if ! git pull --ff-only --quiet 2>&1; then
|
||||||
log "ERROR: git merge --ff-only $DEPLOY_REMOTE/main failed. Manual intervention needed."
|
log "ERROR: git pull --ff-only failed. Manual intervention needed."
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
@ -86,99 +69,37 @@ RSYNC_OPTS=(-az --exclude __pycache__ --exclude '*.pyc' --exclude '*.bak*')
|
||||||
|
|
||||||
rsync "${RSYNC_OPTS[@]}" lib/ "$PIPELINE_DIR/lib/"
|
rsync "${RSYNC_OPTS[@]}" lib/ "$PIPELINE_DIR/lib/"
|
||||||
|
|
||||||
for f in teleo-pipeline.py reweave.py fetch_coins.py pipeline-health-check.py; do
|
for f in teleo-pipeline.py reweave.py fetch_coins.py; do
|
||||||
[ -f "$f" ] && rsync "${RSYNC_OPTS[@]}" "$f" "$PIPELINE_DIR/$f"
|
[ -f "$f" ] && rsync "${RSYNC_OPTS[@]}" "$f" "$PIPELINE_DIR/$f"
|
||||||
done
|
done
|
||||||
|
|
||||||
rsync "${RSYNC_OPTS[@]}" telegram/ "$PIPELINE_DIR/telegram/"
|
rsync "${RSYNC_OPTS[@]}" telegram/ "$PIPELINE_DIR/telegram/"
|
||||||
rsync "${RSYNC_OPTS[@]}" telegram/ "$TELEGRAM_DIR/"
|
|
||||||
rsync "${RSYNC_OPTS[@]}" diagnostics/ "$DIAGNOSTICS_DIR/"
|
rsync "${RSYNC_OPTS[@]}" diagnostics/ "$DIAGNOSTICS_DIR/"
|
||||||
rsync "${RSYNC_OPTS[@]}" agent-state/ "$AGENT_STATE_DIR/"
|
rsync "${RSYNC_OPTS[@]}" agent-state/ "$AGENT_STATE_DIR/"
|
||||||
rsync "${RSYNC_OPTS[@]}" tests/ "$PIPELINE_DIR/tests/"
|
rsync "${RSYNC_OPTS[@]}" tests/ "$PIPELINE_DIR/tests/"
|
||||||
if [ -d hermes-agent/leoclean-bin ]; then
|
|
||||||
mkdir -p "$LEOCLEAN_BIN_DIR"
|
|
||||||
rsync "${RSYNC_OPTS[@]}" hermes-agent/leoclean-bin/ "$LEOCLEAN_BIN_DIR/"
|
|
||||||
fi
|
|
||||||
if [ -d hermes-agent/leoclean-skills/vps ]; then
|
|
||||||
mkdir -p "$LEOCLEAN_SKILLS_DIR"
|
|
||||||
rsync "${RSYNC_OPTS[@]}" hermes-agent/leoclean-skills/vps/ "$LEOCLEAN_SKILLS_DIR/"
|
|
||||||
fi
|
|
||||||
[ -f research/research-session.sh ] && rsync "${RSYNC_OPTS[@]}" research/research-session.sh /opt/teleo-eval/research-session.sh
|
[ -f research/research-session.sh ] && rsync "${RSYNC_OPTS[@]}" research/research-session.sh /opt/teleo-eval/research-session.sh
|
||||||
|
|
||||||
# Safety net: ensure synced .sh files are executable after rsync.
|
# Safety net: ensure all .sh files are executable after rsync
|
||||||
# Keep this bounded to deploy-owned paths: /opt/teleo-eval also contains
|
find /opt/teleo-eval -maxdepth 3 -name '*.sh' -not -perm -u+x -exec chmod +x {} +
|
||||||
# backups and generated state that may be unreadable by the deploy user.
|
|
||||||
for dir in "$PIPELINE_DIR" "$TELEGRAM_DIR" "$DIAGNOSTICS_DIR" "$AGENT_STATE_DIR" "$LEOCLEAN_BIN_DIR" "$LEOCLEAN_SKILLS_DIR"; do
|
|
||||||
[ -d "$dir" ] || continue
|
|
||||||
find "$dir" -maxdepth 3 -name '*.sh' -not -perm -u+x -exec chmod +x {} +
|
|
||||||
done
|
|
||||||
[ -f /opt/teleo-eval/research-session.sh ] && chmod u+x /opt/teleo-eval/research-session.sh
|
|
||||||
|
|
||||||
log "Files synced"
|
log "Files synced"
|
||||||
|
|
||||||
if [ "$OLD_SHA" = "none" ] || git diff --name-only "$OLD_SHA" "$NEW_SHA" -- systemd/ 2>/dev/null | grep -q .; then
|
|
||||||
log "Installing systemd units"
|
|
||||||
for unit in systemd/*.service systemd/*.timer; do
|
|
||||||
[ -f "$unit" ] || continue
|
|
||||||
sudo install -m 0644 "$unit" "$SYSTEMD_DIR/$(basename "$unit")"
|
|
||||||
done
|
|
||||||
sudo systemctl daemon-reload
|
|
||||||
if [ -f systemd/teleo-auto-deploy.timer ]; then
|
|
||||||
sudo systemctl enable --now teleo-auto-deploy.timer >/dev/null
|
|
||||||
fi
|
|
||||||
if [ -f systemd/teleo-agent-healthcheck.timer ]; then
|
|
||||||
sudo systemctl enable --now teleo-agent-healthcheck.timer >/dev/null
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Restart services only if Python files changed
|
# Restart services only if Python files changed
|
||||||
RESTART=""
|
RESTART=""
|
||||||
add_restart() {
|
|
||||||
case " $RESTART " in
|
|
||||||
*" $1 "*) ;;
|
|
||||||
*) RESTART="$RESTART $1" ;;
|
|
||||||
esac
|
|
||||||
}
|
|
||||||
add_restart_if_unit_exists() {
|
|
||||||
if systemctl list-units --all --full "$1.service" --no-legend 2>/dev/null | grep -q .; then
|
|
||||||
add_restart "$1"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
add_restart_if_unit_active() {
|
|
||||||
if systemctl is-active --quiet "$1.service"; then
|
|
||||||
add_restart "$1"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
if [ "$OLD_SHA" != "none" ]; then
|
if [ "$OLD_SHA" != "none" ]; then
|
||||||
if git diff --name-only "$OLD_SHA" "$NEW_SHA" -- lib/ teleo-pipeline.py reweave.py telegram/ 2>/dev/null | grep -q '\.py$'; then
|
if git diff --name-only "$OLD_SHA" "$NEW_SHA" -- lib/ teleo-pipeline.py reweave.py telegram/ 2>/dev/null | grep -q '\.py$'; then
|
||||||
add_restart teleo-pipeline
|
RESTART="$RESTART teleo-pipeline"
|
||||||
fi
|
|
||||||
if git diff --name-only "$OLD_SHA" "$NEW_SHA" -- telegram/ 2>/dev/null | grep -q '\.py$'; then
|
|
||||||
add_restart_if_unit_active teleo-agent@leo
|
|
||||||
add_restart_if_unit_exists teleo-agent@leo-wallet-test
|
|
||||||
fi
|
|
||||||
if git diff --name-only "$OLD_SHA" "$NEW_SHA" -- systemd/teleo-agent@.service 2>/dev/null | grep -q .; then
|
|
||||||
add_restart_if_unit_active teleo-agent@leo
|
|
||||||
add_restart_if_unit_exists teleo-agent@leo-wallet-test
|
|
||||||
fi
|
fi
|
||||||
if git diff --name-only "$OLD_SHA" "$NEW_SHA" -- diagnostics/ 2>/dev/null | grep -q '\.py$'; then
|
if git diff --name-only "$OLD_SHA" "$NEW_SHA" -- diagnostics/ 2>/dev/null | grep -q '\.py$'; then
|
||||||
add_restart teleo-diagnostics
|
RESTART="$RESTART teleo-diagnostics"
|
||||||
fi
|
|
||||||
if git diff --name-only "$OLD_SHA" "$NEW_SHA" -- hermes-agent/leoclean-bin/ hermes-agent/leoclean-skills/vps/ 2>/dev/null | grep -q .; then
|
|
||||||
add_restart_if_unit_active leoclean-gateway
|
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
RESTART="teleo-pipeline teleo-diagnostics"
|
RESTART="teleo-pipeline teleo-diagnostics"
|
||||||
add_restart_if_unit_active teleo-agent@leo
|
|
||||||
add_restart_if_unit_exists teleo-agent@leo-wallet-test
|
|
||||||
add_restart_if_unit_active leoclean-gateway
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -n "$RESTART" ]; then
|
if [ -n "$RESTART" ]; then
|
||||||
log "Restarting:$RESTART"
|
log "Restarting:$RESTART"
|
||||||
for svc in $RESTART; do
|
sudo systemctl restart $RESTART
|
||||||
sudo systemctl restart "$svc"
|
|
||||||
done
|
|
||||||
sleep 30
|
sleep 30
|
||||||
|
|
||||||
FAIL=0
|
FAIL=0
|
||||||
|
|
|
||||||
|
|
@ -7,12 +7,8 @@ set -euo pipefail
|
||||||
|
|
||||||
VPS_HOST="teleo@77.42.65.182"
|
VPS_HOST="teleo@77.42.65.182"
|
||||||
VPS_PIPELINE="/opt/teleo-eval/pipeline"
|
VPS_PIPELINE="/opt/teleo-eval/pipeline"
|
||||||
VPS_TELEGRAM="/opt/teleo-eval/telegram"
|
|
||||||
VPS_DIAGNOSTICS="/opt/teleo-eval/diagnostics"
|
VPS_DIAGNOSTICS="/opt/teleo-eval/diagnostics"
|
||||||
VPS_AGENT_STATE="/opt/teleo-eval/ops/agent-state"
|
VPS_AGENT_STATE="/opt/teleo-eval/ops/agent-state"
|
||||||
VPS_LEOCLEAN_BIN="/home/teleo/.hermes/profiles/leoclean/bin"
|
|
||||||
VPS_LEOCLEAN_SKILLS="/home/teleo/.hermes/profiles/leoclean/skills"
|
|
||||||
VPS_SYSTEMD="/etc/systemd/system"
|
|
||||||
REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)"
|
REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)"
|
||||||
|
|
||||||
DRY_RUN=false
|
DRY_RUN=false
|
||||||
|
|
@ -78,7 +74,6 @@ echo ""
|
||||||
|
|
||||||
echo "=== Telegram bot ==="
|
echo "=== Telegram bot ==="
|
||||||
rsync "${RSYNC_OPTS[@]}" "$REPO_ROOT/telegram/" "$VPS_HOST:$VPS_PIPELINE/telegram/"
|
rsync "${RSYNC_OPTS[@]}" "$REPO_ROOT/telegram/" "$VPS_HOST:$VPS_PIPELINE/telegram/"
|
||||||
rsync "${RSYNC_OPTS[@]}" "$REPO_ROOT/telegram/" "$VPS_HOST:$VPS_TELEGRAM/"
|
|
||||||
echo ""
|
echo ""
|
||||||
|
|
||||||
echo "=== Tests ==="
|
echo "=== Tests ==="
|
||||||
|
|
@ -93,26 +88,10 @@ echo "=== Agent state ==="
|
||||||
rsync "${RSYNC_OPTS[@]}" "$REPO_ROOT/agent-state/" "$VPS_HOST:$VPS_AGENT_STATE/"
|
rsync "${RSYNC_OPTS[@]}" "$REPO_ROOT/agent-state/" "$VPS_HOST:$VPS_AGENT_STATE/"
|
||||||
echo ""
|
echo ""
|
||||||
|
|
||||||
echo "=== Leoclean bin ==="
|
|
||||||
rsync "${RSYNC_OPTS[@]}" "$REPO_ROOT/hermes-agent/leoclean-bin/" "$VPS_HOST:$VPS_LEOCLEAN_BIN/"
|
|
||||||
echo ""
|
|
||||||
|
|
||||||
echo "=== Leoclean skills ==="
|
|
||||||
rsync "${RSYNC_OPTS[@]}" "$REPO_ROOT/hermes-agent/leoclean-skills/vps/" "$VPS_HOST:$VPS_LEOCLEAN_SKILLS/"
|
|
||||||
echo ""
|
|
||||||
|
|
||||||
echo "=== Research session ==="
|
echo "=== Research session ==="
|
||||||
rsync "${RSYNC_OPTS[@]}" "$REPO_ROOT/research/research-session.sh" "$VPS_HOST:/opt/teleo-eval/research-session.sh"
|
rsync "${RSYNC_OPTS[@]}" "$REPO_ROOT/research/research-session.sh" "$VPS_HOST:/opt/teleo-eval/research-session.sh"
|
||||||
echo ""
|
echo ""
|
||||||
|
|
||||||
echo "=== Systemd units ==="
|
|
||||||
if $DRY_RUN; then
|
|
||||||
rsync "${RSYNC_OPTS[@]}" "$REPO_ROOT/systemd/" "$VPS_HOST:/tmp/teleo-systemd-dry-run/"
|
|
||||||
else
|
|
||||||
tar -C "$REPO_ROOT/systemd" -cf - . | ssh "$VPS_HOST" "tmpdir=\$(mktemp -d); tar -C \"\$tmpdir\" -xf -; sudo install -m 0644 \"\$tmpdir\"/*.service \"\$tmpdir\"/*.timer '$VPS_SYSTEMD'/; rm -rf \"\$tmpdir\"; sudo systemctl daemon-reload; sudo systemctl enable --now teleo-auto-deploy.timer teleo-agent-healthcheck.timer >/dev/null"
|
|
||||||
fi
|
|
||||||
echo ""
|
|
||||||
|
|
||||||
if $DRY_RUN; then
|
if $DRY_RUN; then
|
||||||
echo "Dry run complete. No changes made."
|
echo "Dry run complete. No changes made."
|
||||||
exit 0
|
exit 0
|
||||||
|
|
@ -123,6 +102,6 @@ echo "Deploy complete."
|
||||||
if $RESTART; then
|
if $RESTART; then
|
||||||
echo ""
|
echo ""
|
||||||
echo "=== Restarting services ==="
|
echo "=== Restarting services ==="
|
||||||
ssh "$VPS_HOST" "sudo systemctl restart teleo-pipeline teleo-diagnostics; if systemctl is-active --quiet teleo-agent@leo.service; then sudo systemctl restart teleo-agent@leo; fi; if systemctl list-units --all --full teleo-agent@leo-wallet-test.service --no-legend | grep -q .; then sudo systemctl restart teleo-agent@leo-wallet-test; fi; if systemctl is-active --quiet leoclean-gateway.service; then sudo systemctl restart leoclean-gateway; fi"
|
ssh "$VPS_HOST" "sudo systemctl restart teleo-pipeline teleo-diagnostics"
|
||||||
echo "Services restarted."
|
echo "Services restarted."
|
||||||
fi
|
fi
|
||||||
|
|
|
||||||
|
|
@ -1,16 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
# Install the narrow sudoers rule required by teleo-auto-deploy.service.
|
|
||||||
set -euo pipefail
|
|
||||||
|
|
||||||
REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)"
|
|
||||||
SOURCE="$REPO_ROOT/deploy/sudoers/teleo-auto-deploy"
|
|
||||||
TARGET="/etc/sudoers.d/teleo-auto-deploy"
|
|
||||||
|
|
||||||
if [ "$(id -u)" -ne 0 ]; then
|
|
||||||
echo "ERROR: run as root on the VPS" >&2
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
install -m 0440 "$SOURCE" "$TARGET"
|
|
||||||
visudo -cf "$TARGET"
|
|
||||||
echo "Installed $TARGET"
|
|
||||||
|
|
@ -1,14 +0,0 @@
|
||||||
# Narrow service privileges for teleo-auto-deploy.service, which runs as teleo.
|
|
||||||
# Keep command forms aligned with deploy/auto-deploy.sh.
|
|
||||||
teleo ALL=(root) NOPASSWD: /usr/bin/systemctl restart leoclean-gateway
|
|
||||||
teleo ALL=(root) NOPASSWD: /bin/systemctl restart leoclean-gateway
|
|
||||||
teleo ALL=(root) NOPASSWD: /usr/bin/systemctl restart leoclean-gateway.service
|
|
||||||
teleo ALL=(root) NOPASSWD: /bin/systemctl restart leoclean-gateway.service
|
|
||||||
teleo ALL=(root) NOPASSWD: /usr/bin/systemctl status leoclean-gateway
|
|
||||||
teleo ALL=(root) NOPASSWD: /bin/systemctl status leoclean-gateway
|
|
||||||
teleo ALL=(root) NOPASSWD: /usr/bin/systemctl status leoclean-gateway.service
|
|
||||||
teleo ALL=(root) NOPASSWD: /bin/systemctl status leoclean-gateway.service
|
|
||||||
teleo ALL=(root) NOPASSWD: /usr/bin/journalctl -u leoclean-gateway
|
|
||||||
teleo ALL=(root) NOPASSWD: /bin/journalctl -u leoclean-gateway
|
|
||||||
teleo ALL=(root) NOPASSWD: /usr/bin/journalctl -u leoclean-gateway.service
|
|
||||||
teleo ALL=(root) NOPASSWD: /bin/journalctl -u leoclean-gateway.service
|
|
||||||
|
|
@ -1,107 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
# Sync source-controlled GCP leoclean skills into the GCP parallel runtime.
|
|
||||||
#
|
|
||||||
# Defaults target the non-production GCP leoclean service. This script does not
|
|
||||||
# touch the production Telegram token and does not read or print secrets.
|
|
||||||
set -euo pipefail
|
|
||||||
|
|
||||||
REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)"
|
|
||||||
PROJECT="${PROJECT:-teleo-501523}"
|
|
||||||
ZONE="${ZONE:-europe-west6-a}"
|
|
||||||
INSTANCE="${INSTANCE:-teleo-prod-1}"
|
|
||||||
SERVICE="${SERVICE:-leoclean-gcp-prod-parallel.service}"
|
|
||||||
REMOTE_SKILLS_DIR="${REMOTE_SKILLS_DIR:-/home/teleo/.hermes/profiles/leoclean/skills}"
|
|
||||||
SOURCE_DIR="${SOURCE_DIR:-$REPO_ROOT/hermes-agent/leoclean-skills/gcp}"
|
|
||||||
|
|
||||||
DRY_RUN=false
|
|
||||||
RESTART=false
|
|
||||||
VERIFY_ONLY=false
|
|
||||||
|
|
||||||
usage() {
|
|
||||||
cat <<'USAGE'
|
|
||||||
Usage: deploy/sync-gcp-leoclean-skills.sh [--dry-run] [--restart] [--verify-only]
|
|
||||||
|
|
||||||
Environment overrides:
|
|
||||||
PROJECT GCP project, default teleo-501523
|
|
||||||
ZONE GCP zone, default europe-west6-a
|
|
||||||
INSTANCE GCP VM, default teleo-prod-1
|
|
||||||
SERVICE systemd service, default leoclean-gcp-prod-parallel.service
|
|
||||||
REMOTE_SKILLS_DIR runtime skills dir, default /home/teleo/.hermes/profiles/leoclean/skills
|
|
||||||
SOURCE_DIR local source dir, default hermes-agent/leoclean-skills/gcp
|
|
||||||
USAGE
|
|
||||||
}
|
|
||||||
|
|
||||||
for arg in "$@"; do
|
|
||||||
case "$arg" in
|
|
||||||
--dry-run) DRY_RUN=true ;;
|
|
||||||
--restart) RESTART=true ;;
|
|
||||||
--verify-only) VERIFY_ONLY=true ;;
|
|
||||||
--help|-h)
|
|
||||||
usage
|
|
||||||
exit 0
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
echo "Unknown arg: $arg" >&2
|
|
||||||
usage >&2
|
|
||||||
exit 1
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
|
|
||||||
if [ ! -d "$SOURCE_DIR" ]; then
|
|
||||||
echo "ERROR: source skill directory not found: $SOURCE_DIR" >&2
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
if [ ! -f "$SOURCE_DIR/teleo-kb-bridge/SKILL.md" ]; then
|
|
||||||
echo "ERROR: source teleo-kb-bridge skill not found under $SOURCE_DIR" >&2
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
GCP_SSH=(
|
|
||||||
gcloud compute ssh "$INSTANCE"
|
|
||||||
--project="$PROJECT"
|
|
||||||
--zone="$ZONE"
|
|
||||||
--tunnel-through-iap
|
|
||||||
)
|
|
||||||
|
|
||||||
verify_command=$(cat <<REMOTE
|
|
||||||
set -euo pipefail
|
|
||||||
sudo -n -u teleo grep -nE '/kb/claims/<claim_id>|wrap claim IDs, proposal IDs' '$REMOTE_SKILLS_DIR/teleo-kb-bridge/SKILL.md'
|
|
||||||
systemctl show '$SERVICE' -p ActiveState -p SubState -p NRestarts -p MainPID --no-pager
|
|
||||||
REMOTE
|
|
||||||
)
|
|
||||||
|
|
||||||
if $DRY_RUN; then
|
|
||||||
echo "DRY RUN: would stream $SOURCE_DIR to $INSTANCE:$REMOTE_SKILLS_DIR"
|
|
||||||
echo "DRY RUN: project=$PROJECT zone=$ZONE service=$SERVICE restart=$RESTART verify_only=$VERIFY_ONLY"
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
if $VERIFY_ONLY; then
|
|
||||||
"${GCP_SSH[@]}" --command="$verify_command"
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
REMOTE_TMP="/tmp/teleo-gcp-leoclean-skills-$(date -u +%Y%m%dT%H%M%SZ)-$$"
|
|
||||||
sync_command=$(cat <<REMOTE
|
|
||||||
set -euo pipefail
|
|
||||||
remote_tmp='$REMOTE_TMP'
|
|
||||||
remote_skills='$REMOTE_SKILLS_DIR'
|
|
||||||
service='$SERVICE'
|
|
||||||
cleanup() { rm -rf "\$remote_tmp"; }
|
|
||||||
trap cleanup EXIT
|
|
||||||
rm -rf "\$remote_tmp"
|
|
||||||
mkdir -p "\$remote_tmp"
|
|
||||||
tar -C "\$remote_tmp" -xf -
|
|
||||||
sudo install -d -o teleo -g teleo -m 0755 "\$remote_skills"
|
|
||||||
tar -C "\$remote_tmp" -cf - . | sudo tar -C "\$remote_skills" -xf -
|
|
||||||
sudo chown -R teleo:teleo "\$remote_skills"
|
|
||||||
sudo -n -u teleo grep -nE '/kb/claims/<claim_id>|wrap claim IDs, proposal IDs' "\$remote_skills/teleo-kb-bridge/SKILL.md"
|
|
||||||
if [ '$RESTART' = true ]; then
|
|
||||||
sudo systemctl restart "\$service"
|
|
||||||
fi
|
|
||||||
systemctl show "\$service" -p ActiveState -p SubState -p NRestarts -p MainPID --no-pager
|
|
||||||
REMOTE
|
|
||||||
)
|
|
||||||
|
|
||||||
COPYFILE_DISABLE=1 tar --format=ustar -C "$SOURCE_DIR" -cf - . | "${GCP_SSH[@]}" --command="$sync_command"
|
|
||||||
|
|
@ -123,21 +123,10 @@ def _claim_target_url(claim_slug):
|
||||||
return f"/claims/{claim_slug}"
|
return f"/claims/{claim_slug}"
|
||||||
|
|
||||||
|
|
||||||
# Canonical clickthrough URL for an activity-feed event.
|
def _github_pr_url(github_pr):
|
||||||
#
|
if not github_pr:
|
||||||
# Every merged PR in the pipeline.db `prs` table lives on Forgejo at
|
|
||||||
# git.livingip.xyz/teleo/teleo-codex/pulls/{number}. A small subset (3 of
|
|
||||||
# 4094 as of 2026-05-13) was additionally mirrored to GitHub and has
|
|
||||||
# prs.github_pr populated. Prefer GitHub when available (more public-facing
|
|
||||||
# surface), fall back to Forgejo so every row has a real destination
|
|
||||||
# instead of None (which makes the frontend whole-row overlay no-op and
|
|
||||||
# leaves pipeline-attributed events looking dead-on-click).
|
|
||||||
def _pr_url(pr_number, github_pr):
|
|
||||||
if github_pr:
|
|
||||||
return f"https://github.com/living-ip/teleo-codex/pull/{github_pr}"
|
|
||||||
if pr_number:
|
|
||||||
return f"https://git.livingip.xyz/teleo/teleo-codex/pulls/{pr_number}"
|
|
||||||
return None
|
return None
|
||||||
|
return f"https://github.com/living-ip/teleo-codex/pull/{github_pr}"
|
||||||
|
|
||||||
|
|
||||||
# Canonicalize contributor labels so frontend links resolve to real
|
# Canonicalize contributor labels so frontend links resolve to real
|
||||||
|
|
@ -236,15 +225,6 @@ def _build_events():
|
||||||
continue
|
continue
|
||||||
|
|
||||||
contributor = _normalize_contributor(row["submitted_by"], row["agent"])
|
contributor = _normalize_contributor(row["submitted_by"], row["agent"])
|
||||||
# Hide pipeline-attributed events (reweave/*, ingestion/*) from the
|
|
||||||
# public activity feed. They're automation maintenance, not
|
|
||||||
# contributions — the daemon re-knits the graph nightly and ingests
|
|
||||||
# external sources. Internal diagnostics + CI math still see these
|
|
||||||
# rows in prs / contribution_events; only the public timeline drops
|
|
||||||
# them. Mirrors the existing _FEED_COMMIT_TYPES filter (which hides
|
|
||||||
# commit_type='pipeline') along the contributor axis.
|
|
||||||
if contributor == "pipeline":
|
|
||||||
continue
|
|
||||||
merged_at = row["merged_at"] or ""
|
merged_at = row["merged_at"] or ""
|
||||||
domain = row["domain"] or "unknown"
|
domain = row["domain"] or "unknown"
|
||||||
kind = _KIND_MAP.get(event_type, event_type)
|
kind = _KIND_MAP.get(event_type, event_type)
|
||||||
|
|
@ -275,7 +255,7 @@ def _build_events():
|
||||||
"ci_earned": round(ci_earned, 2),
|
"ci_earned": round(ci_earned, 2),
|
||||||
"summary": summary_text,
|
"summary": summary_text,
|
||||||
"pr_number": row["number"],
|
"pr_number": row["number"],
|
||||||
"pr_url": _pr_url(row["number"], row["github_pr"]),
|
"pr_url": _github_pr_url(row["github_pr"]),
|
||||||
"source_channel": row["source_channel"] or "unknown",
|
"source_channel": row["source_channel"] or "unknown",
|
||||||
})
|
})
|
||||||
continue
|
continue
|
||||||
|
|
@ -296,7 +276,7 @@ def _build_events():
|
||||||
"ci_earned": round(ci_earned, 2),
|
"ci_earned": round(ci_earned, 2),
|
||||||
"summary": summary_text,
|
"summary": summary_text,
|
||||||
"pr_number": row["number"],
|
"pr_number": row["number"],
|
||||||
"pr_url": _pr_url(row["number"], row["github_pr"]),
|
"pr_url": _github_pr_url(row["github_pr"]),
|
||||||
"source_channel": row["source_channel"] or "unknown",
|
"source_channel": row["source_channel"] or "unknown",
|
||||||
})
|
})
|
||||||
continue
|
continue
|
||||||
|
|
@ -335,7 +315,7 @@ def _build_events():
|
||||||
"ci_earned": round(ci_earned, 2),
|
"ci_earned": round(ci_earned, 2),
|
||||||
"summary": summary_text,
|
"summary": summary_text,
|
||||||
"pr_number": row["number"],
|
"pr_number": row["number"],
|
||||||
"pr_url": _pr_url(row["number"], row["github_pr"]),
|
"pr_url": _github_pr_url(row["github_pr"]),
|
||||||
"source_channel": row["source_channel"] or "unknown",
|
"source_channel": row["source_channel"] or "unknown",
|
||||||
})
|
})
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -22,13 +22,11 @@ from pathlib import Path
|
||||||
sys.path.insert(0, str(Path(__file__).resolve().parent.parent / "pipeline"))
|
sys.path.insert(0, str(Path(__file__).resolve().parent.parent / "pipeline"))
|
||||||
|
|
||||||
from aiohttp import web
|
from aiohttp import web
|
||||||
from daily_digest_routes import register_daily_digest_routes
|
|
||||||
from kb_claim_routes import KB_CLAIM_PUBLIC_PATHS, KB_CLAIM_PUBLIC_PREFIXES, register_kb_claim_routes
|
|
||||||
from kb_proposal_routes import KB_PROPOSAL_PUBLIC_PATHS, register_kb_proposal_routes
|
|
||||||
from leaderboard_routes import LEADERBOARD_PUBLIC_PATHS, register_leaderboard_routes
|
|
||||||
from lib.search import search as kb_search, embed_query, search_qdrant
|
|
||||||
from response_audit_routes import RESPONSE_AUDIT_PUBLIC_PATHS, register_response_audit_routes
|
|
||||||
from review_queue_routes import register_review_queue_routes
|
from review_queue_routes import register_review_queue_routes
|
||||||
|
from daily_digest_routes import register_daily_digest_routes
|
||||||
|
from response_audit_routes import register_response_audit_routes, RESPONSE_AUDIT_PUBLIC_PATHS
|
||||||
|
from leaderboard_routes import register_leaderboard_routes, LEADERBOARD_PUBLIC_PATHS
|
||||||
|
from lib.search import search as kb_search, embed_query, search_qdrant
|
||||||
|
|
||||||
logger = logging.getLogger("argus")
|
logger = logging.getLogger("argus")
|
||||||
|
|
||||||
|
|
@ -511,15 +509,7 @@ def _load_secret(path: Path) -> str | None:
|
||||||
@web.middleware
|
@web.middleware
|
||||||
async def auth_middleware(request, handler):
|
async def auth_middleware(request, handler):
|
||||||
"""API key check. Public paths skip auth. Protected paths require X-Api-Key header."""
|
"""API key check. Public paths skip auth. Protected paths require X-Api-Key header."""
|
||||||
if (
|
if request.path in _PUBLIC_PATHS or request.path in RESPONSE_AUDIT_PUBLIC_PATHS or request.path in LEADERBOARD_PUBLIC_PATHS or request.path.startswith("/api/response-audit/"):
|
||||||
request.path in _PUBLIC_PATHS
|
|
||||||
or request.path in RESPONSE_AUDIT_PUBLIC_PATHS
|
|
||||||
or request.path in LEADERBOARD_PUBLIC_PATHS
|
|
||||||
or request.path in KB_PROPOSAL_PUBLIC_PATHS
|
|
||||||
or request.path in KB_CLAIM_PUBLIC_PATHS
|
|
||||||
or request.path.startswith(KB_CLAIM_PUBLIC_PREFIXES)
|
|
||||||
or request.path.startswith("/api/response-audit/")
|
|
||||||
):
|
|
||||||
return await handler(request)
|
return await handler(request)
|
||||||
expected = request.app.get("api_key")
|
expected = request.app.get("api_key")
|
||||||
if not expected:
|
if not expected:
|
||||||
|
|
@ -2366,8 +2356,6 @@ def create_app() -> web.Application:
|
||||||
register_dashboard_routes(app, lambda: _conn_from_app(app))
|
register_dashboard_routes(app, lambda: _conn_from_app(app))
|
||||||
register_review_queue_routes(app)
|
register_review_queue_routes(app)
|
||||||
register_daily_digest_routes(app, db_path=str(DB_PATH))
|
register_daily_digest_routes(app, db_path=str(DB_PATH))
|
||||||
register_kb_claim_routes(app)
|
|
||||||
register_kb_proposal_routes(app)
|
|
||||||
# Portfolio
|
# Portfolio
|
||||||
from dashboard_portfolio import register_portfolio_routes
|
from dashboard_portfolio import register_portfolio_routes
|
||||||
register_portfolio_routes(app, lambda: _conn_from_app(app))
|
register_portfolio_routes(app, lambda: _conn_from_app(app))
|
||||||
|
|
|
||||||
|
|
@ -1,309 +0,0 @@
|
||||||
"""Read-only canonical KB claim routes for Argus.
|
|
||||||
|
|
||||||
These routes show the Postgres-backed claim graph that Leo uses through the
|
|
||||||
``teleo-kb`` bridge: one claim, its evidence rows, and its graph edges.
|
|
||||||
"""
|
|
||||||
|
|
||||||
from __future__ import annotations
|
|
||||||
|
|
||||||
import argparse
|
|
||||||
import json
|
|
||||||
import logging
|
|
||||||
import os
|
|
||||||
import re
|
|
||||||
import sys
|
|
||||||
from datetime import datetime, timezone
|
|
||||||
from html import escape
|
|
||||||
from pathlib import Path
|
|
||||||
from typing import Any
|
|
||||||
|
|
||||||
from aiohttp import web
|
|
||||||
from shared_ui import render_page
|
|
||||||
|
|
||||||
ROOT = Path(__file__).resolve().parent.parent
|
|
||||||
SCRIPT_DIR_CANDIDATES = [
|
|
||||||
ROOT / "scripts",
|
|
||||||
Path(os.environ.get("TELEO_INFRA_REPO_DIR", "/opt/teleo-eval/workspaces/deploy-infra")) / "scripts",
|
|
||||||
]
|
|
||||||
for scripts_dir in SCRIPT_DIR_CANDIDATES:
|
|
||||||
if str(scripts_dir) not in sys.path:
|
|
||||||
sys.path.insert(0, str(scripts_dir))
|
|
||||||
|
|
||||||
import kb_proposal_review_packet as proposal_review # noqa: E402
|
|
||||||
|
|
||||||
logger = logging.getLogger("argus.kb_claims")
|
|
||||||
|
|
||||||
KB_CLAIM_PUBLIC_PATHS = frozenset()
|
|
||||||
KB_CLAIM_PUBLIC_PREFIXES = ("/kb/claims/", "/api/kb/claims/")
|
|
||||||
KB_CLAIM_LOADER_KEY = web.AppKey("kb_claim_loader", object)
|
|
||||||
|
|
||||||
UUID_RE = re.compile(
|
|
||||||
r"^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$"
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
def is_claim_id(value: Any) -> bool:
|
|
||||||
return bool(UUID_RE.match(str(value or "")))
|
|
||||||
|
|
||||||
|
|
||||||
def claim_path(claim_id: str) -> str:
|
|
||||||
return f"/kb/claims/{claim_id}"
|
|
||||||
|
|
||||||
|
|
||||||
def claim_link_html(claim_id: Any, *, label: str | None = None) -> str:
|
|
||||||
value = str(claim_id or "")
|
|
||||||
if not is_claim_id(value):
|
|
||||||
return f"<code>{escape(value or 'unknown')}</code>"
|
|
||||||
text = label or value
|
|
||||||
return f'<a class="claim-link" href="{claim_path(value)}"><code>{escape(text)}</code></a>'
|
|
||||||
|
|
||||||
|
|
||||||
def short_claim_link_html(claim_id: Any) -> str:
|
|
||||||
value = str(claim_id or "")
|
|
||||||
if not is_claim_id(value):
|
|
||||||
return f"<code>{escape(value or 'unknown')}</code>"
|
|
||||||
return claim_link_html(value, label=value[:8])
|
|
||||||
|
|
||||||
|
|
||||||
def _db_args() -> argparse.Namespace:
|
|
||||||
return argparse.Namespace(
|
|
||||||
secrets_file=os.environ.get(
|
|
||||||
"KB_CLAIM_REVIEW_SECRETS_FILE",
|
|
||||||
os.environ.get(
|
|
||||||
"KB_PROPOSAL_REVIEW_SECRETS_FILE",
|
|
||||||
os.environ.get("KB_APPLY_SECRETS_FILE", proposal_review.ap.DEFAULT_SECRETS_FILE),
|
|
||||||
),
|
|
||||||
),
|
|
||||||
container=os.environ.get("KB_CLAIM_REVIEW_CONTAINER", proposal_review.ap.DEFAULT_CONTAINER),
|
|
||||||
db=os.environ.get("KB_CLAIM_REVIEW_DB", proposal_review.ap.DEFAULT_DB),
|
|
||||||
host=os.environ.get("KB_CLAIM_REVIEW_HOST", proposal_review.ap.DEFAULT_HOST),
|
|
||||||
role=os.environ.get("KB_CLAIM_REVIEW_ROLE", proposal_review.ap.DEFAULT_ROLE),
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
def _load_claim_from_db(claim_id: str) -> dict[str, Any] | None:
|
|
||||||
password = proposal_review.ap.load_password(_db_args().secrets_file)
|
|
||||||
args = _db_args()
|
|
||||||
sql = f"""
|
|
||||||
with target as (
|
|
||||||
select c.id,
|
|
||||||
c.type,
|
|
||||||
c.text,
|
|
||||||
c.status,
|
|
||||||
c.confidence,
|
|
||||||
c.tags,
|
|
||||||
c.superseded_by,
|
|
||||||
c.created_at,
|
|
||||||
c.updated_at
|
|
||||||
from public.claims c
|
|
||||||
where c.id = {proposal_review.ap.sql_literal(claim_id)}::uuid
|
|
||||||
)
|
|
||||||
select jsonb_build_object(
|
|
||||||
'claim', jsonb_build_object(
|
|
||||||
'id', target.id::text,
|
|
||||||
'type', target.type,
|
|
||||||
'text', target.text,
|
|
||||||
'status', target.status,
|
|
||||||
'confidence', target.confidence,
|
|
||||||
'tags', coalesce(to_jsonb(target.tags), '[]'::jsonb),
|
|
||||||
'superseded_by', target.superseded_by::text,
|
|
||||||
'created_at', target.created_at::text,
|
|
||||||
'updated_at', target.updated_at::text
|
|
||||||
),
|
|
||||||
'evidence', coalesce((
|
|
||||||
select jsonb_agg(row_data order by rn)
|
|
||||||
from (
|
|
||||||
select row_number() over (
|
|
||||||
order by ce.role::text,
|
|
||||||
ce.weight desc nulls last,
|
|
||||||
s.storage_path nulls last,
|
|
||||||
s.url nulls last
|
|
||||||
) as rn,
|
|
||||||
jsonb_build_object(
|
|
||||||
'role', ce.role::text,
|
|
||||||
'weight', ce.weight,
|
|
||||||
'source_type', s.source_type,
|
|
||||||
'url', s.url,
|
|
||||||
'storage_path', s.storage_path,
|
|
||||||
'excerpt', left(coalesce(s.excerpt, ''), 1200)
|
|
||||||
) as row_data
|
|
||||||
from public.claim_evidence ce
|
|
||||||
join public.sources s on s.id = ce.source_id
|
|
||||||
where ce.claim_id = target.id
|
|
||||||
limit 30
|
|
||||||
) evidence_rows
|
|
||||||
), '[]'::jsonb),
|
|
||||||
'edges', coalesce((
|
|
||||||
select jsonb_agg(row_data order by rn)
|
|
||||||
from (
|
|
||||||
select row_number() over (
|
|
||||||
order by e.edge_type::text,
|
|
||||||
other.text
|
|
||||||
) as rn,
|
|
||||||
jsonb_build_object(
|
|
||||||
'direction', case when e.from_claim = target.id then 'outgoing' else 'incoming' end,
|
|
||||||
'edge_type', e.edge_type::text,
|
|
||||||
'connected_id', other.id::text,
|
|
||||||
'connected_text', other.text,
|
|
||||||
'connected_status', other.status,
|
|
||||||
'connected_confidence', other.confidence
|
|
||||||
) as row_data
|
|
||||||
from public.claim_edges e
|
|
||||||
join public.claims other
|
|
||||||
on other.id = case when e.from_claim = target.id then e.to_claim else e.from_claim end
|
|
||||||
where e.from_claim = target.id or e.to_claim = target.id
|
|
||||||
limit 40
|
|
||||||
) edge_rows
|
|
||||||
), '[]'::jsonb)
|
|
||||||
)::text
|
|
||||||
from target;
|
|
||||||
"""
|
|
||||||
out = proposal_review.ap.run_psql(args, sql, password).strip()
|
|
||||||
return json.loads(out) if out else None
|
|
||||||
|
|
||||||
|
|
||||||
def _load_claim(request: web.Request, claim_id: str) -> dict[str, Any] | None:
|
|
||||||
loader = request.app.get(KB_CLAIM_LOADER_KEY)
|
|
||||||
return loader(claim_id) if loader else _load_claim_from_db(claim_id)
|
|
||||||
|
|
||||||
|
|
||||||
def _metadata_table(claim: dict[str, Any]) -> str:
|
|
||||||
rows = [
|
|
||||||
("ID", claim_link_html(claim.get("id"))),
|
|
||||||
("Status", f"<code>{escape(str(claim.get('status') or 'unknown'))}</code>"),
|
|
||||||
("Type", f"<code>{escape(str(claim.get('type') or 'unknown'))}</code>"),
|
|
||||||
("Confidence", f"<code>{escape(str(claim.get('confidence') or 'unknown'))}</code>"),
|
|
||||||
("Tags", f"<code>{escape(', '.join(claim.get('tags') or []) or 'none')}</code>"),
|
|
||||||
("Created", f"<code>{escape(str(claim.get('created_at') or 'unknown'))}</code>"),
|
|
||||||
("Updated", f"<code>{escape(str(claim.get('updated_at') or 'unknown'))}</code>"),
|
|
||||||
]
|
|
||||||
if claim.get("superseded_by"):
|
|
||||||
rows.append(("Superseded by", claim_link_html(claim["superseded_by"])))
|
|
||||||
return "\n".join(f"<tr><th>{escape(label)}</th><td>{value}</td></tr>" for label, value in rows)
|
|
||||||
|
|
||||||
|
|
||||||
def _render_evidence(evidence: list[dict[str, Any]]) -> str:
|
|
||||||
if not evidence:
|
|
||||||
return '<div class="empty-state">No evidence rows found for this claim.</div>'
|
|
||||||
rows = []
|
|
||||||
for row in evidence:
|
|
||||||
source = row.get("url") or row.get("storage_path") or "no source pointer"
|
|
||||||
source_html = escape(str(source))
|
|
||||||
if row.get("url"):
|
|
||||||
source_html = f'<a href="{escape(str(row["url"]))}">{source_html}</a>'
|
|
||||||
rows.append(
|
|
||||||
"<tr>"
|
|
||||||
f"<td><code>{escape(str(row.get('role') or 'unknown'))}</code></td>"
|
|
||||||
f"<td><code>{escape(str(row.get('weight') or ''))}</code></td>"
|
|
||||||
f"<td><code>{escape(str(row.get('source_type') or 'unknown'))}</code></td>"
|
|
||||||
f"<td>{source_html}</td>"
|
|
||||||
f"<td>{escape(str(row.get('excerpt') or ''))}</td>"
|
|
||||||
"</tr>"
|
|
||||||
)
|
|
||||||
return (
|
|
||||||
"<table class=\"claim-table\"><thead><tr><th>Role</th><th>Weight</th>"
|
|
||||||
"<th>Source type</th><th>Source</th><th>Excerpt</th></tr></thead>"
|
|
||||||
f"<tbody>{''.join(rows)}</tbody></table>"
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
def _render_edges(edges: list[dict[str, Any]]) -> str:
|
|
||||||
if not edges:
|
|
||||||
return '<div class="empty-state">No graph edges found for this claim.</div>'
|
|
||||||
rows = []
|
|
||||||
for row in edges:
|
|
||||||
rows.append(
|
|
||||||
"<tr>"
|
|
||||||
f"<td><code>{escape(str(row.get('direction') or 'unknown'))}</code></td>"
|
|
||||||
f"<td><code>{escape(str(row.get('edge_type') or 'unknown'))}</code></td>"
|
|
||||||
f"<td>{short_claim_link_html(row.get('connected_id'))}</td>"
|
|
||||||
f"<td>{escape(str(row.get('connected_text') or ''))}</td>"
|
|
||||||
f"<td><code>{escape(str(row.get('connected_status') or ''))}</code></td>"
|
|
||||||
"</tr>"
|
|
||||||
)
|
|
||||||
return (
|
|
||||||
"<table class=\"claim-table\"><thead><tr><th>Direction</th><th>Edge</th>"
|
|
||||||
"<th>Connected claim</th><th>Text</th><th>Status</th></tr></thead>"
|
|
||||||
f"<tbody>{''.join(rows)}</tbody></table>"
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
def render_kb_claim_page(data: dict[str, Any]) -> str:
|
|
||||||
claim = data["claim"]
|
|
||||||
generated_at = datetime.now(timezone.utc).isoformat()
|
|
||||||
body = f"""
|
|
||||||
<div class="claim-card">
|
|
||||||
<div class="label">Canonical claim</div>
|
|
||||||
<p class="claim-text">{escape(str(claim.get("text") or ""))}</p>
|
|
||||||
<table class="proposal-detail"><tbody>{_metadata_table(claim)}</tbody></table>
|
|
||||||
</div>
|
|
||||||
<div class="section">
|
|
||||||
<div class="section-title">Evidence</div>
|
|
||||||
{_render_evidence(data.get("evidence") or [])}
|
|
||||||
</div>
|
|
||||||
<div class="section">
|
|
||||||
<div class="section-title">Edges</div>
|
|
||||||
{_render_edges(data.get("edges") or [])}
|
|
||||||
</div>"""
|
|
||||||
extra_css = """
|
|
||||||
.claim-card { background: #161b22; border: 1px solid #30363d; border-radius: 8px; padding: 16px; }
|
|
||||||
.claim-text { margin-top: 8px; color: #f0f6fc; font-size: 17px; line-height: 1.45; }
|
|
||||||
.claim-link { color: #58a6ff; text-decoration: none; }
|
|
||||||
.claim-link:hover { text-decoration: underline; }
|
|
||||||
.claim-table td { vertical-align: top; line-height: 1.35; }
|
|
||||||
.claim-table td:nth-child(4), .claim-table td:nth-child(5) { overflow-wrap: anywhere; }
|
|
||||||
.proposal-detail { margin-top: 14px; }
|
|
||||||
.proposal-detail th { width: 150px; vertical-align: top; }
|
|
||||||
.empty-state { color: #8b949e; background: #161b22; border: 1px solid #30363d;
|
|
||||||
border-radius: 8px; padding: 14px; }
|
|
||||||
"""
|
|
||||||
return render_page(
|
|
||||||
"KB Claim",
|
|
||||||
"Canonical claim, evidence rows, and graph edges",
|
|
||||||
"/kb-proposals",
|
|
||||||
body,
|
|
||||||
extra_css=extra_css,
|
|
||||||
timestamp=generated_at,
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
async def handle_api_kb_claim(request: web.Request) -> web.Response:
|
|
||||||
claim_id = request.match_info["claim_id"]
|
|
||||||
if not is_claim_id(claim_id):
|
|
||||||
return web.json_response({"error": "invalid_claim_id", "claim_id": claim_id}, status=400)
|
|
||||||
try:
|
|
||||||
data = _load_claim(request, claim_id)
|
|
||||||
except BaseException as exc:
|
|
||||||
logger.exception("KB claim API load failed")
|
|
||||||
return web.json_response({"error": "kb_claim_load_failed", "detail": str(exc)}, status=500)
|
|
||||||
if not data:
|
|
||||||
return web.json_response({"error": "claim_not_found", "claim_id": claim_id}, status=404)
|
|
||||||
return web.json_response(data)
|
|
||||||
|
|
||||||
|
|
||||||
async def handle_kb_claim_page(request: web.Request) -> web.Response:
|
|
||||||
claim_id = request.match_info["claim_id"]
|
|
||||||
if not is_claim_id(claim_id):
|
|
||||||
return web.Response(text="Invalid claim id", status=400)
|
|
||||||
try:
|
|
||||||
data = _load_claim(request, claim_id)
|
|
||||||
except BaseException as exc:
|
|
||||||
logger.exception("KB claim page load failed")
|
|
||||||
return web.Response(
|
|
||||||
text=render_page(
|
|
||||||
"KB Claim",
|
|
||||||
"Canonical claim, evidence rows, and graph edges",
|
|
||||||
"/kb-proposals",
|
|
||||||
f'<div class="alert-banner alert-critical">Failed to load KB claim: {escape(str(exc))}</div>',
|
|
||||||
),
|
|
||||||
content_type="text/html",
|
|
||||||
status=500,
|
|
||||||
)
|
|
||||||
if not data:
|
|
||||||
return web.Response(text="Claim not found", status=404)
|
|
||||||
return web.Response(text=render_kb_claim_page(data), content_type="text/html")
|
|
||||||
|
|
||||||
|
|
||||||
def register_kb_claim_routes(app: web.Application) -> None:
|
|
||||||
app.router.add_get("/api/kb/claims/{claim_id}", handle_api_kb_claim)
|
|
||||||
app.router.add_get("/kb/claims/{claim_id}", handle_kb_claim_page)
|
|
||||||
|
|
@ -1,535 +0,0 @@
|
||||||
"""Read-only KB proposal review routes for Argus.
|
|
||||||
|
|
||||||
This surface is the operator-visible bridge between Leo's Telegram KB reasoning
|
|
||||||
and the narrow apply worker. It intentionally performs no approve/reject/apply
|
|
||||||
mutation; it only renders the same packets produced by
|
|
||||||
``scripts/kb_proposal_review_packet.py``.
|
|
||||||
"""
|
|
||||||
|
|
||||||
from __future__ import annotations
|
|
||||||
|
|
||||||
import argparse
|
|
||||||
import logging
|
|
||||||
import os
|
|
||||||
import sys
|
|
||||||
from collections import Counter
|
|
||||||
from datetime import datetime, timezone
|
|
||||||
from html import escape
|
|
||||||
from pathlib import Path
|
|
||||||
from typing import Any
|
|
||||||
from urllib.parse import urlencode
|
|
||||||
|
|
||||||
from aiohttp import web
|
|
||||||
from shared_ui import render_page
|
|
||||||
|
|
||||||
ROOT = Path(__file__).resolve().parent.parent
|
|
||||||
SCRIPT_DIR_CANDIDATES = [
|
|
||||||
ROOT / "scripts",
|
|
||||||
Path(os.environ.get("TELEO_INFRA_REPO_DIR", "/opt/teleo-eval/workspaces/deploy-infra")) / "scripts",
|
|
||||||
]
|
|
||||||
for scripts_dir in SCRIPT_DIR_CANDIDATES:
|
|
||||||
if str(scripts_dir) not in sys.path:
|
|
||||||
sys.path.insert(0, str(scripts_dir))
|
|
||||||
|
|
||||||
import kb_proposal_normalize as proposal_normalize # noqa: E402
|
|
||||||
import kb_proposal_review_packet as proposal_review # noqa: E402
|
|
||||||
from kb_claim_routes import claim_link_html # noqa: E402
|
|
||||||
|
|
||||||
logger = logging.getLogger("argus.kb_proposals")
|
|
||||||
|
|
||||||
KB_PROPOSAL_PUBLIC_PATHS = frozenset({"/kb-proposals", "/api/kb-proposals"})
|
|
||||||
KB_PROPOSAL_LOADER_KEY = web.AppKey("kb_proposal_loader", object)
|
|
||||||
|
|
||||||
DEFAULT_LIMIT = 20
|
|
||||||
MAX_LIMIT = 100
|
|
||||||
|
|
||||||
|
|
||||||
def _query_limit(value: str | None) -> int:
|
|
||||||
if not value:
|
|
||||||
return DEFAULT_LIMIT
|
|
||||||
try:
|
|
||||||
limit = int(value)
|
|
||||||
except ValueError:
|
|
||||||
return DEFAULT_LIMIT
|
|
||||||
return max(1, min(limit, MAX_LIMIT))
|
|
||||||
|
|
||||||
|
|
||||||
def _query_filters(request: web.Request) -> dict[str, Any]:
|
|
||||||
status = request.query.get("status", "approved").strip() or "approved"
|
|
||||||
proposal_id = (request.query.get("proposal_id") or "").strip()
|
|
||||||
if proposal_id:
|
|
||||||
status = ""
|
|
||||||
return {
|
|
||||||
"status": status,
|
|
||||||
"proposal_id": proposal_id,
|
|
||||||
"limit": _query_limit(request.query.get("limit")),
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
def _db_args(filters: dict[str, Any]) -> argparse.Namespace:
|
|
||||||
return argparse.Namespace(
|
|
||||||
proposal_id=filters["proposal_id"] or None,
|
|
||||||
status=filters["status"] or None,
|
|
||||||
limit=filters["limit"],
|
|
||||||
secrets_file=os.environ.get(
|
|
||||||
"KB_PROPOSAL_REVIEW_SECRETS_FILE",
|
|
||||||
os.environ.get("KB_APPLY_SECRETS_FILE", proposal_review.ap.DEFAULT_SECRETS_FILE),
|
|
||||||
),
|
|
||||||
container=os.environ.get("KB_PROPOSAL_REVIEW_CONTAINER", proposal_review.ap.DEFAULT_CONTAINER),
|
|
||||||
db=os.environ.get("KB_PROPOSAL_REVIEW_DB", proposal_review.ap.DEFAULT_DB),
|
|
||||||
host=os.environ.get("KB_PROPOSAL_REVIEW_HOST", proposal_review.ap.DEFAULT_HOST),
|
|
||||||
role=os.environ.get("KB_PROPOSAL_REVIEW_ROLE", proposal_review.ap.DEFAULT_ROLE),
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
def _load_packets(request: web.Request, filters: dict[str, Any]) -> list[dict[str, Any]]:
|
|
||||||
loader = request.app.get(KB_PROPOSAL_LOADER_KEY)
|
|
||||||
proposals = loader(_db_args(filters)) if loader else proposal_review.load_from_db(_db_args(filters))
|
|
||||||
packets = []
|
|
||||||
for proposal in proposals:
|
|
||||||
packet = proposal_review.classify_proposal(proposal)
|
|
||||||
packet["normalization_preview"] = proposal_normalize.normalize_proposal(proposal)
|
|
||||||
packet["apply_preview"] = build_apply_preview(proposal, packet)
|
|
||||||
packets.append(packet)
|
|
||||||
return packets
|
|
||||||
|
|
||||||
|
|
||||||
def _counts(packets: list[dict[str, Any]], key: str) -> dict[str, int]:
|
|
||||||
return dict(Counter(str(packet.get(key) or "unknown") for packet in packets))
|
|
||||||
|
|
||||||
|
|
||||||
def build_kb_proposal_response(packets: list[dict[str, Any]], filters: dict[str, Any]) -> dict[str, Any]:
|
|
||||||
return {
|
|
||||||
"generated_at": datetime.now(timezone.utc).isoformat(),
|
|
||||||
"filters": filters,
|
|
||||||
"total": len(packets),
|
|
||||||
"status_counts": _counts(packets, "status"),
|
|
||||||
"review_state_counts": _counts(packets, "review_state"),
|
|
||||||
"worker_applyable_count": sum(1 for packet in packets if packet.get("worker_applyable")),
|
|
||||||
"packets": packets,
|
|
||||||
"read_only": True,
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
def _badge_class(value: str) -> str:
|
|
||||||
if value in {"applied", "approved_applyable"}:
|
|
||||||
return "badge-green"
|
|
||||||
if value in {"approved", "approved_needs_apply_payload", "needs_human_review", "pending_review"}:
|
|
||||||
return "badge-yellow"
|
|
||||||
if value in {"unsupported_by_apply_worker", "not_ready"}:
|
|
||||||
return "badge-red"
|
|
||||||
return "badge-blue"
|
|
||||||
|
|
||||||
|
|
||||||
def _badge(value: Any) -> str:
|
|
||||||
text = escape(str(value or "unknown"))
|
|
||||||
return f'<span class="badge {_badge_class(str(value or ""))}">{text}</span>'
|
|
||||||
|
|
||||||
|
|
||||||
def _join_values(values: list[Any]) -> str:
|
|
||||||
if not values:
|
|
||||||
return '<span class="muted">none</span>'
|
|
||||||
return ", ".join(escape(str(value)) for value in values)
|
|
||||||
|
|
||||||
|
|
||||||
def _code(value: Any) -> str:
|
|
||||||
return f"<code>{escape(str(value))}</code>"
|
|
||||||
|
|
||||||
|
|
||||||
def _payload_dict(value: Any) -> dict[str, Any]:
|
|
||||||
return value if isinstance(value, dict) else {}
|
|
||||||
|
|
||||||
|
|
||||||
def _payload_list(value: Any) -> list[Any]:
|
|
||||||
return value if isinstance(value, list) else []
|
|
||||||
|
|
||||||
|
|
||||||
def _apply_preview_row(
|
|
||||||
*,
|
|
||||||
action: str,
|
|
||||||
table: str,
|
|
||||||
target: str,
|
|
||||||
claim_ids: list[str] | None = None,
|
|
||||||
details: dict[str, Any] | None = None,
|
|
||||||
source: str = "proposal",
|
|
||||||
) -> dict[str, Any]:
|
|
||||||
return {
|
|
||||||
"action": action,
|
|
||||||
"table": table,
|
|
||||||
"target": target,
|
|
||||||
"claim_ids": claim_ids or [],
|
|
||||||
"details": details or {},
|
|
||||||
"source": source,
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
def _strict_apply_preview_rows(
|
|
||||||
proposal_type: str | None,
|
|
||||||
apply_payload: dict[str, Any],
|
|
||||||
*,
|
|
||||||
source: str = "proposal.apply_payload",
|
|
||||||
) -> list[dict[str, Any]]:
|
|
||||||
if proposal_type == "add_edge":
|
|
||||||
from_claim = str(apply_payload.get("from_claim") or "")
|
|
||||||
to_claim = str(apply_payload.get("to_claim") or "")
|
|
||||||
edge_type = str(apply_payload.get("edge_type") or "")
|
|
||||||
return [
|
|
||||||
_apply_preview_row(
|
|
||||||
action="insert_if_missing",
|
|
||||||
table="public.claim_edges",
|
|
||||||
target=f"{from_claim} -> {to_claim} ({edge_type or 'edge_type missing'})",
|
|
||||||
claim_ids=[claim_id for claim_id in [from_claim, to_claim] if claim_id],
|
|
||||||
details={
|
|
||||||
"from_claim": from_claim,
|
|
||||||
"to_claim": to_claim,
|
|
||||||
"edge_type": edge_type,
|
|
||||||
"weight": apply_payload.get("weight"),
|
|
||||||
},
|
|
||||||
source=source,
|
|
||||||
)
|
|
||||||
]
|
|
||||||
|
|
||||||
if proposal_type == "attach_evidence":
|
|
||||||
rows = []
|
|
||||||
for evidence in _payload_list(apply_payload.get("evidence")):
|
|
||||||
ev = _payload_dict(evidence)
|
|
||||||
claim_id = str(ev.get("claim_id") or "")
|
|
||||||
source_id = str(ev.get("source_id") or "")
|
|
||||||
role = str(ev.get("role") or "grounds")
|
|
||||||
rows.append(
|
|
||||||
_apply_preview_row(
|
|
||||||
action="insert_if_missing",
|
|
||||||
table="public.claim_evidence",
|
|
||||||
target=f"{claim_id} <= {source_id} ({role})",
|
|
||||||
claim_ids=[claim_id] if claim_id else [],
|
|
||||||
details={
|
|
||||||
"claim_id": claim_id,
|
|
||||||
"source_id": source_id,
|
|
||||||
"role": role,
|
|
||||||
"weight": ev.get("weight"),
|
|
||||||
},
|
|
||||||
source=source,
|
|
||||||
)
|
|
||||||
)
|
|
||||||
return rows
|
|
||||||
|
|
||||||
if proposal_type == "revise_strategy":
|
|
||||||
agent_id = str(apply_payload.get("agent_id") or "")
|
|
||||||
strategy_nodes = _payload_list(apply_payload.get("strategy_nodes"))
|
|
||||||
return [
|
|
||||||
_apply_preview_row(
|
|
||||||
action="update_then_insert",
|
|
||||||
table="public.strategies",
|
|
||||||
target=f"new active strategy for agent {agent_id or 'unknown'}",
|
|
||||||
details={
|
|
||||||
"agent_id": agent_id,
|
|
||||||
"strategy_keys": sorted(_payload_dict(apply_payload.get("strategy")).keys()),
|
|
||||||
},
|
|
||||||
source=source,
|
|
||||||
),
|
|
||||||
_apply_preview_row(
|
|
||||||
action="retire_then_insert",
|
|
||||||
table="public.strategy_nodes",
|
|
||||||
target=f"{len(strategy_nodes)} replacement strategy node(s)",
|
|
||||||
details={"agent_id": agent_id, "strategy_node_count": len(strategy_nodes)},
|
|
||||||
source=source,
|
|
||||||
),
|
|
||||||
]
|
|
||||||
|
|
||||||
return [
|
|
||||||
_apply_preview_row(
|
|
||||||
action="blocked",
|
|
||||||
table="none",
|
|
||||||
target=f"unsupported proposal_type {proposal_type or 'unknown'}",
|
|
||||||
details={"proposal_type": proposal_type},
|
|
||||||
source=source,
|
|
||||||
)
|
|
||||||
]
|
|
||||||
|
|
||||||
|
|
||||||
def build_apply_preview(proposal: dict[str, Any], packet: dict[str, Any]) -> dict[str, Any]:
|
|
||||||
"""Build a read-only, row-level preview of what an apply step would touch."""
|
|
||||||
payload = _payload_dict(proposal.get("payload"))
|
|
||||||
apply_payload = _payload_dict(payload.get("apply_payload"))
|
|
||||||
proposal_type = proposal.get("proposal_type")
|
|
||||||
normalization = _payload_dict(packet.get("normalization_preview"))
|
|
||||||
|
|
||||||
if proposal.get("status") == "applied":
|
|
||||||
return {
|
|
||||||
"state": "applied",
|
|
||||||
"rows": [],
|
|
||||||
"blocked_fragments": [],
|
|
||||||
"note": "Proposal is already applied; use the canonical claim/edge/evidence readback.",
|
|
||||||
}
|
|
||||||
|
|
||||||
if apply_payload and proposal_type in proposal_review.ap.APPLYABLE_TYPES:
|
|
||||||
return {
|
|
||||||
"state": "strict_apply_payload_ready",
|
|
||||||
"rows": _strict_apply_preview_rows(proposal_type, apply_payload),
|
|
||||||
"blocked_fragments": [],
|
|
||||||
"note": "Preview only; the page does not execute canonical writes.",
|
|
||||||
}
|
|
||||||
|
|
||||||
child_rows = []
|
|
||||||
for index, child in enumerate(_payload_list(normalization.get("strict_child_proposals"))):
|
|
||||||
child_payload = _payload_dict(_payload_dict(child).get("payload"))
|
|
||||||
child_apply_payload = _payload_dict(child_payload.get("apply_payload"))
|
|
||||||
child_type = str(_payload_dict(child).get("proposal_type") or "")
|
|
||||||
child_rows.extend(
|
|
||||||
_strict_apply_preview_rows(
|
|
||||||
child_type,
|
|
||||||
child_apply_payload,
|
|
||||||
source=f"normalization.strict_child_proposals[{index}]",
|
|
||||||
)
|
|
||||||
)
|
|
||||||
|
|
||||||
blocked = _payload_list(normalization.get("blocked_fragments"))
|
|
||||||
if child_rows and not blocked:
|
|
||||||
state = "strict_child_proposals_ready"
|
|
||||||
note = "Preview of strict child proposals; reviewer still needs to stage those children before apply."
|
|
||||||
elif child_rows:
|
|
||||||
state = "partial_preview_blocked_fragments"
|
|
||||||
note = "Some strict child rows can be previewed; blocked fragments still need canonical IDs or schema decisions."
|
|
||||||
else:
|
|
||||||
state = "not_applyable_yet"
|
|
||||||
note = "No canonical write preview is safe until the proposal has a strict apply_payload or strict child proposals."
|
|
||||||
|
|
||||||
return {
|
|
||||||
"state": state,
|
|
||||||
"rows": child_rows,
|
|
||||||
"blocked_fragments": blocked,
|
|
||||||
"note": note,
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
def _status_link(label: str, status: str, filters: dict[str, Any]) -> str:
|
|
||||||
query = urlencode({"status": status, "limit": filters["limit"]})
|
|
||||||
return f'<a class="filter-link" href="/kb-proposals?{query}">{escape(label)}</a>'
|
|
||||||
|
|
||||||
|
|
||||||
def _apply_preview_html(preview: dict[str, Any]) -> str:
|
|
||||||
state = _badge(preview.get("state"))
|
|
||||||
rows = _payload_list(preview.get("rows"))
|
|
||||||
blocked = _payload_list(preview.get("blocked_fragments"))
|
|
||||||
note = escape(str(preview.get("note") or ""))
|
|
||||||
row_html = ""
|
|
||||||
if rows:
|
|
||||||
rendered_rows = []
|
|
||||||
for row in rows:
|
|
||||||
details = _payload_dict(_payload_dict(row).get("details"))
|
|
||||||
detail_text = ", ".join(
|
|
||||||
f"{escape(str(key))}={escape(str(value))}"
|
|
||||||
for key, value in details.items()
|
|
||||||
if value not in (None, "")
|
|
||||||
)
|
|
||||||
claim_links = " ".join(
|
|
||||||
claim_link_html(claim_id, label=str(claim_id)[:8])
|
|
||||||
for claim_id in _payload_list(_payload_dict(row).get("claim_ids"))
|
|
||||||
) or '<span class="muted">none</span>'
|
|
||||||
detail_html = escape(detail_text) if detail_text else '<span class="muted">none</span>'
|
|
||||||
rendered_rows.append(
|
|
||||||
"<tr>"
|
|
||||||
f"<td>{_code(_payload_dict(row).get('action') or 'unknown')}</td>"
|
|
||||||
f"<td>{_code(_payload_dict(row).get('table') or 'unknown')}</td>"
|
|
||||||
f"<td>{escape(str(_payload_dict(row).get('target') or ''))}</td>"
|
|
||||||
f"<td>{claim_links}</td>"
|
|
||||||
f"<td>{detail_html}</td>"
|
|
||||||
"</tr>"
|
|
||||||
)
|
|
||||||
row_html = f"""
|
|
||||||
<table class="proposal-detail apply-preview-table">
|
|
||||||
<thead><tr><th>Action</th><th>Table</th><th>Target</th><th>Claims</th><th>Details</th></tr></thead>
|
|
||||||
<tbody>{''.join(rendered_rows)}</tbody>
|
|
||||||
</table>"""
|
|
||||||
else:
|
|
||||||
row_html = '<p class="muted">No canonical row preview is executable yet.</p>'
|
|
||||||
|
|
||||||
blocked_html = ""
|
|
||||||
if blocked:
|
|
||||||
blocked_rows = []
|
|
||||||
for fragment in blocked:
|
|
||||||
frag = _payload_dict(fragment)
|
|
||||||
missing = ", ".join(escape(str(value)) for value in _payload_list(frag.get("missing"))) or "unknown"
|
|
||||||
blocked_rows.append(
|
|
||||||
"<tr>"
|
|
||||||
f"<td>{_code(frag.get('kind') or 'fragment')}</td>"
|
|
||||||
f"<td>{escape(str(frag.get('reason') or 'blocked'))}</td>"
|
|
||||||
f"<td>{missing}</td>"
|
|
||||||
"</tr>"
|
|
||||||
)
|
|
||||||
blocked_html = f"""
|
|
||||||
<div class="label preview-label">Blocked fragments</div>
|
|
||||||
<table class="proposal-detail apply-preview-table">
|
|
||||||
<thead><tr><th>Kind</th><th>Reason</th><th>Missing</th></tr></thead>
|
|
||||||
<tbody>{''.join(blocked_rows)}</tbody>
|
|
||||||
</table>"""
|
|
||||||
|
|
||||||
return f"""
|
|
||||||
<div class="next-action apply-preview">
|
|
||||||
<div class="label">Apply preview</div>
|
|
||||||
<p>{state} <span class="muted">{note}</span></p>
|
|
||||||
{row_html}
|
|
||||||
{blocked_html}
|
|
||||||
</div>"""
|
|
||||||
|
|
||||||
|
|
||||||
def _packet_card(packet: dict[str, Any]) -> str:
|
|
||||||
auth = packet.get("identity_and_authorization") or {}
|
|
||||||
summary = packet.get("payload_summary") or {}
|
|
||||||
applyability = packet.get("applyability") or {}
|
|
||||||
proposal_id_raw = str(packet.get("proposal_id") or "unknown")
|
|
||||||
proposal_id = _code(proposal_id_raw)
|
|
||||||
proposal_kind = escape(str(summary.get("proposal_kind") or "unknown"))
|
|
||||||
next_action = escape(str(packet.get("next_admin_action") or "No next action recorded."))
|
|
||||||
source_ref = escape(str(auth.get("source_ref") or "unknown"))
|
|
||||||
channel = escape(str(auth.get("channel") or "unknown"))
|
|
||||||
reviewed_by = escape(str(auth.get("reviewed_by_handle") or "unreviewed"))
|
|
||||||
|
|
||||||
rows = [
|
|
||||||
("Status", _badge(packet.get("status"))),
|
|
||||||
("Review state", _badge(packet.get("review_state"))),
|
|
||||||
("Worker applyable", "yes" if packet.get("worker_applyable") else "no"),
|
|
||||||
("Has strict apply payload", "yes" if packet.get("has_apply_payload") else "no"),
|
|
||||||
("Proposal kind", proposal_kind),
|
|
||||||
("Reviewed by", reviewed_by),
|
|
||||||
("Channel", channel),
|
|
||||||
("Source ref", source_ref),
|
|
||||||
("Old claim id", claim_link_html(summary.get("old_claim_id") or "unknown")),
|
|
||||||
("Claim candidates", _code(summary.get("claim_candidate_count", 0))),
|
|
||||||
("Source candidates", _code(summary.get("source_candidate_count", 0))),
|
|
||||||
("Supersession edges", _code(summary.get("supersession_edge_count", 0))),
|
|
||||||
("Missing contract", _join_values(applyability.get("missing_contract") or [])),
|
|
||||||
]
|
|
||||||
normalization = packet.get("normalization_preview") or {}
|
|
||||||
if normalization:
|
|
||||||
rows.extend(
|
|
||||||
[
|
|
||||||
("Normalization", _badge(normalization.get("normalization_state"))),
|
|
||||||
("Strict child proposals", _code(normalization.get("strict_child_count", 0))),
|
|
||||||
("Blocked fragments", _code(normalization.get("blocked_count", 0))),
|
|
||||||
]
|
|
||||||
)
|
|
||||||
details = "\n".join(
|
|
||||||
f"<tr><th>{escape(label)}</th><td>{value}</td></tr>" for label, value in rows
|
|
||||||
)
|
|
||||||
normalization_html = ""
|
|
||||||
if normalization:
|
|
||||||
normalization_html = f"""
|
|
||||||
<div class="next-action">
|
|
||||||
<div class="label">Normalization action</div>
|
|
||||||
<p>{escape(str(normalization.get("next_normalization_action") or "No normalization action recorded."))}</p>
|
|
||||||
</div>"""
|
|
||||||
apply_preview_html = _apply_preview_html(packet.get("apply_preview") or {})
|
|
||||||
return f"""
|
|
||||||
<article class="proposal-card">
|
|
||||||
<div class="proposal-card-header">
|
|
||||||
<h2>{proposal_id}</h2>
|
|
||||||
</div>
|
|
||||||
<table class="proposal-detail">
|
|
||||||
<tbody>{details}</tbody>
|
|
||||||
</table>
|
|
||||||
<div class="next-action">
|
|
||||||
<div class="label">Next admin action</div>
|
|
||||||
<p>{next_action}</p>
|
|
||||||
</div>
|
|
||||||
{normalization_html}
|
|
||||||
{apply_preview_html}
|
|
||||||
</article>"""
|
|
||||||
|
|
||||||
|
|
||||||
def render_kb_proposals_page(data: dict[str, Any]) -> str:
|
|
||||||
filters = data["filters"]
|
|
||||||
packets = data["packets"]
|
|
||||||
generated_at = escape(str(data["generated_at"]))
|
|
||||||
cards = "\n".join(_packet_card(packet) for packet in packets)
|
|
||||||
if not cards:
|
|
||||||
cards = '<div class="alert-banner alert-info">No proposals matched this filter.</div>'
|
|
||||||
|
|
||||||
filter_html = " ".join(
|
|
||||||
[
|
|
||||||
_status_link("Approved", "approved", filters),
|
|
||||||
_status_link("Pending review", "pending_review", filters),
|
|
||||||
_status_link("Applied", "applied", filters),
|
|
||||||
]
|
|
||||||
)
|
|
||||||
body = f"""
|
|
||||||
<div class="alert-banner alert-info">
|
|
||||||
Read-only review surface. It shows proposal intent, applyability, missing contracts,
|
|
||||||
and the next admin action; it does not approve, reject, or apply proposals.
|
|
||||||
</div>
|
|
||||||
<div class="grid">
|
|
||||||
<div class="card"><div class="label">Matching proposals</div><div class="value">{data["total"]}</div></div>
|
|
||||||
<div class="card"><div class="label">Worker applyable</div><div class="value">{data["worker_applyable_count"]}</div></div>
|
|
||||||
<div class="card"><div class="label">Current status filter</div><div class="value small-value">{escape(filters.get("status") or "by id")}</div></div>
|
|
||||||
</div>
|
|
||||||
<div class="section">
|
|
||||||
<div class="section-title">Filters</div>
|
|
||||||
<div class="filters">{filter_html}</div>
|
|
||||||
</div>
|
|
||||||
<div class="section">
|
|
||||||
<div class="section-title">Proposal Review Packets</div>
|
|
||||||
<div class="proposal-list">{cards}</div>
|
|
||||||
</div>"""
|
|
||||||
extra_css = """
|
|
||||||
.small-value { font-size: 16px !important; overflow-wrap: anywhere; }
|
|
||||||
.filters { display: flex; flex-wrap: wrap; gap: 8px; }
|
|
||||||
.filter-link { color: #58a6ff; background: #161b22; border: 1px solid #30363d;
|
|
||||||
border-radius: 6px; padding: 6px 10px; text-decoration: none; font-size: 13px; }
|
|
||||||
.filter-link:hover { background: #21262d; }
|
|
||||||
.claim-link { color: #58a6ff; text-decoration: none; }
|
|
||||||
.claim-link:hover { text-decoration: underline; }
|
|
||||||
.proposal-list { display: grid; gap: 16px; }
|
|
||||||
.proposal-card { background: #161b22; border: 1px solid #30363d; border-radius: 8px; padding: 16px; }
|
|
||||||
.proposal-card-header { display: flex; justify-content: space-between; gap: 12px; align-items: start; }
|
|
||||||
.proposal-card h2 { color: #c9d1d9; font-size: 15px; overflow-wrap: anywhere; }
|
|
||||||
.proposal-detail { margin-top: 12px; }
|
|
||||||
.proposal-detail th { width: 210px; vertical-align: top; }
|
|
||||||
.proposal-detail td { overflow-wrap: anywhere; }
|
|
||||||
.next-action { margin-top: 14px; padding: 12px; border: 1px solid #30363d; border-radius: 6px; background: #0d1117; }
|
|
||||||
.next-action .label { color: #8b949e; font-size: 11px; text-transform: uppercase; margin-bottom: 6px; }
|
|
||||||
.next-action p { color: #c9d1d9; line-height: 1.4; }
|
|
||||||
.muted { color: #8b949e; }
|
|
||||||
"""
|
|
||||||
return render_page(
|
|
||||||
"KB Proposals",
|
|
||||||
"Review Leo KB proposal packets before any apply step",
|
|
||||||
"/kb-proposals",
|
|
||||||
body,
|
|
||||||
extra_css=extra_css,
|
|
||||||
timestamp=generated_at,
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
async def handle_api_kb_proposals(request: web.Request) -> web.Response:
|
|
||||||
filters = _query_filters(request)
|
|
||||||
try:
|
|
||||||
packets = _load_packets(request, filters)
|
|
||||||
except BaseException as exc:
|
|
||||||
logger.exception("KB proposal packet load failed")
|
|
||||||
return web.json_response({"error": "kb_proposal_load_failed", "detail": str(exc)}, status=500)
|
|
||||||
return web.json_response(build_kb_proposal_response(packets, filters))
|
|
||||||
|
|
||||||
|
|
||||||
async def handle_kb_proposals_page(request: web.Request) -> web.Response:
|
|
||||||
filters = _query_filters(request)
|
|
||||||
try:
|
|
||||||
packets = _load_packets(request, filters)
|
|
||||||
except BaseException as exc:
|
|
||||||
logger.exception("KB proposal packet page failed")
|
|
||||||
return web.Response(
|
|
||||||
text=render_page(
|
|
||||||
"KB Proposals",
|
|
||||||
"Review Leo KB proposal packets before any apply step",
|
|
||||||
"/kb-proposals",
|
|
||||||
f'<div class="alert-banner alert-critical">Failed to load KB proposals: {escape(str(exc))}</div>',
|
|
||||||
),
|
|
||||||
content_type="text/html",
|
|
||||||
status=500,
|
|
||||||
)
|
|
||||||
data = build_kb_proposal_response(packets, filters)
|
|
||||||
return web.Response(text=render_kb_proposals_page(data), content_type="text/html")
|
|
||||||
|
|
||||||
|
|
||||||
def register_kb_proposal_routes(app: web.Application) -> None:
|
|
||||||
app.router.add_get("/api/kb-proposals", handle_api_kb_proposals)
|
|
||||||
app.router.add_get("/kb-proposals", handle_kb_proposals_page)
|
|
||||||
|
|
@ -9,7 +9,6 @@ PAGES = [
|
||||||
{"path": "/prs", "label": "PRs", "icon": "✎"},
|
{"path": "/prs", "label": "PRs", "icon": "✎"},
|
||||||
{"path": "/ops", "label": "Operations", "icon": "⚙"},
|
{"path": "/ops", "label": "Operations", "icon": "⚙"},
|
||||||
{"path": "/health", "label": "Knowledge Health", "icon": "♥"},
|
{"path": "/health", "label": "Knowledge Health", "icon": "♥"},
|
||||||
{"path": "/kb-proposals", "label": "KB Proposals", "icon": "⚒"},
|
|
||||||
{"path": "/agents", "label": "Agents", "icon": "★"},
|
{"path": "/agents", "label": "Agents", "icon": "★"},
|
||||||
{"path": "/epistemic", "label": "Epistemic", "icon": "⚖"},
|
{"path": "/epistemic", "label": "Epistemic", "icon": "⚖"},
|
||||||
{"path": "/portfolio", "label": "Portfolio", "icon": "★"},
|
{"path": "/portfolio", "label": "Portfolio", "icon": "★"},
|
||||||
|
|
|
||||||
|
|
@ -1,30 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
set -euo pipefail
|
|
||||||
|
|
||||||
cd /app
|
|
||||||
|
|
||||||
python -m compileall -q lib telegram diagnostics teleo-pipeline.py
|
|
||||||
|
|
||||||
python -m pytest -q \
|
|
||||||
tests/test_agent_routing.py \
|
|
||||||
tests/test_decision_engine_replay.py \
|
|
||||||
tests/test_phase1b_end_to_end.py \
|
|
||||||
tests/test_research_eval_schema_sql.py \
|
|
||||||
tests/test_teleo_agent_systemd.py
|
|
||||||
|
|
||||||
python - <<'PY'
|
|
||||||
import json
|
|
||||||
from lib.agent_routing import classify_pr_route
|
|
||||||
|
|
||||||
route = classify_pr_route(
|
|
||||||
"diff --git a/domains/internet-finance/x402-wallets.md b/domains/internet-finance/x402-wallets.md\n"
|
|
||||||
"+AI systems route agents around x402 payments and agent wallets.\n"
|
|
||||||
)
|
|
||||||
|
|
||||||
print(json.dumps({
|
|
||||||
"smoke": "teleo-gcp-staging-ok",
|
|
||||||
"primary_agent": route.primary_agent,
|
|
||||||
"required_agents": list(route.required_agents),
|
|
||||||
"route_kind": route.route_kind,
|
|
||||||
}, sort_keys=True))
|
|
||||||
PY
|
|
||||||
|
|
@ -1,54 +0,0 @@
|
||||||
{
|
|
||||||
"status": "blocked_remote_execution",
|
|
||||||
"scope": "crabbox remote proof",
|
|
||||||
"attempted_discovery": [
|
|
||||||
"verified Crabbox CLI is installed at /Users/user/.local/bin/crabbox",
|
|
||||||
"ran crabbox job list",
|
|
||||||
"ran crabbox sync-plan",
|
|
||||||
"ran crabbox job run --dry-run unit",
|
|
||||||
"ran crabbox job run --dry-run phase1b-local-proof",
|
|
||||||
"checked presence of CRABBOX_COORDINATOR, CRABBOX_COORDINATOR_TOKEN, HCLOUD_TOKEN, HETZNER_TOKEN, GH_TOKEN, and GITHUB_TOKEN without printing values",
|
|
||||||
"loaded retained Bitwarden session from /tmp/bw_session without printing the session value",
|
|
||||||
"ran bw status and bw sync",
|
|
||||||
"checked Bitwarden organization, collection, and item counts",
|
|
||||||
"checked visible Bitwarden item names and metadata only",
|
|
||||||
"scanned visible Bitwarden item names and notes for crabbox, hcloud, hetzner, and coordinator terms without printing note or secret values"
|
|
||||||
],
|
|
||||||
"exact_blocker": "Crabbox provider execution still lacks a real provider credential: HCLOUD_TOKEN, HETZNER_TOKEN, CRABBOX_COORDINATOR, and CRABBOX_COORDINATOR_TOKEN are unset, and the visible Bitwarden org collection contains only Anthropic API Key, Leo twitter, and LivingIPbot Github, with no Crabbox, HCloud, Hetzner, or coordinator metadata match.",
|
|
||||||
"why_it_cannot_be_solved_autonomously": "A remote Crabbox lease requires a real Hetzner or Crabbox broker credential. The repo can safely commit CI/CD config, dry-run plans, and blocker artifacts, but it cannot fabricate the provider credential or commit secret values.",
|
|
||||||
"exact_next_action": "Add a scoped Hetzner/Crabbox broker credential to Bitwarden or GitHub environment secrets as HCLOUD_TOKEN, HETZNER_TOKEN, CRABBOX_COORDINATOR, or CRABBOX_COORDINATOR_TOKEN, then rerun crabbox doctor --json and crabbox job run phase1b-local-proof from teleo-infrastructure.",
|
|
||||||
"safe_local_status": {
|
|
||||||
"crabbox_cli_installed": "0.22.1",
|
|
||||||
"job_list": "passes",
|
|
||||||
"sync_plan": "217 files, 2.4 MiB",
|
|
||||||
"unit_dry_run": "passes",
|
|
||||||
"phase1b_proof_dry_run": "passes",
|
|
||||||
"ci_contract_guard": "passes",
|
|
||||||
"phase1b_proof_wrapper": "131 passed, 8 proof cases succeeded, all six agents seen",
|
|
||||||
"full_pytest": "422 passed",
|
|
||||||
"crabbox_doctor": "fails only provider credential check: HCLOUD_TOKEN or HETZNER_TOKEN is required",
|
|
||||||
"bitwarden_status": "unlocked",
|
|
||||||
"bitwarden_organizations": 1,
|
|
||||||
"bitwarden_collections": 1,
|
|
||||||
"bitwarden_items_visible": 3,
|
|
||||||
"bitwarden_matching_crabbox_or_hetzner_items": 0
|
|
||||||
},
|
|
||||||
"secret_commit_policy": {
|
|
||||||
"allowed_to_commit": [
|
|
||||||
"workflow files",
|
|
||||||
"Crabbox config with secret slot names omitted",
|
|
||||||
"proof scripts",
|
|
||||||
"machine-readable blocker artifacts",
|
|
||||||
"docs and agent skills"
|
|
||||||
],
|
|
||||||
"not_allowed_to_commit": [
|
|
||||||
"Bitwarden item values",
|
|
||||||
"Bitwarden vault exports",
|
|
||||||
"provider tokens",
|
|
||||||
"GitHub bot tokens",
|
|
||||||
"OpenRouter keys",
|
|
||||||
"SSH private keys",
|
|
||||||
"production databases"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1,96 +0,0 @@
|
||||||
# Crabbox Remote Proof
|
|
||||||
|
|
||||||
Crabbox is the remote execution layer for `teleo-infrastructure`. It is not the production deploy system.
|
|
||||||
|
|
||||||
## Goals
|
|
||||||
|
|
||||||
- Run Python tests on a disposable or warm remote Linux box.
|
|
||||||
- Prove the CI/Crabbox contract without network access before remote runs.
|
|
||||||
- Run the Phase 1B local proof script remotely.
|
|
||||||
- Retain JUnit and machine-readable proof artifacts.
|
|
||||||
- Give agents a bounded job list instead of arbitrary cloud shell access.
|
|
||||||
|
|
||||||
## Non-Goals
|
|
||||||
|
|
||||||
- No production deploys.
|
|
||||||
- No production secrets.
|
|
||||||
- No production VPS mutation.
|
|
||||||
- No production `decision-engine` PR comments from Crabbox jobs.
|
|
||||||
|
|
||||||
## Required Local Setup
|
|
||||||
|
|
||||||
Crabbox CLI 0.22.1 or newer:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
crabbox --version
|
|
||||||
```
|
|
||||||
|
|
||||||
One of:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
crabbox login --url "$CRABBOX_COORDINATOR"
|
|
||||||
```
|
|
||||||
|
|
||||||
or direct Hetzner operator env:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
export HCLOUD_TOKEN="..."
|
|
||||||
```
|
|
||||||
|
|
||||||
Do not commit either value.
|
|
||||||
|
|
||||||
## Jobs
|
|
||||||
|
|
||||||
```bash
|
|
||||||
crabbox job list
|
|
||||||
crabbox job run --dry-run ci-contract
|
|
||||||
crabbox job run --dry-run unit
|
|
||||||
crabbox job run --dry-run phase1b-local-proof
|
|
||||||
crabbox job run ci-contract
|
|
||||||
crabbox job run unit
|
|
||||||
crabbox job run phase1b-local-proof
|
|
||||||
```
|
|
||||||
|
|
||||||
`ci-contract` writes:
|
|
||||||
|
|
||||||
- `.crabbox-results/crabbox-ci-contract.json`
|
|
||||||
|
|
||||||
`phase1b-local-proof` writes:
|
|
||||||
|
|
||||||
- `.crabbox-results/crabbox-ci-contract.json`
|
|
||||||
- `proof/phase1b-local-e2e-proof.json`
|
|
||||||
- `.crabbox-results/phase1b-pytest.xml`
|
|
||||||
- `.crabbox-results/phase1b-proof-summary.json`
|
|
||||||
|
|
||||||
The contract proof checks that:
|
|
||||||
|
|
||||||
- Crabbox exposes only the named bounded jobs.
|
|
||||||
- sync excludes secret/runtime files such as `.env`, `secrets`, DBs, logs, caches, and virtualenvs.
|
|
||||||
- `.crabbox.yaml` contains no token-bearing env names.
|
|
||||||
- Leo routes are explicit: Leo-owned domains, fallback routes, and top-2 cross-domain routes that include Leo are covered, while Phase 1B does not silently preserve Leo as a universal second reviewer.
|
|
||||||
|
|
||||||
## Secret Boundary
|
|
||||||
|
|
||||||
Allowed:
|
|
||||||
|
|
||||||
- `CI`
|
|
||||||
- `PYTHONWARNINGS`
|
|
||||||
- `PHASE1B_AGENT_ROUTING_ENABLED`
|
|
||||||
- broker token in user config
|
|
||||||
- direct `HCLOUD_TOKEN` or `HETZNER_TOKEN` in local operator env
|
|
||||||
- GitHub environment secrets named `HCLOUD_TOKEN` or `HETZNER_TOKEN` for an explicitly dispatched remote proof workflow
|
|
||||||
|
|
||||||
Not allowed:
|
|
||||||
|
|
||||||
- production GitHub admin token
|
|
||||||
- production Forgejo token
|
|
||||||
- production OpenRouter key
|
|
||||||
- production SSH keys
|
|
||||||
- Bitwarden exports
|
|
||||||
- prod `pipeline.db`
|
|
||||||
|
|
||||||
Bitwarden may be used as the human/operator source of truth for secret lookup and GitHub secret setup, but no Bitwarden item value, vault export, or copied secret belongs in this repo. The committed config may name required secret slots; it must not contain the values.
|
|
||||||
|
|
||||||
## Proof Boundary
|
|
||||||
|
|
||||||
Crabbox remote proof proves repo behavior on a remote Linux lease. It does not prove production parity unless the lease recreates the production runtime paths, systemd services, timers, DB path, and deploy script behavior.
|
|
||||||
|
|
@ -1,284 +0,0 @@
|
||||||
# GCP CI/CD and Redundancy Hardening
|
|
||||||
|
|
||||||
This records the current GCP hardening contract for `teleo-501523`.
|
|
||||||
|
|
||||||
## Current-State Rule
|
|
||||||
|
|
||||||
The latest retained `gcp-readiness` artifact is authoritative for what is live
|
|
||||||
right now. The resource lists below define the target runtime contract and the
|
|
||||||
checks this lane enforces; do not treat them as current production proof unless
|
|
||||||
the current readiness run passes.
|
|
||||||
|
|
||||||
## Target Runtime Contract
|
|
||||||
|
|
||||||
- Artifact Registry Docker repositories exist in `europe-west6`:
|
|
||||||
- `teleo`
|
|
||||||
- `livingip-web`
|
|
||||||
- Both repositories use immutable tags and active vulnerability scanning.
|
|
||||||
- `cloudbuild.gcp-staging.yaml` builds the staging Teleo image, runs the image smoke test, then pushes to Artifact Registry.
|
|
||||||
- Cloud Build runs as the dedicated service account:
|
|
||||||
- `sa-teleo-cloudbuild@teleo-501523.iam.gserviceaccount.com`
|
|
||||||
- The dedicated Cloud Build account has only the roles required for the current build/publish path:
|
|
||||||
- `roles/artifactregistry.writer`
|
|
||||||
- `roles/logging.logWriter`
|
|
||||||
- `roles/storage.objectViewer`
|
|
||||||
- GitHub Actions can publish Artifact Registry images through Workload Identity Federation:
|
|
||||||
- workflow: `.github/workflows/gcp-artifact.yml`
|
|
||||||
- provider: `projects/785938879453/locations/global/workloadIdentityPools/github-actions/providers/living-ip-github`
|
|
||||||
- service account: `sa-artifact-builder@teleo-501523.iam.gserviceaccount.com`
|
|
||||||
- repository scope: `living-ip/teleo-infrastructure`
|
|
||||||
- Backup buckets are versioned and use uniform bucket-level access:
|
|
||||||
- `gs://teleo-501523-prod-backups`
|
|
||||||
- `gs://teleo-501523-leoclean-backups`
|
|
||||||
- VM boot disks have a daily 7-day snapshot policy:
|
|
||||||
- `teleo-prod-1`
|
|
||||||
- `teleo-staging-1`
|
|
||||||
- Cloud SQL standby target exists for KB restore/replication drills:
|
|
||||||
- instance: `teleo-pgvector-standby`
|
|
||||||
- database: `teleo_kb`
|
|
||||||
- version: `POSTGRES_16`
|
|
||||||
- private IP only on `teleo-staging-net`
|
|
||||||
- encrypted-only SQL connections
|
|
||||||
- automated backups and point-in-time recovery enabled
|
|
||||||
- deletion protection enabled
|
|
||||||
- Source-side Teleo DB/KB export canary exists:
|
|
||||||
- script: `ops/backup_vps_sqlite_kb.sh`
|
|
||||||
- source DB: `/opt/teleo-eval/pipeline/pipeline.db`
|
|
||||||
- source Leo/KB files: `workspaces/*/agents/leo` plus `agent-state`
|
|
||||||
- excludes secrets and logs
|
|
||||||
- Local SQLite-to-Postgres restore canary exists:
|
|
||||||
- scripts: `ops/sqlite_to_postgres_dump.py` and `ops/run_sqlite_postgres_restore_canary.sh`
|
|
||||||
- target: disposable local `postgres:16-alpine` shadow schema
|
|
||||||
- verifies source SQLite integrity and per-table source/target row-count parity
|
|
||||||
|
|
||||||
## How To Build
|
|
||||||
|
|
||||||
Automatic Artifact Registry publishing runs on pushes to `main` through GitHub Actions. To run the same lane manually from GitHub:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
gh workflow run gcp-artifact.yml --repo living-ip/teleo-infrastructure --ref main
|
|
||||||
```
|
|
||||||
|
|
||||||
The workflow authenticates to GCP with Workload Identity Federation, builds `Dockerfile.gcp-staging`, runs the image smoke test, pushes the image, and uploads `gcp-artifact-image.txt` as a run artifact.
|
|
||||||
|
|
||||||
For a read-only GCP posture probe through the same Workload Identity path:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
gh workflow run gcp-readiness.yml --repo living-ip/teleo-infrastructure --ref main
|
|
||||||
```
|
|
||||||
|
|
||||||
This workflow runs `ops/check_gcp_infra_readiness.py` from GitHub Actions and
|
|
||||||
uploads stdout, stderr, exit code, and a summary as the `gcp-readiness` artifact.
|
|
||||||
It is intentionally non-mutating and defaults to
|
|
||||||
`sa-teleo-readiness@teleo-501523.iam.gserviceaccount.com`.
|
|
||||||
|
|
||||||
If you need to test a specific service account during IAM repair, pass it
|
|
||||||
explicitly:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
gh workflow run gcp-readiness.yml \
|
|
||||||
--repo living-ip/teleo-infrastructure \
|
|
||||||
--ref main \
|
|
||||||
-f service_account=sa-teleo-readiness@teleo-501523.iam.gserviceaccount.com
|
|
||||||
```
|
|
||||||
|
|
||||||
If you also want GitHub readiness to include a local SQLite-to-Postgres restore
|
|
||||||
canary proof without uploading private backup paths or generated SQL, pass a
|
|
||||||
redacted capsule:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
python3 ops/redact_sqlite_postgres_restore_canary.py \
|
|
||||||
--proof outputs/gcp-infra-hardening-20260707/proofs/sqlite-postgres-restore-canary-<timestamp>.json \
|
|
||||||
--output outputs/gcp-infra-hardening-20260707/proofs/sqlite-postgres-restore-canary-capsule-<timestamp>.json
|
|
||||||
|
|
||||||
CAPSULE_B64="$(base64 < outputs/gcp-infra-hardening-20260707/proofs/sqlite-postgres-restore-canary-capsule-<timestamp>.json | tr -d '\n')"
|
|
||||||
gh workflow run gcp-readiness.yml \
|
|
||||||
--repo living-ip/teleo-infrastructure \
|
|
||||||
--ref main \
|
|
||||||
-f restore_canary_capsule_b64="${CAPSULE_B64}"
|
|
||||||
```
|
|
||||||
|
|
||||||
This only upgrades the local restore-preflight row. It is not GCP DB redundancy
|
|
||||||
until the Cloud SQL import and target-count readback also pass.
|
|
||||||
|
|
||||||
For a local/manual Cloud Build proof:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
REVISION="$(git rev-parse HEAD)"
|
|
||||||
TAG="$(git rev-parse --short=7 HEAD)-manual-$(date -u +%Y%m%d-%H%M%S)"
|
|
||||||
|
|
||||||
gcloud builds submit \
|
|
||||||
--project=teleo-501523 \
|
|
||||||
--config=cloudbuild.gcp-staging.yaml \
|
|
||||||
--substitutions="_TAG=${TAG},_REVISION=${REVISION}"
|
|
||||||
```
|
|
||||||
|
|
||||||
Expected result:
|
|
||||||
|
|
||||||
- `build-staging-image` succeeds.
|
|
||||||
- `smoke-test-image-before-push` succeeds.
|
|
||||||
- A Docker image is pushed to:
|
|
||||||
`europe-west6-docker.pkg.dev/teleo-501523/teleo/teleo-pipeline-gcp-staging:${TAG}`
|
|
||||||
|
|
||||||
## How To Check Readiness
|
|
||||||
|
|
||||||
Run from the repository root:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
python3 ops/check_gcp_infra_readiness.py
|
|
||||||
```
|
|
||||||
|
|
||||||
The check is read-only and prints no secret values. It verifies:
|
|
||||||
|
|
||||||
- Artifact Registry immutability and vulnerability scanning.
|
|
||||||
- Cloud Build config contract.
|
|
||||||
- Dedicated Cloud Build service account and roles.
|
|
||||||
- GitHub Actions WIF Artifact Registry publishing contract.
|
|
||||||
- Network ingress posture:
|
|
||||||
- no enabled broad SSH/RDP ingress;
|
|
||||||
- Teleo SSH rules are scoped to `/32` source ranges and target tags.
|
|
||||||
- Runtime service-account posture for the prod/staging VMs.
|
|
||||||
- Compute disk snapshot policy attachment.
|
|
||||||
- Backup bucket versioning and uniform access.
|
|
||||||
- Cloud SQL standby target posture.
|
|
||||||
- Source SQLite/KB backup/export repeatability.
|
|
||||||
- Whether an approved source KB/Postgres dump or replication credential exists.
|
|
||||||
- Whether source data has actually been restored or replicated into GCP and queried.
|
|
||||||
- Whether the GitHub WIF readiness workflow exists for non-local readback.
|
|
||||||
|
|
||||||
## Current Boundaries
|
|
||||||
|
|
||||||
The GCP Docker build/publish path is live through manual Cloud Build and GitHub Actions Workload Identity Federation. Native Cloud Build GitHub triggers are not configured because this project currently has no Cloud Build repository connection.
|
|
||||||
|
|
||||||
Database redundancy is not complete. The current project now has a GCP Cloud SQL/Postgres standby target, backup buckets, VM disk snapshots, and a repeatable source SQLite/KB export script. It does not yet have source-data restore or replication into GCP. Do not claim DB parity until one of these is true:
|
|
||||||
|
|
||||||
- the existing canonical KB database is replicated into GCP and read back; or
|
|
||||||
- GCP Cloud SQL/Postgres becomes the canonical database and production services read/write it; or
|
|
||||||
- an explicitly approved standby restore drill proves that a GCP database can be restored and queried from the retained backups.
|
|
||||||
|
|
||||||
Do not call the empty `teleo-pgvector-standby` instance redundancy by itself. It only counts after source data, restore/replication, access controls, and query readback are proven.
|
|
||||||
|
|
||||||
The local restore canary narrows the remaining gap: the source SQLite backup can
|
|
||||||
be converted and restored into PostgreSQL with table/row-count parity, but the
|
|
||||||
same import still needs to run against the GCP Cloud SQL standby through an
|
|
||||||
approved GCP auth and network path.
|
|
||||||
|
|
||||||
After Cloud SQL import, use the generated `target-counts.sql` and verify it with:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
python3 ops/verify_gcp_cloudsql_restore_readback.py \
|
|
||||||
--drill-proof outputs/gcp-infra-hardening-20260707/proofs/gcp-cloudsql-restore-drill-<timestamp>.json \
|
|
||||||
--target-counts-csv outputs/gcp-infra-hardening-20260707/proofs/gcp-cloudsql-target-counts-<timestamp>.csv \
|
|
||||||
--output outputs/gcp-infra-hardening-20260707/proofs/gcp-cloudsql-restore-readback-verification-<timestamp>.json
|
|
||||||
```
|
|
||||||
|
|
||||||
The verifier must return `status = pass` before claiming row-count parity in GCP.
|
|
||||||
|
|
||||||
## IAM Split Plan
|
|
||||||
|
|
||||||
Do not make `sa-artifact-builder@teleo-501523.iam.gserviceaccount.com` the broad
|
|
||||||
infra account. Keep it scoped to Docker image publishing.
|
|
||||||
|
|
||||||
Use the generated plan for the next privilege boundary:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
python3 ops/plan_gcp_iam_split.py --format json
|
|
||||||
python3 ops/plan_gcp_iam_split.py --format shell
|
|
||||||
```
|
|
||||||
|
|
||||||
For an idempotent retained apply attempt, use:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
python3 ops/apply_gcp_iam_split.py \
|
|
||||||
--output outputs/gcp-infra-hardening-20260707/proofs/gcp-iam-split-apply-dry-run.json
|
|
||||||
|
|
||||||
python3 ops/apply_gcp_iam_split.py \
|
|
||||||
--execute \
|
|
||||||
--output outputs/gcp-infra-hardening-20260707/proofs/gcp-iam-split-apply-execute.json
|
|
||||||
```
|
|
||||||
|
|
||||||
The first command is dry-run only. The second command mutates IAM and must run
|
|
||||||
from an authenticated GCP admin shell. It is safe to re-run: existing service
|
|
||||||
accounts are skipped, and IAM binding commands are additive/idempotent.
|
|
||||||
|
|
||||||
The plan creates two separate accounts:
|
|
||||||
|
|
||||||
- `sa-teleo-readiness@teleo-501523.iam.gserviceaccount.com`
|
|
||||||
- GitHub WIF account for read-only readiness checks.
|
|
||||||
- Needs read-only roles for Artifact Registry, IAM/service-account/WIF
|
|
||||||
metadata, Compute/network posture, Cloud SQL metadata, backup buckets, and
|
|
||||||
Secret Manager metadata.
|
|
||||||
- `sa-teleo-restore-drill@teleo-501523.iam.gserviceaccount.com`
|
|
||||||
- Operator account for explicit Cloud SQL restore drills.
|
|
||||||
- Needs Cloud SQL edit rights for the import operation and object-admin access
|
|
||||||
to the restore bucket path.
|
|
||||||
|
|
||||||
Cloud SQL imports also require the Cloud SQL instance service account to read the
|
|
||||||
GCS object. The plan includes a command that discovers that instance service
|
|
||||||
account and grants it `roles/storage.objectAdmin` on
|
|
||||||
`gs://teleo-501523-prod-backups`.
|
|
||||||
|
|
||||||
This plan is not itself a completed redundancy proof. DB redundancy is complete
|
|
||||||
only after the restore drill imports source data into Cloud SQL and the retained
|
|
||||||
`target-counts.sql` readback matches the source/local restore proof.
|
|
||||||
|
|
||||||
## Runtime Baseline Runner
|
|
||||||
|
|
||||||
Do not create or repair the GCP runtime baseline manually in the console if an
|
|
||||||
audited runner can do it. The runtime baseline runner is dry-run by default:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
python3 ops/apply_gcp_runtime_baseline.py \
|
|
||||||
--admin-ssh-cidr <operator-ip>/32 \
|
|
||||||
--output outputs/gcp-infra-hardening-20260707/proofs/gcp-runtime-baseline-dry-run.json
|
|
||||||
```
|
|
||||||
|
|
||||||
The dry-run proof records the exact service accounts, network, firewall, VM,
|
|
||||||
snapshot, backup bucket, secret, and Cloud SQL operations needed for the
|
|
||||||
readiness checker. It does not prove that those resources exist.
|
|
||||||
|
|
||||||
To apply after an authenticated GCP admin session is available:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
export TELEO_CLOUDSQL_POSTGRES_PASSWORD='<store locally; do not commit or print>'
|
|
||||||
python3 ops/apply_gcp_runtime_baseline.py \
|
|
||||||
--execute \
|
|
||||||
--admin-ssh-cidr <operator-ip>/32 \
|
|
||||||
--output outputs/gcp-infra-hardening-20260707/proofs/gcp-runtime-baseline-execute.json
|
|
||||||
```
|
|
||||||
|
|
||||||
`--execute` refuses to run without a single trusted IPv4 `/32` SSH CIDR. The
|
|
||||||
Cloud SQL password is passed through the environment and redacted from retained
|
|
||||||
operation commands. After execute mode succeeds, rerun `gcp-readiness.yml` with
|
|
||||||
the dedicated readiness service account and then run the Cloud SQL restore
|
|
||||||
drill/readback verifier before claiming database redundancy.
|
|
||||||
|
|
||||||
## Communication Posture
|
|
||||||
|
|
||||||
The service-to-service communication contract is declared in:
|
|
||||||
|
|
||||||
- `config/gcp-service-communications.json`
|
|
||||||
|
|
||||||
Validate it locally or in CI with:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
python3 ops/check_gcp_service_communications.py \
|
|
||||||
--contract config/gcp-service-communications.json \
|
|
||||||
--output outputs/gcp-infra-hardening-20260707/proofs/gcp-service-communications-check.json
|
|
||||||
```
|
|
||||||
|
|
||||||
The contract currently requires:
|
|
||||||
|
|
||||||
- GitHub Actions artifact publishing only through `sa-artifact-builder`.
|
|
||||||
- GitHub Actions readiness only through `sa-teleo-readiness`.
|
|
||||||
- emergency SSH only from one operator IPv4 `/32` to Teleo target tags.
|
|
||||||
- VM image pulls over Private Google Access.
|
|
||||||
- Cloud SQL only on private VPC paths with encrypted-only PostgreSQL.
|
|
||||||
- Cloud SQL imports only from the versioned backup bucket through approved
|
|
||||||
service accounts.
|
|
||||||
- no broad SSH/RDP, no public database IP, no default Compute Engine service
|
|
||||||
accounts, and no raw secret values in the contract.
|
|
||||||
|
|
||||||
This is still a contract until GCP readiness passes. Live proof requires the
|
|
||||||
current `gcp-readiness` artifact to show the matching firewall, VM service
|
|
||||||
accounts, bucket, and Cloud SQL checks passing.
|
|
||||||
|
|
@ -1,224 +0,0 @@
|
||||||
# KB Restore / Replication Runbook
|
|
||||||
|
|
||||||
This runbook is for proving Living IP KB/database redundancy on GCP.
|
|
||||||
|
|
||||||
Current source reality:
|
|
||||||
|
|
||||||
- canonical runtime DB: `/opt/teleo-eval/pipeline/pipeline.db`
|
|
||||||
- engine: SQLite WAL
|
|
||||||
- canonical Leo files:
|
|
||||||
- `/opt/teleo-eval/workspaces/main/agents/leo`
|
|
||||||
- `/opt/teleo-eval/workspaces/research-leo/agents/leo`
|
|
||||||
- `/opt/teleo-eval/agent-state`
|
|
||||||
|
|
||||||
The standby target already exists:
|
|
||||||
|
|
||||||
- project: `teleo-501523`
|
|
||||||
- instance: `teleo-pgvector-standby`
|
|
||||||
- database: `teleo_kb`
|
|
||||||
- region: `europe-west6`
|
|
||||||
- network: `teleo-staging-net`
|
|
||||||
- private IP: `10.61.0.3`
|
|
||||||
- admin password secret: `gcp-teleo-pgvector-standby-postgres-password`
|
|
||||||
|
|
||||||
Do not call this redundancy complete until source data has been restored or replicated and queried from GCP.
|
|
||||||
|
|
||||||
## Source Backup Canary
|
|
||||||
|
|
||||||
Create a consistent source backup without stopping the VPS service:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
ops/backup_vps_sqlite_kb.sh
|
|
||||||
```
|
|
||||||
|
|
||||||
The script:
|
|
||||||
|
|
||||||
- uses SQLite `.backup` against `/opt/teleo-eval/pipeline/pipeline.db`;
|
|
||||||
- compresses and hashes the backup on the VPS;
|
|
||||||
- archives Leo/KB files while excluding `secrets` and logs;
|
|
||||||
- copies both artifacts locally;
|
|
||||||
- verifies SHA-256 matches;
|
|
||||||
- runs `PRAGMA integrity_check` on a local restored SQLite copy;
|
|
||||||
- records proof under `outputs/gcp-infra-hardening-20260707/proofs/`.
|
|
||||||
|
|
||||||
This proves source exportability and local restore integrity. It does not prove GCP DB redundancy until a GCP restore/import/query canary also passes.
|
|
||||||
|
|
||||||
## Local SQLite-To-Postgres Restore Canary
|
|
||||||
|
|
||||||
Before importing into Cloud SQL, prove that the current SQLite backup can be
|
|
||||||
converted and restored into PostgreSQL without row loss:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
SQLITE_BACKUP=./outputs/gcp-infra-hardening-20260707/private-backups/teleo-pipeline-sqlite-<timestamp>.db.gz \
|
|
||||||
ops/run_sqlite_postgres_restore_canary.sh
|
|
||||||
```
|
|
||||||
|
|
||||||
The canary:
|
|
||||||
|
|
||||||
- generates a PostgreSQL import script with `ops/sqlite_to_postgres_dump.py`;
|
|
||||||
- recreates a shadow schema in a disposable `postgres:16-alpine` container;
|
|
||||||
- imports all user tables from the SQLite backup;
|
|
||||||
- compares source and target row counts for every table;
|
|
||||||
- writes a proof JSON under `outputs/gcp-infra-hardening-20260707/proofs/`;
|
|
||||||
- removes only its temporary canary container.
|
|
||||||
|
|
||||||
This is a local restore/parity proof, not GCP redundancy by itself. It is the
|
|
||||||
preflight that should pass before the same generated import is applied through
|
|
||||||
the approved Cloud SQL connector/VPC path.
|
|
||||||
|
|
||||||
To pass this local preflight into a clean GitHub readiness run without uploading
|
|
||||||
private backup paths, generated SQL, or target-count CSVs, create a redacted
|
|
||||||
capsule from the proof:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
python3 ops/redact_sqlite_postgres_restore_canary.py \
|
|
||||||
--proof outputs/gcp-infra-hardening-20260707/proofs/sqlite-postgres-restore-canary-<timestamp>.json \
|
|
||||||
--output outputs/gcp-infra-hardening-20260707/proofs/sqlite-postgres-restore-canary-capsule-<timestamp>.json
|
|
||||||
```
|
|
||||||
|
|
||||||
The capsule keeps only non-secret evidence: proof hash, backup hash, source and
|
|
||||||
target table/row counts, conversion notes/stats, and the redacted-field list.
|
|
||||||
It does not prove that Cloud SQL imported the data; it only proves the local
|
|
||||||
SQLite-to-Postgres parity preflight.
|
|
||||||
|
|
||||||
To include the capsule in GitHub readiness:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
CAPSULE_B64="$(base64 < outputs/gcp-infra-hardening-20260707/proofs/sqlite-postgres-restore-canary-capsule-<timestamp>.json | tr -d '\n')"
|
|
||||||
gh workflow run gcp-readiness.yml \
|
|
||||||
--repo living-ip/teleo-infrastructure \
|
|
||||||
--ref main \
|
|
||||||
-f restore_canary_capsule_b64="${CAPSULE_B64}"
|
|
||||||
```
|
|
||||||
|
|
||||||
## Cloud SQL Restore Drill Runner
|
|
||||||
|
|
||||||
Prepare the exact GCS import and Cloud SQL import operation without mutating GCP:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
SQLITE_BACKUP=./outputs/gcp-infra-hardening-20260707/private-backups/teleo-pipeline-sqlite-<timestamp>.db.gz \
|
|
||||||
ops/run_gcp_cloudsql_restore_drill.sh
|
|
||||||
```
|
|
||||||
|
|
||||||
Execute it only from an authenticated operator environment that can write the
|
|
||||||
versioned backup bucket and administer the standby Cloud SQL instance:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
EXECUTE=1 \
|
|
||||||
SQLITE_BACKUP=./outputs/gcp-infra-hardening-20260707/private-backups/teleo-pipeline-sqlite-<timestamp>.db.gz \
|
|
||||||
ops/run_gcp_cloudsql_restore_drill.sh
|
|
||||||
```
|
|
||||||
|
|
||||||
The runner:
|
|
||||||
|
|
||||||
- regenerates the explicit PostgreSQL import script;
|
|
||||||
- targets the shadow schema `teleo_restore` inside `teleo_kb`;
|
|
||||||
- uploads the import script to `gs://teleo-501523-prod-backups/kb-dumps/cloudsql-restore-drills/...` when `EXECUTE=1`;
|
|
||||||
- starts and waits for `gcloud sql import sql`;
|
|
||||||
- writes `target-counts.sql` for the required trusted VPC/Cloud SQL connector query readback.
|
|
||||||
|
|
||||||
The import operation alone is still not the final proof. The final proof needs
|
|
||||||
`target-counts.sql` run against `teleo-pgvector-standby` and compared to the
|
|
||||||
source counts in the drill proof.
|
|
||||||
|
|
||||||
After the import operation is `DONE`, run the generated count query from a
|
|
||||||
trusted VPC runtime or Cloud SQL connector path and retain CSV output:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
psql "$TELEO_CLOUDSQL_DATABASE_URL" \
|
|
||||||
--csv \
|
|
||||||
-f outputs/gcp-infra-hardening-20260707/private-cloudsql-restore-drills/gcp-cloudsql-restore-drill-<timestamp>/target-counts.sql \
|
|
||||||
> outputs/gcp-infra-hardening-20260707/proofs/gcp-cloudsql-target-counts-<timestamp>.csv
|
|
||||||
```
|
|
||||||
|
|
||||||
Then compare the Cloud SQL readback to the source proof:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
python3 ops/verify_gcp_cloudsql_restore_readback.py \
|
|
||||||
--drill-proof outputs/gcp-infra-hardening-20260707/proofs/gcp-cloudsql-restore-drill-<timestamp>.json \
|
|
||||||
--target-counts-csv outputs/gcp-infra-hardening-20260707/proofs/gcp-cloudsql-target-counts-<timestamp>.csv \
|
|
||||||
--output outputs/gcp-infra-hardening-20260707/proofs/gcp-cloudsql-restore-readback-verification-<timestamp>.json
|
|
||||||
```
|
|
||||||
|
|
||||||
Only a `status = pass` verifier output is enough for row-count parity. It still
|
|
||||||
does not prove application cutover or continuous replication.
|
|
||||||
|
|
||||||
## Required Proof
|
|
||||||
|
|
||||||
A successful restore or replication canary must retain:
|
|
||||||
|
|
||||||
- source dataset identity:
|
|
||||||
- source host or dump artifact;
|
|
||||||
- dump timestamp or replication slot timestamp;
|
|
||||||
- source schema/database name.
|
|
||||||
- transfer proof:
|
|
||||||
- dump object path in a versioned bucket, or logical replication subscription details;
|
|
||||||
- row/table counts before import where available.
|
|
||||||
- target proof:
|
|
||||||
- `teleo-pgvector-standby` readback;
|
|
||||||
- `teleo_kb` database readback;
|
|
||||||
- extension readback for `vector` if the restored schema needs pgvector;
|
|
||||||
- representative query readback for core KB tables.
|
|
||||||
- failure boundary:
|
|
||||||
- exact missing secret, source access, schema incompatibility, extension issue, or import error.
|
|
||||||
|
|
||||||
## One-Shot SQLite Export / GCP Restore Path
|
|
||||||
|
|
||||||
Use this while the canonical DB remains SQLite on the VPS and we need a GCP restore drill.
|
|
||||||
|
|
||||||
1. Run `ops/backup_vps_sqlite_kb.sh`.
|
|
||||||
2. Upload the resulting SQLite backup and Leo/KB tarball to a versioned GCS bucket such as `gs://teleo-501523-prod-backups/kb-dumps/`.
|
|
||||||
3. Run the local SQLite-to-Postgres restore canary above and retain its proof.
|
|
||||||
4. Run `ops/run_gcp_cloudsql_restore_drill.sh` in dry-run mode to generate the GCS import plan.
|
|
||||||
5. Run `EXECUTE=1 ops/run_gcp_cloudsql_restore_drill.sh` from an authenticated operator environment to upload and import the generated SQL. Do not run blind string rewrites against the SQLite dump.
|
|
||||||
6. Install required extensions on Cloud SQL:
|
|
||||||
|
|
||||||
```sql
|
|
||||||
create extension if not exists vector;
|
|
||||||
```
|
|
||||||
|
|
||||||
7. From a trusted VPC runtime or Cloud SQL connector path, run readbacks:
|
|
||||||
|
|
||||||
```sql
|
|
||||||
select current_database();
|
|
||||||
select extname, extversion from pg_extension where extname = 'vector';
|
|
||||||
select schemaname, tablename from pg_tables where schemaname not in ('pg_catalog', 'information_schema') order by 1, 2 limit 50;
|
|
||||||
```
|
|
||||||
|
|
||||||
8. Retain the SQLite backup hash, GCS object generation, import/conversion operation, query output, and row-count sample.
|
|
||||||
9. Run `ops/verify_gcp_cloudsql_restore_readback.py` and retain a passing parity proof.
|
|
||||||
|
|
||||||
## Logical Replication Path
|
|
||||||
|
|
||||||
Use this only if the canonical source becomes Postgres or a Postgres mirror exists. SQLite cannot be logically replicated into Cloud SQL Postgres without an intermediate conversion/sync layer.
|
|
||||||
|
|
||||||
Required source privileges:
|
|
||||||
|
|
||||||
- replication-capable source user;
|
|
||||||
- publication over the intended schemas/tables;
|
|
||||||
- network path from GCP to source, or source-to-GCP path through an approved proxy/tunnel.
|
|
||||||
|
|
||||||
Required target steps:
|
|
||||||
|
|
||||||
```sql
|
|
||||||
create extension if not exists vector;
|
|
||||||
create subscription <subscription_name>
|
|
||||||
connection '<redacted source connection string>'
|
|
||||||
publication <publication_name>;
|
|
||||||
```
|
|
||||||
|
|
||||||
Retain only redacted connection metadata. Do not commit or paste credentials.
|
|
||||||
|
|
||||||
## Current Blocker
|
|
||||||
|
|
||||||
As of this run, GCP has the standby target, a repeatable SQLite/KB export script,
|
|
||||||
and a local SQLite-to-Postgres restore canary. It does not have an approved GCP
|
|
||||||
upload/restore credential in the current local session, nor a retained Cloud SQL
|
|
||||||
import/query proof. That is why the readiness checker still reports:
|
|
||||||
|
|
||||||
- `kb_source_restore_access = blocked`
|
|
||||||
- `kb_restore_or_replication = blocked`
|
|
||||||
|
|
||||||
The next real canary is:
|
|
||||||
|
|
||||||
source SQLite/KB backup -> upload to versioned GCS bucket -> convert/import into `teleo_kb` -> install/verify `vector` if needed -> run representative KB queries on GCP -> retain proof.
|
|
||||||
|
|
@ -1,236 +0,0 @@
|
||||||
# LLM Refinement And Decision Engine Program
|
|
||||||
|
|
||||||
Created: 2026-06-01
|
|
||||||
Status: active direction
|
|
||||||
|
|
||||||
## Product Outcome
|
|
||||||
|
|
||||||
The decision engine should become the best judgment layer for Living IP: it routes knowledge changes to the right agent identities, tests competing LLMs against the same rubric, learns from disagreement, and improves prompts/tools only when measured deltas prove the change.
|
|
||||||
|
|
||||||
Pentagon.run should own disposable infrastructure and remote execution. This repo should own decision quality: rubrics, prompts, model selection, route evidence, database feedback loops, and agent tool packages.
|
|
||||||
|
|
||||||
## What Rio And Theseus Become
|
|
||||||
|
|
||||||
### Rio
|
|
||||||
|
|
||||||
Rio becomes the economic and incentive-quality evaluator.
|
|
||||||
|
|
||||||
Rio owns:
|
|
||||||
|
|
||||||
- contribution weights and role economics;
|
|
||||||
- paid-query effects and anti-pay-to-pollute rules;
|
|
||||||
- market, mechanism, futarchy, x402, token, and capital-formation reasoning;
|
|
||||||
- source-diversity and correlated-prior warnings;
|
|
||||||
- OPSEC for finance, deal terms, token economics, and internal allocations;
|
|
||||||
- model tests that expose weak economic reasoning.
|
|
||||||
|
|
||||||
Rio should not be "the crypto agent". Rio should be the agent that asks whether the system's incentives create useful knowledge or garbage incentives.
|
|
||||||
|
|
||||||
### Theseus
|
|
||||||
|
|
||||||
Theseus becomes the model-integrity and agent-refinement evaluator.
|
|
||||||
|
|
||||||
Theseus owns:
|
|
||||||
|
|
||||||
- model diversity and correlated-blind-spot measurement;
|
|
||||||
- adversarial eval rubrics;
|
|
||||||
- prompt/tool safety and self-upgrade criteria;
|
|
||||||
- disagreement queues and verifier-divergence analysis;
|
|
||||||
- LLM capability evidence and agent-system architecture;
|
|
||||||
- tests that expose hallucinated certainty, weak causal claims, and prompt-injection fragility.
|
|
||||||
|
|
||||||
Theseus should not be "the AI safety agent". Theseus should be the agent that asks whether the decision system can be trusted when the models are persuasive but wrong.
|
|
||||||
|
|
||||||
## Decision Engine Loop
|
|
||||||
|
|
||||||
```mermaid
|
|
||||||
flowchart TD
|
|
||||||
PR["Decision-engine PR or source record"] --> Route["Deterministic route evidence"]
|
|
||||||
Route --> Reviewers["Required agent reviewers"]
|
|
||||||
Reviewers --> Rubric["Shared rubric"]
|
|
||||||
Rubric --> ModelA["Primary model"]
|
|
||||||
Rubric --> ModelB["Independent model family"]
|
|
||||||
ModelA --> Verdicts["Structured verdicts"]
|
|
||||||
ModelB --> Verdicts
|
|
||||||
Verdicts --> Disagree{"Disagreement?"}
|
|
||||||
Disagree -->|yes| Queue["Disagreement queue"]
|
|
||||||
Disagree -->|no| Metrics["Calibration metrics"]
|
|
||||||
Queue --> HumanOrLeo["Leo or human arbitration"]
|
|
||||||
HumanOrLeo --> Metrics
|
|
||||||
Metrics --> DB["SQLite feedback state"]
|
|
||||||
DB --> Refine["Prompt, tool, or model proposal"]
|
|
||||||
Refine --> Delta["Before/after eval harness"]
|
|
||||||
Delta -->|passes| Update["Commit refinement"]
|
|
||||||
Delta -->|fails| Archive["Archive failed refinement"]
|
|
||||||
```
|
|
||||||
|
|
||||||
## Model Portfolio
|
|
||||||
|
|
||||||
The goal is not to pick one favorite model. The goal is to assign models to failure modes.
|
|
||||||
|
|
||||||
| Lane | Primary evaluator | Independent check | Why |
|
|
||||||
| --- | --- | --- | --- |
|
|
||||||
| Fast triage | cheap small model | deterministic route evidence | triage should be cheap and overridable |
|
|
||||||
| Domain review | routed agent prompt | different model family | catch domain-specific errors without same-family agreement bias |
|
|
||||||
| Deep review | strongest available reasoning model | non-Claude or non-primary family | deep review is for structural claims and disagreement |
|
|
||||||
| Economic reasoning | Rio rubric | model with strong quantitative/mechanism reasoning | tests incentive design, paid-query effects, and contribution weights |
|
|
||||||
| Agent/refinement safety | Theseus rubric | model with strong adversarial critique | tests tool safety, self-upgrades, and evaluator drift |
|
|
||||||
|
|
||||||
Candidate models should enter only through a harness:
|
|
||||||
|
|
||||||
1. fixed input set;
|
|
||||||
2. fixed rubric;
|
|
||||||
3. structured verdict JSON;
|
|
||||||
4. cost and latency recorded;
|
|
||||||
5. disagreement categories stored;
|
|
||||||
6. before/after comparison against current baseline.
|
|
||||||
|
|
||||||
No model switch is accepted because it "sounds better" on one example.
|
|
||||||
|
|
||||||
## Refinement Workstreams
|
|
||||||
|
|
||||||
### R0: Model Discovery Registry
|
|
||||||
|
|
||||||
Create a registry before arguing about model preference. The registry should track:
|
|
||||||
|
|
||||||
- hosted frontier models;
|
|
||||||
- open-weight Hugging Face candidates;
|
|
||||||
- local or edge candidates;
|
|
||||||
- small, cheap triage models;
|
|
||||||
- larger reasoning models, including future in-house or 27B-class candidates;
|
|
||||||
- license, hardware, context, latency, cost, tool support, and known failure modes.
|
|
||||||
|
|
||||||
The registry does not bless a model. It decides which model deserves a bakeoff fixture.
|
|
||||||
|
|
||||||
### R1: Rubric Packets
|
|
||||||
|
|
||||||
Create a small rubric packet for each evaluator role:
|
|
||||||
|
|
||||||
- `rio-economics-rubric`
|
|
||||||
- `theseus-model-integrity-rubric`
|
|
||||||
- `leo-cross-domain-rubric`
|
|
||||||
- domain-specific factuality rubrics
|
|
||||||
|
|
||||||
Each packet must define allowed verdicts, rejection tags, must-check criteria, and examples of false positives.
|
|
||||||
|
|
||||||
### R2: Evaluation Corpus
|
|
||||||
|
|
||||||
Build a replayable corpus from existing PRs:
|
|
||||||
|
|
||||||
- approved clean PRs;
|
|
||||||
- rejected PRs by issue tag;
|
|
||||||
- Rio/Theseus cross-domain PRs;
|
|
||||||
- paid-query or contribution-weight examples;
|
|
||||||
- adversarial malformed claims;
|
|
||||||
- near-duplicate and OPSEC edge cases.
|
|
||||||
|
|
||||||
Use local fixture data first. Production DB sampling requires the DB operator skill.
|
|
||||||
|
|
||||||
### R3: Model Bakeoff
|
|
||||||
|
|
||||||
Run each candidate model against the same corpus and emit:
|
|
||||||
|
|
||||||
- accuracy against expected disposition;
|
|
||||||
- false-approve count;
|
|
||||||
- false-reject count;
|
|
||||||
- issue-tag precision;
|
|
||||||
- average latency;
|
|
||||||
- estimated cost;
|
|
||||||
- disagreement matrix by model pair.
|
|
||||||
|
|
||||||
The highest-signal metric is not raw approval rate. It is false approvals on bad claims plus useful disagreement on ambiguous claims.
|
|
||||||
|
|
||||||
### R4: Feedback Loop
|
|
||||||
|
|
||||||
Use `review_records`, `audit_log`, `costs`, and PR state to find:
|
|
||||||
|
|
||||||
- recurring model failure categories;
|
|
||||||
- agents with repeated same-tag rejections;
|
|
||||||
- prompts that produce vague reviews;
|
|
||||||
- cost spikes without quality gain;
|
|
||||||
- routes that keep requiring manual override.
|
|
||||||
|
|
||||||
Every prompt/tool change should include a before/after proof over this loop.
|
|
||||||
|
|
||||||
### R5: Agent Runtime Packages
|
|
||||||
|
|
||||||
Package the same decision-engine contract for:
|
|
||||||
|
|
||||||
- NousResearch Hermes Agent: skill/memory/model-switching oriented.
|
|
||||||
- OpenClaw: workspace skill plus `AGENTS.md`, `SOUL.md`, `TOOLS.md` oriented.
|
|
||||||
- Claude-style, Pentagon, or other persistent agents: skill-oriented knowledge-base read/write interop.
|
|
||||||
|
|
||||||
Both packages should be fixture-first and no-secret by default. They are distribution surfaces for the decision engine, not separate evaluators with their own truth.
|
|
||||||
|
|
||||||
### R6: Knowledge-Base Interop
|
|
||||||
|
|
||||||
Any Hermes, OpenClaw, or Claude-style agent should be able to read information from the Living IP knowledge base and propose writes back into it.
|
|
||||||
|
|
||||||
The contract is:
|
|
||||||
|
|
||||||
- read through deterministic search, claim indexes, copied SQLite state, or cited repo files;
|
|
||||||
- propose source, claim, entity, correction, and route artifacts;
|
|
||||||
- never write directly to main;
|
|
||||||
- never mutate production `pipeline.db` from a model response;
|
|
||||||
- leave proof showing the exact query, cited reads, proposed write, and route evidence.
|
|
||||||
|
|
||||||
Use `.agents/skills/living-ip-kb-interop/SKILL.md` for runtime-neutral KB access, and `.agents/skills/teleo-db-operator/SKILL.md` for SQLite-specific work.
|
|
||||||
|
|
||||||
## DB Usage Boundary
|
|
||||||
|
|
||||||
Default is read-only.
|
|
||||||
|
|
||||||
Writes are allowed only when all are true:
|
|
||||||
|
|
||||||
- the target DB is local, staging, or explicitly authorized production;
|
|
||||||
- a backup or copy exists;
|
|
||||||
- the write is wrapped in a transaction;
|
|
||||||
- the exact query is retained in a proof artifact;
|
|
||||||
- the post-write readback is retained.
|
|
||||||
|
|
||||||
Never let an agent tune prompts by mutating production state directly.
|
|
||||||
|
|
||||||
## Pentagon.run Boundary
|
|
||||||
|
|
||||||
Pentagon.run should own:
|
|
||||||
|
|
||||||
- disposable VPS setup;
|
|
||||||
- Crabbox or remote proof execution;
|
|
||||||
- Hetzner lifecycle;
|
|
||||||
- runner cleanup;
|
|
||||||
- infra receipts.
|
|
||||||
- persistent agent teammates, company-brain infrastructure, and agent-to-agent transport when that is their managed stack.
|
|
||||||
|
|
||||||
This repo should own:
|
|
||||||
|
|
||||||
- decision-engine quality;
|
|
||||||
- model and prompt experiments;
|
|
||||||
- agent skills and adapter handoffs;
|
|
||||||
- database feedback analysis;
|
|
||||||
- proof schemas for eval quality.
|
|
||||||
|
|
||||||
Raw cards and secrets are not agent runtime inputs. Human operators may decide vendor billing and spend policy, but repo artifacts should only name secret slots, scoped tokens, spend limits, receipts, and setup checklists.
|
|
||||||
|
|
||||||
## Transcript-Derived Requirements
|
|
||||||
|
|
||||||
The 2026-06-01 working transcript adds these requirements:
|
|
||||||
|
|
||||||
- LLM/refinement work should focus on model discovery, compression, context strategy, and decision-engine quality while Pentagon handles cloud/persistent-agent infrastructure.
|
|
||||||
- Rio should be the first place to route Meteora, LP, x402, futarchy, paid-query, and contribution-incentive questions.
|
|
||||||
- Theseus should own the skill/MCP/refinement path that makes model judgment portable across Hermes, OpenClaw, Claude-style agents, and Pentagon-style company brains.
|
|
||||||
- The knowledge-writing path should turn large founder/source corpora into structured, reviewable knowledge packets, not shallow summaries.
|
|
||||||
- Slack, Linear, email, billing, and provider accounts are external collaboration setup. They should unblock people, but they are not prerequisites for local fixture, rubric, and proof work.
|
|
||||||
|
|
||||||
## Next Implementation Slice
|
|
||||||
|
|
||||||
1. Add `docs/model-discovery-registry.md`.
|
|
||||||
2. Add `scripts/replay_decision_engine_eval.py` with local fixture mode.
|
|
||||||
3. Add `fixtures/decision-engine-eval/*.json`.
|
|
||||||
4. Store verdict outputs in `.crabbox-results/decision-engine-eval.json`.
|
|
||||||
5. Add one Rio economics fixture and one Theseus model-integrity fixture.
|
|
||||||
6. Add one KB interop fixture that searches existing context and proposes a write without touching main or production DB.
|
|
||||||
7. Compare current prompt versus one candidate prompt before touching runtime prompts.
|
|
||||||
|
|
||||||
Do not start by changing live model assignments.
|
|
||||||
|
|
||||||
Run `python3 scripts/replay_decision_engine_eval.py` after changing fixture, rubric, registry, or candidate-output formats.
|
|
||||||
|
|
@ -1,75 +0,0 @@
|
||||||
# Model Discovery Registry
|
|
||||||
|
|
||||||
Created: 2026-06-01
|
|
||||||
Status: candidate registry, not model approval
|
|
||||||
|
|
||||||
This registry exists to decide which models deserve a Living IP bakeoff fixture. It does not choose production models and it does not replace measured replay results.
|
|
||||||
|
|
||||||
## Rules
|
|
||||||
|
|
||||||
- Use official provider docs, model cards, or source repositories for every entry.
|
|
||||||
- Treat all model specs, prices, context limits, and aliases as volatile.
|
|
||||||
- Do not switch runtime model assignments from this document alone.
|
|
||||||
- Promote a model only after `scripts/replay_decision_engine_eval.py` shows no critical regression on the same fixture set.
|
|
||||||
- Prefer different model families for independent review so agreement is not just same-family correlation.
|
|
||||||
|
|
||||||
## Candidate Matrix
|
|
||||||
|
|
||||||
| Candidate | Surface | Why It Is Worth Testing | First Living IP Lane | Source |
|
|
||||||
| --- | --- | --- | --- | --- |
|
|
||||||
| GPT-5.5 / GPT-5.4 family | Hosted API | Strong general reasoning and agentic task baseline; useful as a frontier comparison point. | deep review, Leo arbitration | [OpenAI models](https://platform.openai.com/docs/models) |
|
|
||||||
| GPT-5 lower-latency variants | Hosted API | Possible cheap triage candidates; exact model IDs must be re-verified before a bakeoff run. | fast triage | [OpenAI models](https://platform.openai.com/docs/models) |
|
|
||||||
| gpt-oss-120b | Open-weight | Open-weight reasoning candidate for on-prem or Pentagon-managed inference; needs hardware/cost proof. | Theseus model integrity | [OpenAI open models](https://openai.com/open-models/) |
|
|
||||||
| gpt-oss-20b | Open-weight | Smaller local/edge candidate for cheap first-pass triage and portable demos. | fast triage, local harness | [OpenAI open models](https://openai.com/open-models/) |
|
|
||||||
| Claude Opus 4.8 | Hosted API | Complex-reasoning candidate for highest-stakes arbitration. | Leo arbitration, deep review | [Anthropic models overview](https://docs.anthropic.com/en/docs/about-claude/models) |
|
|
||||||
| Claude Sonnet 4.6 | Hosted API | Speed/intelligence tradeoff candidate for domain review. | domain review | [Anthropic models overview](https://docs.anthropic.com/en/docs/about-claude/models) |
|
|
||||||
| Claude Haiku 4.5 | Hosted API | Low-latency candidate for cheap reviewer pre-checks. | fast triage | [Anthropic models overview](https://docs.anthropic.com/en/docs/about-claude/models) |
|
|
||||||
| Gemini 3.5 Flash | Hosted API | Agentic/coding-oriented candidate from a different model family. | independent second review | [Gemini API models](https://ai.google.dev/gemini-api/docs/models) |
|
|
||||||
| Gemini 3.1 Pro | Hosted API | Complex problem-solving candidate from a non-primary model family. | deep review | [Gemini API models](https://ai.google.dev/gemini-api/docs/models) |
|
|
||||||
| Mistral Medium 3.5 | Hosted or open surface per provider docs | Agentic/coding candidate with a non-US-primary model family. | independent second review | [Mistral models overview](https://docs.mistral.ai/getting-started/models/) |
|
|
||||||
| Mistral Small 4 | Hosted or open surface per provider docs | Efficient hybrid instruct/reasoning/coding candidate. | fast triage, domain review | [Mistral models overview](https://docs.mistral.ai/getting-started/models/) |
|
|
||||||
| Mistral Large 3 | Open-weight | Large open-weight comparison point for self-hosted evaluation. | deep review | [Mistral models overview](https://docs.mistral.ai/getting-started/models/) |
|
|
||||||
| Devstral 2 | Hosted or open surface per provider docs | Code-agent candidate for tools, repository work, and adapter tasks. | Theseus tool integrity | [Mistral models overview](https://docs.mistral.ai/getting-started/models/) |
|
|
||||||
| Hermes 4 70B | Open-weight / provider-hosted | Nous-aligned model with structured output and tool-use relevance for Hermes Agent packaging. | Hermes adapter, Theseus | [NousResearch Hermes 4 70B](https://huggingface.co/NousResearch/Hermes-4-70B) |
|
|
||||||
| Qwen3.5 9B | Open-weight | Small multimodal/open-weight candidate for local and edge experiments. | fast triage, local harness | [Qwen3.5 9B model card](https://huggingface.co/Qwen/Qwen3.5-9B) |
|
|
||||||
|
|
||||||
## Bakeoff Intake Fields
|
|
||||||
|
|
||||||
Each candidate needs a retained record before a real bakeoff:
|
|
||||||
|
|
||||||
- provider or local runtime;
|
|
||||||
- exact model ID or pinned snapshot;
|
|
||||||
- source URL;
|
|
||||||
- license or terms surface;
|
|
||||||
- context window and max output if verified;
|
|
||||||
- structured-output support;
|
|
||||||
- tool/function calling support;
|
|
||||||
- expected hardware or hosted cost;
|
|
||||||
- latency estimate;
|
|
||||||
- privacy and data-retention posture;
|
|
||||||
- failure mode hypothesis;
|
|
||||||
- first fixture lane.
|
|
||||||
|
|
||||||
## First Bakeoff Order
|
|
||||||
|
|
||||||
1. Cheap triage: exact-ID-verified GPT-5 lower-latency variant, Claude Haiku 4.5, Mistral Small 4, Qwen3.5 9B, gpt-oss-20b.
|
|
||||||
2. Theseus integrity: Gemini 3.5 Flash, Hermes 4 70B, Devstral 2, gpt-oss-120b.
|
|
||||||
3. Rio economics: GPT-5.5/5.4, Claude Sonnet 4.6, Gemini 3.1 Pro, Mistral Medium 3.5.
|
|
||||||
4. Deep arbitration: Claude Opus 4.8, GPT-5.5, Gemini 3.1 Pro, Mistral Large 3.
|
|
||||||
|
|
||||||
## Promotion Gate
|
|
||||||
|
|
||||||
A model can move from registry to runtime proposal only if the replay proof includes:
|
|
||||||
|
|
||||||
- exact model ID;
|
|
||||||
- fixture count;
|
|
||||||
- route accuracy;
|
|
||||||
- false approvals;
|
|
||||||
- false rejects;
|
|
||||||
- missing required issue tags;
|
|
||||||
- average latency;
|
|
||||||
- cost estimate;
|
|
||||||
- disagreement matrix against current baseline;
|
|
||||||
- one paragraph explaining why the observed disagreements are useful.
|
|
||||||
|
|
||||||
Zero false approvals on known-bad fixtures is a hard gate for evaluator roles.
|
|
||||||
|
|
@ -1,996 +0,0 @@
|
||||||
# Phase 1b Agent Routing Spec
|
|
||||||
|
|
||||||
Created: 2026-05-29
|
|
||||||
Status: active draft
|
|
||||||
Owner: Epimetheus pipeline implementation, with m3taversal as scope owner and Fwaz as VPS/runtime owner
|
|
||||||
|
|
||||||
## Product Outcome Contract
|
|
||||||
|
|
||||||
Phase 1b makes the knowledge-base evaluation engine behave like a six-agent review system instead of a generic triage stack.
|
|
||||||
|
|
||||||
When a contribution changes the `decision-engine` KB, the pipeline must decide which Hermes agent identity is responsible for judging that change, run the required review or reviews, post agent-specific verdicts, and then let the existing merge or feedback machinery continue.
|
|
||||||
|
|
||||||
The user-visible outcome is not a new frontend. It is a PR review trail showing that the right agent or agents reviewed the right KB mutation.
|
|
||||||
|
|
||||||
## Non-Goals
|
|
||||||
|
|
||||||
This spec does not implement:
|
|
||||||
|
|
||||||
- Twitter/X posting.
|
|
||||||
- x402, wallet, payment, or funding flows.
|
|
||||||
- Decision markets, agent bidding, stake-weighted quorum, or prediction-market review.
|
|
||||||
- Full general user-input routing outside the PR evaluation path.
|
|
||||||
- Separate GitHub accounts for each agent.
|
|
||||||
- A full Forgejo-to-GitHub daemon rewrite beyond what Phase 1b needs.
|
|
||||||
- A dashboard redesign.
|
|
||||||
- Production deployment without staging or VPS proof.
|
|
||||||
|
|
||||||
## Program Decomposition
|
|
||||||
|
|
||||||
This is a medium-sized control-plane change with five execution lanes:
|
|
||||||
|
|
||||||
1. Agent identity routing.
|
|
||||||
2. Eval pipeline integration.
|
|
||||||
3. GitHub identity and bot comment posture.
|
|
||||||
4. Reporting and contributor compatibility.
|
|
||||||
5. Staging and production proof.
|
|
||||||
|
|
||||||
The implementation can remain in one PR only if lanes 1 through 4 are tightly tested and the staging proof remains a separate operator task. If the eval integration diff grows beyond the files named in this spec, split into:
|
|
||||||
|
|
||||||
- PR 1: route contract and tests.
|
|
||||||
- PR 2: eval integration and mocked state tests.
|
|
||||||
- PR 3: GitHub/comment idempotency and reporting compatibility.
|
|
||||||
- PR 4 or operator runbook: staging proof artifacts.
|
|
||||||
|
|
||||||
Child specs:
|
|
||||||
|
|
||||||
- `docs/phase1b/agent-identity-router-spec.md`
|
|
||||||
- `docs/phase1b/eval-pipeline-integration-spec.md`
|
|
||||||
- `docs/phase1b/github-identity-bot-posture-spec.md`
|
|
||||||
- `docs/phase1b/reporting-contributor-compatibility-spec.md`
|
|
||||||
- `docs/phase1b/staging-proof-spec.md`
|
|
||||||
|
|
||||||
## Priority Matrix
|
|
||||||
|
|
||||||
| Rank | Workstream | Recurrence | Value | Readiness | Current state | Issue/spec mapping | Thread-claimed status | Verified implementation/proof status | Recommended next move |
|
|
||||||
| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- |
|
|
||||||
| 1 | Canonical repo and eval target | Repeated confusion between `teleo-codex`, `teleo-kb`, and `decision-engine`. | Critical | Ready now | Confirmed by user: `decision-engine`. Some code still has Forgejo/teleo-codex defaults. | This spec, `handoff/phase1-step3-script-migration.md` | Clarified in chat. | Partially reflected in repo; not unified in daemon modules. | Make Phase 1b route/proof explicitly target `decision-engine`. |
|
|
||||||
| 2 | Agent identity routing | Repeated confusion between domain folders and agent ownership. | Critical | Ready now | Existing `lib/domains.py` is folder-first. | This spec | m3taversal clarified identity-first routing. | Initial local patch is insufficient. | Replace with identity-scored route contract. |
|
|
||||||
| 3 | Cross-domain review | Raised as scope expansion during clarification. | High | Ready now | Not implemented. | This spec | m3taversal confirmed cap at top 2. | No code proof. | Add top-2 required reviewer aggregation. |
|
|
||||||
| 4 | Single master bot account | GitHub bot/PAT issue was noted as blocker. | High | Ready now | Phase 1 handoff already documents single `livingIPbot` posture. | `handoff/phase1-step3-script-migration.md` | Separate identities ideal, likely too complex. | Handoff-only. | Use master bot comments with agent verdict tags. |
|
|
||||||
| 5 | Staging proof | User asked how to test without mutating prod VPS. | Critical for production | Draft gated | Needs VPS clone or Crabbox/staging access. | This spec | Proposed, not executed. | No proof. | Run after code PR passes local checks. |
|
|
||||||
|
|
||||||
## Goal
|
|
||||||
|
|
||||||
Implement Phase 1b for the `decision-engine` knowledge base: pipeline-v2 evaluates each incoming KB pull request by routing it to the Hermes agent identity that owns the relevant domain of judgment.
|
|
||||||
|
|
||||||
The implementation lives in `teleo-infrastructure`. The canonical KB repo for this phase is `living-ip/decision-engine`.
|
|
||||||
|
|
||||||
Phase 1b is complete only when single-domain and cross-domain PRs are routed to the expected required reviewer agents, verdicts are posted in the existing `VERDICT:AGENT:*` format, and the merge or feedback path continues from those verdicts.
|
|
||||||
|
|
||||||
## User-Journey Contract
|
|
||||||
|
|
||||||
Contributor or agent flow:
|
|
||||||
|
|
||||||
1. A contributor or agent opens a PR against `living-ip/decision-engine`.
|
|
||||||
2. The PR changes one or more KB files.
|
|
||||||
3. Pipeline-v2 discovers the PR and fetches its diff.
|
|
||||||
4. The router scores Hermes agent identities from the diff, file paths, branch metadata, and eventually PR metadata.
|
|
||||||
5. The pipeline runs the required reviewer agents.
|
|
||||||
6. The master bot posts verdict comments that clearly name the agent identity in `VERDICT:AGENT:*` tags.
|
|
||||||
7. If all required reviewers approve, the existing approval and merge path continues.
|
|
||||||
8. If any required reviewer requests changes, the existing feedback/retry path continues.
|
|
||||||
|
|
||||||
Operator flow:
|
|
||||||
|
|
||||||
1. Operator can inspect a PR and see why each agent was selected.
|
|
||||||
2. Operator can inspect pipeline logs or audit rows and see route scores, required agents, verdicts, and aggregate result.
|
|
||||||
3. Operator can distinguish local proof, staging proof, and production proof.
|
|
||||||
|
|
||||||
## Existing-Spec Inventory
|
|
||||||
|
|
||||||
| Existing doc | Relevance | Decision | Reason |
|
|
||||||
| --- | --- | --- | --- |
|
|
||||||
| `handoff/phase1-step3-script-migration.md` | Establishes the Phase 1 move from Forgejo `teleo-codex` toward GitHub `living-ip/decision-engine`, and documents the single master bot account posture. | Reuse as context. | It owns migration history, not the Phase 1b routing implementation. |
|
|
||||||
| `handoff/deprecated/eval-scripts.md` | Confirms old eval dispatcher/worker scripts are dead and `lib/evaluate.py::evaluate_cycle` owns live eval behavior. | Reuse as context. | It prevents work from targeting retired scripts. |
|
|
||||||
| `docs/ARCHITECTURE.md` | Describes pipeline-v2 stages, SQLite state, Forgejo-era runtime topology, and existing evaluate/merge loops. | Reuse as context. | It is broader architecture; this spec is a Phase 1b delta spec. |
|
|
||||||
| `docs/multi-model-eval-architecture.md` | Documents the prior Leo-first plus second-model evaluation theory. | Supersede for Phase 1b eval routing only. | Phase 1b now routes to domain-owner agent identities, with capped top-2 cross-domain review. The old doc remains useful for later calibration. |
|
|
||||||
| `docs/queue.md` | Mentions domain evolution such as `ai-alignment` to `ai-systems`. | Reuse as signal. | It supports the identity-scored router rather than folder-only routing. |
|
|
||||||
|
|
||||||
## Current Implementation Audit
|
|
||||||
|
|
||||||
Current relevant implementation state:
|
|
||||||
|
|
||||||
- `teleo-pipeline.py` runs pipeline-v2 as a single async daemon.
|
|
||||||
- `lib/evaluate.py::evaluate_cycle` is the active eval loop.
|
|
||||||
- `lib/evaluate.py::evaluate_pr` currently detects a domain, runs a domain review, then runs Leo review for non-LIGHT PRs.
|
|
||||||
- `lib/domains.py` contains a folder-first `DOMAIN_AGENT_MAP`.
|
|
||||||
- `lib/llm.py` contains prompt templates and `run_domain_review`, `run_batch_domain_review`, and `run_leo_review`.
|
|
||||||
- `lib/eval_parse.py::parse_verdict` parses `VERDICT:AGENT:APPROVE` and `VERDICT:AGENT:REQUEST_CHANGES`.
|
|
||||||
- `pipeline-health-check.py` is GitHub-oriented and points at `living-ip/decision-engine`.
|
|
||||||
- `lib/forgejo.py`, `lib/evaluate.py`, and `lib/merge.py` still use Forgejo-named abstractions as the primary API surface.
|
|
||||||
- Per-agent GitHub identity is deferred; Phase 1 uses one master bot account.
|
|
||||||
|
|
||||||
Fwaz clarification on 2026-05-29:
|
|
||||||
|
|
||||||
- Separate GitHub identities are still ideal and blocked on GitHub/PAT setup; Phase 1b must not require them to land the routed-eval path.
|
|
||||||
- Current production update behavior is `pull -> services recognize pull -> edit on VPS -> PR to Leo`; this is useful context, not the desired long-term control model.
|
|
||||||
- New desired rule is no direct production self-upgrades: agents open PRs, and production deploys exact reviewed/tested SHAs approved and signed by Leo.
|
|
||||||
- Crabbox is acceptable as the long-term disposable staging/test-box direction, while a production-like clone remains the highest-fidelity proof for systemd/VPS paths.
|
|
||||||
|
|
||||||
This branch implementation now includes:
|
|
||||||
|
|
||||||
- `lib/agent_routing.py` with a pure identity-scored route contract.
|
|
||||||
- `PHASE1B_AGENT_ROUTING_ENABLED`, defaulting off.
|
|
||||||
- A Phase 1b eval path that runs routed required agents and disables stale domain batching under the flag.
|
|
||||||
- Focused tests for six-agent routing, top-2 cross-domain routing, verdict parsing, and mocked eval aggregation.
|
|
||||||
|
|
||||||
## Goal-Vs-Repo-Truth Diff
|
|
||||||
|
|
||||||
Desired Phase 1b behavior:
|
|
||||||
|
|
||||||
- Route PRs against `decision-engine`, not `teleo-codex`.
|
|
||||||
- Classify by agent identity ownership, not only by folder path.
|
|
||||||
- Run exactly the required reviewer agents.
|
|
||||||
- Use one master bot account if separate GitHub identities are too complex.
|
|
||||||
- Preserve the existing verdict comment format.
|
|
||||||
- Preserve existing merge and feedback behavior.
|
|
||||||
- Support cross-domain PRs by requiring the top 2 routed agents.
|
|
||||||
|
|
||||||
Pre-implementation repo truth:
|
|
||||||
|
|
||||||
- Pipeline eval still has a two-stage review shape: domain review plus Leo review.
|
|
||||||
- Folder-domain mapping exists, but agent identity scoring does not.
|
|
||||||
- Cross-domain review is not implemented as multiple required reviewer agents.
|
|
||||||
- Batch eval can group rows before fetching diffs, which risks routing unclassified rows through `general`.
|
|
||||||
- GitHub migration is partial: some scripts target GitHub `decision-engine`, but live daemon modules still have Forgejo-era names and assumptions.
|
|
||||||
|
|
||||||
## Completion Percent And Remaining Delta
|
|
||||||
|
|
||||||
Estimated implementation progress on this branch:
|
|
||||||
|
|
||||||
- B1 classifier foundation: 100 percent locally, pending staging calibration.
|
|
||||||
- B2 routing layer: 75 percent locally behind a default-off feature flag.
|
|
||||||
- Cross-domain top-2 review: 75 percent locally through mocked eval proof.
|
|
||||||
- Local proof suite: 85 percent for router/eval/parser scope.
|
|
||||||
- Staging or VPS proof: 0 percent.
|
|
||||||
|
|
||||||
Remaining delta:
|
|
||||||
|
|
||||||
1. Decide whether the production Phase 1b transport stays Forgejo-first for cutover or switches direct to GitHub `decision-engine` before staging.
|
|
||||||
2. Update reporting/health compatibility beyond `review_records` if staging shows false readiness.
|
|
||||||
3. Prove against staging before production.
|
|
||||||
4. Deploy only an exact reviewed/tested SHA after Leo signoff.
|
|
||||||
|
|
||||||
## Closure, Endpoint, And Deployment Truth
|
|
||||||
|
|
||||||
Local closure means:
|
|
||||||
|
|
||||||
- Focused tests pass in `teleo-infrastructure`.
|
|
||||||
- A PR exists with the Phase 1b routing implementation and proof notes.
|
|
||||||
|
|
||||||
Staging closure means:
|
|
||||||
|
|
||||||
- A cloned or disposable staging runtime is pointed at a sandbox `decision-engine`.
|
|
||||||
- Six single-domain sandbox PRs and one cross-domain sandbox PR complete the expected eval path.
|
|
||||||
- A machine-readable proof artifact captures routes, required agents, verdicts, status transitions, git SHAs, and logs.
|
|
||||||
|
|
||||||
Production closure means:
|
|
||||||
|
|
||||||
- The exact reviewed SHA is deployed to the production VPS.
|
|
||||||
- Production pipeline runs real `decision-engine` PRs through Phase 1b routing.
|
|
||||||
- All six agents have completed at least one live review cycle.
|
|
||||||
- Pipeline remains stable for at least 24 hours after cutover.
|
|
||||||
|
|
||||||
Without VPS or staging access, only local closure can be claimed.
|
|
||||||
|
|
||||||
## Critical Assumptions And Invalidators
|
|
||||||
|
|
||||||
Assumptions:
|
|
||||||
|
|
||||||
- `decision-engine` is the canonical KB repo for Phase 1b.
|
|
||||||
- The active eval implementation is `teleo-infrastructure/lib/evaluate.py`, not retired shell scripts.
|
|
||||||
- One master bot account is acceptable for Phase 1b verdict comments.
|
|
||||||
- Required reviewer identity is encoded in the verdict tag, not necessarily in the GitHub account identity.
|
|
||||||
- Agent state files in `decision-engine/agents/{agent}` are the right identity context source when present.
|
|
||||||
|
|
||||||
Invalidators:
|
|
||||||
|
|
||||||
- Production pipeline is still wired to a different canonical repo.
|
|
||||||
- The VPS runs code not represented by current `teleo-infrastructure`.
|
|
||||||
- Branch protection requires separate GitHub identities before comments or reviews count.
|
|
||||||
- Agent identity files are absent or materially different on the VPS.
|
|
||||||
- Cross-domain review must include more than top 2 reviewers.
|
|
||||||
|
|
||||||
## State And Truth Contract
|
|
||||||
|
|
||||||
The routing implementation must record or expose:
|
|
||||||
|
|
||||||
- PR number.
|
|
||||||
- Primary agent.
|
|
||||||
- Required agents.
|
|
||||||
- Route kind: `single`, `multi`, or `escalated`.
|
|
||||||
- Route scores by agent.
|
|
||||||
- Route evidence: path, branch, title, diff keyword, or fallback.
|
|
||||||
- Verdict per required agent.
|
|
||||||
- Aggregate result.
|
|
||||||
- Failure reason for missing or unparseable verdicts.
|
|
||||||
|
|
||||||
This can be stored first in audit log details and test artifacts. A DB schema migration is optional for Phase 1b unless downstream dashboards require queryable route fields.
|
|
||||||
|
|
||||||
### Route Decision Schema
|
|
||||||
|
|
||||||
The route decision should be serializable without importing Python classes. Use this JSON shape in audit rows and proof artifacts:
|
|
||||||
|
|
||||||
```json
|
|
||||||
{
|
|
||||||
"pr": 123,
|
|
||||||
"repo": "living-ip/decision-engine",
|
|
||||||
"route_version": "phase1b-v1",
|
|
||||||
"route_kind": "single",
|
|
||||||
"primary_agent": "Rio",
|
|
||||||
"required_agents": ["Rio"],
|
|
||||||
"scores": {
|
|
||||||
"Leo": 0,
|
|
||||||
"Theseus": 1,
|
|
||||||
"Rio": 9,
|
|
||||||
"Vida": 0,
|
|
||||||
"Clay": 0,
|
|
||||||
"Astra": 0
|
|
||||||
},
|
|
||||||
"evidence": [
|
|
||||||
{
|
|
||||||
"agent": "Rio",
|
|
||||||
"signal": "path",
|
|
||||||
"weight": 5,
|
|
||||||
"value": "domains/internet-finance/example.md"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"fallback": false
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
`route_kind` values:
|
|
||||||
|
|
||||||
- `single`: one required reviewer.
|
|
||||||
- `multi`: two required reviewers from cross-domain scoring.
|
|
||||||
- `fallback`: no confident route, Leo required.
|
|
||||||
- `escalated`: route exceeded simple review bounds and was capped by policy.
|
|
||||||
|
|
||||||
### Verdict State Schema
|
|
||||||
|
|
||||||
Aggregate review state should be serializable as:
|
|
||||||
|
|
||||||
```json
|
|
||||||
{
|
|
||||||
"pr": 123,
|
|
||||||
"required_agents": ["Theseus", "Rio"],
|
|
||||||
"agent_verdicts": {
|
|
||||||
"Theseus": "approve",
|
|
||||||
"Rio": "request_changes"
|
|
||||||
},
|
|
||||||
"aggregate_verdict": "request_changes",
|
|
||||||
"blocking_agents": ["Rio"],
|
|
||||||
"missing_agents": [],
|
|
||||||
"unparseable_agents": [],
|
|
||||||
"transport_failed_agents": []
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
Aggregate states:
|
|
||||||
|
|
||||||
- `approve`: all required agents approved.
|
|
||||||
- `request_changes`: at least one required agent requested changes or produced unparseable content.
|
|
||||||
- `retry`: at least one required review failed for transport reasons and should not burn the PR as a substantive rejection.
|
|
||||||
|
|
||||||
## Measurement Contract
|
|
||||||
|
|
||||||
Minimum metrics:
|
|
||||||
|
|
||||||
- `route_single_count`
|
|
||||||
- `route_multi_count`
|
|
||||||
- `route_escalated_count`
|
|
||||||
- `review_required_agent_count`
|
|
||||||
- `review_missing_verdict_count`
|
|
||||||
- `review_request_changes_count`
|
|
||||||
- `review_approve_count`
|
|
||||||
- `route_fallback_count`
|
|
||||||
|
|
||||||
Minimum proof matrix:
|
|
||||||
|
|
||||||
| Case | Expected route |
|
|
||||||
| --- | --- |
|
|
||||||
| grand strategy PR | Leo |
|
|
||||||
| ai systems or ai alignment PR | Theseus |
|
|
||||||
| internet finance or x402 PR | Rio |
|
|
||||||
| health PR | Vida |
|
|
||||||
| entertainment PR | Clay |
|
|
||||||
| space, robotics, energy, or advanced manufacturing PR | Astra |
|
|
||||||
| ai plus x402 PR | Theseus and Rio |
|
|
||||||
| collective ai goals PR | Leo and Theseus, if both score in top 2 |
|
|
||||||
|
|
||||||
## Score-To-100 Closure Plan
|
|
||||||
|
|
||||||
Preparedness score before implementation: 35/100.
|
|
||||||
|
|
||||||
| Score band | Closure move | Evidence that moves score |
|
|
||||||
| --- | --- | --- |
|
|
||||||
| 35 -> 50 | Route contract implemented and unit-tested. | `test_agent_routing.py` proves six single-agent routes, broadened identity ownership, top-2 cross-domain routes, and fallback behavior. |
|
|
||||||
| 50 -> 65 | Eval integration mocked locally. | Mocked eval tests prove required agents are invoked, default Leo review is removed, and aggregate verdicts drive approve/request-changes behavior. |
|
|
||||||
| 65 -> 75 | API/comment compatibility proven locally. | Tests prove all six verdict tags parse and master-bot comment bodies preserve existing parser expectations. |
|
|
||||||
| 75 -> 85 | Staging clone or disposable test box runs sandbox PR proof. | Six single-domain sandbox PRs plus one cross-domain sandbox PR produce expected comments and state transitions. |
|
|
||||||
| 85 -> 95 | Production deploy of exact reviewed SHA. | VPS deploy log, service restart readback, and route/proof artifact for first real PRs. |
|
|
||||||
| 95 -> 100 | 24-hour production stability. | 24-hour daemon readback with no duplicate comments, no stuck review rows, no production fallback spike, and all six agents represented in verdict history. |
|
|
||||||
|
|
||||||
The implementation PR can be merged at 65-75 if reviewers accept staging as a deploy gate. It cannot claim Phase 1b complete below 100.
|
|
||||||
|
|
||||||
## Backend Work Required
|
|
||||||
|
|
||||||
### 1. Agent identity router
|
|
||||||
|
|
||||||
Create or refactor into `lib/agent_routing.py` unless the existing `lib/domains.py` remains clearly small enough.
|
|
||||||
|
|
||||||
Define:
|
|
||||||
|
|
||||||
```python
|
|
||||||
AgentRoute(
|
|
||||||
primary_agent: str,
|
|
||||||
required_agents: tuple[str, ...],
|
|
||||||
route_kind: str,
|
|
||||||
scores: dict[str, int],
|
|
||||||
evidence: list[dict],
|
|
||||||
)
|
|
||||||
```
|
|
||||||
|
|
||||||
Router signals:
|
|
||||||
|
|
||||||
- Path signals from `domains/`, `entities/`, `core/`, `foundations/`, and `agents/`.
|
|
||||||
- Branch prefix signals such as `rio/`, `theseus/`, `astra/`, `leo/`.
|
|
||||||
- Keyword signals from path, filename, branch, PR title/body when available, and capped diff text.
|
|
||||||
- Agent identity ownership map.
|
|
||||||
|
|
||||||
Agent identity ownership map:
|
|
||||||
|
|
||||||
| Agent | Owns |
|
|
||||||
| --- | --- |
|
|
||||||
| Leo | grand strategy, teleohumanity goals, collective AI self-understanding, meta strategy, nested collective intelligence concepts |
|
|
||||||
| Theseus | AI systems, AI alignment, AI governance, agent systems, safety, evaluation |
|
|
||||||
| Rio | internet finance, living capital, markets, crypto, futarchy, x402, payments, capital formation |
|
|
||||||
| Vida | health, healthcare, medicine, prevention, clinical systems, mental health, biohealth |
|
|
||||||
| Clay | entertainment, media, culture, IP, fandom, narrative, consumer attention |
|
|
||||||
| Astra | space development, robotics, energy, advanced manufacturing, physical frontier infrastructure |
|
|
||||||
|
|
||||||
Routing rules:
|
|
||||||
|
|
||||||
- If only one agent crosses the threshold, require that agent.
|
|
||||||
- If more than one agent crosses the threshold, require the top 2 agents.
|
|
||||||
- If no agent crosses threshold, fallback to Leo with route kind `fallback`.
|
|
||||||
- Tie break by score, then deterministic configured order.
|
|
||||||
|
|
||||||
Implementation constraints:
|
|
||||||
|
|
||||||
- The router must be deterministic.
|
|
||||||
- The router must be pure and side-effect free.
|
|
||||||
- Route scores must be explainable through evidence entries.
|
|
||||||
- Folder paths should be strong evidence, not the whole classifier.
|
|
||||||
- Keyword scoring must not require paid inference.
|
|
||||||
- LLM classification may be added later only as shadow-mode evidence.
|
|
||||||
|
|
||||||
Recommended scoring starter:
|
|
||||||
|
|
||||||
| Signal | Weight |
|
|
||||||
| --- | --- |
|
|
||||||
| Path directly under known primary ownership area | 8 |
|
|
||||||
| Path under broadened ownership area | 6 |
|
|
||||||
| Branch prefix matches agent | 4 |
|
|
||||||
| Filename keyword matches ownership | 3 |
|
|
||||||
| Diff keyword matches ownership | 1 per capped hit |
|
|
||||||
| PR title/body keyword matches ownership, if available | 2 |
|
|
||||||
|
|
||||||
Top-2 selection:
|
|
||||||
|
|
||||||
- Include the highest-scoring agent.
|
|
||||||
- Include a second agent only if its score is at least 40 percent of the first score and at least the minimum threshold.
|
|
||||||
- Minimum threshold starts at 4.
|
|
||||||
- Never include more than two required agents in Phase 1b.
|
|
||||||
|
|
||||||
### 2. Eval layer integration
|
|
||||||
|
|
||||||
Modify `lib/evaluate.py`:
|
|
||||||
|
|
||||||
- Fetch PR diff.
|
|
||||||
- Build route from diff and branch.
|
|
||||||
- Store or audit route decision.
|
|
||||||
- Run required reviewer agents.
|
|
||||||
- Aggregate verdicts.
|
|
||||||
- Remove default Leo second-review for normal single-agent PRs.
|
|
||||||
- Keep existing bypasses for musings and reweave unless m3taversal changes policy.
|
|
||||||
- Revisit batch eval: disable batching for Phase 1b or classify before batching.
|
|
||||||
|
|
||||||
Implementation sequence:
|
|
||||||
|
|
||||||
1. Add pure route builder and tests.
|
|
||||||
2. Add review aggregation helper and tests.
|
|
||||||
3. Add `run_agent_review` while leaving existing `run_domain_review` and `run_leo_review` intact.
|
|
||||||
4. Switch individual `evaluate_pr` path to the new router behind a feature flag such as `PHASE1B_AGENT_ROUTING_ENABLED`.
|
|
||||||
5. Disable batch domain eval when the feature flag is enabled unless route-aware batching is implemented in the same PR.
|
|
||||||
6. Remove or bypass the default Leo second-review when the feature flag is enabled.
|
|
||||||
7. Preserve old behavior when the feature flag is disabled.
|
|
||||||
|
|
||||||
Feature flag requirement:
|
|
||||||
|
|
||||||
```text
|
|
||||||
PHASE1B_AGENT_ROUTING_ENABLED=false by default until staging proof exists.
|
|
||||||
```
|
|
||||||
|
|
||||||
The PR may set tests against enabled behavior without changing the production default.
|
|
||||||
|
|
||||||
### 3. Agent review runner
|
|
||||||
|
|
||||||
Modify or add in `lib/llm.py`:
|
|
||||||
|
|
||||||
```python
|
|
||||||
async def run_agent_review(diff: str, files: str, agent: str, route: AgentRoute) -> tuple[str | None, dict]:
|
|
||||||
...
|
|
||||||
```
|
|
||||||
|
|
||||||
Prompt must include:
|
|
||||||
|
|
||||||
- Agent identity context when available.
|
|
||||||
- Route evidence.
|
|
||||||
- Existing eval criteria.
|
|
||||||
- Required verdict tag for that exact agent.
|
|
||||||
|
|
||||||
Continue using one master bot account for comments. The bot comment body must identify the routed agent via the verdict tag.
|
|
||||||
|
|
||||||
Agent context lookup order:
|
|
||||||
|
|
||||||
1. Runtime-configured KB worktree path, expected to point at `decision-engine`.
|
|
||||||
2. Existing `config.MAIN_WORKTREE` if production still uses that convention.
|
|
||||||
3. Explicit test fixture path in unit tests.
|
|
||||||
|
|
||||||
Context files:
|
|
||||||
|
|
||||||
- `agents/{agent}/identity.md`
|
|
||||||
- `agents/{agent}/beliefs.md`
|
|
||||||
- `agents/{agent}/reasoning.md`
|
|
||||||
- `agents/{agent}/skills.md`
|
|
||||||
|
|
||||||
Missing context files:
|
|
||||||
|
|
||||||
- Log a warning.
|
|
||||||
- Include an audit evidence entry.
|
|
||||||
- Continue with the generic agent prompt.
|
|
||||||
- Do not crash the eval cycle.
|
|
||||||
|
|
||||||
### 4. Verdict aggregation
|
|
||||||
|
|
||||||
Add helper:
|
|
||||||
|
|
||||||
```python
|
|
||||||
aggregate_agent_verdicts(required_agents, reviews) -> AggregateVerdict
|
|
||||||
```
|
|
||||||
|
|
||||||
Rules:
|
|
||||||
|
|
||||||
- All required agents approve: approved.
|
|
||||||
- Any required agent requests changes: request changes.
|
|
||||||
- Transport failure: reopen for retry.
|
|
||||||
- Missing or unparseable verdict: request changes unless transport failure is explicit.
|
|
||||||
|
|
||||||
Comment format:
|
|
||||||
|
|
||||||
Preferred for one required agent:
|
|
||||||
|
|
||||||
```text
|
|
||||||
<review text>
|
|
||||||
|
|
||||||
<!-- VERDICT:RIO:APPROVE -->
|
|
||||||
```
|
|
||||||
|
|
||||||
Preferred for two required agents:
|
|
||||||
|
|
||||||
```text
|
|
||||||
## Theseus review
|
|
||||||
|
|
||||||
<review text>
|
|
||||||
|
|
||||||
<!-- VERDICT:THESEUS:APPROVE -->
|
|
||||||
|
|
||||||
## Rio review
|
|
||||||
|
|
||||||
<review text>
|
|
||||||
|
|
||||||
<!-- VERDICT:RIO:REQUEST_CHANGES -->
|
|
||||||
```
|
|
||||||
|
|
||||||
Two separate comments are acceptable if simpler and less risky for existing parsers.
|
|
||||||
|
|
||||||
### 5. Contributor and dashboard compatibility
|
|
||||||
|
|
||||||
Audit and update:
|
|
||||||
|
|
||||||
- `lib/contributor.py` assumptions that Leo reviews every PR.
|
|
||||||
- `pipeline-health-check.py` verdict parsing if needed.
|
|
||||||
- Any dashboard code assuming only `leo_verdict` plus `domain_verdict`.
|
|
||||||
|
|
||||||
Avoid broad dashboard redesign in Phase 1b. If dashboards need richer route state, add an audit artifact first and defer UI.
|
|
||||||
|
|
||||||
## Frontend Work Required
|
|
||||||
|
|
||||||
No frontend work is required for Phase 1b.
|
|
||||||
|
|
||||||
`livingip-web` Phase 1c can later reuse the same router as pre-PR guidance, but Phase 1b acceptance is based on `decision-engine` PR evaluation.
|
|
||||||
|
|
||||||
## Operator Work Required
|
|
||||||
|
|
||||||
Operator or infrastructure owner must provide before production proof:
|
|
||||||
|
|
||||||
- Current production deployed SHA for `teleo-infrastructure`.
|
|
||||||
- Current production KB target and worktree path.
|
|
||||||
- Current systemd units and restart commands.
|
|
||||||
- Staging clone or disposable test runner access.
|
|
||||||
- Sandbox `decision-engine` target or clear permission to create one.
|
|
||||||
- Staging token set with no production mutation authority.
|
|
||||||
- Rollback SHA and rollback command.
|
|
||||||
|
|
||||||
If these are unavailable, implementation can continue locally but production proof must remain blocked.
|
|
||||||
|
|
||||||
## Expected Runtime And User-Visible Behavior
|
|
||||||
|
|
||||||
Single-domain PR:
|
|
||||||
|
|
||||||
1. Pipeline detects route.
|
|
||||||
2. Required agents has one name.
|
|
||||||
3. Master bot posts one review comment with `VERDICT:AGENT:*`.
|
|
||||||
4. Existing merge or feedback path continues.
|
|
||||||
|
|
||||||
Cross-domain PR:
|
|
||||||
|
|
||||||
1. Pipeline detects route.
|
|
||||||
2. Required agents has two names.
|
|
||||||
3. Master bot posts one review comment per required agent, or one structured comment with separate verdict sections if that is simpler.
|
|
||||||
4. Merge requires both approvals.
|
|
||||||
5. Any request changes blocks and feeds back.
|
|
||||||
|
|
||||||
The user-visible proof is PR comments and final PR disposition.
|
|
||||||
|
|
||||||
## Staging Proof Contract
|
|
||||||
|
|
||||||
Staging must be production-like enough to test pipeline behavior but quarantined from production side effects.
|
|
||||||
|
|
||||||
Required staging safety controls:
|
|
||||||
|
|
||||||
- Production services disabled before any daemon starts.
|
|
||||||
- Production GitHub tokens removed or replaced.
|
|
||||||
- Production OpenRouter/Claude/Hermes keys removed or replaced unless explicitly approved for staging spend.
|
|
||||||
- Sandbox `decision-engine` repo configured.
|
|
||||||
- Auto-merge either disabled or constrained to sandbox repo.
|
|
||||||
- Hostname clearly changed to staging.
|
|
||||||
|
|
||||||
Required proof artifact:
|
|
||||||
|
|
||||||
```json
|
|
||||||
{
|
|
||||||
"phase": "1b",
|
|
||||||
"environment": "staging",
|
|
||||||
"teleo_infrastructure_sha": "...",
|
|
||||||
"decision_engine_sha": "...",
|
|
||||||
"pipeline_db_schema": 26,
|
|
||||||
"feature_flags": {
|
|
||||||
"PHASE1B_AGENT_ROUTING_ENABLED": "true"
|
|
||||||
},
|
|
||||||
"test_prs": [
|
|
||||||
{
|
|
||||||
"case": "internet-finance",
|
|
||||||
"pr": 1,
|
|
||||||
"required_agents": ["Rio"],
|
|
||||||
"verdicts": {"Rio": "approve"},
|
|
||||||
"final_state": "approved"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"cross_domain_pr": {
|
|
||||||
"required_agents": ["Theseus", "Rio"],
|
|
||||||
"final_state": "approved_or_feedback"
|
|
||||||
},
|
|
||||||
"prod_services_disabled": true,
|
|
||||||
"proof_generated_at": "2026-05-29T00:00:00Z"
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
Staging proof does not satisfy the 24-hour production stability gate.
|
|
||||||
|
|
||||||
## Validation And Test Matrix
|
|
||||||
|
|
||||||
Unit tests:
|
|
||||||
|
|
||||||
- `test_agent_routing.py`
|
|
||||||
- routes six primary ownership cases.
|
|
||||||
- routes broadened Astra cases: energy, robotics, advanced manufacturing.
|
|
||||||
- routes Leo meta cases: collective AI goals, teleohumanity strategy.
|
|
||||||
- routes Theseus AI systems cases.
|
|
||||||
- routes Rio x402 and internet finance cases.
|
|
||||||
- caps cross-domain to top 2 agents.
|
|
||||||
- has deterministic tie breaking.
|
|
||||||
|
|
||||||
Parser tests:
|
|
||||||
|
|
||||||
- Existing `test_eval_parse.py` remains valid.
|
|
||||||
- Add explicit verdict parse coverage for all six agent names.
|
|
||||||
|
|
||||||
Mocked eval integration tests:
|
|
||||||
|
|
||||||
- One required agent calls one runner and posts one verdict.
|
|
||||||
- Two required agents call two runners and post two verdicts.
|
|
||||||
- One request changes blocks aggregate approval.
|
|
||||||
- Transport failure reopens for retry.
|
|
||||||
- Default Leo second-review does not run unless Leo is routed.
|
|
||||||
|
|
||||||
Batch tests:
|
|
||||||
|
|
||||||
- If batching remains enabled, batch grouping must use route decisions, not stale DB domain.
|
|
||||||
- If batching is disabled for Phase 1b, assert cross-domain and single-domain PRs still process individually.
|
|
||||||
|
|
||||||
Smoke commands:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
python3 -m venv .venv
|
|
||||||
. .venv/bin/activate
|
|
||||||
python3 -m pip install 'aiohttp>=3.9,<4' 'pytest>=8' 'pytest-asyncio>=0.23' 'ruff>=0.3' pyyaml
|
|
||||||
python3 -m pytest tests/test_agent_routing.py tests/test_evaluate_agent_routing.py tests/test_eval_parse.py
|
|
||||||
```
|
|
||||||
|
|
||||||
If local `pytest` is unavailable, that is a tooling blocker for full local proof, not an implementation blocker.
|
|
||||||
|
|
||||||
## CI/CD, Release, And Pre-Push Gate Contract
|
|
||||||
|
|
||||||
Pre-push required:
|
|
||||||
|
|
||||||
- `python3 -m pytest` for the focused routing/eval test set.
|
|
||||||
- `python3 -m ruff check lib tests` if dev deps are installed.
|
|
||||||
- Manual scan that no secrets are printed or committed.
|
|
||||||
|
|
||||||
PR required:
|
|
||||||
|
|
||||||
- Summary of routing rule.
|
|
||||||
- Test output.
|
|
||||||
- Known non-prod proof boundary.
|
|
||||||
- Statement that production acceptance still requires staging or VPS proof.
|
|
||||||
|
|
||||||
Deploy required:
|
|
||||||
|
|
||||||
- Exact reviewed SHA.
|
|
||||||
- Staging proof bundle first.
|
|
||||||
- Production service restart plan.
|
|
||||||
- Rollback SHA.
|
|
||||||
|
|
||||||
Release phases:
|
|
||||||
|
|
||||||
| Phase | Feature flag | Environment | Required proof |
|
|
||||||
| --- | --- | --- | --- |
|
|
||||||
| Local implementation | Enabled only in tests | Local | Unit and mocked eval tests. |
|
|
||||||
| Staging shadow | Enabled against sandbox repo | Staging clone or Crabbox-like box | Seven sandbox PR proof artifact. |
|
|
||||||
| Production shadow | Optional, no merge mutation if supported | Production | Route decisions logged without changing verdict path. |
|
|
||||||
| Production cutover | Enabled | Production | Real PR verdicts by required agents. |
|
|
||||||
| Production closure | Enabled | Production | 24-hour stability plus all six agents represented. |
|
|
||||||
|
|
||||||
Rollback:
|
|
||||||
|
|
||||||
- Flip `PHASE1B_AGENT_ROUTING_ENABLED=false`.
|
|
||||||
- Restart `teleo-pipeline.service`.
|
|
||||||
- Confirm eval path returns to prior behavior.
|
|
||||||
- If code rollback is required, deploy the previous exact SHA and restart service.
|
|
||||||
- Keep proof artifact explaining why rollback occurred.
|
|
||||||
|
|
||||||
Pre-push commands:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
python3 -m pytest tests/test_agent_routing.py tests/test_evaluate_agent_routing.py tests/test_eval_parse.py
|
|
||||||
python3 -m ruff check lib tests
|
|
||||||
git diff --check
|
|
||||||
```
|
|
||||||
|
|
||||||
If dev dependencies are missing, install with:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
python3 -m venv .venv
|
|
||||||
. .venv/bin/activate
|
|
||||||
python3 -m pip install 'aiohttp>=3.9,<4' 'pytest>=8' 'pytest-asyncio>=0.23' 'ruff>=0.3' pyyaml
|
|
||||||
```
|
|
||||||
|
|
||||||
## Independent CLI Audit Contract
|
|
||||||
|
|
||||||
A reviewer should be able to run:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
git diff --stat
|
|
||||||
git diff -- lib/agent_routing.py lib/domains.py lib/evaluate.py lib/llm.py tests/
|
|
||||||
python3 -m pytest tests/test_agent_routing.py tests/test_evaluate_agent_routing.py
|
|
||||||
```
|
|
||||||
|
|
||||||
The audit should confirm:
|
|
||||||
|
|
||||||
- No direct production credentials are introduced.
|
|
||||||
- `decision-engine` is the target in docs/config where Phase 1b needs it.
|
|
||||||
- No old eval scripts are revived.
|
|
||||||
- Default Leo second-review is not silently preserved for all PRs.
|
|
||||||
- Multi-agent PRs require top 2 reviewer approvals.
|
|
||||||
|
|
||||||
## Outside-The-Box Fix Paths
|
|
||||||
|
|
||||||
If identity-scored keyword routing is too noisy:
|
|
||||||
|
|
||||||
- Use folder-first routing for strong path evidence and identity scoring only for ambiguous or cross-domain cases.
|
|
||||||
- Add a cheap LLM classifier in shadow mode only, comparing against deterministic router decisions.
|
|
||||||
- Require contributors/frontends to include an explicit domain or agent hint in PR metadata.
|
|
||||||
|
|
||||||
If live GitHub identity constraints block separate agent comments:
|
|
||||||
|
|
||||||
- Keep one master bot account and agent-specific verdict tags.
|
|
||||||
- Defer separate GitHub identities to Phase 2.
|
|
||||||
|
|
||||||
If staging VPS access is delayed:
|
|
||||||
|
|
||||||
- Use a disposable Hetzner clone when available.
|
|
||||||
- Use Crabbox or another remote test box for local dirty checkout proof.
|
|
||||||
- Use a mocked local fake GitHub/Forgejo API server for the eval loop.
|
|
||||||
|
|
||||||
## Maintenance Capture
|
|
||||||
|
|
||||||
Same-tranche maintenance that is justified now:
|
|
||||||
|
|
||||||
- Extract route scoring into a dedicated module if `lib/domains.py` would become too broad.
|
|
||||||
- Keep backward-compatible wrappers for existing `agent_for_domain` and `detect_domain_from_diff` until downstream callers are migrated.
|
|
||||||
- Add tests around the existing bug-prone batch grouping surface.
|
|
||||||
|
|
||||||
Maintenance to avoid now:
|
|
||||||
|
|
||||||
- Full Forgejo-to-GitHub daemon rewrite unless needed for the Phase 1b PR.
|
|
||||||
- Dashboard redesign.
|
|
||||||
- Contributor credit redesign beyond removing "Leo reviews every PR" assumptions.
|
|
||||||
- Separate GitHub identities per agent.
|
|
||||||
- Payment, wallet, Twitter, or decision-market work.
|
|
||||||
|
|
||||||
## Parallelization And Fanout
|
|
||||||
|
|
||||||
| Workstream | Classification | Owner | Notes |
|
|
||||||
| --- | --- | --- | --- |
|
|
||||||
| Agent identity router and tests | local_owner | Codex current turn | Core implementation surface. Do not fan out because it owns central route contract. |
|
|
||||||
| Eval layer integration and mocked tests | local_owner | Codex current turn | Needs tight coupling with router semantics. |
|
|
||||||
| Staging VPS clone proof | draft_gated | Fwaz or infrastructure owner | Requires VPS/provider access and secret quarantine. |
|
|
||||||
| GitHub identity model | draft_gated | Fwaz plus m3taversal | Deferred unless master bot account becomes unacceptable. |
|
|
||||||
| Dashboard/reporting polish | do_not_parallelize | Later | Avoid until route state contract is stable. |
|
|
||||||
|
|
||||||
### Workstream Sub-Spec: Agent Identity Router
|
|
||||||
|
|
||||||
Classification: local_owner
|
|
||||||
|
|
||||||
Owned files:
|
|
||||||
|
|
||||||
- `lib/agent_routing.py` if created.
|
|
||||||
- `lib/domains.py` compatibility wrappers.
|
|
||||||
- `tests/test_agent_routing.py`.
|
|
||||||
|
|
||||||
Forbidden files:
|
|
||||||
|
|
||||||
- `lib/evaluate.py` except imports needed for route type compatibility.
|
|
||||||
- Any runtime secrets.
|
|
||||||
- Any production config defaults outside route feature flags.
|
|
||||||
|
|
||||||
Binary done condition:
|
|
||||||
|
|
||||||
- Pure route function returns expected required agents for every row in the proof matrix.
|
|
||||||
- Tests prove deterministic top-2 behavior and fallback behavior.
|
|
||||||
|
|
||||||
Verification commands:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
python3 -m pytest tests/test_agent_routing.py
|
|
||||||
```
|
|
||||||
|
|
||||||
Non-claims:
|
|
||||||
|
|
||||||
- Does not prove PR comment posting.
|
|
||||||
- Does not prove production target wiring.
|
|
||||||
|
|
||||||
Prompt-ready handoff:
|
|
||||||
|
|
||||||
```text
|
|
||||||
implement phase 1b agent identity routing in teleo-infrastructure. own only route module and route tests. preserve compatibility wrappers. route decision must be pure, deterministic, evidence-bearing, and top-2 capped for cross-domain cases. do not touch production API or eval state transitions.
|
|
||||||
```
|
|
||||||
|
|
||||||
### Workstream Sub-Spec: Eval Integration
|
|
||||||
|
|
||||||
Classification: local_owner
|
|
||||||
|
|
||||||
Owned files:
|
|
||||||
|
|
||||||
- `lib/evaluate.py`
|
|
||||||
- `lib/llm.py`
|
|
||||||
- `lib/eval_parse.py` only if parser normalization is required.
|
|
||||||
- `tests/test_evaluate_agent_routing.py`
|
|
||||||
- `tests/test_eval_parse.py`
|
|
||||||
|
|
||||||
Forbidden files:
|
|
||||||
|
|
||||||
- Old deprecated eval shell scripts.
|
|
||||||
- Deploy scripts unless a feature flag must be exposed.
|
|
||||||
- Dashboard UI except parser-compatible health checks.
|
|
||||||
|
|
||||||
Binary done condition:
|
|
||||||
|
|
||||||
- With `PHASE1B_AGENT_ROUTING_ENABLED=true`, eval invokes only required reviewer agents.
|
|
||||||
- With flag disabled, prior behavior remains available.
|
|
||||||
- One request-changes verdict blocks aggregate approval.
|
|
||||||
- All approve verdicts continue to existing approval path.
|
|
||||||
|
|
||||||
Verification commands:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
python3 -m pytest tests/test_evaluate_agent_routing.py tests/test_eval_parse.py
|
|
||||||
```
|
|
||||||
|
|
||||||
Non-claims:
|
|
||||||
|
|
||||||
- Does not prove live GitHub or VPS behavior.
|
|
||||||
- Does not prove separate agent GitHub identities.
|
|
||||||
|
|
||||||
Prompt-ready handoff:
|
|
||||||
|
|
||||||
```text
|
|
||||||
wire phase 1b routing into teleo-infrastructure eval path behind a feature flag. use required agents from the route result, run agent-specific reviews, aggregate verdicts, and preserve merge/feedback semantics. do not revive deprecated scripts or remove rollback path.
|
|
||||||
```
|
|
||||||
|
|
||||||
### Workstream Sub-Spec: Staging Proof
|
|
||||||
|
|
||||||
Classification: draft_gated
|
|
||||||
|
|
||||||
Owned files and surfaces:
|
|
||||||
|
|
||||||
- Staging VPS or disposable remote test box.
|
|
||||||
- Sandbox `decision-engine` repo.
|
|
||||||
- Staging secrets.
|
|
||||||
- Machine-readable proof artifact.
|
|
||||||
|
|
||||||
Forbidden files and surfaces:
|
|
||||||
|
|
||||||
- Production VPS services.
|
|
||||||
- Production GitHub repo.
|
|
||||||
- Production secrets.
|
|
||||||
- Mainnet/payment/Twitter surfaces.
|
|
||||||
|
|
||||||
Binary done condition:
|
|
||||||
|
|
||||||
- Six single-domain PRs and one cross-domain PR produce expected required-agent verdicts and final dispositions in staging.
|
|
||||||
|
|
||||||
Verification commands:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
systemctl status teleo-pipeline
|
|
||||||
journalctl -u teleo-pipeline --since "1 hour ago"
|
|
||||||
sqlite3 /path/to/pipeline.db "select number, status, domain_agent, leo_verdict, domain_verdict from prs order by number desc limit 20;"
|
|
||||||
gh pr view --repo living-ip/decision-engine-sandbox PR_NUMBER --comments
|
|
||||||
```
|
|
||||||
|
|
||||||
Non-claims:
|
|
||||||
|
|
||||||
- Does not prove production 24-hour stability.
|
|
||||||
|
|
||||||
Prompt-ready handoff:
|
|
||||||
|
|
||||||
```text
|
|
||||||
create a quarantined staging proof for phase 1b. clone or provision a disposable server, disable production services and secrets before starting pipeline, point to a sandbox decision-engine repo, run six single-domain prs plus one cross-domain pr, and save a machine-readable proof artifact. do not mutate production.
|
|
||||||
```
|
|
||||||
|
|
||||||
Worker-ready ticket for later staging proof:
|
|
||||||
|
|
||||||
```text
|
|
||||||
title: phase 1b staging proof on cloned vps
|
|
||||||
owned surfaces: staging vps, sandbox decision-engine repo, staging secrets, proof artifact
|
|
||||||
forbidden surfaces: production vps services, production github repo, production secrets
|
|
||||||
done condition: six single-domain prs plus one cross-domain pr produce expected required-agent verdicts and final dispositions
|
|
||||||
verification commands: systemd status readback, pipeline log scrape, sqlite route query, github pr comment readback
|
|
||||||
non-claims: does not prove 24h production stability
|
|
||||||
preferred executor: human/fwaz with codex support
|
|
||||||
handoff: create staging clone, disable prod services, inject sandbox config, run phase 1b proof script, save machine-readable proof
|
|
||||||
```
|
|
||||||
|
|
||||||
## Acceptance Criteria
|
|
||||||
|
|
||||||
Local PR acceptance:
|
|
||||||
|
|
||||||
- Focused tests pass.
|
|
||||||
- Router returns correct single-agent routes.
|
|
||||||
- Router returns top-2 required agents for cross-domain cases.
|
|
||||||
- Eval layer invokes only required reviewer agents.
|
|
||||||
- Verdict aggregation handles all approve, request changes, transport failure, and missing verdict.
|
|
||||||
- Existing verdict format remains parseable.
|
|
||||||
- No production readiness claim is made.
|
|
||||||
|
|
||||||
Staging acceptance:
|
|
||||||
|
|
||||||
- Staging environment cannot mutate production.
|
|
||||||
- Six single-domain sandbox PRs complete.
|
|
||||||
- One cross-domain sandbox PR completes.
|
|
||||||
- Required reviewer agents match proof matrix.
|
|
||||||
- Proof artifact is retained.
|
|
||||||
|
|
||||||
Production exit:
|
|
||||||
|
|
||||||
- Exact reviewed SHA deployed.
|
|
||||||
- All six agents produce at least one verdict in their domain.
|
|
||||||
- At least one cross-domain PR proves top-2 review behavior.
|
|
||||||
- Pipeline stable for 24 hours.
|
|
||||||
|
|
||||||
## Readiness And Claim Boundaries
|
|
||||||
|
|
||||||
Allowed claims after local implementation:
|
|
||||||
|
|
||||||
- "Route logic is implemented and locally tested."
|
|
||||||
- "Mocked eval integration proves required-agent invocation and aggregation."
|
|
||||||
- "The implementation PR is ready for staging proof."
|
|
||||||
|
|
||||||
Forbidden claims after local implementation:
|
|
||||||
|
|
||||||
- "Phase 1b is complete."
|
|
||||||
- "Production is ready."
|
|
||||||
- "All six agents have demonstrated live review cycles."
|
|
||||||
- "The VPS is safely updated."
|
|
||||||
|
|
||||||
Allowed claims after staging proof:
|
|
||||||
|
|
||||||
- "Phase 1b passed sandbox staging proof."
|
|
||||||
- "The exact SHA is eligible for production cutover review."
|
|
||||||
|
|
||||||
Forbidden claims after staging proof:
|
|
||||||
|
|
||||||
- "Production is stable."
|
|
||||||
- "Live `decision-engine` PRs are proven."
|
|
||||||
|
|
||||||
Allowed claims after production 24-hour proof:
|
|
||||||
|
|
||||||
- "Phase 1b production exit criteria are met."
|
|
||||||
|
|
||||||
## Spec Quality Self-Audit
|
|
||||||
|
|
||||||
Required execution-grade headings present:
|
|
||||||
|
|
||||||
- Current Implementation Audit: present.
|
|
||||||
- Goal-Vs-Repo-Truth Diff: present.
|
|
||||||
- Completion Percent And Remaining Delta: present.
|
|
||||||
- Closure, Endpoint, And Deployment Truth: present.
|
|
||||||
- Critical Assumptions And Invalidators: present.
|
|
||||||
- State And Truth Contract: present.
|
|
||||||
- Measurement Contract: present.
|
|
||||||
- Backend Work Required: present.
|
|
||||||
- Frontend Work Required: present.
|
|
||||||
- Expected Runtime And User-Visible Behavior: present.
|
|
||||||
- Validation And Test Matrix: present.
|
|
||||||
- CI/CD, Release, And Pre-Push Gate Contract: present.
|
|
||||||
- Independent CLI Audit Contract: present.
|
|
||||||
- Outside-The-Box Fix Paths: present.
|
|
||||||
- Maintenance Capture: present.
|
|
||||||
- Parallelization And Fanout: present.
|
|
||||||
|
|
||||||
Additional spec-of-spec coverage:
|
|
||||||
|
|
||||||
- Product Outcome Contract: present.
|
|
||||||
- Non-Goals: present.
|
|
||||||
- Program Decomposition: present.
|
|
||||||
- Priority Matrix: present.
|
|
||||||
- Score-To-100 Closure Plan: present.
|
|
||||||
- Workstream sub-specs: present.
|
|
||||||
- Staging Proof Contract: present.
|
|
||||||
- Rollback contract: present.
|
|
||||||
|
|
||||||
Known incompleteness:
|
|
||||||
|
|
||||||
- This spec cannot name the exact production deploy command until Fwaz or VPS truth confirms it.
|
|
||||||
- This spec cannot name the exact sandbox repo until the operator creates or selects it.
|
|
||||||
- This spec cannot prove whether production daemon code exactly matches local `teleo-infrastructure` until VPS readback exists.
|
|
||||||
|
|
||||||
## Assistant-Added Caveats
|
|
||||||
|
|
||||||
This spec intentionally expands B1/B2 from folder-domain routing to identity-scored agent routing because m3taversal clarified that agent identities should route and folders are only signals. That is the right product interpretation, but it increases implementation scope versus the original simple path classifier.
|
|
||||||
|
|
||||||
This spec does not claim production readiness without staging or VPS proof.
|
|
||||||
|
|
@ -1,31 +0,0 @@
|
||||||
# Phase 1b Spec Index
|
|
||||||
|
|
||||||
Status: active draft
|
|
||||||
Parent spec: `docs/phase1b-agent-routing-spec.md`
|
|
||||||
|
|
||||||
## Scope
|
|
||||||
|
|
||||||
Phase 1b is the `decision-engine` PR evaluation router. It sends each KB mutation to the owning Hermes agent identity, supports top-2 cross-domain review, posts parseable `VERDICT:AGENT:*` comments through one master bot account, preserves existing merge or feedback behavior, and proves the change in staging before production cutover.
|
|
||||||
|
|
||||||
## Specs
|
|
||||||
|
|
||||||
| Workstream | Spec | Implementation posture |
|
|
||||||
| --- | --- | --- |
|
|
||||||
| Agent identity router | `docs/phase1b/agent-identity-router-spec.md` | ready_now |
|
|
||||||
| Eval pipeline integration | `docs/phase1b/eval-pipeline-integration-spec.md` | ready_now after router contract freezes |
|
|
||||||
| GitHub identity and bot comments | `docs/phase1b/github-identity-bot-posture-spec.md` | ready_now after canonical target config freezes |
|
|
||||||
| Reporting and contributor compatibility | `docs/phase1b/reporting-contributor-compatibility-spec.md` | ready_now after verdict state shape freezes |
|
|
||||||
| Staging proof | `docs/phase1b/staging-proof-spec.md` | draft_gated on staging/VPS or disposable remote access |
|
|
||||||
| Staging blocker | `docs/phase1b/staging-blocker.json` | external_only |
|
|
||||||
|
|
||||||
## Execution Order
|
|
||||||
|
|
||||||
1. Implement router contract and tests.
|
|
||||||
2. Wire eval pipeline to required reviewer agents under a feature flag.
|
|
||||||
3. Route comments through the canonical GitHub target with idempotency markers.
|
|
||||||
4. Update reporting and contributor accounting to read reviewer sets rather than fixed Leo plus domain slots.
|
|
||||||
5. Run staging proof on a clone or disposable remote target before production cutover.
|
|
||||||
|
|
||||||
## Claim Boundary
|
|
||||||
|
|
||||||
These specs plus the Phase 1b branch prove only local implementation behavior. A production completion claim requires merged code, passing tests, staging proof, exact production SHA deployment, Leo signoff, and 24-hour production daemon stability.
|
|
||||||
|
|
@ -1,338 +0,0 @@
|
||||||
# Phase 1b Child Spec: Agent Identity Router
|
|
||||||
|
|
||||||
Created: 2026-05-29
|
|
||||||
Status: active draft
|
|
||||||
Parent spec: `docs/phase1b-agent-routing-spec.md`
|
|
||||||
|
|
||||||
## Product Outcome Contract
|
|
||||||
|
|
||||||
The router decides which Hermes agent identity should review a `decision-engine` KB PR. It must route by agent ownership, with file paths as strong evidence but not the only source of truth.
|
|
||||||
|
|
||||||
## Goal
|
|
||||||
|
|
||||||
Implement a pure, deterministic, evidence-bearing route scorer that returns one or two required reviewer agents for a PR.
|
|
||||||
|
|
||||||
## Non-Goals
|
|
||||||
|
|
||||||
- Do not call paid LLMs for routing.
|
|
||||||
- Do not post PR comments.
|
|
||||||
- Do not mutate pipeline DB state.
|
|
||||||
- Do not deploy to VPS.
|
|
||||||
- Do not implement general user-input routing outside PR evaluation.
|
|
||||||
|
|
||||||
## Current Implementation Audit
|
|
||||||
|
|
||||||
Current relevant code:
|
|
||||||
|
|
||||||
- `lib/domains.py` contains `DOMAIN_AGENT_MAP`, `agent_for_domain`, `detect_domain_from_diff`, and `detect_domain_from_branch`.
|
|
||||||
- `lib/agent_routing.py` now owns the Phase 1b identity-scored route contract.
|
|
||||||
- The obsolete local `DomainRoute` folder-first draft and its draft tests were removed before this branch was committed.
|
|
||||||
- Cross-domain PRs now require the top 2 routed agents locally, with `route_kind="escalated"` when more than two agents scored.
|
|
||||||
|
|
||||||
Existing implementation truth:
|
|
||||||
|
|
||||||
- The repo already has domain detection that can be reused for path signals.
|
|
||||||
- The new route tests cover six primary agents, broadened ownership domains, top-2 cross-domain routing, fallback, and deterministic repeat behavior.
|
|
||||||
- The existing map includes adjacent domains such as `mechanisms`, `living-capital`, `living-agents`, `critical-systems`, `collective-intelligence`, `teleological-economics`, and `cultural-dynamics`.
|
|
||||||
- The product owner clarified that Phase 1b should use agent identities to route, not only folder names.
|
|
||||||
|
|
||||||
## Existing-Spec Inventory
|
|
||||||
|
|
||||||
| Existing doc | Relevance | Decision |
|
|
||||||
| --- | --- | --- |
|
|
||||||
| `docs/phase1b-agent-routing-spec.md` | Umbrella source of truth. | Reuse. |
|
|
||||||
| `docs/queue.md` | Notes `ai-alignment` domain evolution. | Reuse as a signal for Theseus ownership. |
|
|
||||||
| `docs/ARCHITECTURE.md` | Describes eval stage shape. | Context only. |
|
|
||||||
|
|
||||||
## Goal-Vs-Repo-Truth Diff
|
|
||||||
|
|
||||||
Goal:
|
|
||||||
|
|
||||||
- Return `AgentRoute` with `primary_agent`, `required_agents`, `route_kind`, `scores`, and `evidence`.
|
|
||||||
- Cap cross-domain routes at top 2 agents.
|
|
||||||
- Treat folders as evidence, not the complete classifier.
|
|
||||||
- Be testable without network, DB, GitHub, or LLM calls.
|
|
||||||
|
|
||||||
Repo truth:
|
|
||||||
|
|
||||||
- Existing classifier returns one folder-domain string or `None`.
|
|
||||||
- No scores, evidence, or top-2 agent set exist.
|
|
||||||
- Existing tests do not cover identity-broadened ownership.
|
|
||||||
|
|
||||||
## Completion Percent And Remaining Delta
|
|
||||||
|
|
||||||
Current completion on this branch: 100 percent for local route logic, 0 percent for staging route calibration.
|
|
||||||
|
|
||||||
Remaining delta:
|
|
||||||
|
|
||||||
1. Review the route weights against real recent `decision-engine` PRs.
|
|
||||||
2. Calibrate ambiguous keyword cases from staging evidence.
|
|
||||||
3. Decide whether escalated routes should remain top-2 total or become Leo plus top-2 later.
|
|
||||||
|
|
||||||
## Closure, Endpoint, And Deployment Truth
|
|
||||||
|
|
||||||
Local closure:
|
|
||||||
|
|
||||||
- Route tests pass.
|
|
||||||
- No network or DB dependency exists in route tests.
|
|
||||||
|
|
||||||
Staging closure:
|
|
||||||
|
|
||||||
- Staging proof artifact records route scores and evidence for seven sandbox PRs.
|
|
||||||
|
|
||||||
Production closure:
|
|
||||||
|
|
||||||
- Live PR audit rows show route evidence and required agents.
|
|
||||||
|
|
||||||
This child spec alone cannot prove staging or production behavior.
|
|
||||||
|
|
||||||
## Critical Assumptions And Invalidators
|
|
||||||
|
|
||||||
Assumptions:
|
|
||||||
|
|
||||||
- `decision-engine` file layout is close enough to current local clone for path signals to apply.
|
|
||||||
- Agent identity ownership from m3taversal is authoritative.
|
|
||||||
- Top-2 cap is acceptable for cross-domain cases.
|
|
||||||
|
|
||||||
Invalidators:
|
|
||||||
|
|
||||||
- Product owner changes cross-domain rule from top 2 to all touched agents.
|
|
||||||
- Agent ownership boundaries change materially.
|
|
||||||
- Production PR metadata lacks branch or changed-file data.
|
|
||||||
|
|
||||||
## State And Truth Contract
|
|
||||||
|
|
||||||
Route output schema:
|
|
||||||
|
|
||||||
```python
|
|
||||||
AgentRoute(
|
|
||||||
primary_agent="Rio",
|
|
||||||
required_agents=("Rio",),
|
|
||||||
route_kind="single",
|
|
||||||
scores={"Leo": 0, "Theseus": 1, "Rio": 9, "Vida": 0, "Clay": 0, "Astra": 0},
|
|
||||||
evidence=[
|
|
||||||
{"agent": "Rio", "signal": "path", "weight": 8, "value": "domains/internet-finance/foo.md"}
|
|
||||||
],
|
|
||||||
fallback=False,
|
|
||||||
)
|
|
||||||
```
|
|
||||||
|
|
||||||
`route_kind` values:
|
|
||||||
|
|
||||||
- `single`
|
|
||||||
- `multi`
|
|
||||||
- `fallback`
|
|
||||||
- `escalated`
|
|
||||||
|
|
||||||
`required_agents` must never contain more than two agents in Phase 1b.
|
|
||||||
|
|
||||||
## Measurement Contract
|
|
||||||
|
|
||||||
Required route fixture cases:
|
|
||||||
|
|
||||||
| Fixture | Expected |
|
|
||||||
| --- | --- |
|
|
||||||
| `domains/grand-strategy/foo.md` | Leo |
|
|
||||||
| `domains/ai-alignment/foo.md` | Theseus |
|
|
||||||
| `domains/internet-finance/foo.md` | Rio |
|
|
||||||
| `domains/health/foo.md` | Vida |
|
|
||||||
| `domains/entertainment/foo.md` | Clay |
|
|
||||||
| `domains/space-development/foo.md` | Astra |
|
|
||||||
| `domains/energy/foo.md` | Astra |
|
|
||||||
| `domains/robotics/foo.md` | Astra |
|
|
||||||
| `domains/manufacturing/foo.md` | Astra |
|
|
||||||
| `core/living-capital/foo.md` | Rio |
|
|
||||||
| `core/living-agents/foo.md` | Theseus |
|
|
||||||
| `foundations/cultural-dynamics/foo.md` | Clay |
|
|
||||||
| AI plus x402 diff | Theseus and Rio |
|
|
||||||
| collective AI goals diff | Leo and Theseus |
|
|
||||||
|
|
||||||
Minimum quality metrics:
|
|
||||||
|
|
||||||
- `route_fixture_pass_rate = 100 percent`
|
|
||||||
- `fallback_count = 0` for known fixtures
|
|
||||||
- deterministic repeat count: same input returns same result 100 times
|
|
||||||
|
|
||||||
## Backend Work Required
|
|
||||||
|
|
||||||
Owned files:
|
|
||||||
|
|
||||||
- `lib/agent_routing.py`
|
|
||||||
- `lib/domains.py`
|
|
||||||
- `tests/test_agent_routing.py`
|
|
||||||
|
|
||||||
Implementation steps:
|
|
||||||
|
|
||||||
1. Move new identity routing into `lib/agent_routing.py`.
|
|
||||||
2. Keep `lib/domains.py` as compatibility for domain-oriented callers.
|
|
||||||
3. Define `AGENT_ORDER = ("Leo", "Theseus", "Rio", "Vida", "Clay", "Astra")`.
|
|
||||||
4. Define identity signals per agent.
|
|
||||||
5. Add path signal extraction for `domains`, `entities`, `core`, `foundations`, and `agents`.
|
|
||||||
6. Add branch prefix signal extraction.
|
|
||||||
7. Add capped keyword scoring from filenames and diff text.
|
|
||||||
8. Add top-2 selection rule.
|
|
||||||
9. Add fallback to Leo.
|
|
||||||
10. Add tests.
|
|
||||||
|
|
||||||
Forbidden files:
|
|
||||||
|
|
||||||
- `lib/evaluate.py`
|
|
||||||
- `lib/llm.py`
|
|
||||||
- deploy scripts
|
|
||||||
- secrets or runtime config outside route feature flag wiring
|
|
||||||
|
|
||||||
## Frontend Work Required
|
|
||||||
|
|
||||||
None.
|
|
||||||
|
|
||||||
## Expected Runtime And User-Visible Behavior
|
|
||||||
|
|
||||||
The router itself has no user-visible UI. Its behavior becomes visible through audit logs, PR comment reviewer selection, and proof artifacts.
|
|
||||||
|
|
||||||
Example:
|
|
||||||
|
|
||||||
```text
|
|
||||||
input: domains/internet-finance/x402-agent-payments.md
|
|
||||||
output: required_agents = ["Rio"]
|
|
||||||
```
|
|
||||||
|
|
||||||
Cross-domain example:
|
|
||||||
|
|
||||||
```text
|
|
||||||
input: ai systems claim plus x402 payment claim
|
|
||||||
output: required_agents = ["Theseus", "Rio"]
|
|
||||||
```
|
|
||||||
|
|
||||||
## Validation And Test Matrix
|
|
||||||
|
|
||||||
Commands:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
python3 -m pytest tests/test_agent_routing.py
|
|
||||||
python3 -m ruff check lib/agent_routing.py lib/domains.py tests/test_agent_routing.py
|
|
||||||
git diff --check
|
|
||||||
```
|
|
||||||
|
|
||||||
Test classes:
|
|
||||||
|
|
||||||
- primary ownership routes
|
|
||||||
- broadened ownership routes
|
|
||||||
- branch fallback routes
|
|
||||||
- keyword routes
|
|
||||||
- top-2 cross-domain routes
|
|
||||||
- fallback routes
|
|
||||||
- deterministic tie-breaking
|
|
||||||
- compatibility wrapper behavior
|
|
||||||
|
|
||||||
## CI/CD, Release, And Pre-Push Gate Contract
|
|
||||||
|
|
||||||
Before PR:
|
|
||||||
|
|
||||||
- Route tests pass locally.
|
|
||||||
- No production config defaults change.
|
|
||||||
- No network dependency enters route tests.
|
|
||||||
|
|
||||||
Before staging:
|
|
||||||
|
|
||||||
- Eval integration spec consumes the route result without modifying route internals.
|
|
||||||
|
|
||||||
Before production:
|
|
||||||
|
|
||||||
- Route evidence appears in staging proof artifact.
|
|
||||||
|
|
||||||
## Independent CLI Audit Contract
|
|
||||||
|
|
||||||
Reviewer commands:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
git diff -- lib/agent_routing.py lib/domains.py tests/test_agent_routing.py
|
|
||||||
python3 -m pytest tests/test_agent_routing.py
|
|
||||||
```
|
|
||||||
|
|
||||||
Reviewer checks:
|
|
||||||
|
|
||||||
- Route function is pure.
|
|
||||||
- Scores are explainable.
|
|
||||||
- Top-2 cap is enforced.
|
|
||||||
- Folder paths are not the only signal.
|
|
||||||
- Old callers still work or have a clear migration path.
|
|
||||||
|
|
||||||
## Outside-The-Box Fix Paths
|
|
||||||
|
|
||||||
If keyword scoring is noisy:
|
|
||||||
|
|
||||||
- Disable diff keyword scoring and use path plus branch only.
|
|
||||||
- Use LLM classifier in shadow mode only.
|
|
||||||
- Add explicit PR label or frontmatter hint later.
|
|
||||||
|
|
||||||
If identity boundaries are ambiguous:
|
|
||||||
|
|
||||||
- Prefer top-2 over fallback when two agents have meaningful scores.
|
|
||||||
- Log route evidence for later calibration.
|
|
||||||
|
|
||||||
## Maintenance Capture
|
|
||||||
|
|
||||||
Beneficial now:
|
|
||||||
|
|
||||||
- Keep route logic out of `lib/evaluate.py`.
|
|
||||||
- Keep compatibility wrappers narrow.
|
|
||||||
|
|
||||||
Avoid now:
|
|
||||||
|
|
||||||
- Large domain taxonomy rewrite.
|
|
||||||
- Dashboard UI changes.
|
|
||||||
- Paid classifier calls.
|
|
||||||
|
|
||||||
## Parallelization And Fanout
|
|
||||||
|
|
||||||
Classification: local_owner.
|
|
||||||
|
|
||||||
Do not fan out implementation. This module is a root contract consumed by eval integration.
|
|
||||||
|
|
||||||
Worker-ready prompt:
|
|
||||||
|
|
||||||
```text
|
|
||||||
implement the phase 1b agent identity router in teleo-infrastructure. own lib/agent_routing.py, lib/domains.py compatibility wrappers, and route tests only. make the route function pure, deterministic, evidence-bearing, and capped at top 2 required agents. do not touch eval integration or deploy code.
|
|
||||||
```
|
|
||||||
|
|
||||||
## Acceptance Criteria
|
|
||||||
|
|
||||||
- All required route fixtures pass.
|
|
||||||
- Route result includes primary agent, required agents, route kind, scores, evidence, and fallback status.
|
|
||||||
- Cross-domain route never requires more than two agents.
|
|
||||||
- No LLM, network, DB, or GitHub calls occur in the router.
|
|
||||||
|
|
||||||
## Readiness And Claim Boundaries
|
|
||||||
|
|
||||||
Allowed claim:
|
|
||||||
|
|
||||||
- "Agent identity routing is locally implemented and unit-tested."
|
|
||||||
|
|
||||||
Forbidden claim:
|
|
||||||
|
|
||||||
- "Phase 1b eval is complete."
|
|
||||||
|
|
||||||
## Spec Quality Self-Audit
|
|
||||||
|
|
||||||
Required headings present:
|
|
||||||
|
|
||||||
- Current Implementation Audit: present.
|
|
||||||
- Goal-Vs-Repo-Truth Diff: present.
|
|
||||||
- Completion Percent And Remaining Delta: present.
|
|
||||||
- Closure, Endpoint, And Deployment Truth: present.
|
|
||||||
- Critical Assumptions And Invalidators: present.
|
|
||||||
- State And Truth Contract: present.
|
|
||||||
- Measurement Contract: present.
|
|
||||||
- Backend Work Required: present.
|
|
||||||
- Frontend Work Required: present.
|
|
||||||
- Expected Runtime And User-Visible Behavior: present.
|
|
||||||
- Validation And Test Matrix: present.
|
|
||||||
- CI/CD, Release, And Pre-Push Gate Contract: present.
|
|
||||||
- Independent CLI Audit Contract: present.
|
|
||||||
- Outside-The-Box Fix Paths: present.
|
|
||||||
- Maintenance Capture: present.
|
|
||||||
- Parallelization And Fanout: present.
|
|
||||||
|
|
||||||
## Assistant-Added Caveats
|
|
||||||
|
|
||||||
This child spec intentionally keeps routing deterministic and no-spend. That may be less semantically smart than an LLM classifier, but it is the right first implementation for Phase 1b because it is testable, cheap, and auditable.
|
|
||||||
|
|
@ -1,343 +0,0 @@
|
||||||
# Phase 1b Child Spec: Eval Pipeline Integration
|
|
||||||
|
|
||||||
Created: 2026-05-29
|
|
||||||
Status: active draft
|
|
||||||
Parent spec: `docs/phase1b-agent-routing-spec.md`
|
|
||||||
|
|
||||||
## Product Outcome Contract
|
|
||||||
|
|
||||||
Pipeline-v2 must use the Phase 1b route result to run the required Hermes agent reviews for a `decision-engine` PR. The old default shape where every non-LIGHT PR receives a domain review plus Leo review must be bypassed when Phase 1b routing is enabled.
|
|
||||||
|
|
||||||
## Goal
|
|
||||||
|
|
||||||
Integrate agent identity routing into `lib/evaluate.py` behind a feature flag, run one or two required reviewer agents, aggregate verdicts, and preserve existing merge or feedback behavior.
|
|
||||||
|
|
||||||
## Non-Goals
|
|
||||||
|
|
||||||
- Do not remove the old eval path until staging proof exists.
|
|
||||||
- Do not rewrite the full Forgejo/GitHub API abstraction.
|
|
||||||
- Do not redesign dashboards.
|
|
||||||
- Do not implement separate GitHub identities.
|
|
||||||
- Do not change extraction or validation behavior except as needed for eval tests.
|
|
||||||
|
|
||||||
## Current Implementation Audit
|
|
||||||
|
|
||||||
Current relevant code:
|
|
||||||
|
|
||||||
- `lib/evaluate.py::evaluate_pr` owns single PR evaluation.
|
|
||||||
- `lib/evaluate.py::evaluate_cycle` selects eligible PRs.
|
|
||||||
- `_build_domain_batches` groups STANDARD PRs by DB domain before fetching diffs.
|
|
||||||
- `_run_batch_domain_eval` runs batch domain reviews, then individual Leo reviews.
|
|
||||||
- `run_domain_review` in `lib/llm.py` prompts a domain expert through OpenRouter.
|
|
||||||
- `run_leo_review` in `lib/llm.py` prompts Leo through OpenRouter or Claude path depending on tier.
|
|
||||||
- `parse_verdict` in `lib/eval_parse.py` parses reviewer-specific verdict tags.
|
|
||||||
- `approve_pr`, `reopen_pr`, `close_pr`, and `start_review` handle state transitions.
|
|
||||||
|
|
||||||
Current behavior:
|
|
||||||
|
|
||||||
- Diff path detects a domain.
|
|
||||||
- `agent_for_domain(domain)` selects one domain agent.
|
|
||||||
- Domain review runs first.
|
|
||||||
- Leo review runs after domain approval for non-LIGHT PRs.
|
|
||||||
- `leo_verdict` and `domain_verdict` are the stored verdict fields.
|
|
||||||
- Contributor credit logic assumes Leo can be one evaluator and `domain_agent` can be the other.
|
|
||||||
|
|
||||||
## Existing-Spec Inventory
|
|
||||||
|
|
||||||
| Existing doc | Relevance | Decision |
|
|
||||||
| --- | --- | --- |
|
|
||||||
| `docs/phase1b-agent-routing-spec.md` | Parent route and eval contract. | Reuse. |
|
|
||||||
| `docs/ARCHITECTURE.md` | Existing pipeline stage model. | Reuse as baseline. |
|
|
||||||
| `docs/multi-model-eval-architecture.md` | Prior Leo-plus-second-model design. | Supersede for Phase 1b eval path only. |
|
|
||||||
| `handoff/deprecated/eval-scripts.md` | Confirms shell eval scripts are dead. | Reuse to avoid wrong surface. |
|
|
||||||
|
|
||||||
## Goal-Vs-Repo-Truth Diff
|
|
||||||
|
|
||||||
Goal:
|
|
||||||
|
|
||||||
- `evaluate_pr` calls the route scorer.
|
|
||||||
- Required agents are the only reviewer agents.
|
|
||||||
- One required agent means one review.
|
|
||||||
- Two required agents means two reviews and aggregate verdict.
|
|
||||||
- Default Leo second-review is removed when the feature flag is enabled.
|
|
||||||
- Old behavior remains available when the feature flag is disabled.
|
|
||||||
|
|
||||||
Branch truth:
|
|
||||||
|
|
||||||
- Legacy eval is still available when the feature flag is false.
|
|
||||||
- When the feature flag is true, eval invokes the identity route, runs required agents only, writes `review_records`, and projects aggregate state back into legacy `leo_verdict` and `domain_verdict` columns.
|
|
||||||
- Batch eval is disabled while the feature flag is true because stale DB-domain grouping is not route-aware.
|
|
||||||
- `run_agent_review` exists, but it uses prompt-level identity context rather than loading full KB identity/belief/reasoning files.
|
|
||||||
|
|
||||||
## Completion Percent And Remaining Delta
|
|
||||||
|
|
||||||
Current completion on this branch: 75 percent local implementation behind a default-off feature flag.
|
|
||||||
|
|
||||||
Remaining delta:
|
|
||||||
|
|
||||||
1. Decide direct GitHub `decision-engine` comment transport versus Forgejo-first cutover compatibility.
|
|
||||||
2. Prove with staging PRs and real daemon logs.
|
|
||||||
3. Update contributor/dashboard assumptions only where staging or tests prove breakage.
|
|
||||||
|
|
||||||
## Closure, Endpoint, And Deployment Truth
|
|
||||||
|
|
||||||
Local closure:
|
|
||||||
|
|
||||||
- Mocked eval tests prove route-to-review-to-aggregate behavior.
|
|
||||||
|
|
||||||
Staging closure:
|
|
||||||
|
|
||||||
- Staging sandbox PRs receive expected comments and DB state transitions.
|
|
||||||
|
|
||||||
Production closure:
|
|
||||||
|
|
||||||
- Live `decision-engine` PRs are handled by Phase 1b route path for 24 hours.
|
|
||||||
|
|
||||||
This spec cannot claim production closure without VPS proof.
|
|
||||||
|
|
||||||
## Critical Assumptions And Invalidators
|
|
||||||
|
|
||||||
Assumptions:
|
|
||||||
|
|
||||||
- Feature flag rollback is acceptable.
|
|
||||||
- Existing state fields can support Phase 1b initially by storing primary agent in `domain_agent` and aggregate details in audit rows.
|
|
||||||
- A DB schema migration is avoidable for the first PR.
|
|
||||||
- Master bot comments with `VERDICT:AGENT:*` are acceptable.
|
|
||||||
|
|
||||||
Invalidators:
|
|
||||||
|
|
||||||
- Downstream merge logic requires formal reviews from separate GitHub users.
|
|
||||||
- Dashboards or contributor credit fail hard when Leo is not present.
|
|
||||||
- Batch eval cannot be safely disabled and must be route-aware from day one.
|
|
||||||
- Production env cannot set feature flags.
|
|
||||||
|
|
||||||
## State And Truth Contract
|
|
||||||
|
|
||||||
Feature flag:
|
|
||||||
|
|
||||||
```text
|
|
||||||
PHASE1B_AGENT_ROUTING_ENABLED=false
|
|
||||||
```
|
|
||||||
|
|
||||||
When false:
|
|
||||||
|
|
||||||
- Existing eval behavior continues.
|
|
||||||
|
|
||||||
When true:
|
|
||||||
|
|
||||||
- Eval route is built for every non-bypass PR.
|
|
||||||
- Audit log records route JSON.
|
|
||||||
- Required agent reviews run.
|
|
||||||
- Aggregate verdict determines approval or feedback.
|
|
||||||
|
|
||||||
Minimal DB field use:
|
|
||||||
|
|
||||||
- `domain`: keep route primary domain or `multi`.
|
|
||||||
- `domain_agent`: keep primary agent.
|
|
||||||
- `domain_verdict`: keep aggregate non-Leo review verdict or aggregate verdict.
|
|
||||||
- `leo_verdict`: set `skipped` unless Leo is a required agent; if Leo is required, store Leo verdict.
|
|
||||||
- `review_records`: write one row per required reviewer attempt with reviewer agent, model, outcome, and notes.
|
|
||||||
- review comments include a `PHASE1B_REVIEW` marker and the current local helper suppresses duplicate posts for the same PR and agent.
|
|
||||||
- audit log: route and all per-agent verdicts.
|
|
||||||
|
|
||||||
This is a compatibility posture, not the ideal long-term schema.
|
|
||||||
|
|
||||||
## Measurement Contract
|
|
||||||
|
|
||||||
Required local assertions:
|
|
||||||
|
|
||||||
- Phase 1b flag disabled uses old runner calls.
|
|
||||||
- Phase 1b flag enabled calls `run_agent_review` once for single route.
|
|
||||||
- Phase 1b flag enabled calls `run_agent_review` twice for multi route.
|
|
||||||
- `run_leo_review` is not called unless Leo is in `required_agents`.
|
|
||||||
- all approve returns approved aggregate.
|
|
||||||
- one request changes returns feedback aggregate.
|
|
||||||
- transport failure reopens for retry.
|
|
||||||
- retry after a partial multi-agent success does not duplicate existing posted verdict comments.
|
|
||||||
|
|
||||||
## Backend Work Required
|
|
||||||
|
|
||||||
Owned files:
|
|
||||||
|
|
||||||
- `lib/evaluate.py`
|
|
||||||
- `lib/llm.py`
|
|
||||||
- `lib/config.py`
|
|
||||||
- `lib/eval_parse.py` only if parser compatibility needs explicit tests or normalization.
|
|
||||||
- `tests/test_evaluate_agent_routing.py`
|
|
||||||
- `tests/test_eval_parse.py`
|
|
||||||
|
|
||||||
Implementation steps:
|
|
||||||
|
|
||||||
1. Add `PHASE1B_AGENT_ROUTING_ENABLED` to `lib/config.py`.
|
|
||||||
2. Import route scorer.
|
|
||||||
3. Add `run_agent_review` in `lib/llm.py`.
|
|
||||||
4. Add helper to load agent context from KB worktree.
|
|
||||||
5. Add `aggregate_agent_verdicts`.
|
|
||||||
6. In `evaluate_pr`, after bypasses and diff filtering, branch into Phase 1b path when flag is true.
|
|
||||||
7. In Phase 1b path, run required reviews and post comments through the existing API helper.
|
|
||||||
8. Update DB fields conservatively.
|
|
||||||
9. Write `review_records` rows for each required reviewer attempt.
|
|
||||||
10. Preserve old logic under flag false.
|
|
||||||
11. Disable `_build_domain_batches` while flag is true or make it route-aware.
|
|
||||||
|
|
||||||
Forbidden files:
|
|
||||||
|
|
||||||
- Deprecated eval shell scripts.
|
|
||||||
- Deployment scripts unless needed for documenting the flag.
|
|
||||||
- Runtime secrets.
|
|
||||||
|
|
||||||
## Frontend Work Required
|
|
||||||
|
|
||||||
None.
|
|
||||||
|
|
||||||
## Expected Runtime And User-Visible Behavior
|
|
||||||
|
|
||||||
Single-agent example:
|
|
||||||
|
|
||||||
```text
|
|
||||||
PR touches internet finance.
|
|
||||||
route.required_agents = ["Rio"]
|
|
||||||
pipeline posts a Rio verdict.
|
|
||||||
merge proceeds if Rio approves.
|
|
||||||
```
|
|
||||||
|
|
||||||
Cross-agent example:
|
|
||||||
|
|
||||||
```text
|
|
||||||
PR touches AI systems and x402 payments.
|
|
||||||
route.required_agents = ["Theseus", "Rio"]
|
|
||||||
pipeline posts Theseus and Rio verdicts.
|
|
||||||
merge proceeds only if both approve.
|
|
||||||
```
|
|
||||||
|
|
||||||
Fallback example:
|
|
||||||
|
|
||||||
```text
|
|
||||||
PR cannot be confidently routed.
|
|
||||||
route.required_agents = ["Leo"]
|
|
||||||
pipeline posts Leo verdict.
|
|
||||||
route_kind = fallback is audited.
|
|
||||||
```
|
|
||||||
|
|
||||||
## Validation And Test Matrix
|
|
||||||
|
|
||||||
Commands:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
python3 -m pytest tests/test_evaluate_agent_routing.py tests/test_eval_parse.py
|
|
||||||
python3 -m ruff check lib/evaluate.py lib/llm.py lib/config.py tests/test_evaluate_agent_routing.py
|
|
||||||
git diff --check
|
|
||||||
```
|
|
||||||
|
|
||||||
Test cases:
|
|
||||||
|
|
||||||
- flag-off old behavior smoke
|
|
||||||
- flag-on single reviewer approve
|
|
||||||
- flag-on single reviewer request changes
|
|
||||||
- flag-on two reviewer approve
|
|
||||||
- flag-on two reviewer one reject
|
|
||||||
- missing verdict
|
|
||||||
- transport failure
|
|
||||||
- Leo required route
|
|
||||||
- Leo not required route
|
|
||||||
- batch disabled or route-aware under flag
|
|
||||||
|
|
||||||
## CI/CD, Release, And Pre-Push Gate Contract
|
|
||||||
|
|
||||||
Before PR:
|
|
||||||
|
|
||||||
- Focused tests pass.
|
|
||||||
- Old behavior remains behind flag false.
|
|
||||||
- No production default flips to true.
|
|
||||||
|
|
||||||
Before staging:
|
|
||||||
|
|
||||||
- Operator can enable flag in staging env.
|
|
||||||
- Sandbox repo target is configured.
|
|
||||||
|
|
||||||
Before production:
|
|
||||||
|
|
||||||
- Staging proof artifact exists.
|
|
||||||
- Rollback command is known.
|
|
||||||
|
|
||||||
## Independent CLI Audit Contract
|
|
||||||
|
|
||||||
Reviewer commands:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
git diff -- lib/evaluate.py lib/llm.py lib/config.py tests/test_evaluate_agent_routing.py
|
|
||||||
python3 -m pytest tests/test_evaluate_agent_routing.py
|
|
||||||
```
|
|
||||||
|
|
||||||
Reviewer checks:
|
|
||||||
|
|
||||||
- No deprecated scripts revived.
|
|
||||||
- No secrets introduced.
|
|
||||||
- Feature flag false preserves old path.
|
|
||||||
- Feature flag true bypasses default Leo second-review.
|
|
||||||
- Cross-domain aggregate requires all required reviewers to approve.
|
|
||||||
|
|
||||||
## Outside-The-Box Fix Paths
|
|
||||||
|
|
||||||
If compatibility fields become confusing:
|
|
||||||
|
|
||||||
- Add a narrow DB migration for `route_json` and `agent_verdicts_json`.
|
|
||||||
|
|
||||||
If batch eval blocks safe integration:
|
|
||||||
|
|
||||||
- Disable batch eval under Phase 1b flag for one release.
|
|
||||||
|
|
||||||
If LLM review prompts get too large:
|
|
||||||
|
|
||||||
- Load only identity plus beliefs first, then add reasoning/skills later.
|
|
||||||
|
|
||||||
## Maintenance Capture
|
|
||||||
|
|
||||||
Beneficial now:
|
|
||||||
|
|
||||||
- Isolate Phase 1b logic into helpers instead of expanding `evaluate_pr` deeply.
|
|
||||||
- Keep rollback path explicit.
|
|
||||||
|
|
||||||
Avoid now:
|
|
||||||
|
|
||||||
- Full eval architecture rewrite.
|
|
||||||
- Dashboard redesign.
|
|
||||||
- Broad DB migration unless tests require it.
|
|
||||||
|
|
||||||
## Parallelization And Fanout
|
|
||||||
|
|
||||||
Classification: local_owner.
|
|
||||||
|
|
||||||
Do not fan out before the router contract lands. Eval integration depends tightly on route result semantics.
|
|
||||||
|
|
||||||
Worker-ready prompt:
|
|
||||||
|
|
||||||
```text
|
|
||||||
wire phase 1b routing into teleo-infrastructure eval behind PHASE1B_AGENT_ROUTING_ENABLED. own lib/evaluate.py, lib/llm.py, lib/config.py, and mocked eval tests. run required agents from the route result, aggregate verdicts, preserve old behavior when the flag is false, and do not revive deprecated scripts.
|
|
||||||
```
|
|
||||||
|
|
||||||
## Acceptance Criteria
|
|
||||||
|
|
||||||
- Flag false path remains available.
|
|
||||||
- Flag true path runs required agents only.
|
|
||||||
- One or two verdicts aggregate correctly.
|
|
||||||
- Existing merge or feedback path is preserved.
|
|
||||||
- Focused mocked tests pass.
|
|
||||||
|
|
||||||
## Readiness And Claim Boundaries
|
|
||||||
|
|
||||||
Allowed claim:
|
|
||||||
|
|
||||||
- "Phase 1b eval integration is locally tested behind a feature flag."
|
|
||||||
|
|
||||||
Forbidden claim:
|
|
||||||
|
|
||||||
- "Phase 1b is live."
|
|
||||||
|
|
||||||
## Spec Quality Self-Audit
|
|
||||||
|
|
||||||
All required execution-grade headings are present. This spec intentionally defers exact production commands to the staging/proof child spec because they depend on VPS truth.
|
|
||||||
|
|
||||||
## Assistant-Added Caveats
|
|
||||||
|
|
||||||
The compatibility use of `domain_verdict` and `leo_verdict` is a pragmatic Phase 1b bridge. A cleaner route schema may be worth adding after staging proof, but a premature migration would widen the blast radius.
|
|
||||||
|
|
@ -1,296 +0,0 @@
|
||||||
# Phase 1b Child Spec: GitHub Identity And Bot Posture
|
|
||||||
|
|
||||||
Created: 2026-05-29
|
|
||||||
Status: active draft
|
|
||||||
Parent spec: `docs/phase1b-agent-routing-spec.md`
|
|
||||||
|
|
||||||
## Product Outcome Contract
|
|
||||||
|
|
||||||
Phase 1b must post agent-specific verdicts for `decision-engine` PRs without requiring six separate GitHub accounts. Agent identity is represented in the comment content and verdict tags, while a single master bot account owns transport.
|
|
||||||
|
|
||||||
## Goal
|
|
||||||
|
|
||||||
Define and implement the minimum GitHub identity and comment transport posture for Phase 1b:
|
|
||||||
|
|
||||||
- canonical target is `living-ip/decision-engine`;
|
|
||||||
- one master bot token is acceptable;
|
|
||||||
- verdict comments preserve `VERDICT:AGENT:*`;
|
|
||||||
- duplicate comments are prevented;
|
|
||||||
- old Forgejo or mirror behavior remains rollback-safe until staging proof.
|
|
||||||
|
|
||||||
## Non-Goals
|
|
||||||
|
|
||||||
- Do not create separate GitHub users for all agents.
|
|
||||||
- Do not require GitHub branch protection to count separate formal reviewers in Phase 1b.
|
|
||||||
- Do not rewrite every Forgejo-named helper unless needed for Phase 1b comments.
|
|
||||||
- Do not redesign contributor credit.
|
|
||||||
- Do not revive deprecated eval shell scripts.
|
|
||||||
|
|
||||||
## Current Implementation Audit
|
|
||||||
|
|
||||||
Current truth:
|
|
||||||
|
|
||||||
- `pipeline-health-check.py` targets `https://api.github.com/repos/living-ip/decision-engine`.
|
|
||||||
- `research/research-session.sh` targets GitHub `living-ip/decision-engine` and `github-admin-token`.
|
|
||||||
- `handoff/phase1-step3-script-migration.md` documents Phase 1 single `livingIPbot` posture and defers per-agent identities.
|
|
||||||
- `lib/config.py` still defaults to Forgejo `teleo/teleo-codex`.
|
|
||||||
- `lib/github_feedback.py` hardcodes `living-ip/teleo-codex` and reads `github-pat`, not `decision-engine` and `github-admin-token`.
|
|
||||||
- `lib/evaluate.py` posts review comments through Forgejo helpers and per-agent Forgejo tokens.
|
|
||||||
- `lib/github_feedback.py` is a mirror feedback channel keyed by `prs.github_pr`, not the canonical review transport.
|
|
||||||
- `deploy/sync-mirror.sh` still references `living-ip/teleo-codex`.
|
|
||||||
- Fwaz confirmed separate GitHub identities are ideal and blocked on GitHub/PAT setup; Phase 1b implementation should not wait on six distinct accounts if the pipeline can post parseable `VERDICT:AGENT:*` comments through the pipeline bot.
|
|
||||||
|
|
||||||
## Existing-Spec Inventory
|
|
||||||
|
|
||||||
| Existing doc | Relevance | Decision |
|
|
||||||
| --- | --- | --- |
|
|
||||||
| `docs/phase1b-agent-routing-spec.md` | Parent identity posture. | Reuse. |
|
|
||||||
| `handoff/phase1-step3-script-migration.md` | Documents single bot token and GitHub `decision-engine` migration for scripts. | Reuse. |
|
|
||||||
| `handoff/deprecated/eval-scripts.md` | Confirms old eval scripts should not be revived. | Reuse. |
|
|
||||||
|
|
||||||
## Goal-Vs-Repo-Truth Diff
|
|
||||||
|
|
||||||
Goal:
|
|
||||||
|
|
||||||
- One canonical GitHub target for Phase 1b: `living-ip/decision-engine`.
|
|
||||||
- One master bot token for Phase 1b comments.
|
|
||||||
- Agent identity lives in verdict tags and comment headings.
|
|
||||||
- Comment posting supports idempotency by PR, head SHA, and agent.
|
|
||||||
|
|
||||||
Repo truth:
|
|
||||||
|
|
||||||
- GitHub target and token names are split across files.
|
|
||||||
- Eval comments still use Forgejo helpers.
|
|
||||||
- GitHub feedback is non-fatal mirror feedback, not agent review transport.
|
|
||||||
|
|
||||||
## Completion Percent And Remaining Delta
|
|
||||||
|
|
||||||
Current completion: 15 percent.
|
|
||||||
|
|
||||||
Remaining delta:
|
|
||||||
|
|
||||||
1. Add explicit GitHub target config with staging override.
|
|
||||||
2. Normalize token file selection or document compatibility.
|
|
||||||
3. Add Phase 1b comment posting helper for GitHub `decision-engine`.
|
|
||||||
4. Add idempotency marker.
|
|
||||||
5. Add tests for URL target, token path, missing token, and duplicate prevention.
|
|
||||||
6. Decide direct GitHub mode versus Forgejo-mirror mode before staging.
|
|
||||||
|
|
||||||
## Closure, Endpoint, And Deployment Truth
|
|
||||||
|
|
||||||
Local closure:
|
|
||||||
|
|
||||||
- Tests prove comments target `living-ip/decision-engine` and token material is not logged.
|
|
||||||
|
|
||||||
Staging closure:
|
|
||||||
|
|
||||||
- Sandbox PR comments are posted by master bot with agent verdict tags.
|
|
||||||
|
|
||||||
Production closure:
|
|
||||||
|
|
||||||
- Live `decision-engine` PR comments are posted by master bot without duplicates.
|
|
||||||
|
|
||||||
## Critical Assumptions And Invalidators
|
|
||||||
|
|
||||||
Assumptions:
|
|
||||||
|
|
||||||
- One bot account is enough for Phase 1b.
|
|
||||||
- Agent identity in verdict content satisfies acceptance.
|
|
||||||
- Formal GitHub reviews from distinct accounts are not required now.
|
|
||||||
- Per-agent PATs can be added later without changing the route contract.
|
|
||||||
|
|
||||||
Invalidators:
|
|
||||||
|
|
||||||
- Branch protection requires distinct GitHub reviewer identities.
|
|
||||||
- GitHub org disallows the selected PAT or bot account.
|
|
||||||
- Production daemon must remain Forgejo-first for the cutover window.
|
|
||||||
- Direct GitHub PRs lack the DB linkage used by existing `github_feedback`.
|
|
||||||
|
|
||||||
## State And Truth Contract
|
|
||||||
|
|
||||||
Comment idempotency marker:
|
|
||||||
|
|
||||||
```text
|
|
||||||
<!-- PHASE1B_REVIEW:PR=123:SHA=abc123:AGENT=RIO -->
|
|
||||||
```
|
|
||||||
|
|
||||||
Verdict marker remains:
|
|
||||||
|
|
||||||
```text
|
|
||||||
<!-- VERDICT:RIO:APPROVE -->
|
|
||||||
```
|
|
||||||
|
|
||||||
Required config:
|
|
||||||
|
|
||||||
```python
|
|
||||||
GITHUB_OWNER = "living-ip"
|
|
||||||
GITHUB_REPO = "decision-engine"
|
|
||||||
GITHUB_TOKEN_FILE = SECRETS_DIR / "github-admin-token"
|
|
||||||
```
|
|
||||||
|
|
||||||
Staging must override repo or owner without code changes.
|
|
||||||
|
|
||||||
## Measurement Contract
|
|
||||||
|
|
||||||
Minimum tests:
|
|
||||||
|
|
||||||
- URL builder targets `https://api.github.com/repos/living-ip/decision-engine`.
|
|
||||||
- Staging override changes target.
|
|
||||||
- Missing token returns non-fatal failure and audit detail.
|
|
||||||
- Token value is never logged.
|
|
||||||
- Duplicate marker prevents repeat comment for same PR, SHA, and agent.
|
|
||||||
- Six agent verdict tags remain parseable.
|
|
||||||
|
|
||||||
## Backend Work Required
|
|
||||||
|
|
||||||
Owned files:
|
|
||||||
|
|
||||||
- `lib/github_feedback.py` or a new `lib/github_reviews.py`.
|
|
||||||
- `lib/config.py`.
|
|
||||||
- `lib/evaluate.py` only where the eval integration calls the comment helper.
|
|
||||||
- `tests/test_github_identity.py` or equivalent.
|
|
||||||
|
|
||||||
Implementation steps:
|
|
||||||
|
|
||||||
1. Add canonical GitHub target config.
|
|
||||||
2. Add token lookup that prefers `github-admin-token` for Phase 1b and can fall back only if explicitly configured.
|
|
||||||
3. Add comment helper for agent verdict comments.
|
|
||||||
4. Add idempotency marker and readback check.
|
|
||||||
5. Add tests.
|
|
||||||
6. Wire eval integration to the helper under Phase 1b flag.
|
|
||||||
|
|
||||||
Forbidden files:
|
|
||||||
|
|
||||||
- Deprecated eval shell scripts.
|
|
||||||
- Production secrets.
|
|
||||||
- Broad deploy rewrite.
|
|
||||||
|
|
||||||
## Frontend Work Required
|
|
||||||
|
|
||||||
None.
|
|
||||||
|
|
||||||
## Expected Runtime And User-Visible Behavior
|
|
||||||
|
|
||||||
PR comment example:
|
|
||||||
|
|
||||||
```text
|
|
||||||
## Rio review
|
|
||||||
|
|
||||||
<review text>
|
|
||||||
|
|
||||||
<!-- PHASE1B_REVIEW:PR=123:SHA=abc123:AGENT=RIO -->
|
|
||||||
<!-- VERDICT:RIO:APPROVE -->
|
|
||||||
```
|
|
||||||
|
|
||||||
The GitHub account may be a master bot. The comment content must show which agent reviewed.
|
|
||||||
|
|
||||||
## Validation And Test Matrix
|
|
||||||
|
|
||||||
Commands:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
python3 -m pytest tests/test_github_identity.py tests/test_eval_parse.py
|
|
||||||
python3 -m ruff check lib/github_feedback.py lib/config.py tests/test_github_identity.py
|
|
||||||
git diff --check
|
|
||||||
```
|
|
||||||
|
|
||||||
Test cases:
|
|
||||||
|
|
||||||
- canonical target
|
|
||||||
- staging override
|
|
||||||
- missing token
|
|
||||||
- no token logging
|
|
||||||
- idempotent comment marker
|
|
||||||
- all six verdict tags parse
|
|
||||||
|
|
||||||
## CI/CD, Release, And Pre-Push Gate Contract
|
|
||||||
|
|
||||||
Before PR:
|
|
||||||
|
|
||||||
- Local tests prove target and idempotency.
|
|
||||||
|
|
||||||
Before staging:
|
|
||||||
|
|
||||||
- Sandbox repo token exists.
|
|
||||||
- Production token is not used.
|
|
||||||
|
|
||||||
Before production:
|
|
||||||
|
|
||||||
- Bot account has comment permissions on `decision-engine`.
|
|
||||||
- Rollback path is old Forgejo or disabled Phase 1b flag.
|
|
||||||
|
|
||||||
## Independent CLI Audit Contract
|
|
||||||
|
|
||||||
Reviewer checks:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
rg -n "teleo-codex|decision-engine|github-admin-token|github-pat|VERDICT|PHASE1B_REVIEW" lib tests pipeline-health-check.py research deploy
|
|
||||||
```
|
|
||||||
|
|
||||||
Audit questions:
|
|
||||||
|
|
||||||
- Which files still target `teleo-codex`?
|
|
||||||
- Are those files in the Phase 1b runtime path?
|
|
||||||
- Does any log path expose token values?
|
|
||||||
- Does idempotency prevent duplicate comments?
|
|
||||||
|
|
||||||
## Outside-The-Box Fix Paths
|
|
||||||
|
|
||||||
If direct GitHub comments are not safe in the first PR:
|
|
||||||
|
|
||||||
- Keep Forgejo review transport and post GitHub mirror feedback only in staging.
|
|
||||||
- Add a dry-run comment mode that writes the planned body into audit logs.
|
|
||||||
|
|
||||||
If GitHub PAT remains blocked:
|
|
||||||
|
|
||||||
- Use a GitHub App only for comment posting.
|
|
||||||
- Keep master bot for git push but app token for PR comments.
|
|
||||||
|
|
||||||
## Maintenance Capture
|
|
||||||
|
|
||||||
Beneficial now:
|
|
||||||
|
|
||||||
- Name GitHub target config clearly.
|
|
||||||
- Avoid proliferating `github-pat` versus `github-admin-token`.
|
|
||||||
|
|
||||||
Avoid now:
|
|
||||||
|
|
||||||
- Separate agent GitHub users.
|
|
||||||
- Full mirror rewrite.
|
|
||||||
- Contributor identity overhaul.
|
|
||||||
|
|
||||||
## Parallelization And Fanout
|
|
||||||
|
|
||||||
Classification: ready_now after the implementer explicitly chooses direct GitHub comments or Forgejo-mirror compatibility for the Phase 1b flag path.
|
|
||||||
|
|
||||||
Worker-ready prompt:
|
|
||||||
|
|
||||||
```text
|
|
||||||
implement phase 1b github review comment posture. use one master bot token, target living-ip/decision-engine with staging override support, add agent-specific verdict comment helper with idempotency marker, and prove no token leakage. do not create separate agent accounts or rewrite deploy/mirror broadly.
|
|
||||||
```
|
|
||||||
|
|
||||||
## Acceptance Criteria
|
|
||||||
|
|
||||||
- Phase 1b comment helper targets `decision-engine`.
|
|
||||||
- Master bot can post agent verdict tags.
|
|
||||||
- Duplicate comments are prevented.
|
|
||||||
- Missing token is non-fatal and auditable.
|
|
||||||
- Existing old transport remains rollback-safe.
|
|
||||||
|
|
||||||
## Readiness And Claim Boundaries
|
|
||||||
|
|
||||||
Allowed claim:
|
|
||||||
|
|
||||||
- "Master-bot GitHub verdict comment posture is locally specified/tested."
|
|
||||||
|
|
||||||
Forbidden claim:
|
|
||||||
|
|
||||||
- "Separate agent GitHub identities are solved."
|
|
||||||
|
|
||||||
## Spec Quality Self-Audit
|
|
||||||
|
|
||||||
All required execution-grade headings are present. The exact direct-GitHub versus Forgejo-mirror cutover remains a deliberate implementation decision because current daemon code is Forgejo-first.
|
|
||||||
|
|
||||||
## Assistant-Added Caveats
|
|
||||||
|
|
||||||
The repo has real target drift between `teleo-codex` and `decision-engine`. Do not hide that drift in the eval implementation. The Phase 1b PR should either fix the runtime path it uses or explicitly leave non-runtime references for a later migration.
|
|
||||||
|
|
@ -1,125 +0,0 @@
|
||||||
# Phase 1b Local Review Guide
|
|
||||||
|
|
||||||
Status: local-only review artifact
|
|
||||||
Branch: `phase1b-agent-routing-local`
|
|
||||||
|
|
||||||
## What This Repo Is
|
|
||||||
|
|
||||||
`teleo-infrastructure` is the pipeline/runtime repo. For Phase 1b, it owns the evaluation daemon logic that watches PRs, fetches diffs, runs reviewers, posts verdict comments, and moves PR state toward merge or feedback.
|
|
||||||
|
|
||||||
Canonical split for this phase:
|
|
||||||
|
|
||||||
- KB repo: `decision-engine`
|
|
||||||
- implementation/runtime repo: `teleo-infrastructure`
|
|
||||||
- production runtime: VPS under `/opt/teleo-eval`, not currently accessible from this workspace
|
|
||||||
|
|
||||||
## What This Branch Changes
|
|
||||||
|
|
||||||
Local code changes:
|
|
||||||
|
|
||||||
- `lib/agent_routing.py`: new pure router that maps a PR diff to one or two Hermes agents.
|
|
||||||
- `lib/config.py`: adds `PHASE1B_AGENT_ROUTING_ENABLED`, default `false`.
|
|
||||||
- `lib/evaluate.py`: adds a feature-flagged Phase 1b eval path.
|
|
||||||
- `lib/llm.py`: adds `run_agent_review`.
|
|
||||||
- `tests/test_agent_routing.py`: router tests.
|
|
||||||
- `tests/test_evaluate_agent_routing.py`: mocked eval tests.
|
|
||||||
- `tests/test_eval_parse.py`: all six `VERDICT:AGENT:*` parser coverage.
|
|
||||||
|
|
||||||
Spec/docs changes:
|
|
||||||
|
|
||||||
- `docs/phase1b-agent-routing-spec.md`
|
|
||||||
- `docs/phase1b/README.md`
|
|
||||||
- child specs under `docs/phase1b/`
|
|
||||||
- `docs/phase1b/staging-blocker.json`
|
|
||||||
|
|
||||||
## What It Does Not Change
|
|
||||||
|
|
||||||
- It does not enable Phase 1b in production.
|
|
||||||
- It does not touch the VPS.
|
|
||||||
- It does not create or require six GitHub identities.
|
|
||||||
- It does not solve the Forgejo-vs-GitHub cutover.
|
|
||||||
- It does not fix unrelated full-suite failures.
|
|
||||||
|
|
||||||
## Current Safety Posture
|
|
||||||
|
|
||||||
The feature flag defaults off:
|
|
||||||
|
|
||||||
```text
|
|
||||||
PHASE1B_AGENT_ROUTING_ENABLED=false
|
|
||||||
```
|
|
||||||
|
|
||||||
With the flag off, the legacy eval path remains available. The Phase 1b path should only run in staging or a controlled daemon after explicit env config.
|
|
||||||
|
|
||||||
The local review hardening pass removed changes to `lib/domains.py` so the legacy domain map is not changed by this branch.
|
|
||||||
|
|
||||||
## Local Proof
|
|
||||||
|
|
||||||
Focused proof that currently passes:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
.venv/bin/python -m pytest tests/test_agent_routing.py tests/test_evaluate_agent_routing.py tests/test_eval_parse.py
|
|
||||||
.venv/bin/ruff check lib/agent_routing.py lib/domains.py lib/evaluate.py lib/llm.py lib/config.py tests/test_agent_routing.py tests/test_evaluate_agent_routing.py
|
|
||||||
git diff --check
|
|
||||||
```
|
|
||||||
|
|
||||||
Latest focused result:
|
|
||||||
|
|
||||||
```text
|
|
||||||
61 passed
|
|
||||||
ruff: all checks passed
|
|
||||||
git diff --check: passed
|
|
||||||
```
|
|
||||||
|
|
||||||
Full-suite status:
|
|
||||||
|
|
||||||
```text
|
|
||||||
406 passed, 12 failed, 3 errors
|
|
||||||
```
|
|
||||||
|
|
||||||
Known full-suite failure groups:
|
|
||||||
|
|
||||||
- `db.migrate` fresh-fixture rebuild error: `prs_new has no column named auto_merge`
|
|
||||||
- contributor test fixture missing `submitted_by`
|
|
||||||
- date/frontmatter expectations in `test_post_extract.py`
|
|
||||||
- search threshold expectation in `test_search.py`
|
|
||||||
- missing `python-telegram-bot` imports for X content tests
|
|
||||||
|
|
||||||
Those failures mean this branch should not be called repo-green or PR-ready.
|
|
||||||
|
|
||||||
## How To Review Locally
|
|
||||||
|
|
||||||
Stay local:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
git switch phase1b-agent-routing-local
|
|
||||||
git status --short --branch
|
|
||||||
git diff main...HEAD --stat
|
|
||||||
git diff main...HEAD -- lib/agent_routing.py lib/evaluate.py lib/llm.py lib/config.py
|
|
||||||
```
|
|
||||||
|
|
||||||
Review the behavior in this order:
|
|
||||||
|
|
||||||
1. `lib/agent_routing.py`
|
|
||||||
2. `tests/test_agent_routing.py`
|
|
||||||
3. `lib/evaluate.py`
|
|
||||||
4. `tests/test_evaluate_agent_routing.py`
|
|
||||||
5. `docs/phase1b/staging-blocker.json`
|
|
||||||
|
|
||||||
## Before Any PR
|
|
||||||
|
|
||||||
Do not open a PR until at least one of these is true:
|
|
||||||
|
|
||||||
- full-suite failures are triaged into accepted unrelated failures with issue links, or fixed;
|
|
||||||
- staging access is available and a sandbox proof path is ready;
|
|
||||||
- m3taversal/Fwaz explicitly accept a local-only draft review without staging proof.
|
|
||||||
|
|
||||||
## Before Production
|
|
||||||
|
|
||||||
Production requires:
|
|
||||||
|
|
||||||
- staging proof against sandbox `decision-engine`;
|
|
||||||
- exact reviewed SHA;
|
|
||||||
- Leo signoff;
|
|
||||||
- no direct VPS self-upgrades;
|
|
||||||
- `PHASE1B_AGENT_ROUTING_ENABLED` enabled only after cutover plan is written;
|
|
||||||
- rollback path to flag-off behavior.
|
|
||||||
|
|
@ -1,275 +0,0 @@
|
||||||
# Phase 1b Child Spec: Reporting And Contributor Compatibility
|
|
||||||
|
|
||||||
Created: 2026-05-29
|
|
||||||
Status: active draft
|
|
||||||
Parent spec: `docs/phase1b-agent-routing-spec.md`
|
|
||||||
|
|
||||||
## Product Outcome Contract
|
|
||||||
|
|
||||||
Phase 1b must not make dashboards, health checks, or contributor credit lie about review state. Reporting may stay minimal, but it must not mark a cross-domain PR as ready before all required agents have reviewed.
|
|
||||||
|
|
||||||
## Goal
|
|
||||||
|
|
||||||
Update compatibility surfaces so Phase 1b required-agent reviews are represented accurately enough for operations, health, and contributor attribution without doing a dashboard redesign.
|
|
||||||
|
|
||||||
## Non-Goals
|
|
||||||
|
|
||||||
- Do not redesign the dashboard UI.
|
|
||||||
- Do not implement a new leaderboard model.
|
|
||||||
- Do not require a broad DB migration unless `review_records` is insufficient.
|
|
||||||
- Do not make production-readiness claims from health-check summaries alone.
|
|
||||||
|
|
||||||
## Current Implementation Audit
|
|
||||||
|
|
||||||
Current truth:
|
|
||||||
|
|
||||||
- `lib/db.py` already has `review_records` with `pr_number`, `domain`, `agent`, `reviewer`, `reviewer_model`, `outcome`, `rejection_reason`, and `notes`.
|
|
||||||
- `lib/contributor.py` assumes Leo reviews every PR and credits Leo plus one `domain_agent`.
|
|
||||||
- `lib/health.py` computes approval rates from `domain_verdict` and `leo_verdict`.
|
|
||||||
- `lib/health.py` builds reviewer strings only from `domain_verdict` and `leo_verdict`.
|
|
||||||
- `pipeline-health-check.py` can parse arbitrary `VERDICT:AGENT:*` tags, but it has no required-agent concept.
|
|
||||||
- A cross-domain PR with one approval and one missing required review could be misclassified if reporting only checks "any approve".
|
|
||||||
|
|
||||||
## Existing-Spec Inventory
|
|
||||||
|
|
||||||
| Existing doc | Relevance | Decision |
|
|
||||||
| --- | --- | --- |
|
|
||||||
| `docs/phase1b-agent-routing-spec.md` | Parent route/verdict state. | Reuse. |
|
|
||||||
| `docs/ARCHITECTURE.md` | Health/dashboard baseline. | Reuse as context. |
|
|
||||||
| `docs/DIAGNOSTICS-AGENT-SPEC.md` | Diagnostics philosophy. | Reuse as later direction, not immediate scope. |
|
|
||||||
|
|
||||||
## Goal-Vs-Repo-Truth Diff
|
|
||||||
|
|
||||||
Goal:
|
|
||||||
|
|
||||||
- Required-agent state is visible enough to avoid false readiness.
|
|
||||||
- Contributor evaluator credit follows actual approved reviewer agents.
|
|
||||||
- Health and pipeline checks can distinguish incomplete cross-domain review.
|
|
||||||
|
|
||||||
Repo truth:
|
|
||||||
|
|
||||||
- Legacy fields only represent `domain_verdict` plus `leo_verdict`.
|
|
||||||
- Contributor credit hardcodes Leo as universal reviewer.
|
|
||||||
- `pipeline-health-check.py` parses comments but does not know required reviewers.
|
|
||||||
|
|
||||||
## Completion Percent And Remaining Delta
|
|
||||||
|
|
||||||
Current completion: 10 percent because `review_records` already exists.
|
|
||||||
|
|
||||||
Remaining delta:
|
|
||||||
|
|
||||||
1. Ensure eval integration writes one `review_records` row per required reviewer.
|
|
||||||
2. Update contributor attribution to prefer approved `review_records`.
|
|
||||||
3. Keep legacy fields as projection only.
|
|
||||||
4. Add optional route marker parsing to `pipeline-health-check.py`.
|
|
||||||
5. Add tests proving no partial-review false readiness.
|
|
||||||
|
|
||||||
## Closure, Endpoint, And Deployment Truth
|
|
||||||
|
|
||||||
Local closure:
|
|
||||||
|
|
||||||
- Tests prove contributor credit and stage classification respect required reviewers.
|
|
||||||
|
|
||||||
Staging closure:
|
|
||||||
|
|
||||||
- Staging proof artifact and health readback agree on required-agent completion.
|
|
||||||
|
|
||||||
Production closure:
|
|
||||||
|
|
||||||
- Production health does not show PRs as ready before all required agents approve.
|
|
||||||
|
|
||||||
## Critical Assumptions And Invalidators
|
|
||||||
|
|
||||||
Assumptions:
|
|
||||||
|
|
||||||
- `review_records` is available in production DB schema.
|
|
||||||
- Eval integration can write `review_records` for each required reviewer.
|
|
||||||
- Dashboards can tolerate legacy projections during Phase 1b.
|
|
||||||
|
|
||||||
Invalidators:
|
|
||||||
|
|
||||||
- Production DB lacks `review_records`.
|
|
||||||
- Contributor code path cannot query `review_records` without performance issues.
|
|
||||||
- Branch protection or merge logic uses legacy fields directly for readiness.
|
|
||||||
|
|
||||||
## State And Truth Contract
|
|
||||||
|
|
||||||
`review_records` becomes the compatibility source for per-agent reviewer history.
|
|
||||||
|
|
||||||
Required eval write:
|
|
||||||
|
|
||||||
```text
|
|
||||||
one review_records row per required reviewer per PR attempt
|
|
||||||
```
|
|
||||||
|
|
||||||
Legacy projection:
|
|
||||||
|
|
||||||
- `domain_agent = primary_agent`
|
|
||||||
- `domain_verdict = aggregate_verdict`
|
|
||||||
- `leo_verdict = actual Leo verdict when Leo is required, else skipped`
|
|
||||||
|
|
||||||
Route/audit JSON remains the source for `required_agents`.
|
|
||||||
|
|
||||||
## Measurement Contract
|
|
||||||
|
|
||||||
Minimum compatibility metrics:
|
|
||||||
|
|
||||||
- `review_records_written_count`
|
|
||||||
- `required_reviews_missing_count`
|
|
||||||
- `partial_review_not_ready_count`
|
|
||||||
- `contributor_evaluator_credit_count_by_agent`
|
|
||||||
|
|
||||||
Minimum proof:
|
|
||||||
|
|
||||||
- A two-agent PR with one approval and one missing verdict is not classified as ready.
|
|
||||||
- A two-agent PR with two approvals is classified as ready.
|
|
||||||
- Contributor credit includes both approved reviewers.
|
|
||||||
|
|
||||||
## Backend Work Required
|
|
||||||
|
|
||||||
Owned files:
|
|
||||||
|
|
||||||
- `lib/contributor.py`
|
|
||||||
- `lib/health.py`
|
|
||||||
- `pipeline-health-check.py`
|
|
||||||
- `tests/test_contributor.py` or new focused test.
|
|
||||||
- `tests/test_pipeline_health_phase1b.py` if added.
|
|
||||||
|
|
||||||
Implementation steps:
|
|
||||||
|
|
||||||
1. Confirm `review_records` exists in local schema and migrations.
|
|
||||||
2. Update eval integration spec to write review records per required reviewer.
|
|
||||||
3. Update contributor credit to prefer approved `review_records.reviewer` rows.
|
|
||||||
4. Fall back to legacy `leo_verdict` and `domain_verdict` for old data.
|
|
||||||
5. Update health output to include review records or route audit fields where available.
|
|
||||||
6. Update pipeline health check to read required-agent markers if present.
|
|
||||||
7. Add tests.
|
|
||||||
|
|
||||||
Forbidden work:
|
|
||||||
|
|
||||||
- Dashboard redesign.
|
|
||||||
- New leaderboard model.
|
|
||||||
- Broad schema migration before proof requires it.
|
|
||||||
|
|
||||||
## Frontend Work Required
|
|
||||||
|
|
||||||
None.
|
|
||||||
|
|
||||||
## Expected Runtime And User-Visible Behavior
|
|
||||||
|
|
||||||
Operators should see:
|
|
||||||
|
|
||||||
- Per-agent reviewer outcomes when available.
|
|
||||||
- Cross-domain PRs not marked ready until all required reviewers approve.
|
|
||||||
- Contributor credit reflecting actual approved reviewer agents.
|
|
||||||
|
|
||||||
Existing dashboard layout can remain unchanged if data is honest.
|
|
||||||
|
|
||||||
## Validation And Test Matrix
|
|
||||||
|
|
||||||
Commands:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
python3 -m pytest tests/test_contributor.py tests/test_pipeline_health_phase1b.py
|
|
||||||
python3 -m ruff check lib/contributor.py lib/health.py pipeline-health-check.py tests
|
|
||||||
git diff --check
|
|
||||||
```
|
|
||||||
|
|
||||||
Test cases:
|
|
||||||
|
|
||||||
- old data fallback credits Leo/domain reviewer.
|
|
||||||
- new `review_records` data credits all approved required reviewers.
|
|
||||||
- request-changes reviewer receives no evaluator credit.
|
|
||||||
- one missing required reviewer blocks ready classification.
|
|
||||||
- all required reviewers approve enables ready classification.
|
|
||||||
|
|
||||||
## CI/CD, Release, And Pre-Push Gate Contract
|
|
||||||
|
|
||||||
Before PR:
|
|
||||||
|
|
||||||
- Compatibility tests pass or are documented as not runnable due missing dev deps.
|
|
||||||
|
|
||||||
Before staging:
|
|
||||||
|
|
||||||
- Staging proof includes health and contributor-readback commands.
|
|
||||||
|
|
||||||
Before production:
|
|
||||||
|
|
||||||
- Operator verifies no partial-review false readiness in logs/health readback.
|
|
||||||
|
|
||||||
## Independent CLI Audit Contract
|
|
||||||
|
|
||||||
Reviewer commands:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
rg -n "Leo reviews every PR|leo_verdict|domain_verdict|review_records|required_agents|VERDICT" lib pipeline-health-check.py tests
|
|
||||||
sqlite3 /path/to/pipeline.db ".schema review_records"
|
|
||||||
```
|
|
||||||
|
|
||||||
Reviewer checks:
|
|
||||||
|
|
||||||
- `review_records` is preferred for new evaluator credit.
|
|
||||||
- Legacy fallback remains for old rows.
|
|
||||||
- Health does not rely on any-approve for multi-review readiness.
|
|
||||||
|
|
||||||
## Outside-The-Box Fix Paths
|
|
||||||
|
|
||||||
If `review_records` is insufficient:
|
|
||||||
|
|
||||||
- Add additive `route_json` and `agent_verdicts_json` columns to `prs`.
|
|
||||||
|
|
||||||
If `pipeline-health-check.py` cannot read route markers:
|
|
||||||
|
|
||||||
- Treat cross-domain PRs as awaiting review unless all verdict tags expected by route artifact are present.
|
|
||||||
|
|
||||||
If contributor credit is too risky for Phase 1b:
|
|
||||||
|
|
||||||
- Defer credit mutation and emit review-record-only proof until after eval stability.
|
|
||||||
|
|
||||||
## Maintenance Capture
|
|
||||||
|
|
||||||
Beneficial now:
|
|
||||||
|
|
||||||
- Replace comments claiming "Leo reviews every PR."
|
|
||||||
- Add focused tests for the compatibility projection.
|
|
||||||
|
|
||||||
Avoid now:
|
|
||||||
|
|
||||||
- Dashboard UI rewrite.
|
|
||||||
- Historical backfill.
|
|
||||||
- Leaderboard redesign.
|
|
||||||
|
|
||||||
## Parallelization And Fanout
|
|
||||||
|
|
||||||
Classification: ready_now after eval integration establishes review record writes.
|
|
||||||
|
|
||||||
Worker-ready prompt:
|
|
||||||
|
|
||||||
```text
|
|
||||||
make reporting and contributor attribution phase 1b-compatible. prefer review_records for new evaluator credit, preserve legacy fallback, and prevent health/pipeline checks from marking cross-domain prs ready before all required agents approve. do not redesign dashboards or add broad schema migrations unless tests prove necessary.
|
|
||||||
```
|
|
||||||
|
|
||||||
## Acceptance Criteria
|
|
||||||
|
|
||||||
- No code path claims Leo reviews every new Phase 1b PR.
|
|
||||||
- Approved `review_records` can credit all required reviewer agents.
|
|
||||||
- Health/check logic avoids partial-review false readiness.
|
|
||||||
- Legacy data still renders.
|
|
||||||
|
|
||||||
## Readiness And Claim Boundaries
|
|
||||||
|
|
||||||
Allowed claim:
|
|
||||||
|
|
||||||
- "Reporting compatibility is updated to avoid false readiness and credit loss."
|
|
||||||
|
|
||||||
Forbidden claim:
|
|
||||||
|
|
||||||
- "Dashboards are redesigned for Phase 1b."
|
|
||||||
|
|
||||||
## Spec Quality Self-Audit
|
|
||||||
|
|
||||||
All required execution-grade headings are present. This spec is intentionally compatibility-scoped and does not attempt a full reporting product redesign.
|
|
||||||
|
|
||||||
## Assistant-Added Caveats
|
|
||||||
|
|
||||||
The safest first move is to write accurate `review_records` and route audit JSON. Rich dashboards should wait until production behavior proves stable.
|
|
||||||
|
|
@ -1,18 +0,0 @@
|
||||||
{
|
|
||||||
"phase": "1b",
|
|
||||||
"blocked_area": "staging_and_production_proof",
|
|
||||||
"attempted_discovery": [
|
|
||||||
"audited teleo-infrastructure eval, config, deploy, systemd, github feedback, and health-check surfaces",
|
|
||||||
"implemented and tested local default-off phase1b routing path",
|
|
||||||
"opened draft pr for reviewed sha",
|
|
||||||
"recorded staging proof contract in docs/phase1b/staging-proof-spec.md"
|
|
||||||
],
|
|
||||||
"exact_blocker": "no usable staging vps clone, crabbox runner config, sandbox decision-engine repo token, or production read-only access is available in this workspace",
|
|
||||||
"why_it_cannot_be_solved_autonomously": "staging proof requires external infrastructure authority and non-production credentials; creating or using those without the project owner/runtime owner would risk mutating production or leaking production secrets",
|
|
||||||
"exact_next_action": "fwaz or m3taversal should provide either a scrubbed hetzner snapshot clone or crabbox config plus staging-only github/openrouter tokens and the sandbox decision-engine repo target",
|
|
||||||
"safe_until_unblocked": [
|
|
||||||
"keep PHASE1B_AGENT_ROUTING_ENABLED=false in production",
|
|
||||||
"review the draft pr locally and in ci",
|
|
||||||
"do not allow agents to self-edit production vps state for this change"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
@ -1,356 +0,0 @@
|
||||||
# Phase 1b Child Spec: Staging Proof
|
|
||||||
|
|
||||||
Created: 2026-05-29
|
|
||||||
Status: active draft
|
|
||||||
Parent spec: `docs/phase1b-agent-routing-spec.md`
|
|
||||||
|
|
||||||
## Product Outcome Contract
|
|
||||||
|
|
||||||
Phase 1b must be tested without mutating the production VPS or production `decision-engine` PRs. A staging clone or disposable remote test box must prove routing, verdict posting, and merge or feedback behavior against a sandbox target before production cutover.
|
|
||||||
|
|
||||||
## Goal
|
|
||||||
|
|
||||||
Define the staging proof path for Phase 1b: provision an isolated production-like runtime, disable production authority, run six single-domain PR cycles plus one cross-domain PR cycle, save a machine-readable proof artifact, then destroy or shut down the staging environment.
|
|
||||||
|
|
||||||
## Non-Goals
|
|
||||||
|
|
||||||
- Do not mutate production PRs.
|
|
||||||
- Do not use production GitHub tokens in staging.
|
|
||||||
- Do not prove 24-hour production stability.
|
|
||||||
- Do not promote a mutated staging server as production.
|
|
||||||
- Do not test payment, wallet, Twitter, or mainnet flows.
|
|
||||||
|
|
||||||
## Current Implementation Audit
|
|
||||||
|
|
||||||
Known repo truth:
|
|
||||||
|
|
||||||
- `systemd/teleo-pipeline.service` defines the production-style pipeline service.
|
|
||||||
- `deploy/` contains deployment and mirror scripts.
|
|
||||||
- `docs/ARCHITECTURE.md` documents VPS path assumptions and SQLite state.
|
|
||||||
- `docs/INFRASTRUCTURE.md` documents production as Hetzner `77.42.65.182`, root path `/opt/teleo-eval`, diagnostics on port `8081`, and health on port `8080`.
|
|
||||||
- `deploy/auto-deploy.sh` pulls from `/opt/teleo-eval/workspaces/deploy-infra`, syncs code into runtime paths, restarts changed Python services, and updates `/opt/teleo-eval/.last-deploy-sha` after smoke checks.
|
|
||||||
- `systemd/teleo-pipeline.service` expects `/opt/teleo-eval/pipeline/fix-ownership.sh`, while this repo stores that script under `deploy/fix-ownership.sh`; staging bootstrap must verify the live runtime path before assuming the unit works.
|
|
||||||
- `handoff/phase1-step3-script-migration.md` documents GitHub migration posture and `decision-engine` target for scripts.
|
|
||||||
- `handoff/deprecated/eval-scripts.md` confirms old eval scripts are dead.
|
|
||||||
- Fwaz described the current production update path as `pull -> services recognize pull -> edit on VPS -> PR to Leo`; staging proof must treat that as an unsafe legacy behavior to replace, not as a release gate.
|
|
||||||
- Fwaz approved Crabbox as the long-term disposable staging/test-box direction.
|
|
||||||
|
|
||||||
Unknown production truth:
|
|
||||||
|
|
||||||
- Exact current deployed SHA.
|
|
||||||
- Whether production service files match this repo.
|
|
||||||
- Whether production still points at Forgejo in the live daemon.
|
|
||||||
- Exact restart/deploy commands used by Fwaz or agents.
|
|
||||||
- Current secrets layout.
|
|
||||||
- Current `systemctl cat` output for `teleo-pipeline`, `teleo-diagnostics`, auto-deploy timers, cron-like research jobs, Telegram-related services, and any agent daemons.
|
|
||||||
- Whether production has uncommitted hotfixes, generated scripts, or local service patches under `/opt/teleo-eval`.
|
|
||||||
- Read-only live access is not available in this workspace; the infrastructure audit attempted SSH readback and hit authentication denial, so no production SHA or service state should be claimed from this spec.
|
|
||||||
|
|
||||||
## Existing-Spec Inventory
|
|
||||||
|
|
||||||
| Existing doc | Relevance | Decision |
|
|
||||||
| --- | --- | --- |
|
|
||||||
| `docs/phase1b-agent-routing-spec.md` | Parent proof requirements. | Reuse. |
|
|
||||||
| `docs/ARCHITECTURE.md` | VPS topology and service assumptions. | Reuse with current-readback requirement. |
|
|
||||||
| `systemd/teleo-pipeline.service` | Service command template. | Reuse as staging baseline. |
|
|
||||||
| `handoff/phase1-step3-script-migration.md` | GitHub `decision-engine` target context. | Reuse. |
|
|
||||||
|
|
||||||
## Goal-Vs-Repo-Truth Diff
|
|
||||||
|
|
||||||
Goal:
|
|
||||||
|
|
||||||
- Staging proof runs against sandbox `decision-engine`.
|
|
||||||
- Production services and secrets are disabled before test daemon starts.
|
|
||||||
- Proof artifact captures routes, verdicts, final PR states, SHAs, DB schema, feature flags, and logs.
|
|
||||||
|
|
||||||
Repo truth:
|
|
||||||
|
|
||||||
- Staging automation does not exist.
|
|
||||||
- No proof script exists for seven PR cases.
|
|
||||||
- No machine-readable Phase 1b proof schema exists outside the umbrella spec.
|
|
||||||
|
|
||||||
## Completion Percent And Remaining Delta
|
|
||||||
|
|
||||||
Current completion: 0 percent.
|
|
||||||
|
|
||||||
Remaining delta:
|
|
||||||
|
|
||||||
1. Choose staging substrate: Hetzner snapshot clone, Crabbox, or another disposable test box.
|
|
||||||
2. Define sandbox repo.
|
|
||||||
3. Define staging secrets.
|
|
||||||
4. Write or run proof sequence.
|
|
||||||
5. Retain proof artifact.
|
|
||||||
6. Confirm staging cannot mutate production.
|
|
||||||
|
|
||||||
## Closure, Endpoint, And Deployment Truth
|
|
||||||
|
|
||||||
Staging closure means:
|
|
||||||
|
|
||||||
- Staging environment is isolated.
|
|
||||||
- Sandbox PRs are created and processed.
|
|
||||||
- Required reviewer verdicts appear in PR comments.
|
|
||||||
- Pipeline state transitions match expected behavior.
|
|
||||||
- Proof artifact exists.
|
|
||||||
|
|
||||||
Production closure is separate and requires exact reviewed SHA deployment plus 24-hour readback.
|
|
||||||
|
|
||||||
## Critical Assumptions And Invalidators
|
|
||||||
|
|
||||||
Assumptions:
|
|
||||||
|
|
||||||
- A VPS snapshot or disposable equivalent can run the pipeline.
|
|
||||||
- Production secrets can be removed or replaced before daemon start.
|
|
||||||
- A sandbox GitHub repo can be used.
|
|
||||||
- The proof can run without real production inference spend, or spend is explicitly approved.
|
|
||||||
|
|
||||||
Invalidators:
|
|
||||||
|
|
||||||
- Clone boots production services before quarantine.
|
|
||||||
- Sandbox target cannot receive PRs/comments.
|
|
||||||
- No operator has cloud or VPS access.
|
|
||||||
- Secrets cannot be separated from production.
|
|
||||||
- Service paths on production are materially different from repo docs.
|
|
||||||
|
|
||||||
## State And Truth Contract
|
|
||||||
|
|
||||||
Proof artifact path should be under staging, then copied back into the PR or retained artifact location. Suggested filename:
|
|
||||||
|
|
||||||
```text
|
|
||||||
proof/phase1b-staging-proof-YYYYMMDD-HHMMSS.json
|
|
||||||
```
|
|
||||||
|
|
||||||
Required JSON fields:
|
|
||||||
|
|
||||||
```json
|
|
||||||
{
|
|
||||||
"phase": "1b",
|
|
||||||
"schema_version": 1,
|
|
||||||
"environment": {
|
|
||||||
"kind": "hetzner_snapshot|crabbox|disposable_remote",
|
|
||||||
"host": "...",
|
|
||||||
"snapshot_id": "...",
|
|
||||||
"created_from_prod_host": "77.42.65.182"
|
|
||||||
},
|
|
||||||
"teleo_infrastructure_sha": "...",
|
|
||||||
"decision_engine_target": "living-ip/decision-engine-sandbox",
|
|
||||||
"pipeline_db_schema": 26,
|
|
||||||
"feature_flags": {"PHASE1B_AGENT_ROUTING_ENABLED": "true"},
|
|
||||||
"safety": {
|
|
||||||
"prod_services_disabled": true,
|
|
||||||
"prod_timers_disabled": true,
|
|
||||||
"prod_crons_disabled": true,
|
|
||||||
"prod_secrets_removed": true,
|
|
||||||
"auto_merge_constrained": true
|
|
||||||
},
|
|
||||||
"test_cases": [],
|
|
||||||
"verification_outputs": {
|
|
||||||
"service_status_path": "...",
|
|
||||||
"journal_excerpt_path": "...",
|
|
||||||
"db_snapshot_path": "...",
|
|
||||||
"github_comments_path": "..."
|
|
||||||
},
|
|
||||||
"rollback": {
|
|
||||||
"production_sha_before": "...",
|
|
||||||
"candidate_sha": "...",
|
|
||||||
"rollback_command": "..."
|
|
||||||
},
|
|
||||||
"created_at": "..."
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
Each test case:
|
|
||||||
|
|
||||||
```json
|
|
||||||
{
|
|
||||||
"case": "internet-finance",
|
|
||||||
"pr": 12,
|
|
||||||
"required_agents": ["Rio"],
|
|
||||||
"posted_verdicts": {"Rio": "approve"},
|
|
||||||
"final_state": "approved",
|
|
||||||
"route_kind": "single"
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
## Measurement Contract
|
|
||||||
|
|
||||||
Minimum staging cases:
|
|
||||||
|
|
||||||
- grand strategy -> Leo
|
|
||||||
- ai systems or ai alignment -> Theseus
|
|
||||||
- internet finance -> Rio
|
|
||||||
- health -> Vida
|
|
||||||
- entertainment -> Clay
|
|
||||||
- space, robotics, energy, or advanced manufacturing -> Astra
|
|
||||||
- cross-domain ai plus x402 -> Theseus and Rio
|
|
||||||
|
|
||||||
Pass criteria:
|
|
||||||
|
|
||||||
- 7 of 7 route decisions match expected required agents.
|
|
||||||
- 7 of 7 PRs receive parseable verdict comments.
|
|
||||||
- No production repo receives comments.
|
|
||||||
- No production service remains enabled during staging run.
|
|
||||||
|
|
||||||
## Backend Work Required
|
|
||||||
|
|
||||||
Owned surfaces:
|
|
||||||
|
|
||||||
- Staging host.
|
|
||||||
- Sandbox repo.
|
|
||||||
- Staging env/config.
|
|
||||||
- Proof artifact generator or manual proof script.
|
|
||||||
|
|
||||||
Implementation steps:
|
|
||||||
|
|
||||||
1. Snapshot or provision staging environment.
|
|
||||||
2. Block public/prod access.
|
|
||||||
3. Disable production services.
|
|
||||||
4. Remove production secrets.
|
|
||||||
5. Set hostname to staging.
|
|
||||||
6. Configure sandbox target.
|
|
||||||
7. Deploy exact implementation SHA.
|
|
||||||
8. Enable Phase 1b feature flag.
|
|
||||||
9. Create seven sandbox PRs.
|
|
||||||
10. Run pipeline until verdicts and states are visible.
|
|
||||||
11. Save proof artifact.
|
|
||||||
12. Shut down or destroy staging.
|
|
||||||
|
|
||||||
## Frontend Work Required
|
|
||||||
|
|
||||||
None.
|
|
||||||
|
|
||||||
## Expected Runtime And User-Visible Behavior
|
|
||||||
|
|
||||||
Operator sees:
|
|
||||||
|
|
||||||
- Staging service status.
|
|
||||||
- Sandbox PR comments with agent verdict tags.
|
|
||||||
- SQLite rows or logs showing route decisions.
|
|
||||||
- Proof artifact summarizing pass/fail.
|
|
||||||
|
|
||||||
No production user-visible behavior should change during staging.
|
|
||||||
|
|
||||||
## Validation And Test Matrix
|
|
||||||
|
|
||||||
Commands will vary by staging substrate. Baseline readback:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
hostname
|
|
||||||
git -C /opt/teleo-eval/workspaces/deploy-infra rev-parse HEAD
|
|
||||||
cat /opt/teleo-eval/.last-deploy-sha
|
|
||||||
systemctl is-active teleo-pipeline teleo-diagnostics teleo-auto-deploy.timer
|
|
||||||
systemctl list-timers | grep -E 'teleo|sync|extract|research' || true
|
|
||||||
curl -s localhost:8080/health | python3 -m json.tool
|
|
||||||
journalctl -u teleo-pipeline --since "1 hour ago" --no-pager
|
|
||||||
sqlite3 /opt/teleo-eval/pipeline/pipeline.db "select max(version) from schema_version;"
|
|
||||||
sqlite3 /opt/teleo-eval/pipeline/pipeline.db "select number,status,domain,domain_agent,leo_verdict,domain_verdict,auto_merge,github_pr from prs order by number desc limit 20;"
|
|
||||||
gh pr list --repo living-ip/decision-engine-sandbox --state all
|
|
||||||
gh pr view --repo living-ip/decision-engine-sandbox PR_NUMBER --comments
|
|
||||||
```
|
|
||||||
|
|
||||||
Safety checks:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
systemctl is-enabled teleo-pipeline
|
|
||||||
systemctl cat teleo-pipeline
|
|
||||||
systemctl cat teleo-diagnostics
|
|
||||||
grep -R "github-admin-token" /opt/teleo-eval/secrets 2>/dev/null
|
|
||||||
git -C /opt/teleo-eval/workspaces/main remote -v
|
|
||||||
```
|
|
||||||
|
|
||||||
## CI/CD, Release, And Pre-Push Gate Contract
|
|
||||||
|
|
||||||
Before staging:
|
|
||||||
|
|
||||||
- Code PR has passed local tests.
|
|
||||||
- Sandbox target selected.
|
|
||||||
- Staging secrets prepared.
|
|
||||||
|
|
||||||
Before production:
|
|
||||||
|
|
||||||
- Staging proof artifact exists.
|
|
||||||
- Exact SHA to deploy is recorded.
|
|
||||||
- Rollback path is recorded.
|
|
||||||
- Leo approval/signoff for the exact reviewed SHA is recorded.
|
|
||||||
- The production cutover avoids direct agent self-edits on the VPS.
|
|
||||||
|
|
||||||
## Independent CLI Audit Contract
|
|
||||||
|
|
||||||
Auditor should verify:
|
|
||||||
|
|
||||||
- Staging host is not production.
|
|
||||||
- Production services were disabled before test daemon start.
|
|
||||||
- GitHub target is sandbox.
|
|
||||||
- Proof artifact PR IDs belong to sandbox repo.
|
|
||||||
- Logs show no production mutation.
|
|
||||||
|
|
||||||
## Outside-The-Box Fix Paths
|
|
||||||
|
|
||||||
If Hetzner snapshot clone is too risky:
|
|
||||||
|
|
||||||
- Use Crabbox with a synced checkout and fake/sandbox services.
|
|
||||||
- Use a fresh Hetzner server and repo checkout instead of disk clone.
|
|
||||||
- Use local fake GitHub/Forgejo API for pure pipeline proof.
|
|
||||||
|
|
||||||
Substrate guidance:
|
|
||||||
|
|
||||||
- Prefer a Hetzner snapshot clone for canonical staging proof because it exercises `/opt/teleo-eval`, systemd units, timers, runtime user ownership, SQLite path assumptions, and deploy scripts.
|
|
||||||
- Crabbox is acceptable and preferred long-term as `disposable_remote` proof for command/test execution, but it does not count as VPS-clone fidelity unless it recreates the same unit files, runtime paths, service user, database path, and deploy flow.
|
|
||||||
- A local fake GitHub/Forgejo API can prove parser and state logic, but it cannot close the staging acceptance gate for real GitHub comments.
|
|
||||||
|
|
||||||
If inference spend is a concern:
|
|
||||||
|
|
||||||
- Mock agent review responses in staging.
|
|
||||||
- Use a staging-specific cheap model.
|
|
||||||
- Run only one real model call after mocked proof passes.
|
|
||||||
|
|
||||||
## Maintenance Capture
|
|
||||||
|
|
||||||
Beneficial now:
|
|
||||||
|
|
||||||
- Add a reusable `proof/phase1b` script later if manual staging repeats.
|
|
||||||
- Record exact service and config readback.
|
|
||||||
|
|
||||||
Avoid now:
|
|
||||||
|
|
||||||
- Building a full deployment platform.
|
|
||||||
- Giving Crabbox or staging production secrets.
|
|
||||||
- Replacing production with staging server.
|
|
||||||
|
|
||||||
## Parallelization And Fanout
|
|
||||||
|
|
||||||
Classification: draft_gated.
|
|
||||||
|
|
||||||
This can be delegated to Fwaz or the infrastructure owner after code PR exists.
|
|
||||||
|
|
||||||
Worker-ready prompt:
|
|
||||||
|
|
||||||
```text
|
|
||||||
run phase 1b staging proof without mutating production. provision or clone a staging box, disable production services and secrets before starting the daemon, point the runtime at a sandbox decision-engine repo, enable phase 1b routing, run six single-domain prs plus one cross-domain pr, and save a machine-readable proof artifact. do not touch production prs or production secrets.
|
|
||||||
```
|
|
||||||
|
|
||||||
## Acceptance Criteria
|
|
||||||
|
|
||||||
- Staging is isolated.
|
|
||||||
- Seven sandbox PR cases run.
|
|
||||||
- Required agents match expected matrix.
|
|
||||||
- Verdicts are parseable.
|
|
||||||
- Proof artifact exists.
|
|
||||||
- Staging is stopped or destroyed after proof.
|
|
||||||
|
|
||||||
## Readiness And Claim Boundaries
|
|
||||||
|
|
||||||
Allowed claim:
|
|
||||||
|
|
||||||
- "Phase 1b passed staging proof."
|
|
||||||
|
|
||||||
Forbidden claim:
|
|
||||||
|
|
||||||
- "Production Phase 1b is complete."
|
|
||||||
|
|
||||||
## Spec Quality Self-Audit
|
|
||||||
|
|
||||||
All required execution-grade headings are present. Exact production commands remain unknown until VPS truth is read back.
|
|
||||||
|
|
||||||
## Assistant-Added Caveats
|
|
||||||
|
|
||||||
Crabbox is useful here only as a disposable staging/test substrate. It should not receive production secrets until there is a deliberate security review.
|
|
||||||
File diff suppressed because it is too large
Load diff
|
|
@ -1,88 +0,0 @@
|
||||||
# Approved Claim Bundle Isolation Canary
|
|
||||||
|
|
||||||
Status: `pass`
|
|
||||||
|
|
||||||
## Working Target
|
|
||||||
|
|
||||||
A Cory-approved strict bundle must move through a separate reviewer credential,
|
|
||||||
an immutable approval snapshot, and a narrow apply credential before exact
|
|
||||||
claim/source/evidence/edge/reasoning-tool rows become canonical. A stale payload,
|
|
||||||
replay, hash collision, or direct privilege bypass must leave no partial rows.
|
|
||||||
|
|
||||||
## Final Runtime Proof
|
|
||||||
|
|
||||||
- Generic bundle: `37/37` checks passed. Its exact payload-controlled projection
|
|
||||||
and exact table deltas were `2` claims, `2` sources, `2` evidence links, `1`
|
|
||||||
edge, and `1` reasoning tool.
|
|
||||||
- Real Helmer bundle: `37/37` checks passed. Its exact payload-controlled
|
|
||||||
projection and exact table deltas were `5` claims, `13` sources, `17`
|
|
||||||
evidence links, `7` edges, and `1` reasoning tool.
|
|
||||||
- Helmer source proposal: `a64df080-8502-42e2-98f4-9bbdecb8da73`; strict child
|
|
||||||
proposal in the final isolated run: `87344d36-5005-5d88-a04c-067aeceda3c3`.
|
|
||||||
- `kb_review` approved the exact pending type and full JSON payload as mapped
|
|
||||||
reviewer `m3ta`; the immutable approval row matched the proposal ledger.
|
|
||||||
- `kb_apply` could not directly update proposal status/payload, immutable
|
|
||||||
approval rows, or existing `claim_evidence` rows.
|
|
||||||
- Mutating the approved ledger after SQL generation made the stale apply fail
|
|
||||||
before canonical writes; restoring the ledger left the immutable approval
|
|
||||||
unchanged.
|
|
||||||
- Replay was refused. A different source ID reusing an existing source hash was
|
|
||||||
refused, and its proposal/approval remained intact with zero partial rows.
|
|
||||||
- Every payload-controlled persisted field, including weights, roles, owners,
|
|
||||||
tags, hashes, and relationships, matched the reviewed payload. Exact table
|
|
||||||
deltas also exclude unexpected extra rows under unrelated IDs.
|
|
||||||
- The migration readback proves one expected signature per gate function, no
|
|
||||||
legacy overload, no protected-role membership, no object owned by a login
|
|
||||||
role, and the exact reviewer/apply execute split.
|
|
||||||
|
|
||||||
## Isolation And Cleanup
|
|
||||||
|
|
||||||
- Both runs used a new unexposed `postgres:16` container built from a read-only
|
|
||||||
schema/reference copy of live `teleo`; no cluster-wide role was created in the
|
|
||||||
production `teleo-pg` instance.
|
|
||||||
- The wrapper issued read-only queries to live `teleo-pg`; endpoint counts were
|
|
||||||
identical before and after each final run, with zero deltas for all six tables:
|
|
||||||
`claims=1837`, `sources=4145`, `claim_evidence=4670`, `claim_edges=4916`,
|
|
||||||
`reasoning_tools=17`, `kb_proposals=26`. This is endpoint-count evidence, not
|
|
||||||
a claim that every live row byte was compared.
|
|
||||||
- `leoclean-gateway.service` stayed `active/running`, `MainPID=2999690`,
|
|
||||||
`NRestarts=0`.
|
|
||||||
- Inner clone databases, outer Postgres containers, temporary workdirs, and the
|
|
||||||
remote source bundle were removed. Independent name/path readbacks found no
|
|
||||||
residue after cleanup.
|
|
||||||
- Both receipts retain repo-relative SHA-256/size bindings for the apply,
|
|
||||||
approval, prerequisite SQL, inner canary, and isolation wrapper source files;
|
|
||||||
a local recomputation matched every retained hash.
|
|
||||||
- No Telegram message, production canonical apply, production permission
|
|
||||||
migration, service restart, or runtime-profile write occurred.
|
|
||||||
|
|
||||||
## Reproduce
|
|
||||||
|
|
||||||
Generic bundle:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
scripts/run_approve_claim_isolated_container_canary.sh \
|
|
||||||
--output docs/reports/leo-working-state-20260709/approve-claim-clone-canary-current.json
|
|
||||||
```
|
|
||||||
|
|
||||||
Real normalized Helmer bundle:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
scripts/run_approve_claim_isolated_container_canary.sh \
|
|
||||||
--normalization-json docs/reports/leo-working-state-20260709/helmer-approve-claim-normalization-current.json \
|
|
||||||
--output docs/reports/leo-working-state-20260709/helmer-approve-claim-clone-canary-current.json
|
|
||||||
```
|
|
||||||
|
|
||||||
## Evidence And Claim Ceiling
|
|
||||||
|
|
||||||
- Generic receipt: `approve-claim-clone-canary-current.json`
|
|
||||||
- Helmer receipt: `helmer-approve-claim-clone-canary-current.json`
|
|
||||||
- Lossless normalization: `helmer-approve-claim-normalization-current.json`
|
|
||||||
- Inner harness: `scripts/run_approve_claim_clone_canary.py`
|
|
||||||
- Isolation wrapper: `scripts/run_approve_claim_isolated_container_canary.sh`
|
|
||||||
|
|
||||||
This proves the repo-owned review/apply lifecycle at isolated runtime tier. It
|
|
||||||
does not mean the new code, reviewer/apply roles, or permission migration are
|
|
||||||
deployed on VPS production, and it does not mean Helmer is canonical there.
|
|
||||||
`kb_apply` remains an operator-only trusted canonical writer; the proof covers
|
|
||||||
the supplied tool and privilege matrix, not a compromised apply credential.
|
|
||||||
File diff suppressed because it is too large
Load diff
|
|
@ -1,38 +0,0 @@
|
||||||
# Argus KB State Probe
|
|
||||||
|
|
||||||
Generated UTC: `2026-07-10T02:48:11.734733+00:00`
|
|
||||||
Mode: `argus_kb_state_readonly_http_probe`
|
|
||||||
Status: `pass`
|
|
||||||
Base URL: `http://77.42.65.182:8081`
|
|
||||||
|
|
||||||
## Fetch Sources
|
|
||||||
|
|
||||||
- `kb_proposals`: `supplied_base64_json`
|
|
||||||
- `metrics`: `supplied_base64_json`
|
|
||||||
- `vital_signs`: `supplied_base64_json`
|
|
||||||
|
|
||||||
## Checks
|
|
||||||
|
|
||||||
- `approved_need_apply_payload`: `True`
|
|
||||||
- `approved_proposals_visible`: `True`
|
|
||||||
- `http_readback_ok`: `True`
|
|
||||||
- `kb_proposals_endpoint_read_only`: `True`
|
|
||||||
- `no_worker_applyable_approved_proposals`: `True`
|
|
||||||
|
|
||||||
## Approved Proposal State
|
|
||||||
|
|
||||||
- Total: `3`
|
|
||||||
- Status counts: `{"approved": 3}`
|
|
||||||
- Review state counts: `{"approved_needs_apply_payload": 3}`
|
|
||||||
- Worker-applyable count: `0`
|
|
||||||
- Read-only endpoint: `True`
|
|
||||||
|
|
||||||
## Proposal IDs
|
|
||||||
|
|
||||||
- `14fa5ecc-ac7a-41c1-807d-a2e85b936617`
|
|
||||||
- `ac036c9d-20a0-4ffe-881f-57d6b7bacf22`
|
|
||||||
- `a64df080-8502-42e2-98f4-9bbdecb8da73`
|
|
||||||
|
|
||||||
## Claim Ceiling
|
|
||||||
|
|
||||||
This is public Argus HTTP diagnostics evidence only. It proves the diagnostics surface can see approved KB proposals and their applyability state; it does not prove Docker/Postgres row counts, gateway systemd state, Telegram-visible reply quality, or production apply execution.
|
|
||||||
|
|
@ -1,73 +0,0 @@
|
||||||
# Claim/Source Contract Preview - 2026-07-09
|
|
||||||
|
|
||||||
## Scope
|
|
||||||
|
|
||||||
Read-only contract preview for live approved rich KB proposals fetched from the VPS leoclean profile. This does not write Postgres, does not restart Leo, and does not change runtime behavior.
|
|
||||||
|
|
||||||
## Result
|
|
||||||
|
|
||||||
### `14fa5ecc-ac7a-41c1-807d-a2e85b936617`
|
|
||||||
|
|
||||||
- Status: `approved`
|
|
||||||
- Proposal type: `attach_evidence`
|
|
||||||
- Direct apply ready: `false`
|
|
||||||
- Claim rows needing canonical IDs: `4`
|
|
||||||
- Source rows needing canonical IDs/deduplication: `5`
|
|
||||||
- Edge fragments blocked until IDs/mapping exist: `17`
|
|
||||||
- Evidence fragments blocked until claim/source IDs exist: `9`
|
|
||||||
- Next action: Do not apply directly. Review a claim/source creation contract in a clone, assign/deduplicate canonical IDs, then rerun strict normalization to produce apply_payload child proposals.
|
|
||||||
|
|
||||||
Contract gaps:
|
|
||||||
- `current_apply_role_cannot_insert_claims_or_sources`: A separate reviewed role/contract for public.claims and public.sources creation.
|
|
||||||
- `claim_candidates_need_canonical_ids`: Create or deduplicate claim rows, then rewrite edges/evidence using UUIDs.
|
|
||||||
- `public_claims_has_no_body_or_review_note_columns`: Store those details in public.sources excerpts or add reviewed schema support.
|
|
||||||
- `public_sources_has_limited_metadata_columns`: Deduplicate sources and decide where provenance metadata is retained.
|
|
||||||
- `old_claim_supersession_is_many_successors`: Use typed claim_edges for supersession components or introduce an aggregate successor node.
|
|
||||||
- `concept_map_dependency_has_no_first_class_storage`: Create first-class concept-map storage or keep the concept map as source-backed context.
|
|
||||||
|
|
||||||
Claim candidates:
|
|
||||||
- `capital_allocation_is_civilizational_steering` -> type `structural`, confidence `0.65`, needs canonical id
|
|
||||||
- `capital_allocation_depends_on_distributed_market_intelligence` -> type `structural`, confidence `0.7`, needs canonical id
|
|
||||||
- `internet_finance_structural_advantages_capital_allocation` -> type `structural`, confidence `0.45`, needs canonical id
|
|
||||||
- `internet_finance_is_mechanism_not_telos` -> type `normative/strategic-boundary`, confidence `0.8`, needs canonical id
|
|
||||||
|
|
||||||
Source candidates:
|
|
||||||
- `m3ta_telegram_approval_supersede_split_2026_07_05` -> source_type `dm`, needs dedupe/canonical id
|
|
||||||
- `kb_existing_hayek_claim_7da4851c` -> source_type `note`, needs dedupe/canonical id
|
|
||||||
- `hayek_use_of_knowledge_in_society_fee_snapshot` -> source_type `url`, needs dedupe/canonical id
|
|
||||||
- `rio_belief_capital_allocation_civilizational_infrastructure` -> source_type `note`, needs dedupe/canonical id
|
|
||||||
- `leo_active_strategy_v2_context` -> source_type `note`, needs dedupe/canonical id
|
|
||||||
|
|
||||||
### `ac036c9d-20a0-4ffe-881f-57d6b7bacf22`
|
|
||||||
|
|
||||||
- Status: `approved`
|
|
||||||
- Proposal type: `attach_evidence`
|
|
||||||
- Direct apply ready: `false`
|
|
||||||
- Claim rows needing canonical IDs: `3`
|
|
||||||
- Source rows needing canonical IDs/deduplication: `3`
|
|
||||||
- Edge fragments blocked until IDs/mapping exist: `6`
|
|
||||||
- Evidence fragments blocked until claim/source IDs exist: `5`
|
|
||||||
- Next action: Do not apply directly. Review a claim/source creation contract in a clone, assign/deduplicate canonical IDs, then rerun strict normalization to produce apply_payload child proposals.
|
|
||||||
|
|
||||||
Contract gaps:
|
|
||||||
- `current_apply_role_cannot_insert_claims_or_sources`: A separate reviewed role/contract for public.claims and public.sources creation.
|
|
||||||
- `claim_candidates_need_canonical_ids`: Create or deduplicate claim rows, then rewrite edges/evidence using UUIDs.
|
|
||||||
- `public_claims_has_no_body_or_review_note_columns`: Store those details in public.sources excerpts or add reviewed schema support.
|
|
||||||
- `public_sources_has_limited_metadata_columns`: Deduplicate sources and decide where provenance metadata is retained.
|
|
||||||
|
|
||||||
Claim candidates:
|
|
||||||
- `claim_nodes_need_bodies` -> type `governance/process`, confidence `0.85`, needs canonical id
|
|
||||||
- `internet_finance_structural_advantages_body_draft` -> type `structural/forecast-like thesis`, confidence `0.45`, needs canonical id
|
|
||||||
- `hayek_reframed_price_system_distributed_knowledge` -> type `structural/reframing`, confidence `0.8`, needs canonical id
|
|
||||||
|
|
||||||
Source candidates:
|
|
||||||
- `telegram_attachment_teleo_agent_strategy_kernels_2026_06_30` -> source_type `note`, needs dedupe/canonical id
|
|
||||||
- `telegram_feedback_m3ta_claim_shape_2026_07_05` -> source_type `note`, needs dedupe/canonical id
|
|
||||||
- `hayek_use_of_knowledge_in_society_fee_snapshot` -> source_type `url`, needs dedupe/canonical id
|
|
||||||
|
|
||||||
## Claim Ceiling
|
|
||||||
|
|
||||||
This proves the live approved packets can be converted into a row-level contract preview. It does not prove those new claim/source rows should be inserted into canonical production tables without a clone/staging apply rehearsal and a reviewed creation contract.
|
|
||||||
|
|
||||||
JSON proof: `/Users/user/Documents/Codex/2026-07-09/019f34eb-d297-72d0-b7e2-b222d5515ab9-load/outputs/claim-source-contract-preview-20260709/claim-source-contract-preview-current.json`
|
|
||||||
Fetched live proposal bundle: `/Users/user/Documents/Codex/2026-07-09/019f34eb-d297-72d0-b7e2-b222d5515ab9-load/outputs/claim-source-contract-preview-20260709/approved-rich-proposals-live.json`
|
|
||||||
|
|
@ -1,110 +0,0 @@
|
||||||
# Cory Expected Working-Leo Outcomes - 2026-07-09
|
|
||||||
|
|
||||||
This is the current working target for restoring Leo. It intentionally scopes out non-Leo route work and keeps the focus on Cory/m3taversal's expected Leo behavior: Telegram-visible reasoning, memory, truthful KB state, and approved KB changes becoming canonical DB state with proof.
|
|
||||||
|
|
||||||
## Working Target
|
|
||||||
|
|
||||||
A working Leo is a Telegram-reachable agent that:
|
|
||||||
|
|
||||||
1. Remembers the ongoing conversation and can use prior turns in the same operator context.
|
|
||||||
2. Grounds KB answers in canonical Teleo Postgres state, not only in memory or proposal text.
|
|
||||||
3. Clearly distinguishes `proposed`, `approved`, `applied`, and `not applied`.
|
|
||||||
4. Does not overclaim that an approval changed the DB when only a proposal ledger changed.
|
|
||||||
5. When Cory/m3taversal approves a specific concrete KB change, moves that change through a narrow guarded review/apply path into canonical `public.*` rows.
|
|
||||||
6. Retains Cory's caveats verbatim when an approved change is applied.
|
|
||||||
7. Produces row-level before/after proof and leaves the live Leo runtime stable.
|
|
||||||
|
|
||||||
## What Cory Most Likely Means By "Working"
|
|
||||||
|
|
||||||
The best-supported reading is:
|
|
||||||
|
|
||||||
- "Able to manipulate the knowledge base" means approved, concrete KB changes can land as real canonical rows, not just text in staging tables.
|
|
||||||
- "Same state as last night" means Leo is stuck in proposal/approval state and the canonical DB is not moving forward.
|
|
||||||
- Partner-demo pressure means the path must be visible and reliable through Telegram, not only through local operator scripts.
|
|
||||||
- Cory may tolerate a more direct write posture than we would design from scratch, but the restored safe behavior should still be auditable: propose, review, apply, read back rows.
|
|
||||||
|
|
||||||
## Current Truth
|
|
||||||
|
|
||||||
Live behavior is now Cory-working for the restored VPS Telegram memory/KB-audit path, with a clear remaining DB-contract gap:
|
|
||||||
|
|
||||||
- The live hosted HTTP Leo chat route still fails the KB-state and memory benchmark.
|
|
||||||
- The live VPS Telegram-shaped GatewayRunner handler now passes same-session memory and canonical KB audit when launched in the same user/cwd context as the service.
|
|
||||||
- The handler confirmed proposal `00957f6c-9883-4015-95a4-6b09367efb0e` is `applied` and edge `c167933e-d513-4f43-9335-d5d8aeb259f2` exists in `public.claim_edges`.
|
|
||||||
- The authenticated Chrome/Telegram Web live group canary now proves the same behavior in the real `Leo` Telegram group: Leo remembered marker `WL-LIVE-TG-CORY-20260709`, preserved `approved is not the same as applied`, and read back the applied proposal plus canonical edge row.
|
|
||||||
- Old approved/freeform proposals are not safely applyable as-is because they lack strict `payload.apply_payload` and, for `14fa5ecc`, the approved successor claim/source rows do not already exist as canonical IDs.
|
|
||||||
- Telegram bot/group readiness is proven, and Chrome/Telegram Web is authenticated/read/write-proven through Computer Use for bot testing in the `Leo` group.
|
|
||||||
|
|
||||||
Validated lower-tier behavior:
|
|
||||||
|
|
||||||
- The VPS service is alive and stable under the live harness.
|
|
||||||
- Hermes CLI session memory passed a two-turn canary, but that is not the same as Telegram-visible proof.
|
|
||||||
- One strict KB apply canary mutated canonical DB state without changing Leo runtime.
|
|
||||||
- The live GatewayRunner handler canary proves Telegram-shaped authorization, same-session memory, and canonical KB audit without posting to Telegram or writing synthetic live-profile sessions.
|
|
||||||
- A guarded approval helper is installed on VPS and rejects re-approval of an already-applied proposal.
|
|
||||||
- Approved-proposal normalization confirmed that old freeform approvals need canonical IDs or strict rewrites before apply.
|
|
||||||
- Claim/source contract preview now converts live approved rich proposals into row-level requirements:
|
|
||||||
- `14fa5ecc`: 4 claim rows, 5 source rows, 17 edge fragments, 9 evidence fragments
|
|
||||||
- `ac036c9d`: 3 claim rows, 3 source rows, 6 edge fragments, 5 evidence fragments
|
|
||||||
- Rollback-only rich proposal creation plan now validates the supported subset against live VPS schema without permanent production mutation:
|
|
||||||
- `14fa5ecc`: 4 claims, 9 sources, 11 evidence rows, 3 supported edges; 14 blocked fragments remain
|
|
||||||
- `ac036c9d`: 3 claims, 6 sources, 6 evidence rows, 1 supported edge; 5 blocked fragments remain
|
|
||||||
- before/after generated-row counts remained zero for claims, sources, claim_evidence, and claim_edges
|
|
||||||
- Disposable staging DB commit proof now shows the supported subset can commit outside production:
|
|
||||||
- staging DB after commit: 7 claims, 15 sources, 17 claim_evidence rows, 4 claim_edges
|
|
||||||
- production after staging commit: 0 generated claims, 0 generated sources, 0 generated claim_evidence rows, 0 generated claim_edges
|
|
||||||
- staging DB was dropped and temp files were cleaned up
|
|
||||||
- An isolated local Leo chat candidate passes the KB-state and memory benchmark, but it is not deployed.
|
|
||||||
|
|
||||||
## Evidence Index
|
|
||||||
|
|
||||||
- Working definition and chat excerpts: `outputs/working-leo-definition-20260709.md`, `outputs/working-leo-chat-excerpts-20260709.md`
|
|
||||||
- Reviewer convergence: `outputs/fable-working-leo-convergence-20260709/fable-working-leo-convergence-report.md`
|
|
||||||
- VPS live harness: `outputs/leo-vps-live-harness-20260709/leo-vps-live-harness-current-20260709.md`
|
|
||||||
- Canonical apply canary: `outputs/kb-apply-canary-20260709/kb-apply-canary-execute-current.md`
|
|
||||||
- Telegram handler canary: `outputs/telegram-gateway-handler-canary-20260709/telegram-gateway-handler-canary-current.md`
|
|
||||||
- Live Telegram group canary: `outputs/telegram-live-canary-20260709/telegram-live-canary-current.md`
|
|
||||||
- Old approval normalization: `outputs/approved-proposal-normalization-20260709/approved-proposal-normalization-current.md`
|
|
||||||
- Claim/source contract preview: `outputs/claim-source-contract-preview-20260709/claim-source-contract-preview-current.md`
|
|
||||||
- Rich proposal creation plan: `outputs/rich-proposal-creation-plan-20260709/rich-proposal-creation-plan-current.md`
|
|
||||||
- Execution plan: `outputs/working-leo-execution-plan-20260709/working-leo-execution-plan-current.md`
|
|
||||||
- Live chat benchmark failure: `outputs/leo-http-chat-benchmark-20260709/leo-http-chat-benchmark-current.md`
|
|
||||||
- Local candidate chat benchmark pass: `outputs/leo-http-chat-benchmark-20260709/leo-http-chat-benchmark-http-localhost-3129-api-agents-leo-chat.md`
|
|
||||||
- Telegram readiness proof: `outputs/telegram-visible-readiness-20260709/telegram-visible-readiness-current.md`
|
|
||||||
- Telegram access supersession: `outputs/telegram-visible-readiness-20260709/telegram-access-supersession-20260709.md`
|
|
||||||
- Current state report: `outputs/working-leo-current-state-20260709.md`
|
|
||||||
- Current state image: `outputs/leo-db-state-06-current-proof.svg`
|
|
||||||
- Current live proof image: `outputs/leo-db-state-07-live-proof.svg`
|
|
||||||
- Rich proposal plan image: `outputs/leo-db-state-08-rich-plan.svg`
|
|
||||||
- Staging commit proof image: `outputs/leo-db-state-09-staging-commit.svg`
|
|
||||||
- Outcome image: `outputs/working-leo-cory-expected-outcomes.png`
|
|
||||||
|
|
||||||
## Benchmark Bar
|
|
||||||
|
|
||||||
The benchmark for Cory-working Leo should pass these checks:
|
|
||||||
|
|
||||||
1. Telegram visibility: passed in the live `Leo` group.
|
|
||||||
2. Memory: passed with marker `WL-LIVE-TG-CORY-20260709` and the correction from the prior turn.
|
|
||||||
3. KB audit: passed for proposal `00957f6c-9883-4015-95a4-6b09367efb0e` and edge `c167933e-d513-4f43-9335-d5d8aeb259f2`.
|
|
||||||
4. Truthfulness: passed for the tested applied canary and prior approved-vs-applied context.
|
|
||||||
5. Strict apply: passed for one approved concrete `add_edge` change with before/after row proof.
|
|
||||||
6. Caveat retention: passed for the strict canary approval note; old freeform caveat retention remains part of the claim/source creation contract.
|
|
||||||
7. Old approval handling: partially passed; old freeform approvals are now normalized into row-level requirements and explicitly not silently applied.
|
|
||||||
8. Runtime stability: passed; service stayed active/running with `NRestarts=0`. The latest direct-claim suite ran after the expected skill-change restart and stayed on `MainPID=1908033` throughout the harness.
|
|
||||||
9. Broad Cory-style outcomes and no-context direct claims: specified in the open-ended benchmark as nine disposable-clone/sandbox-first outcome scenarios plus six direct-claim/follow-up scenarios. The mixed-evidence sandbox score passes `20/20` using retained live Telegram evidence for `OE-01` through `OE-05`, fixture answers for `CS-01` through `CS-09`, and direct-claim expected-answer/follow-up fixtures for `DC-01` through `DC-06`; the CS rows are not live Telegram proof. A live VPS GatewayRunner handler run of exact `DC-01` through `DC-06` now returns replies with no DB/service side effects and strict-scores `6/6`, so no-context direct-claim behavior is handler-proven on VPS.
|
|
||||||
|
|
||||||
## Scope Boundaries
|
|
||||||
|
|
||||||
- Do not broaden this into parked route work before Leo meets the Cory-working bar.
|
|
||||||
- Do not introduce new naming tied to the parked lane in new artifacts or harnesses.
|
|
||||||
- Do not deploy the isolated local candidate until the Leo/Kb/memory behavior is reviewed and the Telegram-visible test path is ready.
|
|
||||||
- Keep the local chat-route candidate as evidence only for now; do not promote it as the Cory fix while its surrounding route surface is outside the current scope.
|
|
||||||
- Do not auto-apply old freeform approvals without canonical IDs, strict payloads, and explicit review.
|
|
||||||
- Do not give Leo broad autonomous DB write authority as part of "restoration"; that would be a feature change.
|
|
||||||
|
|
||||||
## Next Actions
|
|
||||||
|
|
||||||
1. Keep the live Telegram group canary as the top-level user-visible proof and the handler direct-claim suite as the non-posting regression harness.
|
|
||||||
2. Keep the direct-claim handler suite green: `DC-02` must recognize approved Helmer staging row `a64df080-8502-42e2-98f4-9bbdecb8da73` as approved/unapplied, and `DC-03` must not infer decision-matrix approval while decision-matrix tables are absent.
|
|
||||||
3. Do not auto-apply old freeform approvals.
|
|
||||||
4. For `14fa5ecc`, identify or create canonical claim/source rows before producing strict child proposals; otherwise treat claim/source creation support as a separate guarded contract expansion, preferably in a clone first.
|
|
||||||
5. Re-review and apply only strict proposals with row-level proof and runtime stability readback.
|
|
||||||
|
|
@ -1,31 +0,0 @@
|
||||||
\set ON_ERROR_STOP on
|
|
||||||
begin;
|
|
||||||
|
|
||||||
do $$
|
|
||||||
declare
|
|
||||||
updated int;
|
|
||||||
begin
|
|
||||||
if not exists (select 1 from public.claims where id = 'e6ce4e36-15d2-53bc-8b74-dda0efc095c1'::uuid) then
|
|
||||||
raise exception 'cross-surface packet requires Claim D % to exist before anchor update', 'e6ce4e36-15d2-53bc-8b74-dda0efc095c1';
|
|
||||||
end if;
|
|
||||||
|
|
||||||
if not exists (select 1 from public.sources where id = '9a0d2429-b98b-585a-980c-0176db7f9fe7'::uuid) then
|
|
||||||
raise exception 'cross-surface packet requires approval source % to exist before anchor update', '9a0d2429-b98b-585a-980c-0176db7f9fe7';
|
|
||||||
end if;
|
|
||||||
|
|
||||||
update public.strategy_node_anchors
|
|
||||||
set claim_id = 'e6ce4e36-15d2-53bc-8b74-dda0efc095c1'::uuid,
|
|
||||||
weight = 0.85,
|
|
||||||
note = 'Mapped rich proposal 14fa5ecc applied: active Leo policy now anchors to Claim D (internet finance is a candidate mechanism, not the telos) instead of the retired compressed internet-finance claim.'
|
|
||||||
where id = '47f128a0-36c5-4b60-97d4-48c32fa48bc7'::uuid
|
|
||||||
and from_node_id = '52bc4264-330e-489d-920c-a493fd2d985a'::uuid
|
|
||||||
and anchor_role = 'justified_by'
|
|
||||||
and claim_id = 'd0000000-0000-0000-0000-000000000005'::uuid;
|
|
||||||
|
|
||||||
get diagnostics updated = row_count;
|
|
||||||
if updated <> 1 then
|
|
||||||
raise exception 'cross-surface anchor update affected % row(s), expected 1; anchor was not at old claim state', updated;
|
|
||||||
end if;
|
|
||||||
end $$;
|
|
||||||
|
|
||||||
commit;
|
|
||||||
|
|
@ -1,314 +0,0 @@
|
||||||
cross-surface rehearsal started UTC 2026-07-09T21:35:41Z
|
|
||||||
copy packet files into teleo-pg container
|
|
||||||
drop old disposable DB if present
|
|
||||||
DROP DATABASE
|
|
||||||
create disposable DB teleo_cross_surface_rehearsal_20260709 from pg_dump of production teleo
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
clone base preflight before mapped packet commit
|
|
||||||
id | status | proposal_type | reviewed_by_handle | reviewed_at
|
|
||||||
--------------------------------------+----------+-----------------+--------------------+-------------------------------
|
|
||||||
14fa5ecc-ac7a-41c1-807d-a2e85b936617 | approved | attach_evidence | m3ta | 2026-07-05 19:30:48.707181+00
|
|
||||||
ac036c9d-20a0-4ffe-881f-57d6b7bacf22 | approved | attach_evidence | m3ta | 2026-07-05 19:11:40.673615+00
|
|
||||||
(2 rows)
|
|
||||||
|
|
||||||
check_name | id | reason
|
|
||||||
------------+----+--------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
expected_claims | expected_sources | expected_claim_edges | expected_claim_evidence
|
|
||||||
-----------------+------------------+----------------------+-------------------------
|
|
||||||
7 | 15 | 11 | 17
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
generated_claim_rows | generated_source_rows | generated_edge_rows | generated_evidence_rows
|
|
||||||
----------------------+-----------------------+---------------------+-------------------------
|
|
||||||
0 | 0 | 0 | 0
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
clone base mapped packet authorized commit
|
|
||||||
BEGIN
|
|
||||||
SET
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
COMMIT
|
|
||||||
BEGIN
|
|
||||||
SET
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
COMMIT
|
|
||||||
clone base mapped packet postflight
|
|
||||||
generated_claim_rows | generated_source_rows | generated_edge_rows | generated_evidence_rows
|
|
||||||
----------------------+-----------------------+---------------------+-------------------------
|
|
||||||
7 | 15 | 11 | 17
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
id | type | confidence | text
|
|
||||||
--------------------------------------+------------+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------
|
|
||||||
004195cc-ab62-526c-90fb-51cb0f826ec0 | structural | 0.65 | Capital allocation is a form of civilizational steering because it determines which futures receive resources.
|
|
||||||
62e82ee8-b204-573b-9707-eb5d832b9d9e | structural | 0.45 | Internet finance has structural advantages that make it likely to become an increasingly important capital-allocation mechanism.
|
|
||||||
67003e10-e1ee-5905-8b51-1b0cb263ec11 | structural | 0.45 | Internet finance has structural advantages over traditional finance and is likely to become an increasingly important capital-allocation mechanism.
|
|
||||||
9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0 | meta | 0.85 | KB claim nodes need explanatory bodies, not only one-sentence headlines.
|
|
||||||
cd8daac8-039c-5349-9c50-02f622e73b03 | structural | 0.8 | Hayek’s most relevant contribution for Teleo is that prices coordinate dispersed, local, time-sensitive knowledge without central possession of that knowledge.
|
|
||||||
d009dfc4-9755-58a7-affb-80e3e842a775 | structural | 0.7 | Capital allocation depends on distributed knowledge, incentives, liquidity, and feedback loops.
|
|
||||||
e6ce4e36-15d2-53bc-8b74-dda0efc095c1 | normative | 0.8 | Internet finance is not Teleo’s telos; it is a candidate mechanism for pursuing the telos.
|
|
||||||
(7 rows)
|
|
||||||
|
|
||||||
id | source_type | excerpt
|
|
||||||
--------------------------------------+-------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
|
|
||||||
244a4c38-86e5-5910-91f4-6d71529e9b31 | other | {"body": "The existing KB Hayek claim says economic planning requires local and global information that are never simultaneously available to decision makers. That is directionally related, but the stronger Teleo-relevan
|
|
||||||
33fadb51-0bd8-5f2d-87fe-758a3dd7fac0 | article | {"excerpt": "There is beyond question a body of very important but unorganized knowledge... the knowledge of the particular circumstances of time and place.\n\nBy the price system... all the relevant information is conce
|
|
||||||
3a57238c-ca31-5fe1-bece-e5fb2f174e32 | other | {"excerpt": "Capital allocation is civilizational infrastructure, not a financial service.", "metadata": {"source_key": "rio_belief_capital_allocation_civilizational_infrastructure", "source_quality": "canonical agent be
|
|
||||||
4787c38e-74cb-5bf5-93e1-0cc9c290684c | other | {"excerpt": "Nodes should have a headline that’s the claim belief or concept map etc, but also a body elaborating what the claim means.\n\nStandardize these nodes as: Headline, Body, Edges, Evidence.\n\nFor Hayek that is
|
|
||||||
4cc0c7ee-2166-5cae-9065-ea226fa2be5b | article | {"excerpt": "There is beyond question a body of very important but unorganized knowledge... the knowledge of the particular circumstances of time and place.\n\nBy the price system... all the relevant information is conce
|
|
||||||
6c3c26c1-39bc-58e5-8c76-28b5712420ce | other | {"body": "Internet finance may improve capital allocation by making ownership, capital formation, settlement, liquidity, governance, and market feedback more digitally native, programmable, global, and composable. The th
|
|
||||||
703fdfaf-22c9-5f5b-8d29-cf238d5e156f | other | {"excerpt": "# Teleo Collective Telos and Agent Strategy Kernels ... This is a working synthesis, not canonical KB state.\n\nCore Strategic Tools are named and then elaborated with short explanatory bodies: Inflection ma
|
|
||||||
87f49cf0-5516-5aef-8ed9-f69292917d32 | other | {"excerpt": "Hayek's knowledge problem reveals that economic planning requires both local and global information which are never simultaneously available to decision makers", "metadata": {"claim_id": "7da4851c-0aac-4084-
|
|
||||||
8f952541-5f12-5f24-88b3-21e7842163a1 | other | {"excerpt": "Humanity is in the early innings of a species-level inflection... changes in how society distributes value, forms capital, and coordinates around shared futures.", "metadata": {"source_key": "leo_active_stra
|
|
||||||
997e5e58-b20d-560a-a73a-eaa4bff1dc3e | other | {"body": "Teleo’s telos is emergent collective superintelligence oriented toward better futures, not internet finance for its own sake. Internet finance matters insofar as it can help coordinate capital, incentives, fore
|
|
||||||
9a0d2429-b98b-585a-980c-0176db7f9fe7 | dm | {"excerpt": "Yes let’s do this. do the work for this, then come back to me with what you'd like me to approve\n\nOld claim: Internet finance is the coordination mechanism for capital allocation — capital allocation is ex
|
|
||||||
9fd61e7e-d5cb-5904-b5c2-a539946f7c96 | other | {"body": "Good capital allocation requires more than a central thesis about what matters. It needs distributed knowledge about local opportunities, credible incentives that reward truth-seeking and execution, liquidity o
|
|
||||||
a3cba49b-7016-5f42-9af6-041f12371a24 | other | {"body": "A one-sentence claim can be useful as a handle, but it often under-specifies scope, mechanism, caveats, and what evidence would actually support it. Bodies make claims reviewable by explaining intended meaning
|
|
||||||
eea07732-c65d-5db6-88d6-1ab08511eca6 | other | {"body": "This does not mean “crypto wins because crypto.” It means digitally native capital formation, programmable governance, global distribution, lower intermediation costs, faster liquidity, composable ownership, an
|
|
||||||
f80c01fe-63bb-5ccf-9bdd-744bab0e9163 | other | {"body": "Capital allocation is not merely financial plumbing. It decides which companies, technologies, infrastructures, institutions, and narratives get enough resources to become real. Because many possible futures co
|
|
||||||
(15 rows)
|
|
||||||
|
|
||||||
from_claim | to_claim | edge_type
|
|
||||||
--------------------------------------+--------------------------------------+--------------
|
|
||||||
004195cc-ab62-526c-90fb-51cb0f826ec0 | d0000000-0000-0000-0000-000000000005 | supersedes
|
|
||||||
62e82ee8-b204-573b-9707-eb5d832b9d9e | c0000000-0000-0000-0000-00000000000c | relates
|
|
||||||
62e82ee8-b204-573b-9707-eb5d832b9d9e | cd8daac8-039c-5349-9c50-02f622e73b03 | derives_from
|
|
||||||
67003e10-e1ee-5905-8b51-1b0cb263ec11 | d0000000-0000-0000-0000-000000000005 | supersedes
|
|
||||||
67003e10-e1ee-5905-8b51-1b0cb263ec11 | d009dfc4-9755-58a7-affb-80e3e842a775 | requires
|
|
||||||
cd8daac8-039c-5349-9c50-02f622e73b03 | 62e82ee8-b204-573b-9707-eb5d832b9d9e | supports
|
|
||||||
cd8daac8-039c-5349-9c50-02f622e73b03 | 7da4851c-0aac-4084-a99f-baeeeb3aa23e | supersedes
|
|
||||||
d009dfc4-9755-58a7-affb-80e3e842a775 | 7da4851c-0aac-4084-a99f-baeeeb3aa23e | relates
|
|
||||||
d009dfc4-9755-58a7-affb-80e3e842a775 | d0000000-0000-0000-0000-000000000005 | supersedes
|
|
||||||
e6ce4e36-15d2-53bc-8b74-dda0efc095c1 | 67003e10-e1ee-5905-8b51-1b0cb263ec11 | constrains
|
|
||||||
e6ce4e36-15d2-53bc-8b74-dda0efc095c1 | d0000000-0000-0000-0000-000000000005 | supersedes
|
|
||||||
(11 rows)
|
|
||||||
|
|
||||||
claim_id | source_id | role
|
|
||||||
--------------------------------------+--------------------------------------+-------------
|
|
||||||
004195cc-ab62-526c-90fb-51cb0f826ec0 | 3a57238c-ca31-5fe1-bece-e5fb2f174e32 | grounds
|
|
||||||
004195cc-ab62-526c-90fb-51cb0f826ec0 | 8f952541-5f12-5f24-88b3-21e7842163a1 | grounds
|
|
||||||
004195cc-ab62-526c-90fb-51cb0f826ec0 | 9a0d2429-b98b-585a-980c-0176db7f9fe7 | grounds
|
|
||||||
004195cc-ab62-526c-90fb-51cb0f826ec0 | f80c01fe-63bb-5ccf-9bdd-744bab0e9163 | illustrates
|
|
||||||
62e82ee8-b204-573b-9707-eb5d832b9d9e | 4787c38e-74cb-5bf5-93e1-0cc9c290684c | grounds
|
|
||||||
62e82ee8-b204-573b-9707-eb5d832b9d9e | eea07732-c65d-5db6-88d6-1ab08511eca6 | illustrates
|
|
||||||
67003e10-e1ee-5905-8b51-1b0cb263ec11 | 6c3c26c1-39bc-58e5-8c76-28b5712420ce | illustrates
|
|
||||||
67003e10-e1ee-5905-8b51-1b0cb263ec11 | 9a0d2429-b98b-585a-980c-0176db7f9fe7 | grounds
|
|
||||||
9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0 | 4787c38e-74cb-5bf5-93e1-0cc9c290684c | grounds
|
|
||||||
9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0 | a3cba49b-7016-5f42-9af6-041f12371a24 | illustrates
|
|
||||||
cd8daac8-039c-5349-9c50-02f622e73b03 | 244a4c38-86e5-5910-91f4-6d71529e9b31 | illustrates
|
|
||||||
cd8daac8-039c-5349-9c50-02f622e73b03 | 4cc0c7ee-2166-5cae-9065-ea226fa2be5b | grounds
|
|
||||||
d009dfc4-9755-58a7-affb-80e3e842a775 | 33fadb51-0bd8-5f2d-87fe-758a3dd7fac0 | grounds
|
|
||||||
d009dfc4-9755-58a7-affb-80e3e842a775 | 9fd61e7e-d5cb-5904-b5c2-a539946f7c96 | illustrates
|
|
||||||
e6ce4e36-15d2-53bc-8b74-dda0efc095c1 | 8f952541-5f12-5f24-88b3-21e7842163a1 | grounds
|
|
||||||
e6ce4e36-15d2-53bc-8b74-dda0efc095c1 | 997e5e58-b20d-560a-a73a-eaa4bff1dc3e | illustrates
|
|
||||||
e6ce4e36-15d2-53bc-8b74-dda0efc095c1 | 9a0d2429-b98b-585a-980c-0176db7f9fe7 | grounds
|
|
||||||
(17 rows)
|
|
||||||
|
|
||||||
id | superseded_by
|
|
||||||
--------------------------------------+--------------------------------------
|
|
||||||
7da4851c-0aac-4084-a99f-baeeeb3aa23e | cd8daac8-039c-5349-9c50-02f622e73b03
|
|
||||||
d0000000-0000-0000-0000-000000000005 | e6ce4e36-15d2-53bc-8b74-dda0efc095c1
|
|
||||||
(2 rows)
|
|
||||||
|
|
||||||
clone cross-surface preflight after base packet
|
|
||||||
check_name | id | from_node_id | anchor_role | claim_id | source_id | note
|
|
||||||
-----------------------+--------------------------------------+--------------------------------------+--------------+--------------------------------------+-----------+----------------------------------------------------------------------------------------------------------------------------------------
|
|
||||||
policy_anchor_current | 47f128a0-36c5-4b60-97d4-48c32fa48bc7 | 52bc4264-330e-489d-920c-a493fd2d985a | justified_by | d0000000-0000-0000-0000-000000000005 | | Telos/policy grounding approved by m3ta: capital allocation expresses priorities and must be coordinated with collective intelligence.
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
check_name | id | status | text
|
|
||||||
---------------------+--------------------------------------+--------+--------------------------------------------------------------------------------------------
|
|
||||||
base_claim_d_exists | e6ce4e36-15d2-53bc-8b74-dda0efc095c1 | open | Internet finance is not Teleo’s telos; it is a candidate mechanism for pursuing the telos.
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
check_name | id | source_type | excerpt
|
|
||||||
------------------------+--------------------------------------+-------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
|
|
||||||
approval_source_exists | 9a0d2429-b98b-585a-980c-0176db7f9fe7 | dm | {"excerpt": "Yes let’s do this. do the work for this, then come back to me with what you'd like me to approve\n\nOld claim: Internet finance is the coordination mechanism for capital allocation — capital allocation is ex
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
check_name | id | from_node_id | anchor_role | to_shared_root_id | note
|
|
||||||
-----------------------------+--------------------------------------+--------------------------------------+-------------+--------------------------------------+---------------------------------------------------------------------------------------
|
|
||||||
telos_anchor_already_exists | c7dd984c-ac1b-43f9-9996-576ddf61c6d2 | 52bc4264-330e-489d-920c-a493fd2d985a | serves | 13100000-0000-0000-0000-000000000001 | Approved by m3ta: policy serves Teleo telos of emergent collective superintelligence.
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
check_name | id | name | criteria | evidence_bar
|
|
||||||
-----------------------+--------------------------------------+--------------+------------------------------------------------------------------------------------------------------------+-------------------------------------
|
|
||||||
governance_gate_known | 45695897-2a9c-4279-ac25-e59f166dec6a | evidence-bar | likely needs empirical data; experimental = coherent argument, limited validation; speculative = untested. | likely > experimental > speculative
|
|
||||||
governance_gate_known | fa88e31b-6fca-4801-bf72-f5db81950a11 | quality-gate | Specific enough to disagree with; evidence traceable; not a duplicate; right domain reviewers. |
|
|
||||||
(2 rows)
|
|
||||||
|
|
||||||
clone cross-surface authorized commit
|
|
||||||
BEGIN
|
|
||||||
DO
|
|
||||||
COMMIT
|
|
||||||
clone cross-surface postflight after anchor update
|
|
||||||
id | from_node_id | anchor_role | claim_id | source_id | weight | note
|
|
||||||
--------------------------------------+--------------------------------------+--------------+--------------------------------------+-----------+--------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
|
|
||||||
47f128a0-36c5-4b60-97d4-48c32fa48bc7 | 52bc4264-330e-489d-920c-a493fd2d985a | justified_by | e6ce4e36-15d2-53bc-8b74-dda0efc095c1 | | 0.85 | Mapped rich proposal 14fa5ecc applied: active Leo policy now anchors to Claim D (internet finance is a candidate mechanism, not the telos) instead of the retired compressed internet-finance claim.
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
id | status | superseded_by | text
|
|
||||||
--------------------------------------+--------+--------------------------------------+---------------------------------------------------------------------------------------------------------------------
|
|
||||||
d0000000-0000-0000-0000-000000000005 | open | e6ce4e36-15d2-53bc-8b74-dda0efc095c1 | Internet finance is the coordination mechanism for capital allocation — capital allocation is expressed priorities.
|
|
||||||
e6ce4e36-15d2-53bc-8b74-dda0efc095c1 | open | | Internet finance is not Teleo’s telos; it is a candidate mechanism for pursuing the telos.
|
|
||||||
(2 rows)
|
|
||||||
|
|
||||||
id | anchor_role | to_shared_root_id | note
|
|
||||||
--------------------------------------+-------------+--------------------------------------+---------------------------------------------------------------------------------------
|
|
||||||
c7dd984c-ac1b-43f9-9996-576ddf61c6d2 | serves | 13100000-0000-0000-0000-000000000001 | Approved by m3ta: policy serves Teleo telos of emergent collective superintelligence.
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
clone direct anchor assertion after cross-surface commit
|
|
||||||
check_name | claim_id | source_id | weight | note
|
|
||||||
--------------------------+--------------------------------------+-----------+--------+------------------------------------------------------------------------------------------------------------------------------------------------------------------
|
|
||||||
clone_anchor_after_cross | e6ce4e36-15d2-53bc-8b74-dda0efc095c1 | | 0.85 | Mapped rich proposal 14fa5ecc applied: active Leo policy now anchors to Claim D (internet finance is a candidate mechanism, not the telos) instead of the retire
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
clone cross-surface delete rollback
|
|
||||||
BEGIN
|
|
||||||
DO
|
|
||||||
COMMIT
|
|
||||||
clone base mapped packet delete rollback
|
|
||||||
BEGIN
|
|
||||||
DELETE 17
|
|
||||||
DELETE 11
|
|
||||||
UPDATE 2
|
|
||||||
DELETE 15
|
|
||||||
DELETE 7
|
|
||||||
COMMIT
|
|
||||||
clone base preflight after both rollbacks
|
|
||||||
id | status | proposal_type | reviewed_by_handle | reviewed_at
|
|
||||||
--------------------------------------+----------+-----------------+--------------------+-------------------------------
|
|
||||||
14fa5ecc-ac7a-41c1-807d-a2e85b936617 | approved | attach_evidence | m3ta | 2026-07-05 19:30:48.707181+00
|
|
||||||
ac036c9d-20a0-4ffe-881f-57d6b7bacf22 | approved | attach_evidence | m3ta | 2026-07-05 19:11:40.673615+00
|
|
||||||
(2 rows)
|
|
||||||
|
|
||||||
check_name | id | reason
|
|
||||||
------------+----+--------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
expected_claims | expected_sources | expected_claim_edges | expected_claim_evidence
|
|
||||||
-----------------+------------------+----------------------+-------------------------
|
|
||||||
7 | 15 | 11 | 17
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
generated_claim_rows | generated_source_rows | generated_edge_rows | generated_evidence_rows
|
|
||||||
----------------------+-----------------------+---------------------+-------------------------
|
|
||||||
0 | 0 | 0 | 0
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
clone direct anchor assertion after both rollbacks
|
|
||||||
check_name | claim_id | source_id | weight | note
|
|
||||||
-----------------------------+--------------------------------------+-----------+--------+----------------------------------------------------------------------------------------------------------------------------------------
|
|
||||||
clone_anchor_after_rollback | d0000000-0000-0000-0000-000000000005 | | 0.7 | Telos/policy grounding approved by m3ta: capital allocation expresses priorities and must be coordinated with collective intelligence.
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
production remains unchanged: base generated counts and anchor
|
|
||||||
id | status | proposal_type | reviewed_by_handle | reviewed_at
|
|
||||||
--------------------------------------+----------+-----------------+--------------------+-------------------------------
|
|
||||||
14fa5ecc-ac7a-41c1-807d-a2e85b936617 | approved | attach_evidence | m3ta | 2026-07-05 19:30:48.707181+00
|
|
||||||
ac036c9d-20a0-4ffe-881f-57d6b7bacf22 | approved | attach_evidence | m3ta | 2026-07-05 19:11:40.673615+00
|
|
||||||
(2 rows)
|
|
||||||
|
|
||||||
check_name | id | reason
|
|
||||||
------------+----+--------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
expected_claims | expected_sources | expected_claim_edges | expected_claim_evidence
|
|
||||||
-----------------+------------------+----------------------+-------------------------
|
|
||||||
7 | 15 | 11 | 17
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
generated_claim_rows | generated_source_rows | generated_edge_rows | generated_evidence_rows
|
|
||||||
----------------------+-----------------------+---------------------+-------------------------
|
|
||||||
0 | 0 | 0 | 0
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
check_name | claim_id | source_id | weight | note
|
|
||||||
-------------------------+--------------------------------------+-----------+--------+----------------------------------------------------------------------------------------------------------------------------------------
|
|
||||||
production_anchor_state | d0000000-0000-0000-0000-000000000005 | | 0.7 | Telos/policy grounding approved by m3ta: capital allocation expresses priorities and must be coordinated with collective intelligence.
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
drop disposable DB and remove temp packet files
|
|
||||||
DROP DATABASE
|
|
||||||
cleanup readback
|
|
||||||
disposable_db_exists
|
|
||||||
----------------------
|
|
||||||
0
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
host_tmp_removed yes
|
|
||||||
container_tmp_removed yes
|
|
||||||
active
|
|
||||||
3252143
|
|
||||||
0
|
|
||||||
cross-surface rehearsal completed UTC 2026-07-09T21:35:46Z
|
|
||||||
|
|
@ -1,210 +0,0 @@
|
||||||
cross-surface rehearsal started UTC 2026-07-09T21:28:54Z
|
|
||||||
copy packet files into teleo-pg container
|
|
||||||
drop old disposable DB if present
|
|
||||||
DROP DATABASE
|
|
||||||
create disposable DB teleo_cross_surface_rehearsal_20260709 from pg_dump of production teleo
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
ALTER TABLE
|
|
||||||
clone base preflight before mapped packet commit
|
|
||||||
id | status | proposal_type | reviewed_by_handle | reviewed_at
|
|
||||||
--------------------------------------+----------+-----------------+--------------------+-------------------------------
|
|
||||||
14fa5ecc-ac7a-41c1-807d-a2e85b936617 | approved | attach_evidence | m3ta | 2026-07-05 19:30:48.707181+00
|
|
||||||
ac036c9d-20a0-4ffe-881f-57d6b7bacf22 | approved | attach_evidence | m3ta | 2026-07-05 19:11:40.673615+00
|
|
||||||
(2 rows)
|
|
||||||
|
|
||||||
check_name | id | reason
|
|
||||||
------------+----+--------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
expected_claims | expected_sources | expected_claim_edges | expected_claim_evidence
|
|
||||||
-----------------+------------------+----------------------+-------------------------
|
|
||||||
7 | 15 | 11 | 17
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
generated_claim_rows | generated_source_rows | generated_edge_rows | generated_evidence_rows
|
|
||||||
----------------------+-----------------------+---------------------+-------------------------
|
|
||||||
0 | 0 | 0 | 0
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
clone base mapped packet authorized commit
|
|
||||||
BEGIN
|
|
||||||
SET
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
COMMIT
|
|
||||||
BEGIN
|
|
||||||
SET
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
COMMIT
|
|
||||||
clone base mapped packet postflight
|
|
||||||
generated_claim_rows | generated_source_rows | generated_edge_rows | generated_evidence_rows
|
|
||||||
----------------------+-----------------------+---------------------+-------------------------
|
|
||||||
7 | 15 | 11 | 17
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
id | type | confidence | text
|
|
||||||
--------------------------------------+------------+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------
|
|
||||||
004195cc-ab62-526c-90fb-51cb0f826ec0 | structural | 0.65 | Capital allocation is a form of civilizational steering because it determines which futures receive resources.
|
|
||||||
62e82ee8-b204-573b-9707-eb5d832b9d9e | structural | 0.45 | Internet finance has structural advantages that make it likely to become an increasingly important capital-allocation mechanism.
|
|
||||||
67003e10-e1ee-5905-8b51-1b0cb263ec11 | structural | 0.45 | Internet finance has structural advantages over traditional finance and is likely to become an increasingly important capital-allocation mechanism.
|
|
||||||
9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0 | meta | 0.85 | KB claim nodes need explanatory bodies, not only one-sentence headlines.
|
|
||||||
cd8daac8-039c-5349-9c50-02f622e73b03 | structural | 0.8 | Hayek’s most relevant contribution for Teleo is that prices coordinate dispersed, local, time-sensitive knowledge without central possession of that knowledge.
|
|
||||||
d009dfc4-9755-58a7-affb-80e3e842a775 | structural | 0.7 | Capital allocation depends on distributed knowledge, incentives, liquidity, and feedback loops.
|
|
||||||
e6ce4e36-15d2-53bc-8b74-dda0efc095c1 | normative | 0.8 | Internet finance is not Teleo’s telos; it is a candidate mechanism for pursuing the telos.
|
|
||||||
(7 rows)
|
|
||||||
|
|
||||||
id | source_type | excerpt
|
|
||||||
--------------------------------------+-------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
|
|
||||||
244a4c38-86e5-5910-91f4-6d71529e9b31 | other | {"body": "The existing KB Hayek claim says economic planning requires local and global information that are never simultaneously available to decision makers. That is directionally related, but the stronger Teleo-relevan
|
|
||||||
33fadb51-0bd8-5f2d-87fe-758a3dd7fac0 | article | {"excerpt": "There is beyond question a body of very important but unorganized knowledge... the knowledge of the particular circumstances of time and place.\n\nBy the price system... all the relevant information is conce
|
|
||||||
3a57238c-ca31-5fe1-bece-e5fb2f174e32 | other | {"excerpt": "Capital allocation is civilizational infrastructure, not a financial service.", "metadata": {"source_key": "rio_belief_capital_allocation_civilizational_infrastructure", "source_quality": "canonical agent be
|
|
||||||
4787c38e-74cb-5bf5-93e1-0cc9c290684c | other | {"excerpt": "Nodes should have a headline that’s the claim belief or concept map etc, but also a body elaborating what the claim means.\n\nStandardize these nodes as: Headline, Body, Edges, Evidence.\n\nFor Hayek that is
|
|
||||||
4cc0c7ee-2166-5cae-9065-ea226fa2be5b | article | {"excerpt": "There is beyond question a body of very important but unorganized knowledge... the knowledge of the particular circumstances of time and place.\n\nBy the price system... all the relevant information is conce
|
|
||||||
6c3c26c1-39bc-58e5-8c76-28b5712420ce | other | {"body": "Internet finance may improve capital allocation by making ownership, capital formation, settlement, liquidity, governance, and market feedback more digitally native, programmable, global, and composable. The th
|
|
||||||
703fdfaf-22c9-5f5b-8d29-cf238d5e156f | other | {"excerpt": "# Teleo Collective Telos and Agent Strategy Kernels ... This is a working synthesis, not canonical KB state.\n\nCore Strategic Tools are named and then elaborated with short explanatory bodies: Inflection ma
|
|
||||||
87f49cf0-5516-5aef-8ed9-f69292917d32 | other | {"excerpt": "Hayek's knowledge problem reveals that economic planning requires both local and global information which are never simultaneously available to decision makers", "metadata": {"claim_id": "7da4851c-0aac-4084-
|
|
||||||
8f952541-5f12-5f24-88b3-21e7842163a1 | other | {"excerpt": "Humanity is in the early innings of a species-level inflection... changes in how society distributes value, forms capital, and coordinates around shared futures.", "metadata": {"source_key": "leo_active_stra
|
|
||||||
997e5e58-b20d-560a-a73a-eaa4bff1dc3e | other | {"body": "Teleo’s telos is emergent collective superintelligence oriented toward better futures, not internet finance for its own sake. Internet finance matters insofar as it can help coordinate capital, incentives, fore
|
|
||||||
9a0d2429-b98b-585a-980c-0176db7f9fe7 | dm | {"excerpt": "Yes let’s do this. do the work for this, then come back to me with what you'd like me to approve\n\nOld claim: Internet finance is the coordination mechanism for capital allocation — capital allocation is ex
|
|
||||||
9fd61e7e-d5cb-5904-b5c2-a539946f7c96 | other | {"body": "Good capital allocation requires more than a central thesis about what matters. It needs distributed knowledge about local opportunities, credible incentives that reward truth-seeking and execution, liquidity o
|
|
||||||
a3cba49b-7016-5f42-9af6-041f12371a24 | other | {"body": "A one-sentence claim can be useful as a handle, but it often under-specifies scope, mechanism, caveats, and what evidence would actually support it. Bodies make claims reviewable by explaining intended meaning
|
|
||||||
eea07732-c65d-5db6-88d6-1ab08511eca6 | other | {"body": "This does not mean “crypto wins because crypto.” It means digitally native capital formation, programmable governance, global distribution, lower intermediation costs, faster liquidity, composable ownership, an
|
|
||||||
f80c01fe-63bb-5ccf-9bdd-744bab0e9163 | other | {"body": "Capital allocation is not merely financial plumbing. It decides which companies, technologies, infrastructures, institutions, and narratives get enough resources to become real. Because many possible futures co
|
|
||||||
(15 rows)
|
|
||||||
|
|
||||||
from_claim | to_claim | edge_type
|
|
||||||
--------------------------------------+--------------------------------------+--------------
|
|
||||||
004195cc-ab62-526c-90fb-51cb0f826ec0 | d0000000-0000-0000-0000-000000000005 | supersedes
|
|
||||||
62e82ee8-b204-573b-9707-eb5d832b9d9e | c0000000-0000-0000-0000-00000000000c | relates
|
|
||||||
62e82ee8-b204-573b-9707-eb5d832b9d9e | cd8daac8-039c-5349-9c50-02f622e73b03 | derives_from
|
|
||||||
67003e10-e1ee-5905-8b51-1b0cb263ec11 | d0000000-0000-0000-0000-000000000005 | supersedes
|
|
||||||
67003e10-e1ee-5905-8b51-1b0cb263ec11 | d009dfc4-9755-58a7-affb-80e3e842a775 | requires
|
|
||||||
cd8daac8-039c-5349-9c50-02f622e73b03 | 62e82ee8-b204-573b-9707-eb5d832b9d9e | supports
|
|
||||||
cd8daac8-039c-5349-9c50-02f622e73b03 | 7da4851c-0aac-4084-a99f-baeeeb3aa23e | supersedes
|
|
||||||
d009dfc4-9755-58a7-affb-80e3e842a775 | 7da4851c-0aac-4084-a99f-baeeeb3aa23e | relates
|
|
||||||
d009dfc4-9755-58a7-affb-80e3e842a775 | d0000000-0000-0000-0000-000000000005 | supersedes
|
|
||||||
e6ce4e36-15d2-53bc-8b74-dda0efc095c1 | 67003e10-e1ee-5905-8b51-1b0cb263ec11 | constrains
|
|
||||||
e6ce4e36-15d2-53bc-8b74-dda0efc095c1 | d0000000-0000-0000-0000-000000000005 | supersedes
|
|
||||||
(11 rows)
|
|
||||||
|
|
||||||
claim_id | source_id | role
|
|
||||||
--------------------------------------+--------------------------------------+-------------
|
|
||||||
004195cc-ab62-526c-90fb-51cb0f826ec0 | 3a57238c-ca31-5fe1-bece-e5fb2f174e32 | grounds
|
|
||||||
004195cc-ab62-526c-90fb-51cb0f826ec0 | 8f952541-5f12-5f24-88b3-21e7842163a1 | grounds
|
|
||||||
004195cc-ab62-526c-90fb-51cb0f826ec0 | 9a0d2429-b98b-585a-980c-0176db7f9fe7 | grounds
|
|
||||||
004195cc-ab62-526c-90fb-51cb0f826ec0 | f80c01fe-63bb-5ccf-9bdd-744bab0e9163 | illustrates
|
|
||||||
62e82ee8-b204-573b-9707-eb5d832b9d9e | 4787c38e-74cb-5bf5-93e1-0cc9c290684c | grounds
|
|
||||||
62e82ee8-b204-573b-9707-eb5d832b9d9e | eea07732-c65d-5db6-88d6-1ab08511eca6 | illustrates
|
|
||||||
67003e10-e1ee-5905-8b51-1b0cb263ec11 | 6c3c26c1-39bc-58e5-8c76-28b5712420ce | illustrates
|
|
||||||
67003e10-e1ee-5905-8b51-1b0cb263ec11 | 9a0d2429-b98b-585a-980c-0176db7f9fe7 | grounds
|
|
||||||
9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0 | 4787c38e-74cb-5bf5-93e1-0cc9c290684c | grounds
|
|
||||||
9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0 | a3cba49b-7016-5f42-9af6-041f12371a24 | illustrates
|
|
||||||
cd8daac8-039c-5349-9c50-02f622e73b03 | 244a4c38-86e5-5910-91f4-6d71529e9b31 | illustrates
|
|
||||||
cd8daac8-039c-5349-9c50-02f622e73b03 | 4cc0c7ee-2166-5cae-9065-ea226fa2be5b | grounds
|
|
||||||
d009dfc4-9755-58a7-affb-80e3e842a775 | 33fadb51-0bd8-5f2d-87fe-758a3dd7fac0 | grounds
|
|
||||||
d009dfc4-9755-58a7-affb-80e3e842a775 | 9fd61e7e-d5cb-5904-b5c2-a539946f7c96 | illustrates
|
|
||||||
e6ce4e36-15d2-53bc-8b74-dda0efc095c1 | 8f952541-5f12-5f24-88b3-21e7842163a1 | grounds
|
|
||||||
e6ce4e36-15d2-53bc-8b74-dda0efc095c1 | 997e5e58-b20d-560a-a73a-eaa4bff1dc3e | illustrates
|
|
||||||
e6ce4e36-15d2-53bc-8b74-dda0efc095c1 | 9a0d2429-b98b-585a-980c-0176db7f9fe7 | grounds
|
|
||||||
(17 rows)
|
|
||||||
|
|
||||||
id | superseded_by
|
|
||||||
--------------------------------------+--------------------------------------
|
|
||||||
7da4851c-0aac-4084-a99f-baeeeb3aa23e | cd8daac8-039c-5349-9c50-02f622e73b03
|
|
||||||
d0000000-0000-0000-0000-000000000005 | e6ce4e36-15d2-53bc-8b74-dda0efc095c1
|
|
||||||
(2 rows)
|
|
||||||
|
|
||||||
clone cross-surface preflight after base packet
|
|
||||||
check_name | id | from_node_id | anchor_role | claim_id | source_id | note
|
|
||||||
-----------------------+--------------------------------------+--------------------------------------+--------------+--------------------------------------+-----------+----------------------------------------------------------------------------------------------------------------------------------------
|
|
||||||
policy_anchor_current | 47f128a0-36c5-4b60-97d4-48c32fa48bc7 | 52bc4264-330e-489d-920c-a493fd2d985a | justified_by | d0000000-0000-0000-0000-000000000005 | | Telos/policy grounding approved by m3ta: capital allocation expresses priorities and must be coordinated with collective intelligence.
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
check_name | id | status | text
|
|
||||||
---------------------+--------------------------------------+--------+--------------------------------------------------------------------------------------------
|
|
||||||
base_claim_d_exists | e6ce4e36-15d2-53bc-8b74-dda0efc095c1 | open | Internet finance is not Teleo’s telos; it is a candidate mechanism for pursuing the telos.
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
check_name | id | source_type | excerpt
|
|
||||||
------------------------+--------------------------------------+-------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
|
|
||||||
approval_source_exists | 9a0d2429-b98b-585a-980c-0176db7f9fe7 | dm | {"excerpt": "Yes let’s do this. do the work for this, then come back to me with what you'd like me to approve\n\nOld claim: Internet finance is the coordination mechanism for capital allocation — capital allocation is ex
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
check_name | id | from_node_id | anchor_role | to_shared_root_id | note
|
|
||||||
-----------------------------+--------------------------------------+--------------------------------------+-------------+--------------------------------------+---------------------------------------------------------------------------------------
|
|
||||||
telos_anchor_already_exists | c7dd984c-ac1b-43f9-9996-576ddf61c6d2 | 52bc4264-330e-489d-920c-a493fd2d985a | serves | 13100000-0000-0000-0000-000000000001 | Approved by m3ta: policy serves Teleo telos of emergent collective superintelligence.
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
check_name | id | name | criteria | evidence_bar
|
|
||||||
-----------------------+--------------------------------------+--------------+------------------------------------------------------------------------------------------------------------+-------------------------------------
|
|
||||||
governance_gate_known | 45695897-2a9c-4279-ac25-e59f166dec6a | evidence-bar | likely needs empirical data; experimental = coherent argument, limited validation; speculative = untested. | likely > experimental > speculative
|
|
||||||
governance_gate_known | fa88e31b-6fca-4801-bf72-f5db81950a11 | quality-gate | Specific enough to disagree with; evidence traceable; not a duplicate; right domain reviewers. |
|
|
||||||
(2 rows)
|
|
||||||
|
|
||||||
clone cross-surface authorized commit
|
|
||||||
BEGIN
|
|
||||||
|
|
@ -1,24 +0,0 @@
|
||||||
\set ON_ERROR_STOP on
|
|
||||||
begin;
|
|
||||||
|
|
||||||
do $$
|
|
||||||
declare
|
|
||||||
restored int;
|
|
||||||
begin
|
|
||||||
update public.strategy_node_anchors
|
|
||||||
set claim_id = 'd0000000-0000-0000-0000-000000000005'::uuid,
|
|
||||||
source_id = null,
|
|
||||||
weight = 0.7,
|
|
||||||
note = 'Telos/policy grounding approved by m3ta: capital allocation expresses priorities and must be coordinated with collective intelligence.'
|
|
||||||
where id = '47f128a0-36c5-4b60-97d4-48c32fa48bc7'::uuid
|
|
||||||
and from_node_id = '52bc4264-330e-489d-920c-a493fd2d985a'::uuid
|
|
||||||
and anchor_role = 'justified_by'
|
|
||||||
and claim_id = 'e6ce4e36-15d2-53bc-8b74-dda0efc095c1'::uuid;
|
|
||||||
|
|
||||||
get diagnostics restored = row_count;
|
|
||||||
if restored <> 1 then
|
|
||||||
raise exception 'cross-surface anchor rollback affected % row(s), expected 1; anchor was not at Claim D state', restored;
|
|
||||||
end if;
|
|
||||||
end $$;
|
|
||||||
|
|
||||||
commit;
|
|
||||||
|
|
@ -1,55 +0,0 @@
|
||||||
{
|
|
||||||
"already_represented": [
|
|
||||||
{
|
|
||||||
"id": "c7dd984c-ac1b-43f9-9996-576ddf61c6d2",
|
|
||||||
"reason": "The active Leo policy already serves the Teleo telos shared root; the Claim D anchor update keeps internet finance subordinate to that telos.",
|
|
||||||
"table": "public.strategy_node_anchors",
|
|
||||||
"target": "teleo telos",
|
|
||||||
"to_shared_root_id": "13100000-0000-0000-0000-000000000001"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"base_packet_required_first": "production-apply-packet-mapped-20260709",
|
|
||||||
"known_non_writable_targets": [
|
|
||||||
{
|
|
||||||
"existing_row_id": "fa88e31b-6fca-4801-bf72-f5db81950a11",
|
|
||||||
"reason": "Governance gate exists, but current schema has no claim-to-governance-gate edge/anchor table.",
|
|
||||||
"target": "governance_gate:quality-gate"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"existing_row_id": "45695897-2a9c-4279-ac25-e59f166dec6a",
|
|
||||||
"reason": "Governance gate exists, but current schema has no claim-to-governance-gate edge/anchor table.",
|
|
||||||
"target": "governance_gate:evidence-bar"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"existing_row_id": null,
|
|
||||||
"reason": "No first-class concept-map table exists in the current live schema.",
|
|
||||||
"target": "concept_map:distributed_market_intelligence"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"existing_row_id": null,
|
|
||||||
"reason": "No exact Rio strategy node or claim target exists in the current live schema.",
|
|
||||||
"target": "rio:capital-deployment-layer"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"existing_row_id": null,
|
|
||||||
"reason": "No exact Rio active strategy node exists in the current live schema.",
|
|
||||||
"target": "rio:active strategy v1 / internet-finance capital product"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"packet_version": 1,
|
|
||||||
"production_apply_status": "not_executed",
|
|
||||||
"purpose": "Companion packet for mapped rich proposal non-claim surfaces.",
|
|
||||||
"safe_writes": [
|
|
||||||
{
|
|
||||||
"approval_source_id": "9a0d2429-b98b-585a-980c-0176db7f9fe7",
|
|
||||||
"from_node_id": "52bc4264-330e-489d-920c-a493fd2d985a",
|
|
||||||
"from_node_title": "Multi-agent public intelligence",
|
|
||||||
"id": "47f128a0-36c5-4b60-97d4-48c32fa48bc7",
|
|
||||||
"new_claim_id": "e6ce4e36-15d2-53bc-8b74-dda0efc095c1",
|
|
||||||
"old_claim_id": "d0000000-0000-0000-0000-000000000005",
|
|
||||||
"operation": "update",
|
|
||||||
"reason": "Replace the active Leo policy anchor that points at the retiring compressed internet-finance claim with the approved Claim D boundary claim.",
|
|
||||||
"table": "public.strategy_node_anchors"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
@ -1,30 +0,0 @@
|
||||||
\set ON_ERROR_STOP on
|
|
||||||
-- Cross-surface postflight row-level readback.
|
|
||||||
|
|
||||||
select id::text,
|
|
||||||
from_node_id::text,
|
|
||||||
anchor_role,
|
|
||||||
claim_id::text,
|
|
||||||
source_id::text,
|
|
||||||
weight,
|
|
||||||
left(note, 240) as note
|
|
||||||
from public.strategy_node_anchors
|
|
||||||
where id = '47f128a0-36c5-4b60-97d4-48c32fa48bc7'::uuid;
|
|
||||||
|
|
||||||
select c.id::text,
|
|
||||||
c.status,
|
|
||||||
c.superseded_by::text,
|
|
||||||
left(c.text, 240) as text
|
|
||||||
from public.claims c
|
|
||||||
where c.id in (select id from (values
|
|
||||||
('d0000000-0000-0000-0000-000000000005'::uuid),
|
|
||||||
('e6ce4e36-15d2-53bc-8b74-dda0efc095c1'::uuid)
|
|
||||||
) as v(id))
|
|
||||||
order by c.id;
|
|
||||||
|
|
||||||
select id::text,
|
|
||||||
anchor_role,
|
|
||||||
to_shared_root_id::text,
|
|
||||||
left(note, 240) as note
|
|
||||||
from public.strategy_node_anchors
|
|
||||||
where id = 'c7dd984c-ac1b-43f9-9996-576ddf61c6d2'::uuid;
|
|
||||||
|
|
@ -1,48 +0,0 @@
|
||||||
\set ON_ERROR_STOP on
|
|
||||||
-- Cross-surface companion preflight. Read-only.
|
|
||||||
-- Run after the mapped rich proposal claim/source packet has been applied.
|
|
||||||
|
|
||||||
select 'policy_anchor_current' as check_name,
|
|
||||||
id::text,
|
|
||||||
from_node_id::text,
|
|
||||||
anchor_role,
|
|
||||||
claim_id::text,
|
|
||||||
source_id::text,
|
|
||||||
left(note, 220) as note
|
|
||||||
from public.strategy_node_anchors
|
|
||||||
where id = '47f128a0-36c5-4b60-97d4-48c32fa48bc7'::uuid;
|
|
||||||
|
|
||||||
select 'base_claim_d_exists' as check_name,
|
|
||||||
id::text,
|
|
||||||
status,
|
|
||||||
left(text, 220) as text
|
|
||||||
from public.claims
|
|
||||||
where id = 'e6ce4e36-15d2-53bc-8b74-dda0efc095c1'::uuid;
|
|
||||||
|
|
||||||
select 'approval_source_exists' as check_name,
|
|
||||||
id::text,
|
|
||||||
source_type,
|
|
||||||
left(coalesce(excerpt, ''), 220) as excerpt
|
|
||||||
from public.sources
|
|
||||||
where id = '9a0d2429-b98b-585a-980c-0176db7f9fe7'::uuid;
|
|
||||||
|
|
||||||
select 'telos_anchor_already_exists' as check_name,
|
|
||||||
id::text,
|
|
||||||
from_node_id::text,
|
|
||||||
anchor_role,
|
|
||||||
to_shared_root_id::text,
|
|
||||||
left(note, 220) as note
|
|
||||||
from public.strategy_node_anchors
|
|
||||||
where id = 'c7dd984c-ac1b-43f9-9996-576ddf61c6d2'::uuid;
|
|
||||||
|
|
||||||
select 'governance_gate_known' as check_name,
|
|
||||||
id::text,
|
|
||||||
name,
|
|
||||||
left(criteria, 180) as criteria,
|
|
||||||
left(evidence_bar, 180) as evidence_bar
|
|
||||||
from public.governance_gates
|
|
||||||
where id in (select id from (values
|
|
||||||
('fa88e31b-6fca-4801-bf72-f5db81950a11'::uuid),
|
|
||||||
('45695897-2a9c-4279-ac25-e59f166dec6a'::uuid)
|
|
||||||
) as v(id))
|
|
||||||
order by name;
|
|
||||||
|
|
@ -1,75 +0,0 @@
|
||||||
# Cross-Surface Resolution Packet - 2026-07-09
|
|
||||||
|
|
||||||
Generated UTC: `2026-07-09T21:38:00Z`
|
|
||||||
|
|
||||||
## Verdict
|
|
||||||
|
|
||||||
Clone-proven, not production-applied.
|
|
||||||
|
|
||||||
The mapped rich proposal packet handles canonical claim/source/evidence/claim-edge rows. This companion packet handles the one currently safe non-claim write: updating strategy anchor `47f128a0-36c5-4b60-97d4-48c32fa48bc7` after Claim D exists.
|
|
||||||
|
|
||||||
## Safe Write
|
|
||||||
|
|
||||||
- Table: `public.strategy_node_anchors`
|
|
||||||
- Anchor: `47f128a0-36c5-4b60-97d4-48c32fa48bc7`
|
|
||||||
- From node: `52bc4264-330e-489d-920c-a493fd2d985a` (`Multi-agent public intelligence`)
|
|
||||||
- Old claim: `d0000000-0000-0000-0000-000000000005`
|
|
||||||
- New claim: `e6ce4e36-15d2-53bc-8b74-dda0efc095c1`
|
|
||||||
- New meaning: active Leo policy is justified by the boundary claim that internet finance is a candidate mechanism, not Teleo's telos.
|
|
||||||
|
|
||||||
## Clone Proof
|
|
||||||
|
|
||||||
Disposable database: `teleo_cross_surface_rehearsal_20260709`
|
|
||||||
|
|
||||||
Sequence:
|
|
||||||
|
|
||||||
1. Created disposable clone from live `teleo` using `pg_dump | psql`.
|
|
||||||
2. Applied mapped base packet in clone: `7` claims, `15` sources, `11` claim edges, `17` claim evidence rows.
|
|
||||||
3. Ran cross-surface preflight:
|
|
||||||
- anchor still pointed to old claim `d0000000-0000-0000-0000-000000000005`
|
|
||||||
- Claim D existed
|
|
||||||
- approval source existed
|
|
||||||
- telos anchor already existed
|
|
||||||
- governance gate rows existed
|
|
||||||
4. Ran cross-surface authorized commit in clone.
|
|
||||||
5. Postflight read back anchor pointing to Claim D with weight `0.85`.
|
|
||||||
6. Ran cross-surface delete rollback.
|
|
||||||
7. Ran mapped base packet delete rollback.
|
|
||||||
8. Clone returned to zero generated mapped rows and original anchor state.
|
|
||||||
9. Production stayed unchanged: generated rows remained `0/0/0/0`, and production anchor still points to old claim with weight `0.7`.
|
|
||||||
10. Dropped disposable DB and removed host/container temp packet files.
|
|
||||||
|
|
||||||
Cleanup readback:
|
|
||||||
|
|
||||||
- `disposable_db_exists`: `0`
|
|
||||||
- host tmp removed: yes
|
|
||||||
- container tmp removed: yes
|
|
||||||
- `leoclean-gateway.service`: `active`
|
|
||||||
- `MainPID`: `3252143`
|
|
||||||
- `NRestarts`: `0`
|
|
||||||
|
|
||||||
## Constraint Found And Fixed
|
|
||||||
|
|
||||||
The first clone attempt failed because `public.strategy_node_anchors` rejects a row with both `claim_id` and `source_id` set. The packet was corrected so the anchor points only to Claim D. The approval source remains required as provenance and is linked through Claim D's evidence rows from the mapped base packet.
|
|
||||||
|
|
||||||
## Explicit Deferrals
|
|
||||||
|
|
||||||
These approved fragments are not safely writable through the current schema:
|
|
||||||
|
|
||||||
- `governance_gate:quality-gate`: row exists, but there is no claim-to-governance-gate edge/anchor table.
|
|
||||||
- `governance_gate:evidence-bar`: row exists, but there is no claim-to-governance-gate edge/anchor table.
|
|
||||||
- `concept_map:distributed_market_intelligence`: no first-class concept-map table exists.
|
|
||||||
- `rio:capital-deployment-layer`: no exact Rio strategy node or claim target exists.
|
|
||||||
- `rio:active strategy v1 / internet-finance capital product`: no exact Rio active strategy node exists.
|
|
||||||
|
|
||||||
## Evidence
|
|
||||||
|
|
||||||
- Packet JSON: `docs/reports/leo-working-state-20260709/cross-surface-packet.json`
|
|
||||||
- Authorized commit SQL, not executed in production: `docs/reports/leo-working-state-20260709/cross-surface-apply-authorized-commit.sql`
|
|
||||||
- Delete rollback SQL: `docs/reports/leo-working-state-20260709/cross-surface-delete-rollback.sql`
|
|
||||||
- Successful clone rehearsal log: `docs/reports/leo-working-state-20260709/cross-surface-clone-rehearsal-current.log`
|
|
||||||
- Failed-source-id constraint log: `docs/reports/leo-working-state-20260709/cross-surface-clone-rehearsal-failed-source-id-constraint.log`
|
|
||||||
|
|
||||||
## Claim Ceiling
|
|
||||||
|
|
||||||
This proves the strategy-anchor companion write is schema-compatible, reversible, and safe in a disposable clone after the mapped base packet exists. It does not prove production has been updated, because production commit was intentionally not executed.
|
|
||||||
|
|
@ -1,187 +0,0 @@
|
||||||
# Current Truth Index - Leo / Teleo - 2026-07-09
|
|
||||||
|
|
||||||
Use this file before making status claims. Prefer fresh VPS/GCP readbacks when cheap; this directory is the retained July 9 evidence snapshot committed to the Teleo infrastructure repo.
|
|
||||||
|
|
||||||
## Definition And Outcomes
|
|
||||||
|
|
||||||
- Working Leo definition: `docs/reports/leo-working-state-20260709/working-leo-definition-20260709.md`
|
|
||||||
- Cory expected outcomes: `docs/reports/leo-working-state-20260709/cory-expected-working-leo-outcomes-20260709.md`
|
|
||||||
- Current state: `docs/reports/leo-working-state-20260709/working-leo-current-state-20260709.md`
|
|
||||||
- Execution plan: `docs/reports/leo-working-state-20260709/working-leo-execution-plan-current.md`
|
|
||||||
- Open-ended benchmark spec: `docs/reports/leo-working-state-20260709/working-leo-open-ended-benchmark-spec.json` (5 live-safe open prompts, 9 broader Cory-style outcome scenarios, and 6 no-context direct-claim follow-up prompts for disposable clone/sandbox first)
|
|
||||||
- Open-ended live Telegram canary: `docs/reports/leo-working-state-20260709/telegram-live-open-ended-cory-style-20260709.md`
|
|
||||||
- Open-ended live Telegram canary JSON: `docs/reports/leo-working-state-20260709/telegram-live-open-ended-cory-style-20260709.json`
|
|
||||||
- Retained Telegram benchmark score for the open-ended canary: `docs/reports/leo-working-state-20260709/telegram-live-open-ended-benchmark-score-current.md`
|
|
||||||
- Retained Telegram benchmark score JSON: `docs/reports/leo-working-state-20260709/telegram-live-open-ended-benchmark-score-current.json`
|
|
||||||
- Full live-safe open-ended Telegram suite report: `docs/reports/leo-working-state-20260709/telegram-live-open-ended-suite-current.md`
|
|
||||||
- Full live-safe open-ended Telegram suite score: `docs/reports/leo-working-state-20260709/telegram-live-open-ended-suite-score-current.md`
|
|
||||||
- Full live-safe open-ended Telegram suite score JSON: `docs/reports/leo-working-state-20260709/telegram-live-open-ended-suite-score-current.json`
|
|
||||||
- Full Cory-style outcome/direct-claim sandbox results: `docs/reports/leo-working-state-20260709/working-leo-cory-outcome-sandbox-results-current.md`
|
|
||||||
- Full Cory-style outcome/direct-claim sandbox score: `docs/reports/leo-working-state-20260709/working-leo-cory-outcome-sandbox-score-current.md`
|
|
||||||
- Full Cory-style outcome sandbox score JSON: `docs/reports/leo-working-state-20260709/working-leo-cory-outcome-sandbox-score-current.json`
|
|
||||||
- Live VPS handler direct-claim suite report: `docs/reports/leo-working-state-20260709/telegram-handler-direct-claim-suite-current.json`
|
|
||||||
- Live VPS handler direct-claim suite score: `docs/reports/leo-working-state-20260709/telegram-handler-direct-claim-suite-score-current.md`
|
|
||||||
- Live VPS handler direct-claim suite review: `docs/reports/leo-working-state-20260709/telegram-handler-direct-claim-suite-review-current.md`
|
|
||||||
- Telegram-visible direct-claim authorization packet, ready-to-request but not sent: `docs/reports/leo-working-state-20260709/telegram-visible-direct-claim-authorization-packet-current.md`
|
|
||||||
- Telegram-visible direct-claim capture receipt, currently awaiting capture: `docs/reports/leo-working-state-20260709/telegram-visible-direct-claim-capture-receipt-current.md`
|
|
||||||
- Telegram-visible direct-claim pre-send preflight, passed from supplied top-level SSH readback payload: `docs/reports/leo-working-state-20260709/telegram-visible-direct-claim-preflight-current.md`
|
|
||||||
- Telegram-visible direct-claim full-access remote readback command: `docs/reports/leo-working-state-20260709/telegram-visible-direct-claim-remote-readback-command-current.sh`
|
|
||||||
- Argus public KB state probe, read-only HTTP diagnostics: `docs/reports/leo-working-state-20260709/argus-kb-state-current.md`
|
|
||||||
- Live VPS handler direct-claim follow-up challenge report: `docs/reports/leo-working-state-20260709/telegram-handler-direct-claim-followup-current.json`
|
|
||||||
- Fable onboarding prompt: `docs/reports/leo-working-state-20260709/fable-leo-teleo-onboarding.md`
|
|
||||||
- Operator surface map: `docs/reports/leo-working-state-20260709/operator-surface-map.md`
|
|
||||||
- VPS/Hermes/DB mapping: `docs/reports/leo-working-state-20260709/vps-hermes-db-mapping-20260709.md`
|
|
||||||
- DB provenance/load-path report: `docs/reports/leo-working-state-20260709/leo-db-provenance-report-20260709T214741Z.md`
|
|
||||||
- Restart-survival harness: `scripts/collect_leo_restart_survival_proof.py`
|
|
||||||
- Restart-survival proof output, passed after live execution: `docs/reports/leo-working-state-20260709/leo-restart-survival-proof-current.md`
|
|
||||||
- Restart-survival proof JSON, passed after live execution: `docs/reports/leo-working-state-20260709/leo-restart-survival-proof-current.json`
|
|
||||||
- Restart-survival no-post handler report: `docs/reports/leo-working-state-20260709/leo-restart-survival-direct-claim-current.json`
|
|
||||||
- Restart-survival no-post handler score for the pre-repair restart run, `5/6`: `docs/reports/leo-working-state-20260709/leo-restart-survival-direct-claim-score-current.md`
|
|
||||||
- Final post-repair no-post direct-claim score, `6/6`: `docs/reports/leo-working-state-20260709/leo-post-skill-repair-direct-claim-score-current.md`
|
|
||||||
- Final post-repair no-post direct-claim summary: `docs/reports/leo-working-state-20260709/leo-post-skill-repair-direct-claim-summary-current.md`
|
|
||||||
- Final post-repair no-post direct-claim summary JSON: `docs/reports/leo-working-state-20260709/leo-post-skill-repair-direct-claim-summary-current.json`
|
|
||||||
|
|
||||||
## Telegram And Live Leo Proof
|
|
||||||
|
|
||||||
- Live Telegram canary: `docs/reports/leo-working-state-20260709/telegram-live-canary-current.md`
|
|
||||||
- Live Telegram canary JSON: `docs/reports/leo-working-state-20260709/telegram-live-canary-current.json`
|
|
||||||
- Live Telegram DB-write canary: `docs/reports/leo-working-state-20260709/telegram-live-db-write-canary-20260709.md`
|
|
||||||
- Live Telegram DB-write canary JSON: `docs/reports/leo-working-state-20260709/telegram-live-db-write-canary-20260709.json`
|
|
||||||
- Handler canary: `docs/reports/leo-working-state-20260709/telegram-gateway-handler-canary-current.md`
|
|
||||||
- Handler canary JSON: `docs/reports/leo-working-state-20260709/telegram-gateway-handler-canary-current.json`
|
|
||||||
- Handler direct-claim suite: `docs/reports/leo-working-state-20260709/telegram-handler-direct-claim-suite-review-current.md`
|
|
||||||
|
|
||||||
## KB DB Apply Proof
|
|
||||||
|
|
||||||
- Strict apply plan: `docs/reports/leo-working-state-20260709/kb-apply-canary-plan-current.md`
|
|
||||||
- Strict apply execute: `docs/reports/leo-working-state-20260709/kb-apply-canary-execute-current.md`
|
|
||||||
- Approved claim-bundle isolation canary: `docs/reports/leo-working-state-20260709/approve-claim-clone-canary-current.md`
|
|
||||||
- Generic approved claim-bundle isolation receipt: `docs/reports/leo-working-state-20260709/approve-claim-clone-canary-current.json`
|
|
||||||
- Helmer approved claim-bundle isolation receipt: `docs/reports/leo-working-state-20260709/helmer-approve-claim-clone-canary-current.json`
|
|
||||||
- Lossless Helmer strict normalization: `docs/reports/leo-working-state-20260709/helmer-approve-claim-normalization-current.json`
|
|
||||||
- Approved claim-bundle lifecycle harness: `scripts/run_approve_claim_clone_canary.py`
|
|
||||||
- Approved claim-bundle isolated-container wrapper: `scripts/run_approve_claim_isolated_container_canary.sh`
|
|
||||||
- Claim/source preview: `docs/reports/leo-working-state-20260709/claim-source-contract-preview-current.md`
|
|
||||||
- Mapped rich proposal plan: `docs/reports/leo-working-state-20260709/rich-proposal-creation-plan-mapped-current.md`
|
|
||||||
- Mapped production apply packet, not executed in production: `docs/reports/leo-working-state-20260709/production-apply-packet-current.md`
|
|
||||||
- Mapped production apply packet JSON: `docs/reports/leo-working-state-20260709/production-apply-packet.json`
|
|
||||||
- Mapped production apply authorized commit SQL, not executed in production: `docs/reports/leo-working-state-20260709/production-apply-authorized-commit.sql`
|
|
||||||
- Mapped production apply delete rollback SQL: `docs/reports/leo-working-state-20260709/production-delete-rollback.sql`
|
|
||||||
- Cross-surface strategy anchor companion packet, not executed in production: `docs/reports/leo-working-state-20260709/cross-surface-resolution-current.md`
|
|
||||||
- Cross-surface packet JSON: `docs/reports/leo-working-state-20260709/cross-surface-packet.json`
|
|
||||||
- Cross-surface authorized commit SQL, not executed in production: `docs/reports/leo-working-state-20260709/cross-surface-apply-authorized-commit.sql`
|
|
||||||
- Cross-surface delete rollback SQL: `docs/reports/leo-working-state-20260709/cross-surface-delete-rollback.sql`
|
|
||||||
- Cross-surface clone commit/delete rollback log: `docs/reports/leo-working-state-20260709/cross-surface-clone-rehearsal-current.log`
|
|
||||||
- Rio strategy-context companion packet, not executed in production: `docs/reports/leo-working-state-20260709/rio-strategy-context-current.md`
|
|
||||||
- Rio strategy-context packet JSON: `docs/reports/leo-working-state-20260709/rio-strategy-packet.json`
|
|
||||||
- Rio strategy-context authorized commit SQL, not executed in production: `docs/reports/leo-working-state-20260709/rio-strategy-apply-authorized-commit.sql`
|
|
||||||
- Rio strategy-context delete rollback SQL: `docs/reports/leo-working-state-20260709/rio-strategy-delete-rollback.sql`
|
|
||||||
- Rio strategy-context clone commit/delete rollback log: `docs/reports/leo-working-state-20260709/rio-strategy-clone-rehearsal-current.log`
|
|
||||||
- Governance/concept-map schema companion packet, not executed in production: `docs/reports/leo-working-state-20260709/governance-concept-current.md`
|
|
||||||
- Governance/concept-map packet JSON: `docs/reports/leo-working-state-20260709/governance-concept-packet.json`
|
|
||||||
- Governance/concept-map authorized commit SQL, not executed in production: `docs/reports/leo-working-state-20260709/governance-concept-apply-authorized-commit.sql`
|
|
||||||
- Governance/concept-map delete rollback SQL: `docs/reports/leo-working-state-20260709/governance-concept-delete-rollback.sql`
|
|
||||||
- Governance/concept-map clone commit/delete rollback log: `docs/reports/leo-working-state-20260709/governance-concept-clone-rehearsal-current.log`
|
|
||||||
- Helmer 7 Powers proposal plan: `docs/reports/leo-working-state-20260709/helmer-7powers-creation-plan.json`
|
|
||||||
- Helmer 7 Powers apply packet, not executed in production: `docs/reports/leo-working-state-20260709/helmer-7powers-production-apply-packet-current.md`
|
|
||||||
- Helmer 7 Powers apply packet JSON: `docs/reports/leo-working-state-20260709/helmer-7powers-production-apply-packet.json`
|
|
||||||
- Helmer 7 Powers authorized commit SQL, not executed in production: `docs/reports/leo-working-state-20260709/helmer-7powers-production-apply-authorized-commit.sql`
|
|
||||||
- Helmer 7 Powers delete rollback SQL: `docs/reports/leo-working-state-20260709/helmer-7powers-production-delete-rollback.sql`
|
|
||||||
- Working Leo integrated packet manifest, not executed in production: `docs/reports/leo-working-state-20260709/working-leo-integrated-packet.md`
|
|
||||||
- Working Leo integrated packet JSON: `docs/reports/leo-working-state-20260709/working-leo-integrated-packet.json`
|
|
||||||
- Working Leo integrated clone rehearsal report: `docs/reports/leo-working-state-20260709/working-leo-integrated-packet-current.md`
|
|
||||||
- Working Leo integrated clone rehearsal log: `docs/reports/leo-working-state-20260709/working-leo-integrated-clone-rehearsal-current.log`
|
|
||||||
- Working Leo authorized-apply readiness verifier: `docs/reports/leo-working-state-20260709/working-leo-apply-readiness-current.md`
|
|
||||||
- Working Leo authorized-apply readiness verifier JSON: `docs/reports/leo-working-state-20260709/working-leo-apply-readiness-current.json`
|
|
||||||
- Working Leo authorized apply operator runbook, not executed: `docs/reports/leo-working-state-20260709/working-leo-authorized-apply-runbook-current.md`
|
|
||||||
- Working Leo authorized apply operator runbook JSON: `docs/reports/leo-working-state-20260709/working-leo-authorized-apply-runbook-current.json`
|
|
||||||
- Working Leo authorized apply session plan, not executed: `docs/reports/leo-working-state-20260709/working-leo-authorized-apply-session-plan-current.md`
|
|
||||||
- Working Leo authorized apply session plan JSON: `docs/reports/leo-working-state-20260709/working-leo-authorized-apply-session-plan-current.json`
|
|
||||||
- Working Leo production apply authorization packet, not executed: `docs/reports/leo-working-state-20260709/working-leo-production-apply-authorization-packet-current.md`
|
|
||||||
- Working Leo production apply authorization packet JSON: `docs/reports/leo-working-state-20260709/working-leo-production-apply-authorization-packet-current.json`
|
|
||||||
- Working Leo production apply authorization verification, currently refused/missing text: `docs/reports/leo-working-state-20260709/working-leo-production-apply-authorization-verification-current.md`
|
|
||||||
- Working Leo production apply authorization verification JSON: `docs/reports/leo-working-state-20260709/working-leo-production-apply-authorization-verification-current.json`
|
|
||||||
- Working Leo live production preflight baseline, read-only: `docs/reports/leo-working-state-20260709/working-leo-production-preflight-current.md`
|
|
||||||
- Working Leo live production preflight baseline JSON: `docs/reports/leo-working-state-20260709/working-leo-production-preflight-current.json`
|
|
||||||
- Working Leo production apply receipt template, not executed: `docs/reports/leo-working-state-20260709/working-leo-production-apply-receipt-template-current.md`
|
|
||||||
- Working Leo production apply receipt template JSON: `docs/reports/leo-working-state-20260709/working-leo-production-apply-receipt-template-current.json`
|
|
||||||
- Working Leo production apply receipt assembly, currently not ready: `docs/reports/leo-working-state-20260709/working-leo-production-apply-receipt-assembly-current.md`
|
|
||||||
- Working Leo production apply receipt assembly JSON: `docs/reports/leo-working-state-20260709/working-leo-production-apply-receipt-assembly-current.json`
|
|
||||||
- Working Leo production apply receipt validation, currently missing receipt: `docs/reports/leo-working-state-20260709/working-leo-production-apply-receipt-validation-current.md`
|
|
||||||
- Working Leo production apply receipt validation JSON: `docs/reports/leo-working-state-20260709/working-leo-production-apply-receipt-validation-current.json`
|
|
||||||
- Working Leo cleanup readback: `docs/reports/leo-working-state-20260709/working-leo-cleanup-readback-current.md`
|
|
||||||
- Working Leo cleanup readback JSON: `docs/reports/leo-working-state-20260709/working-leo-cleanup-readback-current.json`
|
|
||||||
- Helmer live rollback log: `docs/reports/leo-working-state-20260709/helmer-7powers-live-preflight-rollback-current.log`
|
|
||||||
- Helmer clone commit/delete rollback log: `docs/reports/leo-working-state-20260709/helmer-7powers-clone-commit-delete-rollback-current.log`
|
|
||||||
- Helmer ledger clone commit/delete rollback log: `docs/reports/leo-working-state-20260709/helmer-7powers-ledger-clone-commit-delete-rollback-current.log`
|
|
||||||
|
|
||||||
## GCP
|
|
||||||
|
|
||||||
- Current GCP parity probe: `docs/reports/leo-working-state-20260709/gcp-db-parity-current-probe-current.md`
|
|
||||||
- Current GCP parity probe JSON: `docs/reports/leo-working-state-20260709/gcp-db-parity-current-probe-current.json`
|
|
||||||
- Current GCP Cloud SQL live inventory: `docs/reports/leo-working-state-20260709/gcp-cloud-sql-t3-live-readonly-current.md`
|
|
||||||
- Current GCP Cloud SQL live inventory JSON: `docs/reports/leo-working-state-20260709/gcp-cloud-sql-t3-live-readonly-current.json`
|
|
||||||
- Current GCP Cloud SQL Studio parity gate: `docs/reports/leo-working-state-20260709/gcp-cloudsql-studio-parity-gate-current.md`
|
|
||||||
- Current GCP Cloud SQL Studio parity gate JSON: `docs/reports/leo-working-state-20260709/gcp-cloudsql-studio-parity-gate-current.json`
|
|
||||||
- Current GCP Leo runtime observability: `docs/reports/leo-working-state-20260709/gcp-leo-runtime-observability-current.md`
|
|
||||||
- Current GCP Leo runtime observability JSON: `docs/reports/leo-working-state-20260709/gcp-leo-runtime-observability-current.json`
|
|
||||||
- Prior auth-capable GCP blocker: `docs/reports/leo-working-state-20260709/gcp-db-parity-current-blocker-20260709.json`
|
|
||||||
|
|
||||||
## Images
|
|
||||||
|
|
||||||
- Skill-pack map: `docs/reports/leo-working-state-20260709/leo-db-state-13-skill-pack.svg`
|
|
||||||
- Helmer packet proof: `docs/reports/leo-working-state-20260709/leo-db-state-14-helmer-packet.svg`
|
|
||||||
- Open-ended Cory-style canary map: `docs/reports/leo-working-state-20260709/leo-db-state-15-open-ended-canary.svg`
|
|
||||||
- Helmer ledger packet proof: `docs/reports/leo-working-state-20260709/leo-db-state-16-helmer-ledger.svg`
|
|
||||||
- Cory-style outcome benchmark map: `docs/reports/leo-working-state-20260709/leo-db-state-17-cory-outcome-benchmark.svg`
|
|
||||||
- Leoclean DB versus workspace map: `docs/reports/leo-working-state-20260709/leo-db-state-18-db-vs-workspace.svg`
|
|
||||||
- Claim/body/metadata schema map: `docs/reports/leo-working-state-20260709/leo-db-state-19-claims-body-metadata.svg`
|
|
||||||
- Cross-surface strategy anchor proof: `docs/reports/leo-working-state-20260709/leo-db-state-20-cross-surface-anchor.svg`
|
|
||||||
- Forgejo/load/agent update loop map: `docs/reports/leo-working-state-20260709/leo-db-state-21-forgejo-load-agent-loop.svg`
|
|
||||||
- Identity render / decision matrix / document artifact map: `docs/reports/leo-working-state-20260709/leo-db-state-22-identity-render-matrix-artifacts.svg`
|
|
||||||
- Rio strategy context packet proof: `docs/reports/leo-working-state-20260709/leo-db-state-23-rio-strategy-context.svg`
|
|
||||||
- Governance/concept-map schema packet proof: `docs/reports/leo-working-state-20260709/leo-db-state-24-governance-concept-schema.svg`
|
|
||||||
- Integrated apply rehearsal proof: `docs/reports/leo-working-state-20260709/leo-db-state-25-integrated-apply-rehearsal.svg`
|
|
||||||
- Direct-claim handler state: `docs/reports/leo-working-state-20260709/leo-db-state-26-direct-claim-handler.svg`
|
|
||||||
- Direct-claim handler pass state: `docs/reports/leo-working-state-20260709/leo-db-state-27-direct-claim-handler-pass.svg`
|
|
||||||
- DB loading diagram SVG: `docs/reports/leo-working-state-20260709/leo-db-loading-diagram-20260709T214741Z.svg`
|
|
||||||
- DB loading diagram Mermaid source: `docs/reports/leo-working-state-20260709/leo-db-loading-diagram-20260709T214741Z.mmd`
|
|
||||||
|
|
||||||
## Current Claim Ceiling
|
|
||||||
|
|
||||||
- VPS Leo Telegram memory, KB audit, and staged-write canaries are live-proven.
|
|
||||||
- VPS Leo live-safe open-ended Telegram suite is live-proven and retained-benchmark-scored for `OE-01` through `OE-05`: full selected coverage, `5/5` scored prompts passing, no overclaim, and no marker/staging/canonical KB rows created by the suite.
|
|
||||||
- The broader sandbox-first Cory-style benchmark has a full-catalog mixed-evidence score: real retained live Telegram evidence for `OE-01` through `OE-05`, sandbox fixture replies for `CS-01` through `CS-09`, and no-context direct-claim expected-answer/follow-up fixtures for `DC-01` through `DC-06`, `20/20` passing. This is not a live Telegram run for the CS/DC prompts.
|
|
||||||
- The live VPS GatewayRunner direct-claim handler suite for exact `DC-01` through `DC-06` passed again after deploy SHA `7ab563e1aebe08913e72781e4e16a2b2883c5230`: `6/6` runtime replies, strict score `6/6`, no Telegram post, no live profile write, no production DB apply, unchanged DB counts (`public.claims=1837`, `public.sources=4145`, `public.claim_edges=4916`, `public.claim_evidence=4670`, `kb_stage.kb_proposals=26` before and after), temp profile removed, and `leoclean-gateway.service` stayed active/running during the harness with `MainPID=1908033`, `NRestarts=0`, `ExecMainStartTimestamp=Fri 2026-07-10 01:04:22 UTC`.
|
|
||||||
- Intentional restart survival is now live-proven as a separate required proof row, not implied by `NRestarts=0`: `systemctl restart leoclean-gateway.service` returned `0`, service moved from `MainPID=1908033` to `MainPID=2845730`, stayed active/running after restart and after the no-post handler smoke, canonical DB counts stayed unchanged (`1837/4145/4670/4916/26`), no Telegram post or production DB apply ran, no live profile change was recorded, temp profile cleanup succeeded, and the post-restart no-post `DC-01` through `DC-06` handler smoke returned six runtime replies. The retained pre-repair post-restart strict score was `5/6`; after deploying repair SHA `090becae1621436467610e529d6328d70964d11f`, the same no-post direct-claim suite strict-scored `6/6` with `DC-01` through `DC-06` all passing, DB counts unchanged, no Telegram post, no production DB apply, no live profile change, and cleanup confirmed. The raw handler JSON is retained on the VPS at `/tmp/leo-post-skill-repair-direct-claim-current.json` with SHA256 `6fffdbafc18913c4fc62feb00906988dee2e696d279f22dd284951a79451f39c`.
|
|
||||||
- The Telegram-visible direct-claim benchmark is now executable as an exact authorization packet, not yet run: target `Leo` group `-5146042086`, raw no-context messages `DC-01` through `DC-06`, expected proof paths, before/after DB/service readbacks, scorer output, and final screenshot/accessibility proof are retained in `telegram-visible-direct-claim-authorization-packet-current.md`; `telegram_visible_messages_sent=false`.
|
|
||||||
- The Telegram-visible direct-claim capture receipt assembler is retained and currently `status=awaiting_capture`; it will not emit a passing receipt until the exact operator authorization text, exact six DC messages, nonempty Telegram-visible Leo replies, DB before/after counts, service readback, final screenshot/accessibility proof, and `6/6` direct-claim score are present.
|
|
||||||
- The Telegram-visible direct-claim pre-send preflight now passes from supplied top-level SSH readback payload: deploy head and `.last-deploy-sha` both equal `63278b6354d3f5f15ed68897be95d484530db59f`, the remote packet is present/nonempty, `leoclean-gateway.service` is active/running with `MainPID=2999690`, `NRestarts=0`, and `ExecMainStartTimestamp=Fri 2026-07-10 03:47:11 UTC`, and DB counts read as `public.claims=1837`, `public.sources=4145`, `public.claim_edges=4916`, `public.claim_evidence=4670`, `kb_stage.kb_proposals=26`. The retained remote readback command SHA256 is `9bbfbe1de6e3f63e7aa9f73a7f412aa16f8f2f60b3c46f87ee93472290047c89`; no Telegram messages were sent and no DB apply ran.
|
|
||||||
- The public Argus KB diagnostics HTTP probe passes from live `curl` payloads captured at `2026-07-10T02:47:53Z`: `3` approved proposals are visible (`14fa5ecc`, `ac036c9d`, `a64df080`), all are `approved_needs_apply_payload`, `worker_applyable_count=0`, and the endpoint is read-only. This supports Leo's expected answer that the approved KB work is not yet directly applyable/canonical, but it is not Docker/Postgres row-count or gateway-service proof.
|
|
||||||
- The highest-risk direct-claim cases are now green at handler level: `DC-02` recognizes approved Helmer staging row `a64df080-8502-42e2-98f4-9bbdecb8da73` as approved/unapplied, `DC-03` says the decision-matrix path is not shipped while matrix tables are absent, `DC-04` avoids a single-cause document pointer diagnosis, `DC-05` separates staging demo from authorized canonical apply, and `DC-06` separates `SOUL.md` runtime edits from canonical DB identity.
|
|
||||||
- A strict canonical `add_edge` apply canary is live-proven.
|
|
||||||
- The repo-owned normal apply path now supports an atomic, insert-only `approve_claim` bundle behind separate `kb_review` and `kb_apply` credentials, a DB-role-to-reviewer principal mapping, and an immutable approval snapshot. Final source-bound isolated-container receipts pass `37/37` for both the generic bundle (`2` claims, `2` sources, `2` evidence rows, `1` edge, `1` reasoning tool) and the real losslessly normalized Helmer bundle (`5/13/17/7/1`). They prove exact payload-controlled projections and table deltas, reviewer/apply separation, denied direct proposal/evidence mutation, stale-payload refusal before canonical writes, replay refusal, source-hash rollback, exact agent/external-claim seeding, hardened role/function/ACL state, and independent inner/outer cleanup. PR #72 source later auto-synchronized to the VPS checkout and deploy stamp at merge commit `771679061f0a0b6463fb7d9cf530eb9d2d4e5440`; the timer journal says no Python changes and no service restart, the commit had no delta under the Leo profile source paths, the gateway stayed PID `2999690`/`NRestarts=0`, the apply worker stayed disabled/inactive, and read-only count endpoints remained `1837/4145/4670/4916/17/26`. This is a source checkout sync, not proof that the production permission migration ran, the worker was enabled, canonical rows changed, or byte-for-byte live content stayed equal. Helmer remains unapplied on production. See `pr72-vps-auto-deploy-runtime-nonchange-current.md`.
|
|
||||||
- Helmer 7 Powers is full-coverage packet and ledger clone-proven, not production-applied.
|
|
||||||
- Mapped rich approved proposal packet is clone/rehearsal-proven for the supported subset, not production-applied.
|
|
||||||
- The strategy-anchor companion write for mapped rich proposal `14fa5ecc` is clone-proven and reversible, not production-applied.
|
|
||||||
- The Rio strategy-context companion write for mapped rich proposal `14fa5ecc` is clone-proven and reversible: after the mapped base packet exists, it creates `2` Rio strategy nodes and `5` strategy anchors in a disposable clone; production stayed unchanged.
|
|
||||||
- The governance/concept-map schema companion write is clone-proven and reversible: after the mapped base packet exists, it creates minimal concept-map and claim-to-governance link tables, then inserts `1` concept map, `1` concept link, and `2` governance links in a disposable clone; production stayed unchanged.
|
|
||||||
- The full integrated packet set is now clone-proven in production dependency order: mapped base, cross-surface anchor, Rio strategy context, governance/concept schema, and Helmer 7 Powers applied together in `teleo_integrated_rehearsal_20260710`, then rolled back in reverse order; production stayed unchanged and the disposable clone/temp files were removed.
|
|
||||||
- The authorized-apply readiness verifier now passes: packet files exist and hash, apply/rollback order matches the manifest, expected counts match, clone apply/rollback markers are ordered, clone cleanup is proven, service stayed stable, and `production_apply_executed=false`.
|
|
||||||
- The authorized apply operator runbook is generated and ready-not-executed: it gives preflight/apply/postflight/rollback command templates in manifest order, requires `TELEO_DATABASE_URL`, and now also includes a post-apply regression command bundle plus required production-apply receipt fields and an offline receipt validator. It still does not authorize or execute production SQL.
|
|
||||||
- The authorized apply session plan is generated and ready-not-executed: it maps concrete output log paths for pre-apply validation, preflight, apply, postflight, post-apply regression, service readback, cleanup readback, receipt validation, and rollback. Apply and rollback steps require explicit authorization; non-apply steps are marked non-mutating.
|
|
||||||
- The production apply authorization packet is generated and ready-to-request, not authorized/executed: all evidence gates pass, it names the exact integrated packet order and the operator authorization template, requires a fresh deployed-SHA readback at apply time, and keeps `production_apply_executed=false` plus `production_apply_authorization_present=false`.
|
|
||||||
- The production apply authorization verifier currently refuses the apply window in the committed artifact with fresh deployed SHA `a717965b4527819e6d06e3a779e4855629058318`: `deployed_sha_shape=true`, `fresh_deployed_sha_required=false`, `authorization_text_present=false`, `operator_identity_present=false`, `authorization_text_matches_expected=false`, `safe_to_enter_apply_window=false`, and `production_apply_executed=false`. It now fails only on missing exact authorization text/operator identity, not stale deploy ambiguity.
|
|
||||||
- The live production preflight baseline now passes through the read-only collector: `5/5` preflight files executed on the VPS with `begin transaction read only`, `mutates_production_db=false`, `applies_production_packet=false`, and `production_apply_executed=false`. Current production still has generated base rows `0/0/0/0`, Helmer rows `0/0/0/0/0`, no generated governance/concept tables, and dependent Rio/cross-surface/governance base rows absent before any apply, as expected.
|
|
||||||
- The production apply receipt template is generated but intentionally invalid as a final receipt: `production_apply_executed=false`, `valid_production_receipt=false`, and it names the fields that must only be filled after authorized apply execution (`explicit_authorization_record`, `operator_identity`, `apply_output_paths`, `postflight_output_paths`, `actual_after_apply_counts`, `telegram_or_handler_regression_paths`, `service_readback`, `cleanup_readback`).
|
|
||||||
- The production apply receipt assembler currently refuses final receipt emission: `receipt_ready=false`, `authorization_verified=false`, `all_session_artifacts_exist=false`, `actual_counts_match_expected=false`, no apply/postflight/regression/service/cleanup logs exist, and `production_apply_executed=false`.
|
|
||||||
- The production-apply receipt validator currently reports `missing_receipt`, which is correct because no production apply has been authorized or executed.
|
|
||||||
- DB-first identity rendering is now documented from the July 9 PDFs plus VPS readback: canonical identity rows feed rendered `SOUL.md`, direct SOUL edits are not canonical DB updates, and no active renderer/timer/hook is proven in the current VPS readback.
|
|
||||||
- The decision-matrix approval schema is still a target design on the current VPS: `kb_stage.matrix_voters`, `kb_stage.proposal_votes`, and `kb_stage.proposal_decisions` were not present in live schema readback.
|
|
||||||
- Pending/approved document proposals are real `kb_stage.kb_proposals` rows with `source_ref`s, but inspected `source_ref`s did not directly match `public.sources`; they still need review/apply mapping into canonical sources/evidence/edges.
|
|
||||||
- Governance-gate and concept-map targets are now schema-packet-proven, but not production-applied; the live VPS production schema still has no generated governance/concept tables.
|
|
||||||
- The live VPS runtime behavior should not be changed while the DB apply path is stabilized.
|
|
||||||
- Latest cleanup readback found no leftover rehearsal/clone/staging database names on the VPS Postgres container and did not mutate production DB or post to Telegram.
|
|
||||||
- A live Telegram regression canary should be rerun after any production apply; no production apply has been authorized or executed.
|
|
||||||
- GCP control-plane Chrome readback now proves project `teleo-501523`, running VM `teleo-prod-1` in `europe-west6-a`, and one available private-only PostgreSQL `16.14` Cloud SQL instance, `teleo-pgvector-standby`, in `europe-west6-c`. Cloud SQL Studio is reachable but exposes no enabled existing IAM database principal and requires built-in password authentication; no credential was submitted and no SQL ran. Database-row/runtime/DC-01-through-DC-06 parity therefore remains unproven. The exact next gate is an already-existing authenticated Studio principal or a separately authorized IAM/database-user enablement window.
|
|
||||||
- GCP Console observability now separately proves `teleo-prod-1` is running and that serial output through `2026-07-10T15:57:54Z` contains recurring successful `leoclean-cloudsql-memory-sync.service` cycles. The latest exact `leoclean-gcp-prod-parallel.service` lifecycle event in the retained serial buffer is a Hermes start on July 9 with no later exact stop/failure. Cloud Logging has `92` guest/platform records over seven days but zero matches for `leoclean`, `hermes`, `gateway`, `postgres`, or `teleo-kb`, and Ops Agent is absent. This is bounded unit-activity evidence, not current PID/restart/SHA/profile/model/auth/Telegram/DB-row parity; no-post Cory execution remains unsafe and was not attempted. The agent-created Console tab was closed and no GCP/DB/service/IAM/deploy/credential/Telegram mutation occurred.
|
|
||||||
|
|
@ -1,32 +0,0 @@
|
||||||
# Fable / Worker Onboarding Prompt - Leo / Teleo
|
|
||||||
|
|
||||||
current_canary: read the retained evidence index, then produce a repo/VPS/GCP/Telegram working-state map with exact claim ceilings and next executable action.
|
|
||||||
|
|
||||||
Use the Teleo repo skill pack at:
|
|
||||||
|
|
||||||
`.agents/skills/`
|
|
||||||
|
|
||||||
Load these draft skills first:
|
|
||||||
|
|
||||||
1. `skills/teleo-leo-onboarding/SKILL.md`
|
|
||||||
2. `skills/working-leo-cory-outcomes/SKILL.md`
|
|
||||||
3. `skills/teleo-kb-db-change-workflow/SKILL.md`
|
|
||||||
4. `skills/teleo-vps-runtime-ops/SKILL.md`
|
|
||||||
5. `skills/teleo-proof-handoff/SKILL.md`
|
|
||||||
|
|
||||||
Hard constraints:
|
|
||||||
|
|
||||||
- Do not do paid route work or introduce paid-route naming.
|
|
||||||
- Do not change live VPS Leo runtime behavior unless explicitly told.
|
|
||||||
- Do not production-apply DB packets unless explicitly authorized.
|
|
||||||
- Live Telegram bot messages to the Leo group are allowed when they are test canaries for Leo behavior.
|
|
||||||
- Use Computer Use/Chrome for Telegram UI. Do not use AppleScript, OSA, System Events, or focus hijacking.
|
|
||||||
- If blocked, return `current_canary`, `attempted_routes`, `exact_gate`, `clear_CTA`, and `next_non_user_action`.
|
|
||||||
|
|
||||||
Expected output:
|
|
||||||
|
|
||||||
1. One-page understanding of the company/product/Leo role.
|
|
||||||
2. Current status split: VPS, Telegram, DB apply, GCP.
|
|
||||||
3. Exact list of evidence files read.
|
|
||||||
4. What is proven, not proven, and unsafe to claim.
|
|
||||||
5. Next action that can be run now without production mutation.
|
|
||||||
|
|
@ -1,127 +0,0 @@
|
||||||
{
|
|
||||||
"schema": "teleo.gcpCloudSqlLiveReadonly.v1",
|
|
||||||
"captured_at_utc": "2026-07-10T06:52:27Z",
|
|
||||||
"source_thread_id": "019f47af-f2cc-7c10-b928-a9283afa2621",
|
|
||||||
"current_canary": "Open the authenticated Teleo Cloud SQL instances page with authuser=5 and retain the complete sanitized current inventory plus instance routing metadata.",
|
|
||||||
"required_tier": "T3_live_readonly",
|
|
||||||
"current_tier": "T3_live_readonly",
|
|
||||||
"status": "done_verified",
|
|
||||||
"strongest_claim_allowed": "Project teleo-501523 currently exposes exactly one Cloud SQL instance in the authenticated Console: teleo-pgvector-standby. It is runnable/available, PostgreSQL 16.14 Enterprise, single-zone in europe-west6-c, and reachable only through private connectivity on teleo-staging-net. This does not prove database contents, schema parity, row counts, application connectivity, or production cutover.",
|
|
||||||
"capture": {
|
|
||||||
"surface": "authenticated Google Cloud Console DOM readback",
|
|
||||||
"account": "b***@livingip.xyz",
|
|
||||||
"project_id": "teleo-501523",
|
|
||||||
"project_display_name": "Teleo",
|
|
||||||
"list_url": "https://console.cloud.google.com/sql/instances?authuser=5&project=teleo-501523",
|
|
||||||
"overview_url": "https://console.cloud.google.com/sql/instances/teleo-pgvector-standby/overview?authuser=5&project=teleo-501523",
|
|
||||||
"cli_authentication_used": false,
|
|
||||||
"secret_values_captured": false
|
|
||||||
},
|
|
||||||
"inventory": {
|
|
||||||
"instance_count": 1,
|
|
||||||
"zero_instances": false,
|
|
||||||
"instances": [
|
|
||||||
{
|
|
||||||
"instance_id": "teleo-pgvector-standby",
|
|
||||||
"status_ui": "Available; Runnable",
|
|
||||||
"engine": "PostgreSQL",
|
|
||||||
"major_version": "16",
|
|
||||||
"database_version": "PostgreSQL 16.14",
|
|
||||||
"cloud_sql_edition": "Enterprise",
|
|
||||||
"instance_role": "Primary instance",
|
|
||||||
"region": "europe-west6",
|
|
||||||
"zone": "europe-west6-c",
|
|
||||||
"availability": "Single zone",
|
|
||||||
"high_availability": false,
|
|
||||||
"machine": {
|
|
||||||
"vcpus": 1,
|
|
||||||
"memory_mb_ui": 628.74
|
|
||||||
},
|
|
||||||
"storage": {
|
|
||||||
"type": "SSD",
|
|
||||||
"provisioned_gb": 10,
|
|
||||||
"used_gb_ui": 2,
|
|
||||||
"automatic_storage_increase": true
|
|
||||||
},
|
|
||||||
"connectivity": {
|
|
||||||
"connection_name": "teleo-501523:europe-west6:teleo-pgvector-standby",
|
|
||||||
"private_ip_connectivity": true,
|
|
||||||
"private_service_access": true,
|
|
||||||
"associated_network": "projects/teleo-501523/global/networks/teleo-staging-net",
|
|
||||||
"vpc_network": "teleo-staging-net",
|
|
||||||
"allocated_ip_range": "Automatically assigned IP range",
|
|
||||||
"internal_ip": "10.61.0.3",
|
|
||||||
"public_ip_connectivity": false,
|
|
||||||
"public_ip": null,
|
|
||||||
"default_tcp_port": 5432,
|
|
||||||
"write_endpoint": null
|
|
||||||
},
|
|
||||||
"database_authentication": {
|
|
||||||
"cloudsql_iam_authentication": true,
|
|
||||||
"application_or_operator_principal_verified": false
|
|
||||||
},
|
|
||||||
"resilience_and_backup": {
|
|
||||||
"automated_backups": true,
|
|
||||||
"backup_tier": "Standard",
|
|
||||||
"point_in_time_recovery": true,
|
|
||||||
"deletion_prevention": true,
|
|
||||||
"latest_visible_backup_status": "Backup finished",
|
|
||||||
"latest_visible_backup_date_local": "2026-07-10"
|
|
||||||
},
|
|
||||||
"recent_visible_operations_sanitized": [
|
|
||||||
"Backup finished on 2026-07-10",
|
|
||||||
"Backup finished on 2026-07-09",
|
|
||||||
"Two imports succeeded on 2026-07-08",
|
|
||||||
"Database creation completed on 2026-07-08"
|
|
||||||
],
|
|
||||||
"observed_health_issues": [
|
|
||||||
"Auditing not enabled",
|
|
||||||
"No password policy",
|
|
||||||
"No user password policy"
|
|
||||||
],
|
|
||||||
"labels": [],
|
|
||||||
"maintenance": {
|
|
||||||
"window": "Sunday 06:00-07:00 CEST",
|
|
||||||
"scheduled_now": false,
|
|
||||||
"version_current": true
|
|
||||||
}
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"db_parity_route": {
|
|
||||||
"target_instance": "teleo-pgvector-standby",
|
|
||||||
"required_network_surface": "A runtime or connector with private reachability to teleo-staging-net",
|
|
||||||
"private_endpoint": "10.61.0.3:5432",
|
|
||||||
"cloud_sql_connection_name": "teleo-501523:europe-west6:teleo-pgvector-standby",
|
|
||||||
"public_route_available": false,
|
|
||||||
"iam_database_authentication_enabled": true,
|
|
||||||
"database_name_proven_by_this_pass": false,
|
|
||||||
"next_readonly_owner_action": "From a verified teleo-staging-net-connected runtime, authenticate with an authorized database principal and run read-only database/schema/count parity queries against this instance. Do not attempt a public-IP connection because public connectivity is disabled."
|
|
||||||
},
|
|
||||||
"not_proven": [
|
|
||||||
"database names",
|
|
||||||
"database contents or row counts",
|
|
||||||
"schema parity with the VPS database",
|
|
||||||
"successful application-level connection from teleo-prod-1",
|
|
||||||
"production traffic cutover",
|
|
||||||
"high availability or cross-zone failover"
|
|
||||||
],
|
|
||||||
"actions": [
|
|
||||||
"Opened the exact Cloud SQL instances URL in the authorized authuser=5 Chrome session",
|
|
||||||
"Read the complete live instance treegrid and verified one and only one instance row",
|
|
||||||
"Opened the instance Overview through read-only navigation",
|
|
||||||
"Read status, engine/version, region/zone, machine, storage, connectivity, backup, IAM-authentication, and maintenance metadata",
|
|
||||||
"Did not activate Edit, Connect, Restart, Stop, Import, Export, Migrate, Clone, Delete, or failover controls"
|
|
||||||
],
|
|
||||||
"cleanup_readback": {
|
|
||||||
"browser_tab_finalized": true,
|
|
||||||
"browser_tab_disposition": "agent-created evidence tab closed; no handoff tab kept",
|
|
||||||
"gcp_writes": 0,
|
|
||||||
"database_writes": 0,
|
|
||||||
"service_restarts": 0,
|
|
||||||
"deploys": 0,
|
|
||||||
"iam_changes": 0,
|
|
||||||
"credential_or_key_creation": 0,
|
|
||||||
"telegram_sends": 0
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1,56 +0,0 @@
|
||||||
# Teleo Cloud SQL T3 live-readonly inventory
|
|
||||||
|
|
||||||
Captured: `2026-07-10T06:52:27Z`
|
|
||||||
|
|
||||||
## Outcome
|
|
||||||
|
|
||||||
The authenticated `authuser=5` Cloud Console session proves that project `teleo-501523` currently has exactly one Cloud SQL instance.
|
|
||||||
|
|
||||||
- Required tier: `T3_live_readonly`
|
|
||||||
- Current tier: `T3_live_readonly`
|
|
||||||
- Status: `done_verified`
|
|
||||||
- Account: `b***@livingip.xyz`
|
|
||||||
- Project: `Teleo` / `teleo-501523`
|
|
||||||
|
|
||||||
## Current inventory
|
|
||||||
|
|
||||||
| Instance | Status | Engine | Region / zone | Availability | Connectivity |
|
|
||||||
|---|---|---|---|---|---|
|
|
||||||
| `teleo-pgvector-standby` | Available / runnable | PostgreSQL `16.14`, Enterprise | `europe-west6` / `europe-west6-c` | Single-zone; not highly available | Private IP and PSA enabled; public IP disabled |
|
|
||||||
|
|
||||||
Instance count: `1`.
|
|
||||||
|
|
||||||
## DB parity routing metadata
|
|
||||||
|
|
||||||
- Cloud SQL connection name: `teleo-501523:europe-west6:teleo-pgvector-standby`
|
|
||||||
- VPC: `projects/teleo-501523/global/networks/teleo-staging-net`
|
|
||||||
- Private endpoint: `10.61.0.3:5432`
|
|
||||||
- Private Service Access: enabled
|
|
||||||
- Public IP connectivity: disabled
|
|
||||||
- Cloud SQL IAM database authentication: enabled
|
|
||||||
- Write endpoint: none shown
|
|
||||||
|
|
||||||
The DB parity worker must run from a host or connector with private reachability to `teleo-staging-net`, authenticate with an authorized database principal, and issue read-only schema/count queries. A public-IP route is unavailable.
|
|
||||||
|
|
||||||
## Other current facts
|
|
||||||
|
|
||||||
- Machine: `1 vCPU`, `628.74 MB`
|
|
||||||
- Storage: `10 GB` SSD, `2 GB` shown used; automatic storage increase enabled
|
|
||||||
- Automated backups and point-in-time recovery: enabled
|
|
||||||
- Deletion prevention: enabled
|
|
||||||
- Latest visible backup: finished on `2026-07-10`
|
|
||||||
- Two sanitized import operations are shown as successful on `2026-07-08`
|
|
||||||
- Maintenance: Sunday `06:00-07:00 CEST`; no maintenance currently scheduled
|
|
||||||
- Observed health issues: auditing not enabled, no password policy, no user password policy
|
|
||||||
|
|
||||||
## Claim ceiling
|
|
||||||
|
|
||||||
This proves the current Cloud SQL control-plane inventory and private routing surface. It does not prove database names, contents, row counts, schema parity, an application connection from `teleo-prod-1`, production traffic cutover, or failover capability.
|
|
||||||
|
|
||||||
## Actions and mutation boundary
|
|
||||||
|
|
||||||
The exact live list and instance Overview URLs were read through Chrome. No Edit, Connect, Restart, Stop, Import, Export, Migrate, Clone, Delete, or failover control was activated. GCP writes, DB writes, IAM changes, key creation, service restarts, deploys, and Telegram sends were all zero.
|
|
||||||
|
|
||||||
Cleanup readback: the agent-created Cloud SQL evidence tab was closed and no browser handoff tab was retained.
|
|
||||||
|
|
||||||
Machine-readable evidence: `gcp-cloud-sql-t3-live-readonly-current.json`.
|
|
||||||
|
|
@ -1,85 +0,0 @@
|
||||||
{
|
|
||||||
"schema": "teleo.gcpCloudSqlStudioParityGate.v1",
|
|
||||||
"captured_at_utc": "2026-07-10T06:57:22.085Z",
|
|
||||||
"source_thread_id": "019f47af-f2cc-7c10-b928-a9283afa2621",
|
|
||||||
"current_canary": "Open Cloud SQL Studio for teleo-pgvector-standby with authuser=5, authenticate only with an already-authorized principal, execute a transaction-level read-only schema/count parity query, and roll it back.",
|
|
||||||
"required_tier": "T3_live_readonly",
|
|
||||||
"current_tier": "T0_spec",
|
|
||||||
"supporting_gate_evidence_tier": "T3_live_readonly",
|
|
||||||
"status": "blocked_with_artifact",
|
|
||||||
"strongest_claim_allowed": "The authenticated Cloud SQL Studio surface is live and reachable for teleo-pgvector-standby, but it did not expose an existing IAM database principal. The visible login flow required built-in database authentication with a password credential. No database session or SQL readback was established, so database contents and VPS parity remain unproven.",
|
|
||||||
"control_plane_evidence_source": "/Users/user/Documents/Codex/2026-07-10/leo-gcp-control-plane/outputs/gcp-cloud-sql-t3-live-readonly-current.json",
|
|
||||||
"target": {
|
|
||||||
"project": "teleo-501523",
|
|
||||||
"instance": "teleo-pgvector-standby",
|
|
||||||
"connection_name": "teleo-501523:europe-west6:teleo-pgvector-standby",
|
|
||||||
"engine": "PostgreSQL 16.14",
|
|
||||||
"private_endpoint": "10.61.0.3:5432",
|
|
||||||
"network": "teleo-staging-net",
|
|
||||||
"instance_iam_db_authentication_flag": "on",
|
|
||||||
"console_account": "b***@livingip.xyz"
|
|
||||||
},
|
|
||||||
"live_studio_readback": {
|
|
||||||
"studio_url_sanitized": "https://console.cloud.google.com/sql/instances/teleo-pgvector-standby/studio?authuser=5&project=teleo-501523",
|
|
||||||
"studio_loaded": true,
|
|
||||||
"login_dialog_visible": true,
|
|
||||||
"database_selector_visible": true,
|
|
||||||
"user_selector_visible": true,
|
|
||||||
"iam_database_authentication_option_visible": true,
|
|
||||||
"iam_database_authentication_option_enabled": false,
|
|
||||||
"built_in_database_authentication_selected": true,
|
|
||||||
"password_credential_required": true,
|
|
||||||
"password_value_retained": false,
|
|
||||||
"authenticate_clicked": false
|
|
||||||
},
|
|
||||||
"sql_execution": {
|
|
||||||
"database_session_established": false,
|
|
||||||
"begin_transaction_read_only_executed": false,
|
|
||||||
"current_database_read": false,
|
|
||||||
"current_user_read": false,
|
|
||||||
"transaction_read_only_read": false,
|
|
||||||
"catalog_or_table_selects_executed": false,
|
|
||||||
"rollback_executed": false,
|
|
||||||
"query_timestamp_utc": null
|
|
||||||
},
|
|
||||||
"parity_fields": {
|
|
||||||
"database_name": null,
|
|
||||||
"schemas": null,
|
|
||||||
"public.claims": null,
|
|
||||||
"public.sources": null,
|
|
||||||
"public.claim_evidence": null,
|
|
||||||
"public.claim_edges": null,
|
|
||||||
"kb_stage.kb_proposals": null,
|
|
||||||
"proposal_ids_and_statuses": null,
|
|
||||||
"selected_row_identities": null,
|
|
||||||
"gcp_vs_vps": null,
|
|
||||||
"ahead_behind_equal": null
|
|
||||||
},
|
|
||||||
"actions": [
|
|
||||||
"Opened the authenticated instance Overview URL with authuser=5 in an agent-created Chrome tab.",
|
|
||||||
"Discovered the exact Cloud SQL Studio href from the live instance navigation.",
|
|
||||||
"Opened Cloud SQL Studio and read the visible database-login state.",
|
|
||||||
"Stopped before authentication because the IAM option was disabled and the selected built-in flow required a password credential.",
|
|
||||||
"Did not open browser SSH because that path may create an ephemeral key.",
|
|
||||||
"Finalized Chrome and closed the agent-created tab."
|
|
||||||
],
|
|
||||||
"exact_gate": "Cloud SQL Studio exposes no enabled existing IAM database principal for this console session. Its selected built-in authentication path requires a raw database password, which this lane is forbidden to inspect, submit, recover, or replace.",
|
|
||||||
"why_autonomous_repair_stops": "Authenticating would require handling a raw password, or creating/granting a database or IAM principal. Both are explicit stop conditions, and the latter would mutate GCP or the database.",
|
|
||||||
"clear_CTA": "Using an already-existing authorized database principal, have an operator complete the Cloud SQL Studio database login without sharing credentials with Codex, then tell Codex the Studio editor is authenticated. Otherwise route IAM/user enablement to a separately authorized write lane.",
|
|
||||||
"next_non_user_action": "Once Studio is already authenticated with an existing principal, run only BEGIN TRANSACTION READ ONLY; identity/read-only checks; catalog/table/count SELECTs; and ROLLBACK, then retain the sanitized results.",
|
|
||||||
"cleanup_readback": {
|
|
||||||
"browser_finalized": true,
|
|
||||||
"agent_created_tab_closed": true,
|
|
||||||
"database_session_open": false,
|
|
||||||
"transaction_open": false,
|
|
||||||
"gcp_writes": 0,
|
|
||||||
"database_writes": 0,
|
|
||||||
"iam_changes": 0,
|
|
||||||
"credential_or_key_creation": 0,
|
|
||||||
"browser_ssh_opened": false,
|
|
||||||
"service_restarts": 0,
|
|
||||||
"deploys": 0,
|
|
||||||
"telegram_sends": 0
|
|
||||||
},
|
|
||||||
"secret_values_included": false
|
|
||||||
}
|
|
||||||
|
|
@ -1,46 +0,0 @@
|
||||||
# Cloud SQL Studio parity gate
|
|
||||||
|
|
||||||
Captured UTC: `2026-07-10T06:57:22.085Z`
|
|
||||||
|
|
||||||
## Outcome
|
|
||||||
|
|
||||||
Cloud SQL Studio opened successfully for `teleo-pgvector-standby` under the authenticated `b***@livingip.xyz` Console session. The database login dialog did not provide an enabled existing IAM principal: IAM database authentication was disabled in the dialog, built-in authentication was selected, and that path required a password credential.
|
|
||||||
|
|
||||||
The lane stopped before authentication. No database session was established and no SQL ran.
|
|
||||||
|
|
||||||
- Required tier: `T3_live_readonly`
|
|
||||||
- Current database-parity tier: `T0_spec`
|
|
||||||
- Live gate evidence: `T3_live_readonly`
|
|
||||||
- Status: `blocked_with_artifact`
|
|
||||||
|
|
||||||
## Target verified from the live control-plane evidence
|
|
||||||
|
|
||||||
- Project: `teleo-501523`
|
|
||||||
- Instance: `teleo-pgvector-standby`
|
|
||||||
- Connection: `teleo-501523:europe-west6:teleo-pgvector-standby`
|
|
||||||
- Engine: PostgreSQL 16.14
|
|
||||||
- Endpoint: private-only `10.61.0.3:5432`
|
|
||||||
- Network: `teleo-staging-net`
|
|
||||||
- Instance flag: `cloudsql.iam_authentication=on`
|
|
||||||
|
|
||||||
## Exact gate
|
|
||||||
|
|
||||||
The Studio login surface exposed no enabled existing IAM database principal for this Console session. The selected built-in authentication route requires a raw database password. Using that password, creating a database user, changing IAM, or granting access is outside this lane's hard ceiling.
|
|
||||||
|
|
||||||
An operator can complete Studio login independently with an already-existing authorized principal, without sharing credentials with Codex, and then tell Codex the SQL editor is authenticated. Otherwise, IAM/user enablement must be handled by a separately authorized write lane.
|
|
||||||
|
|
||||||
## Not proven
|
|
||||||
|
|
||||||
No current database name, principal identity, transaction-read-only result, schema presence, table counts, proposal IDs/statuses, selected row identities, or GCP-versus-VPS comparison was read.
|
|
||||||
|
|
||||||
The planned `BEGIN TRANSACTION READ ONLY` query was not executed and therefore is not counted as evidence.
|
|
||||||
|
|
||||||
## Cleanup
|
|
||||||
|
|
||||||
- `Authenticate` was not clicked.
|
|
||||||
- No browser SSH was opened.
|
|
||||||
- Chrome was finalized and the agent-created Studio tab was closed.
|
|
||||||
- No database session or transaction remains open.
|
|
||||||
- No GCP, database, IAM, credential, key, service, deploy, or Telegram mutation occurred.
|
|
||||||
|
|
||||||
Machine-readable evidence: `gcp-cloudsql-studio-parity-gate-current.json`.
|
|
||||||
|
|
@ -1,89 +0,0 @@
|
||||||
{
|
|
||||||
"artifact": "gcp_db_parity_current_blocker_20260709",
|
|
||||||
"generated_at_local": "2026-07-09T22:20:00+02:00",
|
|
||||||
"working_target": "Run the Working Leo proposal/review/apply benchmark on GCP after VPS strict apply path is proven.",
|
|
||||||
"current_gcp_config_readback": {
|
|
||||||
"account": "billy@livingip.xyz",
|
|
||||||
"project": "teleo-501523",
|
|
||||||
"gcloud_path": "/opt/homebrew/bin/gcloud"
|
|
||||||
},
|
|
||||||
"current_blocker": {
|
|
||||||
"type": "gcloud_reauthentication_required",
|
|
||||||
"error": "The intended project account billy@livingip.xyz is selected for project teleo-501523 but token refresh still fails with: Reauthentication failed. cannot prompt during non-interactive execution.",
|
|
||||||
"why_autonomous_repair_stops": "The next required action is interactive Google account reauthentication for billy@livingip.xyz or another account with access to teleo-501523. This is an account-auth boundary, not a repo-owned code issue."
|
|
||||||
},
|
|
||||||
"current_recheck_2026_07_09_22_20_europe_zurich": {
|
|
||||||
"gcloud_path": "/opt/homebrew/bin/gcloud",
|
|
||||||
"active_config_after_recheck": {
|
|
||||||
"account": "billy@livingip.xyz",
|
|
||||||
"project": "teleo-501523"
|
|
||||||
},
|
|
||||||
"accounts_tested": [
|
|
||||||
{
|
|
||||||
"account": "billy@livingip.xyz",
|
|
||||||
"token_refresh": "failed",
|
|
||||||
"project_access": "not_tested_because_token_refresh_failed"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"account": "billyattnmarket@gmail.com",
|
|
||||||
"token_refresh": "passed",
|
|
||||||
"project_access": "failed_permission_denied_for_teleo_501523"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"account": "contact@attn.markets",
|
|
||||||
"token_refresh": "failed",
|
|
||||||
"project_access": "not_tested_because_token_refresh_failed"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"account": "valentin.meylan68@gmail.com",
|
|
||||||
"token_refresh": "passed",
|
|
||||||
"project_access": "failed_permission_denied_for_teleo_501523"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"no_approval_repair_routes_attempted": [
|
|
||||||
"read current gcloud auth list and config",
|
|
||||||
"attempted token refresh for all configured local accounts without printing tokens",
|
|
||||||
"tested project access for refreshable accounts",
|
|
||||||
"restored core/account to billy@livingip.xyz"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"retained_last_known_gcp_facts_from_prior_artifacts": {
|
|
||||||
"vm": "teleo-prod-1",
|
|
||||||
"zone": "europe-west6-a",
|
|
||||||
"status_at_last_readback": "RUNNING",
|
|
||||||
"private_ip": "10.60.0.3",
|
|
||||||
"service": "leoclean-gcp-prod-parallel.service",
|
|
||||||
"service_last_readback": {
|
|
||||||
"ActiveState": "active",
|
|
||||||
"SubState": "running",
|
|
||||||
"MainPID": "13118",
|
|
||||||
"NRestarts": "0"
|
|
||||||
},
|
|
||||||
"gcp_staging_proposal_id_from_prior_artifact": "941de35e-6197-4d48-83e9-a1a8edc1837b",
|
|
||||||
"prior_boundary": "GCP could stage proposal-ledger writes, but canonical apply was not proven."
|
|
||||||
},
|
|
||||||
"vps_status_before_gcp": {
|
|
||||||
"strict_apply_path": "proven",
|
|
||||||
"telegram_to_kb_stage_staging": "proven",
|
|
||||||
"mapped_rich_packet_clone_commit": "proven_for_supported_subset",
|
|
||||||
"proposal_id": "00957f6c-9883-4015-95a4-6b09367efb0e",
|
|
||||||
"canonical_edge_row": "c167933e-d513-4f43-9335-d5d8aeb259f2",
|
|
||||||
"telegram_staged_proposal_id": "8dfedb3f-3aa4-4200-970f-4c0016f6869f",
|
|
||||||
"mapped_clone_counts": {
|
|
||||||
"claims": 7,
|
|
||||||
"sources": 15,
|
|
||||||
"claim_evidence": 17,
|
|
||||||
"claim_edges": 11,
|
|
||||||
"production_generated_rows_after_rehearsal": 0
|
|
||||||
},
|
|
||||||
"leo_runtime": "leoclean-gateway active/running, MainPID 3252143, NRestarts 0"
|
|
||||||
},
|
|
||||||
"next_non_user_action_after_auth": [
|
|
||||||
"Run gcloud compute ssh or equivalent into teleo-prod-1.",
|
|
||||||
"Copy or make available working-leo benchmark artifacts on GCP leoclean profile.",
|
|
||||||
"Run the Working Leo read-only benchmark against GCP.",
|
|
||||||
"Identify or create a strict GCP pending proposal with apply_payload.",
|
|
||||||
"Approve/apply exactly one strict canary through the same narrow kb_apply path.",
|
|
||||||
"Record before/after canonical row proof and service PID/restart stability."
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
@ -1,180 +0,0 @@
|
||||||
{
|
|
||||||
"accounts_tested": [
|
|
||||||
{
|
|
||||||
"account": "billy@livingip.xyz",
|
|
||||||
"token_refresh": {
|
|
||||||
"command": [
|
|
||||||
"/opt/homebrew/bin/gcloud",
|
|
||||||
"auth",
|
|
||||||
"print-access-token",
|
|
||||||
"--account=billy@livingip.xyz"
|
|
||||||
],
|
|
||||||
"ok": false,
|
|
||||||
"returncode": 1,
|
|
||||||
"stderr_excerpt": "ERROR: (gcloud.auth.print-access-token) HTTPSConnectionPool(host='oauth2.googleapis.com', port=443): Max retries exceeded with url: /token (Caused by NameResolutionError(\"<urllib3.connection.HTTPSConnection object at 0x107996710>: Failed to resolve 'oauth2.googleapis.com' ([Errno 8] nodename nor servname provided, or not known)\"))",
|
|
||||||
"stdout_excerpt": "",
|
|
||||||
"stdout_json": null,
|
|
||||||
"stdout_redacted": true
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"account": "billyattnmarket@gmail.com",
|
|
||||||
"token_refresh": {
|
|
||||||
"command": [
|
|
||||||
"/opt/homebrew/bin/gcloud",
|
|
||||||
"auth",
|
|
||||||
"print-access-token",
|
|
||||||
"--account=billyattnmarket@gmail.com"
|
|
||||||
],
|
|
||||||
"ok": false,
|
|
||||||
"returncode": 1,
|
|
||||||
"stderr_excerpt": "ERROR: (gcloud.auth.print-access-token) HTTPSConnectionPool(host='oauth2.googleapis.com', port=443): Max retries exceeded with url: /token (Caused by NameResolutionError(\"<urllib3.connection.HTTPSConnection object at 0x10733e710>: Failed to resolve 'oauth2.googleapis.com' ([Errno 8] nodename nor servname provided, or not known)\"))",
|
|
||||||
"stdout_excerpt": "",
|
|
||||||
"stdout_json": null,
|
|
||||||
"stdout_redacted": true
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"account": "contact@attn.markets",
|
|
||||||
"token_refresh": {
|
|
||||||
"command": [
|
|
||||||
"/opt/homebrew/bin/gcloud",
|
|
||||||
"auth",
|
|
||||||
"print-access-token",
|
|
||||||
"--account=contact@attn.markets"
|
|
||||||
],
|
|
||||||
"ok": false,
|
|
||||||
"returncode": 1,
|
|
||||||
"stderr_excerpt": "ERROR: (gcloud.auth.print-access-token) HTTPSConnectionPool(host='oauth2.googleapis.com', port=443): Max retries exceeded with url: /token (Caused by NameResolutionError(\"<urllib3.connection.HTTPSConnection object at 0x10789a710>: Failed to resolve 'oauth2.googleapis.com' ([Errno 8] nodename nor servname provided, or not known)\"))",
|
|
||||||
"stdout_excerpt": "",
|
|
||||||
"stdout_json": null,
|
|
||||||
"stdout_redacted": true
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"account": "valentin.meylan68@gmail.com",
|
|
||||||
"token_refresh": {
|
|
||||||
"command": [
|
|
||||||
"/opt/homebrew/bin/gcloud",
|
|
||||||
"auth",
|
|
||||||
"print-access-token",
|
|
||||||
"--account=valentin.meylan68@gmail.com"
|
|
||||||
],
|
|
||||||
"ok": false,
|
|
||||||
"returncode": 1,
|
|
||||||
"stderr_excerpt": "ERROR: (gcloud.auth.print-access-token) HTTPSConnectionPool(host='oauth2.googleapis.com', port=443): Max retries exceeded with url: /token (Caused by NameResolutionError(\"<urllib3.connection.HTTPSConnection object at 0x10a1d2710>: Failed to resolve 'oauth2.googleapis.com' ([Errno 8] nodename nor servname provided, or not known)\"))",
|
|
||||||
"stdout_excerpt": "",
|
|
||||||
"stdout_json": null,
|
|
||||||
"stdout_redacted": true
|
|
||||||
}
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"artifact": "gcp_db_parity_current_probe",
|
|
||||||
"attempted_routes": [
|
|
||||||
"static active_config/config_default readback",
|
|
||||||
"temporary writable copy of local gcloud config to avoid sandbox writes under ~/.config/gcloud",
|
|
||||||
"gcloud auth list without printing secrets",
|
|
||||||
"gcloud auth print-access-token for configured accounts with stdout redacted",
|
|
||||||
"gcloud projects describe teleo-501523",
|
|
||||||
"if project readback works: gcloud compute instances describe teleo-prod-1",
|
|
||||||
"if project readback works: gcloud sql instances list"
|
|
||||||
],
|
|
||||||
"claim_ceiling": "This probe proves only current local gcloud/GCP read-only parity readiness. It does not prove VPS behavior, Telegram-visible behavior, production DB mutation, or GCP-hosted Leo correctness.",
|
|
||||||
"clear_CTA": "Run this probe from a network-enabled shell where oauth2.googleapis.com resolves, with `billy@livingip.xyz` authenticated for project `teleo-501523`. Then rerun `python3 scripts/probe_gcp_db_parity.py` and proceed only if it reports `ready_for_gcp_readonly_parity`.",
|
|
||||||
"current_canary": "gcloud account can read teleo-501523 project metadata plus target VM/Cloud SQL metadata",
|
|
||||||
"exact_gate": "blocked_on_network_dns_before_auth_refresh",
|
|
||||||
"expected": {
|
|
||||||
"gce_instance": "teleo-prod-1",
|
|
||||||
"gce_zone": "europe-west6-a",
|
|
||||||
"project": "teleo-501523",
|
|
||||||
"project_access_account": "billy@livingip.xyz"
|
|
||||||
},
|
|
||||||
"generated_at_utc": "2026-07-10T02:20:00.883398+00:00",
|
|
||||||
"local_gcloud": {
|
|
||||||
"auth_list": {
|
|
||||||
"command": [
|
|
||||||
"/opt/homebrew/bin/gcloud",
|
|
||||||
"auth",
|
|
||||||
"list",
|
|
||||||
"--format=json"
|
|
||||||
],
|
|
||||||
"ok": true,
|
|
||||||
"returncode": 0,
|
|
||||||
"stderr_excerpt": "",
|
|
||||||
"stdout_excerpt": "[\n {\n \"account\": \"billy@livingip.xyz\",\n \"status\": \"ACTIVE\"\n },\n {\n \"account\": \"billyattnmarket@gmail.com\",\n \"status\": \"\"\n },\n {\n \"account\": \"contact@attn.markets\",\n \"status\": \"\"\n },\n {\n \"account\": \"valentin.meylan68@gmail.com\",\n \"status\": \"\"\n }\n]",
|
|
||||||
"stdout_json": [
|
|
||||||
{
|
|
||||||
"account": "billy@livingip.xyz",
|
|
||||||
"status": "ACTIVE"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"account": "billyattnmarket@gmail.com",
|
|
||||||
"status": ""
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"account": "contact@attn.markets",
|
|
||||||
"status": ""
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"account": "valentin.meylan68@gmail.com",
|
|
||||||
"status": ""
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"stdout_redacted": false
|
|
||||||
},
|
|
||||||
"config_list": {
|
|
||||||
"command": [
|
|
||||||
"/opt/homebrew/bin/gcloud",
|
|
||||||
"config",
|
|
||||||
"list",
|
|
||||||
"--format=json"
|
|
||||||
],
|
|
||||||
"ok": false,
|
|
||||||
"returncode": 1,
|
|
||||||
"stderr_excerpt": "ERROR: (gcloud.config.list) There was a problem refreshing your current auth tokens: HTTPSConnectionPool(host='oauth2.googleapis.com', port=443): Max retries exceeded with url: /token (Caused by NameResolutionError(\"<urllib3.connection.HTTPSConnection object at 0x108187ed0>: Failed to resolve 'oauth2.googleapis.com' ([Errno 8] nodename nor servname provided, or not known)\"))\nPlease run:\n\n $ gcloud auth login\n\nto obtain new credentials.\n\nIf you have already logged in with a different account, run:\n\n $ gcloud config set account ACCOUNT\n\nto select an already authenticated account to use.",
|
|
||||||
"stdout_excerpt": "",
|
|
||||||
"stdout_json": null,
|
|
||||||
"stdout_redacted": false
|
|
||||||
},
|
|
||||||
"gcloud_path": "/opt/homebrew/bin/gcloud",
|
|
||||||
"source_config": "/Users/user/.config/gcloud",
|
|
||||||
"static_active_config": {
|
|
||||||
"account": "billy@livingip.xyz",
|
|
||||||
"active_config": "default",
|
|
||||||
"config_file": "/private/tmp/teleo-gcp-parity-3jp00f00/configurations/config_default",
|
|
||||||
"project": "teleo-501523"
|
|
||||||
},
|
|
||||||
"temporary_config_removed_after_probe": true,
|
|
||||||
"used_temporary_writable_config_copy": true
|
|
||||||
},
|
|
||||||
"mode": "read_only_gcloud_parity_probe",
|
|
||||||
"mutates_db": false,
|
|
||||||
"mutates_gcp": false,
|
|
||||||
"next_non_user_action": [
|
|
||||||
"Run this same probe again and require ready_for_gcp_readonly_parity=true.",
|
|
||||||
"SSH into teleo-prod-1 or use Cloud SQL read-only access for DB/runtime parity proof.",
|
|
||||||
"Run the Working Leo benchmark against GCP only after read-only GCP metadata is proven current."
|
|
||||||
],
|
|
||||||
"project_readback": {
|
|
||||||
"command": [
|
|
||||||
"/opt/homebrew/bin/gcloud",
|
|
||||||
"projects",
|
|
||||||
"describe",
|
|
||||||
"teleo-501523",
|
|
||||||
"--format=json"
|
|
||||||
],
|
|
||||||
"ok": false,
|
|
||||||
"returncode": 1,
|
|
||||||
"stderr_excerpt": "ERROR: (gcloud.projects.describe) There was a problem refreshing your current auth tokens: HTTPSConnectionPool(host='oauth2.googleapis.com', port=443): Max retries exceeded with url: /token (Caused by NameResolutionError(\"<urllib3.connection.HTTPSConnection object at 0x107ac0550>: Failed to resolve 'oauth2.googleapis.com' ([Errno 8] nodename nor servname provided, or not known)\"))\nPlease run:\n\n $ gcloud auth login\n\nto obtain new credentials.\n\nIf you have already logged in with a different account, run:\n\n $ gcloud config set account ACCOUNT\n\nto select an already authenticated account to use.",
|
|
||||||
"stdout_excerpt": "",
|
|
||||||
"stdout_json": null,
|
|
||||||
"stdout_redacted": false,
|
|
||||||
"summary": null
|
|
||||||
},
|
|
||||||
"ready_for_gcp_readonly_parity": false,
|
|
||||||
"runtime_readbacks": {
|
|
||||||
"cloudsql_instances": null,
|
|
||||||
"gce_instance": null
|
|
||||||
},
|
|
||||||
"status": "blocked_on_network_dns_before_auth_refresh"
|
|
||||||
}
|
|
||||||
|
|
@ -1,57 +0,0 @@
|
||||||
# GCP DB Parity Current Probe
|
|
||||||
|
|
||||||
Generated UTC: `2026-07-10T02:20:00.883398+00:00`
|
|
||||||
Status: `blocked_on_network_dns_before_auth_refresh`
|
|
||||||
Ready for GCP read-only parity: `False`
|
|
||||||
Mutates GCP: `False`
|
|
||||||
Mutates DB: `False`
|
|
||||||
Current canary: gcloud account can read teleo-501523 project metadata plus target VM/Cloud SQL metadata
|
|
||||||
|
|
||||||
## Active Config
|
|
||||||
|
|
||||||
- Account: `billy@livingip.xyz`
|
|
||||||
- Project: `teleo-501523`
|
|
||||||
- Temporary writable config copy: `True`
|
|
||||||
- Temporary config removed after probe: `True`
|
|
||||||
|
|
||||||
## Account Checks
|
|
||||||
|
|
||||||
- `billy@livingip.xyz`: `ok=False`, `returncode=1`, `stdout_redacted=True`
|
|
||||||
- stderr: `ERROR: (gcloud.auth.print-access-token) HTTPSConnectionPool(host='oauth2.googleapis.com', port=443): Max retries exceeded with url: /token (Caused by NameResolutionError("<urllib3.connection.HTTPSConnection object at 0x107996710>: Failed to resolve 'oauth2.googleapis.com' ([Errno 8] nodename nor servname provided, or not known)"))`
|
|
||||||
- `billyattnmarket@gmail.com`: `ok=False`, `returncode=1`, `stdout_redacted=True`
|
|
||||||
- stderr: `ERROR: (gcloud.auth.print-access-token) HTTPSConnectionPool(host='oauth2.googleapis.com', port=443): Max retries exceeded with url: /token (Caused by NameResolutionError("<urllib3.connection.HTTPSConnection object at 0x10733e710>: Failed to resolve 'oauth2.googleapis.com' ([Errno 8] nodename nor servname provided, or not known)"))`
|
|
||||||
- `contact@attn.markets`: `ok=False`, `returncode=1`, `stdout_redacted=True`
|
|
||||||
- stderr: `ERROR: (gcloud.auth.print-access-token) HTTPSConnectionPool(host='oauth2.googleapis.com', port=443): Max retries exceeded with url: /token (Caused by NameResolutionError("<urllib3.connection.HTTPSConnection object at 0x10789a710>: Failed to resolve 'oauth2.googleapis.com' ([Errno 8] nodename nor servname provided, or not known)"))`
|
|
||||||
- `valentin.meylan68@gmail.com`: `ok=False`, `returncode=1`, `stdout_redacted=True`
|
|
||||||
- stderr: `ERROR: (gcloud.auth.print-access-token) HTTPSConnectionPool(host='oauth2.googleapis.com', port=443): Max retries exceeded with url: /token (Caused by NameResolutionError("<urllib3.connection.HTTPSConnection object at 0x10a1d2710>: Failed to resolve 'oauth2.googleapis.com' ([Errno 8] nodename nor servname provided, or not known)"))`
|
|
||||||
|
|
||||||
## Project Readback
|
|
||||||
|
|
||||||
- `ok=False`, `returncode=1`
|
|
||||||
- stderr: `ERROR: (gcloud.projects.describe) There was a problem refreshing your current auth tokens: HTTPSConnectionPool(host='oauth2.googleapis.com', port=443): Max retries exceeded with url: /token (Caused by NameResolutionError("<urllib3.connection.HTTPSConnection object at 0x107ac0550>: Failed to resolve 'oauth2.googleapis.com' ([Errno 8] nodename nor servname provided, or not known)"))
|
|
||||||
Please run:
|
|
||||||
|
|
||||||
$ gcloud auth login
|
|
||||||
|
|
||||||
to obtain new credentials.
|
|
||||||
|
|
||||||
If you have already logged in with a different account, run:
|
|
||||||
|
|
||||||
$ gcloud config set account ACCOUNT
|
|
||||||
|
|
||||||
to select an already authenticated account to use.`
|
|
||||||
|
|
||||||
## Gate
|
|
||||||
|
|
||||||
- Exact gate: `blocked_on_network_dns_before_auth_refresh`
|
|
||||||
- Clear CTA: Run this probe from a network-enabled shell where oauth2.googleapis.com resolves, with `billy@livingip.xyz` authenticated for project `teleo-501523`. Then rerun `python3 scripts/probe_gcp_db_parity.py` and proceed only if it reports `ready_for_gcp_readonly_parity`.
|
|
||||||
|
|
||||||
## Next Non-User Action
|
|
||||||
|
|
||||||
- Run this same probe again and require ready_for_gcp_readonly_parity=true.
|
|
||||||
- SSH into teleo-prod-1 or use Cloud SQL read-only access for DB/runtime parity proof.
|
|
||||||
- Run the Working Leo benchmark against GCP only after read-only GCP metadata is proven current.
|
|
||||||
|
|
||||||
## Claim Ceiling
|
|
||||||
|
|
||||||
This probe proves only current local gcloud/GCP read-only parity readiness. It does not prove VPS behavior, Telegram-visible behavior, production DB mutation, or GCP-hosted Leo correctness.
|
|
||||||
|
|
@ -1,259 +0,0 @@
|
||||||
{
|
|
||||||
"schema": "teleo.gcpLeoRuntimeObservability.v1",
|
|
||||||
"captured_at_utc": "2026-07-10T16:03:00Z",
|
|
||||||
"source_thread_id": "019f47af-f2cc-7c10-b928-a9283afa2621",
|
|
||||||
"current_canary": "Open GCP VM observability and Logs Explorer for teleo-prod-1 with authuser=5 and retain current read-only Leo runtime evidence or a precise no-log result.",
|
|
||||||
"required_tier": "T3_live_readonly",
|
|
||||||
"current_tier": "T3_live_readonly",
|
|
||||||
"status": "done_verified",
|
|
||||||
"overall_runtime_parity_status": "partial_unproven",
|
|
||||||
"strongest_claim_allowed": "teleo-prod-1 is currently RUNNING and its read-only serial-port output is current through 2026-07-10T15:57:54Z. Serial evidence proves recurring successful leoclean Cloud SQL memory-sync unit activity and shows the latest exact leoclean GCP gateway unit lifecycle event was a Hermes service start on 2026-07-09T07:00:04Z with no later exact stop or failure in the retained serial buffer. Cloud Logging has guest-agent/platform logs but zero seven-day entries matching leoclean, hermes, gateway, postgres, or teleo-kb. This does not prove a current gateway PID, deployed repo SHA, profile, model/auth capability, Telegram bot identity, selected canonical DB backend, or safe no-post handler execution.",
|
|
||||||
"capture": {
|
|
||||||
"surface": "authenticated Google Cloud Console through Chrome",
|
|
||||||
"account": "b***@livingip.xyz",
|
|
||||||
"project_id": "teleo-501523",
|
|
||||||
"authuser": 5,
|
|
||||||
"cli_used": false,
|
|
||||||
"ssh_or_iap_used": false,
|
|
||||||
"cloud_shell_used": false,
|
|
||||||
"secret_values_captured": false,
|
|
||||||
"raw_serial_or_log_payload_retained": false
|
|
||||||
},
|
|
||||||
"instance": {
|
|
||||||
"name": "teleo-prod-1",
|
|
||||||
"instance_id": "6202458246232531966",
|
|
||||||
"status": "RUNNING",
|
|
||||||
"creation_time_ui": "2026-07-07 03:57:37 UTC+02:00",
|
|
||||||
"zone": "europe-west6-a",
|
|
||||||
"machine_type": "e2-standard-4",
|
|
||||||
"vcpus": 4,
|
|
||||||
"memory_gb": 16,
|
|
||||||
"cpu_platform": "Intel Broadwell",
|
|
||||||
"labels": [],
|
|
||||||
"deletion_protection": false,
|
|
||||||
"confidential_vm": false,
|
|
||||||
"shielded_vm": {
|
|
||||||
"secure_boot": false,
|
|
||||||
"vtpm": true,
|
|
||||||
"integrity_monitoring": true
|
|
||||||
},
|
|
||||||
"boot": {
|
|
||||||
"source_image": "debian-12-bookworm-v20260609",
|
|
||||||
"architecture": "X86_64",
|
|
||||||
"disk_name": "teleo-prod-1",
|
|
||||||
"disk_size_gb": 150,
|
|
||||||
"disk_type": "Balanced persistent disk",
|
|
||||||
"mode": "read_write",
|
|
||||||
"delete_with_instance": true,
|
|
||||||
"snapshot_policy": "teleo-daily-7d-snapshots",
|
|
||||||
"snapshot_schedule_ui": "daily between 03:00 and 04:00"
|
|
||||||
},
|
|
||||||
"network": {
|
|
||||||
"interface": "nic0",
|
|
||||||
"vpc": "teleo-staging-net",
|
|
||||||
"subnetwork": "teleo-staging-europe-west6",
|
|
||||||
"internal_ip": "10.60.0.3",
|
|
||||||
"external_ip": "34.65.143.148",
|
|
||||||
"external_ip_allocation": "ephemeral",
|
|
||||||
"network_tier": "Premium",
|
|
||||||
"ip_forwarding": false
|
|
||||||
},
|
|
||||||
"identity_and_access": {
|
|
||||||
"service_account_redacted": "sa-teleo-prod-vm@t***.iam.gserviceaccount.com",
|
|
||||||
"service_account_full_identity_retained": false,
|
|
||||||
"cloud_api_access_scope_ui": "Allow full access to all Cloud APIs",
|
|
||||||
"scope_is_not_iam_authorization_proof": true,
|
|
||||||
"os_login_metadata": true
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"observability": {
|
|
||||||
"platform_metrics_present": [
|
|
||||||
"CPU utilization",
|
|
||||||
"network traffic",
|
|
||||||
"new connections",
|
|
||||||
"disk throughput",
|
|
||||||
"disk IOPS"
|
|
||||||
],
|
|
||||||
"ops_agent": {
|
|
||||||
"installed": false,
|
|
||||||
"evidence": "The VM Observability page displayed Install Ops Agent and marked memory and disk-space utilization as requiring the Ops Agent.",
|
|
||||||
"installation_attempted": false
|
|
||||||
},
|
|
||||||
"vm_manager": {
|
|
||||||
"enabled": false,
|
|
||||||
"os_info_available": false,
|
|
||||||
"evidence": "OS Info displayed Enable VM Manager to view OS info.",
|
|
||||||
"enablement_attempted": false
|
|
||||||
},
|
|
||||||
"interactive_serial_console": {
|
|
||||||
"enabled": false,
|
|
||||||
"evidence": "Connect to serial console was disabled on the VM details page."
|
|
||||||
},
|
|
||||||
"serial_output_readable_without_enablement": true
|
|
||||||
},
|
|
||||||
"cloud_logging": {
|
|
||||||
"time_window": "P7D",
|
|
||||||
"timezone_ui": "CEST",
|
|
||||||
"base_query": "resource.type=\"gce_instance\"\nresource.labels.instance_id=\"6202458246232531966\"",
|
|
||||||
"base_result_count": 92,
|
|
||||||
"severity_counts": {
|
|
||||||
"INFO": 82,
|
|
||||||
"NOTICE": 5,
|
|
||||||
"DEFAULT": 4,
|
|
||||||
"ERROR": 1
|
|
||||||
},
|
|
||||||
"distinct_log_name_count": 7,
|
|
||||||
"visible_top_log_names": [
|
|
||||||
{
|
|
||||||
"name": "GCEGuestAgent",
|
|
||||||
"count": 53
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "GCEGuestAgentManager",
|
|
||||||
"count": 26
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "diagnostic-log",
|
|
||||||
"count": 4
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "compute.googleapis.com/shielded_vm_integrity",
|
|
||||||
"count": 3
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"combined_runtime_query_with_systemd": "resource.type=\"gce_instance\"\nresource.labels.instance_id=\"6202458246232531966\"\n(SEARCH(\"leoclean\") OR SEARCH(\"hermes\") OR SEARCH(\"gateway\") OR SEARCH(\"systemd\") OR SEARCH(\"postgres\") OR SEARCH(\"teleo-kb\"))",
|
|
||||||
"combined_runtime_query_result_count": 5,
|
|
||||||
"combined_result_summary": "Five INFO records, all boot-time systemd network/login/SSH initialization. No Leo application or agent record was present.",
|
|
||||||
"runtime_query_without_systemd": "resource.type=\"gce_instance\"\nresource.labels.instance_id=\"6202458246232531966\"\n(SEARCH(\"leoclean\") OR SEARCH(\"hermes\") OR SEARCH(\"gateway\") OR SEARCH(\"postgres\") OR SEARCH(\"teleo-kb\"))",
|
|
||||||
"runtime_query_without_systemd_result_count": 0,
|
|
||||||
"precise_no_log_result": "Over the full seven-day window, Cloud Logging contains zero entries for this exact VM matching leoclean, hermes, gateway, postgres, or teleo-kb.",
|
|
||||||
"interpretation": "Guest/platform logs are ingested, but Leo application/systemd journal logs are not present in Cloud Logging. The missing Ops Agent is consistent with the absent application log stream, while read-only serial output independently contains Leo service events."
|
|
||||||
},
|
|
||||||
"serial_port_1_sanitized": {
|
|
||||||
"interactive_console_enabled": false,
|
|
||||||
"output_page_readable": true,
|
|
||||||
"text_bytes_observed": 1046328,
|
|
||||||
"line_count_observed": 3304,
|
|
||||||
"earliest_timestamp_in_loaded_output": "2026-07-09T04:00:21.793108Z",
|
|
||||||
"latest_timestamp_in_loaded_output": "2026-07-10T15:57:54.111434Z",
|
|
||||||
"relevant_unit_names": [
|
|
||||||
"leoclean-cloudsql-memory-sync.service",
|
|
||||||
"leoclean-gcp-prod-parallel.service"
|
|
||||||
],
|
|
||||||
"term_facts": {
|
|
||||||
"leoclean": {
|
|
||||||
"matching_line_count": 3042,
|
|
||||||
"latest_timestamp": "2026-07-10T15:57:54.111434Z"
|
|
||||||
},
|
|
||||||
"hermes": {
|
|
||||||
"matching_line_count": 1881,
|
|
||||||
"latest_timestamp": "2026-07-10T15:57:54.111434Z"
|
|
||||||
},
|
|
||||||
"gateway": {
|
|
||||||
"matching_line_count": 38,
|
|
||||||
"latest_timestamp": "2026-07-10T12:14:52.972390Z"
|
|
||||||
},
|
|
||||||
"teleo-kb": {
|
|
||||||
"matching_line_count": 4,
|
|
||||||
"latest_timestamp": "2026-07-09T06:49:14.505121Z"
|
|
||||||
},
|
|
||||||
"postgres": {
|
|
||||||
"matching_line_count": 0,
|
|
||||||
"latest_timestamp": null
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"cloudsql_memory_sync": {
|
|
||||||
"latest_finished_timestamp": "2026-07-10T15:57:54.094689Z",
|
|
||||||
"latest_started_timestamp": "2026-07-10T15:57:54.111434Z",
|
|
||||||
"latest_cycle_finished_successfully": true,
|
|
||||||
"description_from_safe_systemd_text": "Sync leoclean Hermes state database to the current Cloud SQL snapshot",
|
|
||||||
"claim": "The VM is currently executing a recurring leoclean memory-sync unit that completes successfully and starts its next cycle. This proves an existing host-to-Cloud-SQL sync path, not canonical teleo-kb DB selection or schema/count parity."
|
|
||||||
},
|
|
||||||
"gateway_unit": {
|
|
||||||
"exact_unit_matching_line_count": 30,
|
|
||||||
"latest_exact_unit_event": "started",
|
|
||||||
"latest_exact_unit_event_timestamp": "2026-07-09T07:00:04.363359Z",
|
|
||||||
"latest_exact_event_mentions_hermes": true,
|
|
||||||
"failed_events_in_exact_unit_sequence": 0,
|
|
||||||
"later_exact_stop_or_failure_present": false,
|
|
||||||
"claim": "The latest exact gateway-unit lifecycle record in the loaded serial buffer is a Hermes service start, with no later exact stop or failure. This is indirect liveness evidence only; it is not a current PID/systemctl/process readback."
|
|
||||||
},
|
|
||||||
"raw_lines_retained": false,
|
|
||||||
"secret_values_retained": false
|
|
||||||
},
|
|
||||||
"no_post_cory_handler_decision": {
|
|
||||||
"safe_to_run_from_this_evidence": false,
|
|
||||||
"handler_run_attempted": false,
|
|
||||||
"reason": "The Console proves VM and serial-service activity but does not prove the current gateway PID, deployed SHA, leoclean profile, model/auth booleans, Telegram token/identity state, selected canonical DB backend, or a no-write harness route.",
|
|
||||||
"missing_preconditions": [
|
|
||||||
"current process or systemd PID and restart readback",
|
|
||||||
"deployed repo SHA and deploy stamp on GCP",
|
|
||||||
"profile and model/provider names with auth-presence booleans",
|
|
||||||
"Telegram enabled/token-presence and local non-secret bot identity",
|
|
||||||
"selected DB backend plus before/after counts",
|
|
||||||
"verified no-post, no-profile-write, no-DB-write handler invocation and cleanup path"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"vps_comparison_corrected": {
|
|
||||||
"deploy_checkout_and_stamp": "771679061f0a0b6463fb7d9cf530eb9d2d4e5440",
|
|
||||||
"fast_forward_observed_utc": "2026-07-10T15:53:13Z_to_2026-07-10T15:53:20Z",
|
|
||||||
"journal_readback": "No Python changes — services not restarted",
|
|
||||||
"leo_code_delta_in_merge": false,
|
|
||||||
"gateway": {
|
|
||||||
"main_pid": 2999690,
|
|
||||||
"nrestarts": 0,
|
|
||||||
"started_at_utc": "2026-07-10T03:47:11Z"
|
|
||||||
},
|
|
||||||
"db_count_tuple_as_supplied": "1837/4145/4670/4916/17/26",
|
|
||||||
"apply_worker": "disabled/inactive",
|
|
||||||
"interpretation": "This is source-checkout synchronization only, not a Leo runtime behavior change and not production permission migration/application."
|
|
||||||
},
|
|
||||||
"delivery_context": {
|
|
||||||
"repo_work": "merged_pr",
|
|
||||||
"pull_request": 72,
|
|
||||||
"gcp_deployment_status": "unproven",
|
|
||||||
"vps_source_checkout_synced": true,
|
|
||||||
"vps_live_leo_runtime_changed_by_pr": false,
|
|
||||||
"gcp_deployed_sha_proven": false,
|
|
||||||
"note": "PR #72 source synchronized to the VPS deploy checkout, but it did not restart or change the VPS Leo runtime. GCP deployment status is unproven because no GCP SHA was available."
|
|
||||||
},
|
|
||||||
"not_proven": [
|
|
||||||
"current leoclean gateway PID or NRestarts on GCP",
|
|
||||||
"current deployed repo SHA or deploy stamp on GCP",
|
|
||||||
"current leoclean profile path",
|
|
||||||
"current model/provider/auth capability booleans",
|
|
||||||
"current Telegram bot identity or token presence",
|
|
||||||
"selected canonical database/backend and row counts",
|
|
||||||
"safe no-post Cory handler execution",
|
|
||||||
"runtime parity with the corrected VPS baseline"
|
|
||||||
],
|
|
||||||
"actions": [
|
|
||||||
"Opened the authenticated Compute Engine VM inventory and exact teleo-prod-1 details page.",
|
|
||||||
"Read current instance, machine, boot disk, networking, service-account, and metadata fields without entering edit mode.",
|
|
||||||
"Opened VM Observability and verified platform metrics plus absent Ops Agent.",
|
|
||||||
"Opened OS Info and verified VM Manager is not enabled without enabling it.",
|
|
||||||
"Opened Logs Explorer for the exact instance ID and ran seven-day read-only searches for leoclean, hermes, gateway, systemd, postgres, and teleo-kb.",
|
|
||||||
"Opened the already-readable serial-port-1 output without enabling interactive serial access and extracted only allowlisted unit/timestamp/count facts."
|
|
||||||
],
|
|
||||||
"cleanup_readback": {
|
|
||||||
"browser_tab_finalized": true,
|
|
||||||
"browser_tab_disposition": "agent-created Console tab closed; no handoff tab kept",
|
|
||||||
"gcp_writes": 0,
|
|
||||||
"database_writes": 0,
|
|
||||||
"service_restarts": 0,
|
|
||||||
"deploys": 0,
|
|
||||||
"iam_changes": 0,
|
|
||||||
"credential_or_key_creation": 0,
|
|
||||||
"ssh_or_iap_sessions": 0,
|
|
||||||
"cloud_shell_sessions": 0,
|
|
||||||
"telegram_sends": 0,
|
|
||||||
"ops_agent_installations": 0,
|
|
||||||
"vm_manager_enablements": 0,
|
|
||||||
"serial_console_enablements": 0
|
|
||||||
},
|
|
||||||
"evidence_paths": [
|
|
||||||
"/Users/user/Documents/Codex/2026-07-10/leo-gcp-runtime-parity/outputs/gcp-leo-runtime-observability-current.json",
|
|
||||||
"/Users/user/Documents/Codex/2026-07-10/leo-gcp-runtime-parity/outputs/gcp-leo-runtime-observability-current.md",
|
|
||||||
"/Users/user/Documents/Codex/2026-07-10/leo-gcp-control-plane/outputs/gcp-cloud-sql-t3-live-readonly-current.json"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
@ -1,113 +0,0 @@
|
||||||
# GCP Leo Runtime Observability — T3 Live Read-Only
|
|
||||||
|
|
||||||
Captured UTC: 2026-07-10T16:03:00Z
|
|
||||||
|
|
||||||
## Outcome
|
|
||||||
|
|
||||||
The Console-only observability canary passed at T3_live_readonly.
|
|
||||||
|
|
||||||
teleo-prod-1 is currently running. Its serial-port output is current through 2026-07-10T15:57:54Z and proves recurring successful leoclean-cloudsql-memory-sync.service cycles. The latest exact lifecycle event for leoclean-gcp-prod-parallel.service is a Hermes service start at 2026-07-09T07:00:04Z, with no later exact stop or failure in the loaded serial buffer.
|
|
||||||
|
|
||||||
That is useful runtime evidence, but it is not full Leo parity. The current gateway PID, deployed SHA, profile, model/auth, Telegram identity, selected canonical DB backend, and safe no-post handler route remain unproven.
|
|
||||||
|
|
||||||
Required tier: T3_live_readonly
|
|
||||||
|
|
||||||
Current tier: T3_live_readonly for control/runtime observability
|
|
||||||
|
|
||||||
Overall runtime parity: partial_unproven
|
|
||||||
|
|
||||||
## Current VM
|
|
||||||
|
|
||||||
| Field | Live Console readback |
|
|
||||||
| --- | --- |
|
|
||||||
| VM / instance ID | teleo-prod-1 / 6202458246232531966 |
|
|
||||||
| Status / zone | RUNNING / europe-west6-a |
|
|
||||||
| Created | 2026-07-07 03:57:37 UTC+02:00 |
|
|
||||||
| Machine | e2-standard-4, 4 vCPU, 16 GB, Intel Broadwell |
|
|
||||||
| Image | debian-12-bookworm-v20260609, X86_64 |
|
|
||||||
| Boot disk | 150 GB balanced persistent disk, read/write, daily snapshot policy |
|
|
||||||
| Network | teleo-staging-net / teleo-staging-europe-west6 |
|
|
||||||
| Addresses | 10.60.0.3 internal; 34.65.143.148 ephemeral external |
|
|
||||||
| Service account | sa-teleo-prod-vm@t***.iam.gserviceaccount.com |
|
|
||||||
| Access metadata | OS Login enabled; UI shows full Cloud API scopes, which is not IAM authorization proof |
|
|
||||||
|
|
||||||
No full service-account identity, token, cookie, password, or raw credential was retained.
|
|
||||||
|
|
||||||
## Observability And Logging
|
|
||||||
|
|
||||||
- Base CPU, network, connection, disk-throughput, and disk-IOPS metrics are present.
|
|
||||||
- Ops Agent is not installed. The page offers Install Ops Agent; memory and disk-space utilization explicitly require it. Nothing was installed.
|
|
||||||
- VM Manager is not enabled, so OS Info is unavailable. Nothing was enabled.
|
|
||||||
- Interactive serial-console access is disabled, but the existing serial-port output page is readable.
|
|
||||||
|
|
||||||
The exact VM filter returned 92 Cloud Logging records over seven days:
|
|
||||||
|
|
||||||
- severity: INFO 82, NOTICE 5, DEFAULT 4, ERROR 1;
|
|
||||||
- seven distinct log names;
|
|
||||||
- visible top sources: GCEGuestAgent 53, GCEGuestAgentManager 26, diagnostic-log 4, and shielded-VM integrity 3.
|
|
||||||
|
|
||||||
Exact runtime search:
|
|
||||||
|
|
||||||
resource.type="gce_instance"
|
|
||||||
resource.labels.instance_id="6202458246232531966"
|
|
||||||
(SEARCH("leoclean") OR SEARCH("hermes") OR SEARCH("gateway") OR SEARCH("postgres") OR SEARCH("teleo-kb"))
|
|
||||||
|
|
||||||
Result: 0 entries over seven days.
|
|
||||||
|
|
||||||
Adding SEARCH("systemd") returns five INFO records, all boot-time network/login/SSH initialization. It does not surface a Leo application or gateway record.
|
|
||||||
|
|
||||||
Precise interpretation: guest/platform logs are ingested, but Leo application/systemd journal logs are absent from Cloud Logging. The missing Ops Agent is consistent with that gap. Serial output independently contains Leo unit activity.
|
|
||||||
|
|
||||||
## Sanitized Serial Evidence
|
|
||||||
|
|
||||||
The loaded serial-port-1 buffer contained 3,304 lines, from 2026-07-09T04:00:21Z through 2026-07-10T15:57:54Z. Raw lines were not retained.
|
|
||||||
|
|
||||||
Observed unit names:
|
|
||||||
|
|
||||||
- leoclean-cloudsql-memory-sync.service
|
|
||||||
- leoclean-gcp-prod-parallel.service
|
|
||||||
|
|
||||||
Current memory-sync evidence:
|
|
||||||
|
|
||||||
- latest successful finish: 2026-07-10T15:57:54.094689Z;
|
|
||||||
- next start: 2026-07-10T15:57:54.111434Z;
|
|
||||||
- safe systemd description: syncing the leoclean Hermes state database to the current Cloud SQL snapshot.
|
|
||||||
|
|
||||||
Gateway-unit evidence:
|
|
||||||
|
|
||||||
- 30 exact unit lifecycle lines;
|
|
||||||
- repeated stop/start cycles on July 9;
|
|
||||||
- latest exact event: started at 2026-07-09T07:00:04.363359Z;
|
|
||||||
- no exact failed event and no later exact stop in the loaded buffer.
|
|
||||||
|
|
||||||
This supports “last known started and not subsequently stopped in serial evidence.” It does not replace a current PID, systemctl, process, or deployed-SHA readback.
|
|
||||||
|
|
||||||
## Exact Claim Ceiling
|
|
||||||
|
|
||||||
VM/control-plane: current and live-proven.
|
|
||||||
|
|
||||||
Serial lifecycle/sync: current within the loaded 2026-07-09T04:00:21Z–2026-07-10T15:57:54Z timestamp window.
|
|
||||||
|
|
||||||
Gateway active state/PID/SHA/model/auth/DB rows: still unproven.
|
|
||||||
|
|
||||||
No-post Cory canary: not safe to run and not attempted.
|
|
||||||
|
|
||||||
## Corrected VPS Baseline
|
|
||||||
|
|
||||||
The VPS deploy checkout and stamp fast-forwarded to 771679061f0a0b6463fb7d9cf530eb9d2d4e5440 between 15:53:13–15:53:20Z.
|
|
||||||
|
|
||||||
The journal says “No Python changes — services not restarted.” The merge has no delta under the Leo bin/skill paths. Gateway remains PID 2999690, NRestarts=0, started 03:47:11Z; DB count tuple remains 1837/4145/4670/4916/17/26; the apply worker remains disabled/inactive.
|
|
||||||
|
|
||||||
This is source-checkout synchronization only—not a Leo runtime behavior change, deployment of PR #72 to GCP, or production permission migration/application.
|
|
||||||
|
|
||||||
## Cleanup
|
|
||||||
|
|
||||||
- No SSH, IAP, Cloud Shell, password, OTP, key, IAM, metadata, DB, service, deployment, or Telegram action occurred.
|
|
||||||
- Ops Agent, VM Manager, and serial-console access were not enabled.
|
|
||||||
- PR #72 source auto-synchronized to the VPS checkout, but it did not restart or change the VPS Leo runtime. Its GCP deployment status is unproven because no GCP SHA was available.
|
|
||||||
- The agent-created Console tab was finalized and closed.
|
|
||||||
|
|
||||||
## Evidence
|
|
||||||
|
|
||||||
- outputs/gcp-leo-runtime-observability-current.json
|
|
||||||
- /Users/user/Documents/Codex/2026-07-10/leo-gcp-control-plane/outputs/gcp-cloud-sql-t3-live-readonly-current.json
|
|
||||||
|
|
@ -1,137 +0,0 @@
|
||||||
{
|
|
||||||
"schema": "working-leo.gcp-parallel-delegation.v1",
|
|
||||||
"source_thread_id": "019f47af-f2cc-7c10-b928-a9283afa2621",
|
|
||||||
"last_updated_utc": "2026-07-10T15:47:17Z",
|
|
||||||
"source_goal": "Make Leo on VPS meet the working-Leo definition, then prove the equivalent GCP path without weakening the VPS standard.",
|
|
||||||
"dispatched_repo_head": "339565585dc417501488a38135998283988482d1",
|
|
||||||
"parallelism_expected": 10,
|
|
||||||
"parallelism_actual": 10,
|
|
||||||
"ship_owner": {
|
|
||||||
"thread_id": "019f4a53-b16c-7653-8026-bba381b853bf",
|
|
||||||
"working_target": "Authenticated live GCP project, Compute Engine, Cloud SQL, and Leo surface inventory",
|
|
||||||
"required_tier": "T3_live_readonly",
|
|
||||||
"status": "completed_t3_control_plane_inventory"
|
|
||||||
},
|
|
||||||
"visible_threads": [
|
|
||||||
{
|
|
||||||
"thread_id": "019f4a53-b16c-7653-8026-bba381b853bf",
|
|
||||||
"lane_class": "parallel_canary",
|
|
||||||
"role": "GCP control-plane ship owner",
|
|
||||||
"working_target": "Authenticated live GCP resource inventory",
|
|
||||||
"required_tier": "T3_live_readonly",
|
|
||||||
"owned_surface": "GCP project and resource discovery; read-only",
|
|
||||||
"forbidden_surface": "Shared repo writes, Telegram sends, DB writes, restarts, deploys, credentials, IAM, infrastructure mutation",
|
|
||||||
"status": "completed_t3_project_vm_cloudsql_inventory"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"thread_id": "019f4a53-9702-7a10-a894-354af22d9cee",
|
|
||||||
"lane_class": "parallel_canary",
|
|
||||||
"role": "GCP Cloud SQL parity owner",
|
|
||||||
"working_target": "Read-only canonical row and schema parity against VPS",
|
|
||||||
"required_tier": "T3_live_readonly",
|
|
||||||
"owned_surface": "Cloud SQL discovery and read-only SQL",
|
|
||||||
"forbidden_surface": "Shared repo writes, DB mutation, Telegram sends, restarts, deploys, credentials, IAM, infrastructure mutation",
|
|
||||||
"status": "completed_live_studio_gate_waiting_existing_db_principal"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"thread_id": "019f4a53-c10a-7781-b336-401d526d2a48",
|
|
||||||
"lane_class": "parallel_canary",
|
|
||||||
"role": "GCP Leo runtime parity owner",
|
|
||||||
"working_target": "Read-only VM, process, service, repo, profile, model, DB, and bot surface map",
|
|
||||||
"required_tier": "T3_live_readonly",
|
|
||||||
"owned_surface": "Compute Engine and Leo runtime inspection; read-only",
|
|
||||||
"forbidden_surface": "Shared repo writes, Telegram sends, profile writes, restarts, deploys, credentials, IAM, infrastructure mutation",
|
|
||||||
"status": "completed_runtime_contract_waiting_iap_access"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"thread_id": "019f4a53-cf0a-7e92-a7d0-16fde32224de",
|
|
||||||
"lane_class": "parallel_canary",
|
|
||||||
"role": "GCP no-post Cory canary owner",
|
|
||||||
"working_target": "Real GCP DC-01 through DC-06 runtime replies, score, unchanged DB counts, and cleanup",
|
|
||||||
"required_tier": "T2_runtime_plus_T3_live_readonly",
|
|
||||||
"owned_surface": "No-post handler execution and scoring against the discovered GCP runtime",
|
|
||||||
"forbidden_surface": "Shared repo writes, Telegram sends, DB apply, profile writes, restarts, deploys",
|
|
||||||
"status": "completed_before_runtime_canary_waiting_iap_access"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"support_agents": [
|
|
||||||
{
|
|
||||||
"agent_id": "019f4a53-d792-75e1-93c0-ad3c90868176",
|
|
||||||
"nickname": "Dewey",
|
|
||||||
"role": "gcloud DNS and auth anomaly diagnosis",
|
|
||||||
"owned_surface": "Local gcloud runtime and network diagnosis; read-only",
|
|
||||||
"status": "completed"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"agent_id": "019f4a53-e042-72e3-923f-bff6e067175e",
|
|
||||||
"nickname": "Fermat",
|
|
||||||
"role": "Cloud SQL parity query contract",
|
|
||||||
"owned_surface": "Retained artifacts, schema, and read-only query design",
|
|
||||||
"status": "completed"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"agent_id": "019f4a53-e68a-7e41-a7e6-be6b1f378b41",
|
|
||||||
"nickname": "Planck",
|
|
||||||
"role": "GCP probe script defect audit",
|
|
||||||
"owned_surface": "scripts/probe_gcp_db_parity.py and tests; read-only",
|
|
||||||
"status": "completed"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"agent_id": "019f4a53-ec08-7b02-945e-3aa3d3f275a5",
|
|
||||||
"nickname": "Banach",
|
|
||||||
"role": "Cory-standard GCP acceptance and cutover sequence",
|
|
||||||
"owned_surface": "Working-Leo acceptance gates and execution order; read-only",
|
|
||||||
"status": "completed"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"review_agents": [
|
|
||||||
{
|
|
||||||
"agent_id": "019f4a5b-552e-7873-84ab-a274eec7261f",
|
|
||||||
"nickname": "Bacon",
|
|
||||||
"role": "DB apply authority and race review",
|
|
||||||
"status": "completed_findings_integrated"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"agent_id": "019f4a5b-5ca4-7a80-88e1-20c9a8d147aa",
|
|
||||||
"nickname": "Meitner",
|
|
||||||
"role": "Rich normalization and lifecycle review",
|
|
||||||
"status": "completed_findings_integrated"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"root_owned_running_rows": [
|
|
||||||
{
|
|
||||||
"working_target": "Approved strict claim bundles become canonical rows with conflict-safe row-level proof in a disposable DB clone",
|
|
||||||
"owned_files": [
|
|
||||||
"scripts/apply_proposal.py",
|
|
||||||
"scripts/apply_worker.py",
|
|
||||||
"scripts/kb_apply_prereqs.sql",
|
|
||||||
"scripts/kb_proposal_normalize.py",
|
|
||||||
"tests/test_apply_proposal.py",
|
|
||||||
"tests/test_apply_worker.py",
|
|
||||||
"tests/test_kb_proposal_normalize.py"
|
|
||||||
],
|
|
||||||
"status": "isolated_runtime_green_generic_and_helmer_37_of_37"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"blocked_by_tooling_or_capacity": [],
|
|
||||||
"blocked_by_collision_risk": [],
|
|
||||||
"blocked_by_external_gate": [
|
|
||||||
{
|
|
||||||
"gate": "Cloud SQL Studio has no enabled existing IAM database principal and requires built-in password authentication",
|
|
||||||
"impact": "Cloud SQL schema, row-count, proposal-state, and VPS-versus-GCP database parity queries cannot run",
|
|
||||||
"clear_CTA": "Authenticate Studio with an already-existing authorized database principal without sharing the credential, then report GCP Studio authenticated; otherwise authorize a separate IAM/database-user enablement window."
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"gate": "no verified no-key read-only VM session",
|
|
||||||
"impact": "GCP Leo runtime parity and DC-01 through DC-06 remain unproven",
|
|
||||||
"clear_CTA": "Use an already-authenticated no-key runtime route, or separately authorize the minimum IAP/OS Login setup needed for a read-only VM session."
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"repair_action": "Authenticated Chrome cleared the old blanket login/DNS blocker and retained live project, VM, and private Cloud SQL inventory. Cloud SQL Studio was opened and safely stopped at the database-principal gate without submitting credentials. The next database pass starts from an already-authenticated Studio session; runtime parity remains a separate no-key session gate.",
|
|
||||||
"shared_checkout_rule": "All GCP workers are read-only. The source thread is the sole apply-engine integration owner.",
|
|
||||||
"gui_rule": "Authenticated Chrome or Computer Use is authorized for GCP login and read-only console navigation. AppleScript, osascript, open, focus stealing, credential creation, and representational communication are forbidden.",
|
|
||||||
"telegram_messages_authorized": false,
|
|
||||||
"database_mutation_authorized": false,
|
|
||||||
"infrastructure_mutation_authorized": false,
|
|
||||||
"no_x402_scope": true
|
|
||||||
}
|
|
||||||
|
|
@ -1,128 +0,0 @@
|
||||||
\set ON_ERROR_STOP on
|
|
||||||
begin;
|
|
||||||
|
|
||||||
create table if not exists public.concept_maps (
|
|
||||||
id uuid primary key default gen_random_uuid(),
|
|
||||||
key text not null unique,
|
|
||||||
title text not null,
|
|
||||||
body text not null,
|
|
||||||
status text not null default 'active' check (status = any (array['draft'::text, 'active'::text, 'retired'::text])),
|
|
||||||
source_ref text,
|
|
||||||
metadata jsonb not null default '{}'::jsonb,
|
|
||||||
created_at timestamptz not null default now(),
|
|
||||||
updated_at timestamptz not null default now()
|
|
||||||
);
|
|
||||||
|
|
||||||
create table if not exists public.claim_concept_map_links (
|
|
||||||
id uuid primary key default gen_random_uuid(),
|
|
||||||
claim_id uuid not null references public.claims(id) on delete cascade,
|
|
||||||
concept_map_id uuid not null references public.concept_maps(id) on delete cascade,
|
|
||||||
relation text not null check (relation = any (array['derives_from'::text, 'supports'::text, 'contextualizes'::text, 'contains'::text, 'requires'::text, 'relates'::text])),
|
|
||||||
weight numeric check (weight >= 0 and weight <= 1),
|
|
||||||
rationale text not null,
|
|
||||||
source_ref text,
|
|
||||||
metadata jsonb not null default '{}'::jsonb,
|
|
||||||
created_at timestamptz not null default now(),
|
|
||||||
unique (claim_id, concept_map_id, relation)
|
|
||||||
);
|
|
||||||
|
|
||||||
create table if not exists public.claim_governance_gate_links (
|
|
||||||
id uuid primary key default gen_random_uuid(),
|
|
||||||
claim_id uuid not null references public.claims(id) on delete cascade,
|
|
||||||
governance_gate_id uuid not null references public.governance_gates(id) on delete cascade,
|
|
||||||
relation text not null check (relation = any (array['supports'::text, 'requires'::text, 'constrains'::text, 'documents'::text])),
|
|
||||||
weight numeric check (weight >= 0 and weight <= 1),
|
|
||||||
rationale text not null,
|
|
||||||
source_ref text,
|
|
||||||
metadata jsonb not null default '{}'::jsonb,
|
|
||||||
created_at timestamptz not null default now(),
|
|
||||||
unique (claim_id, governance_gate_id, relation)
|
|
||||||
);
|
|
||||||
|
|
||||||
create index if not exists claim_concept_map_links_claim
|
|
||||||
on public.claim_concept_map_links (claim_id, relation);
|
|
||||||
create index if not exists claim_concept_map_links_map
|
|
||||||
on public.claim_concept_map_links (concept_map_id, relation);
|
|
||||||
create index if not exists claim_governance_gate_links_claim
|
|
||||||
on public.claim_governance_gate_links (claim_id, relation);
|
|
||||||
create index if not exists claim_governance_gate_links_gate
|
|
||||||
on public.claim_governance_gate_links (governance_gate_id, relation);
|
|
||||||
|
|
||||||
do $$
|
|
||||||
declare
|
|
||||||
inserted_concept_maps int;
|
|
||||||
inserted_concept_links int;
|
|
||||||
inserted_governance_links int;
|
|
||||||
begin
|
|
||||||
if (
|
|
||||||
select count(*) from public.claims where id in (select id from (values
|
|
||||||
('d009dfc4-9755-58a7-affb-80e3e842a775'::uuid),
|
|
||||||
('9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0'::uuid)
|
|
||||||
) as v(id))
|
|
||||||
) <> 2 then
|
|
||||||
raise exception 'governance/concept packet requires mapped base claims to exist before inserts';
|
|
||||||
end if;
|
|
||||||
|
|
||||||
if (
|
|
||||||
select count(*) from public.governance_gates where id in (select id from (values
|
|
||||||
('fa88e31b-6fca-4801-bf72-f5db81950a11'::uuid),
|
|
||||||
('45695897-2a9c-4279-ac25-e59f166dec6a'::uuid)
|
|
||||||
) as v(id))
|
|
||||||
) <> 2 then
|
|
||||||
raise exception 'governance/concept packet requires quality/evidence governance gates to exist';
|
|
||||||
end if;
|
|
||||||
|
|
||||||
if exists (select 1 from public.concept_maps where id = 'f013126c-0937-5bc8-b021-9697e59057d0'::uuid or key = 'distributed_market_intelligence') then
|
|
||||||
raise exception 'governance/concept packet generated concept map already exists';
|
|
||||||
end if;
|
|
||||||
|
|
||||||
if exists (select 1 from public.claim_concept_map_links where id = 'af4ce1b9-db03-5bde-a21b-0e16ca0f48b8'::uuid) then
|
|
||||||
raise exception 'governance/concept packet generated concept link already exists';
|
|
||||||
end if;
|
|
||||||
|
|
||||||
if exists (
|
|
||||||
select 1 from public.claim_governance_gate_links
|
|
||||||
where id in (select id from (values
|
|
||||||
('1f81e105-af5e-5db8-a7be-08cc6cc4e13a'::uuid),
|
|
||||||
('af04a87e-c1da-57e9-b11c-60d79daa5648'::uuid)
|
|
||||||
) as v(id))
|
|
||||||
) then
|
|
||||||
raise exception 'governance/concept packet generated governance link already exists';
|
|
||||||
end if;
|
|
||||||
|
|
||||||
insert into public.concept_maps (id, key, title, body, status, source_ref, metadata)
|
|
||||||
values (
|
|
||||||
'f013126c-0937-5bc8-b021-9697e59057d0'::uuid,
|
|
||||||
'distributed_market_intelligence',
|
|
||||||
'Distributed market intelligence',
|
|
||||||
'A concept map for how capital allocation depends on distributed knowledge, incentives, liquidity, feedback loops, and market signals rather than a single central planner.',
|
|
||||||
'active',
|
|
||||||
'mapped-rich-proposal-14fa5ecc:concept_map:distributed_market_intelligence',
|
|
||||||
'{"base_packet_required_first": "production-apply-packet-mapped-20260709", "proposal_id": "14fa5ecc-ac7a-41c1-807d-a2e85b936617", "source_fragment": "capital_allocation_depends_on_distributed_market_intelligence draws_from concept_map:distributed_market_intelligence"}'::jsonb
|
|
||||||
);
|
|
||||||
get diagnostics inserted_concept_maps = row_count;
|
|
||||||
if inserted_concept_maps <> 1 then
|
|
||||||
raise exception 'governance/concept packet inserted % concept map row(s), expected 1', inserted_concept_maps;
|
|
||||||
end if;
|
|
||||||
|
|
||||||
insert into public.claim_concept_map_links
|
|
||||||
(id, claim_id, concept_map_id, relation, weight, rationale, source_ref, metadata)
|
|
||||||
values
|
|
||||||
('af4ce1b9-db03-5bde-a21b-0e16ca0f48b8'::uuid, 'd009dfc4-9755-58a7-affb-80e3e842a775'::uuid, 'f013126c-0937-5bc8-b021-9697e59057d0'::uuid, 'derives_from', 0.75, 'Mapped proposal 14fa5ecc: the capital-allocation distributed-knowledge claim draws from the distributed market intelligence concept map.', 'mapped-rich-proposal-14fa5ecc:concept_map:distributed_market_intelligence', '{"proposal_id": "14fa5ecc-ac7a-41c1-807d-a2e85b936617"}'::jsonb);
|
|
||||||
get diagnostics inserted_concept_links = row_count;
|
|
||||||
if inserted_concept_links <> 1 then
|
|
||||||
raise exception 'governance/concept packet inserted % concept link row(s), expected 1', inserted_concept_links;
|
|
||||||
end if;
|
|
||||||
|
|
||||||
insert into public.claim_governance_gate_links
|
|
||||||
(id, claim_id, governance_gate_id, relation, weight, rationale, source_ref, metadata)
|
|
||||||
values
|
|
||||||
('1f81e105-af5e-5db8-a7be-08cc6cc4e13a'::uuid, '9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0'::uuid, 'fa88e31b-6fca-4801-bf72-f5db81950a11'::uuid, 'supports', 0.85, 'Specific enough to disagree with requires more than a compressed headline for ambiguous claims.', 'mapped-rich-proposal-ac036c9d:governance_gate:quality-gate', '{"proposal_id": "ac036c9d-20a0-4ffe-881f-57d6b7bacf22"}'::jsonb),
|
|
||||||
('af04a87e-c1da-57e9-b11c-60d79daa5648'::uuid, '9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0'::uuid, '45695897-2a9c-4279-ac25-e59f166dec6a'::uuid, 'supports', 0.85, 'Bodies can state the true evidence tier and scope limits.', 'mapped-rich-proposal-ac036c9d:governance_gate:evidence-bar', '{"proposal_id": "ac036c9d-20a0-4ffe-881f-57d6b7bacf22"}'::jsonb);
|
|
||||||
get diagnostics inserted_governance_links = row_count;
|
|
||||||
if inserted_governance_links <> 2 then
|
|
||||||
raise exception 'governance/concept packet inserted % governance link row(s), expected 2', inserted_governance_links;
|
|
||||||
end if;
|
|
||||||
end $$;
|
|
||||||
|
|
||||||
commit;
|
|
||||||
|
|
@ -1,128 +0,0 @@
|
||||||
\set ON_ERROR_STOP on
|
|
||||||
begin;
|
|
||||||
|
|
||||||
create table if not exists public.concept_maps (
|
|
||||||
id uuid primary key default gen_random_uuid(),
|
|
||||||
key text not null unique,
|
|
||||||
title text not null,
|
|
||||||
body text not null,
|
|
||||||
status text not null default 'active' check (status = any (array['draft'::text, 'active'::text, 'retired'::text])),
|
|
||||||
source_ref text,
|
|
||||||
metadata jsonb not null default '{}'::jsonb,
|
|
||||||
created_at timestamptz not null default now(),
|
|
||||||
updated_at timestamptz not null default now()
|
|
||||||
);
|
|
||||||
|
|
||||||
create table if not exists public.claim_concept_map_links (
|
|
||||||
id uuid primary key default gen_random_uuid(),
|
|
||||||
claim_id uuid not null references public.claims(id) on delete cascade,
|
|
||||||
concept_map_id uuid not null references public.concept_maps(id) on delete cascade,
|
|
||||||
relation text not null check (relation = any (array['derives_from'::text, 'supports'::text, 'contextualizes'::text, 'contains'::text, 'requires'::text, 'relates'::text])),
|
|
||||||
weight numeric check (weight >= 0 and weight <= 1),
|
|
||||||
rationale text not null,
|
|
||||||
source_ref text,
|
|
||||||
metadata jsonb not null default '{}'::jsonb,
|
|
||||||
created_at timestamptz not null default now(),
|
|
||||||
unique (claim_id, concept_map_id, relation)
|
|
||||||
);
|
|
||||||
|
|
||||||
create table if not exists public.claim_governance_gate_links (
|
|
||||||
id uuid primary key default gen_random_uuid(),
|
|
||||||
claim_id uuid not null references public.claims(id) on delete cascade,
|
|
||||||
governance_gate_id uuid not null references public.governance_gates(id) on delete cascade,
|
|
||||||
relation text not null check (relation = any (array['supports'::text, 'requires'::text, 'constrains'::text, 'documents'::text])),
|
|
||||||
weight numeric check (weight >= 0 and weight <= 1),
|
|
||||||
rationale text not null,
|
|
||||||
source_ref text,
|
|
||||||
metadata jsonb not null default '{}'::jsonb,
|
|
||||||
created_at timestamptz not null default now(),
|
|
||||||
unique (claim_id, governance_gate_id, relation)
|
|
||||||
);
|
|
||||||
|
|
||||||
create index if not exists claim_concept_map_links_claim
|
|
||||||
on public.claim_concept_map_links (claim_id, relation);
|
|
||||||
create index if not exists claim_concept_map_links_map
|
|
||||||
on public.claim_concept_map_links (concept_map_id, relation);
|
|
||||||
create index if not exists claim_governance_gate_links_claim
|
|
||||||
on public.claim_governance_gate_links (claim_id, relation);
|
|
||||||
create index if not exists claim_governance_gate_links_gate
|
|
||||||
on public.claim_governance_gate_links (governance_gate_id, relation);
|
|
||||||
|
|
||||||
do $$
|
|
||||||
declare
|
|
||||||
inserted_concept_maps int;
|
|
||||||
inserted_concept_links int;
|
|
||||||
inserted_governance_links int;
|
|
||||||
begin
|
|
||||||
if (
|
|
||||||
select count(*) from public.claims where id in (select id from (values
|
|
||||||
('d009dfc4-9755-58a7-affb-80e3e842a775'::uuid),
|
|
||||||
('9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0'::uuid)
|
|
||||||
) as v(id))
|
|
||||||
) <> 2 then
|
|
||||||
raise exception 'governance/concept packet requires mapped base claims to exist before inserts';
|
|
||||||
end if;
|
|
||||||
|
|
||||||
if (
|
|
||||||
select count(*) from public.governance_gates where id in (select id from (values
|
|
||||||
('fa88e31b-6fca-4801-bf72-f5db81950a11'::uuid),
|
|
||||||
('45695897-2a9c-4279-ac25-e59f166dec6a'::uuid)
|
|
||||||
) as v(id))
|
|
||||||
) <> 2 then
|
|
||||||
raise exception 'governance/concept packet requires quality/evidence governance gates to exist';
|
|
||||||
end if;
|
|
||||||
|
|
||||||
if exists (select 1 from public.concept_maps where id = 'f013126c-0937-5bc8-b021-9697e59057d0'::uuid or key = 'distributed_market_intelligence') then
|
|
||||||
raise exception 'governance/concept packet generated concept map already exists';
|
|
||||||
end if;
|
|
||||||
|
|
||||||
if exists (select 1 from public.claim_concept_map_links where id = 'af4ce1b9-db03-5bde-a21b-0e16ca0f48b8'::uuid) then
|
|
||||||
raise exception 'governance/concept packet generated concept link already exists';
|
|
||||||
end if;
|
|
||||||
|
|
||||||
if exists (
|
|
||||||
select 1 from public.claim_governance_gate_links
|
|
||||||
where id in (select id from (values
|
|
||||||
('1f81e105-af5e-5db8-a7be-08cc6cc4e13a'::uuid),
|
|
||||||
('af04a87e-c1da-57e9-b11c-60d79daa5648'::uuid)
|
|
||||||
) as v(id))
|
|
||||||
) then
|
|
||||||
raise exception 'governance/concept packet generated governance link already exists';
|
|
||||||
end if;
|
|
||||||
|
|
||||||
insert into public.concept_maps (id, key, title, body, status, source_ref, metadata)
|
|
||||||
values (
|
|
||||||
'f013126c-0937-5bc8-b021-9697e59057d0'::uuid,
|
|
||||||
'distributed_market_intelligence',
|
|
||||||
'Distributed market intelligence',
|
|
||||||
'A concept map for how capital allocation depends on distributed knowledge, incentives, liquidity, feedback loops, and market signals rather than a single central planner.',
|
|
||||||
'active',
|
|
||||||
'mapped-rich-proposal-14fa5ecc:concept_map:distributed_market_intelligence',
|
|
||||||
'{"base_packet_required_first": "production-apply-packet-mapped-20260709", "proposal_id": "14fa5ecc-ac7a-41c1-807d-a2e85b936617", "source_fragment": "capital_allocation_depends_on_distributed_market_intelligence draws_from concept_map:distributed_market_intelligence"}'::jsonb
|
|
||||||
);
|
|
||||||
get diagnostics inserted_concept_maps = row_count;
|
|
||||||
if inserted_concept_maps <> 1 then
|
|
||||||
raise exception 'governance/concept packet inserted % concept map row(s), expected 1', inserted_concept_maps;
|
|
||||||
end if;
|
|
||||||
|
|
||||||
insert into public.claim_concept_map_links
|
|
||||||
(id, claim_id, concept_map_id, relation, weight, rationale, source_ref, metadata)
|
|
||||||
values
|
|
||||||
('af4ce1b9-db03-5bde-a21b-0e16ca0f48b8'::uuid, 'd009dfc4-9755-58a7-affb-80e3e842a775'::uuid, 'f013126c-0937-5bc8-b021-9697e59057d0'::uuid, 'derives_from', 0.75, 'Mapped proposal 14fa5ecc: the capital-allocation distributed-knowledge claim draws from the distributed market intelligence concept map.', 'mapped-rich-proposal-14fa5ecc:concept_map:distributed_market_intelligence', '{"proposal_id": "14fa5ecc-ac7a-41c1-807d-a2e85b936617"}'::jsonb);
|
|
||||||
get diagnostics inserted_concept_links = row_count;
|
|
||||||
if inserted_concept_links <> 1 then
|
|
||||||
raise exception 'governance/concept packet inserted % concept link row(s), expected 1', inserted_concept_links;
|
|
||||||
end if;
|
|
||||||
|
|
||||||
insert into public.claim_governance_gate_links
|
|
||||||
(id, claim_id, governance_gate_id, relation, weight, rationale, source_ref, metadata)
|
|
||||||
values
|
|
||||||
('1f81e105-af5e-5db8-a7be-08cc6cc4e13a'::uuid, '9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0'::uuid, 'fa88e31b-6fca-4801-bf72-f5db81950a11'::uuid, 'supports', 0.85, 'Specific enough to disagree with requires more than a compressed headline for ambiguous claims.', 'mapped-rich-proposal-ac036c9d:governance_gate:quality-gate', '{"proposal_id": "ac036c9d-20a0-4ffe-881f-57d6b7bacf22"}'::jsonb),
|
|
||||||
('af04a87e-c1da-57e9-b11c-60d79daa5648'::uuid, '9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0'::uuid, '45695897-2a9c-4279-ac25-e59f166dec6a'::uuid, 'supports', 0.85, 'Bodies can state the true evidence tier and scope limits.', 'mapped-rich-proposal-ac036c9d:governance_gate:evidence-bar', '{"proposal_id": "ac036c9d-20a0-4ffe-881f-57d6b7bacf22"}'::jsonb);
|
|
||||||
get diagnostics inserted_governance_links = row_count;
|
|
||||||
if inserted_governance_links <> 2 then
|
|
||||||
raise exception 'governance/concept packet inserted % governance link row(s), expected 2', inserted_governance_links;
|
|
||||||
end if;
|
|
||||||
end $$;
|
|
||||||
|
|
||||||
rollback;
|
|
||||||
|
|
@ -1,181 +0,0 @@
|
||||||
=== service before ===
|
|
||||||
MainPID=3252143
|
|
||||||
NRestarts=0
|
|
||||||
ActiveState=active
|
|
||||||
SubState=running
|
|
||||||
=== production schema/counts before ===
|
|
||||||
prod_concept_maps | prod_claim_concept_map_links | prod_claim_governance_gate_links | prod_base_claims
|
|
||||||
-------------------+------------------------------+----------------------------------+------------------
|
|
||||||
| | | 0
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
=== create disposable clone ===
|
|
||||||
=== clone apply mapped base packet ===
|
|
||||||
BEGIN
|
|
||||||
SET
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
COMMIT
|
|
||||||
BEGIN
|
|
||||||
SET
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
COMMIT
|
|
||||||
=== clone base generated counts after base apply ===
|
|
||||||
clone_base_claims | clone_concept_maps | clone_claim_concept_map_links | clone_claim_governance_gate_links
|
|
||||||
-------------------+--------------------+-------------------------------+-----------------------------------
|
|
||||||
7 | | |
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
=== clone governance/concept preflight after base apply ===
|
|
||||||
check_name | name | regclass
|
|
||||||
--------------+------------------------------------+----------
|
|
||||||
schema_table | public.concept_maps |
|
|
||||||
schema_table | public.claim_concept_map_links |
|
|
||||||
schema_table | public.claim_governance_gate_links |
|
|
||||||
(3 rows)
|
|
||||||
|
|
||||||
check_name | id | status | text
|
|
||||||
---------------------+--------------------------------------+--------+-------------------------------------------------------------------------------------------------
|
|
||||||
required_base_claim | 9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0 | open | KB claim nodes need explanatory bodies, not only one-sentence headlines.
|
|
||||||
required_base_claim | d009dfc4-9755-58a7-affb-80e3e842a775 | open | Capital allocation depends on distributed knowledge, incentives, liquidity, and feedback loops.
|
|
||||||
(2 rows)
|
|
||||||
|
|
||||||
check_name | id | name | criteria | evidence_bar
|
|
||||||
--------------------------+--------------------------------------+--------------+------------------------------------------------------------------------------------------------------------+-------------------------------------
|
|
||||||
required_governance_gate | 45695897-2a9c-4279-ac25-e59f166dec6a | evidence-bar | likely needs empirical data; experimental = coherent argument, limited validation; speculative = untested. | likely > experimental > speculative
|
|
||||||
required_governance_gate | fa88e31b-6fca-4801-bf72-f5db81950a11 | quality-gate | Specific enough to disagree with; evidence traceable; not a duplicate; right domain reviewers. |
|
|
||||||
(2 rows)
|
|
||||||
|
|
||||||
=== clone apply governance/concept packet ===
|
|
||||||
BEGIN
|
|
||||||
CREATE TABLE
|
|
||||||
CREATE TABLE
|
|
||||||
CREATE TABLE
|
|
||||||
CREATE INDEX
|
|
||||||
CREATE INDEX
|
|
||||||
CREATE INDEX
|
|
||||||
CREATE INDEX
|
|
||||||
DO
|
|
||||||
COMMIT
|
|
||||||
=== clone governance/concept postflight after apply ===
|
|
||||||
generated_concept_map_rows | generated_concept_link_rows | generated_governance_link_rows
|
|
||||||
----------------------------+-----------------------------+--------------------------------
|
|
||||||
1 | 1 | 2
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
id | key | title | status | source_ref | metadata
|
|
||||||
--------------------------------------+---------------------------------+---------------------------------+--------+---------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
|
|
||||||
f013126c-0937-5bc8-b021-9697e59057d0 | distributed_market_intelligence | Distributed market intelligence | active | mapped-rich-proposal-14fa5ecc:concept_map:distributed_market_intelligence | {"proposal_id": "14fa5ecc-ac7a-41c1-807d-a2e85b936617", "source_fragment": "capital_allocation_depends_on_distributed_market_intelligence draws_from concept_map:distributed_market_intelligence", "base_packet_required_first": "production-apply-packet-mapped-20260709"}
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
id | claim_id | concept_map_id | relation | weight | rationale | source_ref
|
|
||||||
--------------------------------------+--------------------------------------+--------------------------------------+--------------+--------+------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------
|
|
||||||
af4ce1b9-db03-5bde-a21b-0e16ca0f48b8 | d009dfc4-9755-58a7-affb-80e3e842a775 | f013126c-0937-5bc8-b021-9697e59057d0 | derives_from | 0.75 | Mapped proposal 14fa5ecc: the capital-allocation distributed-knowledge claim draws from the distributed market intelligence concept map. | mapped-rich-proposal-14fa5ecc:concept_map:distributed_market_intelligence
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
id | claim_id | governance_gate_id | relation | weight | rationale | source_ref
|
|
||||||
--------------------------------------+--------------------------------------+--------------------------------------+----------+--------+-------------------------------------------------------------------------------------------------+------------------------------------------------------------
|
|
||||||
af04a87e-c1da-57e9-b11c-60d79daa5648 | 9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0 | 45695897-2a9c-4279-ac25-e59f166dec6a | supports | 0.85 | Bodies can state the true evidence tier and scope limits. | mapped-rich-proposal-ac036c9d:governance_gate:evidence-bar
|
|
||||||
1f81e105-af5e-5db8-a7be-08cc6cc4e13a | 9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0 | fa88e31b-6fca-4801-bf72-f5db81950a11 | supports | 0.85 | Specific enough to disagree with requires more than a compressed headline for ambiguous claims. | mapped-rich-proposal-ac036c9d:governance_gate:quality-gate
|
|
||||||
(2 rows)
|
|
||||||
|
|
||||||
=== clone generated counts after governance/concept apply ===
|
|
||||||
clone_base_claims | clone_concept_maps | clone_concept_links | clone_governance_links
|
|
||||||
-------------------+--------------------+---------------------+------------------------
|
|
||||||
7 | 1 | 1 | 2
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
=== clone delete rollback governance/concept packet ===
|
|
||||||
BEGIN
|
|
||||||
DELETE 2
|
|
||||||
DELETE 1
|
|
||||||
DELETE 1
|
|
||||||
DO
|
|
||||||
COMMIT
|
|
||||||
=== clone schema readback after governance/concept rollback ===
|
|
||||||
clone_concept_maps | clone_claim_concept_map_links | clone_claim_governance_gate_links
|
|
||||||
--------------------+-------------------------------+-----------------------------------
|
|
||||||
| |
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
=== clone delete rollback mapped base packet ===
|
|
||||||
BEGIN
|
|
||||||
DELETE 17
|
|
||||||
DELETE 11
|
|
||||||
UPDATE 2
|
|
||||||
DELETE 15
|
|
||||||
DELETE 7
|
|
||||||
COMMIT
|
|
||||||
=== clone generated counts after all rollbacks ===
|
|
||||||
clone_base_claims | clone_concept_maps | clone_claim_concept_map_links | clone_claim_governance_gate_links
|
|
||||||
-------------------+--------------------+-------------------------------+-----------------------------------
|
|
||||||
0 | | |
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
=== production schema/counts after clone proof ===
|
|
||||||
prod_concept_maps | prod_claim_concept_map_links | prod_claim_governance_gate_links | prod_base_claims
|
|
||||||
-------------------+------------------------------+----------------------------------+------------------
|
|
||||||
| | | 0
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
=== cleanup disposable clone and temp files ===
|
|
||||||
=== cleanup readback ===
|
|
||||||
disposable_db_exists
|
|
||||||
----------------------
|
|
||||||
0
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
host_tmp_removed=yes
|
|
||||||
container_tmp_removed=yes
|
|
||||||
=== service after ===
|
|
||||||
MainPID=3252143
|
|
||||||
NRestarts=0
|
|
||||||
ActiveState=active
|
|
||||||
SubState=running
|
|
||||||
|
|
@ -1,67 +0,0 @@
|
||||||
# Governance And Concept Map Packet - 2026-07-10
|
|
||||||
|
|
||||||
Generated UTC: `2026-07-10`
|
|
||||||
|
|
||||||
## Verdict
|
|
||||||
|
|
||||||
Clone-proven, not production-applied.
|
|
||||||
|
|
||||||
The live VPS schema had `public.governance_gates` but no canonical table linking claims to those gates, and no first-class concept-map table. This packet creates the minimal schema needed for the final non-claim fragments from the mapped rich proposals, then inserts exact row-level links after the mapped base packet exists.
|
|
||||||
|
|
||||||
## Schema Created In Clone
|
|
||||||
|
|
||||||
- `public.concept_maps`
|
|
||||||
- `public.claim_concept_map_links`
|
|
||||||
- `public.claim_governance_gate_links`
|
|
||||||
|
|
||||||
## Safe Writes
|
|
||||||
|
|
||||||
- `public.concept_maps`: 1 row
|
|
||||||
- `f013126c-0937-5bc8-b021-9697e59057d0`: `distributed_market_intelligence`
|
|
||||||
- `public.claim_concept_map_links`: 1 row
|
|
||||||
- Claim `d009dfc4-9755-58a7-affb-80e3e842a775` derives from concept map `f013126c-0937-5bc8-b021-9697e59057d0`
|
|
||||||
- `public.claim_governance_gate_links`: 2 rows
|
|
||||||
- Claim `9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0` supports quality gate `fa88e31b-6fca-4801-bf72-f5db81950a11`
|
|
||||||
- Claim `9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0` supports evidence bar `45695897-2a9c-4279-ac25-e59f166dec6a`
|
|
||||||
|
|
||||||
## Clone Proof
|
|
||||||
|
|
||||||
Disposable database: `teleo_governance_concept_rehearsal_20260710`
|
|
||||||
|
|
||||||
Sequence:
|
|
||||||
|
|
||||||
1. Created a disposable clone from live `teleo` using `pg_dump | psql`.
|
|
||||||
2. Applied the mapped base packet in the clone: `7` generated claims.
|
|
||||||
3. Ran governance/concept preflight:
|
|
||||||
- schema tables did not already exist.
|
|
||||||
- required base claims existed.
|
|
||||||
- required governance gates existed.
|
|
||||||
4. Ran governance/concept authorized commit SQL in the clone.
|
|
||||||
5. Postflight read back `1` concept map, `1` concept link, and `2` governance-gate links.
|
|
||||||
6. Ran governance/concept delete rollback.
|
|
||||||
7. Rollback removed generated rows and dropped the generated schema tables because they were empty.
|
|
||||||
8. Ran mapped base packet delete rollback.
|
|
||||||
9. Clone returned to `0` base claims and no generated governance/concept tables.
|
|
||||||
10. Production stayed unchanged: no generated governance/concept tables and `0` base generated claims.
|
|
||||||
11. Dropped the disposable DB and removed host/container temp files.
|
|
||||||
|
|
||||||
Cleanup readback:
|
|
||||||
|
|
||||||
- `disposable_db_exists`: `0`
|
|
||||||
- host tmp removed: yes
|
|
||||||
- container tmp removed: yes
|
|
||||||
- `leoclean-gateway.service`: `active`
|
|
||||||
- `MainPID`: `3252143`
|
|
||||||
- `NRestarts`: `0`
|
|
||||||
|
|
||||||
## Evidence
|
|
||||||
|
|
||||||
- Packet JSON: `docs/reports/leo-working-state-20260709/governance-concept-packet.json`
|
|
||||||
- Authorized commit SQL, not executed in production: `docs/reports/leo-working-state-20260709/governance-concept-apply-authorized-commit.sql`
|
|
||||||
- Delete rollback SQL: `docs/reports/leo-working-state-20260709/governance-concept-delete-rollback.sql`
|
|
||||||
- Clone rehearsal log: `docs/reports/leo-working-state-20260709/governance-concept-clone-rehearsal-current.log`
|
|
||||||
- State image: `docs/reports/leo-working-state-20260709/leo-db-state-24-governance-concept-schema.svg`
|
|
||||||
|
|
||||||
## Claim Ceiling
|
|
||||||
|
|
||||||
This proves the remaining governance-gate and concept-map fragments are representable with a minimal schema packet and reversible in a disposable clone after the mapped base packet exists. It does not prove production has been updated, because production commit was intentionally not executed.
|
|
||||||
|
|
@ -1,36 +0,0 @@
|
||||||
\set ON_ERROR_STOP on
|
|
||||||
-- Emergency rollback for governance/concept generated rows only.
|
|
||||||
-- Drops generated schema only when the generated tables are empty after row delete.
|
|
||||||
begin;
|
|
||||||
|
|
||||||
delete from public.claim_governance_gate_links
|
|
||||||
where id in (select id from (values
|
|
||||||
('1f81e105-af5e-5db8-a7be-08cc6cc4e13a'::uuid),
|
|
||||||
('af04a87e-c1da-57e9-b11c-60d79daa5648'::uuid)
|
|
||||||
) as v(id));
|
|
||||||
|
|
||||||
delete from public.claim_concept_map_links
|
|
||||||
where id = 'af4ce1b9-db03-5bde-a21b-0e16ca0f48b8'::uuid;
|
|
||||||
|
|
||||||
delete from public.concept_maps
|
|
||||||
where id = 'f013126c-0937-5bc8-b021-9697e59057d0'::uuid;
|
|
||||||
|
|
||||||
do $$
|
|
||||||
begin
|
|
||||||
if to_regclass('public.claim_governance_gate_links') is not null
|
|
||||||
and not exists (select 1 from public.claim_governance_gate_links) then
|
|
||||||
drop table public.claim_governance_gate_links;
|
|
||||||
end if;
|
|
||||||
|
|
||||||
if to_regclass('public.claim_concept_map_links') is not null
|
|
||||||
and not exists (select 1 from public.claim_concept_map_links) then
|
|
||||||
drop table public.claim_concept_map_links;
|
|
||||||
end if;
|
|
||||||
|
|
||||||
if to_regclass('public.concept_maps') is not null
|
|
||||||
and not exists (select 1 from public.concept_maps) then
|
|
||||||
drop table public.concept_maps;
|
|
||||||
end if;
|
|
||||||
end $$;
|
|
||||||
|
|
||||||
commit;
|
|
||||||
|
|
@ -1,100 +0,0 @@
|
||||||
{
|
|
||||||
"base_packet_required_first": "production-apply-packet-mapped-20260709",
|
|
||||||
"generated_counts": {
|
|
||||||
"claim_concept_map_links": 1,
|
|
||||||
"claim_governance_gate_links": 2,
|
|
||||||
"concept_maps": 1
|
|
||||||
},
|
|
||||||
"packet_version": 1,
|
|
||||||
"production_apply_status": "not_executed",
|
|
||||||
"purpose": "Companion packet for mapped rich proposal governance-gate and concept-map targets.",
|
|
||||||
"represented_fragments": [
|
|
||||||
"capital_allocation_depends_on_distributed_market_intelligence draws_from concept_map:distributed_market_intelligence",
|
|
||||||
"claim_nodes_need_bodies supports governance_gate:quality-gate",
|
|
||||||
"claim_nodes_need_bodies supports governance_gate:evidence-bar"
|
|
||||||
],
|
|
||||||
"required_existing_rows": {
|
|
||||||
"public.claims": [
|
|
||||||
"d009dfc4-9755-58a7-affb-80e3e842a775",
|
|
||||||
"9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0"
|
|
||||||
],
|
|
||||||
"public.governance_gates": [
|
|
||||||
"fa88e31b-6fca-4801-bf72-f5db81950a11",
|
|
||||||
"45695897-2a9c-4279-ac25-e59f166dec6a"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"safe_writes": [
|
|
||||||
{
|
|
||||||
"operation": "insert",
|
|
||||||
"rows": [
|
|
||||||
{
|
|
||||||
"body": "A concept map for how capital allocation depends on distributed knowledge, incentives, liquidity, feedback loops, and market signals rather than a single central planner.",
|
|
||||||
"id": "f013126c-0937-5bc8-b021-9697e59057d0",
|
|
||||||
"key": "distributed_market_intelligence",
|
|
||||||
"metadata": {
|
|
||||||
"base_packet_required_first": "production-apply-packet-mapped-20260709",
|
|
||||||
"proposal_id": "14fa5ecc-ac7a-41c1-807d-a2e85b936617",
|
|
||||||
"source_fragment": "capital_allocation_depends_on_distributed_market_intelligence draws_from concept_map:distributed_market_intelligence"
|
|
||||||
},
|
|
||||||
"source_ref": "mapped-rich-proposal-14fa5ecc:concept_map:distributed_market_intelligence",
|
|
||||||
"status": "active",
|
|
||||||
"title": "Distributed market intelligence"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"table": "public.concept_maps"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "insert",
|
|
||||||
"rows": [
|
|
||||||
{
|
|
||||||
"claim_id": "d009dfc4-9755-58a7-affb-80e3e842a775",
|
|
||||||
"concept_map_id": "f013126c-0937-5bc8-b021-9697e59057d0",
|
|
||||||
"id": "af4ce1b9-db03-5bde-a21b-0e16ca0f48b8",
|
|
||||||
"metadata": {
|
|
||||||
"proposal_id": "14fa5ecc-ac7a-41c1-807d-a2e85b936617"
|
|
||||||
},
|
|
||||||
"rationale": "Mapped proposal 14fa5ecc: the capital-allocation distributed-knowledge claim draws from the distributed market intelligence concept map.",
|
|
||||||
"relation": "derives_from",
|
|
||||||
"source_ref": "mapped-rich-proposal-14fa5ecc:concept_map:distributed_market_intelligence",
|
|
||||||
"weight": 0.75
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"table": "public.claim_concept_map_links"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"operation": "insert",
|
|
||||||
"rows": [
|
|
||||||
{
|
|
||||||
"claim_id": "9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0",
|
|
||||||
"governance_gate_id": "fa88e31b-6fca-4801-bf72-f5db81950a11",
|
|
||||||
"id": "1f81e105-af5e-5db8-a7be-08cc6cc4e13a",
|
|
||||||
"metadata": {
|
|
||||||
"proposal_id": "ac036c9d-20a0-4ffe-881f-57d6b7bacf22"
|
|
||||||
},
|
|
||||||
"rationale": "Specific enough to disagree with requires more than a compressed headline for ambiguous claims.",
|
|
||||||
"relation": "supports",
|
|
||||||
"source_ref": "mapped-rich-proposal-ac036c9d:governance_gate:quality-gate",
|
|
||||||
"weight": 0.85
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"claim_id": "9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0",
|
|
||||||
"governance_gate_id": "45695897-2a9c-4279-ac25-e59f166dec6a",
|
|
||||||
"id": "af04a87e-c1da-57e9-b11c-60d79daa5648",
|
|
||||||
"metadata": {
|
|
||||||
"proposal_id": "ac036c9d-20a0-4ffe-881f-57d6b7bacf22"
|
|
||||||
},
|
|
||||||
"rationale": "Bodies can state the true evidence tier and scope limits.",
|
|
||||||
"relation": "supports",
|
|
||||||
"source_ref": "mapped-rich-proposal-ac036c9d:governance_gate:evidence-bar",
|
|
||||||
"weight": 0.85
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"table": "public.claim_governance_gate_links"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"schema_writes": [
|
|
||||||
"public.concept_maps",
|
|
||||||
"public.claim_concept_map_links",
|
|
||||||
"public.claim_governance_gate_links"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
@ -1,39 +0,0 @@
|
||||||
\set ON_ERROR_STOP on
|
|
||||||
-- Governance/concept companion postflight row-level readback.
|
|
||||||
|
|
||||||
select
|
|
||||||
(select count(*) from public.concept_maps where id = 'f013126c-0937-5bc8-b021-9697e59057d0'::uuid) as generated_concept_map_rows,
|
|
||||||
(select count(*) from public.claim_concept_map_links where id = 'af4ce1b9-db03-5bde-a21b-0e16ca0f48b8'::uuid) as generated_concept_link_rows,
|
|
||||||
(select count(*) from public.claim_governance_gate_links where id in (select id from (values
|
|
||||||
('1f81e105-af5e-5db8-a7be-08cc6cc4e13a'::uuid),
|
|
||||||
('af04a87e-c1da-57e9-b11c-60d79daa5648'::uuid)
|
|
||||||
) as v(id))) as generated_governance_link_rows;
|
|
||||||
|
|
||||||
|
|
||||||
select id::text, key, title, status, source_ref, metadata::text
|
|
||||||
from public.concept_maps
|
|
||||||
where id = 'f013126c-0937-5bc8-b021-9697e59057d0'::uuid;
|
|
||||||
|
|
||||||
select id::text,
|
|
||||||
claim_id::text,
|
|
||||||
concept_map_id::text,
|
|
||||||
relation,
|
|
||||||
weight,
|
|
||||||
left(rationale, 220) as rationale,
|
|
||||||
source_ref
|
|
||||||
from public.claim_concept_map_links
|
|
||||||
where id = 'af4ce1b9-db03-5bde-a21b-0e16ca0f48b8'::uuid;
|
|
||||||
|
|
||||||
select id::text,
|
|
||||||
claim_id::text,
|
|
||||||
governance_gate_id::text,
|
|
||||||
relation,
|
|
||||||
weight,
|
|
||||||
left(rationale, 220) as rationale,
|
|
||||||
source_ref
|
|
||||||
from public.claim_governance_gate_links
|
|
||||||
where id in (select id from (values
|
|
||||||
('1f81e105-af5e-5db8-a7be-08cc6cc4e13a'::uuid),
|
|
||||||
('af04a87e-c1da-57e9-b11c-60d79daa5648'::uuid)
|
|
||||||
) as v(id))
|
|
||||||
order by governance_gate_id;
|
|
||||||
|
|
@ -1,33 +0,0 @@
|
||||||
\set ON_ERROR_STOP on
|
|
||||||
-- Governance/concept companion preflight. Read-only.
|
|
||||||
-- Run after the mapped rich proposal packet has been applied.
|
|
||||||
|
|
||||||
select 'schema_table' as check_name, name, to_regclass(name) as regclass
|
|
||||||
from (values
|
|
||||||
('public.concept_maps'),
|
|
||||||
('public.claim_concept_map_links'),
|
|
||||||
('public.claim_governance_gate_links')
|
|
||||||
) as v(name);
|
|
||||||
|
|
||||||
select 'required_base_claim' as check_name,
|
|
||||||
c.id::text,
|
|
||||||
c.status,
|
|
||||||
left(c.text, 220) as text
|
|
||||||
from public.claims c
|
|
||||||
where c.id in (select id from (values
|
|
||||||
('d009dfc4-9755-58a7-affb-80e3e842a775'::uuid),
|
|
||||||
('9bcf7e6b-4e98-52b1-91ef-96cfc15e3df0'::uuid)
|
|
||||||
) as v(id))
|
|
||||||
order by c.id;
|
|
||||||
|
|
||||||
select 'required_governance_gate' as check_name,
|
|
||||||
id::text,
|
|
||||||
name,
|
|
||||||
left(criteria, 180) as criteria,
|
|
||||||
left(evidence_bar, 180) as evidence_bar
|
|
||||||
from public.governance_gates
|
|
||||||
where id in (select id from (values
|
|
||||||
('fa88e31b-6fca-4801-bf72-f5db81950a11'::uuid),
|
|
||||||
('45695897-2a9c-4279-ac25-e59f166dec6a'::uuid)
|
|
||||||
) as v(id))
|
|
||||||
order by name;
|
|
||||||
|
|
@ -1,195 +0,0 @@
|
||||||
__CLONE_PREFLIGHT__
|
|
||||||
id | status | proposal_type | reviewed_by_handle | reviewed_at
|
|
||||||
--------------------------------------+----------+-----------------+--------------------+-------------------------------
|
|
||||||
a64df080-8502-42e2-98f4-9bbdecb8da73 | approved | attach_evidence | m3taversal | 2026-06-29 16:32:39.431004+00
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
check_name | id | reason
|
|
||||||
------------+----+--------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
expected_reasoning_tools | expected_claims | expected_sources | expected_claim_edges | expected_claim_evidence
|
|
||||||
--------------------------+-----------------+------------------+----------------------+-------------------------
|
|
||||||
1 | 5 | 13 | 7 | 17
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
generated_reasoning_tool_rows | generated_claim_rows | generated_source_rows | generated_edge_rows | generated_evidence_rows
|
|
||||||
-------------------------------+----------------------+-----------------------+---------------------+-------------------------
|
|
||||||
0 | 0 | 0 | 0 | 0
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
__CLONE_COMMIT__
|
|
||||||
BEGIN
|
|
||||||
SET
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
COMMIT
|
|
||||||
__CLONE_POSTFLIGHT__
|
|
||||||
generated_reasoning_tool_rows | generated_claim_rows | generated_source_rows | generated_edge_rows | generated_evidence_rows
|
|
||||||
-------------------------------+----------------------+-----------------------+---------------------+-------------------------
|
|
||||||
1 | 5 | 13 | 7 | 17
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
id | agent_id | name | category | description
|
|
||||||
--------------------------------------+--------------------------------------+-----------------+--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
|
|
||||||
473ba7b0-ce44-5e77-bc46-ef82a49b6a3e | 11111111-1111-1111-1111-111111111111 | Helmer 7 Powers | strategy_framework | {"approval_change_log": [{"change": "Removed proposed claim #6 / teleo_power_candidate_is_credibility_and_process_not_control from this framework proposal.", "rationale": "It applies 7 Powers downstream to Teleo self-positioning; approving the framework should not accidentally approve Teleo-as-network-economies / Teleo-as-process-power claims."}, {"change": "Added competitive advantage / moats conceptual-neighborhood links for resolution.", "rationale": "7 Powers should sit in the competitive ad
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
id | type | confidence | text
|
|
||||||
--------------------------------------+------------+------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
|
|
||||||
12d2c4aa-1c23-5173-b666-dea903dd7432 | normative | 0.65 | Leo should use 7 Powers after inflection mapping and attractor-state analysis to distinguish builders who merely benefit from a wave from builders who can durably capture and compound value from that wave.
|
|
||||||
23927224-0d72-5b37-a600-33c63277f6a9 | structural | 0.8 | Helmer's 7 Powers framework diagnoses durable value capture only when a company has both a material benefit and a barrier that prevents motivated capable competitors from arbitraging that benefit away.
|
|
||||||
4701f303-ca9c-5da1-aa48-8cf28189c23c | structural | 0.7 | Power must be analyzed by lifecycle stage because different powers become available in Origination, Take-Off, and Stability, and the window to establish a power can close as market flux resolves.
|
|
||||||
6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3 | structural | 0.7 | Network effects create product value but do not become network economies power unless they also prevent competitors from reaching equivalence and let the focal actor capture surplus.
|
|
||||||
d2b2142b-c2d8-5e33-9a38-14598d94d715 | structural | 0.75 | Counter-positioning is most useful near inflection points because entrants can adopt a superior model while incumbents rationally delay imitation to avoid damaging their existing economics, channels, or identity.
|
|
||||||
(5 rows)
|
|
||||||
|
|
||||||
id | source_type | excerpt
|
|
||||||
--------------------------------------+-------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
|
|
||||||
02b8c5ff-04fb-54e7-b132-e731086f1436 | other | {"excerpt": "Canonical source for the seven powers framework; source of definitions, benefit/barrier logic, Power Progression, and company examples. Full text not ingested in this run; use book/page references if availab
|
|
||||||
0c87a244-afa2-5d08-8e79-9cb792aff553 | other | {"body": null, "candidate_review_note": null, "claim_key": "agentic_capital_needs_power_analysis", "edges": [{"edge_type": "supports", "rationale": "7 Powers operationalizes scarcity/value-capture analysis for builder ev
|
|
||||||
11fa942d-e81a-5142-965d-3c60714a7dca | other | {"body": null, "candidate_review_note": null, "claim_key": "counter_positioning_is_early_inflection_power", "edges": [{"edge_type": "relates", "rationale": "Counter-positioning exploits path dependence and incumbent comm
|
|
||||||
263f423e-c16f-544c-ae5f-3e370e736e12 | other | {"body": null, "candidate_review_note": null, "claim_key": "network_effects_do_not_equal_network_power", "edges": [{"edge_type": "relates", "rationale": "Commercial network effects can be self-enforcing only when they al
|
|
||||||
2df4bb44-4853-5455-8049-6dbb8685523b | transcript | {"excerpt": "Chenyi Shi frames platform power through three questions: how economic value is created, how each customer group perceives value as the platform scales, and how competitors are prevented from reaching equiva
|
|
||||||
4bd41552-8017-551a-84b5-19b0107c20b5 | article | {"excerpt": "Helmer develops from first principles a practical theory of Strategy rooted in the notion of Power, those conditions which create the potential for persistent differential returns. The synopsis says inventio
|
|
||||||
50e0d1ef-322b-5097-afe6-c9aa5ecea5fc | article | {"excerpt": "Episode summary asks what keeps competition away and states Helmer's framework reveals conditions for persistent and durable differential returns.", "metadata": {"source_key": "nfx_podcast_summary", "title":
|
|
||||||
5f9dd7ca-83f8-5ea6-8e00-d9d13003f8fc | other | {"body": null, "candidate_review_note": null, "claim_key": "seven_powers_requires_benefit_and_barrier", "edges": [{"edge_type": "supports", "rationale": "Benefit/barrier is a precise isolating-mechanism test.", "to_exist
|
|
||||||
621bb834-6366-5940-b6c3-c5f82ba35d48 | article | {"excerpt": "Show notes emphasize 'all strategy begins with invention,' transition from startup to pricer with scale economies, competition, brand definition, and sustainable leverage/power.", "metadata": {"source_key":
|
|
||||||
6fe15936-d5b9-514e-802f-32a2a06f4a23 | article | {"excerpt": "NFX/Helmer provides concise definitions and examples for the powers: cornered resource (Pixar), scale economies (Netflix), switching costs (SAP), counter-positioning (Twilio/Tesla/Netflix), brand (Apple/Herm
|
|
||||||
97c3fc2f-16ae-5507-ad51-b1f4a1bcfb11 | other | {"body": null, "candidate_review_note": null, "claim_key": "power_progression_stage_gates_strategy", "edges": [{"edge_type": "relates", "rationale": "Stage-specific power creation supports strategy-as-design rather than
|
|
||||||
bc081b04-709f-565a-af0b-95d4ca0589fa | article | {"excerpt": "Hastings describes Helmer's Power Dynamics assessment of Netflix, identifies Counter-Positioning and Power Progression as novel conceptual advances, and says Counter-Positioning explained why incumbents rati
|
|
||||||
dc1c238c-f835-5641-980a-f0fe53f8dfe5 | transcript | {"excerpt": "Helmer states power has two necessary and sufficient conditions: benefit and barrier. Benefit is a materially better business model; barrier prevents motivated and capable competitors from taking it away. He
|
|
||||||
(13 rows)
|
|
||||||
|
|
||||||
from_claim | to_claim | edge_type
|
|
||||||
--------------------------------------+--------------------------------------+-----------
|
|
||||||
12d2c4aa-1c23-5173-b666-dea903dd7432 | 2ef388ab-4102-4416-a6e1-ae6ba8ee02fa | supports
|
|
||||||
12d2c4aa-1c23-5173-b666-dea903dd7432 | 8f3e773e-4255-47a7-ba8f-61c57a43bebe | supports
|
|
||||||
23927224-0d72-5b37-a600-33c63277f6a9 | 2ef388ab-4102-4416-a6e1-ae6ba8ee02fa | relates
|
|
||||||
23927224-0d72-5b37-a600-33c63277f6a9 | 8f3e773e-4255-47a7-ba8f-61c57a43bebe | supports
|
|
||||||
4701f303-ca9c-5da1-aa48-8cf28189c23c | 25a350e0-ebce-4072-8f2a-48427a727553 | relates
|
|
||||||
6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3 | 93d583d9-5394-4e6a-97ca-bcd48796d94a | relates
|
|
||||||
d2b2142b-c2d8-5e33-9a38-14598d94d715 | be59b559-de8b-4dec-a7be-773188c0e632 | relates
|
|
||||||
(7 rows)
|
|
||||||
|
|
||||||
claim_id | source_id | role
|
|
||||||
--------------------------------------+--------------------------------------+-------------
|
|
||||||
12d2c4aa-1c23-5173-b666-dea903dd7432 | 0c87a244-afa2-5d08-8e79-9cb792aff553 | illustrates
|
|
||||||
12d2c4aa-1c23-5173-b666-dea903dd7432 | 4bd41552-8017-551a-84b5-19b0107c20b5 | grounds
|
|
||||||
12d2c4aa-1c23-5173-b666-dea903dd7432 | dc1c238c-f835-5641-980a-f0fe53f8dfe5 | grounds
|
|
||||||
23927224-0d72-5b37-a600-33c63277f6a9 | 5f9dd7ca-83f8-5ea6-8e00-d9d13003f8fc | illustrates
|
|
||||||
23927224-0d72-5b37-a600-33c63277f6a9 | 6fe15936-d5b9-514e-802f-32a2a06f4a23 | grounds
|
|
||||||
23927224-0d72-5b37-a600-33c63277f6a9 | dc1c238c-f835-5641-980a-f0fe53f8dfe5 | grounds
|
|
||||||
4701f303-ca9c-5da1-aa48-8cf28189c23c | 4bd41552-8017-551a-84b5-19b0107c20b5 | grounds
|
|
||||||
4701f303-ca9c-5da1-aa48-8cf28189c23c | 97c3fc2f-16ae-5507-ad51-b1f4a1bcfb11 | illustrates
|
|
||||||
4701f303-ca9c-5da1-aa48-8cf28189c23c | bc081b04-709f-565a-af0b-95d4ca0589fa | grounds
|
|
||||||
4701f303-ca9c-5da1-aa48-8cf28189c23c | dc1c238c-f835-5641-980a-f0fe53f8dfe5 | grounds
|
|
||||||
6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3 | 263f423e-c16f-544c-ae5f-3e370e736e12 | illustrates
|
|
||||||
6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3 | 2df4bb44-4853-5455-8049-6dbb8685523b | grounds
|
|
||||||
6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3 | 6fe15936-d5b9-514e-802f-32a2a06f4a23 | grounds
|
|
||||||
d2b2142b-c2d8-5e33-9a38-14598d94d715 | 11fa942d-e81a-5142-965d-3c60714a7dca | illustrates
|
|
||||||
d2b2142b-c2d8-5e33-9a38-14598d94d715 | 6fe15936-d5b9-514e-802f-32a2a06f4a23 | grounds
|
|
||||||
d2b2142b-c2d8-5e33-9a38-14598d94d715 | bc081b04-709f-565a-af0b-95d4ca0589fa | grounds
|
|
||||||
d2b2142b-c2d8-5e33-9a38-14598d94d715 | dc1c238c-f835-5641-980a-f0fe53f8dfe5 | grounds
|
|
||||||
(17 rows)
|
|
||||||
|
|
||||||
id | superseded_by
|
|
||||||
----+---------------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
__CLONE_DELETE_ROLLBACK__
|
|
||||||
BEGIN
|
|
||||||
DELETE 17
|
|
||||||
DELETE 7
|
|
||||||
UPDATE 0
|
|
||||||
DELETE 13
|
|
||||||
DELETE 5
|
|
||||||
DELETE 1
|
|
||||||
COMMIT
|
|
||||||
__CLONE_AFTER_DELETE__
|
|
||||||
id | status | proposal_type | reviewed_by_handle | reviewed_at
|
|
||||||
--------------------------------------+----------+-----------------+--------------------+-------------------------------
|
|
||||||
a64df080-8502-42e2-98f4-9bbdecb8da73 | approved | attach_evidence | m3taversal | 2026-06-29 16:32:39.431004+00
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
check_name | id | reason
|
|
||||||
------------+----+--------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
expected_reasoning_tools | expected_claims | expected_sources | expected_claim_edges | expected_claim_evidence
|
|
||||||
--------------------------+-----------------+------------------+----------------------+-------------------------
|
|
||||||
1 | 5 | 13 | 7 | 17
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
generated_reasoning_tool_rows | generated_claim_rows | generated_source_rows | generated_edge_rows | generated_evidence_rows
|
|
||||||
-------------------------------+----------------------+-----------------------+---------------------+-------------------------
|
|
||||||
0 | 0 | 0 | 0 | 0
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
__PRODUCTION_AFTER_CLONE__
|
|
||||||
id | status | proposal_type | reviewed_by_handle | reviewed_at
|
|
||||||
--------------------------------------+----------+-----------------+--------------------+-------------------------------
|
|
||||||
a64df080-8502-42e2-98f4-9bbdecb8da73 | approved | attach_evidence | m3taversal | 2026-06-29 16:32:39.431004+00
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
check_name | id | reason
|
|
||||||
------------+----+--------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
expected_reasoning_tools | expected_claims | expected_sources | expected_claim_edges | expected_claim_evidence
|
|
||||||
--------------------------+-----------------+------------------+----------------------+-------------------------
|
|
||||||
1 | 5 | 13 | 7 | 17
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
generated_reasoning_tool_rows | generated_claim_rows | generated_source_rows | generated_edge_rows | generated_evidence_rows
|
|
||||||
-------------------------------+----------------------+-----------------------+---------------------+-------------------------
|
|
||||||
0 | 0 | 0 | 0 | 0
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
__CLONE_EXISTS_AFTER_DROP__
|
|
||||||
clone_db_count
|
|
||||||
----------------
|
|
||||||
0
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
File diff suppressed because one or more lines are too long
|
|
@ -1,319 +0,0 @@
|
||||||
== production preflight before rollback rehearsal ==
|
|
||||||
id | status | proposal_type | reviewed_by_handle | reviewed_at
|
|
||||||
--------------------------------------+----------+-----------------+--------------------+-------------------------------
|
|
||||||
a64df080-8502-42e2-98f4-9bbdecb8da73 | approved | attach_evidence | m3taversal | 2026-06-29 16:32:39.431004+00
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
check_name | id | reason
|
|
||||||
------------+----+--------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
expected_reasoning_tools | expected_claims | expected_sources | expected_claim_edges | expected_claim_evidence
|
|
||||||
--------------------------+-----------------+------------------+----------------------+-------------------------
|
|
||||||
1 | 5 | 13 | 7 | 17
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
generated_reasoning_tool_rows | generated_claim_rows | generated_source_rows | generated_edge_rows | generated_evidence_rows
|
|
||||||
-------------------------------+----------------------+-----------------------+---------------------+-------------------------
|
|
||||||
0 | 0 | 0 | 0 | 0
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
== production rollback-only rehearsal ==
|
|
||||||
BEGIN
|
|
||||||
SET
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
ROLLBACK
|
|
||||||
BEGIN
|
|
||||||
DO
|
|
||||||
ROLLBACK
|
|
||||||
== production preflight after rollback rehearsal ==
|
|
||||||
id | status | proposal_type | reviewed_by_handle | reviewed_at
|
|
||||||
--------------------------------------+----------+-----------------+--------------------+-------------------------------
|
|
||||||
a64df080-8502-42e2-98f4-9bbdecb8da73 | approved | attach_evidence | m3taversal | 2026-06-29 16:32:39.431004+00
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
check_name | id | reason
|
|
||||||
------------+----+--------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
expected_reasoning_tools | expected_claims | expected_sources | expected_claim_edges | expected_claim_evidence
|
|
||||||
--------------------------+-----------------+------------------+----------------------+-------------------------
|
|
||||||
1 | 5 | 13 | 7 | 17
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
generated_reasoning_tool_rows | generated_claim_rows | generated_source_rows | generated_edge_rows | generated_evidence_rows
|
|
||||||
-------------------------------+----------------------+-----------------------+---------------------+-------------------------
|
|
||||||
0 | 0 | 0 | 0 | 0
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
== create disposable clone ==
|
|
||||||
set_config
|
|
||||||
------------
|
|
||||||
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
== clone preflight before commit ==
|
|
||||||
id | status | proposal_type | reviewed_by_handle | reviewed_at
|
|
||||||
--------------------------------------+----------+-----------------+--------------------+-------------------------------
|
|
||||||
a64df080-8502-42e2-98f4-9bbdecb8da73 | approved | attach_evidence | m3taversal | 2026-06-29 16:32:39.431004+00
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
check_name | id | reason
|
|
||||||
------------+----+--------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
expected_reasoning_tools | expected_claims | expected_sources | expected_claim_edges | expected_claim_evidence
|
|
||||||
--------------------------+-----------------+------------------+----------------------+-------------------------
|
|
||||||
1 | 5 | 13 | 7 | 17
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
generated_reasoning_tool_rows | generated_claim_rows | generated_source_rows | generated_edge_rows | generated_evidence_rows
|
|
||||||
-------------------------------+----------------------+-----------------------+---------------------+-------------------------
|
|
||||||
0 | 0 | 0 | 0 | 0
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
== clone authorized commit rehearsal ==
|
|
||||||
BEGIN
|
|
||||||
SET
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
COMMIT
|
|
||||||
BEGIN
|
|
||||||
DO
|
|
||||||
COMMIT
|
|
||||||
== clone postflight after commit ==
|
|
||||||
generated_reasoning_tool_rows | generated_claim_rows | generated_source_rows | generated_edge_rows | generated_evidence_rows
|
|
||||||
-------------------------------+----------------------+-----------------------+---------------------+-------------------------
|
|
||||||
1 | 5 | 13 | 7 | 17
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
id | agent_id | name | category | description
|
|
||||||
--------------------------------------+--------------------------------------+-----------------+--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
|
|
||||||
473ba7b0-ce44-5e77-bc46-ef82a49b6a3e | 11111111-1111-1111-1111-111111111111 | Helmer 7 Powers | strategy_framework | {"approval_change_log": [{"change": "Removed proposed claim #6 / teleo_power_candidate_is_credibility_and_process_not_control from this framework proposal.", "rationale": "It applies 7 Powers downstream to Teleo self-positioning; approving the framework should not accidentally approve Teleo-as-network-economies / Teleo-as-process-power claims."}, {"change": "Added competitive advantage / moats conceptual-neighborhood links for resolution.", "rationale": "7 Powers should sit in the competitive ad
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
id | type | confidence | text
|
|
||||||
--------------------------------------+------------+------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
|
|
||||||
12d2c4aa-1c23-5173-b666-dea903dd7432 | normative | 0.65 | Leo should use 7 Powers after inflection mapping and attractor-state analysis to distinguish builders who merely benefit from a wave from builders who can durably capture and compound value from that wave.
|
|
||||||
23927224-0d72-5b37-a600-33c63277f6a9 | structural | 0.8 | Helmer's 7 Powers framework diagnoses durable value capture only when a company has both a material benefit and a barrier that prevents motivated capable competitors from arbitraging that benefit away.
|
|
||||||
4701f303-ca9c-5da1-aa48-8cf28189c23c | structural | 0.7 | Power must be analyzed by lifecycle stage because different powers become available in Origination, Take-Off, and Stability, and the window to establish a power can close as market flux resolves.
|
|
||||||
6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3 | structural | 0.7 | Network effects create product value but do not become network economies power unless they also prevent competitors from reaching equivalence and let the focal actor capture surplus.
|
|
||||||
d2b2142b-c2d8-5e33-9a38-14598d94d715 | structural | 0.75 | Counter-positioning is most useful near inflection points because entrants can adopt a superior model while incumbents rationally delay imitation to avoid damaging their existing economics, channels, or identity.
|
|
||||||
(5 rows)
|
|
||||||
|
|
||||||
id | source_type | excerpt
|
|
||||||
--------------------------------------+-------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
|
|
||||||
02b8c5ff-04fb-54e7-b132-e731086f1436 | other | {"excerpt": "Canonical source for the seven powers framework; source of definitions, benefit/barrier logic, Power Progression, and company examples. Full text not ingested in this run; use book/page references if availab
|
|
||||||
0c87a244-afa2-5d08-8e79-9cb792aff553 | other | {"body": null, "candidate_review_note": null, "claim_key": "agentic_capital_needs_power_analysis", "edges": [{"edge_type": "supports", "rationale": "7 Powers operationalizes scarcity/value-capture analysis for builder ev
|
|
||||||
11fa942d-e81a-5142-965d-3c60714a7dca | other | {"body": null, "candidate_review_note": null, "claim_key": "counter_positioning_is_early_inflection_power", "edges": [{"edge_type": "relates", "rationale": "Counter-positioning exploits path dependence and incumbent comm
|
|
||||||
263f423e-c16f-544c-ae5f-3e370e736e12 | other | {"body": null, "candidate_review_note": null, "claim_key": "network_effects_do_not_equal_network_power", "edges": [{"edge_type": "relates", "rationale": "Commercial network effects can be self-enforcing only when they al
|
|
||||||
2df4bb44-4853-5455-8049-6dbb8685523b | transcript | {"excerpt": "Chenyi Shi frames platform power through three questions: how economic value is created, how each customer group perceives value as the platform scales, and how competitors are prevented from reaching equiva
|
|
||||||
4bd41552-8017-551a-84b5-19b0107c20b5 | article | {"excerpt": "Helmer develops from first principles a practical theory of Strategy rooted in the notion of Power, those conditions which create the potential for persistent differential returns. The synopsis says inventio
|
|
||||||
50e0d1ef-322b-5097-afe6-c9aa5ecea5fc | article | {"excerpt": "Episode summary asks what keeps competition away and states Helmer's framework reveals conditions for persistent and durable differential returns.", "metadata": {"source_key": "nfx_podcast_summary", "title":
|
|
||||||
5f9dd7ca-83f8-5ea6-8e00-d9d13003f8fc | other | {"body": null, "candidate_review_note": null, "claim_key": "seven_powers_requires_benefit_and_barrier", "edges": [{"edge_type": "supports", "rationale": "Benefit/barrier is a precise isolating-mechanism test.", "to_exist
|
|
||||||
621bb834-6366-5940-b6c3-c5f82ba35d48 | article | {"excerpt": "Show notes emphasize 'all strategy begins with invention,' transition from startup to pricer with scale economies, competition, brand definition, and sustainable leverage/power.", "metadata": {"source_key":
|
|
||||||
6fe15936-d5b9-514e-802f-32a2a06f4a23 | article | {"excerpt": "NFX/Helmer provides concise definitions and examples for the powers: cornered resource (Pixar), scale economies (Netflix), switching costs (SAP), counter-positioning (Twilio/Tesla/Netflix), brand (Apple/Herm
|
|
||||||
97c3fc2f-16ae-5507-ad51-b1f4a1bcfb11 | other | {"body": null, "candidate_review_note": null, "claim_key": "power_progression_stage_gates_strategy", "edges": [{"edge_type": "relates", "rationale": "Stage-specific power creation supports strategy-as-design rather than
|
|
||||||
bc081b04-709f-565a-af0b-95d4ca0589fa | article | {"excerpt": "Hastings describes Helmer's Power Dynamics assessment of Netflix, identifies Counter-Positioning and Power Progression as novel conceptual advances, and says Counter-Positioning explained why incumbents rati
|
|
||||||
dc1c238c-f835-5641-980a-f0fe53f8dfe5 | transcript | {"excerpt": "Helmer states power has two necessary and sufficient conditions: benefit and barrier. Benefit is a materially better business model; barrier prevents motivated and capable competitors from taking it away. He
|
|
||||||
(13 rows)
|
|
||||||
|
|
||||||
from_claim | to_claim | edge_type
|
|
||||||
--------------------------------------+--------------------------------------+-----------
|
|
||||||
12d2c4aa-1c23-5173-b666-dea903dd7432 | 2ef388ab-4102-4416-a6e1-ae6ba8ee02fa | supports
|
|
||||||
12d2c4aa-1c23-5173-b666-dea903dd7432 | 8f3e773e-4255-47a7-ba8f-61c57a43bebe | supports
|
|
||||||
23927224-0d72-5b37-a600-33c63277f6a9 | 2ef388ab-4102-4416-a6e1-ae6ba8ee02fa | relates
|
|
||||||
23927224-0d72-5b37-a600-33c63277f6a9 | 8f3e773e-4255-47a7-ba8f-61c57a43bebe | supports
|
|
||||||
4701f303-ca9c-5da1-aa48-8cf28189c23c | 25a350e0-ebce-4072-8f2a-48427a727553 | relates
|
|
||||||
6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3 | 93d583d9-5394-4e6a-97ca-bcd48796d94a | relates
|
|
||||||
d2b2142b-c2d8-5e33-9a38-14598d94d715 | be59b559-de8b-4dec-a7be-773188c0e632 | relates
|
|
||||||
(7 rows)
|
|
||||||
|
|
||||||
claim_id | source_id | role
|
|
||||||
--------------------------------------+--------------------------------------+-------------
|
|
||||||
12d2c4aa-1c23-5173-b666-dea903dd7432 | 0c87a244-afa2-5d08-8e79-9cb792aff553 | illustrates
|
|
||||||
12d2c4aa-1c23-5173-b666-dea903dd7432 | 4bd41552-8017-551a-84b5-19b0107c20b5 | grounds
|
|
||||||
12d2c4aa-1c23-5173-b666-dea903dd7432 | dc1c238c-f835-5641-980a-f0fe53f8dfe5 | grounds
|
|
||||||
23927224-0d72-5b37-a600-33c63277f6a9 | 5f9dd7ca-83f8-5ea6-8e00-d9d13003f8fc | illustrates
|
|
||||||
23927224-0d72-5b37-a600-33c63277f6a9 | 6fe15936-d5b9-514e-802f-32a2a06f4a23 | grounds
|
|
||||||
23927224-0d72-5b37-a600-33c63277f6a9 | dc1c238c-f835-5641-980a-f0fe53f8dfe5 | grounds
|
|
||||||
4701f303-ca9c-5da1-aa48-8cf28189c23c | 4bd41552-8017-551a-84b5-19b0107c20b5 | grounds
|
|
||||||
4701f303-ca9c-5da1-aa48-8cf28189c23c | 97c3fc2f-16ae-5507-ad51-b1f4a1bcfb11 | illustrates
|
|
||||||
4701f303-ca9c-5da1-aa48-8cf28189c23c | bc081b04-709f-565a-af0b-95d4ca0589fa | grounds
|
|
||||||
4701f303-ca9c-5da1-aa48-8cf28189c23c | dc1c238c-f835-5641-980a-f0fe53f8dfe5 | grounds
|
|
||||||
6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3 | 263f423e-c16f-544c-ae5f-3e370e736e12 | illustrates
|
|
||||||
6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3 | 2df4bb44-4853-5455-8049-6dbb8685523b | grounds
|
|
||||||
6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3 | 6fe15936-d5b9-514e-802f-32a2a06f4a23 | grounds
|
|
||||||
d2b2142b-c2d8-5e33-9a38-14598d94d715 | 11fa942d-e81a-5142-965d-3c60714a7dca | illustrates
|
|
||||||
d2b2142b-c2d8-5e33-9a38-14598d94d715 | 6fe15936-d5b9-514e-802f-32a2a06f4a23 | grounds
|
|
||||||
d2b2142b-c2d8-5e33-9a38-14598d94d715 | bc081b04-709f-565a-af0b-95d4ca0589fa | grounds
|
|
||||||
d2b2142b-c2d8-5e33-9a38-14598d94d715 | dc1c238c-f835-5641-980a-f0fe53f8dfe5 | grounds
|
|
||||||
(17 rows)
|
|
||||||
|
|
||||||
id | superseded_by
|
|
||||||
----+---------------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
id | status | applied_by_handle | applied_at
|
|
||||||
--------------------------------------+---------+-----------------------+-------------------------------
|
|
||||||
a64df080-8502-42e2-98f4-9bbdecb8da73 | applied | codex-packet-20260709 | 2026-07-09 21:14:11.331665+00
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
== clone delete rollback including proposal status restore ==
|
|
||||||
BEGIN
|
|
||||||
DELETE 17
|
|
||||||
DELETE 7
|
|
||||||
UPDATE 0
|
|
||||||
DELETE 13
|
|
||||||
DELETE 5
|
|
||||||
DELETE 1
|
|
||||||
DO
|
|
||||||
COMMIT
|
|
||||||
== clone postflight after delete rollback ==
|
|
||||||
generated_reasoning_tool_rows | generated_claim_rows | generated_source_rows | generated_edge_rows | generated_evidence_rows
|
|
||||||
-------------------------------+----------------------+-----------------------+---------------------+-------------------------
|
|
||||||
0 | 0 | 0 | 0 | 0
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
id | agent_id | name | category | description
|
|
||||||
----+----------+------+----------+-------------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
id | type | confidence | text
|
|
||||||
----+------+------------+------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
id | source_type | excerpt
|
|
||||||
----+-------------+---------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
from_claim | to_claim | edge_type
|
|
||||||
------------+----------+-----------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
claim_id | source_id | role
|
|
||||||
----------+-----------+------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
id | superseded_by
|
|
||||||
----+---------------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
id | status | applied_by_handle | applied_at
|
|
||||||
--------------------------------------+----------+-------------------+------------
|
|
||||||
a64df080-8502-42e2-98f4-9bbdecb8da73 | approved | |
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
== production preflight after clone rehearsal ==
|
|
||||||
id | status | proposal_type | reviewed_by_handle | reviewed_at
|
|
||||||
--------------------------------------+----------+-----------------+--------------------+-------------------------------
|
|
||||||
a64df080-8502-42e2-98f4-9bbdecb8da73 | approved | attach_evidence | m3taversal | 2026-06-29 16:32:39.431004+00
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
check_name | id | reason
|
|
||||||
------------+----+--------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
expected_reasoning_tools | expected_claims | expected_sources | expected_claim_edges | expected_claim_evidence
|
|
||||||
--------------------------+-----------------+------------------+----------------------+-------------------------
|
|
||||||
1 | 5 | 13 | 7 | 17
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
generated_reasoning_tool_rows | generated_claim_rows | generated_source_rows | generated_edge_rows | generated_evidence_rows
|
|
||||||
-------------------------------+----------------------+-----------------------+---------------------+-------------------------
|
|
||||||
0 | 0 | 0 | 0 | 0
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
== cleanup disposable clone ==
|
|
||||||
0
|
|
||||||
== service stability ==
|
|
||||||
3252143
|
|
||||||
0
|
|
||||||
Thu 2026-07-09 06:59:44 UTC
|
|
||||||
/home/teleo
|
|
||||||
teleo
|
|
||||||
active
|
|
||||||
running
|
|
||||||
|
|
@ -1,86 +0,0 @@
|
||||||
id | status | proposal_type | reviewed_by_handle | reviewed_at
|
|
||||||
--------------------------------------+----------+-----------------+--------------------+-------------------------------
|
|
||||||
a64df080-8502-42e2-98f4-9bbdecb8da73 | approved | attach_evidence | m3taversal | 2026-06-29 16:32:39.431004+00
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
check_name | id | reason
|
|
||||||
------------+----+--------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
expected_reasoning_tools | expected_claims | expected_sources | expected_claim_edges | expected_claim_evidence
|
|
||||||
--------------------------+-----------------+------------------+----------------------+-------------------------
|
|
||||||
1 | 5 | 13 | 7 | 17
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
generated_reasoning_tool_rows | generated_claim_rows | generated_source_rows | generated_edge_rows | generated_evidence_rows
|
|
||||||
-------------------------------+----------------------+-----------------------+---------------------+-------------------------
|
|
||||||
0 | 0 | 0 | 0 | 0
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
__ROLLBACK_REHEARSAL__
|
|
||||||
BEGIN
|
|
||||||
SET
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
INSERT 0 1
|
|
||||||
ROLLBACK
|
|
||||||
__POST_REHEARSAL_COUNTS__
|
|
||||||
id | status | proposal_type | reviewed_by_handle | reviewed_at
|
|
||||||
--------------------------------------+----------+-----------------+--------------------+-------------------------------
|
|
||||||
a64df080-8502-42e2-98f4-9bbdecb8da73 | approved | attach_evidence | m3taversal | 2026-06-29 16:32:39.431004+00
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
check_name | id | reason
|
|
||||||
------------+----+--------
|
|
||||||
(0 rows)
|
|
||||||
|
|
||||||
expected_reasoning_tools | expected_claims | expected_sources | expected_claim_edges | expected_claim_evidence
|
|
||||||
--------------------------+-----------------+------------------+----------------------+-------------------------
|
|
||||||
1 | 5 | 13 | 7 | 17
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
generated_reasoning_tool_rows | generated_claim_rows | generated_source_rows | generated_edge_rows | generated_evidence_rows
|
|
||||||
-------------------------------+----------------------+-----------------------+---------------------+-------------------------
|
|
||||||
0 | 0 | 0 | 0 | 0
|
|
||||||
(1 row)
|
|
||||||
|
|
||||||
File diff suppressed because one or more lines are too long
|
|
@ -1,61 +0,0 @@
|
||||||
# Helmer 7 Powers Production Apply Packet - Ledger-Proven Refresh - 2026-07-09
|
|
||||||
|
|
||||||
Generated UTC: `2026-07-09T21:15:06.276683+00:00`
|
|
||||||
|
|
||||||
Status: full-coverage packet ready and clone-proven; not executed on production.
|
|
||||||
|
|
||||||
Proposal:
|
|
||||||
- `a64df080-8502-42e2-98f4-9bbdecb8da73`
|
|
||||||
- Production status on preflight: `approved`
|
|
||||||
- Proposal type: `attach_evidence`
|
|
||||||
- Reviewer: `m3taversal`
|
|
||||||
- Reviewed at: `2026-06-29 16:32:39.431004+00`
|
|
||||||
|
|
||||||
Generated row contract:
|
|
||||||
- `public.reasoning_tools`: 1 row
|
|
||||||
- `public.claims`: 5 rows
|
|
||||||
- `public.sources`: 13 rows
|
|
||||||
- `public.claim_edges`: 7 rows
|
|
||||||
- `public.claim_evidence`: 17 rows
|
|
||||||
|
|
||||||
Ledger behavior:
|
|
||||||
- `marks_original_proposals_applied`: `true`
|
|
||||||
- `applied_by_handle`: `codex-packet-20260709`
|
|
||||||
- Remaining blocked fragments: `0`
|
|
||||||
- Unresolved design decisions: `0`
|
|
||||||
|
|
||||||
Important boundary:
|
|
||||||
- The canonical reasoning-tool row is sanitized: Teleo-specific self-positioning/application examples are removed from the reasoning-tool description and counted as deferred.
|
|
||||||
- Because the packet has full coverage for the approved Helmer framework contract and no blocked fragments, the authorized commit SQL now marks the original `kb_stage.kb_proposals` row as `applied` after generated rows are written.
|
|
||||||
- The mapped internet-finance/Hayek packet still refuses this ledger behavior because it has unresolved non-claim/cross-table fragments.
|
|
||||||
- Production commit SQL exists only for separately authorized execution. It has not been run against production.
|
|
||||||
|
|
||||||
Live production rollback rehearsal:
|
|
||||||
- Preflight found the proposal approved and all required existing target claims present.
|
|
||||||
- Preflight generated-row counts were `0/0/0/0/0` for reasoning tool / claims / sources / edges / evidence.
|
|
||||||
- Rollback-only apply rehearsal inserted the planned rows and executed the proposal-ledger update inside transactions ending with `ROLLBACK`.
|
|
||||||
- Post-rehearsal production generated-row counts remained `0/0/0/0/0` and proposal status remained `approved`.
|
|
||||||
|
|
||||||
Disposable clone proof:
|
|
||||||
- Disposable DB: `teleo_helmer_ledger_rehearsal_20260709`
|
|
||||||
- Clone commit produced `1` reasoning tool, `5` claims, `13` sources, `7` claim edges, and `17` claim evidence rows.
|
|
||||||
- Clone postflight read back reasoning tool `473ba7b0-ce44-5e77-bc46-ef82a49b6a3e` named `Helmer 7 Powers`.
|
|
||||||
- Clone postflight read back proposal `a64df080-8502-42e2-98f4-9bbdecb8da73` as `applied` with `applied_by_handle = codex-packet-20260709`.
|
|
||||||
- Delete rollback removed `17` evidence rows, `7` edge rows, `13` source rows, `5` claim rows, and `1` reasoning-tool row.
|
|
||||||
- Delete rollback restored the proposal ledger to `approved` with blank `applied_by_handle`/`applied_at`.
|
|
||||||
- Clone after delete returned generated-row counts to `0/0/0/0/0`.
|
|
||||||
- Production after clone remained `0/0/0/0/0` and proposal status remained `approved`.
|
|
||||||
- Disposable clone was dropped; final clone DB count was `0`.
|
|
||||||
- VPS service stayed active/running with PID `3252143`, restarts `0`.
|
|
||||||
|
|
||||||
Packet files:
|
|
||||||
- `production-preflight.sql`
|
|
||||||
- `production-apply-rollback-rehearsal.sql`
|
|
||||||
- `production-apply-authorized-commit.sql`
|
|
||||||
- `production-postflight.sql`
|
|
||||||
- `production-delete-rollback.sql`
|
|
||||||
- `production-apply-packet.json`
|
|
||||||
- `ledger-clone-commit-delete-rollback-current.log`
|
|
||||||
|
|
||||||
Claim ceiling:
|
|
||||||
This proves the approved Helmer 7 Powers framework can be represented, applied, ledger-marked, and rolled back safely in a disposable clone using current canonical tables. It does not prove production has been updated, because production commit was intentionally not executed.
|
|
||||||
|
|
@ -1,40 +0,0 @@
|
||||||
{
|
|
||||||
"claim_ceiling": "Production apply packet for mapped supported subset only; original rich proposals are not marked applied unless the packet fully covers the approved reasoning-tool/claim/source contract.",
|
|
||||||
"marks_original_proposals_applied": false,
|
|
||||||
"packet_version": 1,
|
|
||||||
"plan_path": "../../outputs/rich-proposal-creation-plan-20260709/helmer-7powers-20260709/helmer-7powers-creation-plan.json",
|
|
||||||
"proposal_ids": [
|
|
||||||
"a64df080-8502-42e2-98f4-9bbdecb8da73"
|
|
||||||
],
|
|
||||||
"remaining_blocked_fragments": [],
|
|
||||||
"required_existing_claims": [
|
|
||||||
{
|
|
||||||
"id": "25a350e0-ebce-4072-8f2a-48427a727553",
|
|
||||||
"reason": "claim_edges.to_claim"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"id": "2ef388ab-4102-4416-a6e1-ae6ba8ee02fa",
|
|
||||||
"reason": "claim_edges.to_claim"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"id": "8f3e773e-4255-47a7-ba8f-61c57a43bebe",
|
|
||||||
"reason": "claim_edges.to_claim"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"id": "93d583d9-5394-4e6a-97ca-bcd48796d94a",
|
|
||||||
"reason": "claim_edges.to_claim"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"id": "be59b559-de8b-4dec-a7be-773188c0e632",
|
|
||||||
"reason": "claim_edges.to_claim"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"row_counts": {
|
|
||||||
"claim_edges": 7,
|
|
||||||
"claim_evidence": 17,
|
|
||||||
"claims": 5,
|
|
||||||
"reasoning_tools": 1,
|
|
||||||
"sources": 13
|
|
||||||
},
|
|
||||||
"unresolved_design_decisions": []
|
|
||||||
}
|
|
||||||
|
|
@ -1,41 +0,0 @@
|
||||||
{
|
|
||||||
"applied_by_handle": "codex-packet-20260709",
|
|
||||||
"claim_ceiling": "Production apply packet for full covered proposal contract; authorized commit SQL marks original proposal(s) applied after generated rows are written.",
|
|
||||||
"marks_original_proposals_applied": true,
|
|
||||||
"packet_version": 1,
|
|
||||||
"plan_path": "/Users/user/Documents/Codex/2026-07-09/019f34eb-d297-72d0-b7e2-b222d5515ab9-load/outputs/rich-proposal-creation-plan-20260709/helmer-7powers-20260709/helmer-7powers-creation-plan.json",
|
|
||||||
"proposal_ids": [
|
|
||||||
"a64df080-8502-42e2-98f4-9bbdecb8da73"
|
|
||||||
],
|
|
||||||
"remaining_blocked_fragments": [],
|
|
||||||
"required_existing_claims": [
|
|
||||||
{
|
|
||||||
"id": "25a350e0-ebce-4072-8f2a-48427a727553",
|
|
||||||
"reason": "claim_edges.to_claim"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"id": "2ef388ab-4102-4416-a6e1-ae6ba8ee02fa",
|
|
||||||
"reason": "claim_edges.to_claim"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"id": "8f3e773e-4255-47a7-ba8f-61c57a43bebe",
|
|
||||||
"reason": "claim_edges.to_claim"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"id": "93d583d9-5394-4e6a-97ca-bcd48796d94a",
|
|
||||||
"reason": "claim_edges.to_claim"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"id": "be59b559-de8b-4dec-a7be-773188c0e632",
|
|
||||||
"reason": "claim_edges.to_claim"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"row_counts": {
|
|
||||||
"claim_edges": 7,
|
|
||||||
"claim_evidence": 17,
|
|
||||||
"claims": 5,
|
|
||||||
"reasoning_tools": 1,
|
|
||||||
"sources": 13
|
|
||||||
},
|
|
||||||
"unresolved_design_decisions": []
|
|
||||||
}
|
|
||||||
File diff suppressed because one or more lines are too long
|
|
@ -1,103 +0,0 @@
|
||||||
\set ON_ERROR_STOP on
|
|
||||||
-- Emergency rollback for the mapped generated rows only.
|
|
||||||
-- Run only before any later production data depends on these generated rows.
|
|
||||||
begin;
|
|
||||||
|
|
||||||
delete from public.claim_evidence ce
|
|
||||||
using (values
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, '5f9dd7ca-83f8-5ea6-8e00-d9d13003f8fc'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, 'dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, '6fe15936-d5b9-514e-802f-32a2a06f4a23'::uuid, 'grounds'::evidence_role),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, '97c3fc2f-16ae-5507-ad51-b1f4a1bcfb11'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, '4bd41552-8017-551a-84b5-19b0107c20b5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, 'bc081b04-709f-565a-af0b-95d4ca0589fa'::uuid, 'grounds'::evidence_role),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, 'dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, '11fa942d-e81a-5142-965d-3c60714a7dca'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, 'dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, 'bc081b04-709f-565a-af0b-95d4ca0589fa'::uuid, 'grounds'::evidence_role),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, '6fe15936-d5b9-514e-802f-32a2a06f4a23'::uuid, 'grounds'::evidence_role),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid, '263f423e-c16f-544c-ae5f-3e370e736e12'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid, '2df4bb44-4853-5455-8049-6dbb8685523b'::uuid, 'grounds'::evidence_role),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid, '6fe15936-d5b9-514e-802f-32a2a06f4a23'::uuid, 'grounds'::evidence_role),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, '0c87a244-afa2-5d08-8e79-9cb792aff553'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, '4bd41552-8017-551a-84b5-19b0107c20b5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, 'dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid, 'grounds'::evidence_role)
|
|
||||||
) as v(claim_id, source_id, role)
|
|
||||||
where ce.claim_id = v.claim_id and ce.source_id = v.source_id and ce.role = v.role;
|
|
||||||
|
|
||||||
delete from public.claim_edges e
|
|
||||||
using (values
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, '8f3e773e-4255-47a7-ba8f-61c57a43bebe'::uuid, 'supports'::edge_type),
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, '2ef388ab-4102-4416-a6e1-ae6ba8ee02fa'::uuid, 'relates'::edge_type),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, '25a350e0-ebce-4072-8f2a-48427a727553'::uuid, 'relates'::edge_type),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, 'be59b559-de8b-4dec-a7be-773188c0e632'::uuid, 'relates'::edge_type),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid, '93d583d9-5394-4e6a-97ca-bcd48796d94a'::uuid, 'relates'::edge_type),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, '2ef388ab-4102-4416-a6e1-ae6ba8ee02fa'::uuid, 'supports'::edge_type),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, '8f3e773e-4255-47a7-ba8f-61c57a43bebe'::uuid, 'supports'::edge_type)
|
|
||||||
) as v(from_claim, to_claim, edge_type)
|
|
||||||
where e.from_claim = v.from_claim and e.to_claim = v.to_claim and e.edge_type = v.edge_type;
|
|
||||||
|
|
||||||
update public.claims
|
|
||||||
set superseded_by = null,
|
|
||||||
updated_at = now()
|
|
||||||
where superseded_by in (select id from (values
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid)
|
|
||||||
) as v(id));
|
|
||||||
|
|
||||||
delete from public.sources
|
|
||||||
where id in (select id from (values
|
|
||||||
('02b8c5ff-04fb-54e7-b132-e731086f1436'::uuid),
|
|
||||||
('4bd41552-8017-551a-84b5-19b0107c20b5'::uuid),
|
|
||||||
('bc081b04-709f-565a-af0b-95d4ca0589fa'::uuid),
|
|
||||||
('dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid),
|
|
||||||
('2df4bb44-4853-5455-8049-6dbb8685523b'::uuid),
|
|
||||||
('6fe15936-d5b9-514e-802f-32a2a06f4a23'::uuid),
|
|
||||||
('50e0d1ef-322b-5097-afe6-c9aa5ecea5fc'::uuid),
|
|
||||||
('621bb834-6366-5940-b6c3-c5f82ba35d48'::uuid),
|
|
||||||
('5f9dd7ca-83f8-5ea6-8e00-d9d13003f8fc'::uuid),
|
|
||||||
('97c3fc2f-16ae-5507-ad51-b1f4a1bcfb11'::uuid),
|
|
||||||
('11fa942d-e81a-5142-965d-3c60714a7dca'::uuid),
|
|
||||||
('263f423e-c16f-544c-ae5f-3e370e736e12'::uuid),
|
|
||||||
('0c87a244-afa2-5d08-8e79-9cb792aff553'::uuid)
|
|
||||||
) as v(id));
|
|
||||||
|
|
||||||
delete from public.claims
|
|
||||||
where id in (select id from (values
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid)
|
|
||||||
) as v(id));
|
|
||||||
|
|
||||||
delete from public.reasoning_tools
|
|
||||||
where id in (select id from (values
|
|
||||||
('473ba7b0-ce44-5e77-bc46-ef82a49b6a3e'::uuid)
|
|
||||||
) as v(id));
|
|
||||||
|
|
||||||
do $$
|
|
||||||
declare
|
|
||||||
restored int;
|
|
||||||
begin
|
|
||||||
update kb_stage.kb_proposals
|
|
||||||
set status = 'approved',
|
|
||||||
applied_by_handle = null,
|
|
||||||
applied_by_agent_id = null,
|
|
||||||
applied_at = null,
|
|
||||||
updated_at = now()
|
|
||||||
where id in (select id from (values
|
|
||||||
('a64df080-8502-42e2-98f4-9bbdecb8da73'::uuid)
|
|
||||||
) as v(id))
|
|
||||||
and status = 'applied';
|
|
||||||
|
|
||||||
get diagnostics restored = row_count;
|
|
||||||
if restored <> 1 then
|
|
||||||
raise exception 'rich proposal packet ledger rollback restored % row(s), expected 1; original proposals were not all applied', restored;
|
|
||||||
end if;
|
|
||||||
end $$;
|
|
||||||
|
|
||||||
commit;
|
|
||||||
|
|
@ -1,149 +0,0 @@
|
||||||
\set ON_ERROR_STOP on
|
|
||||||
-- Postflight row-level readback for mapped rich proposal apply packet.
|
|
||||||
|
|
||||||
select
|
|
||||||
(select count(*) from public.reasoning_tools where id in (select id from (values
|
|
||||||
('473ba7b0-ce44-5e77-bc46-ef82a49b6a3e'::uuid)
|
|
||||||
) as v(id))) as generated_reasoning_tool_rows,
|
|
||||||
(select count(*) from public.claims where id in (select id from (values
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid)
|
|
||||||
) as v(id))) as generated_claim_rows,
|
|
||||||
(select count(*) from public.sources where id in (select id from (values
|
|
||||||
('02b8c5ff-04fb-54e7-b132-e731086f1436'::uuid),
|
|
||||||
('4bd41552-8017-551a-84b5-19b0107c20b5'::uuid),
|
|
||||||
('bc081b04-709f-565a-af0b-95d4ca0589fa'::uuid),
|
|
||||||
('dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid),
|
|
||||||
('2df4bb44-4853-5455-8049-6dbb8685523b'::uuid),
|
|
||||||
('6fe15936-d5b9-514e-802f-32a2a06f4a23'::uuid),
|
|
||||||
('50e0d1ef-322b-5097-afe6-c9aa5ecea5fc'::uuid),
|
|
||||||
('621bb834-6366-5940-b6c3-c5f82ba35d48'::uuid),
|
|
||||||
('5f9dd7ca-83f8-5ea6-8e00-d9d13003f8fc'::uuid),
|
|
||||||
('97c3fc2f-16ae-5507-ad51-b1f4a1bcfb11'::uuid),
|
|
||||||
('11fa942d-e81a-5142-965d-3c60714a7dca'::uuid),
|
|
||||||
('263f423e-c16f-544c-ae5f-3e370e736e12'::uuid),
|
|
||||||
('0c87a244-afa2-5d08-8e79-9cb792aff553'::uuid)
|
|
||||||
) as v(id))) as generated_source_rows,
|
|
||||||
(select count(*) from public.claim_edges e join (values
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, '8f3e773e-4255-47a7-ba8f-61c57a43bebe'::uuid, 'supports'::edge_type),
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, '2ef388ab-4102-4416-a6e1-ae6ba8ee02fa'::uuid, 'relates'::edge_type),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, '25a350e0-ebce-4072-8f2a-48427a727553'::uuid, 'relates'::edge_type),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, 'be59b559-de8b-4dec-a7be-773188c0e632'::uuid, 'relates'::edge_type),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid, '93d583d9-5394-4e6a-97ca-bcd48796d94a'::uuid, 'relates'::edge_type),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, '2ef388ab-4102-4416-a6e1-ae6ba8ee02fa'::uuid, 'supports'::edge_type),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, '8f3e773e-4255-47a7-ba8f-61c57a43bebe'::uuid, 'supports'::edge_type)
|
|
||||||
) as v(from_claim, to_claim, edge_type) using (from_claim, to_claim, edge_type)) as generated_edge_rows,
|
|
||||||
(select count(*) from public.claim_evidence ce join (values
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, '5f9dd7ca-83f8-5ea6-8e00-d9d13003f8fc'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, 'dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, '6fe15936-d5b9-514e-802f-32a2a06f4a23'::uuid, 'grounds'::evidence_role),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, '97c3fc2f-16ae-5507-ad51-b1f4a1bcfb11'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, '4bd41552-8017-551a-84b5-19b0107c20b5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, 'bc081b04-709f-565a-af0b-95d4ca0589fa'::uuid, 'grounds'::evidence_role),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, 'dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, '11fa942d-e81a-5142-965d-3c60714a7dca'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, 'dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, 'bc081b04-709f-565a-af0b-95d4ca0589fa'::uuid, 'grounds'::evidence_role),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, '6fe15936-d5b9-514e-802f-32a2a06f4a23'::uuid, 'grounds'::evidence_role),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid, '263f423e-c16f-544c-ae5f-3e370e736e12'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid, '2df4bb44-4853-5455-8049-6dbb8685523b'::uuid, 'grounds'::evidence_role),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid, '6fe15936-d5b9-514e-802f-32a2a06f4a23'::uuid, 'grounds'::evidence_role),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, '0c87a244-afa2-5d08-8e79-9cb792aff553'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, '4bd41552-8017-551a-84b5-19b0107c20b5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, 'dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid, 'grounds'::evidence_role)
|
|
||||||
) as v(claim_id, source_id, role) using (claim_id, source_id, role)) as generated_evidence_rows;
|
|
||||||
|
|
||||||
|
|
||||||
select id::text, agent_id::text, name, category, left(description, 500) as description
|
|
||||||
from public.reasoning_tools
|
|
||||||
where id in (select id from (values
|
|
||||||
('473ba7b0-ce44-5e77-bc46-ef82a49b6a3e'::uuid)
|
|
||||||
) as v(id))
|
|
||||||
order by id;
|
|
||||||
|
|
||||||
select id::text, type, confidence, left(text, 220) as text
|
|
||||||
from public.claims
|
|
||||||
where id in (select id from (values
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid)
|
|
||||||
) as v(id))
|
|
||||||
order by id;
|
|
||||||
|
|
||||||
select id::text, source_type, left(coalesce(excerpt, ''), 220) as excerpt
|
|
||||||
from public.sources
|
|
||||||
where id in (select id from (values
|
|
||||||
('02b8c5ff-04fb-54e7-b132-e731086f1436'::uuid),
|
|
||||||
('4bd41552-8017-551a-84b5-19b0107c20b5'::uuid),
|
|
||||||
('bc081b04-709f-565a-af0b-95d4ca0589fa'::uuid),
|
|
||||||
('dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid),
|
|
||||||
('2df4bb44-4853-5455-8049-6dbb8685523b'::uuid),
|
|
||||||
('6fe15936-d5b9-514e-802f-32a2a06f4a23'::uuid),
|
|
||||||
('50e0d1ef-322b-5097-afe6-c9aa5ecea5fc'::uuid),
|
|
||||||
('621bb834-6366-5940-b6c3-c5f82ba35d48'::uuid),
|
|
||||||
('5f9dd7ca-83f8-5ea6-8e00-d9d13003f8fc'::uuid),
|
|
||||||
('97c3fc2f-16ae-5507-ad51-b1f4a1bcfb11'::uuid),
|
|
||||||
('11fa942d-e81a-5142-965d-3c60714a7dca'::uuid),
|
|
||||||
('263f423e-c16f-544c-ae5f-3e370e736e12'::uuid),
|
|
||||||
('0c87a244-afa2-5d08-8e79-9cb792aff553'::uuid)
|
|
||||||
) as v(id))
|
|
||||||
order by id;
|
|
||||||
|
|
||||||
select e.from_claim::text, e.to_claim::text, e.edge_type::text
|
|
||||||
from public.claim_edges e
|
|
||||||
join (values
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, '8f3e773e-4255-47a7-ba8f-61c57a43bebe'::uuid, 'supports'::edge_type),
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, '2ef388ab-4102-4416-a6e1-ae6ba8ee02fa'::uuid, 'relates'::edge_type),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, '25a350e0-ebce-4072-8f2a-48427a727553'::uuid, 'relates'::edge_type),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, 'be59b559-de8b-4dec-a7be-773188c0e632'::uuid, 'relates'::edge_type),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid, '93d583d9-5394-4e6a-97ca-bcd48796d94a'::uuid, 'relates'::edge_type),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, '2ef388ab-4102-4416-a6e1-ae6ba8ee02fa'::uuid, 'supports'::edge_type),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, '8f3e773e-4255-47a7-ba8f-61c57a43bebe'::uuid, 'supports'::edge_type)
|
|
||||||
) as v(from_claim, to_claim, edge_type) using (from_claim, to_claim, edge_type)
|
|
||||||
order by e.from_claim, e.to_claim, e.edge_type;
|
|
||||||
|
|
||||||
select ce.claim_id::text, ce.source_id::text, ce.role::text
|
|
||||||
from public.claim_evidence ce
|
|
||||||
join (values
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, '5f9dd7ca-83f8-5ea6-8e00-d9d13003f8fc'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, 'dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, '6fe15936-d5b9-514e-802f-32a2a06f4a23'::uuid, 'grounds'::evidence_role),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, '97c3fc2f-16ae-5507-ad51-b1f4a1bcfb11'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, '4bd41552-8017-551a-84b5-19b0107c20b5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, 'bc081b04-709f-565a-af0b-95d4ca0589fa'::uuid, 'grounds'::evidence_role),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, 'dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, '11fa942d-e81a-5142-965d-3c60714a7dca'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, 'dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, 'bc081b04-709f-565a-af0b-95d4ca0589fa'::uuid, 'grounds'::evidence_role),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, '6fe15936-d5b9-514e-802f-32a2a06f4a23'::uuid, 'grounds'::evidence_role),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid, '263f423e-c16f-544c-ae5f-3e370e736e12'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid, '2df4bb44-4853-5455-8049-6dbb8685523b'::uuid, 'grounds'::evidence_role),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid, '6fe15936-d5b9-514e-802f-32a2a06f4a23'::uuid, 'grounds'::evidence_role),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, '0c87a244-afa2-5d08-8e79-9cb792aff553'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, '4bd41552-8017-551a-84b5-19b0107c20b5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, 'dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid, 'grounds'::evidence_role)
|
|
||||||
) as v(claim_id, source_id, role) using (claim_id, source_id, role)
|
|
||||||
order by ce.claim_id, ce.source_id, ce.role;
|
|
||||||
|
|
||||||
select id::text, superseded_by::text
|
|
||||||
from public.claims
|
|
||||||
where superseded_by in (select id from (values
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid)
|
|
||||||
) as v(id))
|
|
||||||
order by id;
|
|
||||||
|
|
||||||
select id::text, status, applied_by_handle, applied_at
|
|
||||||
from kb_stage.kb_proposals
|
|
||||||
where id in (select id from (values
|
|
||||||
('a64df080-8502-42e2-98f4-9bbdecb8da73'::uuid)
|
|
||||||
) as v(id))
|
|
||||||
order by id;
|
|
||||||
|
|
@ -1,86 +0,0 @@
|
||||||
\set ON_ERROR_STOP on
|
|
||||||
-- Preflight for mapped rich proposal apply packet. Read-only.
|
|
||||||
|
|
||||||
select id::text, status, proposal_type, reviewed_by_handle, reviewed_at
|
|
||||||
from kb_stage.kb_proposals
|
|
||||||
where id in (select id from (values
|
|
||||||
('a64df080-8502-42e2-98f4-9bbdecb8da73'::uuid)
|
|
||||||
) as v(id))
|
|
||||||
order by id;
|
|
||||||
|
|
||||||
with required(id, reason) as (
|
|
||||||
values
|
|
||||||
('25a350e0-ebce-4072-8f2a-48427a727553'::uuid, 'claim_edges.to_claim'),
|
|
||||||
('2ef388ab-4102-4416-a6e1-ae6ba8ee02fa'::uuid, 'claim_edges.to_claim'),
|
|
||||||
('8f3e773e-4255-47a7-ba8f-61c57a43bebe'::uuid, 'claim_edges.to_claim'),
|
|
||||||
('93d583d9-5394-4e6a-97ca-bcd48796d94a'::uuid, 'claim_edges.to_claim'),
|
|
||||||
('be59b559-de8b-4dec-a7be-773188c0e632'::uuid, 'claim_edges.to_claim')
|
|
||||||
)
|
|
||||||
select 'missing_required_existing_claims' as check_name, id::text, reason
|
|
||||||
from required
|
|
||||||
where id is not null
|
|
||||||
and not exists (select 1 from public.claims where public.claims.id = required.id)
|
|
||||||
order by id;
|
|
||||||
|
|
||||||
-- Expected generated rows after authorized commit:
|
|
||||||
select 1::int as expected_reasoning_tools,
|
|
||||||
5::int as expected_claims,
|
|
||||||
13::int as expected_sources,
|
|
||||||
7::int as expected_claim_edges,
|
|
||||||
17::int as expected_claim_evidence;
|
|
||||||
|
|
||||||
-- Must be all zero before production apply.
|
|
||||||
select
|
|
||||||
(select count(*) from public.reasoning_tools where id in (select id from (values
|
|
||||||
('473ba7b0-ce44-5e77-bc46-ef82a49b6a3e'::uuid)
|
|
||||||
) as v(id))) as generated_reasoning_tool_rows,
|
|
||||||
(select count(*) from public.claims where id in (select id from (values
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid)
|
|
||||||
) as v(id))) as generated_claim_rows,
|
|
||||||
(select count(*) from public.sources where id in (select id from (values
|
|
||||||
('02b8c5ff-04fb-54e7-b132-e731086f1436'::uuid),
|
|
||||||
('4bd41552-8017-551a-84b5-19b0107c20b5'::uuid),
|
|
||||||
('bc081b04-709f-565a-af0b-95d4ca0589fa'::uuid),
|
|
||||||
('dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid),
|
|
||||||
('2df4bb44-4853-5455-8049-6dbb8685523b'::uuid),
|
|
||||||
('6fe15936-d5b9-514e-802f-32a2a06f4a23'::uuid),
|
|
||||||
('50e0d1ef-322b-5097-afe6-c9aa5ecea5fc'::uuid),
|
|
||||||
('621bb834-6366-5940-b6c3-c5f82ba35d48'::uuid),
|
|
||||||
('5f9dd7ca-83f8-5ea6-8e00-d9d13003f8fc'::uuid),
|
|
||||||
('97c3fc2f-16ae-5507-ad51-b1f4a1bcfb11'::uuid),
|
|
||||||
('11fa942d-e81a-5142-965d-3c60714a7dca'::uuid),
|
|
||||||
('263f423e-c16f-544c-ae5f-3e370e736e12'::uuid),
|
|
||||||
('0c87a244-afa2-5d08-8e79-9cb792aff553'::uuid)
|
|
||||||
) as v(id))) as generated_source_rows,
|
|
||||||
(select count(*) from public.claim_edges e join (values
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, '8f3e773e-4255-47a7-ba8f-61c57a43bebe'::uuid, 'supports'::edge_type),
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, '2ef388ab-4102-4416-a6e1-ae6ba8ee02fa'::uuid, 'relates'::edge_type),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, '25a350e0-ebce-4072-8f2a-48427a727553'::uuid, 'relates'::edge_type),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, 'be59b559-de8b-4dec-a7be-773188c0e632'::uuid, 'relates'::edge_type),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid, '93d583d9-5394-4e6a-97ca-bcd48796d94a'::uuid, 'relates'::edge_type),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, '2ef388ab-4102-4416-a6e1-ae6ba8ee02fa'::uuid, 'supports'::edge_type),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, '8f3e773e-4255-47a7-ba8f-61c57a43bebe'::uuid, 'supports'::edge_type)
|
|
||||||
) as v(from_claim, to_claim, edge_type) using (from_claim, to_claim, edge_type)) as generated_edge_rows,
|
|
||||||
(select count(*) from public.claim_evidence ce join (values
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, '5f9dd7ca-83f8-5ea6-8e00-d9d13003f8fc'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, 'dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('23927224-0d72-5b37-a600-33c63277f6a9'::uuid, '6fe15936-d5b9-514e-802f-32a2a06f4a23'::uuid, 'grounds'::evidence_role),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, '97c3fc2f-16ae-5507-ad51-b1f4a1bcfb11'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, '4bd41552-8017-551a-84b5-19b0107c20b5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, 'bc081b04-709f-565a-af0b-95d4ca0589fa'::uuid, 'grounds'::evidence_role),
|
|
||||||
('4701f303-ca9c-5da1-aa48-8cf28189c23c'::uuid, 'dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, '11fa942d-e81a-5142-965d-3c60714a7dca'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, 'dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, 'bc081b04-709f-565a-af0b-95d4ca0589fa'::uuid, 'grounds'::evidence_role),
|
|
||||||
('d2b2142b-c2d8-5e33-9a38-14598d94d715'::uuid, '6fe15936-d5b9-514e-802f-32a2a06f4a23'::uuid, 'grounds'::evidence_role),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid, '263f423e-c16f-544c-ae5f-3e370e736e12'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid, '2df4bb44-4853-5455-8049-6dbb8685523b'::uuid, 'grounds'::evidence_role),
|
|
||||||
('6014c3ea-3ba5-5ed1-bf15-31f6938e3fc3'::uuid, '6fe15936-d5b9-514e-802f-32a2a06f4a23'::uuid, 'grounds'::evidence_role),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, '0c87a244-afa2-5d08-8e79-9cb792aff553'::uuid, 'illustrates'::evidence_role),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, '4bd41552-8017-551a-84b5-19b0107c20b5'::uuid, 'grounds'::evidence_role),
|
|
||||||
('12d2c4aa-1c23-5173-b666-dea903dd7432'::uuid, 'dc1c238c-f835-5641-980a-f0fe53f8dfe5'::uuid, 'grounds'::evidence_role)
|
|
||||||
) as v(claim_id, source_id, role) using (claim_id, source_id, role)) as generated_evidence_rows;
|
|
||||||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
|
@ -1,22 +0,0 @@
|
||||||
# KB Apply Canary
|
|
||||||
|
|
||||||
Generated UTC: `2026-07-09T16:54:42.786343+00:00`
|
|
||||||
Mode: `execute`
|
|
||||||
Proposal: `00957f6c-9883-4015-95a4-6b09367efb0e`
|
|
||||||
Overall: `pass`
|
|
||||||
Mutated canonical DB: `True`
|
|
||||||
Changed Leo runtime: `False`
|
|
||||||
|
|
||||||
## Pass Conditions
|
|
||||||
|
|
||||||
- `before_read_ok`: `True`
|
|
||||||
- `before_was_pending_or_already_applied`: `True`
|
|
||||||
- `executed_or_plan`: `True`
|
|
||||||
- `after_applied_when_execute`: `True`
|
|
||||||
- `edge_present_when_execute`: `True`
|
|
||||||
|
|
||||||
## Claim Ceiling
|
|
||||||
|
|
||||||
Plan mode is read-only. Execute mode proves one canonical add_edge apply path and does not restart or alter Leo runtime. It does not prove freeform approved proposals without apply_payload can apply.
|
|
||||||
|
|
||||||
JSON proof: `/Users/user/Documents/Codex/2026-07-09/019f34eb-d297-72d0-b7e2-b222d5515ab9-load/outputs/kb-apply-canary-20260709/kb-apply-canary-execute-current.json`
|
|
||||||
|
|
@ -1,27 +0,0 @@
|
||||||
# KB Apply Canary
|
|
||||||
|
|
||||||
Generated UTC: `2026-07-09T18:57:52.311900+00:00`
|
|
||||||
Mode: `plan`
|
|
||||||
Proposal: `00957f6c-9883-4015-95a4-6b09367efb0e`
|
|
||||||
Overall: `pass`
|
|
||||||
Mutated canonical DB: `False`
|
|
||||||
Changed Leo runtime: `False`
|
|
||||||
|
|
||||||
## Pass Conditions
|
|
||||||
|
|
||||||
- `before_read_ok`: `True`
|
|
||||||
- `before_was_pending_or_already_applied`: `True`
|
|
||||||
- `approve_step_ok_when_execute`: `True`
|
|
||||||
- `dry_run_apply_step_ok_when_execute`: `True`
|
|
||||||
- `apply_step_ok_when_execute`: `True`
|
|
||||||
- `after_read_ok_when_execute`: `True`
|
|
||||||
- `duplicate_apply_rejected_when_execute`: `True`
|
|
||||||
- `all_required_step_returncodes_ok`: `True`
|
|
||||||
- `after_applied_when_execute`: `True`
|
|
||||||
- `edge_present_when_execute`: `True`
|
|
||||||
|
|
||||||
## Claim Ceiling
|
|
||||||
|
|
||||||
Plan mode is read-only. Execute mode proves one canonical add_edge apply path and does not restart or alter Leo runtime. It does not prove freeform approved proposals without apply_payload can apply.
|
|
||||||
|
|
||||||
JSON proof: `/Users/user/Documents/Codex/2026-07-09/019f34eb-d297-72d0-b7e2-b222d5515ab9-load/outputs/kb-apply-canary-20260709/kb-apply-canary-plan-current.json`
|
|
||||||
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue