From f6702cea970273c1647f5ebff25da04740381787 Mon Sep 17 00:00:00 2001 From: planner-bot Date: Wed, 15 Apr 2026 03:42:12 +0000 Subject: [PATCH 1/6] chore: migrate ops repo structure to canonical layout --- RESOURCES.md | 5 +++++ evidence/engagement/.gitkeep | 0 evidence/evolution/.gitkeep | 0 evidence/holdout/.gitkeep | 0 evidence/red-team/.gitkeep | 0 evidence/user-test/.gitkeep | 0 knowledge/.gitkeep | 0 portfolio.md | 5 +++++ sprints/.gitkeep | 0 vault/approved/.gitkeep | 0 vault/fired/.gitkeep | 0 vault/pending/.gitkeep | 0 vault/rejected/.gitkeep | 0 13 files changed, 10 insertions(+) create mode 100644 RESOURCES.md create mode 100644 evidence/engagement/.gitkeep create mode 100644 evidence/evolution/.gitkeep create mode 100644 evidence/holdout/.gitkeep create mode 100644 evidence/red-team/.gitkeep create mode 100644 evidence/user-test/.gitkeep create mode 100644 knowledge/.gitkeep create mode 100644 portfolio.md create mode 100644 sprints/.gitkeep create mode 100644 vault/approved/.gitkeep create mode 100644 vault/fired/.gitkeep create mode 100644 vault/pending/.gitkeep create mode 100644 vault/rejected/.gitkeep diff --git a/RESOURCES.md b/RESOURCES.md new file mode 100644 index 0000000..aae9292 --- /dev/null +++ b/RESOURCES.md @@ -0,0 +1,5 @@ +# RESOURCES + +## Overview + + diff --git a/evidence/engagement/.gitkeep b/evidence/engagement/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/evidence/evolution/.gitkeep b/evidence/evolution/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/evidence/holdout/.gitkeep b/evidence/holdout/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/evidence/red-team/.gitkeep b/evidence/red-team/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/evidence/user-test/.gitkeep b/evidence/user-test/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/knowledge/.gitkeep b/knowledge/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/portfolio.md b/portfolio.md new file mode 100644 index 0000000..7158d78 --- /dev/null +++ b/portfolio.md @@ -0,0 +1,5 @@ +# Portfolio + +## Overview + + diff --git a/sprints/.gitkeep b/sprints/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/vault/approved/.gitkeep b/vault/approved/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/vault/fired/.gitkeep b/vault/fired/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/vault/pending/.gitkeep b/vault/pending/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/vault/rejected/.gitkeep b/vault/rejected/.gitkeep new file mode 100644 index 0000000..e69de29 From 7f9d5224bae827dd4f1acd77d83fbdcb41620709 Mon Sep 17 00:00:00 2001 From: planner-bot Date: Wed, 15 Apr 2026 03:47:57 +0000 Subject: [PATCH 2/6] chore: planner run 2026-04-15 --- prerequisites.md | 49 ++++++++++++++----- .../pending/disinto-ops-branch-protection.md | 31 ++++++++++++ 2 files changed, 68 insertions(+), 12 deletions(-) create mode 100644 vault/pending/disinto-ops-branch-protection.md diff --git a/prerequisites.md b/prerequisites.md index d61ecf6..497eb8f 100644 --- a/prerequisites.md +++ b/prerequisites.md @@ -1,5 +1,5 @@ # Prerequisite Tree - + ## Objective: Foundation — Core agent loop (dev → CI → review → merge) - [x] dev-agent picks up backlog issues (dev/dev-agent.sh exists) @@ -8,6 +8,9 @@ - [x] Stale in-progress recovery (#224 — closed) - [x] Agent race condition fix (#160 — closed) - [x] Dispatcher grep Alpine fix (#150 — closed) +- [x] Dev-poll post-crash deadlock (#749 — closed) +- [x] Entrypoint wait deadlock (#753 — closed) +- [x] Credential helper race on cold boot (#741 — closed) Status: DONE ## Objective: Foundation — Supervisor health monitoring @@ -18,7 +21,7 @@ Status: DONE ## Objective: Foundation — Planner gap analysis against vision - [x] Planner formula exists (run-planner.toml v4) - [x] planner-run.sh cron wrapper exists -- [x] Planning runs established and maintaining prerequisite tree (run 1: 2026-04-05, run 2: 2026-04-08) +- [x] Planning runs established (run 1: 2026-04-05, run 2: 2026-04-08, run 3: 2026-04-15) Status: DONE ## Objective: Foundation — Multi-project support @@ -29,7 +32,7 @@ Status: DONE ## Objective: Foundation — Knowledge graph for structural defect detection - [x] networkx package installed in agents container (#220 — closed) - [x] build-graph.py exists in lib/ -- [x] Graph report generating successfully (165 nodes, 137 edges as of 2026-04-08) +- [x] Graph report generating successfully (208 nodes, 291 edges as of 2026-04-15) Status: DONE ## Objective: Foundation — Predictor-planner adversarial feedback loop @@ -45,24 +48,44 @@ Status: DONE - [x] disinto init re-run stability (#158 — closed) - [x] disinto init repo creation API endpoint (#164 — closed) - [x] Prediction labels created during init (#225 — closed) -- [ ] Ops repo migration for existing deployments (#425 — backlog+priority) -Status: BLOCKED — #425 ops repo missing dirs on existing deployments +- [x] Ops repo migration for existing deployments (#425 — closed, #688 — closed) +- [ ] Ops repo branch protection blocks agent writes (#758 — blocked, bug-report) blocked-on-vault (vault/pending/disinto-ops-branch-protection.md) +Status: BLOCKED — #758 ops repo branch protection prevents agent writes ## Objective: Adoption — Built-in Forgejo + Woodpecker CI - [x] Docker compose with Forgejo + Woodpecker - [x] Woodpecker OAuth2 redirect URI fix (#172 — closed) - [x] WOODPECKER_HOST override fix (#178 — closed) +- [x] CI exhaustion root cause fixed (#742 — closed) Status: DONE ## Objective: Adoption — Landing page communicating value proposition - [x] Website addressable exists (disinto.ai) -- [ ] Website observability — no engagement measurement (#426 — vision) -Status: BLOCKED — no evidence process connected to website +- [x] Evidence/engagement directory setup (#747 — closed) +- [x] Format-detection guard in collect-engagement.sh (#746 — closed) +- [ ] Collect-engagement formula + container script (#745 — backlog+priority, retry) +- [ ] Website observability — engagement measurement wired (#426 — vision) +Status: BLOCKED — #745 needs successful dev-agent run, then #426 design decisions ## Objective: Adoption — Example project demonstrating full lifecycle -- [ ] No example project exists -- [ ] Requires verified bootstrap (#425) -Status: BLOCKED — depends on bootstrap completion and ops repo migration +- [x] Bootstrap path verified (#425, #688 — closed) +- [ ] Example project design and implementation (#697 — vision+priority) +Status: BLOCKED — #697 needs design (vision-level), depends on verified bootstrap (now unblocked) + +## Objective: Adoption — Subpath routing + Forgejo-OAuth-gated Claude chat (#623) +- [x] Caddy subpath routing skeleton (#704 — closed) +- [x] Chat container scaffold (#705 — closed) +- [x] Chat sandbox hardening (#706 — closed) +- [x] Forgejo OAuth gate (#708 — closed) +- [x] Caddy Remote-User forwarding (#709 — closed) +- [x] Conversation history persistence (#710 — closed) +- [x] Cost caps + rate limiting (#711 — closed) +- [x] Per-project subdomain fallback (#713 — closed) +- [ ] Claude identity isolation (#707 — backlog+priority, ready for retry after #742 fix) +- [ ] Escalation tools (#712 — backlog+priority, ready for retry after #742 fix) +Status: BLOCKED — 2 sub-issues remaining (#707, #712), both cleared for retry + +## --- ADOPTION MILESTONE: IN PROGRESS --- ## Objective: Ship (Fold 2) — Deploy profiles per artifact type - [ ] No deploy profiles defined @@ -72,8 +95,9 @@ Status: BLOCKED — not started, needs design (vision-level) ## Objective: Ship (Fold 2) — Vault-gated fold transitions - [x] Vault redesign complete (#73-#77 — all closed) - [x] Vault PR workflow documented (docs/VAULT.md) -- [ ] Vault directories complete in ops repo (#425 — approved/fired/rejected missing) -Status: BLOCKED — #425 ops repo dirs needed for vault workflow +- [x] Vault directories seeded in ops repo (#425, #688 — closed) +- [ ] Ops repo branch protection blocks vault item visibility (#758) blocked-on-vault (vault/pending/disinto-ops-branch-protection.md) +Status: BLOCKED — #758 prevents vault items from reaching remote ## Objective: Ship (Fold 2) — Engagement measurement baked into deploy pipelines - [ ] No engagement measurement exists @@ -82,6 +106,7 @@ Status: BLOCKED — depends on deploy profiles + website observability (#426) ## Objective: Ship (Fold 2) — Rent-a-human for gated channels - [x] run-rent-a-human formula exists +- [x] Caddy SSH key setup documented (#748 — closed) - [ ] Not yet exercised in production Status: READY diff --git a/vault/pending/disinto-ops-branch-protection.md b/vault/pending/disinto-ops-branch-protection.md new file mode 100644 index 0000000..4e52353 --- /dev/null +++ b/vault/pending/disinto-ops-branch-protection.md @@ -0,0 +1,31 @@ +# Request: Remove or relax ops repo branch protection for agent writes + +## What +The ops repo (`disinto-ops`) has branch protection on `main` that requires approvals, but no bot account has sufficient permissions to merge. The `planner-bot` has push access but cannot merge. The `review-bot` can approve but cannot push or merge. No admin token is available to agents. + +This means `prerequisites.md`, `knowledge/planner-memory.md`, and vault items have been accumulating **only locally** since planner run 2 (2026-04-08). The remote `origin/main` is frozen. + +## Why +Blocks #758 (ops repo branch protection), which blocks ALL agent ops-repo writes: planner prerequisite tree, planner memory, evidence collection, vault pending items. Every agent that writes to the ops repo is silently failing. + +Downstream: blocks website observability (#426), collect-engagement (#745), and the entire evidence pipeline. + +Waiting since 2026-04-08 (first observed planner run 2). + +## Human action +1. In Forgejo, go to `disinto-ops` → Settings → Branch Protection → `main` +2. Either: + - **Option A (recommended):** Remove branch protection from `disinto-ops` entirely — the ops repo is an internal artifact, not production code. Agent writes should flow freely. + - **Option B:** Add `planner-bot` and `dev-bot` to the push/merge allowlist so they can push directly to `main`. +3. Verify by running: `cd disinto-ops && git push origin main` from the agents container. + +## Factory will then +- Planner will push prerequisite tree updates and memory to `origin/main` +- Evidence collection (#745) will unblock — collect-engagement formula can commit to ops repo +- Vault pending items will be visible on the remote for human review +- All agents writing to ops repo will resume normal operation + +## Unblocks +- #758 — ops repo branch protection blocks all agent writes +- #745 — collect-engagement formula (indirectly, if the no_push is ops-related) +- #426 — website observability (downstream) From 74dc64d134fff526b5176feab616c718adb1d917 Mon Sep 17 00:00:00 2001 From: planner-bot Date: Wed, 15 Apr 2026 07:30:41 +0000 Subject: [PATCH 3/6] chore: planner run 2026-04-15 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Chat vision #623: all 10 sub-issues closed → DONE - #745 collect-engagement merged (PR #761) - Added #765 (planner PR-based ops flow) as bootstrap prerequisite - Added architect reliability objective (#762, #764) - Updated graph stats (211 nodes, 302 edges) --- prerequisites.md | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/prerequisites.md b/prerequisites.md index 497eb8f..ed5f5f3 100644 --- a/prerequisites.md +++ b/prerequisites.md @@ -32,7 +32,7 @@ Status: DONE ## Objective: Foundation — Knowledge graph for structural defect detection - [x] networkx package installed in agents container (#220 — closed) - [x] build-graph.py exists in lib/ -- [x] Graph report generating successfully (208 nodes, 291 edges as of 2026-04-15) +- [x] Graph report generating successfully (211 nodes, 302 edges as of 2026-04-15) Status: DONE ## Objective: Foundation — Predictor-planner adversarial feedback loop @@ -50,7 +50,8 @@ Status: DONE - [x] Prediction labels created during init (#225 — closed) - [x] Ops repo migration for existing deployments (#425 — closed, #688 — closed) - [ ] Ops repo branch protection blocks agent writes (#758 — blocked, bug-report) blocked-on-vault (vault/pending/disinto-ops-branch-protection.md) -Status: BLOCKED — #758 ops repo branch protection prevents agent writes +- [ ] Planner PR-based ops flow (#765 — backlog+priority, engineering fix for #758) +Status: BLOCKED — #758 ops repo branch protection; #765 filed as engineering fix ## Objective: Adoption — Built-in Forgejo + Woodpecker CI - [x] Docker compose with Forgejo + Woodpecker @@ -63,27 +64,32 @@ Status: DONE - [x] Website addressable exists (disinto.ai) - [x] Evidence/engagement directory setup (#747 — closed) - [x] Format-detection guard in collect-engagement.sh (#746 — closed) -- [ ] Collect-engagement formula + container script (#745 — backlog+priority, retry) +- [x] Collect-engagement formula + container script (#745 — closed, PR #761) - [ ] Website observability — engagement measurement wired (#426 — vision) -Status: BLOCKED — #745 needs successful dev-agent run, then #426 design decisions +Status: BLOCKED — #426 needs design decisions (vision-level), engagement collection now available ## Objective: Adoption — Example project demonstrating full lifecycle - [x] Bootstrap path verified (#425, #688 — closed) - [ ] Example project design and implementation (#697 — vision+priority) -Status: BLOCKED — #697 needs design (vision-level), depends on verified bootstrap (now unblocked) +Status: BLOCKED — #697 needs design (vision-level), bootstrap path verified ## Objective: Adoption — Subpath routing + Forgejo-OAuth-gated Claude chat (#623) - [x] Caddy subpath routing skeleton (#704 — closed) - [x] Chat container scaffold (#705 — closed) - [x] Chat sandbox hardening (#706 — closed) +- [x] Claude identity isolation (#707 — closed) - [x] Forgejo OAuth gate (#708 — closed) - [x] Caddy Remote-User forwarding (#709 — closed) - [x] Conversation history persistence (#710 — closed) - [x] Cost caps + rate limiting (#711 — closed) +- [x] Escalation tools (#712 — closed) - [x] Per-project subdomain fallback (#713 — closed) -- [ ] Claude identity isolation (#707 — backlog+priority, ready for retry after #742 fix) -- [ ] Escalation tools (#712 — backlog+priority, ready for retry after #742 fix) -Status: BLOCKED — 2 sub-issues remaining (#707, #712), both cleared for retry +Status: DONE — all 10 sub-issues closed, parent #623 awaiting architect close + +## Objective: Adoption — Architect agent reliability +- [ ] Architect FORGE_TOKEN override bug (#762 — in-progress, priority) +- [ ] Architect pitch prompt guardrail bypass (#764 — backlog+priority) +Status: BLOCKED — #762 in-progress, #764 queued ## --- ADOPTION MILESTONE: IN PROGRESS --- From f6568ee8b71461e6a8807bc8972c5ed6563eb4fe Mon Sep 17 00:00:00 2001 From: architect-bot Date: Wed, 15 Apr 2026 07:59:40 +0000 Subject: [PATCH 4/6] vault: file action fix-ops-branch-protection-20260415 --- vault/actions/fix-ops-branch-protection-20260415.toml | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 vault/actions/fix-ops-branch-protection-20260415.toml diff --git a/vault/actions/fix-ops-branch-protection-20260415.toml b/vault/actions/fix-ops-branch-protection-20260415.toml new file mode 100644 index 0000000..91ed915 --- /dev/null +++ b/vault/actions/fix-ops-branch-protection-20260415.toml @@ -0,0 +1,5 @@ +id = "fix-ops-branch-protection-20260415" +formula = "run-rent-a-human" +context = "The ops repo disinto-ops has branch protection on main that prevents all agent merges. planner-bot has push but cannot merge; review-bot can approve but cannot push. This has frozen all ops state since 2026-04-08 (PR disinto-ops#30 stuck with 2 approvals but cannot merge). Action needed: add planner-bot to the merge bypass list in Forgejo branch protection settings for disinto-ops, OR remove branch protection from disinto-ops main (agents are primary writers). Unblocks issue #758." +secrets = [] +blast_radius = "low" From 1a39a3ed800c0ed2564261b6527103c053997a20 Mon Sep 17 00:00:00 2001 From: planner-bot Date: Wed, 15 Apr 2026 09:29:43 +0000 Subject: [PATCH 5/6] chore: planner run 2026-04-15 - Architect reliability objective DONE (#762, #764 closed) - Chat objective DONE (all sub-issues closed) - Added bootstrap reproducibility cluster (#769-#772) - Added #773 vault bug, #429 versioned images tracking - Priority: +#769 (blocks bootstrap), -#765 (blocked) - Graph: 217 nodes, 317 edges, healthy Co-Authored-By: Claude Opus 4.6 --- prerequisites.md | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) diff --git a/prerequisites.md b/prerequisites.md index ed5f5f3..772b922 100644 --- a/prerequisites.md +++ b/prerequisites.md @@ -32,7 +32,7 @@ Status: DONE ## Objective: Foundation — Knowledge graph for structural defect detection - [x] networkx package installed in agents container (#220 — closed) - [x] build-graph.py exists in lib/ -- [x] Graph report generating successfully (211 nodes, 302 edges as of 2026-04-15) +- [x] Graph report generating successfully (217 nodes, 317 edges as of 2026-04-15) Status: DONE ## Objective: Foundation — Predictor-planner adversarial feedback loop @@ -49,9 +49,14 @@ Status: DONE - [x] disinto init repo creation API endpoint (#164 — closed) - [x] Prediction labels created during init (#225 — closed) - [x] Ops repo migration for existing deployments (#425 — closed, #688 — closed) +- [x] Edge service restart policy (#768 — closed) - [ ] Ops repo branch protection blocks agent writes (#758 — blocked, bug-report) blocked-on-vault (vault/pending/disinto-ops-branch-protection.md) -- [ ] Planner PR-based ops flow (#765 — backlog+priority, engineering fix for #758) -Status: BLOCKED — #758 ops repo branch protection; #765 filed as engineering fix +- [ ] Planner PR-based ops flow (#765 — blocked, engineering fix for #758) +- [ ] agents-llama as first-class generator service (#769 — backlog) +- [ ] disinto up should regenerate compose/Caddyfile from generators.sh (#770 — backlog, depends on #769) +- [ ] Deprecate tracked docker/Caddyfile (#771 — backlog) +- [ ] disinto down && disinto up reproducibility (#772 — blocked, depends on #769+#770+#771) +Status: BLOCKED — #758 ops repo branch protection (human action needed); #769-#771 in backlog for bootstrap reproducibility ## Objective: Adoption — Built-in Forgejo + Woodpecker CI - [x] Docker compose with Forgejo + Woodpecker @@ -66,7 +71,7 @@ Status: DONE - [x] Format-detection guard in collect-engagement.sh (#746 — closed) - [x] Collect-engagement formula + container script (#745 — closed, PR #761) - [ ] Website observability — engagement measurement wired (#426 — vision) -Status: BLOCKED — #426 needs design decisions (vision-level), engagement collection now available +Status: BLOCKED — #426 needs design decisions (vision-level), engagement collection infrastructure ready ## Objective: Adoption — Example project demonstrating full lifecycle - [x] Bootstrap path verified (#425, #688 — closed) @@ -87,9 +92,13 @@ Status: BLOCKED — #697 needs design (vision-level), bootstrap path verified Status: DONE — all 10 sub-issues closed, parent #623 awaiting architect close ## Objective: Adoption — Architect agent reliability -- [ ] Architect FORGE_TOKEN override bug (#762 — in-progress, priority) -- [ ] Architect pitch prompt guardrail bypass (#764 — backlog+priority) -Status: BLOCKED — #762 in-progress, #764 queued +- [x] Architect FORGE_TOKEN override bug (#762 — closed 2026-04-15) +- [x] Architect pitch prompt guardrail bypass (#764 — closed 2026-04-15) +Status: DONE + +## Objective: Adoption — Versioned agent images (#429) +- [ ] Publish versioned agent images — compose should use image: not build: (#429 — in-progress, vision) +Status: IN PROGRESS — #429 being worked on ## --- ADOPTION MILESTONE: IN PROGRESS --- @@ -103,7 +112,8 @@ Status: BLOCKED — not started, needs design (vision-level) - [x] Vault PR workflow documented (docs/VAULT.md) - [x] Vault directories seeded in ops repo (#425, #688 — closed) - [ ] Ops repo branch protection blocks vault item visibility (#758) blocked-on-vault (vault/pending/disinto-ops-branch-protection.md) -Status: BLOCKED — #758 prevents vault items from reaching remote +- [ ] vault_request RETURN trap fires prematurely (#773 — backlog, bug-report) +Status: BLOCKED — #758 prevents vault items from reaching remote; #773 vault bug in backlog ## Objective: Ship (Fold 2) — Engagement measurement baked into deploy pipelines - [ ] No engagement measurement exists From dcc9649dbdf0ba5fa0bfd5dfdfc9c3883969acbd Mon Sep 17 00:00:00 2001 From: planner-bot Date: Wed, 15 Apr 2026 10:04:46 +0000 Subject: [PATCH 6/6] vault: add fix-ops-branch-protection-20260415 --- .../fix-ops-branch-protection-20260415.toml | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 vault/actions/fix-ops-branch-protection-20260415.toml diff --git a/vault/actions/fix-ops-branch-protection-20260415.toml b/vault/actions/fix-ops-branch-protection-20260415.toml new file mode 100644 index 0000000..ba99891 --- /dev/null +++ b/vault/actions/fix-ops-branch-protection-20260415.toml @@ -0,0 +1,23 @@ +# Vault action: fix-ops-branch-protection-20260415 +# Filed by: gardener (2026-04-15) +# Unblocks: #758, #765 + +context = "Ops repo (disinto-admin/disinto-ops) branch protection on main requires approvals but no bot account has sufficient permissions to merge PRs. planner-bot has push but cannot merge. review-bot can approve but cannot push/merge. ops/main frozen at v0.2.0 since 2026-04-08. Knowledge, vault items, and sprint artifacts accumulate locally and are lost on container restart." + +unblocks = ["#758", "#765"] + +[action_required] +description = """ +Choose ONE of the following: + +Option 1 (recommended): Add planner-bot to the merge allowlist in disinto-ops branch protection. + Forgejo admin UI: disinto-admin/disinto-ops > Settings > Branches > main > Edit + Under 'Whitelist Merge': add planner-bot + +Option 2: Remove branch protection from disinto-ops main. + Agents are the primary writers; branch protection adds friction without safety benefit here. + +Option 3: Create an admin-level FORGE_ADMIN_TOKEN and add to agent secrets. + Create a Forgejo admin user or promote an existing bot, issue a token, + add to agent container environment as FORGE_ADMIN_TOKEN. +"""