molecule-ai/molecule-core
49
0
Fork 2
Code Issues 146 Pull Requests 159 Actions 5 Packages Projects Releases Wiki Activity

seed(workspaces): production-team agent identity (internal#492 followup to #1427) #1563

Merged
hongming merged 1 commits from feat/agent-card-identity-seed-prod-team-internal-492-followup into main 2026-05-19 03:59:36 +00:00
Conversation 4 Commits 1 Files Changed 2
+235
infra-runtime-be commented 2026-05-19 03:09:16 +00:00
Member
Copy Link
Copy Source

Summary

Follow-up to merged PR #1427 (server-side agent_card reconcile, internal#492).

PR #1427 added the platform-side backfill that pulls workspaces.name and workspaces.role into the stored agent_card on /registry/register. The reconcile only ever FILLS gaps; without a populated workspaces row it has nothing to substitute and the prod-team cards keep showing name=UUID / description="" / role=null — the exact gap internal#492 is filed against.

This PR seeds name, role, and the agent_card JSONB (description + skills[]) for the 6 CTO-locked production-team workspaces (PM, Reviewer, Researcher, Dev-A, Dev-B, CEO-Assistant). Idempotent UPDATEs only — no INSERTs, no schema change, zero behaviour change for any workspace outside the prod team.

Drafted entries

role description skills
product manager Read-only A2A coordinator that plans work and delegates to Dev/Reviewer/Researcher peers; never writes code itself. planning, delegation, coordination, read-only
code reviewer Non-author 5-axis review on codex/openai-subscription; runs the merge gate, never approves PRs it authored. code-review, security-axis, correctness-axis, non-author-approve
researcher Diagnostic investigation on codex/openai-subscription; obs-first, source-as-corroboration, no drive-by fixes. root-cause, obs-first, log-correlation, source-archaeology
dev engineer (Dev-A) Claude Code routed to Kimi K2.6 via api.kimi.com/coding; implements PRs against the dev-tree protected branches. implementation, test-driven, bug-fixing, refactoring
dev engineer (Dev-B) Claude Code routed to MiniMax via api.minimax.io/anthropic; parallel dev capacity to Dev-A on the same gate. implementation, test-driven, bug-fixing, refactoring
operator orchestrator Orchestrator-side Claude Code that runs the triage loop, relays canvas and Telegram, dispatches non-author reviewers. triage-loop, review-routing, canvas-relay, ops

Schema fields used (vendor-doc-checked)

  • workspaces.name (TEXT NOT NULL), workspaces.role (TEXT) — 001_workspaces.sql
  • agent_card (JSONB) shape: name / description / role / skills[{id,name,description,tags,examples}] — workspace/main.py:197-222 (AgentCard ctor + AgentSkill stubs)
  • validateWorkspaceFields contract: name<=255, role<=1000, no YAML special chars, no newline/CR — workspace-server/internal/handlers/workspace_crud.go:526
  • description is NOT a workspaces column — it lives inside the agent_card JSONB (the reconcile defaults it from name when blank). skills[] is also JSONB-only.
  • CEO-Assistant full UUID 30ba7f0b-b303-4a20-aefe-3a4a675b8aa4 known from chat_files_test.go:286. Other 5 matched by 8-char prefix LIKE per the topology memory (CTO confirms on review each resolves to a single row).

Deviation from intent

  • User framed entries as a flat (role, description, skills) table. The canonical schema scatters identity across workspaces.{name,role} columns + agent_card JSONB (description, skills[]). I used the canonical schema for each field, NOT the framing.
  • 5 of 6 workspace UUIDs were provided as 8-char prefixes only — I used id::text LIKE 'prefix-%' so the reviewer can verify without DB access. CTO can collapse to exact UUIDs on review if preferred.

Test plan

  • CTO confirms each prefix resolves to exactly one prod workspace row
  • Apply migration in staging tenant DB; verify list_peers returns name+role+description for each of the 6 peers
  • Verify peer_name / peer_role tags in delivered envelopes reflect new identity
  • Re-run /registry/register on each prod-team workspace; confirm reconcile keeps the seeded card (no downgrade)

NOT merged — leaving for CTO review per dev-tree two-eyes gate.

cc: internal#492, follows #1427

## Summary Follow-up to merged PR #1427 (server-side agent_card reconcile, internal#492). PR #1427 added the platform-side backfill that pulls workspaces.name and workspaces.role into the stored agent_card on /registry/register. The reconcile only ever FILLS gaps; without a populated workspaces row it has nothing to substitute and the prod-team cards keep showing name=UUID / description="" / role=null — the exact gap internal#492 is filed against. This PR seeds name, role, and the agent_card JSONB (description + skills[]) for the 6 CTO-locked production-team workspaces (PM, Reviewer, Researcher, Dev-A, Dev-B, CEO-Assistant). Idempotent UPDATEs only — no INSERTs, no schema change, zero behaviour change for any workspace outside the prod team. ## Drafted entries | role | description | skills | | --- | --- | --- | | product manager | Read-only A2A coordinator that plans work and delegates to Dev/Reviewer/Researcher peers; never writes code itself. | planning, delegation, coordination, read-only | | code reviewer | Non-author 5-axis review on codex/openai-subscription; runs the merge gate, never approves PRs it authored. | code-review, security-axis, correctness-axis, non-author-approve | | researcher | Diagnostic investigation on codex/openai-subscription; obs-first, source-as-corroboration, no drive-by fixes. | root-cause, obs-first, log-correlation, source-archaeology | | dev engineer (Dev-A) | Claude Code routed to Kimi K2.6 via api.kimi.com/coding; implements PRs against the dev-tree protected branches. | implementation, test-driven, bug-fixing, refactoring | | dev engineer (Dev-B) | Claude Code routed to MiniMax via api.minimax.io/anthropic; parallel dev capacity to Dev-A on the same gate. | implementation, test-driven, bug-fixing, refactoring | | operator orchestrator | Orchestrator-side Claude Code that runs the triage loop, relays canvas and Telegram, dispatches non-author reviewers. | triage-loop, review-routing, canvas-relay, ops | ## Schema fields used (vendor-doc-checked) - workspaces.name (TEXT NOT NULL), workspaces.role (TEXT) — 001_workspaces.sql - agent_card (JSONB) shape: name / description / role / skills[{id,name,description,tags,examples}] — workspace/main.py:197-222 (AgentCard ctor + AgentSkill stubs) - validateWorkspaceFields contract: name<=255, role<=1000, no YAML special chars, no newline/CR — workspace-server/internal/handlers/workspace_crud.go:526 - description is NOT a workspaces column — it lives inside the agent_card JSONB (the reconcile defaults it from name when blank). skills[] is also JSONB-only. - CEO-Assistant full UUID 30ba7f0b-b303-4a20-aefe-3a4a675b8aa4 known from chat_files_test.go:286. Other 5 matched by 8-char prefix LIKE per the topology memory (CTO confirms on review each resolves to a single row). ## Deviation from intent - User framed entries as a flat (role, description, skills) table. The canonical schema scatters identity across workspaces.{name,role} columns + agent_card JSONB (description, skills[]). I used the canonical schema for each field, NOT the framing. - 5 of 6 workspace UUIDs were provided as 8-char prefixes only — I used id::text LIKE 'prefix-%' so the reviewer can verify without DB access. CTO can collapse to exact UUIDs on review if preferred. ## Test plan - [ ] CTO confirms each prefix resolves to exactly one prod workspace row - [ ] Apply migration in staging tenant DB; verify list_peers returns name+role+description for each of the 6 peers - [ ] Verify peer_name / peer_role tags in delivered envelopes reflect new identity - [ ] Re-run /registry/register on each prod-team workspace; confirm reconcile keeps the seeded card (no downgrade) NOT merged — leaving for CTO review per dev-tree two-eyes gate. cc: internal#492, follows #1427
infra-runtime-be added 1 commit 2026-05-19 03:09:17 +00:00
seed(workspaces): production-team agent identity (internal#492 followup to #1427)
Lint shellcheck (arm64 pilot) / shellcheck-arm64 (pilot) (pull_request) Waiting to run
Details
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 4s
Details
Check migration collisions / Migration version collision check (pull_request) Successful in 18s
Details
CI / Detect changes (pull_request) Successful in 19s
Details
CI / Shellcheck (E2E scripts) (pull_request) Failing after 18s
Details
CI / all-required (pull_request) Failing after 19s
Details
E2E API Smoke Test / detect-changes (pull_request) Successful in 7s
Details
Handlers Postgres Integration / detect-changes (pull_request) Successful in 3s
Details
Harness Replays / detect-changes (pull_request) Successful in 3s
Details
Lint forbidden tenant-env keys / Scan workspace_secrets writers for forbidden env keys (pull_request) Successful in 3s
Details
E2E Chat / detect-changes (pull_request) Successful in 17s
Details
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 16s
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 16s
Details
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 17s
Details
lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 22s
Details
security-review / approved (pull_request) Failing after 5s
Details
qa-review / approved (pull_request) Failing after 11s
Details
gate-check-v3 / gate-check (pull_request) Successful in 11s
Details
sop-checklist / na-declarations (pull_request) N/A: (none)
Details
sop-checklist / all-items-acked (pull_request) Successful in 4s
Details
sop-tier-check / tier-check (pull_request) Successful in 7s
Details
Harness Replays / Harness Replays (pull_request) Successful in 10s
Details
E2E API Smoke Test / E2E API Smoke Test (pull_request) Failing after 1m10s
Details
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 2s
Details
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 2s
Details
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 2m28s
Details
E2E Staging External Runtime / E2E Staging External Runtime (pull_request) Successful in 5m12s
Details
CI / Platform (Go) (pull_request) Successful in 5m43s
Details
CI / Canvas (Next.js) (pull_request) Successful in 6m48s
Details
CI / Python Lint & Test (pull_request) Successful in 6m50s
Details
CI / Canvas Deploy Reminder (pull_request) Has been skipped
Details
E2E Chat / E2E Chat (pull_request) Failing after 6m14s
Details
a3cd84cba3 
PR #1427 added the platform-side reconcile (`agent_card_reconcile.go`)
that pulls workspaces.name and workspaces.role into the stored
agent_card on /registry/register. The reconcile only ever FILLS gaps —
without a populated workspaces row it has nothing to substitute and
the prod-team cards keep showing name=UUID / description="" / role=null
(the exact gap internal#492 is filed against).

This migration seeds name, role, and the agent_card JSONB
(description + skills[]) for the 6 CTO-locked production-team
workspaces (PM, Reviewer, Researcher, Dev-A, Dev-B, CEO-Assistant).
Idempotent UPDATEs only — no INSERTs, no schema change, zero behaviour
change for any workspace outside the prod team.

Schema sources (vendor-doc-checked):
- workspaces.{name,role} columns: 001_workspaces.sql
- agent_card JSONB shape (name/description/skills[{id,name,description,tags,examples}]/role): workspace/main.py:197-222
- validateWorkspaceFields contract (name<=255, role<=1000, no YAML
  special chars `{}[]|>*&!`, no newline/CR): workspace-server/internal/handlers/workspace_crud.go:526

CEO-Assistant uses the full UUID known from
workspace-server/internal/handlers/chat_files_test.go:286. The other
five rows are matched by 8-char prefix LIKE — the CTO will confirm on
review that each prefix resolves to a single tenant row.

NOT merged — CTO review pending per the dev-tree two-eyes gate.
core-devops approved these changes 2026-05-19 03:34:18 +00:00
Dismissed
core-devops left a comment
Member
Copy Link
Copy Source

core-devops 5-axis review (head a3cd84cb)

1. Correctness — Nit: prefix-match (id::text LIKE '8a71d4d4-%') is unambiguous in tenant DBs with <1B workspaces (UUID first-block ~2^32 ≈ 4.3B; collision practically impossible at any tenant scale). The migration header explicitly notes CTO will confirm per-prefix uniqueness on review — and this is sound as long as it's enforced once. Not a blocker.

2. Architecture — no finding. Pairs cleanly with PR #1427 server-side reconcile (which reads workspaces.name/role into agent_card on /registry/register). This migration populates the trusted DB row that reconcile substitutes — it closes the gap internal#492 names.

3. CI / build effects — Required (CI-side): CI / all-required red at this head due to the same Shellcheck E2E breakage that hits mc#1559 — root caused in main and fixed by mc#1561. The migration itself passes the migration-collision check (already green).

4. Idempotency / safety — no finding. BEGIN/COMMIT atomic; each UPDATE only touches name/role/agent_card; re-running rewrites the same values; UUIDs absent from a given tenant match 0 rows (no INSERT, no schema change). Down migration cleanly reverses.

5. Operator surface — no finding. Migration is 20260518000000_... — sequence number matches the up-migration filename convention. agent_card payload field shapes match the discovery-card contract used by canvas and mobile peer chip.

Net: clean seed migration. APPROVE; merge blocked on mc#1561 to unblock CI gate.

core-devops 5-axis review (head a3cd84cb) **1. Correctness** — Nit: prefix-match (`id::text LIKE '8a71d4d4-%'`) is unambiguous in tenant DBs with <1B workspaces (UUID first-block ~2^32 ≈ 4.3B; collision practically impossible at any tenant scale). The migration header explicitly notes CTO will confirm per-prefix uniqueness on review — and this is sound as long as it's enforced once. Not a blocker. **2. Architecture** — no finding. Pairs cleanly with PR #1427 server-side reconcile (which reads workspaces.name/role into agent_card on /registry/register). This migration populates the trusted DB row that reconcile substitutes — it closes the gap internal#492 names. **3. CI / build effects** — Required (CI-side): `CI / all-required` red at this head due to the same Shellcheck E2E breakage that hits mc#1559 — root caused in main and fixed by mc#1561. The migration itself passes the migration-collision check (already green). **4. Idempotency / safety** — no finding. BEGIN/COMMIT atomic; each UPDATE only touches name/role/agent_card; re-running rewrites the same values; UUIDs absent from a given tenant match 0 rows (no INSERT, no schema change). Down migration cleanly reverses. **5. Operator surface** — no finding. Migration is `20260518000000_...` — sequence number matches the up-migration filename convention. agent_card payload field shapes match the discovery-card contract used by canvas and mobile peer chip. Net: clean seed migration. APPROVE; merge blocked on mc#1561 to unblock CI gate.
core-security approved these changes 2026-05-19 03:34:36 +00:00
Dismissed
core-security left a comment
Member
Copy Link
Copy Source

core-security 5-axis review (head a3cd84cb)

1. Migration script safety (data-mutating) — no finding. UPDATE-only (never INSERT); 3 fields per row (name, role, agent_card); BEGIN/COMMIT atomic; idempotent (rewrites same values on rerun); UUIDs not in a given tenant match 0 rows. Down migration is a clean reverse. No schema change. Per-row footprint scoped to identity fields only — no foreign-key or audit-trail mutation.

2. Privilege escalation in identity rows — no finding. The seed is platform-controlled identity (matches the design that the agent runtime cannot self-write workspaces.name/role). The role field strings ('product manager', 'code reviewer', 'dev engineer', 'researcher', 'operator orchestrator') are display strings; security boundary checks elsewhere must NOT key authorization off these (per molecule:role-display-only contract in mcp instructions). I confirmed by inspection that the seed does NOT touch any auth-bearing column (no admin_token, no organization_id mapping, no acl, no scope).

3. Secret / credential exposure — no finding. agent_card description/skills text contains no API keys, no tenant IDs beyond the public production-team UUID prefixes (which are already in CTO-locked memory). No env var dumps.

4. Input validation — no finding. Per the up-migration header, all name strings <=255 chars and contain no YAML-special chars (matches workspace_crud.go:526 validateWorkspaceFields); roles <=1000 chars; per-skill description <=120. Visual inspection of the SQL strings confirms.

5. CI gate — Required (CI-side): CI / all-required red at this head due to upstream Shellcheck breakage; mc#1561 fixes. Same blocker as mc#1559.

Net: identity-only seed, atomic + idempotent + reversible, security-clean. APPROVE on the change; merge blocked on mc#1561.

core-security 5-axis review (head a3cd84cb) **1. Migration script safety (data-mutating)** — no finding. UPDATE-only (never INSERT); 3 fields per row (name, role, agent_card); BEGIN/COMMIT atomic; idempotent (rewrites same values on rerun); UUIDs not in a given tenant match 0 rows. Down migration is a clean reverse. No schema change. Per-row footprint scoped to identity fields only — no foreign-key or audit-trail mutation. **2. Privilege escalation in identity rows** — no finding. The seed is platform-controlled identity (matches the design that the agent runtime cannot self-write workspaces.name/role). The `role` field strings ('product manager', 'code reviewer', 'dev engineer', 'researcher', 'operator orchestrator') are display strings; security boundary checks elsewhere must NOT key authorization off these (per `molecule:role-display-only` contract in mcp instructions). I confirmed by inspection that the seed does NOT touch any auth-bearing column (no admin_token, no organization_id mapping, no acl, no scope). **3. Secret / credential exposure** — no finding. agent_card description/skills text contains no API keys, no tenant IDs beyond the public production-team UUID prefixes (which are already in CTO-locked memory). No env var dumps. **4. Input validation** — no finding. Per the up-migration header, all name strings <=255 chars and contain no YAML-special chars (matches workspace_crud.go:526 validateWorkspaceFields); roles <=1000 chars; per-skill description <=120. Visual inspection of the SQL strings confirms. **5. CI gate** — Required (CI-side): `CI / all-required` red at this head due to upstream Shellcheck breakage; mc#1561 fixes. Same blocker as mc#1559. Net: identity-only seed, atomic + idempotent + reversible, security-clean. APPROVE on the change; merge blocked on mc#1561.
hongming force-pushed feat/agent-card-identity-seed-prod-team-internal-492-followup from a3cd84cba3 to 75b51028c3 2026-05-19 03:41:32 +00:00 Compare
core-devops approved these changes 2026-05-19 03:42:22 +00:00
core-devops left a comment
Member
Copy Link
Copy Source

Re-approving on the rebased head after mc#1561 landed (docker-host guardrail follow-up).

Rebase was server-initiated POST /pulls/1563/update?style=rebase — no semantic content change to this PR's diff, just fast-forward of new main onto the existing branch tip. Original five-axis review at commit_id=a3cd84cba38ca27f8de23ab9f25903bc05f0bd5e stands; this is a stale-dismiss ratification of the same content on the rebased head.

LGTM (rebase ratification).

Re-approving on the rebased head after mc#1561 landed (docker-host guardrail follow-up). Rebase was server-initiated `POST /pulls/1563/update?style=rebase` — no semantic content change to this PR's diff, just fast-forward of new main onto the existing branch tip. Original five-axis review at commit_id=a3cd84cba38ca27f8de23ab9f25903bc05f0bd5e stands; this is a stale-dismiss ratification of the same content on the rebased head. LGTM (rebase ratification).
core-security approved these changes 2026-05-19 03:42:23 +00:00
core-security left a comment
Member
Copy Link
Copy Source

Re-approving on the rebased head after mc#1561 landed (docker-host guardrail follow-up).

Rebase was server-initiated POST /pulls/1563/update?style=rebase — no semantic content change to this PR's diff, just fast-forward of new main onto the existing branch tip. Original five-axis security review at commit_id=a3cd84cba38ca27f8de23ab9f25903bc05f0bd5e stands; this is a stale-dismiss ratification of the same content on the rebased head.

LGTM (rebase ratification).

Re-approving on the rebased head after mc#1561 landed (docker-host guardrail follow-up). Rebase was server-initiated `POST /pulls/1563/update?style=rebase` — no semantic content change to this PR's diff, just fast-forward of new main onto the existing branch tip. Original five-axis security review at commit_id=a3cd84cba38ca27f8de23ab9f25903bc05f0bd5e stands; this is a stale-dismiss ratification of the same content on the rebased head. LGTM (rebase ratification).
hongming merged commit e27ce29e81 into main 2026-05-19 03:59:36 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
core-devops
core-security
Labels
Clear labels
area/ci
CI/CD pipeline issues
 kind/infrastructure
Infrastructure-related issues
 merge-queue
Ready for serialized Gitea merge queue
 merge-queue-hold
Temporarily hold PR in merge queue
 platform/go
Go platform test issues
 release-blocker
Blocks the staging→main promotion / a release
 release-test
security
test-label-sre
tier:high
High risk per dev-sop §SOP-6 — ceo only, 24h cooldown
 tier:low
Low risk per dev-sop §SOP-6 — engineers/managers/ceo can approve
 tier:medium
Medium risk per dev-sop §SOP-6 — managers/ceo can approve
 triage-test
test
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
agent-dev-a agent-dev-b agent-pm agent-researcher agent-reviewer app-fe (Molecule AI · app-fe) app-lead (Molecule AI · app-lead) app-qa (Molecule AI · app-qa) claude-ceo-assistant claude-ci-reader claude-status-reaper core-be (Molecule AI · core-be) core-devops (Molecule AI · core-devops) core-fe (Molecule AI · core-fe) core-lead (Molecule AI · core-lead) core-offsec (Molecule AI · core-offsec) core-qa (Molecule AI · core-qa) core-security (Molecule AI · core-security) core-uiux (Molecule AI · core-uiux) cp-be (Molecule AI · cp-be) cp-lead (Molecule AI · cp-lead) cp-qa (Molecule AI · cp-qa) cp-security (Molecule AI · cp-security) cui (Zhanlin Cui) dev-lead (Molecule AI · dev-lead) devops-engineer documentation-specialist (Molecule AI · documentation-specialist) fullstack-engineer (Molecule AI · fullstack-engineer) hongming hongming-ceo-delegated hongming-codex-laptop hongming-kimi-laptop hongming-pc2 infra-lead (Molecule AI · infra-lead) infra-runtime-be (Molecule AI · infra-runtime-be) infra-sre (Molecule AI · infra-sre) integration-tester (Molecule AI · integration-tester) mc-drift-bot molecule-code-reviewer plugin-dev (Molecule AI · plugin-dev) pm publish-runtime-bot pypi-publisher (Molecule AI PyPI Publisher (RFC#596)) release-manager (Molecule AI · release-manager) sdk-dev (Molecule AI · sdk-dev) sdk-lead (Molecule AI · sdk-lead) sop-drift-bot sop-tier-bot (SOP Tier-Check Bot) technical-writer (Molecule AI · technical-writer) triage-operator (Molecule AI · triage-operator)
No Assignees
4 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: molecule-ai/molecule-core#1563
Delete Branch "feat/agent-card-identity-seed-prod-team-internal-492-followup"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?