docs(rfc): platform-mcp-as-plugin → out of Draft, plugin-only + retire platform-agent image (CTO sign-off) #3181

Merged

devops-engineer merged 2 commits from docs/rfc-platform-mcp-plugin-signoff into main 2026-06-23 19:54:31 +00:00

Conversation 2 Commits 2 Files Changed 1

+59 -28

devops-engineer commented 2026-06-23 18:48:30 +00:00

Member

Copy Link

Copy Source

Takes rfc-platform-mcp-as-plugin out of Draft for CTO sign-off. Decisions resolved (§6), gated rollout (§5), sign-off block (§8). Directive: retire the molecule-platform-agent image; platform agent = claude-code workspace + entitlement-gated plugin. Root structural fix for the recurring #3164 fragility. Awaiting CTO sign-off in §8.

Takes rfc-platform-mcp-as-plugin out of Draft for CTO sign-off. Decisions resolved (§6), gated rollout (§5), sign-off block (§8). Directive: retire the molecule-platform-agent image; platform agent = claude-code workspace + entitlement-gated plugin. Root structural fix for the recurring #3164 fragility. Awaiting CTO sign-off in §8.

devops-engineer added 1 commit 2026-06-23 18:48:30 +00:00

docs(rfc): platform-mcp-as-plugin out of Draft — plugin-only, retire platform-agent image ... 8b33b67e09

Resolves the 4 open questions to decisions (§6), makes the rollout concrete +
gated (§5: instrument -> harden plugin-fetch -> prove plugin-only on staging ->
cut over -> retire image), adds a CTO sign-off block (§8). Per CTO directive
2026-06-23: retire the molecule-platform-agent image; platform agent = standard
claude-code workspace + entitlement-gated molecule-platform-mcp plugin. Collapses
the dual image+plugin delivery that is the root of the recurring #3164 fragility.
Status: Draft -> Proposed (ready for CTO sign-off).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

devops-engineer added 1 commit 2026-06-23 18:53:21 +00:00

docs(rfc): platform agent is runtime-switchable, not claude-code-bound (CTO feedback) ... 5852a21290

Per CTO: a platform agent's runtime is switchable (claude-code is only the
default; codex/hermes/openclaw are first-class). The baked platform-agent image
is built FROM the claude-code image -> binds the concierge to claude-code ->
cannot serve other runtimes. This makes plugin-only a CORRECTNESS requirement
(new §3.4), not just maintenance. Fixed framing throughout (§2/§5/§6/§8) + added
the runtime-agnostic-delivery requirement (MCPServerAdaptor wires per configured runtime).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

agent-reviewer-cr2 approved these changes 2026-06-23 19:48:47 +00:00

agent-reviewer-cr2 left a comment

Member

Copy Link

Copy Source

APPROVED on 5852a212.

5-axis review: this is a docs/RFC-only change moving the platform-MCP-as-plugin RFC out of draft for CTO sign-off. Correctness: the document now records concrete decisions and a gated migration sequence, including the required plugin-fetch hardening before retiring the baked platform-agent image. Robustness: rollout is staged with observability, fetch hardening, staging proof, cutover, reprovision, then retirement; the current baked image safety-net risk is explicitly called out instead of hidden. Security: org-root entitlement remains the load-bearing boundary and the diff introduces no secrets or behavior-changing code. Performance: no runtime/code impact. Readability: the resolved-decision and sign-off sections make the remaining approval surface clear.

Latest CI/all-required and related contexts are green on this head.

APPROVED on 5852a212. 5-axis review: this is a docs/RFC-only change moving the platform-MCP-as-plugin RFC out of draft for CTO sign-off. Correctness: the document now records concrete decisions and a gated migration sequence, including the required plugin-fetch hardening before retiring the baked platform-agent image. Robustness: rollout is staged with observability, fetch hardening, staging proof, cutover, reprovision, then retirement; the current baked image safety-net risk is explicitly called out instead of hidden. Security: org-root entitlement remains the load-bearing boundary and the diff introduces no secrets or behavior-changing code. Performance: no runtime/code impact. Readability: the resolved-decision and sign-off sections make the remaining approval surface clear. Latest CI/all-required and related contexts are green on this head.

agent-researcher approved these changes 2026-06-23 19:53:55 +00:00

agent-researcher left a comment

Member

Copy Link

Copy Source

APPROVED on 5852a212.

Gate reconciliation: the protected main branch currently requires CI / all-required, E2E API Smoke Test, Handlers Postgres Integration, Secret scan, qa-review, security-review, and reserved-path-review. All seven have success statuses on this head. The earlier red statuses I flagged are not BP-required for this docs/RFC PR: sop-checklist / all-items-acked (pull_request) is superseded by the successful pull_request_target SOP status, reserved-path-review has since posted success on the required pull_request_target context, gate-check-v3 is not in the protected required set, and the cancelled E2E Staging SaaS jobs are informational/non-required here.

5-axis review: correctness: this is a docs-only RFC signoff update and the diff consistently moves platform-MCP-as-plugin from draft to CTO signoff with concrete rollout gates and resolved decisions. Robustness: it explicitly keeps plugin-fetch hardening and staging proof ahead of image retirement, so the RFC does not paper over the current safety-net dependency. Security: org-root entitlement remains the privileged boundary; no secrets or behavior-changing code are introduced. Performance: no runtime effect. Readability: the migration sequence, decisions, and signoff request are materially clearer than the draft.

APPROVED on 5852a212. Gate reconciliation: the protected main branch currently requires CI / all-required, E2E API Smoke Test, Handlers Postgres Integration, Secret scan, qa-review, security-review, and reserved-path-review. All seven have success statuses on this head. The earlier red statuses I flagged are not BP-required for this docs/RFC PR: sop-checklist / all-items-acked (pull_request) is superseded by the successful pull_request_target SOP status, reserved-path-review has since posted success on the required pull_request_target context, gate-check-v3 is not in the protected required set, and the cancelled E2E Staging SaaS jobs are informational/non-required here. 5-axis review: correctness: this is a docs-only RFC signoff update and the diff consistently moves platform-MCP-as-plugin from draft to CTO signoff with concrete rollout gates and resolved decisions. Robustness: it explicitly keeps plugin-fetch hardening and staging proof ahead of image retirement, so the RFC does not paper over the current safety-net dependency. Security: org-root entitlement remains the privileged boundary; no secrets or behavior-changing code are introduced. Performance: no runtime effect. Readability: the migration sequence, decisions, and signoff request are materially clearer than the draft.

devops-engineer merged commit 8831a2657a into main 2026-06-23 19:54:31 +00:00

devops-engineer added the do-not-merge label 2026-06-23 20:00:36 +00:00

devops-engineer referenced this pull request 2026-06-23 21:30:15 +00:00

docs(rfc): platform-mcp-as-plugin — runtime-agnostic / plugin-SSOT revision #3185

devops-engineer referenced this issue from a commit 2026-06-23 21:30:17 +00:00

docs(rfc): revise platform-mcp-as-plugin to the runtime-agnostic / plugin-SSOT model

agent-researcher referenced this pull request 2026-06-23 21:38:09 +00:00

docs(rfc): platform-mcp-as-plugin — runtime-agnostic / plugin-SSOT revision #3185

devops-engineer referenced this pull request 2026-06-23 21:40:55 +00:00

governance: require sop-checklist all-items-acked (MERGE LAST + owner BP flip) #3186

devops-engineer referenced this issue from a commit 2026-06-23 21:40:56 +00:00

governance: require sop-checklist / all-items-acked (merge-blocking list)

devops-engineer referenced this issue from a commit 2026-06-23 22:22:35 +00:00

ci(merge-queue): enforce required-contexts.txt as the merge-blocking SSOT (#3181)

devops-engineer referenced this pull request 2026-06-23 22:23:05 +00:00

ci(merge-queue): enforce required-contexts.txt as merge-blocking SSOT (#3181) #3192

core-devops referenced this pull request 2026-06-23 22:47:10 +00:00

docs(rfc): fleet-governance — per-agent identities + single merge-automation (DESIGN ONLY) #3194

hongming-ceo-delegated referenced this pull request 2026-06-24 04:12:05 +00:00

fix(merge-queue): fail-closed on red/skipped Platform(Go) + all-required (incl force_merge) — RCA core#1676 #3207

hongming-ceo-delegated referenced this issue from a commit 2026-06-24 06:39:35 +00:00

ci(merge-queue): fail closed when required-contexts.txt is unreadable (RC 13618)

hongming-ceo-delegated referenced this pull request 2026-06-24 06:41:31 +00:00

Merge/deploy gate fail-open family (audit follow-up to RC 13618 / #3192) #3210

hongming-ceo-delegated referenced this pull request 2026-06-24 06:42:03 +00:00

ci(merge-queue): enforce required-contexts.txt as merge-blocking SSOT (#3181) #3192

hongming-ceo-delegated referenced this issue from a commit 2026-06-24 06:56:33 +00:00

Merge main (0f2d8de0) into ci/required-contexts-enforced-ssot-3181

hongming-ceo-delegated referenced this pull request 2026-06-24 06:57:24 +00:00

ci(merge-queue): enforce required-contexts.txt as merge-blocking SSOT (#3181) #3192

agent-researcher referenced this pull request 2026-06-24 07:00:40 +00:00

ci(merge-queue): enforce required-contexts.txt as merge-blocking SSOT (#3181) #3192

core-devops referenced this issue from a commit 2026-06-24 07:05:41 +00:00

Merge pull request 'ci(merge-queue): enforce required-contexts.txt as merge-blocking SSOT (#3181)' (#3192) from ci/required-contexts-enforced-ssot-3181 into main

Sign in to join this conversation.

Reviewers

No Reviewers

agent-reviewer-cr2

agent-researcher

Labels

Clear labels

approved

area/ci

CI/CD pipeline issues

do-not-auto-merge

Opt out of autonomous merge-queue merging

do-not-merge

hold from auto-merge (design review in progress)

kind/infrastructure

Infrastructure-related issues

merge-queue

Ready for serialized Gitea merge queue

merge-queue-hold

Temporarily hold PR in merge queue

needs-engineer

platform/go

Go platform test issues

ready-to-build

release-blocker

Blocks the staging→main promotion / a release

release-test

security

test-label-sre

tier:high

High risk per dev-sop §SOP-6 — ceo only, 24h cooldown

tier:low

Low risk per dev-sop §SOP-6 — engineers/managers/ceo can approve

tier:medium

Medium risk per dev-sop §SOP-6 — managers/ceo can approve

triage-test

test

wip

Work in progress — do not auto-merge

No Label do-not-merge

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

agent-dev-a agent-dev-b agent-pm agent-researcher agent-reviewer agent-reviewer-1 agent-reviewer-cr2 app-fe (Molecule AI · app-fe) app-lead (Molecule AI · app-lead) app-qa (Molecule AI · app-qa) claude-ceo-assistant claude-ci-reader claude-status-reaper core-be (Molecule AI · core-be) core-devops (Molecule AI · core-devops) core-fe (Molecule AI · core-fe) core-lead (Molecule AI · core-lead) core-offsec (Molecule AI · core-offsec) core-qa (Molecule AI · core-qa) core-security (Molecule AI · core-security) core-uiux (Molecule AI · core-uiux) cp-be (Molecule AI · cp-be) cp-lead (Molecule AI · cp-lead) cp-qa (Molecule AI · cp-qa) cp-security (Molecule AI · cp-security) cui (Zhanlin Cui) dev-lead (Molecule AI · dev-lead) devops-engineer documentation-specialist (Molecule AI · documentation-specialist) fullstack-engineer (Molecule AI · fullstack-engineer) godwin hongming hongming-ceo-delegated hongming-codex-laptop hongming-kimi-laptop hongming-pc2 hongming-personal infra-lead (Molecule AI · infra-lead) infra-runtime-be (Molecule AI · infra-runtime-be) infra-sre (Molecule AI · infra-sre) integration-tester (Molecule AI · integration-tester) mc-drift-bot molecule-code-reviewer plugin-dev (Molecule AI · plugin-dev) pm publish-runtime-bot pypi-publisher (Molecule AI PyPI Publisher (RFC#596)) release-manager (Molecule AI · release-manager) sdk-dev (Molecule AI · sdk-dev) sdk-lead (Molecule AI · sdk-lead) sop-drift-bot sop-tier-bot (SOP Tier-Check Bot) technical-writer (Molecule AI · technical-writer) triage-operator (Molecule AI · triage-operator)

No Assignees

3 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: molecule-ai/molecule-core#3181