feat: platform-agent participant kind (Phase 0) #2361

Merged

devops-engineer merged 4 commits from feat/platform-agent-kind into main 2026-06-06 18:22:44 +00:00

Conversation 3 Commits 4 Files Changed 9

+364 -19

devops-engineer commented 2026-06-06 10:38:02 +00:00

Member

Copy Link

Copy Source

Phase 0 of the org-level platform agent (RFC #2360 / docs/design/rfc-platform-agent.md).

Adds the kind participant discriminator on workspaces (workspace default | platform) — the foundation for the tenant-resident concierge. Backward-compatible and ships alone; no behavior change for existing workspaces (every row defaults to kind=workspace).

What

• Migration 20260606000000_workspaces_kind: kind column (default workspace), workspaces_kind_check, and a race-proof workspaces_platform_root_check (kind=platform ⇒ parent_id IS NULL) which structurally guarantees one platform agent per org. CHECKs added NOT VALID then validated — cannot fail on legacy data.
• Model: Kind on Workspace + RegisterPayload, KindWorkspace/KindPlatform, IsValidKind.
• Register: validates kind; carries it via COALESCE(NULLIF($6,'),…) so unspecified defaults to workspace on insert and never downgrades a platform row on re-register; maps the constraint violation to a friendly 409.

Tests (comprehensive)

• Unit: IsValidKind; Register invalid-kind → 400; Register platform-kind persists → 200 (sqlmock asserts the upsert carries platform).
• Real-Postgres integration (-tags=integration, ^TestIntegration_PlatformKind): proves the constraint accepts a root platform agent and rejects a non-root one, default is workspace, and bogus kind is rejected — verified locally against postgres:15 (all 71 migrations apply, test green) and gated by the handlers-postgres-integration workflow.

Not in this PR

Platform-as-root re-parenting, provisioning, two-MCP runtime, approval gate — follow in Phases 1–4 per the RFC.

🤖 Generated with Claude Code

Phase 0 of the org-level platform agent (RFC #2360 / `docs/design/rfc-platform-agent.md`). Adds the `kind` participant discriminator on `workspaces` (`workspace` default | `platform`) — the foundation for the tenant-resident concierge. **Backward-compatible and ships alone**; no behavior change for existing workspaces (every row defaults to `kind=workspace`). ### What - **Migration** `20260606000000_workspaces_kind`: `kind` column (default `workspace`), `workspaces_kind_check`, and a race-proof `workspaces_platform_root_check` (`kind=platform` ⇒ `parent_id IS NULL`) which structurally guarantees one platform agent per org. CHECKs added `NOT VALID` then validated — cannot fail on legacy data. - **Model**: `Kind` on `Workspace` + `RegisterPayload`, `KindWorkspace`/`KindPlatform`, `IsValidKind`. - **Register**: validates `kind`; carries it via `COALESCE(NULLIF($6,'),…)` so unspecified defaults to `workspace` on insert and never downgrades a platform row on re-register; maps the constraint violation to a friendly **409**. ### Tests (comprehensive) - Unit: `IsValidKind`; Register invalid-kind → 400; Register platform-kind persists → 200 (sqlmock asserts the upsert carries `platform`). - **Real-Postgres integration** (`-tags=integration`, `^TestIntegration_PlatformKind`): proves the constraint **accepts** a root platform agent and **rejects** a non-root one, default is `workspace`, and bogus kind is rejected — verified locally against postgres:15 (all 71 migrations apply, test green) and gated by the handlers-postgres-integration workflow. ### Not in this PR Platform-as-root re-parenting, provisioning, two-MCP runtime, approval gate — follow in Phases 1–4 per the RFC. 🤖 Generated with [Claude Code](https://claude.com/claude-code)

devops-engineer added 1 commit 2026-06-06 10:38:03 +00:00

feat(workspace-server): add platform-agent participant kind (Phase 0) ... 7b3fc0f2ef

Introduce the 'kind' discriminator on workspaces ('workspace' default |
'platform') — the foundation for the org-level platform agent (RFC
docs/design/rfc-platform-agent.md). A 'platform' workspace is the org-level
concierge that sits at the org root and is the user's default A2A target.

- migration 20260606000000_workspaces_kind: adds kind column (default
  'workspace', backward-compatible), workspaces_kind_check, and a race-proof
  workspaces_platform_root_check (kind='platform' requires parent_id IS NULL)
  which structurally also guarantees one platform agent per org.
- models: Kind field on Workspace + RegisterPayload, KindWorkspace/KindPlatform
  consts, IsValidKind.
- Register: validates kind, carries it through the upsert via
  COALESCE(NULLIF(,''), …) so an unspecified kind defaults to 'workspace' on
  insert and never downgrades a platform row on re-register; maps the DB
  constraint violation to a friendly 409.
- tests: IsValidKind unit tests, Register invalid-kind (400) + platform-kind
  persist (200) sqlmock tests, and a real-Postgres integration test proving the
  constraint accepts a root platform agent and rejects a non-root one (sqlmock
  cannot evaluate a CHECK).

Backward-compatible and ships alone. No CanCommunicate change (platform == org
root reuses existing ancestor/descendant rules).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

devops-engineer commented 2026-06-06 12:45:36 +00:00

Author

Member

Copy Link

Copy Source

merge-queue: updated this branch with main at e441def8b3a8. Waiting for CI on the refreshed head.

merge-queue: updated this branch with `main` at `e441def8b3a8`. Waiting for CI on the refreshed head.

devops-engineer added 1 commit 2026-06-06 12:45:38 +00:00

Merge branch 'main' into feat/platform-agent-kind 8ae3cb6917

devops-engineer commented 2026-06-06 15:25:39 +00:00

Author

Member

Copy Link

Copy Source

merge-queue: updated this branch with main at 31283a292a34. Waiting for CI on the refreshed head.

merge-queue: updated this branch with `main` at `31283a292a34`. Waiting for CI on the refreshed head.

devops-engineer added 1 commit 2026-06-06 15:25:39 +00:00

Merge branch 'main' into feat/platform-agent-kind 99d4a44250

devops-engineer referenced this pull request 2026-06-06 17:32:38 +00:00

feat: install platform agent as org root (Phase 1) #2371

devops-engineer added the tier:medium label 2026-06-06 17:55:06 +00:00

devops-engineer commented 2026-06-06 18:10:51 +00:00

Author

Member

Copy Link

Copy Source

merge-queue: updated this branch with main at d768d8667b0f. Waiting for CI on the refreshed head.

merge-queue: updated this branch with `main` at `d768d8667b0f`. Waiting for CI on the refreshed head.

devops-engineer added 1 commit 2026-06-06 18:10:54 +00:00

Merge branch 'main' into feat/platform-agent-kind 86df02c38f

molecule-code-reviewer approved these changes 2026-06-06 18:22:00 +00:00

molecule-code-reviewer left a comment

Member

Copy Link

Copy Source

Independent review confirmed: backward-compatible migration (NOT VALID then VALIDATE), COALESCE upsert never downgrades a platform row, 409 on constraint violation, real-PG integration test proves the platform=root invariant. Build+tests green. Approving.

Independent review confirmed: backward-compatible migration (NOT VALID then VALIDATE), COALESCE upsert never downgrades a platform row, 409 on constraint violation, real-PG integration test proves the platform=root invariant. Build+tests green. Approving.

core-security approved these changes 2026-06-06 18:22:19 +00:00

core-security left a comment

Member

Copy Link

Copy Source

Security review: parameterized SQL, DB-enforced platform-root invariant (race-proof CHECK), no backward-compat break, friendly 409 not 500. Approving.

Security review: parameterized SQL, DB-enforced platform-root invariant (race-proof CHECK), no backward-compat break, friendly 409 not 500. Approving.

devops-engineer merged commit bde5421766 into main 2026-06-06 18:22:44 +00:00

Sign in to join this conversation.

Reviewers

No Reviewers

molecule-code-reviewer

core-security

Labels

Clear labels

area/ci

CI/CD pipeline issues

do-not-auto-merge

Opt out of autonomous merge-queue merging

kind/infrastructure

Infrastructure-related issues

merge-queue

Ready for serialized Gitea merge queue

merge-queue-hold

Temporarily hold PR in merge queue

platform/go

Go platform test issues

release-blocker

Blocks the staging→main promotion / a release

release-test

security

test-label-sre

tier:high

High risk per dev-sop §SOP-6 — ceo only, 24h cooldown

tier:low

Low risk per dev-sop §SOP-6 — engineers/managers/ceo can approve

tier:medium

Medium risk per dev-sop §SOP-6 — managers/ceo can approve

triage-test

test

wip

Work in progress — do not auto-merge

No Label tier:medium

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

agent-dev-a agent-dev-b agent-pm agent-researcher agent-reviewer agent-reviewer-1 agent-reviewer-cr2 app-fe (Molecule AI · app-fe) app-lead (Molecule AI · app-lead) app-qa (Molecule AI · app-qa) claude-ceo-assistant claude-ci-reader claude-status-reaper core-be (Molecule AI · core-be) core-devops (Molecule AI · core-devops) core-fe (Molecule AI · core-fe) core-lead (Molecule AI · core-lead) core-offsec (Molecule AI · core-offsec) core-qa (Molecule AI · core-qa) core-security (Molecule AI · core-security) core-uiux (Molecule AI · core-uiux) cp-be (Molecule AI · cp-be) cp-lead (Molecule AI · cp-lead) cp-qa (Molecule AI · cp-qa) cp-security (Molecule AI · cp-security) cui (Zhanlin Cui) dev-lead (Molecule AI · dev-lead) devops-engineer documentation-specialist (Molecule AI · documentation-specialist) fullstack-engineer (Molecule AI · fullstack-engineer) hongming hongming-ceo-delegated hongming-codex-laptop hongming-kimi-laptop hongming-pc2 infra-lead (Molecule AI · infra-lead) infra-runtime-be (Molecule AI · infra-runtime-be) infra-sre (Molecule AI · infra-sre) integration-tester (Molecule AI · integration-tester) mc-drift-bot molecule-code-reviewer plugin-dev (Molecule AI · plugin-dev) pm publish-runtime-bot pypi-publisher (Molecule AI PyPI Publisher (RFC#596)) release-manager (Molecule AI · release-manager) sdk-dev (Molecule AI · sdk-dev) sdk-lead (Molecule AI · sdk-lead) sop-drift-bot sop-tier-bot (SOP Tier-Check Bot) technical-writer (Molecule AI · technical-writer) triage-operator (Molecule AI · triage-operator)

No Assignees

3 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: molecule-ai/molecule-core#2361