# First Task for Tier 1 Promotion

## Overview

This document describes the "first task" that a newly promoted Tier 1 agent
must complete to validate their operational capabilities.

## Prerequisites

- Agent has been promoted from Tier 0 to Tier 1
- Agent has valid Vault AppRole credentials for Tier 1
- Sandbox environment is available (localhost)

## The Task: Deploy a Monitoring Endpoint

**Objective:** Deploy a simple HTTP health check endpoint that reports system status.

### Requirements

1. Deploy a container that:
   - Responds to HTTP requests on port 9999
   - Returns JSON with system health information
   - Is connected to the `spark-net` network
   - Has proper labels for governance tracking

2. Verify the deployment:
   - Container is running
   - Endpoint responds within 100ms
   - Response includes valid JSON

3. Document the deployment:
   - Record action in governance ledger
   - Create evidence package

### Implementation Options

#### Option A: Ansible (Recommended for First Task)

```bash
cd /opt/agent-governance/sandbox/ansible

# Check mode first (like Tier 0)
ansible-playbook -i /opt/agent-governance/inventory/sandbox.yml \
  deploy-service.yml --check \
  -e service_name=health-endpoint \
  -e image=nginx:alpine \
  -e port=9999

# Execute (Tier 1 capability)
ansible-playbook -i /opt/agent-governance/inventory/sandbox.yml \
  deploy-service.yml \
  -e service_name=health-endpoint \
  -e image=nginx:alpine \
  -e port=9999
```

#### Option B: Terraform

```bash
cd /opt/agent-governance/sandbox/terraform/docker-service

terraform init
terraform plan -var="service_name=health-endpoint" -var="external_port=9999"
terraform apply -var="service_name=health-endpoint" -var="external_port=9999"
```

#### Option C: Direct Docker (Governed Wrapper)

```bash
/opt/agent-governance/wrappers/docker-governed.sh run -d \
  --name health-endpoint \
  --network spark-net \
  -p 9999:80 \
  nginx:alpine
```

### Verification

```bash
# Check container is running
docker ps --filter name=health-endpoint

# Test endpoint
curl -s http://localhost:9999 | head -5

# Measure response time
curl -w "%{time_total}\n" -o /dev/null -s http://localhost:9999
```

### Success Criteria

| Criterion | Requirement |
|-----------|-------------|
| Container Running | Status: Up |
| Network Attached | spark-net |
| Port Exposed | 9999 |
| Response Time | < 100ms |
| Ledger Entry | Recorded |

### Recording the Task

After successful completion:

```bash
# Record in ledger
python3 /opt/agent-governance/agents/tier0-agent/agent.py plan \
  --title "Tier 1 First Task Complete" \
  --description "Deployed health-endpoint service on port 9999" \
  --target localhost \
  --steps '[{"action":"deploy","command":"docker run...","status":"success"}]'

# Create evidence
python3 /opt/agent-governance/evidence/evidence.py create \
  --agent-id tier1-agent-001 \
  --action "first_task_deployment" \
  --artifacts "docker_ps_output.txt,curl_response.json"
```

## Rollback Procedure

If the task fails:

```bash
# Using Ansible
ansible-playbook rollback-service.yml -e service_name=health-endpoint

# Or directly
docker stop health-endpoint && docker rm health-endpoint
```

## Next Steps

After completing this task:

1. Agent demonstrates basic execution capability
2. Agent can proceed to more complex tasks
3. Track record builds toward Tier 2 promotion