profit/agent-governance
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
agent-governance/bin/sample-tier0-agent.sh
profit 77655c298c Initial commit: Agent Governance System Phase 8 
Phase 8 Production Hardening with complete governance infrastructure:

- Vault integration with tiered policies (T0-T4)
- DragonflyDB state management
- SQLite audit ledger
- Pipeline DSL and templates
- Promotion/revocation engine
- Checkpoint system for session persistence
- Health manager and circuit breaker for fault tolerance
- GitHub/Slack integrations
- Architectural test pipeline with bug watcher, suggestion engine, council review
- Multi-agent chaos testing framework

Test Results:
- Governance tests: 68/68 passing
- E2E workflow: 16/16 passing
- Phase 2 Vault: 14/14 passing
- Integration tests: 27/27 passing

Coverage: 57.6% average across 12 phases

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-23 22:07:06 -05:00

100 lines
3.3 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# Sample Tier 0 Agent: Plan Generator
# Demonstrates proper agent behavior per foundation document
set -e
# Load bootstrap library
source /opt/agent-governance/lib/agent-bootstrap.sh
AGENT_ID="plan-generator-001"
# --- Agent Metadata Declaration (Section 4) ---
declare -A AGENT_META=(
[agent_id]="plan-generator-001"
[agent_role]="observer"
[version]="0.1.0"
[tier]=0
)
main() {
log_info "Starting agent: ${AGENT_META[agent_id]} v${AGENT_META[version]}"
# Check for required credentials
if [[ -z "$ROLE_ID" || -z "$SECRET_ID" ]]; then
agent_error "CONFIGURATION_ERROR" \
"Missing credentials" \
"Environment variables ROLE_ID and SECRET_ID" \
"None" \
"Set ROLE_ID and SECRET_ID environment variables"
exit 1
fi
# Authenticate (Section 3.3 - Bounded Authority)
if ! agent_authenticate "$ROLE_ID" "$SECRET_ID"; then
agent_error "AUTH_ERROR" \
"Failed to authenticate with Vault" \
"role_id=$ROLE_ID" \
"None" \
"Verify credentials and Vault connectivity"
exit 1
fi
# Load metadata from Vault
if ! agent_load_metadata "$AGENT_ID"; then
agent_error "METADATA_ERROR" \
"Failed to load agent metadata" \
"agent_id=$AGENT_ID" \
"Authenticated successfully" \
"Verify agent is registered in Vault"
exit 1
fi
# Validate action before proceeding (Section 5 - Input Discipline)
local requested_action="${1:-read_docs}"
if ! agent_validate_action "$requested_action"; then
agent_error "FORBIDDEN_ACTION" \
"Requested action is not permitted for this agent" \
"action=$requested_action" \
"Authenticated and loaded metadata" \
"Request action within allowed scope or escalate to higher tier"
exit 1
fi
# Execute action
case "$requested_action" in
read_docs)
log_info "Reading documentation..."
local docs
docs=$(curl -sk -H "X-Vault-Token: $VAULT_TOKEN" \
"$VAULT_ADDR/v1/secret/data/docs/agent-taxonomy" | jq -r '.data.data')
if [[ -n "$docs" ]]; then
agent_output "EXECUTE" 0.95 "read_docs" "Successfully read agent taxonomy documentation"
else
agent_output "ERROR" 0.0 "read_docs" "Failed to read documentation"
fi
;;
read_inventory)
log_info "Reading inventory..."
local inventory
inventory=$(curl -sk -H "X-Vault-Token: $VAULT_TOKEN" \
"$VAULT_ADDR/v1/secret/data/inventory/proxmox" | jq -r '.data.data')
agent_output "EXECUTE" 0.90 "read_inventory" "Read Proxmox inventory: $(echo "$inventory" | jq -r '.cluster')"
;;
generate_plan)
log_info "Generating plan..."
# Tier 0 can generate plans but not execute
agent_output "EXECUTE" 0.85 "generate_plan" "Plan generated. Requires Tier 1+ agent for execution."
;;
*)
agent_output "INSUFFICIENT_INFORMATION" 0.0 "$requested_action" "Unknown action requested"
;;
esac
}
# Run main
main "$@"
Reference in New Issue View Git Blame Copy Permalink