profit/agent-governance
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
agent-governance/docs/PHASE_DEPENDENCY_ANALYSIS.md
profit 77655c298c Initial commit: Agent Governance System Phase 8 
Phase 8 Production Hardening with complete governance infrastructure:

- Vault integration with tiered policies (T0-T4)
- DragonflyDB state management
- SQLite audit ledger
- Pipeline DSL and templates
- Promotion/revocation engine
- Checkpoint system for session persistence
- Health manager and circuit breaker for fault tolerance
- GitHub/Slack integrations
- Architectural test pipeline with bug watcher, suggestion engine, council review
- Multi-agent chaos testing framework

Test Results:
- Governance tests: 68/68 passing
- E2E workflow: 16/16 passing
- Phase 2 Vault: 14/14 passing
- Integration tests: 27/27 passing

Coverage: 57.6% average across 12 phases

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-23 22:07:06 -05:00

172 lines
6.1 KiB
Markdown
Raw Blame History

# Phase Dependency Analysis
## Overview
This document analyzes the dependencies between Phase 8 (Production Hardening) test results and earlier phase components, identifying gaps and required backfills.
**Analysis Date:** 2026-01-24
**Checkpoint:** ckpt-20260124-023706-11d689d4
---
## Phase 8 Test Results Summary
| Test Suite | Tests | Result | Dependencies |
|------------|-------|--------|--------------|
| GitHub Integration | 10/10 | PASS | Phase 3 (Pipeline scaffolding) |
| Slack Integration | 17/17 | PASS | Phase 3 (Pipeline scaffolding) |
| Error Recovery | 10/10 | PASS | Phase 4 (Revocation Engine) |
| E2E Workflow | 16/16 | PASS | Phases 1-5 (Full stack) |
---
## Dependency Map
### 1. Integration Tests → Phase 3 (Pipeline)
**Files Tested:**
- `/opt/agent-governance/integrations/github/github.py`
- `/opt/agent-governance/integrations/slack/slack.py`
- `/opt/agent-governance/integrations/common/base.py`
**Dependencies:**
- `BaseIntegration` class with rate limiting, retry logic, audit logging
- `IntegrationEvent` dataclass with event_type routing
- `IntegrationManager` for multi-integration coordination
**Event Types Used (not in pipeline/core.py):**
```
plan_created → Maps to AgentPhase.PLAN completion
execution_started → Maps to AgentPhase.EXECUTE start
execution_complete → Maps to AgentPhase.EXECUTE completion
violation_detected → Maps to RevocationType events
promotion_requested → Maps to tier promotion workflow
promotion_approved → Maps to tier promotion completion
agent_revoked → Maps to RevocationType.* terminal events
approval_required → Maps to StageType.GATE
heartbeat → Maps to agent health monitoring
```
**Gap Identified:** Integration event types should be formally defined in `pipeline/core.py` as `IntegrationEventType` enum.
---
### 2. Error Recovery Tests → Phase 4 (Revocation)
**Files Tested:**
- `/opt/agent-governance/runtime/revocation.py`
**Dependencies:**
- `ViolationType` enum (14 types) - **More comprehensive than core.py**
- `Severity` enum (4 levels) - **Not in core.py**
- `RevocationEngine` class
- DragonflyDB keys: `agent:{id}:revoke_signal`, `revocations:ledger`, `alerts:queue`
**Type Comparison:**
| Location | Enum | Count | Coverage |
|----------|------|-------|----------|
| `pipeline/core.py` | `RevocationType` | 6 | Basic revocation triggers |
| `runtime/revocation.py` | `ViolationType` | 14 | Full violation taxonomy |
| `runtime/revocation.py` | `Severity` | 4 | Severity classification |
**Gap Identified:** `pipeline/core.py` should import or re-export the full `ViolationType` and `Severity` from `runtime/revocation.py` to maintain single source of truth.
---
### 3. E2E Tests → Phases 1-5 (Full Stack)
**Files Tested:**
- `/opt/agent-governance/tests/real_e2e_test.py`
**Phase 1 (Foundation) Dependencies:**
- SQLite Ledger schema: `agent_actions`, `agent_metrics`, `violations`, `promotions`
- File structure: `/opt/agent-governance/ledger/governance.db`
**Phase 2 (Vault) Dependencies:**
- Vault health check: `GET /v1/sys/health`
- AppRole authentication: `auth/approle/role/tier1-agent/role-id`
- Policy files: `t0-observer.hcl` through `t4-architect.hcl`
- Secret paths: `secret/data/agents/{agent_id}`, `secret/data/inventory/*`
**Phase 3 (Pipeline) Dependencies:**
- DragonflyDB key patterns from `RedisKeys` class
- Instruction packet structure
- Agent state management
**Phase 5 (Agent Bootstrap) Dependencies:**
- Execution lock acquisition/release
- Heartbeat management
- Error budget tracking
**Gap Identified:** E2E test uses hardcoded Redis password (`governance2026`) instead of fetching from Vault.
---
## STATUS.md File Inconsistencies
Several STATUS.md files show "Current Phase: NOT STARTED" in the header but "COMPLETE" or "IN_PROGRESS" in the Activity Log:
| Directory | Header Says | Activity Log Says |
|-----------|-------------|-------------------|
| `runtime/` | NOT STARTED | COMPLETE |
| `preflight/` | NOT STARTED | COMPLETE |
| `pipeline/` | NOT STARTED | COMPLETE |
| `integrations/` | NOT STARTED | IN_PROGRESS |
| `integrations/github/` | NOT STARTED | (needs update) |
| `integrations/slack/` | NOT STARTED | (needs update) |
**Action Required:** Update STATUS.md files to reflect actual completion state.
---
## Backfill Requirements
### Priority 1: Type Synchronization ✅ COMPLETE
1. **Updated `pipeline/core.py`** to include:
-`ViolationSeverity` enum (4 levels)
- ✅ Full `ViolationType` enum (14 types with severity mapping)
-`IntegrationEventType` enum (9 event types)
-`VIOLATION_SEVERITY_MAP` for severity lookups
-`INTEGRATION_EVENT_PHASE_MAP` for lifecycle mapping
-`RevocationType` alias for backwards compatibility
2. **Import flow established:**
```
pipeline/core.py (authoritative source)
runtime/revocation.py (can now import from core)
integrations/*.py (uses IntegrationEventType)
```
### Priority 2: STATUS.md Corrections ✅ COMPLETE
Updated files to show correct Current Phase:
- ✅ `/opt/agent-governance/runtime/STATUS.md` → COMPLETE
- ✅ `/opt/agent-governance/preflight/STATUS.md` → COMPLETE
- ✅ `/opt/agent-governance/pipeline/STATUS.md` → COMPLETE
- ✅ `/opt/agent-governance/integrations/STATUS.md` → IN_PROGRESS (with test results)
- ✅ `/opt/agent-governance/integrations/github/STATUS.md` → COMPLETE (10/10 tests)
- ✅ `/opt/agent-governance/integrations/slack/STATUS.md` → COMPLETE (17/17 tests)
### Priority 3: Credential Hardening (Deferred)
Replace hardcoded credentials in test files with Vault lookups:
- `/opt/agent-governance/tests/real_e2e_test.py:28` - `REDIS_PASSWORD`
- **Status:** Low priority - test files only, not production code
---
## Summary
| Category | Items | Status |
|----------|-------|--------|
| Type definitions in sync | 3 gaps | ✅ COMPLETE |
| STATUS.md files accurate | 6 files | ✅ COMPLETE |
| Credentials secure | 1 hardcoded | Deferred (test-only) |
| Tests passing | 53/53 | ✅ COMPLETE |
**Result:** All critical backfill requirements addressed. Phase 8 Production Hardening can proceed with confidence that earlier phases are consistent.
Reference in New Issue View Git Blame Copy Permalink