77655c298c
Phase 8 Production Hardening with complete governance infrastructure: - Vault integration with tiered policies (T0-T4) - DragonflyDB state management - SQLite audit ledger - Pipeline DSL and templates - Promotion/revocation engine - Checkpoint system for session persistence - Health manager and circuit breaker for fault tolerance - GitHub/Slack integrations - Architectural test pipeline with bug watcher, suggestion engine, council review - Multi-agent chaos testing framework Test Results: - Governance tests: 68/68 passing - E2E workflow: 16/16 passing - Phase 2 Vault: 14/14 passing - Integration tests: 27/27 passing Coverage: 57.6% average across 12 phases Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
93 lines
2.1 KiB
JSON
93 lines
2.1 KiB
JSON
{
|
|
"agent_id": "tier0-agent-001",
|
|
"agent_version": "1.0.0",
|
|
"tier": 1,
|
|
"tier_name": "Operator",
|
|
"promoted_from": 0,
|
|
"promoted_at": "2026-01-23T21:58:51+00:00",
|
|
|
|
"description": "Tier 1 Operator Agent - Sandbox execution, basic deployments",
|
|
|
|
"capabilities": {
|
|
"read_inventory": true,
|
|
"read_documentation": true,
|
|
"generate_plans": true,
|
|
"execute_commands": true,
|
|
"modify_files": true,
|
|
"access_secrets": false,
|
|
"ssh_access": true,
|
|
"api_access": true
|
|
},
|
|
|
|
"constraints": {
|
|
"allowed_actions": [
|
|
"read_file",
|
|
"list_directory",
|
|
"search_code",
|
|
"generate_plan",
|
|
"request_review",
|
|
"execute_command",
|
|
"write_file",
|
|
"ansible_check",
|
|
"ansible_run",
|
|
"terraform_plan",
|
|
"terraform_apply",
|
|
"docker_run"
|
|
],
|
|
"forbidden_actions": [
|
|
"delete_production",
|
|
"access_vault_root",
|
|
"modify_governance"
|
|
],
|
|
"allowed_targets": [
|
|
"localhost",
|
|
"sandbox-*"
|
|
],
|
|
"forbidden_targets": [
|
|
"prod-*",
|
|
"staging-db-*"
|
|
],
|
|
"allowed_paths": [
|
|
"/opt/agent-governance/docs/",
|
|
"/opt/agent-governance/inventory/",
|
|
"/opt/agent-governance/sandbox/",
|
|
"/opt/agent-governance/agents/tier1-agent/workspace/",
|
|
"/opt/agent-governance/agents/tier1-agent/plans/"
|
|
],
|
|
"forbidden_paths": [
|
|
"/opt/vault/init-keys.json",
|
|
"/etc/shadow",
|
|
"/root/.ssh/"
|
|
]
|
|
},
|
|
|
|
"vault": {
|
|
"auth_method": "approle",
|
|
"role_name": "tier1-agent",
|
|
"token_ttl": "30m",
|
|
"token_max_ttl": "2h",
|
|
"policies": ["t1-operator", "agent-self-read", "sandbox-access"]
|
|
},
|
|
|
|
"governance": {
|
|
"preflight_required": true,
|
|
"plan_approval_required": false,
|
|
"evidence_required": true,
|
|
"heartbeat_interval": 30,
|
|
"error_budget": {
|
|
"max_total_errors": 8,
|
|
"max_same_error_repeats": 3
|
|
}
|
|
},
|
|
|
|
"promotion": {
|
|
"target_tier": 2,
|
|
"requirements": {
|
|
"min_compliant_runs": 10,
|
|
"min_consecutive_compliant": 5,
|
|
"required_actions": ["ansible_run", "terraform_apply"],
|
|
"max_violations_30d": 0
|
|
}
|
|
}
|
|
}
|