chore: bootstrap agnostic agent harness framework
This commit is contained in:
63
harness/agents.matrix.yml
Normal file
63
harness/agents.matrix.yml
Normal file
@@ -0,0 +1,63 @@
|
||||
version: 1
|
||||
|
||||
roles:
|
||||
leader:
|
||||
can_edit: ["work/", "backlog/", "spec/", "harness/"]
|
||||
cannot_edit: ["src/", "tests/"]
|
||||
responsibilities:
|
||||
- plan
|
||||
- orchestrate
|
||||
- enforce_gates
|
||||
- close_feature
|
||||
|
||||
architect:
|
||||
can_edit: ["spec/", "harness/contracts/", "docs/"]
|
||||
cannot_edit: ["src/", "tests/", "backlog/features.json:status"]
|
||||
responsibilities:
|
||||
- design
|
||||
- update_contracts
|
||||
|
||||
implementer:
|
||||
can_edit: ["src/", "tests/", "work/artifacts/"]
|
||||
cannot_edit:
|
||||
- "backlog/features.json:done"
|
||||
- "work/history.md"
|
||||
- "work/artifacts/*/reviewer.json"
|
||||
- "work/artifacts/*/security.json"
|
||||
- "work/artifacts/*/qa.json"
|
||||
- "work/artifacts/*/leader-close.json"
|
||||
responsibilities:
|
||||
- implement_feature
|
||||
- write_tests
|
||||
- produce_implementer_evidence
|
||||
|
||||
reviewer:
|
||||
can_edit: ["work/artifacts/"]
|
||||
cannot_edit: ["src/", "tests/", "backlog/"]
|
||||
responsibilities:
|
||||
- technical_review
|
||||
- emit_reviewer_verdict
|
||||
|
||||
security:
|
||||
can_edit: ["work/artifacts/"]
|
||||
cannot_edit: ["src/", "tests/", "backlog/"]
|
||||
responsibilities:
|
||||
- sast
|
||||
- dependency_review
|
||||
- secret_scan
|
||||
- emit_security_verdict
|
||||
|
||||
qa:
|
||||
can_edit: ["work/artifacts/"]
|
||||
cannot_edit: ["src/", "tests/", "backlog/"]
|
||||
responsibilities:
|
||||
- acceptance_traceability
|
||||
- integration_e2e_checks
|
||||
- regression_checks
|
||||
- emit_qa_verdict
|
||||
|
||||
anti_cheat:
|
||||
- "Implementer cannot promote feature to done"
|
||||
- "Done requires reviewer/security/qa approved artifacts"
|
||||
- "Leader close requires verify.sh success"
|
||||
- "Evidence must be on disk; chat-only claims are invalid"
|
||||
19
harness/contracts/evidence.schema.json
Normal file
19
harness/contracts/evidence.schema.json
Normal file
@@ -0,0 +1,19 @@
|
||||
{
|
||||
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
||||
"$id": "https://arnes.local/evidence.schema.json",
|
||||
"title": "Gate Evidence",
|
||||
"type": "object",
|
||||
"required": ["feature_id", "agent", "verdict", "summary", "evidence", "timestamp"],
|
||||
"properties": {
|
||||
"feature_id": { "type": "string", "minLength": 1 },
|
||||
"agent": { "type": "string", "enum": ["reviewer", "security", "qa", "leader"] },
|
||||
"verdict": { "type": "string", "enum": ["APPROVED", "CHANGES_REQUESTED"] },
|
||||
"summary": { "type": "string", "minLength": 1 },
|
||||
"evidence": {
|
||||
"type": "array",
|
||||
"items": { "type": "string", "minLength": 1 }
|
||||
},
|
||||
"timestamp": { "type": "string", "format": "date-time" }
|
||||
},
|
||||
"additionalProperties": true
|
||||
}
|
||||
21
harness/contracts/handoff.md
Normal file
21
harness/contracts/handoff.md
Normal file
@@ -0,0 +1,21 @@
|
||||
# Handoff Contract
|
||||
|
||||
## Regla anti teléfono-descompuesto
|
||||
Los agentes **no** devuelven código en chat. Deben escribir a disco y responder solo:
|
||||
- `done -> <ruta>`
|
||||
- `blocked -> <ruta>`
|
||||
|
||||
## Rutas estándar por feature
|
||||
- `work/artifacts/<feature_id>/implementer.md`
|
||||
- `work/artifacts/<feature_id>/reviewer.json`
|
||||
- `work/artifacts/<feature_id>/security.json`
|
||||
- `work/artifacts/<feature_id>/qa.json`
|
||||
- `work/artifacts/<feature_id>/leader-close.json`
|
||||
|
||||
## Campos mínimos de artefactos JSON de gate
|
||||
- `feature_id` (string)
|
||||
- `agent` (reviewer|security|qa|leader)
|
||||
- `verdict` (APPROVED|CHANGES_REQUESTED)
|
||||
- `summary` (string)
|
||||
- `evidence` (array de comandos/salidas/rutas)
|
||||
- `timestamp` (ISO 8601)
|
||||
16
harness/policies/governance.md
Normal file
16
harness/policies/governance.md
Normal file
@@ -0,0 +1,16 @@
|
||||
# Governance Policy
|
||||
|
||||
## Reglas
|
||||
- Una sola feature activa (`in_progress`) a la vez.
|
||||
- El pipeline es secuencial con gates obligatorios.
|
||||
- `done` solo por `leader` y solo con evidencia completa.
|
||||
|
||||
## Separación de funciones
|
||||
- Implementer construye.
|
||||
- Reviewer/Security/QA validan.
|
||||
- Leader decide cierre.
|
||||
|
||||
## Prohibiciones
|
||||
- Saltar gates.
|
||||
- Aprobar con evidencia incompleta.
|
||||
- Cerrar con `verify.sh` en rojo.
|
||||
12
harness/policies/quality.md
Normal file
12
harness/policies/quality.md
Normal file
@@ -0,0 +1,12 @@
|
||||
# Quality Policy
|
||||
|
||||
## Gate QA (obligatorio)
|
||||
Cada feature debe tener `work/artifacts/<feature_id>/qa.json` con:
|
||||
- `verdict`: APPROVED | CHANGES_REQUESTED
|
||||
- trazabilidad criterio de aceptación -> test
|
||||
- resultado de pruebas integración/E2E relevantes
|
||||
|
||||
## Reglas
|
||||
- No hay `done` sin cobertura mínima de acceptance.
|
||||
- No hay `done` con regresiones abiertas.
|
||||
- Claims sin evidencia ejecutable no son válidos.
|
||||
12
harness/policies/security.md
Normal file
12
harness/policies/security.md
Normal file
@@ -0,0 +1,12 @@
|
||||
# Security Policy
|
||||
|
||||
## Gate de seguridad (obligatorio)
|
||||
Cada feature debe tener `work/artifacts/<feature_id>/security.json` con:
|
||||
- `verdict`: APPROVED | CHANGES_REQUESTED
|
||||
- `checks`: secretos, dependencias, SAST básico, validación de inputs
|
||||
- `findings`: lista de hallazgos con severidad
|
||||
|
||||
## Reglas
|
||||
- Si hay hallazgos críticos/altos sin mitigación: `CHANGES_REQUESTED`.
|
||||
- No se permite exponer credenciales ni secretos en repo/chat.
|
||||
- Dependencias nuevas requieren justificación en `spec/tech.md`.
|
||||
55
harness/workflow.stages.yml
Normal file
55
harness/workflow.stages.yml
Normal file
@@ -0,0 +1,55 @@
|
||||
version: 1
|
||||
|
||||
feature_states:
|
||||
allowed: [pending, in_progress, blocked, done]
|
||||
|
||||
stages:
|
||||
- name: intake
|
||||
owner: leader
|
||||
input:
|
||||
- backlog/features.json
|
||||
- work/current.md
|
||||
output:
|
||||
- work/current.md
|
||||
|
||||
- name: design
|
||||
owner: architect
|
||||
optional: true
|
||||
output:
|
||||
- work/artifacts/<feature_id>/architect.md
|
||||
|
||||
- name: build
|
||||
owner: implementer
|
||||
output:
|
||||
- work/artifacts/<feature_id>/implementer.md
|
||||
|
||||
- name: review_gate
|
||||
owner: reviewer
|
||||
required: true
|
||||
output:
|
||||
- work/artifacts/<feature_id>/reviewer.json
|
||||
|
||||
- name: security_gate
|
||||
owner: security
|
||||
required: true
|
||||
output:
|
||||
- work/artifacts/<feature_id>/security.json
|
||||
|
||||
- name: qa_gate
|
||||
owner: qa
|
||||
required: true
|
||||
output:
|
||||
- work/artifacts/<feature_id>/qa.json
|
||||
|
||||
- name: close
|
||||
owner: leader
|
||||
required: true
|
||||
output:
|
||||
- work/artifacts/<feature_id>/leader-close.json
|
||||
- work/history.md
|
||||
|
||||
close_requirements:
|
||||
- reviewer.json.verdict == "APPROVED"
|
||||
- security.json.verdict == "APPROVED"
|
||||
- qa.json.verdict == "APPROVED"
|
||||
- scripts/verify.sh exit_code == 0
|
||||
Reference in New Issue
Block a user