Skip to content

Commit eb9130b

Browse files
committed
feat: framework refactor — Phases 1-9 + ASR MVP + risk-rated gateway
Evolves the incident orchestrator into a generic agent-orchestration framework with ASR (autonomous SRE) as the flagship example app, plus code-review as a second example proving genericity. Phase 1 — Domain extraction - src/orchestrator → src/runtime + repository split - examples/incident_management/ + examples/code_review/ Phase 2 — Memory + extensible state + checkpointer - Generic Session base; IncidentState subclasses it - SessionStore[StateT] with extra_fields JSON tunnel - AsyncSqliteSaver / AsyncPostgresSaver via make_checkpointer Phase 3 — Multi-session OrchestratorService - Long-lived asyncio loop on a daemon thread - submit_async helper avoids deadlocks on httpx ASGITransport - SessionCapExceeded backpressure Phase 4 — Risk-rated tool gateway + prod-HITL - low/medium/high risk tiers, prod-overrides applied first - _GatedToolMarker idempotence guard prevents wrap-of-wrap - P4-I: pending-approval timeout watchdog (configurable seconds) Phase 5 — Trigger registry - api / webhook / schedule / plugin transports + idempotency Phase 6 — Agent kinds (responsive / supervisor / monitor) - Skill.kind discriminator with per-kind validators Phase 7 — Two-stage dedup pipeline - Embedding similarity → LLM Pydantic-typed structured output - parent_session_id + dedup_rationale on Session - parse-failure observability via structured warnings + counter Phase 8 — Code-review example app proving genericity Phase 9 — ASR MVP supervisor framework hook (P9-9h) - Skill.runner dotted-path with fail-fast YAML resolution - default_supervisor_runner wires hydrate_and_gate - FS-backed memory (KG, releases, playbooks); seeds at examples/.../seeds/ Framework hardening - FrameworkAppConfig refactor closes 4 framework→app leaks - Generic StateT bound, app-overridable id_format + to_agent_input - SessionStartBody.submitter dict (replaces reporter_id/reporter_team) - start_session(state_overrides=...) (replaces environment kwarg) - Genericity ratchet (scripts/check_genericity.py) at baseline 139 Build / ops - Single-file bundle: dist/app.py + dist/apps/{incident-management,code-review}.py - SQLite WAL + BEGIN IMMEDIATE + busy_timeout=30000 across stores - APScheduler in-process, optional [postgres] extra for air-gapped deploys Tests: 754 passed, 3 skipped.
1 parent 5315c1c commit eb9130b

226 files changed

Lines changed: 60455 additions & 4922 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

ASR.md

Lines changed: 974 additions & 0 deletions
Large diffs are not rendered by default.

config/config.yaml

Lines changed: 39 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -43,7 +43,7 @@ mcp:
4343
servers:
4444
- name: local_inc
4545
transport: in_process
46-
module: orchestrator.mcp_servers.incident
46+
module: examples.incident_management.mcp_server
4747
category: incident_management
4848
- name: local_observability
4949
transport: in_process
@@ -64,23 +64,44 @@ mcp:
6464
Authorization: Bearer ${EXT_TOKEN}
6565
category: ticketing
6666
enabled: false
67-
environments:
68-
- production
69-
- staging
70-
- dev
71-
- local
72-
incidents:
73-
store_path: incidents
74-
similarity_threshold: 0.2
75-
similarity_method: keyword
7667
paths:
77-
skills_dir: config/skills
68+
skills_dir: examples/incident_management/skills
7869
incidents_dir: incidents
79-
intervention:
80-
confidence_threshold: 0.75
81-
escalation_teams:
82-
- platform-oncall
83-
- data-oncall
84-
- security-oncall
8570
orchestrator:
86-
entry_agent: intake
71+
# P9-9h: ASR investigation supervisor is the entry agent. It hydrates
72+
# L2/L5/L7 memory and applies the single-active-investigation gate
73+
# before dispatching to ``triage``.
74+
entry_agent: asr_supervisor
75+
runtime:
76+
# Wires the orchestrator and storage layer to the incident-management
77+
# domain state class (see examples/incident_management/state.py).
78+
# Apps swapping in a different state class point this at their own
79+
# ``Session`` subclass.
80+
state_class: examples.incident_management.state.IncidentState
81+
# Cross-cutting framework knobs (confidence threshold, escalation
82+
# roster, severity aliases, dedup prompt) come from a no-arg
83+
# provider the example app exposes. Lets the runtime read them
84+
# without ever importing IncidentAppConfig.
85+
framework_app_config_path: examples.incident_management.config:framework_app_config_provider
86+
# Two-stage dedup pipeline shape. The provider returns ``None`` when
87+
# the bundled example app's YAML disables it.
88+
dedup_config_path: examples.incident_management.config:dedup_config_provider
89+
# Environments roster surfaced on GET /environments.
90+
environments_provider_path: examples.incident_management.config:environments_provider
91+
# P9-9k: Risk-rated tool gateway with prod-HITL override.
92+
# ``policy`` declares per-tool risk tiers; tools absent default to ``low``.
93+
# ``prod_overrides`` forces ``require-approval`` regardless of the tier
94+
# whenever the live session's environment is in ``prod_environments``
95+
# AND the tool matches a ``resolution_trigger_tools`` glob. The override
96+
# only TIGHTENS — it can never relax a higher-risk tool to ``auto``.
97+
gateway:
98+
policy:
99+
update_incident: medium
100+
"remediation:restart_service": high
101+
"remediation:rollback": high
102+
prod_overrides:
103+
prod_environments:
104+
- production
105+
resolution_trigger_tools:
106+
- update_incident
107+
- "remediation:*"

0 commit comments

Comments
 (0)