mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases 2 Wiki Activity
980 Commits 68 Branches 4 Tags
511d091a94e7e7c9ae1a8ba901294ac6a72d8e67
Commit Graph

11 Commits

Author SHA1 Message Date
Jason Woltje
4294deda49 docs(design): MS22 DB-centric agent fleet architecture (#604) 
Co-authored-by: Jason Woltje <jason@diversecanvas.com>
Co-committed-by: Jason Woltje <jason@diversecanvas.com>
 2026-03-01 14:35:14 +00:00
Jason Woltje
d218902cb0 docs: design system reference and task completion (MS15-DOC-001) (#454) 
Co-authored-by: Jason Woltje <jason@diversecanvas.com>
Co-committed-by: Jason Woltje <jason@diversecanvas.com>
 2026-02-22 21:20:28 +00:00
Jason Woltje
51ce32cc76 docs(#346): Add credential security architecture design document 
Comprehensive design document for M7-CredentialSecurity milestone covering
hybrid OpenBao Transit + PostgreSQL encryption approach, threat model,
UserCredential data model, API design, RLS enforcement strategy, turnkey
OpenBao Docker integration, and 5-phase implementation plan.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-07 11:15:58 -06:00
Jason Woltje
bed440dc36 docs(m6): Add Usage Budget Management section
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details 
Add comprehensive usage budget management design to M6
orchestration architecture.

FEATURES:
- Real-time usage tracking across agents
- Budget allocation per task/milestone/project
- Usage projection and burn rate calculation
- Throttling decisions to prevent budget exhaustion
- Model tier optimization (Haiku/Sonnet/Opus)
- Pre-commit usage validation

DATA MODEL:
- usage_budgets table (allocated/consumed/remaining)
- agent_usage_logs table (per-agent tracking)
- Valkey keys for real-time state

BUDGET CHECKPOINTS:
1. Task assignment - can afford this task?
2. Agent spawn - verify budget headroom
3. Checkpoint intervals - periodic compliance
4. Pre-commit validation - usage efficiency

PRIORITY: MVP (M6 Phase 3) for basic tracking, Phase 5 for
advanced projection and optimization.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-07 09:55:21 -06:00
Jason Woltje
12abdfe81d feat(#93): implement agent spawn via federation 
Implements FED-010: Agent Spawn via Federation feature that enables
spawning and managing Claude agents on remote federated Mosaic Stack
instances via COMMAND message type.

Features:
- Federation agent command types (spawn, status, kill)
- FederationAgentService for handling agent operations
- Integration with orchestrator's agent spawner/lifecycle services
- API endpoints for spawning, querying status, and killing agents
- Full command routing through federation COMMAND infrastructure
- Comprehensive test coverage (12/12 tests passing)

Architecture:
- Hub → Spoke: Spawn agents on remote instances
- Command flow: FederationController → FederationAgentService →
  CommandService → Remote Orchestrator
- Response handling: Remote orchestrator returns agent status/results
- Security: Connection validation, signature verification

Files created:
- apps/api/src/federation/types/federation-agent.types.ts
- apps/api/src/federation/federation-agent.service.ts
- apps/api/src/federation/federation-agent.service.spec.ts

Files modified:
- apps/api/src/federation/command.service.ts (agent command routing)
- apps/api/src/federation/federation.controller.ts (agent endpoints)
- apps/api/src/federation/federation.module.ts (service registration)
- apps/orchestrator/src/api/agents/agents.controller.ts (status endpoint)
- apps/orchestrator/src/api/agents/agents.module.ts (lifecycle integration)

Testing:
- 12/12 tests passing for FederationAgentService
- All command service tests passing
- TypeScript compilation successful
- Linting passed

Refs #93

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-03 14:37:06 -06:00
Jason Woltje
82a09373e0 docs: add Federation Architecture design document 
Captures:
- Peer-to-peer federation model (master/spoke)
- Agent Federation Protocol (CONNECT, QUERY, COMMAND, EVENT, DISCONNECT)
- Authentik integration for enterprise SSO and RBAC
- Data sovereignty principles (query, don't replicate)
- RBAC model with workspace/team hierarchy
- Implementation phases targeting 0.1.0 MVP
- Versioning policy (0.0.x dev, 0.1.0 MVP, 1.0.0 stable)
 2026-01-29 17:25:57 -06:00
Jason Woltje
4729f964f1 docs: add M2 database layer completion report 2026-01-29 16:14:20 -06:00
Jason Woltje
f07f04404d feat(knowledge): add tag management API (KNOW-003) 
- Add Tag DTOs (CreateTagDto, UpdateTagDto) with validation
- Implement TagsService with CRUD operations
- Add TagsController with authenticated endpoints
- Support automatic slug generation from tag names
- Add workspace isolation for tags
- Include entry count in tag responses
- Add findOrCreateTags method for entry creation/update
- Implement comprehensive test coverage (29 tests passing)

Endpoints:
- GET /api/knowledge/tags - List workspace tags
- POST /api/knowledge/tags - Create tag
- GET /api/knowledge/tags/:slug - Get tag by slug
- PUT /api/knowledge/tags/:slug - Update tag
- DELETE /api/knowledge/tags/:slug - Delete tag
- GET /api/knowledge/tags/:slug/entries - List entries with tag

Related: KNOW-003
 2026-01-29 16:13:40 -06:00
Jason Woltje
244e50c806 feat(multi-tenant): add Team model and RLS policies 
Implements #9, #10
- Team model with workspace membership
- TeamMember model with role-based access (OWNER, ADMIN, MEMBER)
- Row-Level Security policies for tenant isolation on 19 tables
- Helper functions: current_user_id(), is_workspace_member(), is_workspace_admin()
- Developer utilities in src/lib/db-context.ts for easy RLS integration
- Comprehensive documentation in docs/design/multi-tenant-rls.md

Database migrations:
- 20260129220941_add_team_model: Adds Team and TeamMember tables
- 20260129221004_add_rls_policies: Enables RLS and creates policies

Security features:
- Complete database-level tenant isolation
- Automatic query filtering based on workspace membership
- Defense-in-depth security with application and database layers
- Performance-optimized with indexes on workspace_id
 2026-01-29 16:13:09 -06:00
Jason Woltje
9b7e1f926f docs(adr): add ADR-001 API-first agent-agnostic design 
Key decision: Mosaic Stack exposes APIs first, agent skills are thin wrappers.
Platform works standalone, agent layer is swappable.
 2026-01-29 16:05:09 -06:00
Jason Woltje
91399f597f docs(design): add Knowledge Module design and implementation plan 
- Full design document with architecture, data model, API specs
- 28 implementation issues across 5 phases (~127h total)
- Wiki-link syntax, semantic search, graph visualization
- Integration points for agent access

Ref: memory/2025-01-29-agent-orchestration.md
 2026-01-29 15:38:50 -06:00