docs: session 2 orchestrator bookkeeping — M3/M4/M5 complete
- MISSION-MANIFEST: mark cu-m03/04/05 done, cu-m06/07 in-progress - TASKS: mark CU-03-01..08, CU-04-01..05, CU-05-01..10 done - scratchpad: append Session 2 log, Wave 1-4 outcomes, new gotchas Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Jarvis
@@ -154,6 +154,43 @@ No code changes to `apps/`, `packages/mosaic/`, or any other runtime package. Se
|
||||
- **pr-create.sh wrapper bug:** Discovered during M1 — `~/.config/mosaic/tools/git/pr-create.sh` line 158 uses `eval "$CMD"`, which shell-evaluates any backticks / `$(…)` / `${…}` in PR bodies. Workaround: strip backticks from PR bodies (use bold / italic / plain text instead), or use `tea pr create` directly. Captured in openbrain as gotcha. Should be fixed upstream in Mosaic tools repo at some point, but out of scope for this mission.
|
||||
- **Mosaic coord / orchestrator session lock drift:** `.mosaic/orchestrator/session.lock` gets re-written every session launch and shows up as a dirty working tree on branch switch. Not blocking — just noise to ignore.
|
||||
|
||||
## Session 2 Log (2026-04-05)
|
||||
|
||||
**Session 2 agent:** claude-opus-4-6[1m]
|
||||
**Mode:** parallel orchestration across worktrees
|
||||
|
||||
### Wave 1 — M3 (gateway token recovery)
|
||||
|
||||
- CU-03-01 plan landed as PR #401 → `docs/plans/gateway-token-recovery.md`. Confirmed no server changes needed — AdminGuard already accepts BetterAuth cookies, `POST /api/admin/tokens` is the existing mint endpoint.
|
||||
- CU-03-02..07 implemented as PR #411: `mosaic gateway login` (interactive BetterAuth sign-in, session persisted), `mosaic gateway config rotate-token`, `mosaic gateway config recover-token`, fix for `bootstrapFirstUser` "user exists, no token" dead-end, 22 new unit tests. New files: `commands/gateway/login.ts`, `commands/gateway/token-ops.ts`.
|
||||
- CU-03-08 independent code review surfaced 2 BLOCKER findings (session.json world-readable, password echoed during prompt) + 3 important findings (trimmed password, cross-gateway token persistence, unsafe `--password` flag). Remediated in PR #414: `saveSession` writes mode 0o600, new `promptSecret()` uses TTY raw mode, persistence target now matches `--gateway` host, `--password` marked UNSAFE with warning.
|
||||
|
||||
### Wave 2 — M4 (help ergonomics + mosaic config)
|
||||
|
||||
- CU-04-01..03 landed as PR #402: `configureHelp({ sortSubcommands: true })` on root + gateway subgroup, plus an `addHelpText('after', …)` grouped-reference section (Commander 13 has no native command-group API).
|
||||
- CU-04-04/05 landed as PR #408: top-level `mosaic config` with `show|get|set|edit|path`, extends `config/config-service.ts` with `readAll`, `getValue`, `setValue`, `getConfigPath`, `isInitialized` + `ConfigSection`/`ResolvedConfig` types. Additive only.
|
||||
|
||||
### Wave 3 — M5 (sub-package CLI surface, 8 commands + integration)
|
||||
|
||||
Parallel-dispatched in isolated worktrees. All merged:
|
||||
|
||||
- PR #403 `mosaic brain`, PR #404 `mosaic queue`, PR #405 `mosaic storage`, PR #406 `mosaic memory`, PR #407 `mosaic log`, PR #410 `mosaic macp`, PR #412 `mosaic forge`, PR #413 `mosaic auth`.
|
||||
- Every package exports `register<Name>Command(parent: Command)` co-located with library code, following `@mosaicstack/quality-rails` pattern. Each wired into `packages/mosaic/src/cli.ts` with alphabetized `register…Command(program)` calls.
|
||||
- PR #415 landed CU-05-10 integration smoke test (`packages/mosaic/src/cli-smoke.spec.ts`, 19 tests covering all 9 registrars) PLUS a pre-existing exports bug fix in `packages/macp/package.json` (`default` pointed at `./src/index.ts` instead of `./dist/index.js`, breaking ERR_MODULE_NOT_FOUND when compiled mosaic CLI tried to load macp at runtime). Caught by empirical `node packages/mosaic/dist/cli.js --help` test before merge.
|
||||
|
||||
### New gotchas captured in Session 2
|
||||
|
||||
- **`pr-create.sh` "Remote repository required" failure:** wrapper can't detect origin in multi-remote contexts. Fallback used throughout: direct Gitea API `curl -X POST …/api/v1/repos/mosaicstack/mosaic-stack/pulls` with body JSON.
|
||||
- **`publish` workflow killed on post-merge pushes:** pipelines 735, 742, 747, 750, 758, 767 all show the Docker build step killed after `ci` workflow succeeded. Pre-existing infrastructure issue (observed on #714/#715 pre-mission). The `ci` workflow is the authoritative gate; `publish` killing is noise.
|
||||
- **macp exports.default misaligned:** latent bug from original monorepo consolidation — every other package already pointed at `dist/`. Only exposed when compiled CLI started loading macp at runtime.
|
||||
- **Commander 13 grouping:** no native command-group API; workaround is `addHelpText('after', groupedReferenceString)` + alphabetized flat list via `sortSubcommands: true`.
|
||||
|
||||
### Wave 4 — M6 + M7 (in-flight)
|
||||
|
||||
- M6 `mosaic telemetry` dispatched to full-milestone subagent in isolated worktree. Full scope: CU-06-01..05 including `@mosaicstack/telemetry-client-js` dependency, local OTEL wrapper (`telemetry local {status,tail,jaeger}`), opt-in remote path with dry-run default, persistent consent state in config service, tests, codex review.
|
||||
- M7 first-run UX dispatched to full-milestone subagent in isolated worktree. Full scope: CU-07-01..04 including `install.sh` `--yes`/`--no-auto-launch` flags + wizard handoff, wizard/gateway-install coordination via transient `$XDG_RUNTIME_DIR/mosaic-install-state.json`, `runPostInstallVerification` exposed as `mosaic gateway verify`, Docker-based `tools/e2e-install-test.sh`.
|
||||
- M8 (docs + release) gated on M6+M7 landing; will be single-orchestrator PR after both merge.
|
||||
|
||||
## Verification Evidence
|
||||
|
||||
### CU-01-01 (PR #398)
|
||||
|
||||
Reference in New Issue
Block a user