coulomb/adaptive-pricing
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Complete ADAPTIVE-WP-0001 State Hub bootstrap

Browse Source 
Set bootstrap workplan active and finish all tasks: refine SCOPE.md and
README.md, add Dev Workflow and credential routing to AGENTS.md, propagate
.claude/rules/credential-routing.md, and document early-phase verification
commands (fix-consistency, registry sanity check).
This commit is contained in:
Bernd Worsch
2026-06-22 01:20:07 +02:00
parent 3af0c8b7f7
commit 3feba6eebc
5 changed files with 179 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
.claude/rules/credential-routing.md Normal file
View File

@@ -0,0 +1,50 @@
# Credential and access routing
**Audience:** Codex, Claude Code, Grok, and custodian agents that call **llm-connect**
for inference. Run this check **before** requesting secrets, API keys, SSH access,
login tokens, or database passwords — in any repo, not only `ops-warden`.
ops-warden **issues SSH certificates only** (`warden sign`, `cert_command`). Every
other credential need belongs to another subsystem. **Do not** message
`ops-warden` on State Hub expecting a secret value; the reply is a pointer, not a key.
### Lookup (do this first)
```bash
warden route find "<describe your need>" --json
warden route show <catalog-id> --json
```
Requires the `warden` CLI from `~/ops-warden` (`uv tool install .` or `uv run warden`).
| Agent runtime | How to orient |
| --- | --- |
| **Codex / Grok** (shell, HTTP State Hub) | `warden route` commands above; inbox `to_agent=adaptive-pricing` is for coordination, not secret vending |
| **Claude Code** (MCP when available) | `get_domain_summary("custodian")` for workstreams; **still** use `warden route` for credential ownership |
| **llm-connect** (inference service) | Never put secret retrieval in prompts; route custody to OpenBao/operator paths surfaced by `warden route` |
### Quick routing table
| I need… | Owner | ops-warden executes? |
| --- | --- | --- |
| SSH cert (`adm`/`agt`/`atm`) | ops-warden | **Yes**`warden sign` |
| API key, DB password, provider token | OpenBao (`railiance-platform`) | No — route only |
| Login / OIDC / MFA | key-cape / Keycloak | No — route only |
| Authorization decision | flex-auth | No — route only |
| activity-core → issue-core emission | activity-core + issue-core | No — `warden route show activity-core-issue-sink` |
| SSH tunnel | ops-bridge (+ `cert_command` from warden) | No — route only |
### Anti-patterns (do not do these)
- `POST /messages/` to `ops-warden` asking for `ISSUE_CORE_API_KEY`, `OPENROUTER_API_KEY`, etc.
- Inventing `warden secret`, `warden login`, `warden bao`, `warden tunnel` — they do not exist
- Pasting secrets into Git, State Hub, workplans, logs, or chat
### Other capabilities (reuse-surface)
Non-credential capabilities are usually discovered through **reuse-surface** federation
(`reuse-surface` registry / `capability.*` indexes). Credential routing is inlined in
every repo's agent instructions because it is high-frequency, high-risk, and easy to
get wrong.
**Canon:** `~/ops-warden/wiki/CredentialRouting.md` · catalog `~/ops-warden/registry/routing/catalog.yaml`

76
AGENTS.md
View File

@@ -11,6 +11,29 @@
--- ---
## Dev Workflow
The repository is in an **early framework phase**: Markdown documentation, research
notes, and capability registry YAML. No application runtime, package manifest, or
automated test suite exists yet. Executable implementation begins under
`workplans/ADAPTIVE-WP-0002-economic-observatory-mvp.md`.
| Need | Command |
|------|---------|
| Install | none — no runtime dependencies |
| Test | none configured yet |
| Lint / format | none configured — match surrounding Markdown style |
| Build | none — documentation-only repo |
| Run | none |
| Workplan / hub sync | `cd ~/state-hub && make fix-consistency REPO=adaptive-pricing REPO_PATH=~/adaptive-pricing` |
| Registry sanity | `grep -q '^version:' registry/indexes/capabilities.yaml && echo OK` |
**Verify a change before declaring it done:** run `make fix-consistency` (expect
PASS), and confirm edited docs stay aligned with `INTENT.md` and
`docs/ProductRequirementsDocument.md`.
---
## State Hub Integration ## State Hub Integration
The Custodian State Hub tracks work across all domains. Interact via HTTP REST — The Custodian State Hub tracks work across all domains. Interact via HTTP REST —
@@ -101,7 +124,58 @@ curl -s -X PATCH "http://127.0.0.1:8000/tasks/<task_id>" \
--- ---
{CREDENTIAL_ROUTING} ## Credential and access routing
**Audience:** Codex, Claude Code, Grok, and custodian agents that call **llm-connect**
for inference. Run this check **before** requesting secrets, API keys, SSH access,
login tokens, or database passwords — in any repo, not only `ops-warden`.
ops-warden **issues SSH certificates only** (`warden sign`, `cert_command`). Every
other credential need belongs to another subsystem. **Do not** message
`ops-warden` on State Hub expecting a secret value; the reply is a pointer, not a key.
### Lookup (do this first)
```bash
warden route find "<describe your need>" --json
warden route show <catalog-id> --json
```
Requires the `warden` CLI from `~/ops-warden` (`uv tool install .` or `uv run warden`).
| Agent runtime | How to orient |
| --- | --- |
| **Codex / Grok** (shell, HTTP State Hub) | `warden route` commands above; inbox `to_agent=adaptive-pricing` is for coordination, not secret vending |
| **Claude Code** (MCP when available) | `get_domain_summary("custodian")` for workstreams; **still** use `warden route` for credential ownership |
| **llm-connect** (inference service) | Never put secret retrieval in prompts; route custody to OpenBao/operator paths surfaced by `warden route` |
### Quick routing table
| I need… | Owner | ops-warden executes? |
| --- | --- | --- |
| SSH cert (`adm`/`agt`/`atm`) | ops-warden | **Yes** — `warden sign` |
| API key, DB password, provider token | OpenBao (`railiance-platform`) | No — route only |
| Login / OIDC / MFA | key-cape / Keycloak | No — route only |
| Authorization decision | flex-auth | No — route only |
| activity-core → issue-core emission | activity-core + issue-core | No — `warden route show activity-core-issue-sink` |
| SSH tunnel | ops-bridge (+ `cert_command` from warden) | No — route only |
### Anti-patterns (do not do these)
- `POST /messages/` to `ops-warden` asking for `ISSUE_CORE_API_KEY`, `OPENROUTER_API_KEY`, etc.
- Inventing `warden secret`, `warden login`, `warden bao`, `warden tunnel` — they do not exist
- Pasting secrets into Git, State Hub, workplans, logs, or chat
### Other capabilities (reuse-surface)
Non-credential capabilities are usually discovered through **reuse-surface** federation
(`reuse-surface` registry / `capability.*` indexes). Credential routing is inlined in
every repo's agent instructions because it is high-frequency, high-risk, and easy to
get wrong.
**Canon:** `~/ops-warden/wiki/CredentialRouting.md` · catalog `~/ops-warden/registry/routing/catalog.yaml`
---
<!-- REPO-AGENTS-EXTENSIONS --> <!-- REPO-AGENTS-EXTENSIONS -->
<!-- Append repo-specific agent instructions below this marker. <!-- Append repo-specific agent instructions below this marker.

22
README.md
View File

@@ -1 +1,23 @@
# adaptive-pricing
Auto-regulating market value exploring price engine. Auto-regulating market value exploring price engine.
Framework for defining, evaluating, adapting, and implementing pricing models
across the product lifecycle — from cost-floor analysis through customer-tunable
pricing to payment-provider execution.
## Orient
| Doc | Purpose |
|-----|---------|
| [INTENT.md](INTENT.md) | Project purpose, problem space, lifecycle model |
| [docs/ProductRequirementsDocument.md](docs/ProductRequirementsDocument.md) | Generic product requirements |
| [AGENTS.md](AGENTS.md) | Agent instructions, dev workflow, State Hub integration |
| [workplans/](workplans/) | Active workstreams and tasks |
| [projects/coulomb-pricing/](projects/coulomb-pricing/) | Coulomb Social MVP deployment material |
## Status
Early framework phase (documentation and research). First implementation:
[Economic Observatory MVP](workplans/ADAPTIVE-WP-0002-economic-observatory-mvp.md)
for Coulomb Social.

35
SCOPE.md
View File

@@ -1,38 +1,41 @@
# SCOPE # SCOPE
> This file was generated by `statehub register`. Refine it as the repository
> boundaries become clearer.
## One-liner ## One-liner
Auto-regulating market value exploring price engine. Auto-regulating market value exploring price engine.
## Core Idea ## Core Idea
adaptive-pricing exists to provide the capability described in INTENT.md. `adaptive-pricing` provides a practical framework for defining, evaluating,
adapting, and implementing pricing models across the product lifecycle. See
`INTENT.md` for the full problem space, lifecycle model, and strategic direction.
## In Scope ## In Scope
- Maintain the repository's primary implementation.
- Keep docs, tests, and operational metadata current.
- Generic framework documentation (`INTENT.md`, `docs/`, `research/`, `registry/`). - Generic framework documentation (`INTENT.md`, `docs/`, `research/`, `registry/`).
- Pricing model vocabulary, lifecycle reasoning, and capability registry.
- Project-specific deployments under `projects/<slug>/`. - Project-specific deployments under `projects/<slug>/`.
- State Hub workplans under `workplans/` (ADR-001).
## Out of Scope ## Out of Scope
- Own unrelated adjacent systems. - Owning unrelated adjacent systems (Bubble.io, Stripe, OpenRouter runtimes).
- Make irreversible operational decisions without human approval. - Making irreversible operational or pricing decisions without human approval.
- Project-specific MVP material in `specs/` or other generic doc paths (use - Project-specific MVP material in generic doc paths (use `projects/<slug>/`).
`projects/<slug>/` instead).
## Current State ## Current State
- Status: active; implementation and stability should be verified by the repo agent. - **Phase:** early framework — documentation, research, and registry scaffolding.
- **Runtime:** none in this repo yet; first implementation is the Coulomb Social
Economic Observatory MVP (`ADAPTIVE-WP-0002`).
- **Bootstrap:** State Hub integration (`ADAPTIVE-WP-0001`) wires agent orientation,
workplan tracking, and custodian brief sync.
## Getting Oriented ## Getting Oriented
- Start with: INTENT.md - Start with: `INTENT.md`
- Product requirements (generic): docs/ProductRequirementsDocument.md - Product requirements (generic): `docs/ProductRequirementsDocument.md`
- Agent instructions: AGENTS.md - Agent instructions: `AGENTS.md`
- Workplans: workplans/ - Workplans: `workplans/`
- Coulomb MVP artifacts: projects/coulomb-pricing/ - Coulomb MVP artifacts: `projects/coulomb-pricing/`
- Offline hub brief: `.custodian-brief.md`

14
workplans/ADAPTIVE-WP-0001-statehub-bootstrap.md
View File

@@ -4,7 +4,7 @@ type: workplan
title: "Bootstrap State Hub integration" title: "Bootstrap State Hub integration"
domain: helix_forge domain: helix_forge
repo: adaptive-pricing repo: adaptive-pricing
status: ready status: finished
owner: codex owner: codex
topic_slug: helix-forge topic_slug: helix-forge
created: "2026-06-21" created: "2026-06-21"
@@ -20,7 +20,7 @@ Auto-regulating market value exploring price engine.
```task ```task
id: ADAPTIVE-WP-0001-T01 id: ADAPTIVE-WP-0001-T01
status: todo status: done
priority: high priority: high
state_hub_task_id: "48d1c0ad-0710-44e1-a5b8-8ec775dd8b79" state_hub_task_id: "48d1c0ad-0710-44e1-a5b8-8ec775dd8b79"
``` ```
@@ -28,11 +28,16 @@ state_hub_task_id: "48d1c0ad-0710-44e1-a5b8-8ec775dd8b79"
Review `INTENT.md`, `SCOPE.md`, `AGENTS.md`, and `.custodian-brief.md`. Review `INTENT.md`, `SCOPE.md`, `AGENTS.md`, and `.custodian-brief.md`.
Replace generated placeholders with repo-specific facts where needed. Replace generated placeholders with repo-specific facts where needed.
Done 2026-06-21: refined `SCOPE.md` and `README.md`, fixed `AGENTS.md` structure
(credential routing, repository layout), propagated credential-routing rules.
`INTENT.md` and `.custodian-brief.md` confirmed accurate (brief is fix-consistency
generated).
## Verify Local Developer Workflow ## Verify Local Developer Workflow
```task ```task
id: ADAPTIVE-WP-0001-T02 id: ADAPTIVE-WP-0001-T02
status: todo status: done
priority: high priority: high
state_hub_task_id: "94f16d97-3fe3-498f-8aa8-136649c106ad" state_hub_task_id: "94f16d97-3fe3-498f-8aa8-136649c106ad"
``` ```
@@ -41,6 +46,9 @@ Identify the repo's install, test, lint, build, and run commands. Add or refine
those commands in the agent instructions so future coding sessions can verify those commands in the agent instructions so future coding sessions can verify
changes confidently. changes confidently.
Done 2026-06-21: documented early-phase dev workflow in `AGENTS.md` (no runtime
yet; `make fix-consistency` and registry sanity check as verification steps).
## Seed First Real Workplan ## Seed First Real Workplan
```task ```task