generated from coulomb/repo-seed
Complete activity-core LLM endpoint handoff (LLM-WP-0006)
Switch the custodian triage default from anthropic/claude-sonnet-4 to google/gemini-2.5-flash, which advertises structured-output support on OpenRouter. Tighten the OpenRouter adapter to send strict JSON schema requests and set provider.require_parameters=true so routing only hits providers that honor the requested response_format. Update Kubernetes deploy docs and config for the verified coulombcore handoff: Containerfile build path, image-pull-policy=Never for smoke pods, credential-routing notes, and live smoke evidence. Mark LLM-WP-0006 finished with closure notes from 2026-06-18.
This commit is contained in:
@@ -4,13 +4,13 @@ type: workplan
|
||||
title: "Activity-Core Always-On LLM Endpoint"
|
||||
domain: custodian
|
||||
repo: llm-connect
|
||||
status: blocked
|
||||
status: finished
|
||||
owner: codex
|
||||
topic_slug: activity-core-llm-endpoint
|
||||
planning_priority: high
|
||||
planning_order: 6
|
||||
created: "2026-06-07"
|
||||
updated: "2026-06-07"
|
||||
updated: "2026-06-18"
|
||||
depends_on_workplans:
|
||||
- LLM-WP-0003
|
||||
related_workplans:
|
||||
@@ -20,7 +20,7 @@ state_hub_workstream_id: "8de71d58-1193-424f-8338-a9aa4e173c5b"
|
||||
|
||||
# LLM-WP-0006 - Activity-Core Always-On LLM Endpoint
|
||||
|
||||
**status:** blocked
|
||||
**status:** finished
|
||||
**owner:** codex
|
||||
|
||||
## Purpose
|
||||
@@ -206,7 +206,7 @@ reported distinctly from provider transport failure.
|
||||
id: LLM-WP-0006-T07
|
||||
title: "Publish verified LLM_CONNECT_URL handoff and activity-core smoke evidence"
|
||||
priority: high
|
||||
status: blocked
|
||||
status: done
|
||||
state_hub_task_id: "92e043f0-5ca8-4c2d-b8f6-dd5fbf8ccb62"
|
||||
```
|
||||
|
||||
@@ -341,6 +341,74 @@ Remaining blocked live gate:
|
||||
`activity-core` with the verified URL and the remaining provider Secret gate
|
||||
for schema-valid `POST /execute` and `daily_triage` evidence.
|
||||
|
||||
2026-06-17 recheck:
|
||||
|
||||
- Verified the live `coulombcore` Kubernetes path is reachable and the
|
||||
`activity-core` namespace `llm-connect` Deployment remains `1/1` available
|
||||
with Service `llm-connect` on port `8080`.
|
||||
- Confirmed the `llm-connect-provider-secrets` Secret object exists but still
|
||||
reports `DATA 0`; no Secret values were inspected.
|
||||
- Re-ran the in-namespace fixture smoke with the node-local image. The first
|
||||
corrected pod needed `--image-pull-policy=Never` because the `:latest` tag
|
||||
otherwise attempted a Docker Hub pull. With the local image, the smoke reached
|
||||
`/execute` and failed safely with
|
||||
`configuration_error: Adapter rejected RunConfig`.
|
||||
- State Hub now also has a 2026-06-16 `daily_triage` event from
|
||||
`activity-core` showing `LLM_CONNECT_URL is not configured`, and the local
|
||||
activity-core runtime manifest still has `LLM_CONNECT_URL: ""`.
|
||||
- `LLM-WP-0006-T07` therefore remains externally blocked until the provider
|
||||
Secret is populated outside Git/State Hub, activity-core consumes
|
||||
`http://llm-connect.activity-core.svc.cluster.local:8080` with
|
||||
`LLM_CONNECT_TIMEOUT_SECONDS=300`, the fixture smoke returns schema-valid
|
||||
JSON, and a non-secret `daily_triage` evidence event is recorded.
|
||||
|
||||
2026-06-18 recheck:
|
||||
|
||||
- activity-core has repo-local work to consume the stable URL:
|
||||
`actcore-runtime-config` now sets
|
||||
`LLM_CONNECT_URL=http://llm-connect.activity-core.svc.cluster.local:8080`
|
||||
and `LLM_CONNECT_TIMEOUT_SECONDS=300`.
|
||||
- The live `activity-core` namespace has not yet been reconciled to that
|
||||
activity-core runtime surface; live deployments currently show only
|
||||
`deployment.apps/llm-connect`, and live ConfigMaps show only
|
||||
`kube-root-ca.crt` and `llm-connect-config`.
|
||||
- The live `llm-connect-provider-secrets` Secret still reports `DATA 0`; no
|
||||
Secret values were inspected.
|
||||
- ops-warden's credential-routing guidance says LLM provider API keys are not
|
||||
an ops-warden issuance task. The remaining credential gate belongs to the
|
||||
approved operator/OpenBao-to-Kubernetes Secret path for
|
||||
`activity-core/llm-connect-provider-secrets`.
|
||||
- `LLM-WP-0006-T07` remains blocked until the provider Secret is populated,
|
||||
the activity-core runtime is reconciled with the URL/timeout config, the
|
||||
fixture smoke returns schema-valid JSON from inside the namespace, and
|
||||
activity-core records non-secret `daily_triage` evidence.
|
||||
|
||||
2026-06-18 closure:
|
||||
|
||||
- Populated-provider state is now live: `activity-core/llm-connect-provider-secrets`
|
||||
reports `DATA 1`; no Secret values were inspected or recorded.
|
||||
- Updated the OpenRouter structured-output path to request strict JSON schema
|
||||
output and to set `provider.require_parameters=true` for schema calls, so
|
||||
OpenRouter routes only to providers that support the requested structured
|
||||
output parameters.
|
||||
- OpenRouter model metadata showed the previous
|
||||
`anthropic/claude-sonnet-4` profile model does not advertise
|
||||
`response_format`/`structured_outputs`; switched the activity-core profile
|
||||
and Kubernetes ConfigMap defaults to `google/gemini-2.5-flash`, which does.
|
||||
- Rebuilt `docker.io/library/llm-connect:latest` from `Containerfile`,
|
||||
imported it into the `coulombcore` k3s image store, applied the updated
|
||||
non-secret `llm-connect-config` ConfigMap, and rolled out
|
||||
`deployment/llm-connect`.
|
||||
- Verified live ConfigMap values:
|
||||
`LLM_CONNECT_MODEL=google/gemini-2.5-flash` and
|
||||
`LLM_CONNECT_CUSTODIAN_TRIAGE_MODEL=google/gemini-2.5-flash`.
|
||||
- Final in-namespace smoke passed against
|
||||
`http://llm-connect.activity-core.svc.cluster.local:8080` with:
|
||||
`smoke: pass health=ok latency_seconds=2.147 recommendations=1`.
|
||||
- Cleaned up the one-shot smoke pod after collecting logs. The llm-connect
|
||||
endpoint handoff is complete; collecting scheduled `daily_triage` evidence
|
||||
now belongs to activity-core / `ACTIVITY-WP-0006`.
|
||||
|
||||
## Closure Notes
|
||||
|
||||
After this workplan file is added or task statuses change, ask the custodian
|
||||
|
||||
Reference in New Issue
Block a user