docs(reporting-governance): close package-owned runtime story
This commit is contained in:
Eve
@@ -64,6 +64,9 @@ watchdog -> queue -> dispatcher -> bridge -> sender binding -> acked|blocked|pen
|
||||
This is not just repo glue anymore.
|
||||
It is the first real reference runtime composition that the package architecture is being shaped around.
|
||||
|
||||
For clarity: the architectural source of truth is now the package-owned runtime surface under `plugins/reporting-governance/`, including package scripts and package profile artifacts.
|
||||
Repo-root wrappers may still exist, but they are migration shims rather than the primary runtime contract.
|
||||
|
||||
## Minimal package profile artifact trajectory
|
||||
|
||||
Architecture is also now advanced one notch from “profiles are external YAML docs” toward “profiles are package artifacts with a loader boundary”.
|
||||
|
||||
@@ -34,6 +34,9 @@ Separately, the repo now also has real runtime infrastructure for anti-blackhole
|
||||
|
||||
Without an adapter interface, those runtime pieces remain implementation islands. This spec makes them first-class plugin architecture rather than incidental scripts.
|
||||
|
||||
For the current mainline slice, the package-owned runtime source of truth is the package adapter surface and package scripts under `plugins/reporting-governance/`.
|
||||
Repo-root `scripts/*.mjs` files should be read as compatibility wrappers or operator conveniences unless explicitly stated otherwise.
|
||||
|
||||
## Scope
|
||||
|
||||
This document defines:
|
||||
|
||||
@@ -312,6 +312,9 @@ Examples:
|
||||
|
||||
The completed watchdog chain is now treated as the first reference deployment composition.
|
||||
|
||||
For the current mainline slice, the package-owned source of truth is the package entrypoint set under `plugins/reporting-governance/scripts/` together with package profile artifacts under `plugins/reporting-governance/profiles/`.
|
||||
Repo-root `scripts/*.mjs` wrappers and install helpers remain migration/deployment conveniences, not the architectural source of runtime truth.
|
||||
|
||||
### Reference composition
|
||||
|
||||
```text
|
||||
|
||||
108
docs/specs/reporting-governance-package-owned-runtime-story.md
Normal file
108
docs/specs/reporting-governance-package-owned-runtime-story.md
Normal file
@@ -0,0 +1,108 @@
|
||||
# Reporting Governance Package-Owned Runtime / Operator / Deployment Story
|
||||
|
||||
## Purpose
|
||||
|
||||
This note closes the current mainline slice by stating the runtime story in package-owned terms.
|
||||
|
||||
It is deliberately a **documentation / deployment-story closure**, not a new runtime feature.
|
||||
|
||||
## What is now package-owned
|
||||
|
||||
The `plugins/reporting-governance/` package now owns these deployable truths:
|
||||
|
||||
- canonical schemas
|
||||
- policy packs
|
||||
- adapter modules
|
||||
- package entry scripts under `plugins/reporting-governance/scripts/`
|
||||
- package profile artifacts under `plugins/reporting-governance/profiles/`
|
||||
- package capability examples under `plugins/reporting-governance/examples/`
|
||||
- storage/binding loaders that resolve package artifacts into runtime bindings
|
||||
|
||||
Repo-root `scripts/*.mjs` should now be read as **compatibility shims / operator convenience wrappers**, not the architectural source of truth.
|
||||
|
||||
## Runtime story
|
||||
|
||||
The current reference runtime composition is:
|
||||
|
||||
```text
|
||||
package-owned watchdog
|
||||
-> canonical event artifact
|
||||
-> package-declared queue artifact
|
||||
-> package-owned dispatcher handoff
|
||||
-> package-owned bridge supervisor
|
||||
-> package-owned sender binding
|
||||
-> honest terminal receipt: acked | blocked | pending_external_send
|
||||
```
|
||||
|
||||
The important boundary is:
|
||||
|
||||
- **package owns the contract and primary entrypoints**
|
||||
- **deployment binds environment-local schedule / target / sender mode**
|
||||
- **runtime executes and emits artifacts**
|
||||
- **operator consumes visible updates and audit outputs**
|
||||
|
||||
## Operator story
|
||||
|
||||
For operators, the package now tells a clearer truth:
|
||||
|
||||
1. Governance can require an operator-visible notice.
|
||||
2. The local runtime may only be able to queue or hand off that notice.
|
||||
3. Final delivery may depend on an upper runtime or privileged sender boundary.
|
||||
4. The system must therefore report terminal state honestly as:
|
||||
- `acked`
|
||||
- `blocked`
|
||||
- `pending_external_send`
|
||||
5. No profile or document should imply that queue write == human-visible delivery.
|
||||
|
||||
## Deployment story
|
||||
|
||||
A deployment is now best understood as four layers:
|
||||
|
||||
1. **Package**
|
||||
- ships schemas, policy, adapters, package scripts, profile artifacts
|
||||
2. **Profile artifact**
|
||||
- selects operating posture and binding contract
|
||||
3. **Runtime binding**
|
||||
- supplies repo/workspace-local paths, schedule shape, sender mode, operator target
|
||||
4. **Live runtime instance**
|
||||
- runs orchestrator/watchdog/bridge flow and emits audit artifacts
|
||||
|
||||
For the current OpenClaw reference path, the preferred deployable entrypoint is the package-owned orchestrator:
|
||||
|
||||
- `plugins/reporting-governance/scripts/watchdog_auto_notify_orchestrator.mjs`
|
||||
|
||||
Repo-root wrappers may remain for migration and operator convenience, but they are not the package boundary.
|
||||
|
||||
## Completed and claimable now
|
||||
|
||||
The following is honest to claim now:
|
||||
|
||||
- package boundary is real enough to carry profile artifacts and package scripts
|
||||
- deployment binding can be derived from package-owned artifacts
|
||||
- orchestrator/runtime path can consume that binding and emit real queue/receipt side effects
|
||||
- operator-notice truth model distinguishes `acked`, `blocked`, and `pending_external_send`
|
||||
- repo-root script path is no longer the only source of runtime wiring truth
|
||||
|
||||
## Not completed and must not be overstated
|
||||
|
||||
The following is **not** done and should not be claimed:
|
||||
|
||||
- not a finished general-purpose deployment system
|
||||
- not full runtime/vendor portability across many runtimes
|
||||
- not complete inline interception for every governance action
|
||||
- not proof that every deployment has direct privileged send
|
||||
- not a full operator UX / install UX / packaging distribution story
|
||||
- not elimination of repo-root shims yet
|
||||
|
||||
## Current risk / remaining gap
|
||||
|
||||
Main remaining gaps after this closure:
|
||||
|
||||
- some compatibility shims and examples still exist, so readers can still misread migration wrappers as mainline source unless docs stay explicit
|
||||
- capability/example artifacts are still reference-level, not a full published runtime catalog
|
||||
- deployment activation remains partly operator-script / cron-wrapper driven
|
||||
- broader packaging/export/install ergonomics are still follow-up work
|
||||
|
||||
## One-line summary
|
||||
|
||||
This slice finishes the **documentation semantics and deployment story** for a package-owned reference runtime path; it does **not** add new core runtime capability.
|
||||
Reference in New Issue
Block a user