Design warded role capability tiers before adding ops #819
Closed
opened 2026-07-09 17:04:50 +00:00 by coilyco-ops
·
4 comments
No Branch/Tag specified
main
issue-1082
issue-1460
issue-1459-daemonless-alias
issue-1454
issue-1453
issue-1301
issue-1443
issue-1283
issue-1447
release
issue-1166
issue-1139
issue-1307
issue-1308
issue-1309
issue-1435
issue-1430
issue-1428
issue-1388
issue-1420
issue-1422
issue-1423
issue-1417
issue-1408
issue-1335
issue-1412
issue-1411
issue-1402
issue-1403
issue-1402-scoop-best-effort
issue-1336
issue-1334
issue-1393
issue-1338
issue-1397
issue-1392
issue-1339
issue-1340
issue-1300
issue-1288
issue-1304
issue-1270
issue-1381
issue-1244
issue-1227
issue-1380
issue-996
issue-1016
issue-1375
issue-1371
issue-1372
issue-1370
issue-1364
issue-1175
issue-1234
issue-1360
issue-1358
issue-1353
issue-1242
issue-1346
issue-1347
issue-1342
issue-1321
issue-1073-rebased
issue-1237-friction-events
issue-1320
issue-1344
issue-1073
issue-1275
issue-1332-replacement
issue-1296
issue-1330-replacement
issue-1224-rebased
issue-1323
issue-993
issue-1243
issue-871
issue-1298
issue-1315
issue-1312
issue-1314
issue-1313
issue-1310
issue-1282
issue-1224
issue-1173
issue-1000
issue-1007
issue-1281
issue-1011
issue-1006-recovery-note
issue-998
issue-1221
issue-1240
issue-1170
issue-1239
issue-1172
issue-1168
issue-1174
issue-1201
issue-1112
issue-1179
issue-1246
issue-1247
issue-1245
issue-1050
issue-1105
issue-1041
issue-1120
issue-1197
issue-1111
issue-1225
issue-1196
issue-1171
issue-1194
issue-1203
issue-1198
issue-1202
issue-1200
issue-1213
issue-1205
issue-1207
issue-1209
issue-1206
issue-1195
issue-1191
issue-1188
issue-1180
issue-1147
issue-1149
issue-1134
issue-1143
issue-1145
issue-1140
issue-1094
issue-1129
issue-1142
stash/agentic-os-image-default-rename
fix/test-env-isolation
docs/features-two-stage-release
fix/promote-server-scheme
fix/smartdefaults-error-source
feat/two-stage-release
issue-1086
fix/placeholder-sentinels
fix/migrate-off-cli-guard-dispatch
fix/test-yml-duplicate-main-gate
issue-1014-landing-fix
issue-911-pr
issue-1109
issue-1008
issue-999
issue-861
issue-1074
issue-1076
issue-1049
issue-1039
issue-994
issue-991
issue-1020
issue-1067
issue-913
issue-982
issue-1034
issue-1005
issue-1031
issue-990
issue-1062
issue-995
issue-1057
issue-905
issue-911
issue-1042
issue-1021
issue-1009
issue-1014
issue-1001
issue-978
issue-985
issue-950
issue-979
issue-977
issue-971
issue-935
issue-970
issue-969
issue-956
issue-965
issue-964
issue-962-restore-readme
issue-951
issue-958-container-config-guard
issue-704
issue-697
issue-896
issue-885
issue-876
issue-895
issue-893
issue-940
issue-923
issue-942
issue-952
issue-952-director
issue-936
issue-937
issue-931
issue-924
issue-920
issue-635
issue-903
issue-892
issue-874
issue-879
issue-890
issue-910
issue-875
issue-897
issue-894
issue-637
issue-842
issue-834
issue-860
issue-541
issue-723
issue-830-github-authoritative
issue-853
issue-634
issue-845
issue-846
issue-843
issue-496
issue-832
issue-777
issue-778
issue-836
issue-700
issue-695
issue-124-share-parser
issue-671
issue-722
issue-694
issue-824
issue-640
issue-735
issue-641
issue-642
issue-818
issue-812
issue-733-clean
issue-804
issue-805
issue-803
issue-735-remove-director-consult
issue-797
issue-801
issue-795
issue-791
issue-790
issue-787
issue-780
issue-737-defer-signoz
issue-732
issue-737-signoz-deferred
issue-734
issue-736
issue-744
issue-769
issue-767
issue-760
issue-763
ward-salvage/ward-c6aa5da9
ward-salvage/ward-94dd7346
issue-729
ward-salvage/ward-58aa3fe3
issue-733
ward-salvage/ward-ff6c509f
ward-salvage/ward-e80f0460
issue-737
ward-salvage/ward-3e2e4760
issue-731
ward-salvage/ward-649addd7
ward-salvage/ward-890e4d29
ward-salvage/ward-645b750b
ward-salvage/ward-bf851a72
ward-salvage/ward-98c8652f
ward-salvage/ward-bb10b620
issue-724
ward-salvage/ward-1ee9be1c
ward-salvage/ward-d18595f6
issue-124
ward-salvage/ward-5f914692
ward-salvage/ward-6ca05cbd
ward-salvage/ward-14f676cf
ward-salvage/ward-de811c20
ward-salvage/ward-eba3e824
ward-salvage/ward-16eb4ad0
ward-salvage/ward-c58e9c43
ward-salvage/ward-7487270b
v0.769.0
v0.768.0
v0.767.0
v0.766.0
v0.765.0
v0.764.0
v0.763.0
v0.762.0
v0.761.0
v0.760.0
v0.759.0
v0.758.0
v0.757.0
v0.756.0
v0.755.0
v0.754.0
v0.753.0
v0.752.0
v0.751.0
v0.750.0
v0.749.0
v0.748.0
v0.747.0
v0.746.0
v0.745.0
v0.744.0
v0.743.0
v0.742.0
v0.741.0
v0.740.0
v0.739.0
v0.738.0
v0.737.0
v0.736.0
v0.735.0
v0.734.0
v0.733.0
v0.732.0
v0.731.0
v0.730.0
v0.729.0
v0.728.0
v0.727.0
v0.726.0
v0.725.0
v0.724.0
v0.723.0
v0.722.0
v0.721.0
v0.720.0
v0.719.0
v0.718.0
v0.717.0
v0.716.0
v0.715.0
v0.714.0
v0.713.0
v0.712.0
v0.711.0
v0.710.0
v0.709.0
v0.708.0
v0.707.0
v0.706.0
v0.705.0
v0.704.0
v0.703.0
v0.702.0
v0.701.0
v0.700.0
v0.699.0
v0.698.0
v0.697.0
v0.696.0
v0.695.0
v0.694.0
v0.693.0
v0.692.0
v0.691.0
v0.690.0
v0.689.0
v0.688.0
v0.687.0
v0.686.0
v0.685.0
v0.684.0
v0.683.0
v0.682.0
v0.681.0
v0.680.0
v0.679.0
v0.678.0
v0.677.0
v0.676.0
v0.675.0
v0.674.0
v0.673.0
v0.672.0
v0.671.0
v0.670.0
v0.669.0
v0.668.0
v0.667.0
v0.666.0
v0.665.0
v0.664.0
v0.663.0
v0.662.0
v0.661.0
v0.660.0
v0.659.0
v0.658.0
v0.657.0
v0.656.0
v0.655.0
v0.654.0
v0.653.0
v0.652.0
v0.651.0
v0.650.0
v0.649.0
v0.648.0
v0.647.0
v0.646.0
v0.645.0
v0.644.0
v0.643.0
v0.642.0
v0.641.0
v0.640.0
v0.639.0
v0.638.0
v0.637.0
v0.636.0
v0.635.0
v0.634.0
v0.633.0
v0.632.0
v0.631.0
v0.630.0
v0.629.0
v0.628.0
v0.627.0
v0.626.0
v0.625.0
v0.624.0
v0.623.0
v0.622.0
v0.621.0
v0.620.0
v0.619.0
v0.618.0
v0.617.0
v0.616.0
v0.615.0
v0.614.0
v0.613.0
v0.612.0
v0.611.0
v0.610.0
v0.609.0
v0.608.0
v0.607.0
v0.606.0
v0.605.0
v0.604.0
v0.603.0
v0.602.0
v0.601.0
v0.600.0
v0.599.0
v0.598.0
v0.597.0
v0.596.0
v0.595.0
v0.594.0
v0.593.0
v0.592.0
v0.591.0
v0.590.0
v0.589.0
v0.588.0
v0.587.0
v0.586.0
v0.585.0
v0.584.0
v0.583.0
v0.582.0
v0.581.0
v0.580.0
v0.579.0
v0.578.0
v0.577.0
v0.576.0
v0.575.0
v0.574.0
v0.573.0
v0.572.0
v0.571.0
v0.570.0
v0.569.0
v0.568.0
v0.567.0
v0.566.0
v0.565.0
v0.564.0
v0.563.0
v0.562.0
v0.561.0
v0.560.0
v0.559.0
v0.558.0
v0.557.0
v0.556.0
v0.555.0
v0.554.0
v0.553.0
v0.552.0
v0.551.0
v0.550.0
v0.549.0
v0.548.0
v0.547.0
v0.546.0
v0.545.0
v0.544.0
v0.543.0
v0.542.0
v0.541.0
v0.540.0
v0.539.0
v0.538.0
v0.537.0
v0.536.0
v0.535.0
v0.534.0
v0.533.0
v0.532.0
v0.531.0
v0.530.0
v0.529.0
v0.528.0
v0.527.0
v0.526.0
v0.525.0
v0.524.0
v0.523.0
v0.522.0
v0.521.0
v0.520.0
v0.519.0
v0.518.0
v0.517.0
v0.516.0
v0.515.0
v0.514.0
v0.513.0
v0.512.0
v0.511.0
v0.510.0
v0.509.0
v0.508.0
v0.507.0
v0.506.0
v0.505.0
v0.504.0
v0.503.0
v0.502.0
v0.501.0
v0.500.0
v0.499.0
v0.498.0
v0.497.0
v0.496.0
v0.495.0
v0.494.0
v0.493.0
v0.492.0
v0.491.0
v0.490.0
v0.489.0
v0.488.0
v0.487.0
v0.486.0
v0.485.0
v0.484.0
v0.483.0
v0.482.0
v0.481.0
v0.480.0
v0.479.0
v0.478.0
v0.477.0
v0.476.0
v0.475.0
v0.474.0
v0.473.0
v0.472.0
v0.471.0
v0.470.0
v0.469.0
v0.468.0
v0.467.0
v0.466.0
v0.465.0
v0.464.0
v0.463.0
v0.462.0
v0.461.0
v0.460.0
v0.459.0
v0.458.0
v0.457.0
v0.456.0
v0.455.0
v0.454.0
v0.453.0
v0.452.0
v0.451.0
v0.450.0
v0.449.0
v0.448.0
v0.447.0
v0.446.0
v0.445.0
v0.444.0
v0.443.0
v0.442.0
v0.441.0
v0.440.0
v0.439.0
v0.438.0
v0.437.0
v0.436.0
v0.435.0
v0.434.0
v0.433.0
v0.432.0
v0.431.0
v0.430.0
v0.429.0
v0.428.0
v0.427.0
v0.426.0
v0.425.0
v0.424.0
v0.423.0
v0.422.0
v0.421.0
v0.420.0
v0.419.0
v0.418.0
v0.417.0
v0.416.0
v0.415.0
v0.414.0
v0.413.0
v0.412.0
v0.411.0
v0.410.0
v0.409.0
v0.408.0
v0.407.0
v0.406.0
v0.405.0
v0.404.0
v0.403.0
v0.402.0
v0.401.0
v0.400.0
v0.399.0
v0.398.0
v0.397.0
v0.396.0
v0.395.0
v0.394.0
v0.393.0
v0.392.0
v0.391.0
v0.390.0
v0.389.0
v0.388.0
v0.387.0
v0.386.0
v0.385.0
v0.384.0
v0.383.0
v0.382.0
v0.381.0
v0.380.0
v0.379.0
v0.378.0
v0.377.0
v0.376.0
v0.375.0
v0.374.0
v0.373.0
v0.372.0
v0.371.0
v0.370.0
v0.369.0
v0.368.0
v0.367.0
v0.366.0
v0.365.0
v0.364.0
v0.363.0
v0.362.0
v0.361.0
v0.360.0
v0.359.0
v0.358.0
v0.357.0
v0.356.0
v0.355.0
v0.354.0
v0.353.0
v0.352.0
v0.351.0
v0.350.0
v0.349.0
v0.348.0
v0.347.0
v0.346.0
v0.345.0
v0.344.0
v0.343.0
v0.342.0
v0.341.0
v0.340.0
v0.339.0
v0.338.0
v0.337.0
v0.336.0
v0.335.0
v0.334.0
v0.333.0
v0.332.0
v0.331.0
v0.330.0
v0.329.0
v0.328.0
v0.327.0
v0.326.0
v0.325.0
v0.324.0
v0.323.0
v0.322.0
v0.321.0
v0.320.0
v0.319.0
v0.318.0
v0.317.0
v0.316.0
v0.315.0
v0.314.0
v0.313.0
v0.312.0
v0.311.0
v0.310.0
v0.309.0
v0.308.0
v0.307.0
v0.306.0
v0.305.0
v0.304.0
v0.303.0
v0.302.0
v0.301.0
v0.300.0
v0.299.0
v0.298.0
v0.297.0
v0.296.0
v0.295.0
v0.294.0
v0.293.0
v0.292.0
v0.291.0
v0.290.0
v0.289.0
v0.288.0
v0.287.0
v0.286.0
v0.285.0
v0.284.0
v0.283.0
v0.282.0
v0.281.0
v0.280.0
v0.279.0
v0.278.0
v0.277.0
v0.276.0
v0.275.0
v0.274.0
v0.273.0
v0.272.0
v0.271.0
v0.270.0
v0.269.0
v0.268.0
v0.267.0
v0.266.0
v0.265.0
v0.264.0
v0.263.0
v0.262.0
v0.261.0
v0.260.0
v0.259.0
v0.258.0
v0.257.0
v0.256.0
v0.255.0
v0.254.0
v0.253.0
v0.252.0
v0.251.0
v0.250.0
v0.249.0
v0.248.0
v0.247.0
v0.246.0
v0.245.0
v0.244.0
v0.243.0
v0.242.0
v0.241.0
v0.240.0
v0.239.0
v0.238.0
v0.237.0
v0.236.0
v0.235.0
v0.234.0
v0.233.0
v0.232.0
v0.231.0
v0.230.0
v0.229.0
v0.228.0
v0.227.0
v0.226.0
v0.225.0
v0.224.0
v0.223.0
v0.222.0
v0.221.0
v0.220.0
v0.219.0
v0.218.0
v0.217.0
v0.216.0
v0.215.0
v0.214.0
v0.213.0
v0.212.0
v0.211.0
v0.210.0
v0.209.0
v0.208.0
v0.207.0
v0.206.0
v0.205.0
v0.204.0
v0.203.0
v0.202.0
v0.201.0
v0.200.0
v0.199.0
v0.198.0
v0.197.0
v0.196.0
v0.195.0
v0.194.0
v0.193.0
v0.192.0
v0.191.0
v0.190.0
v0.189.0
v0.188.0
v0.187.0
v0.186.0
v0.185.0
v0.184.0
v0.183.0
v0.182.0
v0.181.0
v0.180.0
v0.179.0
v0.178.0
v0.177.0
v0.176.0
v0.175.0
v0.174.0
v0.173.0
v0.172.0
v0.171.0
v0.170.0
v0.169.0
v0.168.0
v0.167.0
v0.166.0
v0.165.0
v0.164.0
v0.163.0
v0.162.0
v0.161.0
v0.160.0
v0.159.0
v0.158.0
v0.157.0
v0.156.0
v0.155.0
v0.154.0
v0.153.0
v0.152.0
v0.151.0
v0.150.0
v0.149.0
v0.148.0
v0.147.0
v0.146.0
v0.145.0
v0.144.0
v0.143.0
v0.142.0
v0.141.0
v0.140.0
v0.139.0
v0.138.0
v0.137.0
v0.136.0
v0.135.0
v0.134.0
v0.133.0
v0.132.0
v0.131.0
v0.130.0
v0.129.0
v0.128.0
v0.127.0
v0.126.0
v0.125.0
v0.124.0
v0.123.0
v0.122.0
v0.121.0
v0.120.0
v0.119.0
v0.118.0
v0.117.0
v0.116.0
v0.115.0
v0.114.0
v0.113.0
v0.112.0
v0.111.0
v0.110.0
v0.109.0
v0.108.0
v0.107.0
v0.106.0
v0.105.0
v0.104.0
v0.103.0
v0.102.0
v0.101.0
v0.100.0
v0.99.0
v0.98.0
v0.97.0
v0.96.0
v0.95.0
v0.94.0
v0.93.0
v0.92.0
v0.91.0
v0.90.0
v0.89.0
v0.88.0
v0.87.0
v0.86.0
v0.85.0
v0.84.0
v0.83.0
v0.82.0
v0.81.0
v0.80.0
v0.79.0
v0.78.0
v0.77.0
v0.76.0
v0.75.0
v0.74.0
v0.73.0
v0.72.0
v0.71.0
v0.70.0
v0.69.0
v0.68.0
v0.67.0
v0.66.0
v0.65.0
v0.64.0
v0.63.0
v0.62.0
v0.61.0
v0.60.0
v0.59.0
v0.58.0
v0.57.0
v0.56.0
v0.55.0
v0.54.0
v0.53.0
v0.52.0
v0.51.0
v0.50.0
v0.49.0
v0.48.0
v0.47.0
v0.46.0
v0.45.0
v0.44.0
v0.43.0
v0.42.0
v0.41.0
v0.40.0
v0.39.0
v0.38.0
v0.37.0
v0.36.0
v0.35.0
v0.34.0
v0.33.0
v0.32.0
v0.31.0
v0.30.0
v0.29.0
v0.28.0
v0.27.0
v0.26.0
v0.25.0
v0.24.0
v0.23.0
v0.22.0
v0.21.0
v0.20.0
v0.19.0
v0.18.0
v0.17.0
v0.16.0
v0.15.0
v0.14.0
v0.13.0
v0.12.0
v0.11.0
v0.10.0
v0.9.0
v0.8.0
v0.7.0
v0.6.0
v0.5.8
v0.5.7
v0.5.6
v0.5.5
v0.5.4
v0.5.3
v0.5.2
v0.5.1
v0.5.0
v0.4.0
v0.3.0
v0.2.2
v0.2.1
v0.2.0
v0.1.3
v0.1.2
v0.1.1
v0.1.0
v0.0.18
v0.0.17
v0.0.16
v0.0.15
v0.0.14
v0.0.13
v0.0.12
v0.0.11
v0.0.10
v0.0.9
v0.0.8
v0.0.7
v0.0.6
v0.0.5
v0.0.4
v0.0.3
v0.0.2
v0.0.1
Labels
Clear labels
burndown-2026-06
Backlog burndown June 2026
pressure-test
Cold-read release pressure-test findings and coordination
sunday-sprint
Burn-down by Sunday 2026-06-07
coherence-core
Core review set for the warded control plane coherence milestone. These issues form the release spine; adjacent milestone issues are stretch or supporting work.
consult
A human decision, design, or external action must happen first. Fail-closed default for unlabeled/low-confidence.
headless
Agent can take it from open issue to merged change with no human in the loop. The auto-burndown queue.
interactive
Agent does the work but pauses at a human checkpoint mid-flight (design choice, destructive step, human-only verification).
P0
now / blocking / urgent
P1
next / important
P2
backlog / will do
P3
someday / low
P4
icebox / frozen / reopen if it becomes real
No labels
burndown-2026-06
pressure-test
sunday-sprint
coherence-core
consult
headless
interactive
P0
P1
P2
P3
P4
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".
No due date set.
Dependencies
No dependencies set.
Reference
coilyco-flight-deck/ward#819
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Context: follow-up from ward#817 after the ops-role advisor answer and Kai's correction. The proposed
warded opsrole should not simply inherit existing write guardfiles. Before implementing ops, ward needs a clearer role capability taxonomy.Problem:
director,engineer,advisor, andqaneed observe surfaces plus limited forge coordination writes, such as issue comments/status/reservations/dispatch bookkeeping.engineerneeds repo-sandbox writes inside its owned feature container, but that is separate from live operational mutation.opsshould be the first role intentionally granted live operational write verbs.aws,kubectl, orsignozwrite bundles would make ops unsafe if inherited directly.Design ask:
director,engineer,advisor,qa) to those categoriesopsrole to the minimal additional category setOutput: post a concrete design comment. If implementation follow-ups split cleanly, file them rather than trying to implement in the design pass.
Related: ward#817, ward#721, ward#503.
🔎 ward agent advisor
ward agent advisor --harness codexran a one-shot standard research pass on this question:Recommendation
Adopt a two-axis model and make ward own the role semantics.
Axis 1: role capability categories in ward
observe- read-only access to repo state, Forgejo state, and explicitly read-only live surfaces.forge-coordinate- limited Forgejo writes for agent orchestration: reservation comments, status/verdict comments, issue filing for fan-out, dispatch bookkeeping, and narrowly-defined issue state changes.repo-sandbox-write- mutate the owned feature clone and granted writable repos inside the container. This is the engineer-only "carry code to merge" power, not a live-ops power.live-ops-write- mutate live operational systems outside the repo sandbox.admin-destructive- irreversible or high-blast-radius operations.Axis 2: guarded edge surfaces in ward-kdl
This should be posted as the design direction, because the current model already proves the issue's concern: the fleet manifest documents advisor/director as holding a "live-observe" set, but the underlying guardfiles are not observe-only.
Why the current model is unsafe to extend
The repo already shows a category mismatch between role docs and actual powers:
ward-kdl.aws.guardfile.kdlincludes writes likessm put-parameter,s3 cp, ands3 sync.ward-kdl.tailscale.guardfile.kdlincludesset policy,create keys, anddelete keys.ward-kdl.kubectl.guardfile.kdlincludesapply,scale,rollout restart, androllout undo.ward-kdl.signoz.guardfile.kdlincludes create/edit operations for pipelines, dashboards, and rules.agent_capability.goonly interprets role capability asawsandtailnetbooleans, not as semantic mutability.So the main design problem is not just naming. It is that transport reach and operational mutability are currently conflated.
Recommended role mapping
advisor=observe+forge-coordinaterepo-sandbox-writelive-ops-writeqa=observe+forge-coordinatedirector=observe+forge-coordinaterepo-sandbox-writelive-ops-writeengineer=observe+forge-coordinate+repo-sandbox-writeops=observe+forge-coordinate+live-ops-writerepo-sandbox-writeby default.admin-destructiveby default.That makes
opsthe first intentionally live-mutating role without turning it into a blended "engineer plus prod access" super-role.What should be renamed, split, or added
Do not reuse
read/write/adminas role vocabulary.Those are API-surface tiers. Keep them as KDL/operator-surface terms only, or explicitly relabel them in docs/comments as surface tiers.
Split the current so-called live-observe bundles into observe vs operate bundles.
At minimum:
ward-kdl.aws.guardfile.kdl-> observe-only AWS bundle vs live-write AWS bundleward-kdl.tailscale.guardfile.kdl-> observe-only tailscale bundle vs live-write tailscale bundleward-kdl.kubectl.guardfile.kdl-> observe-only kubectl bundle vs live-write kubectl bundleward-kdl.signoz.guardfile.kdl-> observe-only signoz bundle vs live-write signoz bundleIntroduce a Forgejo coordination bundle distinct from broad Forgejo write/admin.
Current
ward-kdl-{read,write,admin}is too broad for role attachment. A role-facing Forgejo bundle should cover orchestration writes only, not repo/release/org mutation.Keep
eco-observeas the model.ward-kdl.eco-observe.guardfile.kdlis already shaped correctly: read-only commands, sealed where possible, explicitly no promote/apply/restart surface.Concrete advisory decision
The clean design is:
opsis the first role grantedlive-ops-write, but notrepo-sandbox-writeand notadmin-destructive.observe+forge-coordinateonly.repo-sandbox-write.Options considered
read/write/admintiers for roles - reject. They are API-surface tiers and already over-grant for the desired role semantics.Open questions to settle in follow-up implementation issues
forge-coordinatebeyond comments and issue filing: close/reopen, labels, move-issue, reservation cleanup comment deletion, or only a smaller subset?qaever get observe-only live bundles by default, or should that stay advisor/director-only until a concrete need appears?opsneed a future optionalrepo-sandbox-writeescape hatch for manifest repos, or should that remain a strict separate engineer dispatch forever? My recommendation is the latter.*-observeand*-operate, instead of another overloadedread/writepair?Risks if ward adds
opsbefore this splitlive-observein docs while the runtime grants mutation.opsexists, backing out over-broad powers becomes harder because workflows will depend on them.Dependency check on ward#503
I do not see a design blocker from ward#503. Treat it as a packaging check only: whatever bundle/guardfile names this taxonomy introduces must flow through the existing default-bundle and aos-overlay path cleanly. It does not argue for moving role semantics into the release asset overlay.
Bottom line
Post back that ward should define roles in terms of semantic capability categories -
observe,forge-coordinate,repo-sandbox-write,live-ops-write,admin-destructive- and then split current guardfiles so the bundles attached to advisor/director/qa are truly observe-only.opsshould then be introduced as the first role that addslive-ops-write, withrepo-sandbox-writeandadmin-destructivestill withheld.Researched and posted automatically by
ward agent advisor --harness codex(ward#179). This is one-shot research, not a carried change - verify before acting on it.— Codex, via
ward agentI'm honestly of the opinion that ward proper should get out of the business of directly governing roles in such a direct way. For example, I want end users to be able to compose a "devops" role via a configuration driven mix of "engineer" and "ops" capabilities. That moves us in the opposite direction of what is described, BUT only as far as ward is concerned. aos can and should adopt this level of clarity
terminology:
agree
role breakdowns:
^ these breakdowns will require a bunch of adjustments all over the place. And maybe also they aren't the right breakdowns? Pressure that the breakdown for me. But from the point of view of their semantic names as they relate to, for example, a real saas company.
There might be an "ops read" tier missing here, conceptually, R&D / product department would get but others (sales, etc...) would not. But all of these roles right now are R&D / product, and advisor is short of board member esque role.
agree
agree
I think the bundle you are reading for is an "admin" special case / keyworded bundle that dynamically aggregates all the other bundle permissions (and optionally overlays them). This bundle is for humans to use.
🔎 ward agent advisor
ward agent advisor --harness codexran a one-shot standard research pass on this question:Recommendation
Adopt a composable capability taxonomy and treat the current named roles as default presets, not as the only hard-coded role model.
The thread's correction is the key design change from the earlier advisor answer: ward should not bake a rigid
director|engineer|advisor|qa|ops-> permission mapping too deeply into product logic. Instead:advisor,qa,engineer,director, and the proposedopsdevopsfrom the same capability set without having to fork ward core semanticsThat keeps the
ward#721boundary intact: KDL defines and constrains edge surfaces, while ward defines the runtime meaning of capabilities and how roles compose them.Recommended capability categories
Use semantic names, not the existing
read/write/admintier names:read- observe state only. Repo reads, Forge reads, and genuinely read-only live surfaces.project-management- limited forge coordination writes for workflow control: reservation bookkeeping, issue comments, status/verdict comments, labels/mode bookkeeping, dispatch-related issue filing, and similar non-code coordination.engineering- mutate the owned repo sandbox and granted writable repos inside an engineer container. This is git/worktree power, not live infra power.ops- mutate live operational systems outside the repo sandbox.admin- destructive or high-blast-radius powers. Human-oriented special case by default, not part of the normal agent-role baseline.These names match the semantic direction Kai proposed in-thread and read more like real organizational capability buckets than transport tiers.
Default role mapping
Recommended default presets:
advisor=readqa=readdirector=read+project-managementengineer=read+engineeringops=read+opsTwo deliberate exclusions matter:
opsshould not implicitly getengineeringopsshould not implicitly getadminThat keeps
opsfrom becoming a blended super-role with both prod mutation and repo-carry authority. If an ops workflow also needs code changes, the clean model is still a separate engineer dispatch or an explicitly composed custom role.Why the current model is not safe enough to extend directly
The repo already shows the mismatch the issue is worried about:
cmd/ward/agent_capability.goreduces role capability to two booleans,awsandtailnet, derived from guardfile membership.ward/ward-kdl/ward-kdl.fleet.kdlcurrently grants bothadvisoranddirectorthe so-called live-observe set:ward-kdl.aws.guardfile.kdlandward-kdl.tailscale.guardfile.kdlConcrete examples from the current generated guardfile docs:
docs/ward-kdl/ward-kdl.aws.guardfile.mdincludesssm put-parameter,s3 cp, ands3 syncdocs/ward-kdl/ward-kdl.tailscale.guardfile.mdincludespolicy set,keys create, andkeys deletedocs/ward-kdl/ward-kdl.kubectl.guardfile.mdincludesapply,scale,rollout restart, androllout undodocs/ward-kdl/ward-kdl.signoz.guardfile.mdincludes pipeline/dashboard/rule create and edit operationsSo the problem is deeper than naming. Today, transport reach and operational mutability are still conflated.
What to rename, split, or add
1. Keep
read/write/adminas surface-tier language onlyDo not reuse those names as the role taxonomy. They already mean something else in ward-kdl: compile-time operator-surface tiers.
2. Split live surfaces into semantic observe vs operate bundles
Before introducing
ops, split the broad monoliths that currently mix observation and mutation. At minimum, the surfaces that anopsor live-observe-style role might touch need a read/operate split:Naming should be semantic and explicit, e.g.
*-readand*-ops, or*-observeand*-operate. The exact suffix is less important than ending the overloaded current state.3. Add a narrow forge coordination bundle distinct from broad Forgejo write/admin
The current issue asks for limited forge coordination writes, not general forge mutation.
That suggests a dedicated project-management / forge-coordination bundle for things like:
This should stay distinct from broad Forgejo write/admin surfaces.
4. Treat
adminas a special aggregate, not the default agent pathKai's thread note about an
adminkeyworded bundle that aggregates other permissions makes sense as a human/operator special case. That should remain clearly separate from the default role taxonomy used for normal warded agents.Recommended architectural shape
The clean shape is:
That satisfies both sides of the thread:
ward#721Options considered
Option A. Reuse current
read/write/admintiers as role vocabularyReject. Those are surface tiers already, and they overgrant for the proposed role semantics.
Option B. Keep role semantics implicit and just add
opson top of current guardfilesReject. The current live surfaces already mix observation and mutation too broadly. Adding
opsbefore splitting them would institutionalize unsafe inheritance.Option C. Put role semantics down into ward-kdl
Reject per
ward#721. That inverts the desired boundary.Option D. Define semantic capabilities in ward, ship default role presets, and let deployments compose roles from them
Recommend. This matches the thread correction and preserves composability.
Open questions to settle next
project-managementbeyond comments and labels: close/reopen, assignment, reservation cleanup, issue creation only, or more?readsufficient for the current warded roster?opsever be combined withengineeringin one default preset, or should that stay an explicit deployment-level composition only? Recommendation: explicit composition only.read/ops,observe/operate, or similar?Risks if ward adds
opsbefore this taxonomy splitDependency check on
ward#503ward#503looks like historical packaging context, not the design driver here. In the current tree,docs/release.mdsays the old build-time aos overlay path is superseded by live config resolution and no longer the active release direction. So the useful dependency check is simply:There is no evidence here that
ward#503should change the role-capability design itself.Bottom line
Post the design direction as:
read,project-management,engineering,ops,adminread, qa=read, director=read+project-management, engineer=read+engineering, ops=read+opsopslands: split current live bundles so observe and mutate surfaces are no longer conflatedThat is the clearest way to make
opssafe without hard-coding ward into a permanently closed role model.Researched and posted automatically by
ward agent advisor --harness codex(ward#179). This is one-shot research, not a carried change - verify before acting on it.— Codex, via
ward agentConsult interrogation: the design pass is complete and the first carrying implementation issue is #846, covering composable semantic role capabilities. Closing this consult shell; #817 remains the later ops-role destination.