chore: archive v1.0 milestone
This commit is contained in:
@@ -12,32 +12,32 @@ The agent must NEVER mutate real infrastructure beyond what the limited IAM role
|
||||
|
||||
### Validated
|
||||
|
||||
(None yet — ship to validate)
|
||||
- ✓ Bedrock + OpenRouter provider chain — v1.0
|
||||
- ✓ Docker terminal backend with security hardening — v1.0
|
||||
- ✓ Limited dev_Restricted AWS SSO role via project-local .aws/ — v1.0
|
||||
- ✓ Dangerous command approval and hardline blocklist — v1.0
|
||||
- ✓ Hermes persistent memory with auto-save — v1.0
|
||||
- ✓ FTS5 session search — v1.0
|
||||
- ✓ Git worktree isolation — v1.0
|
||||
- ✓ Telegram gateway with DM pairing — v1.0
|
||||
- ✓ Skills system with 4 custom ngn-agent skills — v1.0
|
||||
- ✓ Jira, Confluence, Bitbucket API wrappers — v1.0
|
||||
- ✓ Cron/automation system active — v1.0
|
||||
- ✓ SOUL.md with ngn-agent identity — v1.0
|
||||
|
||||
### Active
|
||||
|
||||
- [ ] **AUTH-01**: Agent authenticates via AWS Bedrock as primary LLM provider
|
||||
- [ ] **AUTH-02**: Agent falls back to OpenRouter when Bedrock is unavailable
|
||||
- [ ] **AUTH-03**: Agent uses limited SSO role via project-local `./.aws/` config
|
||||
- [ ] **AUTH-04**: Agent runs commands inside Docker containers with host hardening
|
||||
- [ ] **AUTH-05**: Hermes persistent memory stores infrastructure facts and user preferences
|
||||
- [ ] **AUTH-06**: Hermes session search allows recalling past infrastructure context
|
||||
(Next milestone goals to be defined)
|
||||
|
||||
- [ ] **GATE-01**: Telegram gateway allows multi-project session management
|
||||
- [ ] **GATE-02**: Users interact with the agent via Telegram DMs
|
||||
- [ ] **GATE-03**: Pairing-based authorization for new users
|
||||
- [ ] **GATE-04**: Scheduled daily reports and stale session cleanup
|
||||
### Out of Scope
|
||||
|
||||
- [ ] **SKIL-01**: Self-improving skills system with skills hub integration
|
||||
- [ ] **SKIL-02**: Infrastructure diagnostic skills (read-only by default)
|
||||
- [ ] **SKIL-03**: AWS cost/health/resource querying via read-only tools
|
||||
- [ ] **SKIL-04**: Jira and Confluence integration for reporting
|
||||
- [ ] **SKIL-05**: Git worktree isolation for parallel branch work
|
||||
|
||||
- [ ] **OPS-01**: Minimal dependencies, repeatable setup via single install
|
||||
- [ ] **OPS-02**: `.env` file for credential management
|
||||
- [ ] **OPS-03**: `~/.aws`: never mounted; `./.aws` with limited role mounted instead
|
||||
- [ ] **OPS-04**: Dangerous command approval and hardline blocklist active
|
||||
- Direct `~/.aws` mounting — use scoped `./.aws` instead
|
||||
- Full `kubectl exec` / `terraform apply` access without explicit approval gates
|
||||
- Non-AWS cloud providers (GCP/Azure) — defer to future
|
||||
- Native mobile app — Telegram gateway is the mobile interface
|
||||
- Self-hosted model serving — use Bedrock/OpenRouter
|
||||
- Automated stale session archive (30d cleanup) — deferred from v1.0
|
||||
- Memory provider scaling (Honcho/Holographic) — deferred from v1.0
|
||||
|
||||
### Out of Scope
|
||||
|
||||
@@ -96,4 +96,4 @@ This document evolves at phase transitions and milestone boundaries.
|
||||
4. Update Context with current state
|
||||
|
||||
---
|
||||
*Last updated: 2026-06-14 after initialization*
|
||||
*Last updated: 2026-06-14 after v1.0 milestone*
|
||||
Reference in New Issue
Block a user