consolidation pass: replace ANTI_DRIFT with current policy
This commit is contained in:
parent
e674d6af45
commit
1f6db9e002
@ -2,81 +2,17 @@
|
|||||||
|
|
||||||
The grind repo must reflect real implementation.
|
The grind repo must reflect real implementation.
|
||||||
|
|
||||||
---
|
Do NOT:
|
||||||
|
|
||||||
## Do NOT
|
|
||||||
|
|
||||||
- Document future features as complete
|
- Document future features as complete
|
||||||
- Leave outdated architecture notes in any doc
|
- Leave outdated architecture notes
|
||||||
- Allow staging/symlink model references to remain
|
- Allow staging/symlink model references to remain
|
||||||
- Duplicate filesystem rules outside the agent
|
- Duplicate filesystem rules outside agent
|
||||||
- Add CORS to agents
|
|
||||||
- Expose agent ports through Caddy
|
|
||||||
- Reintroduce APIv1 endpoints
|
|
||||||
- Reintroduce Pterodactyl-based auth
|
|
||||||
- Use cookie-based authentication
|
|
||||||
- Use server-side portal sessions
|
|
||||||
|
|
||||||
---
|
When architecture changes:
|
||||||
|
|
||||||
## When Architecture Changes
|
1. Update README
|
||||||
|
2. Update CONSTRAINTS
|
||||||
1. Update `README.md`
|
3. Update relevant architecture doc
|
||||||
2. Update `CONSTRAINTS.md`
|
4. Update SESSION_LOG
|
||||||
3. Update the relevant architecture doc under `docs/architecture/`
|
5. Close thread in OPEN_THREADS if resolved
|
||||||
4. Update `SESSION_LOG.md`
|
|
||||||
5. Close thread in `OPEN_THREADS.md` if resolved
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## Console Anti-Drift
|
|
||||||
|
|
||||||
The interactive console **MUST** remain:
|
|
||||||
|
|
||||||
- PTY-backed
|
|
||||||
- Agent-owned
|
|
||||||
- WebSocket-based
|
|
||||||
- Full duplex (input + output)
|
|
||||||
|
|
||||||
Disallowed:
|
|
||||||
- Log tailing as "console"
|
|
||||||
- Exec-per-command models
|
|
||||||
- Frontend-owned processes
|
|
||||||
- Proxmox console passthrough
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## Upload Anti-Drift
|
|
||||||
|
|
||||||
The upload pipeline **MUST** remain:
|
|
||||||
|
|
||||||
- Streamed via raw `http.request` piping in the API
|
|
||||||
- Direct runtime write in the agent (no staging, no symlinks)
|
|
||||||
- Enforced by agent allowlist only (portal does not enforce security)
|
|
||||||
|
|
||||||
Disallowed:
|
|
||||||
- `fetch()` for upload proxy
|
|
||||||
- Staging folders
|
|
||||||
- Symlink-based deployment
|
|
||||||
- API re-implementing agent filesystem policy
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## Auth Anti-Drift
|
|
||||||
|
|
||||||
All auth must flow: `Portal → JWT → API`
|
|
||||||
|
|
||||||
Disallowed:
|
|
||||||
- CSRF token logic
|
|
||||||
- Cookie-based authentication
|
|
||||||
- APIv1 patterns
|
|
||||||
- Pterodactyl auth patterns
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## Drift Response
|
|
||||||
|
|
||||||
If drift is detected:
|
|
||||||
1. Revert the change
|
|
||||||
2. Document why it was tempting
|
|
||||||
3. Re-apply only what serves usability and real architecture
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user