Create ANTI_DRIFT_GUARDRAIL.md - Protect working pipelines from helpful but harmful changes

2025-12-20 23:20:06 +00:00 · 2025-12-20 23:20:06 +00:00 · 4d5bbe46e3
commit 4d5bbe46e3
parent a6cb030762
1 changed files with 52 additions and 0 deletions
--- a/ANTI_DRIFT_GUARDRAIL.md
+++ b/ANTI_DRIFT_GUARDRAIL.md
@ -0,0 +1,52 @@
+# Anti-Drift Guardrail – zlh-grind
+
+This document exists to prevent "helpful" changes that cause operational drift.
+
+---
+
+## Purpose
+Protect working pipelines by enforcing hard rules:
+- Keep step visibility
+- Preserve contracts
+- Avoid unnecessary template churn
+- Don't silently change wire formats
+
+---
+
+## Guardrails
+
+### 1) Preserve provisioning step output
+The step-by-step orchestration logs are required.
+Do not remove, collapse, or reorder them casually.
+
+### 2) Single-template is intentional
+We use exactly one base template (`AGENT_TEMPLATE_VMID`).
+The agent installs roles at runtime based on payload.
+
+### 3) Template churn is expensive
+In this workflow:
+- Changing zlh-agent requires building + copying into the template container.
+- That means "agent change" effectively becomes a template rev.
+
+Therefore:
+- Prefer API-side compatibility fixes unless we intentionally plan a template update.
+
+### 4) Wire contract is explicit
+Agent currently expects:
+- `container_type` (snake_case) on JSON decode
+
+Until the next intentional template rev:
+- API must emit `container_type`
+- Do not switch to `containerType` / `ctype` on the wire
+
+---
+
+## Allowed Changes Here
+- Session logs
+- Open threads
+- Constraints / guardrails
+- Upstream pointers
+
+Not allowed:
+- "Better architecture" rewrites
+- Re-documenting canonical upstream specs