63 lines
3.1 KiB
Markdown
63 lines
3.1 KiB
Markdown
---
|
|
title: CTO Case Provider Decision Record
|
|
status: draft
|
|
lifecycle_classification: sot
|
|
owner: jp
|
|
created: 2026-05-31
|
|
last_reviewed: 2026-05-31
|
|
core_promotion_status: not-promoted
|
|
route: cto
|
|
---
|
|
|
|
# CTO Case Provider Decision Record
|
|
|
|
Local planning SOT only. Not a Core Protocol. Not active Core authority.
|
|
|
|
## Current Decision State
|
|
|
|
- `decision_status`: `external_provider_approved`.
|
|
- `provider_class`: `external_openai_codex`.
|
|
- `provider`: `openai-codex`.
|
|
- `model`: `gpt-5.5`.
|
|
- `fallback_provider`: `vllm`.
|
|
- `fallback_model`: `qwen3.6-35b-a3b`.
|
|
- `approval_source`: JP chat approval on 2026-05-31.
|
|
- `credential_source_class`: `hermes-openai-codex-oauth-and-local-vllm-config`; no secret value.
|
|
- `allowed_network_class`: `codex-oauth-hosted-model-plus-local-vllm-fallback`.
|
|
- `review_trigger`: before real Case Stage 2 admission JSON is written, before any credential source change, and before any default/fallback model change.
|
|
- `evidence_sources`: `CTO-CASE-MODEL-PROVIDER-ADMISSION-ISSUES.md`, `CTO-CASE-PROVIDER-DECISION-PACKET-PRD.md`, `CTO-CASE-PROVIDER-DECISION-PACKET-ISSUES.md`, `/home/svrnty/workspaces/hermes/scripts/apply-hermes-model-policy.py`, `/home/svrnty/.hermes/config.yaml`.
|
|
- `effect`: `CTO-WORK-020 remains blocked until admitted provider/model and real Stage 2 pass report exist`.
|
|
|
|
## Meaning
|
|
|
|
`external_provider_approved` means JP approved the provider decision branch for the existing Hermes model stack: `openai-codex` with model `gpt-5.5` as primary, and `vllm` with model `qwen3.6-35b-a3b` as fallback.
|
|
|
|
This record is not provider/model admission and is not Stage 2 pass evidence. It does not authorize Case to run until the `CTO-WORK-020` admission JSON exists and the Harness Evidence Interface proves real Stage 2.
|
|
|
|
`CTO-WORK-024` is resolved by this record selecting `external_provider_approved`.
|
|
|
|
## Decision History
|
|
|
|
Previous state:
|
|
|
|
- `decision_status`: `not_decided`.
|
|
- `not_decided` means no provider/model may run.
|
|
|
|
Future changes:
|
|
|
|
- Only JP or a governed Core route may change this record away from `external_provider_approved`.
|
|
- Allowed future values remain `external_provider_approved` or `local_provider_required`.
|
|
|
|
Any future state must include exact non-secret fields required by `CTO-WORK-020`: provider/model when applicable, approval source, credential source class, allowed network class, review trigger, and evidence expectations.
|
|
|
|
## Safety Constraints
|
|
|
|
- No secret value may appear in SOT, task file, argv, report, trace, backend logs, generated config, or commit.
|
|
- No Target Repository path may be inspected or copied.
|
|
- `CTO-WORK-020` remains provider/model admission authority.
|
|
- `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` remains execution admission gate.
|
|
- `CTO-WORK-022` remains blocked because `decision_status=external_provider_approved`, not `local_provider_required`.
|
|
- Real Case Stage 2 remains blocked until admitted provider/model and Harness Evidence Interface pass report exist.
|
|
- Fallback to `vllm` with `qwen3.6-35b-a3b` must be explicit in admission evidence before it may count as a Case provider/model path.
|
|
- Existing evidence paths and commits are referenced only; runtime evidence is not copied into this record.
|