4.0 KiB
| title | status | lifecycle_classification | owner | created | last_reviewed | core_promotion_status | route |
|---|---|---|---|---|---|---|---|
| CTO Case Spark Endpoint Config PRD | draft | sot | jp | 2026-06-01 | 2026-06-01 | not-promoted | cto |
CTO Case Spark Endpoint Config PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
Problem Statement
qwen-local / qwen3.6-35b-a3b is now the selected primary Case provider policy, but real Case Stage 2 cannot start until the Hermes CTO harness receives explicit Spark OpenAI-compatible endpoint config.
Current non-secret readiness check showed CTO_HARNESS_CASE_LOCAL_BASE_URL is missing. The harness correctly blocks before case_process_started instead of falling back to ambient Pi config or an external model.
Solution
Create a narrow child-local endpoint config route for Spark local provider readiness. The route records exactly what must be supplied and proven before a real Qwen Case Stage 2 retry can count.
Scope
- Require explicit
CTO_HARNESS_CASE_LOCAL_BASE_URLforqwen-local. - Treat the endpoint value as runtime config, not SOT content.
- Do not store endpoint secrets or credential values in SOT, argv, task file, backend logs, report, trace, generated config, or commit.
- Require the Hermes CTO harness to keep blocking before
case_process_startedwhen the local endpoint config is missing. - Require missing endpoint config to write
backend/provider-local-config-unavailable.txt. - Require future proof through the Harness Evidence Interface.
- Keep copied artificial fixture scope only.
- Require no Target Repository path to be inspected or copied.
- Keep same-run fake baseline comparison required.
- Keep
CTO-WORK-020,CTO-WORK-016,CTO-WORK-022, and Stage 2 blocked until real pass evidence exists.
Non-Goals
- Do not discover or print credentials.
- Do not read secret-bearing Hermes config.
- Do not mutate Case source, Cortex Core, vendor source, external developer repositories, or Target Repositories.
- Do not approve a new provider/model.
- Do not treat endpoint presence as Stage 2 pass evidence.
- Do not promote Case to copied repo, sandbox repo, owned repo, or default candidate.
Acceptance Criteria
- The route names
CTO_HARNESS_CASE_LOCAL_BASE_URLas the required local endpoint config. - The route states missing endpoint config blocks before
case_process_started. - The route states missing endpoint config writes
backend/provider-local-config-unavailable.txt. - The route states endpoint values must not be written to SOT or commits.
- The route states endpoint presence is not Stage 2 pass evidence.
- The route states a configured endpoint alone does not validate
CTO-WORK-016,CTO-WORK-020,CTO-WORK-022, orCTO-WORK-028. - The route states no Target Repository path may be inspected or copied.
- The route requires real Case Stage 2 proof through the Harness Evidence Interface before unblocking
CTO-WORK-016. - The route keeps
CTO-WORK-022blocked until explicit endpoint config and real Stage 2 pass evidence exist. - The route keeps fake as the default validation lane.
Validation
python3 tools/validate_cto_child.pyvalidates this child-local route.- Future Hermes focused validation remains
python3 harness/runner/validate-case-provider-adapter.py --harness-root harness --json. - Future real Qwen validation must run copied artificial fixture Stage 2 with
CTO_HARNESS_CASE_LOCAL_BASE_URLpresent and no endpoint value written to SOT.
Risks And Dependencies
- Spark may be unavailable or not serving an OpenAI-compatible endpoint.
- The endpoint may require credentials or network state outside this workspace.
- Local model quality may still fail the
AGENT_RESULTprotocol or code-change task after endpoint config is supplied. - A supplied endpoint does not remove the need for admitted provider/model proof.
Success Definition
The Spark endpoint requirement is explicit, secret-safe, and governed. A future operator can supply CTO_HARNESS_CASE_LOCAL_BASE_URL and run one real Case Stage 2 proof without guessing which config is missing or allowing fallback behavior.