hermes/cto
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46b7296cb2
cto/.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-RECORD.md
Svrnty 6762403d51 Track Spark endpoint config blocker
2026-05-31 22:17:47 -04:00

88 lines
5.0 KiB
Markdown
Raw Blame History

---
title: CTO Case Provider Decision Record
status: draft
lifecycle_classification: sot
owner: jp
created: 2026-05-31
last_reviewed: 2026-05-31
core_promotion_status: not-promoted
route: cto
---
# CTO Case Provider Decision Record
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Current Decision State
- `decision_status`: `local_provider_required`.
- `provider_class`: `local_case_compatible`.
- `provider`: `qwen-local`.
- `model`: `qwen3.6-35b-a3b`.
- `fallback_provider`: `openai-codex`.
- `fallback_model`: `gpt-5.5`.
- `approval_source`: JP chat approval on 2026-05-31.
- `credential_source_class`: `pi-models-json-local-provider-no-secret-plus-codex-oauth-fallback`; no secret value.
- `allowed_network_class`: `local-tailscale-vllm-spark1-plus-codex-oauth-fallback`.
- `review_trigger`: before real Case Stage 2 admission JSON is written, before any credential source change, and before any default/fallback model change.
- `evidence_sources`: `CTO-CASE-MODEL-PROVIDER-ADMISSION-ISSUES.md`, `CTO-CASE-PROVIDER-DECISION-PACKET-PRD.md`, `CTO-CASE-PROVIDER-DECISION-PACKET-ISSUES.md`, `/home/svrnty/workspaces/hermes/scripts/apply-hermes-model-policy.py`, `/home/svrnty/.hermes/config.yaml`.
- `effect`: `CTO-WORK-020 remains blocked until admitted provider/model and real Stage 2 pass report exist`.
## Meaning
`local_provider_required` means JP approved the provider decision branch for the existing Hermes model stack: `qwen-local` with model `qwen3.6-35b-a3b` as primary, and `openai-codex` with model `gpt-5.5` as fallback.
This record is not provider/model admission and is not Stage 2 pass evidence. It does not authorize Case to run until the `CTO-WORK-020` admission JSON exists and the Harness Evidence Interface proves real Stage 2.
`CTO-WORK-024` is resolved by this record selecting `local_provider_required`.
## Decision History
Previous state:
- `decision_status`: `not_decided`.
- `not_decided` means no provider/model may run.
Future changes:
- Only JP or a governed Core route may change this record away from `local_provider_required`.
- Allowed future values remain `external_provider_approved` or `local_provider_required`.
Any future state must include exact non-secret fields required by `CTO-WORK-020`: provider/model when applicable, approval source, credential source class, allowed network class, review trigger, and evidence expectations.
## Safety Constraints
- No secret value may appear in SOT, task file, argv, report, trace, backend logs, generated config, or commit.
- No Target Repository path may be inspected or copied.
- `CTO-WORK-020` remains provider/model admission authority.
- `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` remains execution admission gate.
- `CTO-WORK-022` remains blocked until explicit local provider config is supplied and real Case Stage 2 pass evidence exists.
- Real Case Stage 2 remains blocked until admitted provider/model and Harness Evidence Interface pass report exist.
- Fallback to `openai-codex` with `gpt-5.5` must be explicit in admission evidence before it may count as a Case provider/model path.
- Existing evidence paths and commits are referenced only; runtime evidence is not copied into this record.
## Runtime Compatibility Finding - 2026-06-01
- Hermes commit `5db23c7 Fail closed on Case Codex auth gap` blocks the admitted `openai-codex` / `gpt-5.5` Case path before `case_process_started` unless a non-vendor auth bridge is proven.
- The block exists because Case's pipeline SDK path constructs its Pi Agent runtime directly and does not pass Pi AuthStorage OAuth headers into `streamSimple`.
- Pi env API-key lookup does not map `openai-codex` to an environment API key.
- The Case-compatible local provider id for the current local Spark fallback path is `qwen-local`, model `qwen3.6-35b-a3b`.
- The non-secret admission JSON for that local Case path is `.sot/03-PROTOCOLS/CTO-CASE-MODEL-PROVIDER-ADMISSION.qwen-local-qwen3.6-35b-a3b.json`.
- This finding does not change Hermes primary model policy.
- This finding does not mark `CTO-WORK-020`, `CTO-WORK-016`, or Stage 2 as validated.
## Provider Policy Update - 2026-06-01
- JP selected `qwen-local` / `qwen3.6-35b-a3b` on Spark as the default Case provider path.
- JP kept `openai-codex` / `gpt-5.5` as fallback only.
- The fallback remains blocked by the known OpenAI Codex auth bridge gap unless a non-vendor bridge is proven.
- The local Qwen path remains blocked before Case process start unless `CTO_HARNESS_CASE_LOCAL_BASE_URL` is explicitly supplied.
- This update changes provider policy only. It does not mark real Case Stage 2 as passed.
## Spark Endpoint Config Reference - 2026-06-01
- `CTO-WORK-030` tracks the runtime Spark endpoint config required for the selected Qwen local path.
- The required runtime variable is `CTO_HARNESS_CASE_LOCAL_BASE_URL`.
- The endpoint value must not be copied into SOT, commits, task files, argv examples, backend logs, reports, or traces.
- A configured endpoint alone does not validate `CTO-WORK-016`, `CTO-WORK-020`, `CTO-WORK-022`, or `CTO-WORK-028`.
Reference in New Issue View Git Blame Copy Permalink