diff --git a/README.md b/README.md index 23ac2e9..6705dee 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,7 @@ JP's personal assistant / chief of staff. Daily briefing, inbox triage, comms in - **Profile surface contract:** [`docs/contracts/personal-agent-profile-surface-contract.json`](docs/contracts/personal-agent-profile-surface-contract.json) — canonical surfaces, effects, memory route, and proof policy. - **BlueBubbles binding:** [`docs/contracts/personal-agent-bluebubbles-binding.json`](docs/contracts/personal-agent-bluebubbles-binding.json) — `imessage.read` binds to the existing BlueBubbles package without a duplicate connector. - **Proton/rclone package candidate:** [`docs/contracts/personal-agent-proton-rclone-package.json`](docs/contracts/personal-agent-proton-rclone-package.json) — Mail, Calendar, Contacts, and Drive surfaces with redacted runtime inventory and no readiness overclaim. +- **Proton/rclone runtime reconciliation:** [`docs/evidence/2026-06-14-personal-agent-proton-rclone-runtime-reconciliation.md`](docs/evidence/2026-06-14-personal-agent-proton-rclone-runtime-reconciliation.md) — live redacted probe aligning systemd, Docker, MCP, and rclone posture. - **Secondbrain proposal route:** [`docs/contracts/personal-agent-secondbrain-proposal-route.json`](docs/contracts/personal-agent-secondbrain-proposal-route.json) — proposal-only personal memory intake; durable apply remains owned by Secondbrain. - **Conductor/Curator service handoff:** [`docs/contracts/personal-agent-conductor-curator-service-handoff.json`](docs/contracts/personal-agent-conductor-curator-service-handoff.json) — redacted service map for future route selection and hygiene review pickup. - **Runtime readiness snapshot:** [`docs/contracts/personal-agent-runtime-readiness-snapshot.json`](docs/contracts/personal-agent-runtime-readiness-snapshot.json) — redacted per-surface runtime state and gaps; aggregate readiness remains degraded. diff --git a/WORKBOARD.yaml b/WORKBOARD.yaml index 7b403fe..7ec072a 100644 --- a/WORKBOARD.yaml +++ b/WORKBOARD.yaml @@ -49,3 +49,8 @@ items: status: complete source: docs/contracts/personal-agent-desktop-exposure-contract.json owner: jp + - id: PACR-009 + title: Proton And Rclone Runtime Reconciliation + status: complete + source: docs/evidence/2026-06-14-personal-agent-proton-rclone-runtime-reconciliation.md + owner: jp diff --git a/docs/contracts/personal-agent-runtime-readiness-snapshot.json b/docs/contracts/personal-agent-runtime-readiness-snapshot.json index ee9a0b2..6532f7f 100644 --- a/docs/contracts/personal-agent-runtime-readiness-snapshot.json +++ b/docs/contracts/personal-agent-runtime-readiness-snapshot.json @@ -35,7 +35,8 @@ "health_source": "MCP registration plus local service inventory", "redacted_health": { "mcp_server_enabled": true, - "proton_bridge_systemd_running": true, + "proton_bridge_systemd_running": false, + "proton_bridge_systemd_state": "activating-auto-restart", "docker_email_gate": "exited-127", "raw_mail_observed": false }, @@ -49,7 +50,8 @@ "redacted_health": { "mcp_server_enabled": true, "calendar_gate_running": true, - "proton_bridge_systemd_running": true, + "proton_bridge_systemd_running": false, + "proton_bridge_systemd_state": "activating-auto-restart", "raw_calendar_events_observed": false }, "remaining_gap": "Calendar read has service posture but no governed package child runtime proof." @@ -84,8 +86,8 @@ ], "supervisor_posture": { "mac_mini_bluebubbles": "package-validator-ok-redacted", - "proton_bridge_service": "active-running", - "proton_bridge_proxy_service": "active-running", + "proton_bridge_service": "activating-auto-restart", + "proton_bridge_proxy_service": "activating-auto-restart", "rclone_rc_service": "disabled-inactive", "rclone_proxy_service": "disabled-inactive" }, @@ -108,6 +110,12 @@ "state": "stale sdo-protonmail-bridge container exists in Created state", "impact": "duplicate service topology must be resolved before final runtime readiness" }, + { + "id": "proton-bridge-systemd-auto-restart", + "severity": "must-fix", + "state": "proton-bridge.service and proton-bridge-proxy.service are activating with auto-restart", + "impact": "mail.read and calendar.read cannot claim stable runtime readiness" + }, { "id": "proton-rclone-child-unregistered", "severity": "must-fix", @@ -161,6 +169,7 @@ "remaining_gates": { "proton_email_gate_repair": "blocked-follow-up", "proton_contacts_gate_repair": "blocked-follow-up", + "proton_bridge_systemd_convergence": "blocked-follow-up", "proton_rclone_child_registration": "blocked-follow-up", "secondbrain_durable_apply": "blocked-follow-up", "desktop_adapter_exposure": "blocked-follow-up", diff --git a/docs/evidence/2026-06-14-personal-agent-proton-rclone-runtime-reconciliation.md b/docs/evidence/2026-06-14-personal-agent-proton-rclone-runtime-reconciliation.md new file mode 100644 index 0000000..74d9214 --- /dev/null +++ b/docs/evidence/2026-06-14-personal-agent-proton-rclone-runtime-reconciliation.md @@ -0,0 +1,39 @@ +--- +name: 2026-06-14-personal-agent-proton-rclone-runtime-reconciliation +status: complete +triage: evidence +owner: jp +created: 2026-06-14 +source: docs/contracts/personal-agent-runtime-readiness-snapshot.json +artifact_type: evidence +--- + +# Personal-Agent Proton/rclone Runtime Reconciliation + +## Scope + +This evidence reconciles the `personal-agent` Proton/rclone profile snapshot +against a same-day redacted runtime probe. + +## Redacted Probe + +- MCP registration: `proton-calendar`, `proton-email`, and `proton-contacts` + are enabled for the Steev profile. +- Docker inventory: calendar gate is up, email gate and contacts gate remain + exited, one Proton Bridge container is up, and one stale Proton Bridge + container remains created. +- systemd user inventory: `proton-bridge.service` and + `proton-bridge-proxy.service` are loaded and enabled but currently + `activating-auto-restart`. +- rclone inventory: explicit Proton remote `about` probe succeeded with + redacted quota output only; no drive file names or file contents were listed. + +## Result + +The profile runtime snapshot now records Proton Bridge systemd convergence as a +must-fix gap. The aggregate `personal-agent` runtime state remains degraded. + +This proof does not read or store mail bodies, mail subjects, sender or +recipient addresses, contact details, calendar event details, drive file names, +drive file contents, endpoint payloads, credentials, cookies, Keychain values, +password-manager values, or secret values. diff --git a/tools/validate_steev_child.py b/tools/validate_steev_child.py index 14893a0..545f5b4 100755 --- a/tools/validate_steev_child.py +++ b/tools/validate_steev_child.py @@ -24,6 +24,7 @@ REQUIRED = [ "docs/contracts/personal-agent-conductor-curator-service-handoff.json", "docs/contracts/personal-agent-runtime-readiness-snapshot.json", "docs/contracts/personal-agent-desktop-exposure-contract.json", + "docs/evidence/2026-06-14-personal-agent-proton-rclone-runtime-reconciliation.md", "docs/prd/2026-06-14-personal-agent-context-runtime-prd.md", "docs/issues/2026-06-14-personal-agent-context-runtime-work-orders.md", "docs/supersession/2026-06-14-personal-agent-context-runtime-supersession-register.md", @@ -126,6 +127,7 @@ REQUIRED_RUNTIME_GAPS = { "proton-email-gate-exited", "proton-contacts-gate-exited", "stale-protonmail-bridge-container", + "proton-bridge-systemd-auto-restart", "proton-rclone-child-unregistered", "secondbrain-apply-blocked", "desktop-adapter-exposure-blocked", @@ -849,8 +851,8 @@ def main() -> int: posture = runtime.get("supervisor_posture", {}) expected_posture = { "mac_mini_bluebubbles": "package-validator-ok-redacted", - "proton_bridge_service": "active-running", - "proton_bridge_proxy_service": "active-running", + "proton_bridge_service": "activating-auto-restart", + "proton_bridge_proxy_service": "activating-auto-restart", "rclone_rc_service": "disabled-inactive", "rclone_proxy_service": "disabled-inactive", }