Introduce hybrid execution model for Hash/chilli companion with cloud-first degraded local runner#48
Conversation
There was a problem hiding this comment.
Code Review
This pull request introduces a hybrid execution model for the Hash/chilli companion architecture, shifting heavy tasks like validation and builds to Cloud/GitHub CI due to local Windows sandbox unreliability. The feedback focuses on ensuring consistency between the configuration file and the architectural documentation, specifically regarding error messages and prohibited local actions. Technical improvements were suggested for YAML formatting and naming conventions. Furthermore, a security recommendation was made to incorporate local sanitization of requests before cloud routing to maintain GDPR compliance as per the project's architectural pillars.
| execute: false | ||
| retry_locally: false | ||
| reason: "CreateProcessAsUserW failed: 5" | ||
| message: "Local validation is disabled; Cloud/GitHub CI is authoritative." |
There was a problem hiding this comment.
| - validation | ||
| - execution_retries | ||
| - builds | ||
| - tests |
| - reset | ||
| - generated_output_mutation | ||
| - chilli_pet_asset_mutation | ||
| - C:\\Comptextv7_source_behavior_mutation |
There was a problem hiding this comment.
The entry C:\\Comptextv7_source_behavior_mutation uses double backslashes which are interpreted literally in YAML plain scalars (resulting in C:\\). Additionally, using a snake_case identifier would be more consistent with other items in this list like chilli_pet_asset_mutation.
- comptextv7_source_behavior_mutation| 1. Keep the chilli/hatch-pet UI running locally. | ||
| 2. Keep the Hash companion manifest local and readable by the UI. | ||
| 3. Display companion status, queued/requested work, and Cloud/GitHub CI results. | ||
| 4. Capture user requests and route them to the cloud-backed execution path. |
There was a problem hiding this comment.
The local environment must be responsible for sanitizing requests before they are routed to the cloud. This is critical for maintaining the 'Privacy by design' pillar and ensuring GDPR/DSGVO compliance as specified in the style guide.
| 4. Capture user requests and route them to the cloud-backed execution path. | |
| 4. Capture user requests, perform local sanitization (masking/hashing), and route them to the cloud-backed execution path. |
|
Proceeding direction confirmed. Next implementation target after this documentation/config PR:
Scope guard:
This PR should remain focused on documenting and configuring the hybrid local UI + cloud execution model. |
Motivation
CreateProcessAsUserW failed: 5) so local UI and manifest remain usable while execution is cloud-authoritative.Description
config/hash-companion/hybrid-execution.yamlwhich definesmodel: hybrid,status: degraded_local_runner, local component responsibilities, ahard_stop_conditionsentry for theCreateProcessAsUserW failed: 5failure, avalidation_runnerconfigured to targetcloud_ciwith alocal_fallbackdegraded response, Cloud CIgithub_actionssettings andprohibited_local_actionsincluding mutation ofC:\Comptextv7.docs/hash-companion/hybrid-execution-model.mdwhich documents the hybrid model, local and CI responsibilities, degraded-mode behavior, thevalidation_runnerplan, the CI result contract JSON shape, and the criteria required to re-enable local execution.Testing
Codex Task