Implementation Dashboard
Implementation Dashboard
Section titled “Implementation Dashboard”Structured status for every tracked rig capability, compiled from
facts/capabilities.yaml.
This supersedes the prose tables in whitepaper/implementation-status.md.
Agents: The BRAIN.md summary line is compiled from this same data. For a full domain breakdown, read this page or fetch the raw YAML.
Capabilities
Section titled “Capabilities” ✅ shipped: 15 ⚠️ partial: 7 🔲 planned: 15 ⏸️ deferred: 0 Total: 38
| Status | Capability | Domain | Owner | Whitepaper | Tracking |
|---|---|---|---|---|---|
| ✅ shipped | rig-conductor event store (Marten/Postgres) 29 event types defined (latest: GUARD_BLOCKED). Projections live. Public catalog at /events.md. | coordination | rig-conductor | trust-model #the-four-tiers | — |
| ✅ shipped | POST /api/events endpoint Production-active on rig-conductor. | coordination | rig-conductor | trust-model #the-four-tiers | — |
| ✅ shipped | Assignment dispatch (GET /api/assignments/next) Priority + FIFO only, no capacity check. | coordination | rig-conductor | trust-model #the-four-tiers | — |
| 🔲 planned | Per-consumer cursor projection Phase 3. Replaces earlier per-pod capacity framing. | coordination | rig-conductor | trust-model #the-four-tiers | — |
| 🔲 planned | Bounded-loop sentinel (ReviewLoopExceeded) Phase 4. Caps Dev-E/Review-E ping-pong. | coordination | rig-conductor | trust-model #the-four-tiers | — |
| ✅ shipped | Dangerous-command guard (pretool-guard.sh) Shipped 2026-04-20. 43 test cases. Blocks sudo, rm -rf, git push --force, destructive SQL, cluster-scope kubectl delete, package installers, curl|sh. No override flag. | safety | rig-agent-runtime | safety #tool-safety | — |
| ✅ shipped | Git worktrees per agent task (task-workspace.sh) Shipped 2026-04-21. Bare clone reused; worktree per task. 17 test cases. | safety | rig-agent-runtime | safety #isolation | — |
| ⚠️ partial | Default-deny egress via Envoy SNI gateway + pod-scoped DNS Cilium-L7-first plan retired 2026-04-22 — rig is k3s + flannel, not GKE+Dataplane-V2.
Shipped: chart `dnsPolicy`/`dnsConfig` pass-through (rig-agent-runtime #115 / 1.1.0);
dedicated CoreDNS in the egress-gw namespace that rewrites each allowlisted public
host to the in-cluster Envoy egress gateway answer auto; review-e wired. Pod-scoped
DNS avoids the cluster-wide CoreDNS trap that caught Flux earlier in the day. 24h
burn-in → dev-e rollout → default-deny NetworkPolicy (allowlist: kube-dns 53,
egress-dns 53, Envoy 443+8443, rig-conductor 8080+6379+5432 — including Postgres,
the gap from the first spike).
| safety | rig-gitops | safety #network-isolation | dashecorp/rig-docs#57 |
| 🔲 planned | CaMeL trust separation (privileged + quarantined execution) Phase 6. Only prompt-injection defense with a formal guarantee. | safety | rig-agent-runtime | safety #prompt-injection | — |
| ✅ shipped | SOPS + age + Flux inline decryption .sops.yaml at repo root; every Kustomization uses decryption.provider: sops. | security | rig-gitops | security #secrets-management | — |
| ✅ shipped | GitHub App installation tokens (1h TTL) Shipped 2026-04-21. 1h tokens from App PEM, refreshed every 50 min. No PAT fallback (fail loud). | security | rig-agent-runtime | security #github-auth | — |
| 🔲 planned | Kyverno admission policies (native Sigstore verification) Phase 4. Prerequisite for two-attestor T3 gate. | security | rig-gitops | security #admission-control | — |
| 🔲 planned | T3 two-attestor approval gate Dispatch filter live; Kyverno admission pending. Structural limit: 1-person rig makes real enforcement difficult. | security | rig-conductor | trust-model #the-four-tiers | — |
| ❌ rejected | Cilium L7 egress allowlist (retired — replaced by Envoy SNI gateway) Retired 2026-04-22. Rig runs k3s + flannel (not GKE + Dataplane V2) — Cilium CRDs
aren't available natively and a CNI swap was not justified for Phase 1. Replaced
by `default-deny-egress` (Envoy SNI gateway + pod-scoped DNS on dev-e / review-e).
LiteLLM-based cost/model centralisation bundled with Priority 3.
| security | rig-gitops | security #network-egress | dashecorp/rig-docs#57 |
| 🔲 planned | Sigstore image signing (cosign, keyless) Phase 4. | security | rig-gitops | security #supply-chain | — |
| ⚠️ partial | OpenTelemetry Collector Deployed for rig-conductor only. Agents not yet emitting OTel GenAI spans. | observability | rig-gitops | observability #otel | — |
| ⚠️ partial | Local Prometheus (kube-prometheus-stack) Deployed. Not yet source of truth for Flagger gates (Flagger not deployed). | observability | rig-gitops | observability #metrics | — |
| 🔲 planned | Claude Code native OTel emission Phase 2. Set CLAUDE_CODE_ENABLE_TELEMETRY=1 in agent pods. | observability | rig-agent-runtime | observability #otel | — |
| ⚠️ partial | Cost dashboard (per-agent, per-task) Basic cost tracking via TokenUsageProjection. No LiteLLM proxy yet, so no hard enforcement. | observability | rig-conductor | observability #costs | — |
| ✅ shipped | TokenUsage event + projection Aggregates per agent × repo in MartenProjections.cs. | cost | rig-conductor | cost-framework #tracking | — |
| 🔲 planned | LiteLLM proxy (hard budget ceiling) Phase 2. Blocks hard per-key budget caps and cross-provider fallback. | cost | rig-gitops | cost-framework #enforcement | — |
| ✅ shipped | Postgres + pgvector storage Co-located with Marten on the conductor's Postgres pod. | memory | rig-memory-mcp | memory #storage | — |
| ✅ shipped | search_memories MCP tool (hybrid vector + BM25) HNSW + GIN indexes. Silent fallback to BM25-only if OPENAI_API_KEY missing. | memory | rig-memory-mcp | memory #tools | — |
| ⚠️ partial | write_memory MCP tool Works when called. Agents rarely call it — usage is near-zero. | memory | rig-memory-mcp | memory #tools | — |
| 🔲 planned | Memory TTL pruning cron expires_at column exists, no cron job scheduled. | memory | rig-memory-mcp | memory #lifecycle | — |
| ✅ shipped | k3s on single GCP VM (8 GB) invotek-k3s live. | cluster | rig-gitops | tool-choices #cluster | — |
| ✅ shipped | FluxCD GitOps rig-gitops → cluster reconciliation active. | cluster | rig-gitops | tool-choices #gitops | — |
| ✅ shipped | KEDA event-driven autoscaling ScaledObject per agent. | cluster | rig-gitops | tool-choices #autoscaling | — |
| ✅ shipped | AGENTS.md cross-tool standard All repos import from rig-gitops/AGENTS.md. | process | rig-gitops | provider-portability #agents-md | — |
| 🔲 planned | Autonomy tier promotion projection (T0→T1→T2) Pattern: 20 successful runs, zero rollbacks. Not yet implemented. | process | rig-conductor | trust-model #promotion | — |
| ✅ shipped | Mermaid CI check on every PR touching .md Shipped in rig-gitops#54. .github/workflows/mermaid-check.yml. | process | rig-gitops | development-process #ci | — |
| 🔲 planned | Flagger canary deploys Phase 5. Flux-native progressive delivery. | self-healing | rig-gitops | self-healing #progressive-delivery | — |
| 🔲 planned | pgroll expand/contract migrations Phase 5. With inspectable SQL trail hedge. | self-healing | rig-conductor | self-healing #migrations | — |
| ⚠️ partial | Code drift via Flux reconciliation events Flux detects drift, not yet alerted-on. | drift | rig-gitops | drift-detection #code-drift | — |
| ⚠️ partial | Config drift via Flux + kube-diff Flux detects. Alerts not yet wired. | drift | rig-gitops | drift-detection #config-drift | — |
| 🔲 planned | Model drift 20-prompt canary suite Phase 6. Per-provider. | drift | rig-agent-runtime | drift-detection #model-drift | — |
| 🔲 planned | Nightly golden suite + regression cases Phase 2. ~$3-8/night. | quality | rig-agent-runtime | quality-and-evaluation #nightly | — |
| 🔲 planned | DORA metrics adapted to agents Phase 2. Lead time, CFR, rework rate, rollback rate. | quality | rig-conductor | quality-and-evaluation #dora | — |
Data source
Section titled “Data source”| Field | Notes |
|---|---|
id | Stable slug — referenced in depends_on links |
status | shipped / partial / planned / deferred / rejected |
status_note | Honest gap or evidence. Hover the badge in the table to read it. |
tracking_issue | <owner>/<repo>#<N> — links to the GitHub issue or PR |
depends_on | IDs that must ship before this capability |
whitepaper | Which whitepaper documents the design (slug, no extension) |
section | Anchor within the whitepaper (e.g. #the-four-tiers) |
Updating
Section titled “Updating”Edit facts/capabilities.yaml
and run npm run brain to regenerate BRAIN.md. This page regenerates automatically at build time (Cloudflare Pages).
On status change:
- Planned → Shipped: update
status, clearstatus_notegap text, add evidence tostatus_note. - New capability: add a row with
status: plannedand link atracking_issue.
CI lint
Section titled “CI lint”A nightly GitHub Actions workflow (capabilities-lint.yml)
validates facts/capabilities.yaml schema and checks that all tracking_issue refs resolve to open or
closed issues on GitHub. Stale refs (404s) are reported as CI failures.