# STATUS — phase porepo (Builder) **Phase plan:** `/srv/cc-ci/cc-ci-plan/plan-phase-porepo-project-orchestrator.md` **Deliverable repo:** `recipe-maintainers/project-orchestrator` on `git.autonomic.zone` **Consumes harness:** `recipe-maintainers/agent-orchestrator` @ tag `v0.1.0` (commit `289ef07`) as `engine/` submodule --- ## DONE All 5 Definition-of-Done items are Adversary-verified with a fresh PASS (@2026-06-13T19:19Z) on deliverable commit `346ed31acbc0d98eeb2881a1b62998ac9544c002`. No findings, no VETO — the Adversary cold-cloned `recipe-maintainers/project-orchestrator` recursively to `/tmp` (anonymous), confirmed the `engine/` submodule pinned at `289ef07` (v0.1.0), and re-ran every acceptance check inside `nix develop` (Python 3.11.11). Full cold-verification evidence is in `REVIEW-porepo.md`. The `recipe-maintainers/project-orchestrator` repo now exists on `git.autonomic.zone`: the PO is itself a project using the `agent-orchestrator` harness (vendored as the `engine/` submodule @ v0.1.0), with one persistent fleet-management agent (`agents.toml` + `prompts/`), the sole fleet registry (`fleet.toml` + `docs/fleet-registry.md`), the create/start/stop/update/list-status capability (`scripts/` + `docs/manage-projects.md`), a Nix devShell (`flake.nix`/`.lock`), and the bootstrap doc (`docs/bootstrap.md`). Knowledge is one-directional: a scaffolded project carries no PO/fleet metadata. ### WHERE (verification inputs) - Deliverable repo (public): `https://git.autonomic.zone/recipe-maintainers/project-orchestrator.git` - `main` HEAD → `346ed31acbc0d98eeb2881a1b62998ac9544c002` (single feat commit) - `engine/` submodule pin → `289ef07df40a8264f3a36b4e91b923d1424c4658` = tag `v0.1.0` of `recipe-maintainers/agent-orchestrator` (also public; anon recursive clone needs no creds) - `.gitmodules` URL is the **public** `https://git.autonomic.zone/recipe-maintainers/agent-orchestrator.git` (no embedded creds) — so `git clone --recurse-submodules` works anonymously. - File map: `agents.toml` (PO harness config), `prompts/{orchestrator,supervise}.md`, `fleet.toml` (registry), `docs/{fleet-registry,manage-projects,bootstrap}.md`, `scripts/{fleet.py, create-project.sh,start-project.sh,stop-project.sh,update-project.sh,_resolve.sh}`, `flake.nix`+`flake.lock`, `README.md`, `.gitignore`. ### HOW to cold-verify (fresh /tmp clone, anonymous, exactly as the plan specifies) ``` cd /tmp && rm -rf porepo-cold git clone --recurse-submodules https://git.autonomic.zone/recipe-maintainers/project-orchestrator.git porepo-cold cd porepo-cold git rev-parse HEAD # → 346ed31... git submodule status # → 289ef07... engine (v0.1.0) # DoD-2: the PO's own config drives the harness nix develop -c python3 engine/agents.py status # DoD-3: fleet registry schema + sample entry parse nix develop -c python3 scripts/fleet.py validate nix develop -c python3 scripts/fleet.py status # DoD-5: Nix devShell + tomllib + bootstrap doc nix develop -c python3 -c 'import tomllib' test -f docs/bootstrap.md && echo "bootstrap doc present" # DoD-4: create-a-project flow demonstrated → valid standalone project, no PO/fleet metadata nix develop -c bash scripts/create-project.sh scratch-verify --dir /tmp/po-scratch --ref v0.1.0 nix develop -c bash -c 'cd /tmp/po-scratch/scratch-verify && python3 engine/agents.py status' ( cd /tmp/po-scratch/scratch-verify && git submodule status ) # engine pinned @ v0.1.0 ( cd /tmp/po-scratch/scratch-verify \ && grep -ril -e 'fleet' -e 'project-orchestrator' -e 'project orchestrator' . \ --exclude-dir=engine --exclude-dir=.git \ && echo "BAD: PO/fleet metadata found" || echo "clean: no PO/fleet metadata" ) # cleanup (throwaway; never registered, never touched live cc-ci): rm -rf /tmp/po-scratch /tmp/porepo-cold ``` ### EXPECTED outcomes (from my cold anon run @2026-06-13T19:20Z on 346ed31, /tmp clone, nix develop) - **Clone:** `git rev-parse HEAD` = `346ed31...`; `git submodule status` = ` 289ef07df40a8264f3a36b4e91b923d1424c4658 engine (v0.1.0)`; `engine/agents.py` present (proves the recursive submodule fetch worked anonymously). devShell banner: `Python 3.11.11, tmux 3.5a, git version 2.47.2`. - **DoD-1 (repo+submodule+main):** repo exists & public; `main` pushed at `346ed31`; `engine/` pinned at `v0.1.0` (`289ef07`). - **DoD-2 (status):** `engine/agents.py status` prints a table listing the `project-orchestrator` persistent agent (backend claude, model claude-opus-4-8, watch heal, STATE stopped) and the watchdog service — no error, rc=0. - **DoD-3 (fleet.toml):** `fleet.py validate` → `fleet: OK — 1 project(s), schema v1`, rc=0; `fleet.py status` lists the sample `example-recipe-ci` entry (enabled, agent-orchestrator@v0.1.0) + `total=1 enabled=1 disabled=0`. Schema documented in `docs/fleet-registry.md`. - **DoD-4 (create flow):** `create-project.sh` scaffolds `/tmp/po-scratch/scratch-verify` with an `engine/` submodule pinned at `289ef07` (v0.1.0) and an `init`-scaffolded `agents.toml`; `engine/agents.py status` in it prints its agent table (rc=0); tracked files are exactly `.gitignore .gitmodules agents.toml` (no PO/fleet files); the grep prints `clean: no PO/fleet metadata`. Flow documented in `docs/manage-projects.md`. - **DoD-5 (Nix+bootstrap):** `python3 -c 'import tomllib'` prints nothing & rc=0 inside the devShell; `docs/bootstrap.md` present. (Reasoning / design rationale is in JOURNAL-porepo.md, not here, to preserve anti-anchoring.) ## Gate status | DoD item | Status | Verified | |---|---|---| | D1 repo exists + main pushed + engine/ submodule pinned @ v0.1.0 | PASS | 2026-06-13T19:19Z | | D2 clean recursive /tmp clone: `nix develop -c python3 engine/agents.py status` works | PASS | 2026-06-13T19:19Z | | D3 fleet.toml schema present + documented; sample entry parses | PASS | 2026-06-13T19:19Z | | D4 create-a-project flow documented AND demonstrated (scratch valid, no PO/fleet metadata, status works) | PASS | 2026-06-13T19:19Z | | D5 Nix works (`nix develop -c python3 -c 'import tomllib'`); bootstrap doc present | PASS | 2026-06-13T19:19Z |