docs(prompts): Phase 02 wave 3 master prompt for Codex #35

Merged

pdurlej merged 1 commit from claude/orders/wave-3-master-prompt into main

2026-05-03 10:33:46 +02:00

pdurlej commented

2026-05-03 10:30:56 +02:00

Owner

Summary

Master prompt for Codex to execute Phase 02 wave 3: 3 modules (searx, n8n-main, mirotalk-sfu), 3 separate PRs, autonomous execution with operator owning merge gate.

Why

Operator chose Codex-via-master-prompt path for wave 3 (vs GLM-via-OpenCode or my own sub-agent). Master prompt codifies wave 2 canary-validated patterns (PRs #29, #30, #32, #33, #34) as canonical reference so Codex can operate without re-deriving them.

Per-module process (apply 3×): branch → SSH audit → identify drift → write module.yaml v2 → write runbook → validate → push → PR via Forgejo MCP → trigger 3+3 ensemble review
v2 schema fields: image_observed, image_digest_pinned_in_compose, image_audit_ts, image_build, statefulness, acknowledged_risks
Canary-validated patterns locked in:
- yq '.spec.runtime.image_observed' digest source (PR #29 v3)
- cd /opt/vps-home-platform-infra/compose/apps/ (PR #29 v3)
- platformctl apply <plan_file> --approved <sha> CLI signature (PR #29 v5)
- acknowledged_risks per charter §6 cognition rule (PR #30 onward)
- Drift-fix-default-to-match-runtime (operator wave 2 option a)
Module-specific notes: searx (likely tailnet-only, dir name verification), n8n-main (different from n8n-worker, UI service), mirotalk-sfu (WebRTC, may legitimately be public unlike admin)
Hard constraints: no runtime modification, no sacred path writes, no silent drift fixes, no auto-merge, one PR per module, codex (not claude) service identity
Hand-back protocol: 3 PR URLs + per-module summary to operator post-execution

How operator triggers

After merge:

cd ~/Developer/iskra-platform-2026-04-30
git pull
codex run prompts/phase-02-wave-3.md
# (or whatever your codex invocation is)

Codex reads the prompt, executes 3 PRs, returns summary. Operator reviews each PR, merges or requests changes.

Verification

Prompt under reasonable size: 279 lines, ~3.7k tokens (fits comfortably in Codex session)
References specific canary-validated PR numbers + line patterns
Charter §3 (deploy flow) and §6 (cognition) referenced
§13 wakeup honesty referenced for long-running step handling
No prescriptive over-specification — Codex retains judgment (e.g., "mirotalk-sfu MIGHT actually be public" framed as audit question, not assertion)

Test plan

Operator readback: prompt is clear enough to execute autonomously
(Post-merge) Codex execution produces 3 PRs matching wave 2 quality bar
(Post-Codex) Each Codex PR fires 3+3 review automatically

## Summary Master prompt for Codex to execute Phase 02 wave 3: 3 modules (`searx`, `n8n-main`, `mirotalk-sfu`), 3 separate PRs, autonomous execution with operator owning merge gate. ## Why Operator chose Codex-via-master-prompt path for wave 3 (vs GLM-via-OpenCode or my own sub-agent). Master prompt codifies wave 2 canary-validated patterns (PRs #29, #30, #32, #33, #34) as canonical reference so Codex can operate without re-deriving them. ## Contents - **Per-module process** (apply 3×): branch → SSH audit → identify drift → write module.yaml v2 → write runbook → validate → push → PR via Forgejo MCP → trigger 3+3 ensemble review - **v2 schema fields**: `image_observed`, `image_digest_pinned_in_compose`, `image_audit_ts`, `image_build`, `statefulness`, `acknowledged_risks` - **Canary-validated patterns** locked in: - `yq '.spec.runtime.image_observed'` digest source (PR #29 v3) - `cd /opt/vps-home-platform-infra/compose/apps/` (PR #29 v3) - `platformctl apply <plan_file> --approved <sha>` CLI signature (PR #29 v5) - `acknowledged_risks` per charter §6 cognition rule (PR #30 onward) - Drift-fix-default-to-match-runtime (operator wave 2 option a) - **Module-specific notes**: searx (likely tailnet-only, dir name verification), n8n-main (different from n8n-worker, UI service), mirotalk-sfu (WebRTC, may legitimately be public unlike admin) - **Hard constraints**: no runtime modification, no sacred path writes, no silent drift fixes, no auto-merge, one PR per module, codex (not claude) service identity - **Hand-back protocol**: 3 PR URLs + per-module summary to operator post-execution ## How operator triggers After merge: ``` cd ~/Developer/iskra-platform-2026-04-30 git pull codex run prompts/phase-02-wave-3.md # (or whatever your codex invocation is) ``` Codex reads the prompt, executes 3 PRs, returns summary. Operator reviews each PR, merges or requests changes. ## Verification - [x] Prompt under reasonable size: 279 lines, ~3.7k tokens (fits comfortably in Codex session) - [x] References specific canary-validated PR numbers + line patterns - [x] Charter §3 (deploy flow) and §6 (cognition) referenced - [x] §13 wakeup honesty referenced for long-running step handling - [x] No prescriptive over-specification — Codex retains judgment (e.g., "mirotalk-sfu MIGHT actually be public" framed as audit question, not assertion) ## Test plan - [ ] Operator readback: prompt is clear enough to execute autonomously - [ ] (Post-merge) Codex execution produces 3 PRs matching wave 2 quality bar - [ ] (Post-Codex) Each Codex PR fires 3+3 review automatically

pdurlej added 1 commit

2026-05-03 10:30:56 +02:00

docs(prompts): Phase 02 wave 3 master prompt for Codex (searx, n8n-main, mirotalk-sfu) 3365291992

Codex master prompt for wave 3: 3 modules, 3 separate PRs, autonomous
execution with operator owning merge gate. Codifies wave 2 canary-validated
patterns (PR #29/30/32/33/34) as canonical reference:

- v2 schema fields: image_observed (full digest, no truncation),
  image_digest_pinned_in_compose, image_audit_ts (RFC3339 UTC),
  image_build, statefulness, acknowledged_risks (under spec.risk)
- yq-from-manifest digest pattern (PR #29 canary v3)
- compose_file-relative cwd /opt/.../compose/apps/ (PR #29 canary v3)
- platformctl apply <plan_file> --approved <sha> CLI signature (canary v5)
- Acknowledged_risks per charter §6 cognition rule (product value first)
- Drift-fix-default-to-match-runtime (operator-validated wave 2 option a)

Per-module process (apply 3x):
1. Branch codex/orders/phase-02-<module-id>
2. SSH audit (5 commands per module: inspect, labels, compose, env, volumes)
3. Identify drift, document in PR description
4. Write module.yaml v2 (schema-validated, <1500 tokens)
5. Write runbook.md (n8n-worker pattern: live audit table, import phase
   plan, release readiness checklist, recovery 3-tier, acknowledged risks,
   known issues with cross-module open loops)
6. Validate (jsonschema + token budget)
7. Commit + push + PR via Forgejo MCP/API (NOT gh CLI; codex service
   identity, NOT pdurlej direct)
8. Trigger 3+3 ensemble review (.sisyphus/scripts/run_review.py)

Module-specific notes:
- searx: likely tailnet-only (ts-allowlist@file pattern), verify dir name
  searx vs searxng vs both
- n8n-main: different from n8n-worker (PR #29); UI service with secrets,
  likely tailnet-only admin
- mirotalk-sfu: WebRTC SFU, UDP 40000-40100, may legitimately be public
  (vs mirotalk-admin which is tailnet-only); novel networking patterns

Hard constraints: no runtime modification, no sacred path writes, no
silent drift fixes, no auto-merge, one PR per module, codex (not claude)
service identity for git push + PR creation.

Hand-back: 3 PR URLs + per-module summary to operator. Operator owns
merge gate.

Length: 279 lines, ~3.7k tokens (fits comfortably in Codex session).

pdurlej merged commit 623c804b24 into main

2026-05-03 10:33:46 +02:00

pdurlej referenced this pull request from a commit

2026-05-03 10:33:46 +02:00

Merge pull request 'docs(prompts): Phase 02 wave 3 master prompt for Codex' (#35) from claude/orders/wave-3-master-prompt into main

pdurlej referenced this pull request from a commit

2026-05-03 11:19:48 +02:00

docs(decisions): ADR 0001 — canary 3+3 mandatory; orchestrator cadence is PM-style

pdurlej referenced this pull request

2026-05-03 11:20:12 +02:00

docs(decisions): ADR 0001 — canary 3+3 mandatory; orchestrator cadence is PM-style #41