charles/claude-hooks
1
0
Fork 0
Code Issues 10 Pull requests Projects Releases Packages 1 Wiki Activity Actions

Flows YAML — defaults, JSON Schema pipeline, REST CRUD + SSE #1076

New issue
Closed
opened 2026-05-10 15:42:51 +00:00 by claude-desktop · 1 comment
claude-desktop commented 2026-05-10 15:42:51 +00:00
Collaborator
Copy link

User story

As an operator, I want the 9 default flows shipped on disk, a JSON Schema generated from Zod that drives both server validation and editor autocomplete, and a complete REST surface (with SSE change broadcast) so that the dashboard can manage flows without ssh-ing into the host.

Acceptance criteria

Default YAML files (flows/defaults/)

  • pr-opened.yml, review-requested.yml, issue-opened.yml, issue-labeled.yml, issue-assigned.yml, issue-unassigned.yml, issue-closed.yml, pr-merged.yml, breakdown-comment.yml.
  • Each file passes flows.schema.json validation; references only registered ops.
  • Side-effect parity with the legacy JSON node engine on recorded fixtures (asserted by shadow-mode diff in Migration ticket).
  • Per-default fixture-replay test under flows/defaults/__tests__/.

Zod → JSON Schema pipeline

  • Zod schemas in apps/server/src/domain/flows-yaml/schema.ts cover FlowFile, TriggerKind, every op's argsSchema (discriminated on uses), expression types.
  • Each Zod field has .describe() (becomes JSON Schema description and Monaco hover text).
  • Build script apps/server/scripts/generate-flow-schema.ts runs zod-to-json-schema; output committed to apps/web/public/schemas/flows.schema.json.
  • Expression-string fields tagged format: "flow-expression".
  • just qa regenerates and fails if committed file stale; web build runs generator before bundling.
  • POST/PUT re-parse with Zod (authoritative); JSON Schema mismatch → 422.
  • Snapshot test of generated schema; round-trip test that each default *.yml validates.

REST CRUD endpoints (apps/server/src/http/flows-yaml-routes.ts)

  • GET /flows — list {name, source, trigger_summary, enabled, mtime}.
  • GET /flows/:name — raw YAML + parsed metadata + last-run summary.
  • POST /flows — create under flows/custom/; 409 if name exists.
  • PUT /flows/:name — body includes expected_mtime; mismatch → 409 with current contents.
  • DELETE /flows/:name — 409 if source: "default"; otherwise remove file.
  • POST /flows/:name/disable — toggle enabled: false overlay (flows/custom/.disabled.json).
  • POST /flows/:name/dry-run — synthetic event input, per-step trace, no side effects, no flow_runs row.
  • POST /flows/reload — full re-scan.
  • GET /flows/runs (paginated) and GET /flows/runs/:id.
  • GET /schemas/flows.schema.json served from apps/web/public/schemas/.

Default-fork behavior

  • PUT on a source: "default" flow writes a copy to flows/custom/<name>.yml; custom version then served.
  • DELETE on a custom-shadowed default removes the custom file (resets to factory).

SSE

  • flow.changed { name, source, mtime } broadcast on every fs-watcher event and successful CRUD write.
  • All open editors receive it; client decides whether to refresh.

Auth + audit

  • All endpoints gated by existing dashboard auth.
  • Each write logs operator id + diff summary to existing audit log.

Tests

  • CRUD round-trip; mtime conflict; default-fork; default-delete-resets.
  • Dry-run produces deterministic trace and writes nothing to flow_runs.

Out of scope

  • Engine internals (covered by Engine+Ops ticket).
  • Editor UI (covered by Editor UI ticket).
  • Git commit-and-push button (deferred; spec §10.3.7).

References

  • Spec: docs/specs/flows-yaml.md §3, §10.3.2, §10.3.5, §10.3.7, §11 Phase 1 step 3.
  • Replaces: apps/server/src/http/flows-routes.ts:43–76 seed list.
## User story As an operator, I want the 9 default flows shipped on disk, a JSON Schema generated from Zod that drives both server validation and editor autocomplete, and a complete REST surface (with SSE change broadcast) so that the dashboard can manage flows without ssh-ing into the host. ## Acceptance criteria ### Default YAML files (`flows/defaults/`) - [ ] `pr-opened.yml`, `review-requested.yml`, `issue-opened.yml`, `issue-labeled.yml`, `issue-assigned.yml`, `issue-unassigned.yml`, `issue-closed.yml`, `pr-merged.yml`, `breakdown-comment.yml`. - [ ] Each file passes `flows.schema.json` validation; references only registered ops. - [ ] Side-effect parity with the legacy JSON node engine on recorded fixtures (asserted by shadow-mode diff in Migration ticket). - [ ] Per-default fixture-replay test under `flows/defaults/__tests__/`. ### Zod → JSON Schema pipeline - [ ] Zod schemas in `apps/server/src/domain/flows-yaml/schema.ts` cover `FlowFile`, `TriggerKind`, every op's `argsSchema` (discriminated on `uses`), expression types. - [ ] Each Zod field has `.describe()` (becomes JSON Schema `description` and Monaco hover text). - [ ] Build script `apps/server/scripts/generate-flow-schema.ts` runs `zod-to-json-schema`; output committed to `apps/web/public/schemas/flows.schema.json`. - [ ] Expression-string fields tagged `format: "flow-expression"`. - [ ] `just qa` regenerates and fails if committed file stale; web build runs generator before bundling. - [ ] `POST`/`PUT` re-parse with Zod (authoritative); JSON Schema mismatch → 422. - [ ] Snapshot test of generated schema; round-trip test that each default `*.yml` validates. ### REST CRUD endpoints (`apps/server/src/http/flows-yaml-routes.ts`) - [ ] `GET /flows` — list `{name, source, trigger_summary, enabled, mtime}`. - [ ] `GET /flows/:name` — raw YAML + parsed metadata + last-run summary. - [ ] `POST /flows` — create under `flows/custom/`; 409 if name exists. - [ ] `PUT /flows/:name` — body includes `expected_mtime`; mismatch → 409 with current contents. - [ ] `DELETE /flows/:name` — 409 if `source: "default"`; otherwise remove file. - [ ] `POST /flows/:name/disable` — toggle `enabled: false` overlay (`flows/custom/.disabled.json`). - [ ] `POST /flows/:name/dry-run` — synthetic event input, per-step trace, no side effects, no `flow_runs` row. - [ ] `POST /flows/reload` — full re-scan. - [ ] `GET /flows/runs` (paginated) and `GET /flows/runs/:id`. - [ ] `GET /schemas/flows.schema.json` served from `apps/web/public/schemas/`. ### Default-fork behavior - [ ] `PUT` on a `source: "default"` flow writes a copy to `flows/custom/<name>.yml`; custom version then served. - [ ] `DELETE` on a custom-shadowed default removes the custom file (resets to factory). ### SSE - [ ] `flow.changed { name, source, mtime }` broadcast on every fs-watcher event and successful CRUD write. - [ ] All open editors receive it; client decides whether to refresh. ### Auth + audit - [ ] All endpoints gated by existing dashboard auth. - [ ] Each write logs operator id + diff summary to existing audit log. ### Tests - [ ] CRUD round-trip; mtime conflict; default-fork; default-delete-resets. - [ ] Dry-run produces deterministic trace and writes nothing to `flow_runs`. ## Out of scope - Engine internals (covered by Engine+Ops ticket). - Editor UI (covered by Editor UI ticket). - Git commit-and-push button (deferred; spec §10.3.7). ## References - Spec: `docs/specs/flows-yaml.md` §3, §10.3.2, §10.3.5, §10.3.7, §11 Phase 1 step 3. - Replaces: `apps/server/src/http/flows-routes.ts:43–76` seed list.
claude-desktop commented 2026-05-10 17:48:47 +00:00
Author
Collaborator
Copy link

Inherited acceptance criteria from #1075

The engine PR (#1079) ships every #1075 acceptance criterion except the disk-loader's reload endpoint. That work belongs here:

  • POST /flows/reload — returns { loaded: number, errors: { file, error }[] }. Wraps FlowRegistry.reload() (already implemented in apps/server/src/domain/flows-yaml/loader.ts). Gated by existing dashboard auth. Ties #1075's loader/file-watcher AC closed once shipped here.

This is consistent with the original §10.3.5 surface listed in this ticket — flagged so the cross-issue link is explicit and #1075 can close as a single coherent shipment.

## Inherited acceptance criteria from #1075 The engine PR (#1079) ships every #1075 acceptance criterion **except** the disk-loader's reload endpoint. That work belongs here: - [ ] `POST /flows/reload` — returns `{ loaded: number, errors: { file, error }[] }`. Wraps `FlowRegistry.reload()` (already implemented in `apps/server/src/domain/flows-yaml/loader.ts`). Gated by existing dashboard auth. Ties #1075's loader/file-watcher AC closed once shipped here. This is consistent with the original §10.3.5 surface listed in this ticket — flagged so the cross-issue link is explicit and #1075 can close as a single coherent shipment.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
chore/sync-pre-push-from-forge-base
fix/flows-yaml-dispatch-identity
feat/board-tap-to-assign
dev/1107
code-lead/1106
code-lead/1108
dev/1104
code-lead/1103
code-lead/1080
dev/1087
feat/flows-yaml-ci-events
chore/board-drop-stalled-and-density-controls
fix/flows-yaml-routes-always-register
flows-yaml/api-defaults
dev/1023
fix/event-log-history-bleed
fix/janitor-fix-ci-logs-and-cap
dev/1022
fix/board-card-provider
code-lead/1036
dev/1025
code-lead/1020
dev/1017
code-lead/1026
feat/web-shortcut-registry-1018
dev/1015
code-lead/1009
code-lead/1008
dev/975
dev/969
dev/973
dev/967
code-lead/968
code-lead/953
dev/970
dev/976
code-lead/966
code-lead/956
code-lead/951
dev/962
dev/963
dev/977
dev/955
dev/983
dev/961
dev/974
code-lead/950
code-lead/939
dev/941
dev/940
dev/937
dev/938
dev/936
dev/935
feat/web-i18n-fr-locale
feat/spec-editor-ui-polish
chore/drop-legacy-compat
fix/skills-drop-preview-pane
fix/882-skills-safety-rail
dev/911
dev/909
dev/923
dev/917
dev/915
feat/879-sr11-m2-drop-legacy-skill
code-lead/873
dev/881
code-lead/869
dev/867
code-lead/845
code-lead/843
code-lead/844
dev/837
dev/861
dev/849
code-lead/837
code-lead/842
fix/dedup-rebase-inflight
dev/838
code-lead/847
dev/833
code-lead/848
pr/838
code-lead/841
feat/settings-save-bar/836
code-lead/840
dev/846
code-lead/839
dev/832
fix/board-sse-stale-cache
dev/834
dev/835
feat/settings-breadcrumbs
feat/forge-oauth-credentials
refactor/service-config-consolidation
feat/agent-tokens-to-secrets
feat/gitlab-oauth-to-db
feat/authelia-rip-and-voice-fixes
fix/rebase-storm-and-dead-letter
code-lead/797
code-lead/796
dev/811
code-lead/798
dev/810
code-lead/795
dev/808
code-lead/794
dev/805
dev/802
dev/803
feat/avatar-menu-settings-entry
feat/per-agent-token-tracking
dev/793
dev/747
dev/752
code-lead/790
code-lead/759
dev/756
dev/760
dev/741
dev/767
dev/740
dev/709
dev/644
dev/637
boss/614
dev/600
dev/611
dev/585
fix/login-bonus-fixes
boss/544
dev/542
refactor/api-prefix-and-session-gate
dev/489
boss/531
boss/518
dev/499
boss/516
dev/530
dev/517
dev/519
dev/515
dev/522
dev/503
dev/471
boss/329
dev/417
dev/418
dev/402
boss/327
dev/334
dev/332
boss/326
boss/325
dev/331
boss/324
boss/323
boss/322
dev/294
test/s11-task-analytics
dev/262
boss/270
dev/268
foreman/ui-consolidation-spec
dev/234
boss/196
boss/176
boss/164
fix/124-session-persist-bind
boss/52
dev/87
boss/73
dev/77
dev/81
dev/82
boss/79
dev/42
dev/35
boss/7
No results found.
Labels
Clear labels   
area:agents
Agent types, pool scheduling, per-instance config

  
area:dashboard
Dashboard UI and observability surfaces

  
area:database
DB layer — schema, migrations, ORM, raw SQL

  
area:design
UI/UX mockup work — routes to designer agent

  
area:design-review
Design review dispatch — routes to design-reviewer agent

  
area:flows
Flow runner — YAML loader, executor, op registry, expression eval

  
area:infra
Deployment, isolation, containers, systemd units

  
area:meta
Tracking, scaffolding, project setup

  
area:security
Security — routes to reviewer-security (opus)

  
area:sessions
Session-id store, Claude SDK resume logic

  
area:webhook
Forgejo webhook routing and handlers

  
area:workdir
Clone cache, worktrees, git identity

  
security
Security-sensitive issue

  
type:bug
Bug

  
type:chore
Chore

  
type:meta
Tracking or decisions, not implementation work

  
type:user-story
User story

No labels
area:agents
area:dashboard
area:database
area:design
area:design-review
area:flows
area:infra
area:meta
area:security
area:sessions
area:webhook
area:workdir
security
type:bug
type:chore
type:meta
type:user-story
Milestone
Clear milestone
No items
No milestone
Flows YAML
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
charles/claude-hooks#1076
No description provided.