Skip to content

feat(wfctl): plugin verify-capabilities IMPLEMENTATION (recovery for #766) (workflow#765)#769

Merged
intel352 merged 8 commits into
mainfrom
feat/765-impl-recover
May 24, 2026
Merged

feat(wfctl): plugin verify-capabilities IMPLEMENTATION (recovery for #766) (workflow#765)#769
intel352 merged 8 commits into
mainfrom
feat/765-impl-recover

Conversation

@intel352
Copy link
Copy Markdown
Contributor

@intel352 intel352 commented May 24, 2026
edited
Loading

Fix — earlier PR #766 was opened against stale remote ref

PR #766 was opened with gh pr create --head feat/765-verify-capabilities AFTER the implementer agent reported 8 commits done — but the agent's commits were LOCAL only (never pushed). gh pr create uses the existing remote ref; doesn't auto-push local changes. The remote was at ff537bfc6 (scope-lock commit, docs-only). Squash-merge faithfully collapsed the 3 docs commits that WERE on remote. The 8 implementation commits stayed local.

Session-error: didn't verify git ls-remote origin feat/765-verify-capabilities matched local HEAD before opening + admin-merging PR #766.

Impact: v0.63.1 release shipped wfctl WITHOUT the verify-capabilities subcommand. 66 release.yml wiring PRs (Layer 3b extension) reference wfctl plugin verify-capabilities --binary ... which will fail on next tag-push for each plugin (subcommand doesn't exist in the v0.63.1 binary).

What this PR ships

Cherry-picks the 8 implementation commits from local feat/765-verify-capabilities onto current main:

  • 27ec94f787497d4a2fd59fefbd847917e17b — subcommand skeleton + preflight + sentinel matrix + spawn+GetManifest+diff
  • 416c14b7c862c3d2950c51950d2 — 5 fixture scenarios + integration tests
  • 59406b9a6 — PLUGIN_RELEASE_GATES.md docs

Test plan

  • GOWORK=off go build ./... — exit 0
  • GOWORK=off go test -run TestVerifyCapabilities -count=1 -timeout 180s ./cmd/wfctl/... — all PASS (32.7s)
  • CI green

Follow-up

Tag v0.63.2 carrying the implementation. v0.63.1 retained for archive but doesn't actually contain the subcommand binary.

intel352 added 8 commits May 24, 2026 03:02
@intel352
feat(wfctl): plugin verify-capabilities subcommand skeleton (workflow…
6c6ac21 
…#765)
@intel352
feat(wfctl): verify-capabilities preflight binary-path validation (wo…
cec0f8a 
…rkflow#765)
@intel352
feat(wfctl): verify-capabilities sentinel-pattern Version diff matrix…
e0c30db 
… (workflow#765)
@intel352
feat(wfctl): wire inline spawn + direct GetManifest + Name/Version di…
d312f87 
…ff (workflow#765)
@intel352
test(wfctl): verify-capabilities fixtures (4 build-pass scenarios) (w…
16782a6 
…orkflow#765)
@intel352
test(wfctl): name-drift fixture (binary advertises mismatched Name) (…
848aa99 
…workflow#765)
@intel352
test(wfctl): verify-capabilities integration tests (5 scenarios) (wor…
361f9ef 
…kflow#765)
@intel352
docs: add Verify-Capabilities section to PLUGIN_RELEASE_GATES (workfl…
a3000a7 
…ow#765)
@codecov
Copy link
Copy Markdown

codecov Bot commented May 24, 2026

Codecov Report

❌ Patch coverage is 75.20000% with 31 lines in your changes missing coverage. Please review.

Files with missing lines Patch % Lines
cmd/wfctl/plugin_verify_capabilities.go 76.22% 16 Missing and 13 partials ⚠️
cmd/wfctl/plugin.go 33.33% 2 Missing ⚠️

📢 Thoughts on this report? Let us know!

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 24, 2026

⏱ Benchmark Results

No significant performance regressions detected.

benchstat comparison (baseline → PR) 
## benchstat: baseline → PR
baseline-bench.txt:276: parsing iteration count: invalid syntax
baseline-bench.txt:310243: parsing iteration count: invalid syntax
baseline-bench.txt:614708: parsing iteration count: invalid syntax
baseline-bench.txt:917304: parsing iteration count: invalid syntax
baseline-bench.txt:1424134: parsing iteration count: invalid syntax
baseline-bench.txt:1741040: parsing iteration count: invalid syntax
benchmark-results.txt:276: parsing iteration count: invalid syntax
benchmark-results.txt:293521: parsing iteration count: invalid syntax
benchmark-results.txt:618593: parsing iteration count: invalid syntax
benchmark-results.txt:933321: parsing iteration count: invalid syntax
benchmark-results.txt:1197832: parsing iteration count: invalid syntax
benchmark-results.txt:1521968: parsing iteration count: invalid syntax
goos: linux
goarch: amd64
pkg: github.com/GoCodeAlone/workflow/dynamic
cpu: AMD EPYC 7763 64-Core Processor                
                            │ baseline-bench.txt │       benchmark-results.txt        │
                            │       sec/op       │    sec/op     vs base              │
InterpreterCreation-4               7.399m ± 56%   7.234m ± 56%       ~ (p=0.699 n=6)
ComponentLoad-4                     3.633m ±  8%   3.683m ±  1%       ~ (p=0.485 n=6)
ComponentExecute-4                  1.960µ ±  1%   1.975µ ±  1%  +0.74% (p=0.045 n=6)
PoolContention/workers-1-4          1.111µ ±  1%   1.113µ ±  3%       ~ (p=0.660 n=6)
PoolContention/workers-2-4          1.092µ ±  2%   1.110µ ±  1%       ~ (p=0.065 n=6)
PoolContention/workers-4-4          1.088µ ±  3%   1.101µ ±  4%  +1.24% (p=0.035 n=6)
PoolContention/workers-8-4          1.085µ ±  3%   1.100µ ±  1%       ~ (p=0.058 n=6)
PoolContention/workers-16-4         1.110µ ±  4%   1.107µ ±  1%       ~ (p=0.937 n=6)
ComponentLifecycle-4                3.768m ±  0%   3.652m ±  0%  -3.10% (p=0.002 n=6)
SourceValidation-4                  2.442µ ±  1%   2.352µ ±  1%  -3.73% (p=0.002 n=6)
RegistryConcurrent-4                889.5n ±  2%   805.9n ±  3%  -9.40% (p=0.002 n=6)
LoaderLoadFromString-4              3.785m ±  1%   3.658m ±  1%  -3.35% (p=0.002 n=6)
geomean                             19.25µ         18.99µ        -1.34%

                            │ baseline-bench.txt │        benchmark-results.txt         │
                            │        B/op        │     B/op      vs base                │
InterpreterCreation-4               2.027Mi ± 0%   2.027Mi ± 0%       ~ (p=0.848 n=6)
ComponentLoad-4                     2.180Mi ± 0%   2.180Mi ± 0%       ~ (p=1.000 n=6)
ComponentExecute-4                  1.203Ki ± 0%   1.203Ki ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-1-4          1.203Ki ± 0%   1.203Ki ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-2-4          1.203Ki ± 0%   1.203Ki ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-4-4          1.203Ki ± 0%   1.203Ki ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-8-4          1.203Ki ± 0%   1.203Ki ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-16-4         1.203Ki ± 0%   1.203Ki ± 0%       ~ (p=1.000 n=6) ¹
ComponentLifecycle-4                2.183Mi ± 0%   2.183Mi ± 0%       ~ (p=0.193 n=6)
SourceValidation-4                  1.984Ki ± 0%   1.984Ki ± 0%       ~ (p=1.000 n=6) ¹
RegistryConcurrent-4                1.133Ki ± 0%   1.133Ki ± 0%       ~ (p=1.000 n=6) ¹
LoaderLoadFromString-4              2.182Mi ± 0%   2.182Mi ± 0%       ~ (p=0.939 n=6)
geomean                             15.25Ki        15.25Ki       +0.00%
¹ all samples are equal

                            │ baseline-bench.txt │        benchmark-results.txt        │
                            │     allocs/op      │  allocs/op   vs base                │
InterpreterCreation-4                15.68k ± 0%   15.68k ± 0%       ~ (p=1.000 n=6)
ComponentLoad-4                      18.02k ± 0%   18.02k ± 0%       ~ (p=1.000 n=6)
ComponentExecute-4                    25.00 ± 0%    25.00 ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-1-4            25.00 ± 0%    25.00 ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-2-4            25.00 ± 0%    25.00 ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-4-4            25.00 ± 0%    25.00 ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-8-4            25.00 ± 0%    25.00 ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-16-4           25.00 ± 0%    25.00 ± 0%       ~ (p=1.000 n=6) ¹
ComponentLifecycle-4                 18.07k ± 0%   18.07k ± 0%       ~ (p=1.000 n=6) ¹
SourceValidation-4                    32.00 ± 0%    32.00 ± 0%       ~ (p=1.000 n=6) ¹
RegistryConcurrent-4                  2.000 ± 0%    2.000 ± 0%       ~ (p=1.000 n=6) ¹
LoaderLoadFromString-4               18.06k ± 0%   18.06k ± 0%       ~ (p=1.000 n=6) ¹
geomean                               183.3         183.3       +0.00%
¹ all samples are equal

pkg: github.com/GoCodeAlone/workflow/middleware
                                  │ baseline-bench.txt │       benchmark-results.txt       │
                                  │       sec/op       │   sec/op     vs base              │
CircuitBreakerDetection-4                  291.2n ± 4%   289.7n ± 8%       ~ (p=0.513 n=6)
CircuitBreakerExecution_Success-4          21.43n ± 0%   21.33n ± 1%       ~ (p=0.087 n=6)
CircuitBreakerExecution_Failure-4          66.33n ± 0%   66.22n ± 1%       ~ (p=0.290 n=6)
geomean                                    74.52n        74.24n       -0.37%

                                  │ baseline-bench.txt │       benchmark-results.txt        │
                                  │        B/op        │    B/op     vs base                │
CircuitBreakerDetection-4                 144.0 ± 0%     144.0 ± 0%       ~ (p=1.000 n=6) ¹
CircuitBreakerExecution_Success-4         0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
CircuitBreakerExecution_Failure-4         0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
geomean                                              ²               +0.00%               ²
¹ all samples are equal
² summaries must be >0 to compute geomean

                                  │ baseline-bench.txt │       benchmark-results.txt        │
                                  │     allocs/op      │ allocs/op   vs base                │
CircuitBreakerDetection-4                 1.000 ± 0%     1.000 ± 0%       ~ (p=1.000 n=6) ¹
CircuitBreakerExecution_Success-4         0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
CircuitBreakerExecution_Failure-4         0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
geomean                                              ²               +0.00%               ²
¹ all samples are equal
² summaries must be >0 to compute geomean

pkg: github.com/GoCodeAlone/workflow/module
                                 │ baseline-bench.txt │       benchmark-results.txt        │
                                 │       sec/op       │    sec/op     vs base              │
IaCStateBackend_InProcess-4              314.2n ±  1%   311.6n ± 20%       ~ (p=0.509 n=6)
IaCStateBackend_GRPC-4                   9.570m ± 15%   9.523m ±  4%       ~ (p=0.589 n=6)
JQTransform_Simple-4                     660.4n ± 38%   675.8n ± 35%       ~ (p=0.394 n=6)
JQTransform_ObjectConstruction-4         1.516µ ±  1%   1.527µ ±  0%  +0.73% (p=0.002 n=6)
JQTransform_ArraySelect-4                3.456µ ±  0%   3.507µ ±  1%  +1.48% (p=0.002 n=6)
JQTransform_Complex-4                    38.77µ ±  1%   39.45µ ±  2%  +1.77% (p=0.002 n=6)
JQTransform_Throughput-4                 1.865µ ±  3%   1.862µ ±  1%       ~ (p=0.898 n=6)
SSEPublishDelivery-4                     63.74n ±  7%   64.15n ±  0%       ~ (p=0.065 n=6)
geomean                                  3.847µ         3.873µ        +0.67%

                                 │ baseline-bench.txt │         benchmark-results.txt         │
                                 │        B/op        │     B/op       vs base                │
IaCStateBackend_InProcess-4             416.0 ±  0%       416.0 ±  0%       ~ (p=1.000 n=6) ¹
IaCStateBackend_GRPC-4                5.912Mi ± 13%     5.775Mi ± 10%       ~ (p=0.310 n=6)
JQTransform_Simple-4                  1.273Ki ±  0%     1.273Ki ±  0%       ~ (p=1.000 n=6) ¹
JQTransform_ObjectConstruction-4      1.773Ki ±  0%     1.773Ki ±  0%       ~ (p=1.000 n=6) ¹
JQTransform_ArraySelect-4             2.625Ki ±  0%     2.625Ki ±  0%       ~ (p=1.000 n=6) ¹
JQTransform_Complex-4                 16.22Ki ±  0%     16.22Ki ±  0%       ~ (p=1.000 n=6) ¹
JQTransform_Throughput-4              1.984Ki ±  0%     1.984Ki ±  0%       ~ (p=1.000 n=6) ¹
SSEPublishDelivery-4                    0.000 ±  0%       0.000 ±  0%       ~ (p=1.000 n=6) ¹
geomean                                             ²                  -0.29%               ²
¹ all samples are equal
² summaries must be >0 to compute geomean

                                 │ baseline-bench.txt │        benchmark-results.txt        │
                                 │     allocs/op      │  allocs/op   vs base                │
IaCStateBackend_InProcess-4              2.000 ± 0%      2.000 ± 0%       ~ (p=1.000 n=6) ¹
IaCStateBackend_GRPC-4                  6.833k ± 0%     6.840k ± 0%       ~ (p=0.846 n=6)
JQTransform_Simple-4                     10.00 ± 0%      10.00 ± 0%       ~ (p=1.000 n=6) ¹
JQTransform_ObjectConstruction-4         15.00 ± 0%      15.00 ± 0%       ~ (p=1.000 n=6) ¹
JQTransform_ArraySelect-4                30.00 ± 0%      30.00 ± 0%       ~ (p=1.000 n=6) ¹
JQTransform_Complex-4                    324.0 ± 0%      324.0 ± 0%       ~ (p=1.000 n=6) ¹
JQTransform_Throughput-4                 17.00 ± 0%      17.00 ± 0%       ~ (p=1.000 n=6) ¹
SSEPublishDelivery-4                     0.000 ± 0%      0.000 ± 0%       ~ (p=1.000 n=6) ¹
geomean                                             ²                +0.01%               ²
¹ all samples are equal
² summaries must be >0 to compute geomean

pkg: github.com/GoCodeAlone/workflow/schema
                                    │ baseline-bench.txt │       benchmark-results.txt        │
                                    │       sec/op       │    sec/op     vs base              │
SchemaValidation_Simple-4                   1.106µ ± 11%   1.137µ ± 18%  +2.80% (p=0.041 n=6)
SchemaValidation_AllFields-4                1.673µ ±  2%   1.674µ ±  2%       ~ (p=0.420 n=6)
SchemaValidation_FormatValidation-4         1.590µ ±  2%   1.615µ ±  5%       ~ (p=0.162 n=6)
SchemaValidation_ManySchemas-4              1.822µ ±  3%   1.812µ ±  2%       ~ (p=0.937 n=6)
geomean                                     1.521µ         1.536µ        +0.96%

                                    │ baseline-bench.txt │       benchmark-results.txt        │
                                    │        B/op        │    B/op     vs base                │
SchemaValidation_Simple-4                   0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
SchemaValidation_AllFields-4                0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
SchemaValidation_FormatValidation-4         0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
SchemaValidation_ManySchemas-4              0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
geomean                                                ²               +0.00%               ²
¹ all samples are equal
² summaries must be >0 to compute geomean

                                    │ baseline-bench.txt │       benchmark-results.txt        │
                                    │     allocs/op      │ allocs/op   vs base                │
SchemaValidation_Simple-4                   0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
SchemaValidation_AllFields-4                0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
SchemaValidation_FormatValidation-4         0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
SchemaValidation_ManySchemas-4              0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
geomean                                                ²               +0.00%               ²
¹ all samples are equal
² summaries must be >0 to compute geomean

pkg: github.com/GoCodeAlone/workflow/store
                                   │ baseline-bench.txt │       benchmark-results.txt        │
                                   │       sec/op       │    sec/op     vs base              │
EventStoreAppend_InMemory-4                1.261µ ± 12%   1.284µ ± 15%       ~ (p=0.818 n=6)
EventStoreAppend_SQLite-4                  1.431m ±  5%   1.380m ±  8%       ~ (p=0.240 n=6)
GetTimeline_InMemory/events-10-4           13.56µ ±  3%   13.69µ ±  3%       ~ (p=0.310 n=6)
GetTimeline_InMemory/events-50-4           77.94µ ±  3%   76.87µ ±  2%       ~ (p=0.180 n=6)
GetTimeline_InMemory/events-100-4          153.1µ ± 19%   155.3µ ± 20%       ~ (p=0.485 n=6)
GetTimeline_InMemory/events-500-4          632.9µ ±  0%   639.7µ ±  1%  +1.08% (p=0.002 n=6)
GetTimeline_InMemory/events-1000-4         1.289m ±  0%   1.307m ±  2%  +1.38% (p=0.002 n=6)
GetTimeline_SQLite/events-10-4             107.1µ ±  1%   110.0µ ±  3%  +2.73% (p=0.002 n=6)
GetTimeline_SQLite/events-50-4             248.8µ ±  3%   252.9µ ±  1%       ~ (p=0.065 n=6)
GetTimeline_SQLite/events-100-4            420.4µ ±  0%   427.6µ ±  1%  +1.72% (p=0.002 n=6)
GetTimeline_SQLite/events-500-4            1.795m ±  1%   1.815m ±  2%  +1.15% (p=0.002 n=6)
GetTimeline_SQLite/events-1000-4           3.486m ±  1%   3.540m ±  1%  +1.55% (p=0.002 n=6)
geomean                                    224.8µ         226.8µ        +0.86%

                                   │ baseline-bench.txt │         benchmark-results.txt         │
                                   │        B/op        │     B/op       vs base                │
EventStoreAppend_InMemory-4                 775.0 ± 12%     789.0 ± 10%       ~ (p=0.734 n=6)
EventStoreAppend_SQLite-4                 1.985Ki ±  1%   1.986Ki ±  1%       ~ (p=0.855 n=6)
GetTimeline_InMemory/events-10-4          7.953Ki ±  0%   7.953Ki ±  0%       ~ (p=1.000 n=6) ¹
GetTimeline_InMemory/events-50-4          46.62Ki ±  0%   46.62Ki ±  0%       ~ (p=1.000 n=6) ¹
GetTimeline_InMemory/events-100-4         94.48Ki ±  0%   94.48Ki ±  0%       ~ (p=1.000 n=6) ¹
GetTimeline_InMemory/events-500-4         472.8Ki ±  0%   472.8Ki ±  0%       ~ (p=1.000 n=6)
GetTimeline_InMemory/events-1000-4        944.3Ki ±  0%   944.3Ki ±  0%       ~ (p=0.273 n=6)
GetTimeline_SQLite/events-10-4            16.74Ki ±  0%   16.74Ki ±  0%       ~ (p=1.000 n=6) ¹
GetTimeline_SQLite/events-50-4            87.14Ki ±  0%   87.14Ki ±  0%       ~ (p=1.000 n=6) ¹
GetTimeline_SQLite/events-100-4           175.4Ki ±  0%   175.4Ki ±  0%       ~ (p=1.000 n=6) ¹
GetTimeline_SQLite/events-500-4           846.1Ki ±  0%   846.1Ki ±  0%       ~ (p=0.636 n=6)
GetTimeline_SQLite/events-1000-4          1.639Mi ±  0%   1.639Mi ±  0%       ~ (p=1.000 n=6)
geomean                                   67.24Ki         67.34Ki        +0.15%
¹ all samples are equal

                                   │ baseline-bench.txt │        benchmark-results.txt        │
                                   │     allocs/op      │  allocs/op   vs base                │
EventStoreAppend_InMemory-4                  7.000 ± 0%    7.000 ± 0%       ~ (p=1.000 n=6) ¹
EventStoreAppend_SQLite-4                    53.00 ± 0%    53.00 ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_InMemory/events-10-4             125.0 ± 0%    125.0 ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_InMemory/events-50-4             653.0 ± 0%    653.0 ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_InMemory/events-100-4           1.306k ± 0%   1.306k ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_InMemory/events-500-4           6.514k ± 0%   6.514k ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_InMemory/events-1000-4          13.02k ± 0%   13.02k ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_SQLite/events-10-4               382.0 ± 0%    382.0 ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_SQLite/events-50-4              1.852k ± 0%   1.852k ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_SQLite/events-100-4             3.681k ± 0%   3.681k ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_SQLite/events-500-4             18.54k ± 0%   18.54k ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_SQLite/events-1000-4            37.29k ± 0%   37.29k ± 0%       ~ (p=1.000 n=6) ¹
geomean                                     1.162k        1.162k       +0.00%
¹ all samples are equal

Benchmarks run with go test -bench=. -benchmem -count=6.
Regressions ≥ 20% are flagged. Results compared via benchstat.

@intel352 intel352 merged commit 897fead into main May 24, 2026
22 checks passed
@intel352 intel352 deleted the feat/765-impl-recover branch May 24, 2026 07:15
intel352 added a commit that referenced this pull request May 24, 2026
@intel352
docs(plan): #767 design cycle 4 (replan against actual shipped #765 i…
cff8903 
…nline-spawn pattern)

#765 PR #769 + v0.63.2 landed since cycle 3 paused. Worktree rebased onto current main with verify-capabilities.go present. Replan: direct pbClient.GetContractRegistry(ctx, Empty) after existing GetManifest call (line 137); explicit codes.Unimplemented branch maps to empty registry. Drops cycle-3's adapter-based hypothesis (#765 ships inline-spawn, NOT adapter).
@intel352 intel352 mentioned this pull request May 24, 2026
Merged
7 tasks
intel352 added a commit that referenced this pull request May 24, 2026
@intel352
feat(sdk+wfctl): contract-diff extension for verify-capabilities (wor…
da9b4b1 
…kflow#767) (#773)

* docs(plan): verify-capabilities contract-diff extension design (workflow#767)

Adds capabilities.iacServices schema to PluginManifest + BuildContractRegistryForPlugin SDK helper + extends verify-capabilities subcommand to walk GetContractRegistry. Sweeps 4 IaC plugins. Closes deferred contract-diff from #765 cycle-3 review.

* docs(plan): #767 design cycle 2 (fix wrong namespace + cite existing helpers)

Cycle 1 FAIL: 2 Critical (workflow.iac.v1 namespace never existed on wire — actual workflow.plugin.external.iac per proto pkg decl; duplicated existing registeredIaCServices + iacServiceRequired helpers without citing). + 5 Important.

Cycle 2:
- Derive namespace prefix programmatically from pb.IaCProviderRequired_ServiceDesc.ServiceName (single source of truth keyed to .proto pkg).
- Cite + reuse registeredIaCServices (deploy_providers.go:344) + iacServiceRequired const (iac_typed_adapter.go:52).
- Directional diff (FAIL missing-from-binary; WARN extra-in-binary) per IMPORTANT-1.
- Use cached adapter.ContractRegistry() — no redundant RPC (IMPORTANT-2).
- Sweep-target SDK pin assumption explicit (IMPORTANT-4).
- IaCStateBackend orthogonality documented (IMPORTANT-5).
- Non-goal: embedded plugin.json verify (IMPORTANT-3).

* docs(plan): #767 design cycle 3 (fold cycle-2 IMPORTANT amendments)

Cycle 2 PASS with 4 Important to fold. Cycle 3:
- ContractRegistryError() check ahead of diff (surface RPC errors verbatim, no synthetic FAILs).
- iacserver.go:302 added to §Files so bridge calls BuildContractRegistryForPlugin (SDK helper not dead code for sweep targets).
- Fixture construction recipes spelled out (iac-good/iac-missing-service/iac-extra-service stub providers).
- Hard-cite #765 as sequencing prerequisite in §Assumptions.

* docs(plan): #767 contract-diff implementation plan

6 tasks, 1 PR. Pairs with cycle-3-PASS design. Task 5 is no-op acknowledgement of cycle-3 reviewer Option B (don't factor existing registeredIaCServices helper this PR).

* docs(plan): #767 design cycle 4 (replan against actual shipped #765 inline-spawn pattern)

#765 PR #769 + v0.63.2 landed since cycle 3 paused. Worktree rebased onto current main with verify-capabilities.go present. Replan: direct pbClient.GetContractRegistry(ctx, Empty) after existing GetManifest call (line 137); explicit codes.Unimplemented branch maps to empty registry. Drops cycle-3's adapter-based hypothesis (#765 ships inline-spawn, NOT adapter).

* docs(plan): #767 design cycle 4 inline amendments (Option A per reviewer)

Cycle 4 PASS with 3 Important. Apply inline:
- I-2: drop iac_contract_filter.go NEW proposal; reuse registeredIaCServices in-place (both package main)
- I-1: add git-grep audit confirming iacserver.go:302 rebinding is safe (4 existing consumers all already filter)
- I-3: reword Unimplemented branch to distinguish empty-LHS (skip) vs non-empty-LHS (FAIL on every declared) cases

* docs(plan): #767 implementation plan (post-#765-shipped, direct pbClient pattern)

5 tasks, 1 PR. Mirrors design cycle 4 PASS. Direct pbClient.GetContractRegistry after existing GetManifest call (line 131 inline-spawn pattern). Explicit codes.Unimplemented branch. Reuses #765 fixture pattern + IaCStateBackends UnmarshalJSON precedent.

* docs(plan): #767 plan cycle 2 — fix 2 critical + 2 important + 3 minor from adversarial cycle 1

Critical: registeredIaCServices→serviceNamesFromRegistry unconditional rename; commit go.sum in Task 5 fixtures. Important: client-side namespace filter (defense-in-depth); dedup test for both-top-and-nested. Minors: dead Finalize methods removed; per-task rollback notes → PR-level revert.

* docs(plan): #767 plan cycle 3 — fix 2 critical from adversarial cycle 2

C1: iac-missing-service fixture must NOT embed UnimplementedIaCProviderFinalizerServer (Unimplemented satisfies the interface via mustEmbed sentinel → SDK registers it → false PASS). C2: bash pipeline $? reads tee exit not wfctl exit — capture WFCTL_EXIT=$? before any pipe in Final verification 3b.

* docs(adr): 0042 — verify-capabilities IaC namespace derivation; cite from design + plan

Resolves alignment-check MISSING finding: design cited decisions/NNNN-verify-capabilities-iac-namespace.md but no ADR existed. ADR documents the proto-descriptor TrimSuffix single-source-of-truth pattern that Tasks 2/3/4 derive from. Design + plan both updated to cite 0042 in place of NNNN.

* chore: lock scope for #767 contract-diff (alignment passed)

* feat(plugin): add IaCServices manifest field with nested-promotion (workflow#767 Task 1)

* feat(sdk): BuildContractRegistryForPlugin namespace-filtering helper (workflow#767 Task 2)

* feat(sdk): IaC bridge GetContractRegistry filters infra services (workflow#767 Task 3)

* feat(wfctl): verify-capabilities contract-diff (directional FAIL/WARN) (workflow#767 Task 4)

* test(wfctl): 3 IaC integration fixture scenarios (workflow#767 Task 5)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@intel352