docs(rfc): RFC-007 + RFC-008 — the config architecture pair (operator layer; deprecate omnigraph.yaml)#195
Merged
Merged
Conversation
Terraform-style operator/project split: ~/.omnigraph/config.yaml for identity (operator.actor in the --as cascade), credentials keyed by server name (env -> 0600 credentials file; no inline secrets), and operator-owned named servers that project configs reference but cannot redefine. Explicitly a staged subset of RFC-002: adopts its settled decisions (one dir, keyed credentials, env precedence), defers GraphLocator/use/state-layer, and encodes the ten confirmed PR #139 findings as design rules (compat shims, key-level merges, atomic writes, the project-layer trust boundary). Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
There was a problem hiding this comment.
aaltshuler has reached the 50-review limit for trial accounts. To continue receiving code reviews, upgrade your plan.
… surface The file is three unrelated concerns wearing one filename — server deployment config, project/CLI conveniences, operator identity — and the mixture is the root cause of a recurring problem class (per-operator copies of project files, checkout-supplied credential redirection, init scaffold pollution). End state: two single-owner surfaces — cluster config (team, repo) and operator config (person, $HOME) — plus the zero-config flags/env tier. Complete key-by-key migration map over the verified OmnigraphConfig surface; staged retirement per the repo's Hyrum rules (warn with per-key guidance -> `config migrate` tool -> stop scaffolding -> opt-in strict -> removal at the next major). RFC-007's project-layer framing is amended to transitional accordingly. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
aaltshuler
changed the title
RFC-007 now speaks the end-state language throughout: the operator surface is one half of the two-surface split (cluster config / operator config), not a layer over a living omnigraph.yaml. The precedence cascade drops the project layer (cluster config carries no operator-resolvable keys — a checkout can never supply identity); legacy omnigraph.yaml appears only as the RFC-008 deprecation-window slot. The trust boundary is restated as closed-by-construction in the end state, with the rules governing the window. PR 3 becomes operator targeting (--server + operator aliases — the replacement RFC-008 needs before legacy aliases migrate), and the schema example gains the aliases block. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
There was a problem hiding this comment.
aaltshuler has reached the 50-review limit for trial accounts. To continue receiving code reviews, upgrade your plan.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Design only — no code. Two RFCs that together restore single-ownership config:
RFC-007 — per-operator config (the operator slice of RFC-002)
~/.omnigraph/config.yaml: operator identity (operator.actorjoins the--ascascade), credentials keyed by server name (OMNIGRAPH_TOKEN_<NAME>→ 0600 credentials file → legacy mechanisms unchanged), operator-owned named servers. Adopts RFC-002's settled decisions; defersGraphLocator/use/State-layer; encodes the ten confirmed #139 findings as design rules (compat shims, key-level merges, atomic writes, the project-layer trust boundary). Walk-up rejected (Terraform-aligned). Three independently-landable PRs.RFC-008 — deprecate
omnigraph.yamlThe file is three concerns in one: server deployment config (superseded by cluster boot), project/CLI conveniences (better homes in the cluster catalog and operator config), and operator identity (never belonged there). End state: two single-owner surfaces — cluster config (team/repo) + operator config (person/$HOME) — plus the zero-config flags/env tier, which needs no file at all.
OmnigraphConfigsurface (12 keys, each with its destination — including the two defended placements: aliases are operator config; multi-graph-without-control-plane migrates to a minimalfile://cluster).omnigraph config migrate(the map's completeness test) →initstops scaffolding → opt-in strict env → removal at the next major.OmnigraphConfigpath, the dual query-registry loaders, the yaml-mode server boot source, and the Omnigraph Config v2 #139 checkout-hijack surface.RFC-007's "project layer" framing is amended to transitional; sequencing couples them (operator layer lands first — it's what keys migrate to).
🤖 Generated with Claude Code