| 001 |
Ephemeral containers + persistent workspace volumes |
@tomkis |
| 002 |
Memory — platform provides primitives, agents own semantics |
@tomkis |
| 003 |
Kubernetes from the start — k3s for local dev, K8s for production |
@jezekra1 |
| 004 |
ACP over A2A for the experiment |
@tomkis |
| 005 |
Gateway pattern for credentials — agent never sees tokens |
@pilartomas |
| 006 |
ConfigMaps over CRDs — namespace-scoped resource model |
@jezekra1 |
| 007 |
ACP traffic always proxied through the API Server |
@tomkis |
| 008 |
Controller-owned cron with exec-based trigger delivery |
@jezekra1 |
| 009 |
Go for Controller, TypeScript for API Server |
@jezekra1 |
| 010 |
OneCLI deployment — single image, two Services |
@pilartomas |
| 011 |
Skills via Claude plugin marketplace — superseded by ADR-030 |
@pilartomas |
| 012 |
Runtime lifetime — single-use Jobs |
@JanPokorny |
| 013 |
UI approach — chat-primary, dashboard for inspection |
@PetrBulanek |
| 014 |
E2E integration testing against dedicated k3s cluster |
@tomkis |
| 015 |
Multi-user auth via Keycloak + OneCLI fork with token exchange |
@tomkis |
| 016 |
Messenger integration handled by API Server |
@tomkis |
| 017 |
DB-backed ACP sessions for metadata |
@tomkis |
| 018 |
Slack integration — Socket Mode, channel-based routing, identity linking |
@tomkis |
| 019 |
Scheduled session identity and lifecycle |
@janjeliga |
| 020 |
Responsive mobile UI, ACP session controls, PWA |
@jezekra1 |
| 021 |
Slack outbound messaging — MCP tool with per-agent token auth |
@tomkis |
| 022 |
Harness API server — separate port with restricted API surface |
@tomkis |
| 023 |
Harness-agnostic agent base image (humr-base + AGENT_COMMAND) |
@tomas |
| 024 |
Connector-declared pod envs + per-agent env overrides |
@tomas |
| 025 |
Persistent ACP session per Slack thread |
@tomkis |
| 026 |
Persistent ACP sessions via per-session log and cursor fan-out |
@jezekra1 |
| 027 |
Slack per-turn user impersonation — foreign repliers fork the instance into a K8s Job |
@tomkis |
| 028 |
Configurable injection on generic secrets (host/path + custom header) |
@tomas2d |
| 029 |
Per-instance messenger channels — secrets in k8s Secrets, per-thread authorization |
@pilartomas |
| 030 |
Skills — connectable sources and install |
@PetrBulanek |
| 031 |
Schedules use RRULE for includes and structured quiet hours for exclusions |
@jezekra1 |
| 032 |
Centralized pod-reachability primitive; observed pod Ready is the truth |
@janjeliga |
| 033 |
Envoy-based credential gateway with ext_authz HITL — drop OneCLI |
@pilartomas |