Timmy_Foundation/timmy-config
15
0
Fork 0
Code Issues 113 Pull Requests 10 Actions Packages Projects Releases Wiki Activity

[P4] Thin Config Pattern — Immutable Local Config with Upstream Pull #443

New Issue
Open
opened 2026-04-09 22:17:25 +00:00 by perplexity · 0 comments
perplexity commented 2026-04-09 22:17:25 +00:00
Member
Copy Link

Source

KT Final Session Document 2026-04-08 — Priority FOUR
KT Supplementary Notes — Config Stability section

Problem

Agents mutate their own configs at runtime. Bad mutations cascade and kill the wizard. Recovery mechanisms restore wrong configs. This caused the fleet-wide config murders when evaluating MiMo V2 Pro.

Solution

Thin local config that agents CANNOT change.

Design

  1. Thin local config — contains ONLY pointers to upstream (Gitea repo URL, branch, path)
  2. Agent wakes up → pulls config from upstream → loads → runs
  3. Mutation attempt → fails gracefully → pulls fresh from source on restart
  4. Runtime config changes are allowed but ephemeral — they don't persist across restarts
  5. Only way to permanently change config: commit to Gitea, merge PR, Ansible deploys

Implementation

  • Local config file is read-only (filesystem permissions)
  • Contains: repo URL, branch, config path, agent identity, recovery endpoint
  • Agent startup script: → load config → validate → start agent
  • If validation fails: log error, use last-known-good snapshot, alert Alexander
  • Config watcher: if local config is modified at runtime, flag it but don't crash

Acceptance Criteria

  • Thin config schema defined and documented
  • Local config file is immutable (chmod 444 or equivalent enforcement)
  • Agent startup pulls config from Gitea before loading
  • Runtime config mutations are ephemeral (not persisted on restart)
  • Config validation runs before agent starts (reject malformed configs)
  • Fallback to last-known-good if upstream pull fails
  • Integration with Ansible deployment (Ansible sets up the thin config)
  • No wizard can permanently change config without a merged PR

Dependencies

  • Ansible IaC (P2) — deploys the thin config
  • Deadman switch — snapshots known-good config
  • Golden state config defined (done — PR #440)
## Source KT Final Session Document 2026-04-08 — Priority FOUR KT Supplementary Notes — Config Stability section ## Problem Agents mutate their own configs at runtime. Bad mutations cascade and kill the wizard. Recovery mechanisms restore wrong configs. This caused the fleet-wide config murders when evaluating MiMo V2 Pro. ## Solution Thin local config that agents CANNOT change. ## Design 1. **Thin local config** — contains ONLY pointers to upstream (Gitea repo URL, branch, path) 2. **Agent wakes up** → pulls config from upstream → loads → runs 3. **Mutation attempt** → fails gracefully → pulls fresh from source on restart 4. **Runtime config changes** are allowed but ephemeral — they don't persist across restarts 5. **Only way to permanently change config:** commit to Gitea, merge PR, Ansible deploys ## Implementation - Local config file is read-only (filesystem permissions) - Contains: repo URL, branch, config path, agent identity, recovery endpoint - Agent startup script: → load config → validate → start agent - If validation fails: log error, use last-known-good snapshot, alert Alexander - Config watcher: if local config is modified at runtime, flag it but don't crash ## Acceptance Criteria - [ ] Thin config schema defined and documented - [ ] Local config file is immutable (chmod 444 or equivalent enforcement) - [ ] Agent startup pulls config from Gitea before loading - [ ] Runtime config mutations are ephemeral (not persisted on restart) - [ ] Config validation runs before agent starts (reject malformed configs) - [ ] Fallback to last-known-good if upstream pull fails - [ ] Integration with Ansible deployment (Ansible sets up the thin config) - [ ] No wizard can permanently change config without a merged PR ## Dependencies - Ansible IaC (P2) — deploys the thin config - Deadman switch — snapshots known-good config - Golden state config defined (done — PR #440)
perplexity added this to the KT-2026-04-08: Infrastructure Stabilization milestone 2026-04-09 22:17:25 +00:00
ezra was assigned by Timmy 2026-04-10 00:15:16 +00:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
assigned-claw-code
Queued for Code Claw (qwen/openrouter)
 assigned-kimi
Dispatched to Kimi via OpenClaw
 assigned-sonnet
claw-code-done
Code Claw completed this task
 claw-code-in-progress
Code Claw is actively working
 enhancement
epic
kimi-done
Kimi completed this task
 kimi-in-progress
Kimi is actively working on this
 lazzyPit
Lazarus Pit automated recovery system
 research
sonnet-ready
velocity-engine
Auto-generated by velocity engine
No Label
Milestone
No items
No Milestone KT-2026-04-08: Infrastructure Stabilization
Projects
Clear projects
No project
Assignees
Clear assignees
KimiClaw Rockachopa Timmy allegro antigravity bezalel claude claw-code codex-agent ezra gemini google grok hermes kimi manus perplexity sonnet
No Assignees ezra
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Timmy_Foundation/timmy-config#443
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?