All runbooks
runbookuapiredacted view

UAPI Codex Schema And Integration Runbook

Codex-owned schema, orchestration, integration gate, and final synthesis tasks.

Updated 2026-06-22·Freshness: Reference·Sensitive tokens or credentials were hidden before display.

UAPI Codex Schema And Integration Runbook

Codex-owned schema, orchestration, integration gate, and final synthesis tasks.

Promotion Metadata

  • Source feedback id: 79
  • Source feedback ids: 79
  • Promotion request id: 14
  • Feedback category: consider
  • Feedback source: ai-lane
  • Feedback created at: 2026-06-22T16:31:04.156087+00:00
  • Target slug: [REDACTED:high-entropy]
  • Review state: review
  • Reviewer note: AI lane auto-promoted redacted feedback into internal catalog context.

Source Feedback Body

Feedback 79

  • Product: uapi
  • Category: consider
  • Related slug: [REDACTED:high-entropy]
  • Source: ai-lane
  • Created at: 2026-06-22T16:31:04.156087+00:00

title: UAPI Codex Schema And Integration Runbook project: uapi kind: runbook state: review tags: [docs, runbook, uapi, codex, schemas, integration] source_plan_title: UAPI Integrated Operating Plan v2


UAPI Codex Schema And Integration Runbook

Owner: Codex. Mission: design the heavy schemas and integration gates that let UAPI become the unified layer for auth, routing, jobs, embeddings, and evidence without blurring product boundaries.

Access contract: Endpoint: http://10.0.0.121:8080. Token: set UAI_EXPLORER_AI_API_KEY out of band. Header uses Bearer token from that variable. Never print secrets. Fetch master program control plus the main integrated UAPI plan before work.

Schema deliverables: - UnifiedIdentityPrincipal: human, AI/service, device, system role, org/project, auth method, scopes. - LoginSession and ServiceToken: one-login model across Explorer, Cortex, Beacon, UAPI, Cadence/Interpreter, and related UAI layers; include expiry, rotation, revocation, wrong-role denial. - DeviceIdentity and ServiceEndpoint: friendly route names over raw hosts; do not expose lab topology as public contract. - JobBrief, EventEnvelope, GateRecord, ResultPacket, RunRecord: lifecycle from intent to evidence, including operator gates and audit ids. - PlacementDecision: selected route, rejected routes, policy reason, capability facts, benchmark basis, fallback. - EmbeddingJob: UAPI-owned embedding placement, source context, model, chunk policy, retention, Cortex handoff boundaries. - PolicyBundle and ProviderAdapter: allowed tools, data classes, redaction, route capabilities, health checks, rate limits. - StorageCapacity: include SN850X and other storage only after hardware verification.

Integration gates: 1. Unknown routes reject with clear error and no execution. 2. Wrong-role auth tests deny human/service/device misuse. 3. PlacementDecision must cite verified hardware, benchmark, or policy evidence. 4. Explorer packets must include audit_event_id, server-side redaction, raw_available_to_client=false. 5. Cross-agent contradictions from Grok/GLM must be resolved before merge.

Codex diary fields: schema touched, upstream/downstream contracts, tests added, audit ids, unresolved questions, next merge target.

Codex prompt starter: You are Codex for UAPI schema and integration. Use Explorer source of truth, fetch required contexts, then draft schemas and tests. Do not implement hardware claims without Grok evidence. Do not merge Interpreter claims without GLM evidence. Produce concise Explorer feedback or context-ready docs with no secrets.