|
| 1 | +# AGENTS.md |
| 2 | + |
| 3 | +This is the canonical repo-level agent guide for Clawdapus. `CLAUDE.md` should be a symlink to this file. |
| 4 | + |
| 5 | +## What This Repo Is |
| 6 | + |
| 7 | +Clawdapus is infrastructure-layer governance for AI agent containers. The `claw` CLI is a Go binary that treats agents as untrusted workloads: reproducible, inspectable, diffable, and killable. |
| 8 | + |
| 9 | +Core docs: |
| 10 | + |
| 11 | +- `MANIFESTO.md` — project vision |
| 12 | +- `README.md` — current user-facing CLI and examples |
| 13 | +- `docs/CLLAMA_SPEC.md` — cllama proxy contract |
| 14 | +- `docs/decisions/` — ADRs |
| 15 | +- `docs/plans/` — implementation plans and historical design notes |
| 16 | + |
| 17 | +## Trust Order |
| 18 | + |
| 19 | +There is some doc drift in the repo. When sources disagree, trust them in this order: |
| 20 | + |
| 21 | +1. Current code in `cmd/claw/` and `internal/` |
| 22 | +2. Current tests |
| 23 | +3. Examples under `examples/` |
| 24 | +4. ADRs in `docs/decisions/` |
| 25 | +5. Plans/reviews in `docs/plans/` and `docs/reviews/` |
| 26 | + |
| 27 | +Example: `TESTING.md` still talks about `e2e`, but the build tags currently in-tree are `integration` and `spike`. |
| 28 | + |
| 29 | +## Actual CLI Surface |
| 30 | + |
| 31 | +Current top-level commands are: |
| 32 | + |
| 33 | +- `claw build` |
| 34 | +- `claw up` |
| 35 | +- `claw down` |
| 36 | +- `claw ps` |
| 37 | +- `claw logs` |
| 38 | +- `claw health` |
| 39 | +- `claw inspect` |
| 40 | +- `claw doctor` |
| 41 | +- `claw init` |
| 42 | +- `claw agent add` |
| 43 | + |
| 44 | +Useful current behavior: |
| 45 | + |
| 46 | +- `claw up` writes `compose.generated.yml` next to the pod file. |
| 47 | +- If the pod contains managed `x-claw` services, `claw up` currently requires detached mode: use `claw up -d`. |
| 48 | +- `docker compose` is the sole lifecycle writer. Docker SDK usage is read-only. |
| 49 | + |
| 50 | +## Start Here |
| 51 | + |
| 52 | +If you are debugging or changing behavior, these are the main entry points: |
| 53 | + |
| 54 | +- `cmd/claw/compose_up.go` — main runtime orchestration path |
| 55 | +- `internal/pod/` — `claw-pod.yml` parsing and compose emission |
| 56 | +- `internal/clawfile/` — Clawfile parsing and Dockerfile emission |
| 57 | +- `internal/driver/` — driver registry and per-runner implementations |
| 58 | +- `internal/cllama/` — cllama context generation and wiring helpers |
| 59 | +- `internal/inspect/` — claw label parsing from images |
| 60 | +- `internal/persona/` — persona materialization |
| 61 | +- `cllama/` — proxy implementation source |
| 62 | + |
| 63 | +The best end-to-end fixtures are: |
| 64 | + |
| 65 | +- `examples/quickstart/` |
| 66 | +- `examples/trading-desk/` |
| 67 | +- `examples/rollcall/` |
| 68 | + |
| 69 | +## Current Driver Set |
| 70 | + |
| 71 | +Driver directories currently in-tree: |
| 72 | + |
| 73 | +- `internal/driver/openclaw` |
| 74 | +- `internal/driver/hermes` |
| 75 | +- `internal/driver/nanobot` |
| 76 | +- `internal/driver/nanoclaw` |
| 77 | +- `internal/driver/picoclaw` |
| 78 | +- `internal/driver/microclaw` |
| 79 | +- `internal/driver/nullclaw` |
| 80 | +- `internal/driver/shared` |
| 81 | + |
| 82 | +Do not assume older docs mentioning only a subset are current. |
| 83 | + |
| 84 | +## Runtime Model That Exists Today |
| 85 | + |
| 86 | +- A `Clawfile` is parsed and emitted into a standard Dockerfile using image labels for Clawdapus directives. |
| 87 | +- A `claw-pod.yml` is parsed from service-level `x-claw` blocks. Current parsed fields include `agent`, `persona`, `cllama`, `cllama-env`, `count`, `handles`, `include`, `surfaces`, `skills`, and `invoke`. |
| 88 | +- `count > 1` expands into ordinal-named compose services like `svc-0`, `svc-1`, etc. |
| 89 | +- cllama wiring is resolved before materialization in a two-pass `claw up` flow. |
| 90 | +- Generated runtime artifacts like `AGENTS.generated.md`, `CLAWDAPUS.md`, cllama context files, and runner configs are produced under runtime dirs during `claw up`. |
| 91 | + |
| 92 | +## Repo-Specific Gotchas |
| 93 | + |
| 94 | +- Managed services require `claw up -d` because post-apply verification is fail-closed. |
| 95 | +- Multi-proxy cllama is represented in the data model but runtime currently fails fast if more than one proxy type is declared. |
| 96 | +- Provider API keys for cllama-managed services belong in `x-claw.cllama-env`, not regular agent `environment:` blocks. |
| 97 | +- For cllama-enabled `count > 1` services, bearer tokens and context are per ordinal, not per base service. |
| 98 | +- `compose.generated.yml` and `Dockerfile.generated` are generated artifacts. Inspect them, but do not hand-edit them as source. |
| 99 | +- OpenClaw config and cron paths are mounted as directories, not single files, because the runtime performs atomic rewrites. |
| 100 | +- OpenClaw `openclaw health --json` can emit noise to stderr. The repo handles it as a stdout-first parse path. |
| 101 | + |
| 102 | +## Current Behavior Worth Knowing |
| 103 | + |
| 104 | +- `HANDLE` and channel `SURFACE` are different layers in current code. `HANDLE` is identity/bootstrap data; channel `SURFACE` is routing policy. If both are present, surface-level routing config is applied after handle defaults. |
| 105 | +- Map-form channel surfaces are still real code paths at the pod layer; `ClawBlock.Surfaces` is parsed into `[]driver.ResolvedSurface`, not raw strings. |
| 106 | +- Channel/service surface skills are generated and referenced through `CLAWDAPUS.md` plus mounted skill files. |
| 107 | +- OpenClaw cllama wiring does not write to `agents.defaults.model.baseURL/apiKey`; the schema-valid rewrite path is `models.providers.<provider>.{baseUrl,apiKey,api,models}`. |
| 108 | +- `PERSONA` is implemented as runtime materialization. Local refs are copied with traversal/symlink hardening; non-local refs are pulled as OCI artifacts. `CLAW_PERSONA_DIR` is only set when a persona is present. |
| 109 | +- `x-claw.include` contract composition is live. `enforce` and `guide` content is inlined into generated `AGENTS.md`; `reference` content is mounted as read-only skill material. |
| 110 | + |
| 111 | +## Testing Reality |
| 112 | + |
| 113 | +Current test layers: |
| 114 | + |
| 115 | +- Unit: `go test ./...` |
| 116 | +- Vet: `go vet ./...` |
| 117 | +- Integration-tagged tests: `go test -tags integration ./...` |
| 118 | +- Live/Docker spike tests: `go test -tags spike -run TestSpikeRollCall ./cmd/claw/...` or `go test -tags spike -run TestSpikeComposeUp ./cmd/claw/...` |
| 119 | + |
| 120 | +Build tags currently present in the repo: |
| 121 | + |
| 122 | +- `integration` |
| 123 | +- `spike` |
| 124 | + |
| 125 | +The spike tests are the heavy end-to-end path. They build images, run Docker, and in some cases require real Discord/provider credentials. |
| 126 | + |
| 127 | +## Practical Guidance For Agents |
| 128 | + |
| 129 | +- Prefer reading the code paths above before relying on plan documents. |
| 130 | +- When changing runtime behavior, update tests in the same area if they exist. |
| 131 | +- If a behavior is reflected in generated artifacts, inspect both the source logic and the generated output expectations in tests. |
| 132 | +- Be careful with the working tree: this repo is often mid-change, and unrelated files may already be modified. |
0 commit comments