feat(agents): install manifest endpoint + slug-based install#362
Merged
Conversation
|
You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard. |
Member
Author
|
Heads up: per docs/plans/world-model.md (on The manifest endpoint itself may still be worth keeping for unauthenticated landing-page rendering, just sourced from data rather than env. |
3 tasks
buremba
force-pushed
the
feat/install-identity-provisioning
branch
from
a190663 to
e5b755e
Compare
Replaces the env-var leak in the previous landing-page approach. The
frontend now talks slugs only; the backend does all internal-ID
resolution.
GET /api/install/manifest/:slug
→ { slug, name, description, botPhone, templateAgentId }
POST /api/install
body now accepts { slug } in addition to { templateAgentId }
Resolution rules:
- Slug equals the template org's slug. We pick the canonical template
agent in that org (the one with template_agent_id IS NULL — i.e.
not itself an installed instance).
- botPhone comes from a per-slug server env var (e.g.
PERSONAL_FINANCE_BOT_PHONE). Stripped to bare digits in the
response so the landing page can plug it straight into wa.me/<digits>.
Returns null when unset; the page falls back to a "message the bot"
instruction.
Public, no auth — manifests are marketing data. The actual install
still requires a signed-in session.
This kills the build-time VITE_PERSONAL_FINANCE_TEMPLATE_AGENT_ID and
VITE_PERSONAL_FINANCE_BOT_PHONE env-var leaks: the frontend bundle no
longer carries any agent-specific config. Adding a new productized
template (calendar, journal, …) is now: (1) seed the org + canonical
template agent, (2) add one server env var if you want a bot phone,
(3) link to /install/<new-slug>.
buremba
force-pushed
the
feat/install-manifest
branch
from
bfbfacb to
c1fba08
Compare
This was referenced Apr 26, 2026
buremba
added a commit
that referenced
this pull request
Apr 26, 2026
, #359 install-half) (#372) The install flow as built — schema-mirror clones a template's entity types / relationship types / classifiers / watchers into each user's personal org — was the wrong abstraction. Cross-org vocabulary (an entity in tenant org A referencing a type defined in a public-catalog org B by FK) is the planned direction; the mirror pipeline duplicated rows per user and added re-sync complexity for no working installs (verified 0 rows used the mirror columns in prod). Removed: - packages/owletto-backend/src/agents/install.ts (installAgentFromTemplate, resyncInstalledAgent) - packages/owletto-backend/src/agents/install-routes.ts (POST /api/install) - packages/owletto-backend/src/agents/install-manifest-routes.ts (GET /api/install/manifest/:slug) - All associated integration tests - subject-identities WhatsApp helpers (normalizePhoneE164, phoneToWhatsAppJid, linkWhatsAppToMember) + their unit tests - db/migrations/20260425120000_add_template_mirror_tracking.sql (rolled back on prod first) - Route registrations from src/index.ts Kept: - subject-identities.ts provisionMemberAndCoreIdentities — used by the signup hook in personal-org-provisioning.ts, orthogonal to install flow. - #352 personal-org-on-signup, #350/#354/#355/#356 personal-finance content — no install dependencies. DB state: prod migrated down via dbmate (mirror columns dropped), then 20260426120000_entities_entity_type_fk re-applied. 0 user-visible data lost.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Replaces the env-var leak in the closed PRs (#361 + lobu-ai/owletto-web#19). Frontend now talks slugs only; the backend resolves internal IDs.
```
GET /api/install/manifest/:slug
→ { slug, name, description, botPhone, templateAgentId }
POST /api/install
body now accepts { slug } in addition to { templateAgentId }
```
Resolution
Public, no auth — manifests are marketing data. The install POST still requires a session.
What this kills
Net change against the closed work: drop ~430 LOC, replace 1 page, same product.
Adding a new productized template is now:
Stacked on
`feat/install-identity-provisioning` (#359).
Test plan