Generalize the focus controller into a harness hosting swappable modes

Loosen AntiDrift's session controller into Keel's general collect→brain→act
loop. A new internal/harness runs at most one mode.Mode at a time, fanning
async completions out to the web SSE and status-bar surfaces.

- internal/mode: the Mode contract (Kind/Command/View/Active) plus optional
  EvidenceConsumer and Expirer ports, and the surfacing Envelope.
- internal/mode/focus: the former session/domain/statemachine packages moved
  under the mode, now satisfying the harness contracts unchanged.
- internal/mode/offscreen: a one-shot away-from-desk mode built on the new
  ai.Proposer, which turns a life-domain brief into one off-screen action.
- cmd/keeld replaces cmd/antidriftd; daemon wires focus + offscreen factories
  with per-mode persistence under ~/.keel/modes/<kind>.
- Finish the rename: KEEL_* env refs in the README, /keeld build artifact
  ignored, stale antidriftd binary removed.

Include the design + implementation plan this refactor was built from under
docs/superpowers/{specs,plans}/2026-06-04-controller-refactor*.md.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
2026-06-05 18:00:49 -04:00
parent 258de2c14b
commit 7d69a1f320
57 changed files with 4069 additions and 627 deletions
+127
View File
@@ -0,0 +1,127 @@
// Package domain holds the core commitment types and validation. These are
// pure data types with no I/O.
package domain
import (
"errors"
"strings"
"time"
"github.com/google/uuid"
)
const PolicySchemaVersion = 1
type CommitmentSource string
const (
SourceManual CommitmentSource = "manual"
SourcePlanner CommitmentSource = "planner"
SourceRecurring CommitmentSource = "recurring"
SourceRecovery CommitmentSource = "recovery"
SourceTemplate CommitmentSource = "template"
)
type CommitmentState string
const (
CommitmentDraft CommitmentState = "draft"
CommitmentActive CommitmentState = "active"
CommitmentPaused CommitmentState = "paused"
CommitmentCompleted CommitmentState = "completed"
CommitmentAbandoned CommitmentState = "abandoned"
CommitmentViolated CommitmentState = "violated"
)
type RuntimeState string
const (
RuntimeLocked RuntimeState = "locked"
RuntimePlanning RuntimeState = "planning"
RuntimeActive RuntimeState = "active"
RuntimeTransition RuntimeState = "transition"
RuntimeReview RuntimeState = "review"
RuntimeAdminOverride RuntimeState = "admin_override"
)
type EnforcementLevel string
const (
EnforcementObserve EnforcementLevel = "observe"
EnforcementWarn EnforcementLevel = "warn"
EnforcementBlock EnforcementLevel = "block"
EnforcementLocked EnforcementLevel = "locked"
)
// AllowedContext is carried by PolicySnapshot. Matching logic arrives in a
// later milestone; M0 only stores it.
type AllowedContext struct {
WindowClasses []string `json:"window_classes"`
WindowTitleSubstrings []string `json:"window_title_substrings"`
Domains []string `json:"domains"`
Repos []string `json:"repos"`
Commands []string `json:"commands"`
}
type Commitment struct {
ID string `json:"id"`
CreatedAtUnixSecs int64 `json:"created_at_unix_secs"`
Source CommitmentSource `json:"source"`
NextAction string `json:"next_action"`
SuccessCondition string `json:"success_condition"`
TimeboxSecs int64 `json:"timebox_secs"`
State CommitmentState `json:"state"`
}
type PolicySnapshot struct {
ID string `json:"id"`
CommitmentID string `json:"commitment_id"`
SchemaVersion int `json:"schema_version"`
CreatedAtUnixSecs int64 `json:"created_at_unix_secs"`
RuntimeState RuntimeState `json:"runtime_state"`
EnforcementLevel EnforcementLevel `json:"enforcement_level"`
AllowedContext AllowedContext `json:"allowed_context"`
}
var (
ErrMissingNextAction = errors.New("next action is required")
ErrMissingSuccessCondition = errors.New("success condition is required")
ErrMissingTimebox = errors.New("timebox must be nonzero")
)
// NewManual builds a validated draft commitment from user input.
func NewManual(nextAction, successCondition string, timebox time.Duration) (Commitment, error) {
nextAction = strings.TrimSpace(nextAction)
successCondition = strings.TrimSpace(successCondition)
if nextAction == "" {
return Commitment{}, ErrMissingNextAction
}
if successCondition == "" {
return Commitment{}, ErrMissingSuccessCondition
}
if timebox < time.Second {
return Commitment{}, ErrMissingTimebox
}
return Commitment{
ID: "commitment-" + uuid.Must(uuid.NewV7()).String(),
CreatedAtUnixSecs: time.Now().Unix(),
Source: SourceManual,
NextAction: nextAction,
SuccessCondition: successCondition,
TimeboxSecs: int64(timebox.Seconds()),
State: CommitmentDraft,
}, nil
}
// ForRuntime builds a minimal accepted policy snapshot for a commitment.
func ForRuntime(commitmentID string, runtime RuntimeState, level EnforcementLevel) PolicySnapshot {
return PolicySnapshot{
ID: "policy-" + uuid.Must(uuid.NewV7()).String(),
CommitmentID: commitmentID,
SchemaVersion: PolicySchemaVersion,
CreatedAtUnixSecs: time.Now().Unix(),
RuntimeState: runtime,
EnforcementLevel: level,
AllowedContext: AllowedContext{},
}
}
+95
View File
@@ -0,0 +1,95 @@
package domain
import (
"encoding/json"
"strings"
"testing"
"time"
)
func TestNewManualRejectsEmptyNextAction(t *testing.T) {
_, err := NewManual("", "tests pass", 25*time.Minute)
if err != ErrMissingNextAction {
t.Fatalf("want ErrMissingNextAction, got %v", err)
}
}
func TestNewManualRejectsEmptySuccessCondition(t *testing.T) {
_, err := NewManual("Refactor state", " ", 25*time.Minute)
if err != ErrMissingSuccessCondition {
t.Fatalf("want ErrMissingSuccessCondition, got %v", err)
}
}
func TestNewManualRejectsZeroTimebox(t *testing.T) {
_, err := NewManual("Refactor state", "tests pass", 0)
if err != ErrMissingTimebox {
t.Fatalf("want ErrMissingTimebox, got %v", err)
}
}
func TestNewManualPopulatesDraftCommitment(t *testing.T) {
c, err := NewManual(" Port domain ", "domain tests pass", 25*time.Minute)
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
if c.NextAction != "Port domain" {
t.Errorf("next action not trimmed: %q", c.NextAction)
}
if c.SuccessCondition != "domain tests pass" {
t.Errorf("success condition wrong: %q", c.SuccessCondition)
}
if c.TimeboxSecs != 1500 {
t.Errorf("timebox secs wrong: %d", c.TimeboxSecs)
}
if c.State != CommitmentDraft {
t.Errorf("state should be draft, got %s", c.State)
}
if c.Source != SourceManual {
t.Errorf("source should be manual, got %s", c.Source)
}
if !strings.HasPrefix(c.ID, "commitment-") {
t.Errorf("id should be prefixed, got %s", c.ID)
}
}
func TestNewManualRejectsSubSecondTimebox(t *testing.T) {
_, err := NewManual("Refactor state", "tests pass", 500*time.Millisecond)
if err != ErrMissingTimebox {
t.Fatalf("want ErrMissingTimebox, got %v", err)
}
}
func TestForRuntimePopulatesPolicySnapshot(t *testing.T) {
p := ForRuntime("commitment-123", RuntimeActive, EnforcementObserve)
if !strings.HasPrefix(p.ID, "policy-") {
t.Errorf("id should be prefixed, got %s", p.ID)
}
if p.CommitmentID != "commitment-123" {
t.Errorf("commitment id wrong: %s", p.CommitmentID)
}
if p.SchemaVersion != PolicySchemaVersion {
t.Errorf("schema version wrong: %d", p.SchemaVersion)
}
if p.RuntimeState != RuntimeActive {
t.Errorf("runtime state wrong: %s", p.RuntimeState)
}
if p.EnforcementLevel != EnforcementObserve {
t.Errorf("enforcement level wrong: %s", p.EnforcementLevel)
}
}
func TestCommitmentSerializesSnakeCaseEnums(t *testing.T) {
c, _ := NewManual("Port domain", "domain tests pass", 25*time.Minute)
data, err := json.Marshal(c)
if err != nil {
t.Fatalf("marshal failed: %v", err)
}
s := string(data)
if !strings.Contains(s, `"source":"manual"`) {
t.Errorf("missing snake_case source in %s", s)
}
if !strings.Contains(s, `"state":"draft"`) {
t.Errorf("missing snake_case state in %s", s)
}
}