anti/DECNET
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(emailgen): gate as master-only

Browse Source 
Two-layer gating per CLAUDE.md:
- registration-time: emailgen added to MASTER_ONLY_GROUPS so agents
  don't see the sub-app in 'decnet --help' at all.
- body-guard: _require_master_mode('emailgen ...') at the top of every
  sub-command body so a direct callable import (third-party tooling)
  still bails on agent hosts.

Matches the convention used for 'swarm', 'topology', 'geoip'.  SWARM
agents push their generated mail through the master's emailgen worker
(or none at all); cross-agent emailgen federation stays out of scope.
This commit is contained in:
anti
2026-04-26 22:45:59 -04:00
parent 6d520eaa6f
commit 73692b52f0
3 changed files with 120 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
decnet/cli/emailgen.py
View File

@@ -22,6 +22,7 @@ from typing import Optional
import typer
from . import utils as _utils
from .gating import _require_master_mode
from .utils import console, log
@@ -61,6 +62,10 @@ def register(app: typer.Typer) -> None:
),
) -> None:
"""Start the long-running email-generation worker."""
# Defence-in-depth: the registration-time gate already hides
# ``emailgen`` from Typer when DECNET_MODE=agent, but a direct
# callable import would bypass that — block here too.
_require_master_mode("emailgen run")
import asyncio
from decnet.orchestrator.emailgen import emailgen_worker
from decnet.web.dependencies import repo
@@ -116,6 +121,7 @@ def register(app: typer.Typer) -> None:
topology mail deckies use ``Topology.email_personas`` instead and
this command does not touch them.
"""
_require_master_mode("emailgen import-personas")
from decnet.orchestrator.emailgen import global_pool
from decnet.orchestrator.emailgen.personas import parse_personas

4
decnet/cli/gating.py
View File

@@ -31,7 +31,9 @@ MASTER_ONLY_COMMANDS: frozenset[str] = frozenset({
"services", "distros", "correlate", "archetypes", "web",
"db-reset", "init", "webhook", "clusterer", "campaign-clusterer",
})
MASTER_ONLY_GROUPS: frozenset[str] = frozenset({"swarm", "topology", "geoip"})
MASTER_ONLY_GROUPS: frozenset[str] = frozenset(
{"swarm", "topology", "geoip", "emailgen"}
)
def _agent_mode_active() -> bool: