np-dms/lcbp3
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
de4201d7d3abd8b972dd99446550b6782b1d8f0b
lcbp3/specs/200-fullstacks/231-hermes-agent/contracts/hermes-api.yaml
T
admin f33487f511
CI / CD Pipeline / build (push) Successful in 4m53s
Details
CI / CD Pipeline / deploy (push) Failing after 2m16s
Details
690529:1702 ADR-030-230 context aware #09
2026-05-29 17:02:12 +07:00

340 lines
9.6 KiB
YAML
Raw Blame History

openapi: 3.0.3
info:
title: Hermes Agent API
description: |
Hermes Agent — Autonomous Dev Orchestrator & Telegram DevOps Bridge
Feature: 231-hermes-agent | ADR-031 v2.0
IMPORTANT:
- All endpoints are LAN/VPN-only (never public internet)
- Telegram webhook endpoint is the only exception (via reverse proxy with TLS)
- Authentication: X-API-Key header for all non-webhook endpoints
- All responses include transactionId for traceability
version: 1.0.0
contact:
name: NAP-DMS Architecture Team
servers:
- url: http://{ASUSTOR_IP}:8080/api/v1
description: Hermes Agent API (LAN/VPN only)
variables:
ASUSTOR_IP:
default: "192.168.10.X"
security:
- ApiKeyAuth: []
components:
securitySchemes:
ApiKeyAuth:
type: apiKey
in: header
name: X-API-Key
description: HERMES_PROXY_API_KEY — stored in ASUSTOR secret store
schemas:
TransactionId:
type: string
format: uuid
description: UUIDv7 transaction identifier (ADR-019)
example: "019505a1-7c3e-7000-8000-abc123def456"
HermesStatus:
type: object
properties:
status:
type: string
enum: [HEALTHY, DEGRADED, DOWN]
version:
type: string
uptime:
type: number
queues:
type: object
properties:
notification:
type: object
properties:
waiting: { type: number }
active: { type: number }
failed: { type: number }
orchestration:
type: object
properties:
waiting: { type: number }
active: { type: number }
failed: { type: number }
soulMdLastEntry:
type: string
description: ISO datetime of last SOUL.md session entry
timestamp:
type: string
format: date-time
OperationsLogEntry:
type: object
properties:
id:
$ref: '#/components/schemas/TransactionId'
operatorIdentity:
type: string
commandType:
type: string
enum: [TELEGRAM_INBOUND, TELEGRAM_OUTBOUND, ORCHESTRATION_TASK, GIT_WRITE, PROXY_REQUEST]
targetSystem:
type: string
commandSummary:
type: string
description: Redacted command description
status:
type: string
enum: [PENDING, IN_PROGRESS, COMPLETED, FAILED, REJECTED]
createdAt:
type: string
format: date-time
completedAt:
type: string
format: date-time
nullable: true
errorClassification:
type: string
nullable: true
OrchestrationTaskRequest:
type: object
required: [description, taskType, telegramChatId]
properties:
description:
type: string
description: Coding task description (no production data)
taskType:
type: string
enum: [DEVOPS, DMS_FEATURE, SCHEMA_DB, BUG_FIX]
telegramChatId:
type: string
description: Chat ID for progress/result notifications
OrchestrationTaskResponse:
type: object
properties:
taskId:
$ref: '#/components/schemas/TransactionId'
status:
type: string
enum: [QUEUED, CONTEXT_LOADING, SUB_AGENT_DELEGATED, SELF_CORRECTION, PR_CREATED, DONE, ESCALATED, FAILED]
prUrl:
type: string
nullable: true
description: Gitea PR URL (populated when status=PR_CREATED or DONE)
branchName:
type: string
nullable: true
TelegramWebhookPayload:
type: object
properties:
message:
type: object
properties:
from:
type: object
properties:
id: { type: integer }
username: { type: string }
text: { type: string }
chat:
type: object
properties:
id: { type: integer }
ErrorResponse:
type: object
properties:
error:
type: string
message:
type: string
transactionId:
$ref: '#/components/schemas/TransactionId'
paths:
/health:
get:
summary: Hermes health check
description: Returns current health status of Hermes Agent and its subsystems
security: []
operationId: getHealth
tags: [System]
responses:
'200':
description: Health status
content:
application/json:
schema:
$ref: '#/components/schemas/HermesStatus'
/telegram/webhook:
post:
summary: Telegram webhook inbound handler
description: |
Receives Telegram Bot webhook updates.
MUST be behind reverse proxy with TLS.
MUST verify X-Telegram-Bot-Api-Secret-Token header.
DevOps commands only — no DMS document operations.
security: []
operationId: handleTelegramWebhook
tags: [Telegram]
parameters:
- name: X-Telegram-Bot-Api-Secret-Token
in: header
required: true
schema:
type: string
description: Telegram webhook secret for request verification
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/TelegramWebhookPayload'
responses:
'200':
description: Webhook processed (command dispatched or acknowledged)
content:
application/json:
schema:
type: object
properties:
transactionId:
$ref: '#/components/schemas/TransactionId'
status:
type: string
enum: [DISPATCHED, REJECTED, ACKNOWLEDGED]
'401':
description: Invalid webhook secret token
content:
application/json:
schema:
$ref: '#/components/schemas/ErrorResponse'
'429':
description: Rate limit exceeded
content:
application/json:
schema:
$ref: '#/components/schemas/ErrorResponse'
/orchestration/tasks:
post:
summary: Submit autonomous coding task
description: |
Submit a coding task for Hermes to orchestrate via sub-agents.
NEVER include production document content, DB query results, or secrets in task description.
operationId: submitOrchestrationTask
tags: [Orchestration]
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/OrchestrationTaskRequest'
responses:
'202':
description: Task queued successfully
content:
application/json:
schema:
$ref: '#/components/schemas/OrchestrationTaskResponse'
'401':
description: Unauthorized
content:
application/json:
schema:
$ref: '#/components/schemas/ErrorResponse'
/orchestration/tasks/{taskId}:
get:
summary: Get orchestration task status
operationId: getOrchestrationTask
tags: [Orchestration]
parameters:
- name: taskId
in: path
required: true
schema:
$ref: '#/components/schemas/TransactionId'
responses:
'200':
description: Task status
content:
application/json:
schema:
$ref: '#/components/schemas/OrchestrationTaskResponse'
'404':
description: Task not found
/operations/logs:
get:
summary: Query Hermes operations log
description: Returns paginated DevOps operations log entries. Admin only.
operationId: getOperationsLog
tags: [Operations]
parameters:
- name: limit
in: query
schema:
type: integer
default: 50
maximum: 200
- name: offset
in: query
schema:
type: integer
default: 0
- name: status
in: query
schema:
type: string
enum: [PENDING, IN_PROGRESS, COMPLETED, FAILED, REJECTED]
- name: commandType
in: query
schema:
type: string
responses:
'200':
description: Operations log entries
content:
application/json:
schema:
type: object
properties:
data:
type: array
items:
$ref: '#/components/schemas/OperationsLogEntry'
total:
type: integer
offset:
type: integer
/operations/logs/{transactionId}:
get:
summary: Get specific operation by transactionId
description: Used by Telegram /status command to track DevOps transactions
operationId: getOperationByTransactionId
tags: [Operations]
parameters:
- name: transactionId
in: path
required: true
schema:
$ref: '#/components/schemas/TransactionId'
responses:
'200':
description: Operation details
content:
application/json:
schema:
$ref: '#/components/schemas/OperationsLogEntry'
'404':
description: Transaction not found
Reference in New Issue View Git Blame Copy Permalink