feat(projman): add sprint approval requirement before execution (#233)
Sprint-plan approval workflow: - Request explicit approval after creating issues - Present scope summary (branches, files, dependencies) - User must type "approve sprint N" to authorize - Record approval in milestone description with timestamp Sprint-start verification: - Check milestone for "## Sprint Approval" section - If missing, STOP and direct to /sprint-plan - Extract approved scope (branches, files) - Enforce scope during execution Orchestrator scope enforcement: - Verify approval before any execution - Check each operation against approved scope - Operations outside scope require re-approval This separates planning (review) from execution (action), preventing agents from executing without explicit user consent. Closes #233 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -136,6 +136,58 @@ The planner agent will:
|
||||
- Document dependency graph
|
||||
- Provide sprint overview with wiki links
|
||||
|
||||
11. **Request Sprint Approval**
|
||||
- Present approval request with scope summary
|
||||
- Capture explicit user approval
|
||||
- Record approval in milestone description
|
||||
- Approval scopes what sprint-start can execute
|
||||
|
||||
## Sprint Approval (MANDATORY)
|
||||
|
||||
**Planning DOES NOT equal execution permission.**
|
||||
|
||||
After creating issues, the planner MUST request explicit approval:
|
||||
|
||||
```
|
||||
Sprint 17 Planning Complete
|
||||
===========================
|
||||
|
||||
Created Issues:
|
||||
- #45: [Sprint 17] feat: JWT token generation
|
||||
- #46: [Sprint 17] feat: Login endpoint
|
||||
- #47: [Sprint 17] test: Auth tests
|
||||
|
||||
Execution Scope:
|
||||
- Branches: feat/45-*, feat/46-*, feat/47-*
|
||||
- Files: auth/*, api/routes/auth.py, tests/test_auth*
|
||||
- Dependencies: PyJWT, python-jose
|
||||
|
||||
⚠️ APPROVAL REQUIRED
|
||||
|
||||
Do you approve this sprint for execution?
|
||||
This grants permission for agents to:
|
||||
- Create and modify files in the listed scope
|
||||
- Create branches with the listed prefixes
|
||||
- Install listed dependencies
|
||||
|
||||
Type "approve sprint 17" to authorize execution.
|
||||
```
|
||||
|
||||
**On Approval:**
|
||||
1. Record approval in milestone description
|
||||
2. Note timestamp and scope
|
||||
3. Sprint-start will verify approval exists
|
||||
|
||||
**Approval Record Format:**
|
||||
```markdown
|
||||
## Sprint Approval
|
||||
**Approved:** 2026-01-28 14:30
|
||||
**Approver:** User
|
||||
**Scope:**
|
||||
- Branches: feat/45-*, feat/46-*, feat/47-*
|
||||
- Files: auth/*, api/routes/auth.py, tests/test_auth*
|
||||
```
|
||||
|
||||
## Issue Title Format (MANDATORY)
|
||||
|
||||
```
|
||||
|
||||
@@ -6,6 +6,47 @@ description: Begin sprint execution with relevant lessons learned from previous
|
||||
|
||||
You are initiating sprint execution. The orchestrator agent will coordinate the work, analyze dependencies for parallel execution, search for relevant lessons learned, and guide you through the implementation process.
|
||||
|
||||
## Sprint Approval Verification
|
||||
|
||||
**CRITICAL: Sprint must be approved before execution.**
|
||||
|
||||
The orchestrator checks for approval in the milestone description:
|
||||
|
||||
```
|
||||
get_milestone(milestone_id=17)
|
||||
→ Check description for "## Sprint Approval" section
|
||||
```
|
||||
|
||||
**If Approval Missing:**
|
||||
```
|
||||
⚠️ SPRINT NOT APPROVED
|
||||
|
||||
Sprint 17 has not been approved for execution.
|
||||
The milestone description does not contain an approval record.
|
||||
|
||||
Please run /sprint-plan to:
|
||||
1. Review the sprint scope
|
||||
2. Approve the execution plan
|
||||
|
||||
Then run /sprint-start again.
|
||||
```
|
||||
|
||||
**If Approval Found:**
|
||||
```
|
||||
✓ Sprint Approval Verified
|
||||
Approved: 2026-01-28 14:30
|
||||
Scope:
|
||||
Branches: feat/45-*, feat/46-*, feat/47-*
|
||||
Files: auth/*, api/routes/auth.py, tests/test_auth*
|
||||
|
||||
Proceeding with execution within approved scope...
|
||||
```
|
||||
|
||||
**Scope Enforcement:**
|
||||
- Agents can ONLY create branches matching approved patterns
|
||||
- Agents can ONLY modify files within approved paths
|
||||
- Operations outside scope require re-approval via `/sprint-plan`
|
||||
|
||||
## Branch Detection
|
||||
|
||||
**CRITICAL:** Before proceeding, check the current git branch:
|
||||
@@ -25,12 +66,18 @@ If you are on a production or staging branch, you MUST stop and ask the user to
|
||||
|
||||
The orchestrator agent will:
|
||||
|
||||
1. **Detect Checkpoints (Resume Support)**
|
||||
1. **Verify Sprint Approval**
|
||||
- Check milestone description for `## Sprint Approval` section
|
||||
- If no approval found, STOP and direct user to `/sprint-plan`
|
||||
- If approval found, extract scope (branches, files)
|
||||
- Agents operate ONLY within approved scope
|
||||
|
||||
2. **Detect Checkpoints (Resume Support)**
|
||||
- Check each open issue for `## Checkpoint` comments
|
||||
- If checkpoint found, offer to resume from that point
|
||||
- Resume preserves: branch, completed work, pending steps
|
||||
|
||||
2. **Fetch Sprint Issues**
|
||||
3. **Fetch Sprint Issues**
|
||||
- Use `list_issues` to fetch open issues for the sprint
|
||||
- Identify priorities based on labels (Priority/Critical, Priority/High, etc.)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user