Roadmap: MCP Control Plane Web Console (phased delivery) #653
Open
opened 2026-07-10 14:48:05 -05:00 by jcwalker3
·
2 comments
No Branch/Tag Specified
master
fix/issue-709-decision-lock-cross-profile
fix/issue-695-native-transport-quarantine
fix/issue-698-report-validator-schema
fix/issue-702-stale-binding-lease-recovery
fix/issue-699-structured-auth-mcp-errors
fix/issue-695-native-quarantine-v2
fix/issue-693-review-decision-lock-recovery
fix/issue-691-obsolete-reviewer-lease-cleanup
feat/issue-687-reconciler-branch-delete
fix/issue-683-workflow-guard-hardening
chore/issue-681-preserve-review-session-wip
feat/issue-604-anti-stomp-preflight
feat/issue-606-sentry-observability
fix/issue-671-block-stable-branch-push
fix/issue-675-residual-preflight-remediation
fix/issue-673-remediate-regressions-part2
fix/issue-673-remediate-regressions
feat/issue-603-lifecycle-labels
fix/issue-627-set-issue-labels-pagination
feat/issue-601-first-class-leases
feat/issue-612-incident-bridge
feat/issue-600-controller-allocator-api
fix/issue-620-head-scoped-review-locks
feat/issue-613-allocator-db-substrate
docs/mcp-stable-control-runtime-policy
feat/issue-609-prepared-review-verdict-resume
feat/issue-610-live-remote-parity
feat/issue-503-reviewer-active-worktree
feat/issue-470-preflight-contract
feat/issue-440-lock-recovery
feat/issue-440-branch-recovery
feat/issue-458-queue-fail-closed-copy
feat/issue-400-early-duplicate-work-gate
feat/issue-308-reconcile-inventory-pagination
feat/issue-308-reconcile-pagination-proof
docs/issue-261-agent-temp-artifact-cleanup
feat/issue-262-map-commit-files
fix/infra-stop-conflict-marker-false-positive
feat/issue-139-role-aware-task-routing
feat/issue-188-continuation-selection-wall
feat/issue-189-continuation-mode-proofs
feat/issue-232-refresh-wiki-proof-heads
feat/issue-210-block-workspace-edits
feat/issue-204-exact-issue-lock
docs/issue-80-label-taxonomy
docs/issue-79-safety-boundary-updates
v1.1.0
Labels
Clear labels
allocator
anti-stomp
architecture
bug
chore
codex
concurrency
contamination
control-plane
dashboard
database
design
documentation
enhancement
gitea
glitchtip
important
incident
incident-bridge
integration
jenkins
labels
leases
mcp
mcp-health
mcp-menu
multi-project
mutating
nice-to-have
observability
portability
preflight
protected-branch
queue
read-only
reconnect
recovery
refactor
release
reliability
resumable-review
reviewer
roadmap
safety
security
self-hosted
sentry
stale-runtime
status:blocked
status:in-progress
status:pr-open
status:ready
terminal-lock
testing
tracker
type:bug
type:feature
type:feature
type:guardrail
visibility
workflow
workflow-hardening
workflow-hardening
Controller-owned work allocator
Prevent concurrent LLM session stomping
Architecture / structural design
OpenAI Codex client / workflow session surface
Concurrent session safety
Workflow or session contamination incident
MCP control-plane coordination and allocation authority
MCP operational dashboard/queue view
Internal coordination storage (SQLite/Postgres)
Design / investigation, no implementation
Docs / runbooks
New feature or improvement
Gitea MCP workflow
GlitchTip integration
Operational or process incident requiring durable audit trail
Sentry-to-Gitea incident bridging
Integration testing
Jenkins integration
Label taxonomy management
Lease adopt/release/expire lifecycle
MCP server / tooling
MCP namespace and runtime health
MCP menu surface
Work spanning multiple monitoring projects or Gitea repos
Mutating action; requires gating
Observability, metrics, traces, error reporting
Cross-platform / portability
Shared preflight gates before mutation
Protected branch / stable-branch policy concern
Work queue visibility and allocation
Read-only, no mutation
MCP client reconnect/reload recovery path
Recovery paths for stale/foreign leases
Code refactor / restructure
Release / versioning
Reliability / failure handling
Persist and resume prepared review verdicts across sessions
Reviewer workflow tooling
Roadmap / umbrella issue
Safety rails and fail-closed mutation guards
Security / trust boundary
Self-hosted infrastructure integration
Sentry error monitoring integration
Stale backend daemon / runtime-vs-master parity failures
Issue is blocked
Issue is being worked on
Issue has an open pull request
Issue is ready for work
Terminal review lock (#332) path
Tests / test coverage
Issue tracker hygiene / meta
Bug or defect
Feature or enhancement
Feature or enhancement
Safety gate or guardrail
Workflow state visibility for LLMs/operators
Cross-tool workflow
LLM workflow coordination hardening
LLM workflow coordination hardening
Milestone
No items
No Milestone
Projects
Clear projects
No projects
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: Scaled-Tech-Consulting/Gitea-Tools#653
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Purpose
This issue is the phased delivery roadmap and epic sequencing for the MCP Control Plane Web Console.
webui/Phases sequence work; they do not delete vision. Anything not linked under a phase remains in Preserved but not yet scheduled until converted to issues or controller-rejected on #652.
Phase 1 — Read-only operational visibility
Goals
Safe operator and API visibility without privileged writes.
Included capabilities
Architecture; auth/audit model design; system-health API; project registry API; session/lease/lock/namespace/runtime/worktree inventory API; workflow-event/conversation timeline model; application shell; system-health dashboard; traffic-control view; runtime/session view.
Dependencies
Existing
webui/MVP; control-plane DB/allocator where available (#613/#600); Gitea read access.Exit criteria
Risks
Stale runtime false safety (#610); secret leakage in inventory; scope creep into Phase 2 actions.
Deferred (still in vision #652)
Restart/stop/start; request initiation; full SSO; multi-provider admin; AI insights; notifications channels.
Linked implementation issues
Current status
Active / recommended next work: #632 then #633, then APIs (#634–#637), then shell/views (#638–#641). Claim one issue lease at a time.
Phase 2 — Controlled operational actions
Goals
Gated, audited operational controls after Phase 1 auth model.
Included capabilities
Sanctioned restart/stop/start/graceful reload; request creation/intent preview/authorization/workflow initiation; pause/cancel/reprioritize (as designed); stale-runtime recovery; worktree rebind; reconciliation controls; quarantine/cleanup previews.
Dependencies
#633 auth/audit; #634 health; #636 inventory; #642–#644; #630 contamination rules.
Exit criteria
All Phase 2 actions gated + confirmed + audited; post-action revalidation; no pkill recovery path.
Risks
Unsafe process control; lease steal; contaminated clean claims.
Deferred
Full dual-control policy editing; SSO step-up; multi-channel notifications.
Linked implementation issues
Current status
Blocked on Phase 1 auth/health/inventory readiness (soft).
Phase 3 — Workflow orchestration
Goals
Console participates in orchestration visibility and controlled request flow with Gitea linkage and attention routing.
Included capabilities
Gitea (and later GitHub) issue/PR linkage; queue/traffic integration with allocator; dependency-aware states; human-attention routing; notification routing (console inbox first).
Dependencies
Phase 1 traffic/timeline; Phase 2 requests; #628/#626 handoffs; #605 menu complement.
Exit criteria
Operators can see ready/active/blocked/waiting/review/controller/reconciliation/complete/stale/abandoned; attention inbox works without spam.
Risks
Duplicating allocator; treating console as forge of record.
Linked implementation issues
Current status
Not started beyond linkage issues filed.
Phase 4 — AI-assisted insights and optimization
Goals
Evidence-backed insights, provider status, cost/latency analytics — never uncited automation that bypasses gates.
Included capabilities
Sentry/GlitchTip console integration; AI-provider connection status; summaries/blocker explanations/duplicate detection/recurring-failure analysis/risk/workflow-health scoring/next-work recommendations with evidence+confidence labels; usage/cost/latency/success analytics; human-intervention metrics.
Dependencies
#637 timeline; #633 redaction; #606/#607/#612 bridges; #649–#651.
Exit criteria
Insights require evidence refs; missing metrics labeled unknown; no auto-merge/close from insights.
Linked implementation issues
Current status
Not started.
Phase 5 — Governance, policy, security, and long-term platform maturity
Goals
Hardening for multi-operator production use: SSO, advanced RBAC, policy lifecycle, audit immutability, maintenance mode, emergency fail-closed, platform extensions.
Included capabilities
SSO; project permissions; auditor roles; step-up auth; encryption posture; rate limiting; CSRF; privileged-action dual control; versioned policy edit/validate/simulate/approve/rollback (#646/#647); immutable audit; maintenance mode; emergency fail-closed; HA/read-replica topology; feature flags; WCAG track; localization; air-gapped mode; plugin adapters — as prioritized from #652 §O.
Dependencies
Phase 1 auth model; Phase 2 gated actions; #646/#647.
Exit criteria
Documented security baseline met; policy changes audited; emergency controls tested; vision items either shipped or still listed preserved/rejected on #652.
Risks
Over-building enterprise surface before core ops value; secret mismanagement.
Linked implementation issues
Current status
Partial issues filed; many maturity items only in preserved list.
Preserved but not yet scheduled
Valid product ideas from #652 without a dedicated implementation issue yet. Remain visible until converted or controller-rejected on #652.
System / process control
Projects / forges
Connections / credentials
Requests / orchestration
Sessions / recovery
Conversations / search / export
AI insights (beyond #650)
Observability (beyond #649)
Notifications (beyond #648)
Security / platform maturity
Analytics (beyond #651)
Future extension points (#652 §O)
Recommended next work
Non-goals
Canonical issue state
Canonical Issue State
STATE:
roadmap-active
WHO_IS_NEXT:
author
NEXT_ACTION:
Execute Phase 1 starting with #632 architecture, then #633 auth/audit, then APIs #634–#637, then views #638–#641; update this roadmap as children complete
NEXT_PROMPT:
WHAT_HAPPENED:
Roadmap #653 filed with Phases 1–5, linked issues, and Preserved but not yet scheduled catalog. Phase 1 batch is existing #632–#641 (not recreated).
WHY:
Sequence delivery without deleting vision (#652).
RELATED_ISSUES:
#652 vision; #631 umbrella; #632–#651 children; #425–#436 foundation
RELATED_PRS:
none
BLOCKERS:
none
VALIDATION:
Phase 1 issues pre-exist; roadmap adds Phase 5 + preserved catalog
LAST_UPDATED_BY:
jcwalker3 / prgs-author / author / 2026-07-10
Canonical Issue State
STATE:
roadmap-active
WHO_IS_NEXT:
author
NEXT_ACTION:
Track restart governance #655–#669 under platform safety / Phase 2–5; preferred implementation start #656 then #657; keep #668 in preserved-or-Phase-5 even if deferred
NEXT_PROMPT:
WHAT_HAPPENED:
Linked #655–#669 into roadmap #653 sequencing notes.
WHY:
Restart safety is sequencing-critical dogfooding work alongside console phases.
RELATED_ISSUES:
#655–#669 #652 #630 #642
RELATED_PRS:
none
BLOCKERS:
none
VALIDATION:
no implementation this session
LAST_UPDATED_BY:
jcwalker3 / prgs-author / author / 2026-07-10