|
| 1 | +# AGENTS.md |
| 2 | +### _Operational Invariants and Behavioral Contracts for `any-sdk` Agents_ |
| 3 | +_Last updated: Draft 0.1_ |
| 4 | + |
| 5 | +--- |
| 6 | + |
| 7 | +## 1. Purpose |
| 8 | + |
| 9 | +In theory, agents can benefit `any-sdk` by transforming **foreign interface definitions** (e.g., Google Discovery, OpenAPI3, AWS Smithy, Azure SDKs, SaaS REST APIs, or OS procedure call schemas) into normalized **`any-sdk` documents**. |
| 10 | +Such documents drive the functionality of `any-sdk`, enabling agnostic local and internet resource consumption. Once mature, they are stored in [the `stackql-provider-registry` repository](https://github.com/stackql/stackql-provider-registry). |
| 11 | + |
| 12 | +Both `any-sdk` itself and the document registry are consumed by the application [`stackql`](https://github.com/stackql/stackql), which exposes the resources described as though they were relational database tables — the internet as a database! |
| 13 | + |
| 14 | +The documents consumed by `any-sdk` generally define, per "provider" system, a hierarchy of `provider`, `service`, `resource`, and `methods`. Methods represent interface function calls for data access and mutation. In lieu of strict formalism, we can expand the semantics by example. |
| 15 | + |
| 16 | +For instance, `google.storage.buckets` has a method named `list`. For this method, defined in `openapi3` grammar, there is a required **query** parameter `project` (an unusual case), which must be supplied by a client for the query to work. For one significant client — [`stackql`](https://github.com/stackql/stackql) — the interfaces exposed by `any-sdk` support SQL semantics. |
| 17 | + |
| 18 | +Continuing the example, this method can be semantically associated with the SQL verb `SELECT`, and the required `project` parameter must appear in the `WHERE` clause of a `SELECT` against `google.storage.buckets`. There is an informal expectation that all methods explicitly associated with `SELECT` under the same resource will have similar schemas, and it is likely that in future versions, some unioned schema will be published. |
| 19 | + |
| 20 | +We can illustrate another key concept of `any-sdk` through this example: **method selectivity**. |
| 21 | +When multiple methods under a resource are mapped to the same SQL verb, they should be ordered in the `components.x-stackQL-resources.<resource>.sqlVerbs.<verb>` array by ascending selectivity (i.e., by the number of required parameters). |
| 22 | +Thus, the `list` method should be selected where only `project` is supplied in the `WHERE` clause, while `get` should be selected where both `project` and `bucket` are provided. Syntactically, these associations are JSON pointers to `paths` in the `openapi3` document. |
| 23 | + |
| 24 | +The goal is to produce **semantically correct**, **schema-valid**, and **verifiably grounded** definitions that capture both declarative interface metadata and **implied runtime behaviors** (auth, pagination, errors, rate limits, etc.). |
| 25 | + |
| 26 | +Agents operate under strict invariants and must produce outputs that: |
| 27 | + |
| 28 | +1. Conform to the expected schemas and overall consistency requirements within each provider document collection: |
| 29 | + - The root `provider.yaml` document is a markup description of the provider system itself, containing: |
| 30 | + - A set of required keys. |
| 31 | + - Some significant optional keys. For example, the optional `protocolType` attribute, when set to `local_templated`, indicates that the provider’s constituents are not typical HTTP interfaces but rather OS-level calls whose result streams are transformed using Go text templates. |
| 32 | + - A list of "services" available for the provider. |
| 33 | + - Services and resources are typically grouped together in a single document per service, containing all constituent resources. However, they may be sharded across documents, with cross-document references made using JSON pointers. |
| 34 | + - The core of each service document (for HTTP-exposed services) is defined using `openapi3` grammar, with additional `stackql` semantics expressed in permitted extension attributes. |
| 35 | + - A resource dictionary, canonically located at `components.x-stackQL-resources` in the service document, dictates how resources are located under `provider.service`. |
| 36 | + |
| 37 | +2. Reflect true source semantics. |
| 38 | +3. Pass all automated validation stages. |
| 39 | + |
| 40 | +--- |
| 41 | + |
| 42 | +## 2. Contract Overview |
| 43 | + |
| 44 | +### 2.1 Required Output Form |
| 45 | +_TBA._ |
| 46 | +A formal definition must be supplied. |
| 47 | + |
| 48 | +### 2.2 Prohibited Behaviors |
| 49 | +- No hallucinated operations, parameters, or response fields. |
| 50 | +- No unverified default values. |
| 51 | +- No omissions of required invariants (auth, errors, pagination, etc.). |
| 52 | +- No dangling, circular, or ambiguous references. |
| 53 | + |
| 54 | +--- |
| 55 | + |
| 56 | +## 3. Global Invariants |
| 57 | + |
| 58 | +### 3.1 Operation Identity |
| 59 | + |
| 60 | +Each operation must be routable through: |
| 61 | + |
| 62 | +``` |
| 63 | +<provider>.<service>.<resource>.<method> |
| 64 | +``` |
| 65 | + |
| 66 | +**Example:** |
| 67 | +``` |
| 68 | +google.compute.instances.list |
| 69 | +``` |
| 70 | + |
| 71 | +- `service`: canonical service name |
| 72 | +- `version`: stable version identifier |
| 73 | +- `resource`: plural noun (snake_case) |
| 74 | +- `method`: lowercase verb describing intent (`list`, `get`, `create`, `delete`, etc.) |
| 75 | + |
| 76 | +Methods mapped to SQL verbs are annotated in an `sqlVerbs` dictionary, which allows `stackql` to abstract the method layer for agents and users. |
| 77 | + |
| 78 | +--- |
| 79 | + |
| 80 | +### 3.2 HTTP Semantics |
| 81 | +_TBA._ |
| 82 | + |
| 83 | +--- |
| 84 | + |
| 85 | +### 3.3 Authentication |
| 86 | +_TBA._ |
| 87 | +This is yet to be formally defined. OAuth, simple key-based authentication, and various environment-variable-based patterns are supported. |
| 88 | +Unauthenticated systems should be explicitly designated as having `null` auth. |
| 89 | + |
| 90 | +--- |
| 91 | + |
| 92 | +### 3.4 Pagination |
| 93 | +Opt-in, with default behavior. _TBA._ |
| 94 | + |
| 95 | +--- |
| 96 | + |
| 97 | +### 3.5 Errors |
| 98 | +Canonically aligned with `openapi3`. |
| 99 | + |
| 100 | +--- |
| 101 | + |
| 102 | +### 3.6 Rate Limiting |
| 103 | +Modeled as a class of failure within a broader collection of possible failure classes, including network and system failures. |
| 104 | + |
| 105 | +--- |
| 106 | + |
| 107 | +### 3.7 Long-Running Operations (LRO) |
| 108 | +If an operation is asynchronous: |
| 109 | +- Different providers have different polling or notification methods. |
| 110 | +- Initially, behavior similar to Google’s `Operation` polling is supported. |
| 111 | + |
| 112 | +--- |
| 113 | + |
| 114 | +### 3.8 OS / Non-HTTP Transports |
| 115 | +_TBA._ |
| 116 | +See the `local_openssl` provider for an example. |
| 117 | + |
| 118 | +--- |
| 119 | + |
| 120 | +## 4. Validation Rules |
| 121 | +These are informally enforced through the `any-sdk` CLI, specifically the `aot` command. |
| 122 | + |
| 123 | +--- |
| 124 | + |
| 125 | +## 5. Evidence & Traceability |
| 126 | +_TBA._ |
| 127 | + |
| 128 | +--- |
| 129 | + |
| 130 | +### End of Draft 0.1 |
| 131 | +This draft is intentionally comprehensive to serve as both documentation and a RAG corpus seed. |
0 commit comments