repo-control-plane

Public documentation repository for a repository control plane currently implemented in the private Project Invariant codebase.

This repository exists to describe the project boundary, architecture direction, current workflow surface, and publication status without exposing the private implementation.

This repository publishes documentation only. It does not publish the runtime, plugins, CLI source, configuration, or release artifacts.

Why this exists

Modern AI-assisted repository workflows are useful, but they are often difficult to inspect, constrain, and reproduce.

This project explores a different model: repository workflows executed through a more controlled control-plane layer, with explicit boundaries around workflow surface, operator entry points, and policy enforcement.

The goal of this repository is to document that direction publicly without implying that it is self-hostable from this repository.

What this repository can describe publicly

This repository can currently describe, at a high level:

• the public/private boundary of the project
• the current workflow inventory
• architecture direction and operator surface boundaries
• publication limits and security boundary language

A typical governed workflow in the private implementation follows this shape:

request -> constrained workflow selection -> policy/API checks -> approval point where required -> reportable outcome

Current private implementation

Review date: 2026-03-10

The private implementation currently includes:

• a core runtime and control-plane layer under internal invariant/ packages
• plugin packs used by the runtime and product-layer assembly
• a run_factory application layer for repository workflows
• internal operator surfaces for CLI, daemon, API, and HTTP control deck usage
• a pipeline catalog currently limited to:
  • repo_risk_review
  • safe_patch_apply
  • constrained_feature_impl_beta

Capability checks are enforced through policy and API boundaries, but they should not be interpreted as a complete sandbox or security boundary.

Repository boundary

This repository intentionally does not provide:

• installation instructions
• quick start commands
• a runnable demo
• a public source mirror of the private implementation
• a claim that an external user can reproduce the internal environment from this repository alone

Executable artifacts, public sample contracts, or runnable examples may be published later. If they are, that will be stated explicitly here.

Naming

The private implementation still uses internal project and package naming associated with Project Invariant, including invariant/, apps/run_factory/, and plugin_packs/.

This public repository uses the neutral label repo-control-plane unless a concrete internal code identifier is necessary for accuracy.

Documents

• docs/ARCHITECTURE.md - current architecture boundary for the private implementation
• docs/STATUS.md - what is public here, what exists privately, and current limitations
• docs/DEMO.md - current demo boundary and what is not publicly runnable
• ROADMAP.md - planned public documentation and publication work for this repository

Contributing and security

See:

• CONTRIBUTING.md
• CODE_OF_CONDUCT.md
• SECURITY.md

License

See LICENSE.