docs: update README and docs for dev preview readiness#353
docs: update README and docs for dev preview readiness#353varshaprasad96 wants to merge 1 commit into
Conversation
- Rewrite README to cover AgentRuntime, AuthBridge webhook, MLflow integration, and all operator controllers - Update architecture diagram to show full component set - Fix broken doc links (signature verification, identity binding) - Add all docs to the documentation table (AuthBridge, controller-webhook interaction, MLflow, client registration) - Add AgentRuntime Quick Start alongside manual label path - Fix protocol label requirement: clarify that Deployments need protocol.kagenti.io/a2a for AgentCard auto-creation - Remove hardcoded Helm chart version Assisted-By: Claude (Anthropic AI) <noreply@anthropic.com> Signed-off-by: Varsha Prasad Narsing <varshaprasad96@gmail.com>
ChristianZaccaria
left a comment
ChristianZaccaria
left a comment
There was a problem hiding this comment.
/lgtm, thank you!!
|
@pdettori can you have a look? |
There was a problem hiding this comment.
Docs update is accurate — all claims about controller label behavior, config hash, and rolling updates verified against source (agentcardsync_controller.go, agentcard_controller.go, agentruntime_controller.go). All doc links and sample YAML references resolve.
A few wording suggestions inline — nothing blocking.
Assisted-By: Claude Code
| - **Dynamic Agent Discovery** — Automatic indexing of agent metadata via the A2A protocol | ||
| - **Signature Verification** — JWS-based cryptographic verification of agent cards (RSA, ECDSA) | ||
| - **Identity Binding** — SPIFFE-based workload identity binding with allowlist enforcement | ||
| - **Declarative Agent Enrollment** — Create an `AgentRuntime` CR pointing to a clean Deployment; the operator applies labels, injects sidecars, and manages rolling updates automatically |
There was a problem hiding this comment.
suggestion: "pointing to a clean Deployment" — the Deployment isn't fully clean since it carries the protocol.kagenti.io/a2a label. Consider "pointing to your Deployment" for consistency with the updated GETTING_STARTED.md heading ("Deploy a Deployment with Protocol Label").
|
|
||
| #### Option 1: AgentRuntime (Recommended) | ||
|
|
||
| Deploy a clean Deployment and create an AgentRuntime CR: |
There was a problem hiding this comment.
suggestion: "Deploy a clean Deployment" contradicts the fact that users must add protocol.kagenti.io/a2a (shown a few lines below). Consider: "Deploy a Deployment with a protocol label and create an AgentRuntime CR:" — consistent with GETTING_STARTED.md which was correctly updated.
| ``` | ||
|
|
||
| The operator will automatically create an AgentCard for the workload and begin syncing agent metadata. | ||
| The operator will apply `kagenti.io/type: agent` labels and inject AuthBridge sidecars. The `protocol.kagenti.io/a2a` label on the Deployment triggers automatic AgentCard creation for agent discovery. |
There was a problem hiding this comment.
suggestion (accuracy/clarity): This could be read as "the protocol label alone triggers AgentCard creation." Since shouldSyncWorkload() requires both kagenti.io/type=agent (applied by AgentRuntime) and a protocol label, consider:
The operator will apply
kagenti.io/type: agentlabels and inject AuthBridge sidecars. Together with theprotocol.kagenti.io/a2alabel on the Deployment, this triggers automatic AgentCard creation for agent discovery.
6 participants
Summary
a2a-signature-verification.md→agentcard-signature-verification.md,identity-binding-quickstart.md→agentcard-identity-binding.md)protocol.kagenti.io/a2afor AgentCard auto-creation (was incorrectly stated as "no kagenti labels required")Test plan
agentcardsync_controller.goshouldSyncWorkload()Signed-off-by: @varshaprasad96 varshaprasad96@gmail.com
🤖 Generated with Claude Code