Workflow Builder is the internal visual workflow system used to design, run, publish, and review durable workflows on Kubernetes.
It is not a generic starter template anymore. The live platform is built around:
workflow-builder: Next.js UI and BFFworkflow-orchestrator: Python Dapr Workflow ownerfunction-router: action routeropenshell-agent-runtime: OpenShell workspace, browser, and standard agent runtimeopenshell-langgraph-observable: specialized OpenShell LangGraph coding backenddurable-agent: durable artifact and review-data servicefn-activepieces: default SaaS action backend
The system now has two workflow execution modes:
- Draft workflows
- saved in Postgres
- executed by the generic Dapr workflow interpreter
dynamic_workflow
- Published workflows
- frozen into immutable revision snapshots in
spec.metadata.publishedRuntime - registered at orchestrator startup as named and versioned Dapr workflows
- executed by stable workflow name and version
- frozen into immutable revision snapshots in
The system now has one active sandbox model for agent work:
- OpenShell-only sandboxes for coding, session handoff, workspace actions, and browser validation
Retired paths such as dapr-agent, ms-agent, openshell-durable, and agent-sandbox are no longer part of the active runtime.
Workflows are stored in Postgres with both the visual nodes / edges representation and a canonical spec.
The UI edits saved workflow data. The orchestrator interprets that saved definition at runtime.
Saving a workflow does not publish it.
- Save:
- persists the current workflow definition
- keeps execution on
dynamic_workflow
- Publish:
- creates an immutable revision snapshot
- assigns a stable workflow name like
wf_<workflowId> - assigns an immutable version like
pub_<...> - requires orchestrator startup to load and register that revision with Dapr
The supported OpenShell-backed agent actions are:
openshell/runopenshell/session-startopenshell-langgraph-observable/run
Typical workspace-backed flows use:
workspace/profileworkspace/cloneworkspace/commandbrowser/validate
All of those route to OpenShell-backed runtimes.
- The browser calls the
workflow-builderBFF. - The BFF starts or inspects a workflow through
workflow-orchestrator. workflow-orchestratorruns the durable parent workflow.- Action nodes are routed through
function-router. function-routersends:workspace/*,browser/*, andopenshell/*toopenshell-agent-runtimeopenshell-langgraph-observable/*toopenshell-langgraph-observable- all other plugin-backed actions to
fn-activepieces
- Execution metadata, child-run state, and review artifacts are persisted to Postgres.
- The UI reads status, logs, patch, change-set, snapshot, and published-workflow metadata back through the BFF.
Successful coding runs should produce durable review data:
- child-run metadata
- patch
- file-change summaries
- file snapshots
- browser artifacts when validation is configured
The UI should prefer persisted artifacts over live workspace state.
pnpm install
pnpm fix
pnpm type-checkUse the repo script:
./scripts/devspace-dev-ryzen.shThat is the fast iteration path for the live ryzen cluster, but it is not the authoritative cluster deployment state.
The real cluster state is controlled by stacks/main.
The normal production-like flow is:
- build images
- push tags to the in-cluster registry
- update
stacks/main - let ArgoCD reconcile
On ryzen, changing only this repo does not change the real cluster until stacks/main is updated.
GET /api/workflowsGET /api/workflows/:idPUT /api/workflows/:idPOST /api/workflows/:id/publishGET /api/workflows/:id/published/:version
POST /api/workflows/:id/executePOST /api/v2/workflows/execute-by-idGET /api/workflows/executions/:executionId/statusGET /api/workflows/executions/:executionId/logsGET /api/workflows/executions/:executionId/changesGET /api/workflows/executions/:executionId/patch