feat: [US-010] - [Add preflight harness readiness script]

Author: sjarmak

.beads/issues.jsonl

@@ -149,7 +149,7 @@
 {"id":"CodeContextBench-wfx","title":"Rewrite MCP preamble in claude_baseline_agent.py","status":"closed","priority":1,"issue_type":"task","owner":"locobench@anthropic.com","created_at":"2026-02-12T13:22:07.535142622Z","created_by":"LoCoBench Bot","updated_at":"2026-02-12T13:25:17.883599Z","closed_at":"2026-02-12T13:25:17.883599Z","close_reason":"Replaced 330-line SG_BASE/FULL_PREAMBLE with 15-line SG_TOOL_REFERENCE, simplified instruction preamble (removed two-phase mandate), removed system prompt MCP append, fixed finder→nls_search, simplified CLAUDE.md builder"}
 {"id":"CodeContextBench-wmh","title":"US-004 Create cursor_2config and gemini_2config runners","status":"closed","priority":3,"issue_type":"task","owner":"locobench@anthropic.com","created_at":"2026-02-17T03:32:40.428395443Z","created_by":"LoCoBench Bot","updated_at":"2026-02-17T03:45:47.513433108Z","closed_at":"2026-02-17T03:45:47.513433108Z","close_reason":"done"}
 {"id":"CodeContextBench-xn2","title":"US-013: Ensure all new tasks have Dockerfiles","status":"closed","priority":2,"issue_type":"task","owner":"locobench@anthropic.com","created_at":"2026-02-16T00:48:27.133537053Z","created_by":"LoCoBench Bot","updated_at":"2026-02-16T00:50:42.240071565Z","closed_at":"2026-02-16T00:50:42.240071565Z","close_reason":"US-013 complete: all 25 tasks have Dockerfiles and pass syntax check"}
-{"id":"CodeContextBench-xp1","title":"US-010 Add preflight harness readiness script","status":"open","priority":2,"issue_type":"task","owner":"locobench@anthropic.com","created_at":"2026-02-17T03:33:42.377723263Z","created_by":"LoCoBench Bot","updated_at":"2026-02-17T03:33:42.377723263Z"}
+{"id":"CodeContextBench-xp1","title":"US-010 Add preflight harness readiness script","status":"closed","priority":2,"issue_type":"task","owner":"locobench@anthropic.com","created_at":"2026-02-17T03:33:42.377723263Z","created_by":"LoCoBench Bot","updated_at":"2026-02-17T04:11:04.64784541Z","closed_at":"2026-02-17T04:11:04.64784541Z","close_reason":"done"}
 {"id":"CodeContextBench-xp2","title":"Evaluate whether governance/enterprise tasks exercise MCP well","status":"closed","priority":1,"issue_type":"task","owner":"locobench@anthropic.com","created_at":"2026-02-15T18:28:34.316428116Z","created_by":"LoCoBench Bot","updated_at":"2026-02-15T18:39:10.504574323Z","closed_at":"2026-02-15T18:39:10.504574323Z","close_reason":"60% of tasks (9/15) use ZERO MCP tools despite preamble injection. Tasks are too local for MCP benefit. Only 3 tasks exercise MCP well: dep-discovery-001 (58% ratio), conflicting-docs-001 (29%), dep-impact-001 (40%). Recommendation: redesign around cross-codebase discovery tasks."}
 {"id":"CodeContextBench-xs4","title":"US-016: Build enterprise report generator","status":"closed","priority":1,"issue_type":"task","owner":"locobench@anthropic.com","created_at":"2026-02-15T14:03:20.824191062Z","created_by":"LoCoBench Bot","updated_at":"2026-02-15T14:07:08.049549155Z","closed_at":"2026-02-15T14:07:08.049549155Z","close_reason":"US-016 implemented and passing"}
 {"id":"CodeContextBench-xs8","title":"US-010: Build reliability analysis pipeline","status":"closed","priority":1,"issue_type":"feature","owner":"locobench@anthropic.com","created_at":"2026-02-15T13:50:48.063408521Z","created_by":"LoCoBench Bot","updated_at":"2026-02-15T13:53:00.916908239Z","closed_at":"2026-02-15T13:53:00.916908239Z","close_reason":"US-010 implemented and passing all acceptance criteria"}

ralph-multi-harness/prd.json

@@ -149,7 +149,7 @@
         "python3 scripts/check_harness_readiness.py --help runs successfully"
       ],
       "priority": 10,
-      "passes": false,
+      "passes": true,
       "notes": ""
     }
   ]

ralph-multi-harness/progress.txt

@@ -11,6 +11,7 @@
 - In sandboxed environments, `runs/staging` may resolve to an external symlink target; use a writable `--category` override when dry-running scaffolds locally.
 - In `scripts/ccb_metrics`, resolve transcript artifacts through a shared candidate list (not hardcoded `agent/claude-code.txt`) so non-Claude harness outputs are discoverable.
 - In `scripts/ccb_metrics/extractors.py`, treat unknown `MODEL_PRICING` keys deterministically by falling back to `_DEFAULT_MODEL` and emitting a one-time warning to keep cross-harness cost reports explainable.
+- Harness readiness preflight should enforce exact rollout MCP policy (`none` + `sourcegraph_full`) from registry entries and fail non-zero when required env vars are missing.
 
 ## Progress
 
@@ -125,3 +126,16 @@
   - Useful context (e.g., "the evaluation panel is in component X")
     - `docs/CONFIGS.md` is already referenced for rollout config behavior, making it the lowest-friction location for Codex policy additions versus creating a new doc.
 ---
+
+## 2026-02-17 04:10:21 UTC - US-010
+- Implemented `scripts/check_harness_readiness.py` to validate `configs/harness_registry.json` structure, required harness keys, and rollout MCP constraints (`none` and `sourcegraph_full`) with support for `--harness` scoped checks.
+- Added required environment validation with non-zero exit behavior on missing vars, including global MCP readiness (`SOURCEGRAPH_ACCESS_TOKEN`) and harness auth env checks where applicable.
+- Files changed: `scripts/check_harness_readiness.py`, `ralph-multi-harness/prd.json`, `ralph-multi-harness/progress.txt`
+- **Learnings for future iterations:**
+  - Patterns discovered (e.g., "this codebase uses X for Y")
+    - Keep readiness checks deterministic by validating registry policy and environment prerequisites in one script that returns `0` only when both pass.
+  - Gotchas encountered (e.g., "don't forget to update Z when changing W")
+    - Treat auth marker files as valid credential sources to avoid false negatives when harnesses authenticate via local login state instead of env vars.
+  - Useful context (e.g., "the evaluation panel is in component X")
+    - `--harness` with `choices` (`codex`, `cursor`, `gemini`, `copilot`, `openhands`) provides a low-noise preflight path before full-batch runs.
+---

scripts/check_harness_readiness.py

@@ -0,0 +1,254 @@
+#!/usr/bin/env python3
+"""Preflight harness readiness checks for multi-harness benchmark runs.
+
+Validates:
+- `configs/harness_registry.json` exists and has required structure
+- required harness registry keys and rollout MCP constraints
+- required environment variables for selected harnesses
+
+Usage:
+    python3 scripts/check_harness_readiness.py
+    python3 scripts/check_harness_readiness.py --harness codex
+    python3 scripts/check_harness_readiness.py --format json
+"""
+
+from __future__ import annotations
+
+import argparse
+import json
+import os
+from dataclasses import dataclass
+from pathlib import Path
+from typing import Any
+
+ROOT = Path(__file__).resolve().parent.parent
+DEFAULT_REGISTRY = ROOT / "configs" / "harness_registry.json"
+
+REQUIRED_HARNESSES = ["codex", "cursor", "gemini", "copilot", "openhands"]
+REQUIRED_ENTRY_KEYS = [
+    "harness_name",
+    "agent_import_path",
+    "default_model",
+    "allowed_mcp_modes",
+]
+REQUIRED_MCP_MODES = {"none", "sourcegraph_full"}
+
+# Global env needed for MCP-enabled runs in this rollout.
+GLOBAL_REQUIRED_ENVS = ["SOURCEGRAPH_ACCESS_TOKEN"]
+
+# Harness-specific auth env guards. If optional marker files are present, auth can be file-backed.
+HARNESS_REQUIRED_ENVS: dict[str, list[str]] = {
+    "codex": ["OPENAI_API_KEY", "CODEX_API_KEY"],
+    "gemini": ["GEMINI_API_KEY", "GOOGLE_API_KEY"],
+}
+
+HARNESS_AUTH_MARKER_FILES: dict[str, list[Path]] = {
+    "codex": [Path.home() / ".codex" / "auth.json"],
+}
+
+
+@dataclass
+class CheckResult:
+    ok: bool
+    errors: list[str]
+    warnings: list[str]
+    checked_harnesses: list[str]
+
+
+def _load_registry(path: Path) -> tuple[dict[str, Any] | None, list[str]]:
+    errors: list[str] = []
+    if not path.is_file():
+        return None, [f"Registry file not found: {path}"]
+
+    try:
+        data = json.loads(path.read_text())
+    except (json.JSONDecodeError, OSError) as exc:
+        return None, [f"Failed to parse registry JSON: {exc}"]
+
+    if not isinstance(data, dict):
+        errors.append("Registry root must be a JSON object keyed by harness id")
+        return None, errors
+
+    return data, errors
+
+
+def _validate_registry_structure(
+    registry: dict[str, Any],
+    selected_harnesses: list[str],
+) -> tuple[list[str], list[str]]:
+    errors: list[str] = []
+    warnings: list[str] = []
+
+    missing_harnesses = sorted(set(REQUIRED_HARNESSES) - set(registry.keys()))
+    if missing_harnesses:
+        errors.append(
+            "Registry missing required harness entries: " + ", ".join(missing_harnesses)
+        )
+
+    for harness in selected_harnesses:
+        entry = registry.get(harness)
+        if entry is None:
+            errors.append(f"Harness '{harness}' not found in registry")
+            continue
+
+        if not isinstance(entry, dict):
+            errors.append(f"Harness '{harness}' entry must be an object")
+            continue
+
+        for key in REQUIRED_ENTRY_KEYS:
+            if key not in entry:
+                errors.append(f"Harness '{harness}' missing required field '{key}'")
+
+        if not isinstance(entry.get("harness_name"), str):
+            errors.append(f"Harness '{harness}' field 'harness_name' must be a string")
+        elif entry["harness_name"] != harness:
+            errors.append(
+                f"Harness '{harness}' has harness_name='{entry['harness_name']}' (must match key)"
+            )
+
+        if not isinstance(entry.get("agent_import_path"), str):
+            errors.append(f"Harness '{harness}' field 'agent_import_path' must be a string")
+
+        if not isinstance(entry.get("default_model"), str):
+            errors.append(f"Harness '{harness}' field 'default_model' must be a string")
+
+        mcp_modes = entry.get("allowed_mcp_modes")
+        if not isinstance(mcp_modes, list) or not all(
+            isinstance(mode, str) for mode in mcp_modes
+        ):
+            errors.append(
+                f"Harness '{harness}' field 'allowed_mcp_modes' must be a list of strings"
+            )
+        elif set(mcp_modes) != REQUIRED_MCP_MODES:
+            errors.append(
+                f"Harness '{harness}' allowed_mcp_modes must be exactly "
+                f"{sorted(REQUIRED_MCP_MODES)}"
+            )
+
+        unknown_keys = sorted(set(entry.keys()) - set(REQUIRED_ENTRY_KEYS))
+        if unknown_keys:
+            warnings.append(
+                f"Harness '{harness}' has extra keys (allowed but ignored): "
+                + ", ".join(unknown_keys)
+            )
+
+    return errors, warnings
+
+
+def _has_auth_marker(harness: str) -> bool:
+    markers = HARNESS_AUTH_MARKER_FILES.get(harness, [])
+    return any(marker.exists() for marker in markers)
+
+
+def _validate_env(selected_harnesses: list[str]) -> tuple[list[str], list[str]]:
+    errors: list[str] = []
+    warnings: list[str] = []
+
+    for env_var in GLOBAL_REQUIRED_ENVS:
+        if not os.environ.get(env_var):
+            errors.append(f"Missing required env var: {env_var}")
+
+    for harness in selected_harnesses:
+        any_of_envs = HARNESS_REQUIRED_ENVS.get(harness)
+        if not any_of_envs:
+            continue
+
+        if _has_auth_marker(harness):
+            warnings.append(
+                f"Harness '{harness}' auth marker file found; skipping strict env auth check"
+            )
+            continue
+
+        if not any(os.environ.get(env_var) for env_var in any_of_envs):
+            errors.append(
+                f"Harness '{harness}' requires one of env vars: {', '.join(any_of_envs)}"
+            )
+
+    return errors, warnings
+
+
+def evaluate_readiness(registry_path: Path, harness: str | None) -> CheckResult:
+    selected_harnesses = [harness] if harness else REQUIRED_HARNESSES
+
+    registry, load_errors = _load_registry(registry_path)
+    errors = list(load_errors)
+    warnings: list[str] = []
+
+    if registry is not None:
+        structure_errors, structure_warnings = _validate_registry_structure(
+            registry,
+            selected_harnesses,
+        )
+        errors.extend(structure_errors)
+        warnings.extend(structure_warnings)
+
+    env_errors, env_warnings = _validate_env(selected_harnesses)
+    errors.extend(env_errors)
+    warnings.extend(env_warnings)
+
+    return CheckResult(
+        ok=not errors,
+        errors=errors,
+        warnings=warnings,
+        checked_harnesses=selected_harnesses,
+    )
+
+
+def _build_parser() -> argparse.ArgumentParser:
+    parser = argparse.ArgumentParser(
+        description="Validate harness registry and environment readiness before runs.",
+    )
+    parser.add_argument(
+        "--registry",
+        default=str(DEFAULT_REGISTRY),
+        help=f"Path to harness registry JSON (default: {DEFAULT_REGISTRY})",
+    )
+    parser.add_argument(
+        "--harness",
+        choices=REQUIRED_HARNESSES,
+        help="Validate a single harness instead of all harnesses",
+    )
+    parser.add_argument(
+        "--format",
+        choices=("text", "json"),
+        default="text",
+        help="Output format (default: text)",
+    )
+    return parser
+
+
+def main() -> int:
+    parser = _build_parser()
+    args = parser.parse_args()
+
+    result = evaluate_readiness(Path(args.registry), args.harness)
+
+    if args.format == "json":
+        print(
+            json.dumps(
+                {
+                    "ok": result.ok,
+                    "checked_harnesses": result.checked_harnesses,
+                    "errors": result.errors,
+                    "warnings": result.warnings,
+                },
+                indent=2,
+            )
+        )
+    else:
+        print(f"Harness readiness: {'OK' if result.ok else 'FAILED'}")
+        print("Checked harnesses: " + ", ".join(result.checked_harnesses))
+        if result.errors:
+            print("Errors:")
+            for err in result.errors:
+                print(f"  - {err}")
+        if result.warnings:
+            print("Warnings:")
+            for warn in result.warnings:
+                print(f"  - {warn}")
+
+    return 0 if result.ok else 2
+
+
+if __name__ == "__main__":
+    raise SystemExit(main())