Skip to content

Instantly share code, notes, and snippets.

@harishkotra

harishkotra/openclaw_dev_teams.md

Created February 19, 2026 16:31
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save harishkotra/4d075a88e36f77f5ca6eb556ed1459b3 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save harishkotra/4d075a88e36f77f5ca6eb556ed1459b3 to your computer and use it in GitHub Desktop.
Download ZIP
OpenClaw Software Development Team of Agents
Raw
openclaw_dev_teams.md 
User (Discord)
        │
        ▼
Product Manager (Main Agent)
        │
        ├── Backend Agent
        ├── Frontend Agent
        ├── QA Agent
        └── DevOps Agent
                 │
                 ▼
           GitHub Repo
                 │
         ┌───────┴────────┐
         ▼                ▼
     Vercel Staging    Vercel Production
         │                │
   Staging DB         Production DB

Environment Strategy

You will maintain three environments:

Environment Purpose Branch Who Can Deploy DB
Local Development feature/* Backend / Frontend Local DB
Staging Testing dev DevOps Agent only Staging DB
Production Live users main DevOps Agent only Production DB

🔁 Safe Deployment Flow

flowchart TD
A[Feature Request] --> B[PM Agent]
B --> C[Backend + Frontend]
C --> D[Pull Request to dev]
D --> E[QA Testing on Staging]
E -->|Pass| F[Merge dev → main]
F --> G[Production Deploy]
E -->|Fail| C
Loading

GitHub Branch Model

Branch Purpose Protected?
main Production 🔒 Yes
dev Staging 🔒 Yes
feature/* Feature work No
hotfix/* Urgent fix Limited

Branch Protection Rules (CRITICAL)

main branch (Production)

  • ❌ No direct pushes
  • ❌ No force push
  • ✅ Requires PR
  • ✅ Requires QA approval
  • ✅ Requires CI passing
  • ✅ Requires DevOps approval

dev branch (Staging)

  • ❌ No direct push
  • ✅ Requires PR
  • ✅ CI must pass
  • ❌ Does NOT deploy to production

Vercel Environment Setup

You will configure:

Setting Staging Production
Project Same project Same project
Branch dev main
Auto-deploy Enabled Enabled
Environment Variables Staging set Production set
Database Staging DB Production DB

Environment Variables Separation

Backend Variables

Variable Staging Production
DATABASE_URL staging DB prod DB
JWT_SECRET staging secret prod secret
API_BASE_URL staging domain prod domain

Frontend Variables

Variable Staging Production
NEXT_PUBLIC_API_URL staging production

Access Control Matrix

This prevents agents from breaking things.

Platform PM Backend Frontend QA DevOps
GitHub Read
GitHub Write feature/*
Merge to dev
Merge to main
Vercel Deploy
Production DB ❌ (read-only only)
Staging DB Read

Token Isolation

Each agent must have isolated tokens.

DevOps Agent Only

  • VERCEL_TOKEN
  • GITHUB_ADMIN_TOKEN
  • Access to production environment variables

Backend Agent

  • GITHUB_WRITE_TOKEN (restricted to feature branches)
  • STAGING_DATABASE_URL
  • ❌ No access to production DB

Frontend Agent

  • GITHUB_WRITE_TOKEN
  • ❌ No DB access

QA Agent

  • GITHUB_READ_TOKEN
  • Staging URL access
  • ❌ No write access anywhere

Staging Testing Flow

Backend + Frontend → PR → dev branch
        ↓
Vercel auto-deploys staging
        ↓
QA tests staging URL
        ↓
If PASS → DevOps promotes to production

Deployment Promotion Strategy

DevOps must:

  1. Confirm QA PASS
  2. Confirm CI PASS
  3. Confirm staging URL health check
  4. Merge dev → main
  5. Monitor Vercel production build
  6. Validate production health endpoint
  7. Announce success

Rollback Strategy

If production breaks:

Scenario Action
Minor UI bug Rollback via Vercel previous deployment
API error Revert GitHub commit
DB migration issue Run rollback migration

DevOps must:

1. Identify last stable commit
2. Re-deploy previous version
3. Announce rollback

Full Lifecycle With Staging

User Request
     ↓
PM Breakdown
     ↓
Backend + Frontend
     ↓
PR to dev
     ↓
Staging Deploy
     ↓
QA Testing
     ↓
If PASS → DevOps
     ↓
Merge to main
     ↓
Production Deploy
     ↓
Health Check
     ↓
User Notification

OpenClaw Sub-Agent Structure

Depth Agent Can Spawn?
0 PM Yes
1 Backend Optional
1 Frontend Optional
1 QA No
1 DevOps No
2 Test workers Never

Set:

{
  "agents": {
    "defaults": {
      "subagents": {
        "maxSpawnDepth": 2,
        "maxChildrenPerAgent": 4,
        "maxConcurrent": 6
      }
    }
  }
}

Deployment Gate Conditions

Production deploy is allowed ONLY if:

Condition Required
QA PASS
CI PASS
No open critical bugs
Staging healthy
Branch protection valid

DevOps must verify ALL before production merge.

Automated Safety Checks

DevOps Agent must:

  • Call GitHub API:

    • Check open PRs
    • Check failing checks

  • Call Vercel API:

    • Confirm build status
    • Confirm deployment ready

  • Call health endpoint:

    • /api/health

Agent Communication Restrictions

Agents may NOT:

  • Modify main branch
  • Access production DB
  • Deploy without QA PASS
  • Override environment variables
  • Bypass PM task assignment

Only PM communicates final updates to user.

Repository Structure Recommendation

/frontend
/backend
/shared
/tests
/scripts
/vercel.json

Hard Safeguards

  1. Production DB never exposed to any agent.
  2. DevOps has read-only DB access (if needed).
  3. All deployments must go through GitHub.
  4. No direct Vercel CLI deployments.
  5. No agent has full admin GitHub rights except DevOps.

Optional Enterprise Enhancements

  • Canary deployment (Vercel preview split)
  • Feature flags
  • Migration review agent
  • Secrets scanner
  • Monitoring agent (error threshold watcher)
  • Scheduled backup validation

🏁 Production-Ready Checklist

Before Production Deploy:

  • ✅ Staging tested
  • ✅ Database migrations validated
  • ✅ No console errors
  • ✅ API latency acceptable
  • ✅ Security scan passed
  • ✅ Previous version available for rollback
  • ✅ Version tag created
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment