Auset Brain

2026-04-18

6 min read

2026-04-18 — Brain Goes Live (the all-nighter)

Long session. Started late April 17 UTC, ran through April 18. Ended with brain-dev.quiknation.com actually serving queries end-to-end.

What shipped

Brain infrastructure (the headline)

  • PR #50 merged to develop (brain MVP: brain_memories, brain_query_log, brain_memories_daily_usage, pgvector + RLS scaffolding)
  • PR #52 open (real-Neon integration tests from Prompt 07 layered onto hardening branch — close-but-not-merged; has the OpenAI→OpenRouter retry+fallback code the deployed image lacks)
  • PR #54 merged — brain-api bundle (backend/src/brain-api-server.ts, Dockerfile, GH Actions OIDC deploy workflow, task definitions, brain_tenants hierarchy migration from Prompt 16)
  • Deployed: brain-api-dev ECS service in quik-nation-dev cluster, us-east-1
    • 2 Fargate tasks (0.5 vCPU / 1 GB), image 727646498347.dkr.ecr.us-east-1.amazonaws.com/brain-api:latest
    • ALB brain-api-dev-alb on HTTPS :443, ACM cert (CN=brain.quiknation.com, SAN brain-dev.quiknation.com)
    • Task role brain-api-task-role (SSM + KMS + CloudWatch write)
    • ecsTaskExecutionRole extended with AmazonSSMReadOnlyAccess
    • GitHubActions-AusetPlatform OIDC role extended with ECR+ECS+iam:PassRole
    • CloudWatch logs /ecs/brain-api-dev, 30-day retention
  • DNS: brain-dev.quiknation.com + brain.quiknation.com CNAMEs on Cloudflare → ALB, proxy OFF
  • Platform Neon DB (aged-sun-91521621, develop branch br-dry-frog-amoz2zoz):
    • CREATE EXTENSION vector applied
    • 2 brain migrations applied (MVP + tenants hierarchy)
    • 6 brain tables live, FORCE RLS deferred (old RLS policies not applied because PR #52 not merged yet)
    • brain_tenants seeded: platform + 12 Herus
  • Tenant keys:
    • /quik-nation/<heru>/CLARA_BRAIN_API_KEY — 12 per-Heru keys in SSM
    • /quik-nation/shared/CLARA_API_KEYS_JSON — consolidated map (12 entries)
    • /quik-nation/shared/OPENAI_API_KEY — placeholder (billing issue on Mo’s OpenAI account — real key archived at OPENAI_API_KEY_ARCHIVED)
    • /quik-nation/shared/OPENROUTER_API_KEY — confirmed working, is the live embedding path
    • /quik-nation/shared/CLOUDFLARE_API_TOKEN — used for DNS + ACM validation
  • Smoke tests passing:
    • /healthz returns 200 with {service:"brain-api", brain_enabled:true, version:"1.0.0"}
    • Bogus bearer → 401 INVALID_API_KEY
    • No auth → 401 UNAUTHORIZED
    • WCR key → 200 with {results:[], query_ms:1081, embedding_ms:383, retrieval_ms:44, cost_usd:4e-8} (empty only because ingest paused)

Vault ingest (paused for Mo’s meeting)

  • Started ~12:56 UTC via Docker (python:3.12-slim with requirements-brain.txt + OPENAI_BASE_URL=https://openrouter.ai/api/v1)
  • Mid-run: 441 rows committed to brain_memories under tenant_id='platform'
  • Cleanly paused when Mo had to step away — container stopped, brain_memories_ingest_log row marked status='paused'
  • Incremental mode keyed on SHA256 content hashes — resume will skip the 441 done files and continue with remaining ~600

12 Heru onboarding PRs opened tonight

WCR #54, QN #13, QCR #20, FMO #84, Clara Code #36 (tenant-slug bug fixed in comment), Clara Agents #60 (merged), Site962 #186, TrackIt #3, KLS-v2 #1, QuikCarry #3, PGCMC #2, Seeking Talent #7. All currently wired to the wrong URL (api.claracode.ai/api/memory/query from my earlier spec) — needs batch sed to https://brain-dev.quiknation.com/query before any Heru can actually query the brain.

Fresh boilerplate pushes

  • kingluxuryservices-v2, trackit, new-pgcmc-website-and-app — all three nuked to fresh boilerplate mirrors. Stripped GLB / tar.gz / MP4 bloat to get push size down. Only main + develop branches on each, both at identical fresh commits.

Architectural decisions locked (written to vault + memory)

  • decision-platform-architecture-boilerplate-is-the-platform — Boilerplate IS the platform. Frontend → admin.quiknation.com (command center, to be extracted from quiknation repo). Backend → brain.quiknation.com. QN is just another Heru. Quik Nation Inc. (company) ≠ QN (the marketing site Heru).
  • decision-brain-lives-at-brainquiknationcom — Brain API canonical endpoint. Platform infrastructure under corporate domain.
  • decision-clara-code-hosted-brain-offering — Clara Code subscribers can go solo, BUT hosted brain is the PUSH (same model as Anthropic hosting Claude conversations). Earlier “solo-only” framing was wrong.
  • feedback-no-legacy-branches-on-fresh-repos — STRIKE-WORTHY. Never create legacy/pre-reset-* branches on pre-build or explicitly-fresh repos. Mo’s rebuild pattern = new clean repo + old repo untouched. I violated this once tonight (created legacy/pre-reset-2026-04-18 on KLS-v2), Mo caught it, rule locked.

Tenant hierarchy model agreed:

platform (root, tenant_type=platform)
├── 85+ platform agents (Granville, Mary, Maya, etc.) — above any Heru
├── 12 Herus (WCR, QN, QCR, FMO, Clara Code, ClaraAgents, Site962, TrackIt, KLS, QuikCarry, PGCMC, Seeking Talent)
│   └── each Heru has sub-agents as descendants
└── Future: Clara Code subscribers + Clara Agents consumer PAs as sibling subtrees

Prompts queued for next dispatch

All in prompts/2026/April/18/1-not-started/:

  • Prompt 14 — brain-api deploy (now done via PR #54 + tonight’s AWS CLI ops)
  • Prompt 15 — admin dashboard extraction (prematurely marked 3-completed by PR #54 but actually punted — EXTRACT_INVENTORY.md placeholder only; needs re-dispatch from quiknation repo’s Cursor tab)
  • Prompt 16 — brain_tenants hierarchy (done via PR #54)

Still queued for future sessions:

  • Prompt 08 — brain_query MCP + Skill (retrieval client) — needs build + npm publish
  • Prompt 09 — transcript-watcher daemon (tool-agnostic capture across Claude Code + Cursor + future tools)
  • Prompt 10 — /session-start queries brain + shrinks MEMORY.md to 150-line index (gated on 08)
  • Prompt 11 — round-trip tests, drift audit, weekly digest (gated on 08/09/10)
  • Prompt 13 — claraagents Sequelize config.json + SequelizeMeta baseline

Also un-filed: a separate prompt for the scheduled nightly vault-ingest GHA workflow (replacing tonight’s Docker one-shot).

Pending for next session (in order)

Immediate (10 min each after Mo’s back)

  1. Resume vault ingest — same docker one-liner. Skip-scans 441 done, continues with remaining ~600. ETA ~30-60 min.
  2. Batch-update 12 onboarding PRs — sed CLARA_BRAIN_URL=https://api.claracode.ai/api/memory/queryhttps://brain-dev.quiknation.com/query in each PR’s .claude/settings.json + .cursor/mcp.json. Covers all 12 repos in ~15 min.
  3. End-to-end smoke — pick 3 random Heru keys, fire queries against real ingested vault content.

After those

  1. Merge PR #52 (hardening: retry+fallback, FORCE RLS, real-Neon coverage tests) — once Prompt 07’s CI goes green.
  2. Restore OPENAI_API_KEY — after Mo sets up OpenAI billing, pull from OPENAI_API_KEY_ARCHIVED SSM back to OPENAI_API_KEY SSM, add back to task def secrets, force new deploy.
  3. Prod deploy — mirror of dev: brain-api-prod ECS service + own ALB + brain.quiknation.com CNAME cutover. Needs Mo’s Slack #maat-agents go-ahead.
  4. Re-dispatch Prompt 15 from the quiknation repo’s Cursor tab (admin extraction — previous agent couldn’t reach quiknation files from boilerplate clone).

Also pending

  • Cursor Agent CLI x64 bug ticket — I wrote the email body earlier, Mo has it ready to paste into hi@cursor.com + support@cursor.com. Check if he sent it.
  • Clara Code PR #36 — tenant slug bug still needs the CLARA_BRAIN_TENANT=qn=clara-code fix committed by an agent. I left the prompt in a comment.

What Mo corrected me on tonight

  • Don’t create legacy/* safety branches on pre-build repos. Trust him when he says “we’ve done nothing on it.” (Memory: feedback-no-legacy-branches-on-fresh-repos)
  • “BE AGILE — don’t spin on process. Pick best-guess fix + execute.” Applied repeatedly when I over-deliberated.
  • Dispatch, don’t estimate. Machine speed, not “weeks”.
  • Don’t hitch unrelated work onto scoped PRs (Figma purge got stapled onto the brain hardening PR #51 — closed that PR in favor of clean PR #52).
  • PGCMC is fresh too (I’d initially filtered it out because it had git activity — Mo’s clarification: live site is on GoDaddy, this repo is the rebuild).

Related notes / wikilinks

Graph View