It takes declarative Maps (YAML) and produces a backend-neutral Intermediate Representation (Route). Guides then translate the IR into native execution artifacts: Kubernetes Jobs, CI configs, or local container scripts.
The key properties:
• Deterministic planning (no execution during compilation)
• Digest-pinned toolchains (Navigators)
• Immutable resource bundles (Backpacks)
• Planning/execution separation
• Backend neutrality (K8s first, others follow)
• Zero-trust emerges as architecture (no hidden behavior)
• Automatic Digital Provenance (ADP) falls out of determinism
OriGen does *not* run workflows. It compiles them.
The goal is to provide a stable planning layer above CI/CD, orchestrators, and container engines: one Map → many backends.
Documentation (Primer, Architecture, Zero-Trust, ADP): https://origen-hub.github.io/origen-core-public/
This release is documentation-only (v0.0.1). IR and schema prototypes are next. Early architectural feedback is welcome.
stanislavkim•2mo ago
So this is a DSL / templating engine? Maps describe workflow intent, not file templates. There’s no imperative logic and no rendering of config shapes. OriGen produces a structured IR (Route) that encodes steps, dependencies, toolchains, and resource bundles.
Is this an orchestrator or CI replacement? No. OriGen never executes workflows. It only emits artifacts for other systems to run. There is no controller, runner, agent, or scheduler.
Why release documentation first instead of code? Because the important invariants (IR, schemas, determinism rules, planning/execution split) need to be correct before code hardens assumptions. This release is to expose the model early and get architectural feedback.
How does it differ from Argo / Tekton / Airflow? Those assume a DAG already exists and then execute it. OriGen’s job is to create a deterministic DAG + toolchain bindings from declarative input. Think compiler front-end vs. runtime.
Is this like a Makefile? Some similarities (steps, dependencies), but the deeper model is different: deterministic planning, digest-pinned toolchains, immutable resource bundles, backend-neutral IR, separated execution boundary.
Why invent new terms (Map, Navigator, Backpack, Route, Compass)? Because existing terminology is fragmented across CI, orchestration, data pipelines, scientific workflows, publishing, etc. The vocabulary creates clear mental boundaries and a domain-agnostic abstraction.
How does “zero-trust becomes cheap” work? Not magic—structural. When toolchains are digest-pinned, resource bundles immutable, planning deterministic, and execution isolated, most of the verification burden disappears. The system avoids the conditions that normally make zero-trust expensive.
What is Automatic Digital Provenance (ADP)? Provenance derived mechanically from immutable toolchain definitions + deterministic planning + Git commit history. No scanners or instrumentation needed.
Is the project too ambitious? The core is intentionally small: a deterministic planner + IR compiler. All complexity is pushed to Guides (backend adapters), which are simple translators. There’s no runtime or distributed state.
What does the IR look like? A backend-neutral execution graph: steps, dependencies, toolchain refs, resource bundle refs, parameters, and modes. It explicitly encodes intent but not runtime strategy, so it’s portable.
Long-term goal? A standard way to define workflows that’s deterministic, reviewable, platform-independent, and provenance-safe. Existing systems would consume the IR rather than encode workflow semantics themselves.
stanislavkim•2mo ago