Pipeline registration¶
A pipeline is a deterministic, multi-step control flow written in the
pipeline DSL (a directory of YAML documents). Once registered, an agent can
launch it by name with run_pipeline (or the catalog verb pipeline__<name>),
and one pipeline can call another by name.
Pipelines are registered from disk: the operator drops DSL files into a scanned
directory and they are loaded, parsed, and registered when a session starts.
This mirrors how skills are registered — pipeline definition files are
operator-owned source (like skills/ and reyn.yaml), not runtime state,
so they live at the project root, not under .reyn/.
Adding a pipeline¶
- Create a
pipelines/directory at the project root (the default scan dir). - Drop one Appendix-B DSL document per
*.yamlfile into it. Each file declares its name with a top-levelpipeline:key:
# pipelines/hello.yaml
pipeline: hello
description: Minimal greeting pipeline.
steps:
- transform: {value: "'Hello, ' + ctx.name + '!'", output: greeting}
- Start (or restart) the session. The pipeline is now registered under its declared name and an agent can launch it:
or via the qualified catalog verb the action catalog surfaces:
No reyn.yaml entry is required — dropping a file in pipelines/ is enough.
The declared name is authoritative¶
A pipeline registers under the name in its pipeline: key, not its file
name. A file greet.yaml that declares pipeline: hello registers as hello.
The declared name is the identity a call (or match) step's pipeline:
target resolves against, so the file name is just a container — name your files
however you like.
Configuration¶
The scan directories are configurable. The default is ["pipelines"]
(project-root-relative):
Failure behavior — fail loud¶
Loading is strict, so a broken definition is never silently dropped:
| Condition | Behavior |
|---|---|
| Malformed DSL file | Session start fails, naming the offending file. |
Two files declaring the same pipeline: name |
Session start fails, naming the collision. |
| A configured scan dir that does not exist | Skipped (not an error) — add files later. |
No pipelines/ dir / no files |
No pipelines registered (empty registry). |
Security — launching a pipeline stays gated¶
Registering a pipeline does not loosen the capability floor. Launching a
pipeline (run_pipeline / run_pipeline_async / the inline launch verbs, and
their pipeline__* catalog forms) is on the same restricted floor as spawning a
sub-session or re-delegating: a pipeline step can itself write, execute, or
delegate, so a pipeline launch is a cost-bound multi-step dispatch.
As a result, a context narrowed by the _untrusted floor (untrusted external
content is live) or the _delegate floor (an unbound delegate under
delegation.capability_default=deny) cannot launch a pipeline, whether or
not one is registered. Loading a pipeline definition makes it available to
authorized agents; it never creates a bypass of those floors. See
Capability profiles and
Delegation policy.