Architecture Overview
Sentinel is built as a multi-agent pipeline where each agent is a Cloudflare Durable Object communicating through Queues.
System Diagram
Section titled “System Diagram”┌─────────────────────────────────────────────────────────────────────────┐│ Cloudflare Workers ││ ││ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐ ││ │ Orchestrator │ │ Workers AI │ │ AI Gateway │ ││ │ (Hono API) │ │ (Inference) │ │ (Routing) │ ││ └──────────────┘ └──────────────┘ └──────────────┘ ││ ││ ┌─────────────────────── Agent Pipeline ───────────────────────────┐ ││ │ │ ││ │ LogTailer ──→ TestGen ──→ CodeTriage ──→ FixAgent ──→ GitHub PR │ ││ │ │ │ │ │ │ ││ │ ▼ ▼ ▼ ▼ │ ││ │ [errors- [triage- [fix-ready] [completed] │ ││ │ detected] ready] │ ││ │ │ ││ └───────────────────────────────────────────────────────────────────┘ ││ ││ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐ ││ │ D1 │ │ R2 │ │ Queues │ │ Sandbox │ ││ │ (SQLite) │ │ (Blobs) │ │ (5 + DLQ)│ │(Container)│ ││ └──────────┘ └──────────┘ └──────────┘ └──────────┘ │└─────────────────────────────────────────────────────────────────────────┘Design Principles
Section titled “Design Principles”Agents SDK Over Raw Durable Objects
Section titled “Agents SDK Over Raw Durable Objects”Sentinel uses the Cloudflare Agents SDK rather than raw Durable Objects. The SDK provides:
this.schedule()— schedule future work (polling intervals, retries)this.sql— embedded SQLite for fast agent-local statethis.setState()— reactive state managementAgentWorkflow— durable multi-step execution with exactly-once step semantics
Dual Storage Model
Section titled “Dual Storage Model”| Storage | Purpose | Latency |
|---|---|---|
Agent SQLite (this.sql) | Hot operational state (fingerprint cache, polling cursors) | Sub-millisecond |
| D1 | System of record (incidents, audit trail, configs) | ~5ms |
| R2 | Binary artifacts (test cases, patches, PR descriptions) | ~10ms |
The LogTailer maintains a fingerprint cache in agent-local SQLite for sub-millisecond dedup lookups. Authoritative records go to D1 for cross-agent queries.
Queue-Per-Stage
Section titled “Queue-Per-Stage”Each pipeline stage has its own queue with tuned batch sizes:
- Detection (
batch_size: 10) — high throughput error ingestion - Triage (
batch_size: 5) — moderate throughput for LLM analysis - Fix (
batch_size: 1) — serialized to prevent concurrent repo modifications - Completion (
batch_size: 10) — logging and status updates
All queues (except completed) have a dead-letter queue (sentinel-dlq) for failed messages.
Sandbox Isolation
Section titled “Sandbox Isolation”All untrusted code execution happens in Cloudflare Sandbox containers:
- Cloned Git repositories
- AI-generated test cases
- AI-generated code fixes
- Linting and regression checks
The Worker process never executes user code directly.
Technology Stack
Section titled “Technology Stack”| Concern | Choice |
|---|---|
| Runtime | Bun |
| Language | TypeScript 5.9+ (strict, ESM) |
| Agent framework | Cloudflare Agents SDK |
| Sandbox | @cloudflare/sandbox |
| HTTP API | Hono |
| Validation | Zod |
| LLM | Workers AI + AI Gateway |
| Database | D1 |
| Object storage | R2 |
| Messaging | Queues |
| IDs | ULID (lexicographically sortable) |