Skip to content

Create Typefully drafts from DataOps Assistant jobs #77

Description

@alexeygrigorev

Create Typefully drafts from DataOps Assistant jobs

Status: pending
Tags: enhancement, assistant, backend, frontend, infra, P1
Depends on: None
Blocks: None

Scope

Add a Typefully integration that lets the DataOps Assistant create saved Typefully draft posts from assistant-generated social copy while keeping publishing under human control.

The implementation should live in the DataOps repo only. Expected touched surfaces are the work-engine/ assistant-job API and runner flow, the assistant queue/operator UI if a new action or status is needed, and the deployed stack/runtime-secret configuration needed by the private work-engine Lambda.

Official Typefully API facts to design against, from https://typefully.com/docs/api:

  • Production API base URL is https://api.typefully.com and the public API uses bearer-token authentication.
  • The current authenticated user can be checked with GET /v2/me; accessible social accounts are returned by GET /v2/social-sets.
  • Draft creation is POST /v2/social-sets/{social_set_id}/drafts and requires platforms in the request body.
  • Draft content is platform-scoped, for example platforms.x.posts[].text or platforms.linkedin.posts[].text; enabled platforms require enabled: true and posts.
  • draft_title, scratchpad_text, existing tag slugs, and share are optional draft metadata. share creates a public share URL when true, so default DataOps behavior should keep it false unless explicitly configured.
  • publish_at controls publishing or scheduling: now, next-free-slot, or an ISO 8601 datetime. To create a saved draft only, DataOps must omit publish_at.
  • The create response includes the Typefully draft id, status, private_url, optional share_url, platform content, and scheduled/published fields.

Product behavior:

  • A DataOps operator can request a Typefully draft from an assistant job tied to a task or workflow bundle.
  • The assistant/job output remains reviewable in DataOps before the external Typefully write happens.
  • The Typefully write creates a saved draft only. It must not publish immediately, schedule, queue to the next free slot, or expose any direct-publish control.
  • After a successful Typefully draft creation, DataOps stores an artifact or equivalent proof record linked to the originating assistant job and task/bundle. The record should include safe identifiers and URLs such as Typefully draft id, social set id, status, private_url, platform names, and preview/title, but never the API token or raw auth headers.
  • Typefully API failures should leave the assistant job in a recoverable failed/retry state with a redacted, operator-readable error summary.
  • Local/test mode must be able to exercise the flow with a fake Typefully client or mock HTTP layer and no real Typefully token.

Auth and secrets:

  • Typefully API credentials must come from managed config only: AWS Secrets Manager/SAM parameters for deployed runtime and documented local development environment variables for local runs.
  • Do not hardcode tokens, social-set ids, or account-specific credentials in source, tests, issue comments, logs, artifacts, or assistant metadata.
  • If the deployed stack needs a Typefully token secret name or work-engine permission to read it, add it to the SAM/CloudFormation template instead of relying on unmanaged production setup.
  • Treat real Typefully account selection, real token provisioning, and real external draft creation as [HUMAN] checks.

Acceptance Criteria

  • The assistant-job flow exposes an authenticated API path for creating a Typefully draft from approved/reviewed assistant output associated with a task or bundle.
  • The Typefully request builder sends POST /v2/social-sets/{social_set_id}/drafts with bearer auth, valid platforms content, and no publish_at field for the default saved-draft path.
  • The implementation rejects or ignores any attempt from DataOps UI/API input to use publish_at: "now", publish_at: "next-free-slot", or a scheduled datetime in this issue's flow.
  • Successful draft creation stores a linked DataOps artifact/proof with the Typefully draft id, social set id, status, private URL, platform list, title/preview, originating assistant job id, and task/bundle context.
  • No Typefully API token, bearer header, secret name value, signed URL, or raw credential can appear in assistant job metadata, events, artifacts, UI output, test snapshots, or logs.
  • Missing credentials, missing social set configuration, Typefully 401/403/422/429 responses, and network failures produce redacted failed/retryable assistant-job states with useful operator messages.
  • Local dry-run/mock verification covers successful draft creation without a real Typefully account or external write.
  • The operator UI, if changed, shows the Typefully draft proof/link and keeps review/approval semantics clear before any external write action.
  • Infrastructure/config changes document the required local env vars and deployed secret/SAM parameter names, and grant only the minimum runtime secret-read permission needed.
  • [HUMAN] A DataOps operator provisions or confirms the real Typefully API token and target social set outside the repo.
  • [HUMAN] A DataOps operator runs one real Typefully saved-draft creation and verifies in Typefully that the result is a draft, not scheduled and not published.

Test Scenarios

Scenario: Saved draft request

Given: an approved assistant output with social copy for X or LinkedIn and a configured fake Typefully social set
When: the operator/API triggers Typefully draft creation
Then: DataOps sends a create-draft request without publish_at, receives a fake Typefully draft response, and records a linked proof artifact with the private Typefully URL.

Scenario: Publishing controls are blocked

Given: a Typefully draft request payload attempts to include publish_at as now, next-free-slot, or a future datetime
When: the API validates the request
Then: the request is rejected before any Typefully client call, and no assistant job event or artifact contains a publish/schedule claim.

Scenario: Credential or API failure

Given: Typefully credentials are missing or the fake client returns 401, 403, 422, 429, or a network error
When: the assistant job attempts Typefully draft creation
Then: the job is marked failed or retryable according to the existing assistant-job lifecycle, the error is redacted, and no secret-like value is persisted.

Scenario: Operator review visibility

Given: a Typefully draft proof artifact has been created for a task or bundle
When: the operator opens the assistant queue, assistant job detail, and linked workflow/task view
Then: the operator can see the Typefully draft status/link and the originating context without seeing credentials.

Scenario: Real Typefully verification

Given: a human has provisioned a real Typefully API token and selected a real social set
When: a DataOps operator creates one test draft through the integration
Then: [HUMAN] the operator confirms in Typefully that it exists as a saved draft only and records the result on the issue.

Out of Scope

  • Publishing, scheduling, queueing to next-free-slot, or changing Typefully queue schedules.
  • Typefully webhook ingestion, analytics import, comments, media upload, tag management UI, or account-management UI.
  • Creating or modifying source repos outside dataops, including ../dtc-operations, ../datatasks, or ../podcast-assistant.
  • Automating real Typefully account/token provisioning.
  • Closing the issue solely from automated tests if [HUMAN] verification remains outstanding.

Dependencies

  • The target Typefully account must provide an API token with enough access to create drafts and a known target social_set_id for the desired account/team.
  • If the real token is only available in production, the Software Engineer and Tester should use mocked/local verification and leave the issue open with the human label after agent-verifiable checks pass.
  • Required verification should include focused work-engine assistant-job tests, TypeScript typecheck, build if Lambda packaging or env handling changes, focused Playwright coverage for any changed assistant UI, and SAM/CloudFormation validation for infrastructure changes.

Metadata

Metadata

Assignees

No one assigned

    Labels

    P1ImportantassistantAssistant modules and jobsbackendBackend/APIenhancementNew or improved functionalityfrontendFrontend UIhumanCode done or issue blocked on human verificationinfraDeployment and infrastructure

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions