Add Core Hub ops evidence sink

This commit is contained in:
2026-06-27 20:34:25 +02:00
parent 18fcce87fe
commit 30043348f0
3 changed files with 364 additions and 0 deletions

View File

@@ -0,0 +1,58 @@
---
id: ACTIVITY-WP-0017
type: workplan
title: "Core Hub ops evidence sink"
domain: infotech
repo: activity-core
status: finished
owner: codex
topic_slug: custodian
created: "2026-06-27"
updated: "2026-06-27"
state_hub_workstream_id: "2a073bf4-febf-433e-a721-5daf71760912"
---
# Core Hub ops evidence sink
## Goal
Provide the activity-core side of the Core Hub replacement evidence path for
`CORE-WP-0008-T03`, without depending on the legacy Haskell Inter-Hub sink and
without placing secret material in activity definitions, logs, State Hub, or
chat.
## Task: Add Core Hub interaction-event sink
```task
id: ACTIVITY-WP-0017-T01
status: done
priority: high
state_hub_task_id: "32aab1af-6be5-4b52-afa1-c11f52c65892"
```
Add a `core-hub-interaction-event` ops evidence sink that posts sanitized
ops-inventory probe evidence to Core Hub `/api/v2/interaction-events`, verifies
the created event is visible, and reports only non-secret ids/statuses.
Acceptance:
- runtime token is read through `CORE_HUB_RUNTIME_TOKEN_FILE` or a named
environment variable, never from workplan content;
- sink configuration accepts `CORE_HUB_BASE_URL` and a widget id or widget
mapping;
- emitted metadata reuses the existing compact/sanitized probe evidence path;
- missing Core Hub config skips cleanly with explicit non-secret missing keys;
- tests prove the POST/visibility check and secret non-disclosure.
Verification 2026-06-27: `tests/test_ops_evidence_sinks.py` passed, and
a disposable local Core Hub runtime accepted an activity-core
`core-hub-interaction-event` sink emission, then listed the created
`ops-endpoint-verified` event back through `/api/v2/interaction-events`.
The verification asserted sanitized metadata did not include response body,
authorization header, URL userinfo, or token query material.
Completed 2026-06-27: implemented the Core Hub interaction-event sink in
`activity_core.ops_evidence_sinks` with unit coverage for POST/visibility
verification, missing config behavior, and secret non-disclosure. This provides
the direct Core Hub consumer path needed by `CORE-WP-0008-T03`; deployed use
still requires an approved Core Hub runtime token and widget id/mapping.