generated from coulomb/repo-seed
Implement ops-hub bootstrap compatibility
This commit is contained in:
@@ -4,12 +4,14 @@
|
||||
|
||||
Core Hub must preserve the Inter-Hub API surfaces that existing consumers rely on until each consumer has moved to a new explicit Core Hub contract.
|
||||
|
||||
## Initial Compatibility Surface
|
||||
## Current Compatibility Semantics
|
||||
|
||||
Public/read surfaces:
|
||||
The active ops-hub gate expects unauthenticated `GET /api/v2/hubs` to return `401`, not `404` or public data. Core Hub therefore treats hub registry and bootstrap resources as protected, while keeping static catalogs and API documentation public.
|
||||
|
||||
The OpenAPI document served at `/api/v2/openapi.json` includes both FastAPI-native `/api/v2/...` paths and Inter-Hub-compatible unprefixed aliases such as `/hubs`, `/hub-capability-manifests`, `/api-consumers`, and `/policy-scopes`.
|
||||
|
||||
## Public Catalog/Documentation Surfaces
|
||||
|
||||
- `GET /api/v2/hubs`
|
||||
- `GET /api/v2/hub-capability-manifests`
|
||||
- `GET /api/v2/widget-types`
|
||||
- `GET /api/v2/event-types`
|
||||
- `GET /api/v2/annotation-categories`
|
||||
@@ -18,31 +20,38 @@ Public/read surfaces:
|
||||
- `GET /api/v2/openapi.yaml`
|
||||
- `GET /api/v2/docs`
|
||||
|
||||
Protected/write or authenticated surfaces:
|
||||
## Protected Bootstrap Surfaces
|
||||
|
||||
- `GET /api/v2/hubs`
|
||||
- `POST /api/v2/hubs`
|
||||
- `GET /api/v2/hub-capability-manifests`
|
||||
- `POST /api/v2/hub-capability-manifests`
|
||||
- `PATCH /api/v2/hub-capability-manifests/{manifest_id}`
|
||||
- `POST /api/v2/hub-capability-manifests/{manifest_id}/activate`
|
||||
- `GET /api/v2/api-consumers`
|
||||
- `POST /api/v2/api-consumers`
|
||||
- `POST /api/v2/api-consumers/{consumer_id}/api-keys`
|
||||
- `GET /api/v2/widgets`
|
||||
- `POST /api/v2/widgets`
|
||||
- `GET /api/v2/interaction-events`
|
||||
- `POST /api/v2/interaction-events`
|
||||
- `GET /api/v2/hub-registry`
|
||||
- `POST /api/v2/token`
|
||||
- `/api/v2/api-consumers`
|
||||
- `/api/v2/widgets`
|
||||
- `/api/v2/interaction-events`
|
||||
|
||||
Deferred protected surfaces currently return empty compatibility collections:
|
||||
|
||||
- `/api/v2/annotations`
|
||||
- `/api/v2/requirement-candidates`
|
||||
- `/api/v2/decision-records`
|
||||
- `/api/v2/deployment-records`
|
||||
- `/api/v2/outcome-signals`
|
||||
- `/api/v2/hub-registry`
|
||||
|
||||
Potentially preserved SDK endpoints:
|
||||
|
||||
- `/api/v2/sdk`
|
||||
- `/api/v2/sdk/ihf-client.ts`
|
||||
- `/api/v2/sdk/ihf-client.py`
|
||||
|
||||
## Known Consumers
|
||||
|
||||
- `ops-hub` bootstrap and Inter-Hub gate probes
|
||||
- `activity-core` optional Inter-Hub sink
|
||||
- Custodian workplans and operator smokes
|
||||
- Downstream docs or probes that check the public hub registry
|
||||
- Downstream docs or probes that check the hub registry
|
||||
|
||||
## Acceptance Standard
|
||||
|
||||
@@ -54,6 +63,14 @@ A route is compatible when:
|
||||
- error shape is documented;
|
||||
- at least one consumer smoke passes against Core Hub.
|
||||
|
||||
## Current Evidence
|
||||
|
||||
2026-06-27 local evidence:
|
||||
|
||||
- `ops-hub/scripts/interhub-gate-probe.py --base http://127.0.0.1:8017` passed.
|
||||
- `ops-hub/scripts/ops-hub-bootstrap-api.py` passed against local Core Hub with a throwaway operator token.
|
||||
- The bootstrap created an ops-hub record, activated manifest, API consumer, runtime API key, 14 widgets, and one `ops-endpoint-verified` event.
|
||||
|
||||
## Transition Rule
|
||||
|
||||
Do not remove an Inter-Hub-compatible route until every known consumer either passes against the new Core Hub-native route or has a recorded cancellation decision.
|
||||
|
||||
@@ -1,15 +1,13 @@
|
||||
# Inter-Hub Legacy Inventory
|
||||
|
||||
Status: initial inventory for Core Hub compatibility work.
|
||||
Status: initial inventory plus local ops-hub compatibility evidence.
|
||||
|
||||
## Production Role
|
||||
|
||||
`inter-hub` is the Haskell/IHP implementation that currently represents the second-generation interaction framework idea. Core Hub should preserve consumer-visible behavior before retiring it.
|
||||
|
||||
## Public API v2 Routes To Preserve
|
||||
## Catalog And Documentation Routes
|
||||
|
||||
- `GET /api/v2/hubs`
|
||||
- `GET /api/v2/hub-capability-manifests`
|
||||
- `GET /api/v2/widget-types`
|
||||
- `GET /api/v2/event-types`
|
||||
- `GET /api/v2/annotation-categories`
|
||||
@@ -20,22 +18,35 @@ Status: initial inventory for Core Hub compatibility work.
|
||||
|
||||
## Protected API v2 Routes To Preserve
|
||||
|
||||
- `GET /api/v2/hubs`
|
||||
- `POST /api/v2/hubs`
|
||||
- `GET /api/v2/hub-capability-manifests`
|
||||
- `POST /api/v2/hub-capability-manifests`
|
||||
- `PATCH /api/v2/hub-capability-manifests/{manifest_id}`
|
||||
- `POST /api/v2/hub-capability-manifests/{manifest_id}/activate`
|
||||
- `GET /api/v2/api-consumers`
|
||||
- `POST /api/v2/api-consumers`
|
||||
- `POST /api/v2/api-consumers/{consumer_id}/api-keys`
|
||||
- `GET /api/v2/widgets`
|
||||
- `POST /api/v2/widgets`
|
||||
- `GET /api/v2/interaction-events`
|
||||
- `POST /api/v2/interaction-events`
|
||||
- `GET /api/v2/hub-registry`
|
||||
- `POST /api/v2/token`
|
||||
- `/api/v2/api-consumers`
|
||||
- `/api/v2/widgets`
|
||||
- `/api/v2/interaction-events`
|
||||
|
||||
Deferred protected surfaces:
|
||||
|
||||
- `/api/v2/annotations`
|
||||
- `/api/v2/requirement-candidates`
|
||||
- `/api/v2/decision-records`
|
||||
- `/api/v2/deployment-records`
|
||||
- `/api/v2/outcome-signals`
|
||||
- `/api/v2/hub-registry`
|
||||
|
||||
## Current Consumers
|
||||
|
||||
- `ops-hub` bootstrap and gate probes use hub, manifest, API consumer, widget, interaction-event, token, and hub-registry surfaces.
|
||||
- `ops-hub` bootstrap and gate probes use hub, manifest, API consumer, API key, widget, interaction-event, token, and hub-registry surfaces.
|
||||
- `activity-core` can emit through an Inter-Hub sink but has a State Hub fallback during transition.
|
||||
- Custodian workplans and operator smokes depend on public route evidence and protected smoke evidence.
|
||||
- Custodian workplans and operator smokes depend on route evidence and protected smoke evidence.
|
||||
|
||||
## Data Sources For Migration
|
||||
|
||||
@@ -43,6 +54,14 @@ Status: initial inventory for Core Hub compatibility work.
|
||||
- API consumer and key-prefix rows, with raw keys treated as non-recoverable.
|
||||
- Hub manifests, widgets, registries, event rows, annotations, decisions, deployments, outcomes, and request logs where historically useful.
|
||||
|
||||
## Compatibility Risk
|
||||
## Local Compatibility Evidence
|
||||
|
||||
The first Core Hub implementation preserves route presence and auth-before-business behavior with seed data. Full compatibility still requires fixture capture from legacy Inter-Hub and consumer smokes against ops-hub and activity-core.
|
||||
2026-06-27:
|
||||
|
||||
- Core Hub local API started with `CORE_HUB_AUTO_CREATE_TABLES=1` and SQLite smoke DB.
|
||||
- `ops-hub/scripts/interhub-gate-probe.py` passed: unauthenticated `/api/v2/hubs` returned `401`, `/api/v2/openapi.json` returned `200`, and required unprefixed OpenAPI paths were present.
|
||||
- `ops-hub/scripts/ops-hub-bootstrap-api.py` passed: created ops-hub, activated manifest, API consumer, runtime key, 14 widgets, and the initial Gitea readiness interaction event.
|
||||
|
||||
## Remaining Compatibility Risk
|
||||
|
||||
Local Core Hub compatibility is proven for the ops-hub bootstrap script. Production closure still requires deployment, approved credential custody, and a smoke against the deployed Core Hub endpoint.
|
||||
|
||||
Reference in New Issue
Block a user