Implement ops-hub bootstrap compatibility

This commit is contained in:
2026-06-27 13:04:54 +02:00
parent 1e87adbcbb
commit c532ad8731
21 changed files with 1330 additions and 402 deletions

View File

@@ -4,12 +4,14 @@
Core Hub must preserve the Inter-Hub API surfaces that existing consumers rely on until each consumer has moved to a new explicit Core Hub contract.
## Initial Compatibility Surface
## Current Compatibility Semantics
Public/read surfaces:
The active ops-hub gate expects unauthenticated `GET /api/v2/hubs` to return `401`, not `404` or public data. Core Hub therefore treats hub registry and bootstrap resources as protected, while keeping static catalogs and API documentation public.
The OpenAPI document served at `/api/v2/openapi.json` includes both FastAPI-native `/api/v2/...` paths and Inter-Hub-compatible unprefixed aliases such as `/hubs`, `/hub-capability-manifests`, `/api-consumers`, and `/policy-scopes`.
## Public Catalog/Documentation Surfaces
- `GET /api/v2/hubs`
- `GET /api/v2/hub-capability-manifests`
- `GET /api/v2/widget-types`
- `GET /api/v2/event-types`
- `GET /api/v2/annotation-categories`
@@ -18,31 +20,38 @@ Public/read surfaces:
- `GET /api/v2/openapi.yaml`
- `GET /api/v2/docs`
Protected/write or authenticated surfaces:
## Protected Bootstrap Surfaces
- `GET /api/v2/hubs`
- `POST /api/v2/hubs`
- `GET /api/v2/hub-capability-manifests`
- `POST /api/v2/hub-capability-manifests`
- `PATCH /api/v2/hub-capability-manifests/{manifest_id}`
- `POST /api/v2/hub-capability-manifests/{manifest_id}/activate`
- `GET /api/v2/api-consumers`
- `POST /api/v2/api-consumers`
- `POST /api/v2/api-consumers/{consumer_id}/api-keys`
- `GET /api/v2/widgets`
- `POST /api/v2/widgets`
- `GET /api/v2/interaction-events`
- `POST /api/v2/interaction-events`
- `GET /api/v2/hub-registry`
- `POST /api/v2/token`
- `/api/v2/api-consumers`
- `/api/v2/widgets`
- `/api/v2/interaction-events`
Deferred protected surfaces currently return empty compatibility collections:
- `/api/v2/annotations`
- `/api/v2/requirement-candidates`
- `/api/v2/decision-records`
- `/api/v2/deployment-records`
- `/api/v2/outcome-signals`
- `/api/v2/hub-registry`
Potentially preserved SDK endpoints:
- `/api/v2/sdk`
- `/api/v2/sdk/ihf-client.ts`
- `/api/v2/sdk/ihf-client.py`
## Known Consumers
- `ops-hub` bootstrap and Inter-Hub gate probes
- `activity-core` optional Inter-Hub sink
- Custodian workplans and operator smokes
- Downstream docs or probes that check the public hub registry
- Downstream docs or probes that check the hub registry
## Acceptance Standard
@@ -54,6 +63,14 @@ A route is compatible when:
- error shape is documented;
- at least one consumer smoke passes against Core Hub.
## Current Evidence
2026-06-27 local evidence:
- `ops-hub/scripts/interhub-gate-probe.py --base http://127.0.0.1:8017` passed.
- `ops-hub/scripts/ops-hub-bootstrap-api.py` passed against local Core Hub with a throwaway operator token.
- The bootstrap created an ops-hub record, activated manifest, API consumer, runtime API key, 14 widgets, and one `ops-endpoint-verified` event.
## Transition Rule
Do not remove an Inter-Hub-compatible route until every known consumer either passes against the new Core Hub-native route or has a recorded cancellation decision.

View File

@@ -1,15 +1,13 @@
# Inter-Hub Legacy Inventory
Status: initial inventory for Core Hub compatibility work.
Status: initial inventory plus local ops-hub compatibility evidence.
## Production Role
`inter-hub` is the Haskell/IHP implementation that currently represents the second-generation interaction framework idea. Core Hub should preserve consumer-visible behavior before retiring it.
## Public API v2 Routes To Preserve
## Catalog And Documentation Routes
- `GET /api/v2/hubs`
- `GET /api/v2/hub-capability-manifests`
- `GET /api/v2/widget-types`
- `GET /api/v2/event-types`
- `GET /api/v2/annotation-categories`
@@ -20,22 +18,35 @@ Status: initial inventory for Core Hub compatibility work.
## Protected API v2 Routes To Preserve
- `GET /api/v2/hubs`
- `POST /api/v2/hubs`
- `GET /api/v2/hub-capability-manifests`
- `POST /api/v2/hub-capability-manifests`
- `PATCH /api/v2/hub-capability-manifests/{manifest_id}`
- `POST /api/v2/hub-capability-manifests/{manifest_id}/activate`
- `GET /api/v2/api-consumers`
- `POST /api/v2/api-consumers`
- `POST /api/v2/api-consumers/{consumer_id}/api-keys`
- `GET /api/v2/widgets`
- `POST /api/v2/widgets`
- `GET /api/v2/interaction-events`
- `POST /api/v2/interaction-events`
- `GET /api/v2/hub-registry`
- `POST /api/v2/token`
- `/api/v2/api-consumers`
- `/api/v2/widgets`
- `/api/v2/interaction-events`
Deferred protected surfaces:
- `/api/v2/annotations`
- `/api/v2/requirement-candidates`
- `/api/v2/decision-records`
- `/api/v2/deployment-records`
- `/api/v2/outcome-signals`
- `/api/v2/hub-registry`
## Current Consumers
- `ops-hub` bootstrap and gate probes use hub, manifest, API consumer, widget, interaction-event, token, and hub-registry surfaces.
- `ops-hub` bootstrap and gate probes use hub, manifest, API consumer, API key, widget, interaction-event, token, and hub-registry surfaces.
- `activity-core` can emit through an Inter-Hub sink but has a State Hub fallback during transition.
- Custodian workplans and operator smokes depend on public route evidence and protected smoke evidence.
- Custodian workplans and operator smokes depend on route evidence and protected smoke evidence.
## Data Sources For Migration
@@ -43,6 +54,14 @@ Status: initial inventory for Core Hub compatibility work.
- API consumer and key-prefix rows, with raw keys treated as non-recoverable.
- Hub manifests, widgets, registries, event rows, annotations, decisions, deployments, outcomes, and request logs where historically useful.
## Compatibility Risk
## Local Compatibility Evidence
The first Core Hub implementation preserves route presence and auth-before-business behavior with seed data. Full compatibility still requires fixture capture from legacy Inter-Hub and consumer smokes against ops-hub and activity-core.
2026-06-27:
- Core Hub local API started with `CORE_HUB_AUTO_CREATE_TABLES=1` and SQLite smoke DB.
- `ops-hub/scripts/interhub-gate-probe.py` passed: unauthenticated `/api/v2/hubs` returned `401`, `/api/v2/openapi.json` returned `200`, and required unprefixed OpenAPI paths were present.
- `ops-hub/scripts/ops-hub-bootstrap-api.py` passed: created ops-hub, activated manifest, API consumer, runtime key, 14 widgets, and the initial Gitea readiness interaction event.
## Remaining Compatibility Risk
Local Core Hub compatibility is proven for the ops-hub bootstrap script. Production closure still requires deployment, approved credential custody, and a smoke against the deployed Core Hub endpoint.