coulomb/flex-auth
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Close ops-warden policy gate deployment
Some checks are pending
CI / Build and Test (push) Waiting to run
Details
CI / Lint (push) Waiting to run
Details

Browse Source
This commit is contained in:
Bernd Worsch
2026-06-30 00:52:56 +02:00
parent 8124367e1d
commit 339c35e876
3 changed files with 46 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
docs/ops-warden-policy-gate-handoff.md
View File

@@ -102,3 +102,13 @@ Production actor coverage now verifies agt-state-hub-bridge,
agt-codex-interhub-bootstrap, adm-example, atm-backup-daily, ttl_out_of_bounds,
unknown_actor_resource, and the iam:agt-state-hub-bridge subject path used by
WARDEN_POLICY_SUBJECT.
## FLEX-WP-0007 Closeout Update
On 2026-06-29 ops-warden reported the production policy-gate smoke as passed
against the deployed flex-auth runtime at `127.0.0.1:18090` from CoulombCore.
Non-secret evidence: allow decision `decision:032b096c433ad80c` for
`agt-state-hub-bridge`, deny reason `ttl_out_of_bounds` for an excessive TTL,
and backend `vault` for the scoped OpenBao signing path. The operator is
keeping `policy.enabled` off during build-stage/pre-testing; this is a maturity
posture decision, not a missing flex-auth artifact.