Link OpenBao custody direction in INTENT and SCOPE

Add a platform secret custody section and machine-readable anchor in INTENT.md,
extend SCOPE discovery guidance, and point both to docs/OpenBaoIntroduction.md
without duplicating railiance-platform or net-kingdom operational detail.
This commit is contained in:
2026-06-19 20:13:11 +02:00
parent 9579848c45
commit 32c552809b
2 changed files with 42 additions and 0 deletions

View File

@@ -345,6 +345,33 @@ AI must not bypass the control plane. Agentic behavior must be observable, polic
6. **Reuse over accumulation.** The repository should grow by strengthening composable capabilities, not by collecting disconnected artifacts. 6. **Reuse over accumulation.** The repository should grow by strengthening composable capabilities, not by collecting disconnected artifacts.
7. **Evidence over assertion.** Runtime behavior, telemetry, tests, contracts, and validation reports should back claims of readiness. 7. **Evidence over assertion.** Runtime behavior, telemetry, tests, contracts, and validation reports should back claims of readiness.
8. **Environment matters.** Users, builders, investors, external systems, markets, and real-world problems are part of the viable system boundary. 8. **Environment matters.** Users, builders, investors, external systems, markets, and real-world problems are part of the viable system boundary.
9. **Security from inception.** Secret custody, tenant isolation, and workload identity are architectural commitments, not production afterthoughts. Capabilities that handle sensitive material should declare path ownership, policy scope, and delivery boundaries early.
## 11.1 Platform secret custody (HelixForge × NetKingdom × Coulomb)
HelixForge does not operate OpenBao, but it **must model and govern** how
capabilities use secrets across a multi-tenant platform.
The direction:
* **OpenBao** is the platform secrets service (custody, policy, audit,
delivery) — deployed and operated through `railiance-platform`.
* **NetKingdom** owns the security architecture: identity (KeyCape), MFA,
tenant semantics, and the path/policy model that keeps secrets private to
their owners.
* **Coulomb** is tenant zero; HelixForge workplans and capabilities should
prove the pattern before customer tenants arrive.
Secret ownership is expressed through **KV path convention, identity claims,
and least-privilege policies** — not through confusing OpenBao login fields.
Humans sign in with KeyCape; **workloads** authenticate as themselves
(Kubernetes auth, scoped tokens).
Anchor document: [`docs/OpenBaoIntroduction.md`](docs/OpenBaoIntroduction.md)
Canonical deployment and operator detail remain in adjacent repos
(`railiance-platform/docs/openbao.md`,
`net-kingdom/docs/platform-identity-security-architecture.md`).
## 12\. Contribution intent ## 12\. Contribution intent
@@ -385,6 +412,7 @@ The following knowledge areas should be represented in the repository or linked
|Capability contracts|Defines interfaces, events, SLOs, ownership, and boundaries.| |Capability contracts|Defines interfaces, events, SLOs, ownership, and boundaries.|
|Validators|Turns architectural intent into executable checks.| |Validators|Turns architectural intent into executable checks.|
|Intelligence governance|Defines how automation, copilots, and agents are placed, governed, and audited.| |Intelligence governance|Defines how automation, copilots, and agents are placed, governed, and audited.|
|Platform secret custody|Defines how multi-tenant secret ownership, workload delivery, and operator custody align across HelixForge, NetKingdom, and Coulomb. See `docs/OpenBaoIntroduction.md`.|
## 14\. Definition of done ## 14\. Definition of done
@@ -470,6 +498,15 @@ intent:
- semantic\_validation - semantic\_validation
- governance\_for\_intelligence - governance\_for\_intelligence
- observability\_for\_runtime\_behavior - observability\_for\_runtime\_behavior
platform\_custody:
anchor: docs/OpenBaoIntroduction.md
custody\_service: openbao
identity\_plane: keycape
reference\_tenant: coulomb
intent: >
Secrets are private to their owners through path layout, identity
binding, and policy — from capability inception through production.
``` ```
## 16\. Source inputs for this intent file ## 16\. Source inputs for this intent file
@@ -479,6 +516,8 @@ This file was drafted from the following project inputs:
* **HelixForgeVision** — project vision statement provided for this repository. * **HelixForgeVision** — project vision statement provided for this repository.
* **OrthogonalArchitectureSchema** — Orthogonal Architecture Standard Schema v1.0.1 and semantic validation profile. * **OrthogonalArchitectureSchema** — Orthogonal Architecture Standard Schema v1.0.1 and semantic validation profile.
* **260525-schema-orthogonalArchitecture.xlsx** — current OAD and VSM controlled vocabulary workbook. * **260525-schema-orthogonalArchitecture.xlsx** — current OAD and VSM controlled vocabulary workbook.
* **docs/OpenBaoIntroduction.md** — platform secret custody anchor for the
HelixForge / NetKingdom / Coulomb direction.
When these materials are moved into the repository wiki, this file should be updated with stable wiki links. When these materials are moved into the repository wiki, this file should be updated with stable wiki links.

View File

@@ -55,6 +55,9 @@ and operating model. It is not yet an application implementation.
capability, service, platform, policy, automation, or intelligence elements. capability, service, platform, policy, automation, or intelligence elements.
- You are shaping an Inter-Hub extension pattern, such as the initial ops-hub - You are shaping an Inter-Hub extension pattern, such as the initial ops-hub
workplan. workplan.
- You need the HelixForge view of platform secret custody, multi-tenant secret
ownership, or OpenBao's role across NetKingdom and Coulomb. Start with
`docs/OpenBaoIntroduction.md`.
--- ---