-- ops-hub bootstrap fallback for Inter-Hub. -- -- Use only when authenticated UI bootstrap is not practical and a -- deployment-side migration/bootstrap is acceptable. -- -- This creates: -- - Hub row -- - Active HubCapabilityManifest -- - Owned type registry entries -- - ApiConsumer row -- - Seed widgets -- -- It intentionally does not create an ApiKey. Generate the key through the -- authenticated Inter-Hub UI so the full static key can be shown once and -- stored in the operator secret store. BEGIN; INSERT INTO hubs (slug, name, domain, hub_kind) VALUES ('ops-hub', 'Ops Hub', 'ops.coulomb.social', 'domain') ON CONFLICT (slug) DO UPDATE SET name = EXCLUDED.name, domain = EXCLUDED.domain, hub_kind = EXCLUDED.hub_kind; WITH hub AS ( SELECT id FROM hubs WHERE slug = 'ops-hub' ) INSERT INTO hub_capability_manifests ( hub_id, manifest_version, declared_widget_types, declared_event_types, declared_annotation_categories, declared_policy_scopes, capability_description, contact, status, activated_at ) SELECT hub.id, '1.0', '[ "ops-environment", "ops-host", "ops-cluster", "ops-service", "ops-service-catalog", "ops-endpoint", "ops-release", "ops-backup-set", "ops-secret-set", "ops-runbook", "ops-incident", "ops-readiness-gate", "ops-migration-wave", "ops-risk" ]'::jsonb, '[ "ops-inventory-registered", "ops-inventory-updated", "ops-service-discovered", "ops-health-checked", "ops-release-observed", "ops-endpoint-verified", "ops-backup-verified", "ops-restore-tested", "ops-runbook-executed", "ops-drift-detected", "ops-risk-raised", "ops-risk-accepted", "ops-readiness-gate-updated", "ops-migration-gate-passed", "ops-migration-gate-failed" ]'::jsonb, '[ "ops-drift", "ops-service-catalog-gap", "ops-backup-gap", "ops-security-gap", "ops-routing-gap", "ops-secret-gap", "ops-readiness-blocker", "ops-migration-risk", "ops-observability-gap", "ops-recovery-gap" ]'::jsonb, '[ "ops-local", "ops-transitional-prod", "ops-production", "ops-threephoenix", "ops-registry", "ops-secrets", "ops-backup-retention" ]'::jsonb, 'VSM Operations / System 1 hub for operational truth and evidence. Metadata: hub_family=vsm; vsm_function=OPS; vsm_system=S1; scope=operational truth, service catalog, readiness, incidents, runbooks, migration waves, and evidence events.', 'operator', 'active', NOW() FROM hub ON CONFLICT (hub_id) DO UPDATE SET manifest_version = EXCLUDED.manifest_version, declared_widget_types = EXCLUDED.declared_widget_types, declared_event_types = EXCLUDED.declared_event_types, declared_annotation_categories = EXCLUDED.declared_annotation_categories, declared_policy_scopes = EXCLUDED.declared_policy_scopes, capability_description = EXCLUDED.capability_description, contact = EXCLUDED.contact, status = EXCLUDED.status, activated_at = COALESCE(hub_capability_manifests.activated_at, NOW()), updated_at = NOW(); WITH hub AS ( SELECT id FROM hubs WHERE slug = 'ops-hub' ), names(name) AS ( VALUES ('ops-environment'), ('ops-host'), ('ops-cluster'), ('ops-service'), ('ops-service-catalog'), ('ops-endpoint'), ('ops-release'), ('ops-backup-set'), ('ops-secret-set'), ('ops-runbook'), ('ops-incident'), ('ops-readiness-gate'), ('ops-migration-wave'), ('ops-risk') ) INSERT INTO widget_type_registry (name, label, owner_hub_id, status) SELECT names.name, names.name, hub.id, 'active' FROM names CROSS JOIN hub ON CONFLICT (name) DO NOTHING; WITH hub AS ( SELECT id FROM hubs WHERE slug = 'ops-hub' ), names(name) AS ( VALUES ('ops-inventory-registered'), ('ops-inventory-updated'), ('ops-service-discovered'), ('ops-health-checked'), ('ops-release-observed'), ('ops-endpoint-verified'), ('ops-backup-verified'), ('ops-restore-tested'), ('ops-runbook-executed'), ('ops-drift-detected'), ('ops-risk-raised'), ('ops-risk-accepted'), ('ops-readiness-gate-updated'), ('ops-migration-gate-passed'), ('ops-migration-gate-failed') ) INSERT INTO event_type_registry (name, label, owner_hub_id, status) SELECT names.name, names.name, hub.id, 'active' FROM names CROSS JOIN hub ON CONFLICT (name) DO NOTHING; WITH hub AS ( SELECT id FROM hubs WHERE slug = 'ops-hub' ), names(name) AS ( VALUES ('ops-drift'), ('ops-service-catalog-gap'), ('ops-backup-gap'), ('ops-security-gap'), ('ops-routing-gap'), ('ops-secret-gap'), ('ops-readiness-blocker'), ('ops-migration-risk'), ('ops-observability-gap'), ('ops-recovery-gap') ) INSERT INTO annotation_category_registry (name, label, owner_hub_id, status) SELECT names.name, names.name, hub.id, 'active' FROM names CROSS JOIN hub ON CONFLICT (name) DO NOTHING; WITH hub AS ( SELECT id FROM hubs WHERE slug = 'ops-hub' ), names(name) AS ( VALUES ('ops-local'), ('ops-transitional-prod'), ('ops-production'), ('ops-threephoenix'), ('ops-registry'), ('ops-secrets'), ('ops-backup-retention') ) INSERT INTO policy_scope_registry (name, label, owner_hub_id, status) SELECT names.name, names.name, hub.id, 'active' FROM names CROSS JOIN hub ON CONFLICT (name) DO NOTHING; WITH manifest AS ( SELECT id FROM hub_capability_manifests WHERE hub_id = (SELECT id FROM hubs WHERE slug = 'ops-hub') ) INSERT INTO api_consumers ( name, description, hub_capability_manifest_id, rate_limit_per_minute, quota_per_day, is_active ) SELECT 'ops-hub', 'API consumer for the VSM Operations hub', manifest.id, 60, 10000, TRUE FROM manifest WHERE NOT EXISTS ( SELECT 1 FROM api_consumers WHERE name = 'ops-hub' ); WITH hub AS ( SELECT id FROM hubs WHERE slug = 'ops-hub' ), seed(name, widget_type, capability_ref, view_context, policy_scope) AS ( VALUES ('Local Environment', 'ops-environment', 'ops:environment:local', 'ops-hub/environments/local', 'ops-local'), ('CoulombCore Environment', 'ops-environment', 'ops:environment:coulombcore', 'ops-hub/environments/coulombcore', 'ops-transitional-prod'), ('Railiance01 Environment', 'ops-environment', 'ops:environment:railiance01', 'ops-hub/environments/railiance01', 'ops-threephoenix'), ('ThreePhoenix Production Environment', 'ops-environment', 'ops:environment:threephoenix-prod', 'ops-hub/environments/threephoenix-prod', 'ops-production'), ('CoulombCore Host', 'ops-host', 'ops:host:coulombcore', 'ops-hub/hosts/coulombcore', 'ops-transitional-prod'), ('Railiance01 Host', 'ops-host', 'ops:host:railiance01', 'ops-hub/hosts/railiance01', 'ops-threephoenix'), ('Operations Service Catalog', 'ops-service-catalog', 'ops:service-catalog', 'ops-hub/service-catalog', 'ops-production'), ('Gitea Service', 'ops-service', 'ops:service:gitea', 'ops-hub/services/gitea', 'ops-transitional-prod'), ('State Hub Service', 'ops-service', 'ops:service:state-hub', 'ops-hub/services/state-hub', 'ops-local'), ('Inter-Hub Service', 'ops-service', 'ops:service:inter-hub', 'ops-hub/services/inter-hub', 'ops-production'), ('Gitea Registry Endpoint', 'ops-endpoint', 'ops:endpoint:gitea-registry', 'ops-hub/endpoints/gitea-registry', 'ops-registry'), ('Gitea Registry Readiness', 'ops-readiness-gate', 'ops:readiness:gitea-registry', 'ops-hub/readiness/gitea-registry', 'ops-registry'), ('State Hub Cluster Deploy Readiness', 'ops-readiness-gate', 'ops:readiness:state-hub-cluster-deploy', 'ops-hub/readiness/state-hub-cluster-deploy', 'ops-production'), ('CoulombCore to ThreePhoenix Migration', 'ops-migration-wave', 'ops:migration:coulombcore-to-threephoenix', 'ops-hub/migrations/coulombcore-to-threephoenix', 'ops-threephoenix') ) INSERT INTO widgets ( hub_id, name, widget_type, capability_ref, view_context, policy_scope, status ) SELECT hub.id, seed.name, seed.widget_type, seed.capability_ref, seed.view_context, seed.policy_scope, 'active' FROM seed CROSS JOIN hub WHERE NOT EXISTS ( SELECT 1 FROM widgets WHERE hub_id = hub.id AND capability_ref = seed.capability_ref ); COMMIT;