coulomb/info-tech-canon
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add CARING Kubernetes RBAC benchmark

Browse Source
This commit is contained in:
Bernd Worsch
2026-05-23 06:53:30 +02:00
parent 3f510855ef
commit fb3ac750d5
32 changed files with 1688 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
workplans/ITC-WP-0010-caring-kubernetes-rbac-benchmark.md
View File

@@ -4,7 +4,7 @@ type: workplan
title: "CARING Kubernetes RBAC Benchmark"
domain: canon
repo: info-tech-canon
status: proposed
status: finished
priority: medium
created: "2026-05-23"
updated: "2026-05-23"
@@ -33,7 +33,7 @@ Governance, Security, Network, DevSecOps, Observability, Task, and Tagging.
```task
id: ITC-WP-0010-T01
status: todo
status: done
priority: high
state_hub_task_id: "9ad31e13-7dc2-469c-b539-d3375a16c5f4"
```
@@ -45,7 +45,7 @@ state_hub_task_id: "9ad31e13-7dc2-469c-b539-d3375a16c5f4"
```task
id: ITC-WP-0010-T02
status: todo
status: done
priority: high
state_hub_task_id: "180d7ccf-7daa-4f4c-a92a-641ef5d7b442"
```
@@ -58,7 +58,7 @@ state_hub_task_id: "180d7ccf-7daa-4f4c-a92a-641ef5d7b442"
```task
id: ITC-WP-0010-T03
status: todo
status: done
priority: high
state_hub_task_id: "4ffd6643-a7ab-487c-a09a-0fcaf0115c83"
```
@@ -71,7 +71,7 @@ state_hub_task_id: "4ffd6643-a7ab-487c-a09a-0fcaf0115c83"
```task
id: ITC-WP-0010-T04
status: todo
status: done
priority: medium
state_hub_task_id: "52632a4c-6e03-4212-ad6b-0cbb7b3a6e42"
```
@@ -84,3 +84,16 @@ state_hub_task_id: "52632a4c-6e03-4212-ad6b-0cbb7b3a6e42"
- Kubernetes RBAC is analyzed as a benchmark, not as a shortcut profile.
- CARING descriptor shape is tested with practical examples.
- Benchmark findings produce explicit canon change proposals.
## Implementation Notes
- Created `infospace/standards/caring/benchmarks/kubernetes-rbac/` as a
distinct benchmark workspace.
- Added benchmark workspace, native concept map, CARING mapping, descriptor
set, and findings/canon-pressure artifacts.
- Registered all benchmark artifacts in the artifact index and retrieval
generation flow.
- Added structural validation for the benchmark corpus, Kubernetes RBAC native
concept coverage, namespace tenant-boundary warning, CARING descriptor
classes, and findings/proposals.
- Regenerated agent briefs, indexes, tree views, and validation output.

2
workplans/index.yaml
View File

@@ -136,7 +136,7 @@ workplans:
- id: ITC-WP-0010
title: CARING Kubernetes RBAC Benchmark
status: proposed
status: finished
priority: medium
path: workplans/ITC-WP-0010-caring-kubernetes-rbac-benchmark.md
depends_on: