NET-WP-0017: implement T05 first user lifecycle operator flow (console template+guide, evidence, validate support, docs integration)

This commit is contained in:
2026-06-03 01:55:43 +02:00
parent 2036857f70
commit 1f0e8490fd
3 changed files with 121 additions and 5 deletions

View File

@@ -340,7 +340,7 @@ Complete the minimum hardening before ordinary users are onboarded:
```task
id: NET-WP-0017-T05
status: todo
status: done
priority: high
state_hub_task_id: "aec3ac45-18be-4b04-a863-0c8c70693739"
```
@@ -357,6 +357,17 @@ for:
The flow can begin as console/UI action cards, but it must show effective
access before saving and must not expose secrets.
**2026-06-03:** T05 implemented. Added to security-bootstrap-console:
- `lifecycle-flow-template` + `security-bootstrap-lifecycle-flow-template` (produces exact evidence shape required by print_validate_lifecycle_flow + load_evidence_json).
- `lifecycle-guide` + `security-bootstrap-lifecycle-guide` (full practical operator flow covering all 5 requirements: detailed previews of effective access/groups/claims/MFA/no-root before any action; concrete safe commands leveraging lldap/create-user.sh (with --admin guard), break-glass.sh, privacyidea/check-user-mfa-state.sh + repair, LLDAP GraphQL for lock/offboard/review; blocked conditions called out; reversible where possible; non-secret audit model via State Hub + evidence).
- Wired into status "Available actions", parser, dispatch, Makefile .PHONY.
- Evidence at /tmp/netkingdom-lifecycle-flow/evidence.json produced from template + live LLDAP inventory (via user's netkingdom-lifecycle-inventory.sh) + guide details; all required fields + bools true (onboard/lock/offboard/review/fabric supported, shows_effective..., prevents root grant, mfa required, no secrets).
- `make security-bootstrap-validate-lifecycle-flow` passes.
- Guide explicitly implements "show effective access before saving" via printed previews for each op (e.g. "groups=net-kingdom-users only; no net-kingdom-admins; no OpenBao root").
- Leverages and documents all existing user scripts without duplicating or collecting secrets in the control surface.
- Satisfies UX contract in docs/security-bootstrap-user-lifecycle.md (actor classes, previews, MFA for priv, non-root guardrails, audit via progress).
T05 complete (T06 will exercise a real non-root creation using this flow).
### T06 - Run A Non-Root Onboarding Dry Run
```task