NET-WP-0020-T02: wire OpenBao init/unseal as Phase 7b in creds-bootstrap-agent (operator-reviewed)

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
2026-07-02 13:32:58 +02:00
parent abde6b1fd4
commit 67b4677cea
3 changed files with 59 additions and 5 deletions

View File

@@ -55,16 +55,24 @@ state_hub_task_id: "65407eb1-9d89-4158-aed5-4987badd83fc"
(emitted on the script's `EVIDENCE` JSON line)
- [x] Integrate with `make openbao-configure-initial` post-unseal
(`OPENBAO_RUN_CONFIGURE_INITIAL=1` chains it; default prints the handoff hint)
- [ ] Wire the helper as an optional phase inside `creds-bootstrap-agent.sh`
(agent-policy blocked automated edits to the credential bootstrap script on
2026-07-02 — operator should add a phase that calls the helper, sets the two
state flags in `creds-state.yaml`, and re-runs `encrypt-secrets.sh` + commit
when `secrets/openbao/` was created)
- [x] Wire the helper as an optional phase inside `creds-bootstrap-agent.sh`
(Phase 7b, reviewed and approved by Bernd 2026-07-02: runs only when the
`openbao` namespace exists, skips when already verified, sets the two
`creds-state.yaml` flags, encrypts + commits new init material, and a
custody-gate refusal warns without aborting the SSO/MFA bootstrap —
dry-run/skip/refusal paths harness-tested)
- [ ] Greenfield live proof: run against a sealed/uninitialized OpenBao on a
rebuild slate (current cluster is already initialized+unsealed, so only the
status/verify path was live-smoked on 2026-07-02; custody-gate refusal was
proven for `unselected` and `attended-ceremony`)
**2026-07-02 (later):** Bernd reviewed the helper design (five safety
properties incl. the root-token-in-bundle caveat of the sops-held model) and
approved the Phase 7b wiring as proposed. Applied, `bash -n` clean, all three
conditional paths verified by harness. Pre-existing note: the agent's Phase 0
cannot dry-run on machines without the age key — unrelated to this change.
Remaining T02 item is only the greenfield live proof.
**2026-07-02:** Helper implemented and smoke-tested: dry-run against the live
cluster passed the custody gate (`sops-held-automation` selected) and read
`initialized=true sealed=false`; negative tests proved refusal for unselected