generated from coulomb/repo-seed
NET-WP-0018 T09: Assess scratch-rebuild risk and define rehearsal plan
- Created docs/security-bootstrap-rebuild-risk-and-rehearsal.md (risk table 12+ items classified likelihood/impact/etc; UE adapters #1 HIGH per assessment 7 gaps; non-destructive rehearsal plan: scripted dry (creds-init --dry + 0019 orchestrator + make/console validate + T07/T08) then ns-isolated then parallel; rollback via cleanup/lock-offboard; prove via validators/evidence/status/tests; recs + coverage gaps documented; refs T02/T03/T05/T07/T08/0019/assessment/contract) - Updated workplan T09 status:done + detailed 2026-06-04 completion note (reviews all prior T0x + live console/evidence/metadata exercised in T09; pragmatic infra used; 9/9 closes 0018) - Frontmatter updated date - No destructive; all per session protocol + pragmatic audit (file source per ADR-001) - T07 tests + T08 validate-keycape + validate-onboarding-dry-run exercised OK as part of review Refs: workstream 800f9f16-..., task a9e60fd5-...; will POST /progress/ + fix-consistency
This commit is contained in:
@@ -8,7 +8,7 @@ status: active
|
||||
owner: codex
|
||||
topic_slug: netkingdom
|
||||
created: "2026-06-01"
|
||||
updated: "2026-06-03"
|
||||
updated: "2026-06-04"
|
||||
depends_on:
|
||||
- NET-WP-0015
|
||||
- NET-WP-0017
|
||||
@@ -397,7 +397,7 @@ once adapters land (e.g. claims_enrichment projection).
|
||||
|
||||
```task
|
||||
id: NET-WP-0018-T09
|
||||
status: todo
|
||||
status: done
|
||||
priority: high
|
||||
state_hub_task_id: "a9e60fd5-fac6-46e9-bc63-b2979cca548e"
|
||||
```
|
||||
@@ -431,6 +431,14 @@ shows S6 reopen with many flags true, but adapter gaps remain). From assessment:
|
||||
automated cred bootstrap entrypoint for rehearsal. No live destructive rebuild
|
||||
as non-goal.
|
||||
|
||||
**2026-06-04 (T09 complete):** Started T09 (last high-prio task; 8/9 in brief). Using pragmatic tracking (todo, file notes, will POST /progress/ with task_id, git, console/evidence review, T07/T08 run). Reviewed all prior: T02 NetkingdomRuntimeArchitecture.md (specific-as-deployed incl. full UE 7 gaps section + pragmatic audit + 0019 + rebuild notes), T03 retrospective.md (9 bumps + gap matrix with UE/audit/rebuild rows high for T09 + explicit rec "T09 classify UE risk + rehearsal scripted/namespace first"), T05 smooth-bootstrap-guide.md (consolidated sequence + Step 7/8 refs 0019 dry-run + "Rehearse rebuild per T09 (scripted/namespace first; use 0019 as model)"), T07 tests (8 pytest covering templates/0019 dry-run bools/runbooks/validators + syntax), T08 (keycape_openbao_client_deployed() live via verify script + or into build_gates + subcmd/make; "prove itself through same validations UI shows"), live console status (S6, T08 gate "done (computed via verify...)", action #17 validate-keycape-client, 0019 dry-run actions), .local/metadata (platform_reopened, cleanup_complete, audit_core_bootstrap_risk_accepted:true + review 2026-07-02, many oidc/openbao flags true), /tmp onboarding evidence (validated OK with 12+ exact bools: actor_class=user, no_secret_material_recorded, lldap_identity_verified, keycape_oidc_claims_verified, effective_access_summary, lock_offboard_result clean, prevents root etc.), assessment.md (full 7 gaps: #1 missing adapters biggest, bootstrap users vs UE, claims drift, membership, governance, audit correlation, etc.; no intent conflicts; recs for 0018 to classify + drive integration tests), boundary contract, creds-init skill (automated SOPS/age/k8s + --dry-run + human emergency bundle gate), 0019 orchestrator (dry-run-nonroot-user.sh: /tmp+trap, k8s-fallback, --test, claims, lock/offboard, cleanup-only, evidence populate+validate), Makefile (security-bootstrap-onboarding-dry-run + validate-* + console-test + scripts-syntax + validate-keycape-client all first-class; bootstrap target lists them), T08 verify script.
|
||||
|
||||
Created docs/security-bootstrap-rebuild-risk-and-rehearsal.md (exec summary with live posture from T09 exercise of validators/tests; full risk table ~12 areas classified by likelihood/impact/detection/mitigation/remaining-human/priority — UE adapters HIGH #1, scratch state loss HIGH, claims path HIGH until fixed, cluster rehearsal unexercised HIGH, audit correlation HIGH, etc.; detailed non-destructive rehearsal plan: 1. scripted local dry-run (creds-init --dry + make security-bootstrap-onboarding-dry-run + all validate-* + T07 pytest + console status prove + /tmp evidence), 2. ns-isolated/k8s-fallback (orchestrator k8s extract + scoped; isolated restore drill), 3. parallel cluster (full guide + S6 re-proof when avail), 4. live scratch only post-rehearsal + approval (non-goal); rollback via 0019 cleanup/GraphQL; prove criteria (validators 0, tests green, evidence bools, no taint, progress events); current coverage gaps documented; recs: prioritize adapters per assessment, extend T08 validators, drive future dry-run UE exercise from 0018/0019, schedule T09 drills, use as rebuild bible + 0017 handoff gate).
|
||||
|
||||
Updated T09 in workplan to done + this note (refs new doc + all cross + pragmatic infra used for T09 itself + that 9/9 closes 0018). No destructive actions. All review via tools + direct execution of tests/validate (passed). File-first per ADR-001.
|
||||
|
||||
Pragmatic: this note + will POST /progress/ (task_id a9e60fd5-... + workstream), git commit, make fix-consistency (expect brief 9/9, C-10 etc.), verify. T09 fulfills the "assess resulting + define rehearsal" + T03 rec + smooth-guide callout + assessment recs. Brief will show 9/9 once synced.
|
||||
|
||||
## Acceptance Criteria
|
||||
|
||||
- `NET-WP-0015` is closed, archived, or explicitly reconciled with remaining
|
||||
|
||||
Reference in New Issue
Block a user