Commit Graph

4 Commits

Author SHA1 Message Date
8a05dd0db7 docs(NET-WP-0020): mark T5 done after live SSH engine and host CA apply 2026-06-18 01:18:57 +02:00
5a5eb482d4 docs(NET-WP-0020): T5 automation ready; operator apply is next gate
Update workplan T5 to progress and assessment next-actions for live cluster
apply before WP-0008 warden sign smoke.
2026-06-18 01:06:43 +02:00
6336c28626 docs: persist OpenBao/SSH/bootstrap state assessment in history
Capture live vs greenfield tracks, unseal custody models, console S6
interpretation, repo ownership, and ordered next actions before NET-WP-0020 T5.
2026-06-18 01:01:50 +02:00
f625dd0681 feat: OpenBao unseal custody models — automation-first with blocked alternatives
Document three init/unseal custody paths; default sops-held-automation for
fast rebuild cycles. Security bootstrap console lists models, blocks planned
attended-ceremony and auto-unseal-transit with hints, and gates init ceremony
on implemented selection. NET-WP-0020 tracks downstream SSH automation.
2026-06-18 00:51:48 +02:00