- Extended computed validation pattern into main gates:
- Added keycape_openbao_client_deployed() (invokes verify-openbao-client.sh for live check).
- Updated 'KeyCape OpenBao client deployed' gate in build_gates to 'done' if metadata or validator succeeds (T08: UI now proves via validation not just manual flag).
- Added validate-keycape-client subparser, dispatch (prints source+live status), and make target.
- Updated printed available actions list to include it.
- Updated T08 workplan section: status done + detailed 2026-06-03 implementation note (extended from 0019 note; covers one key target as example, pattern for others like LLDAP/privacyIDEA/Authelia using existing verify-*.sh).
- T07 tests + console-test cover; console status gates now reflect more validator output.
- Pragmatic: progress log with task_id, file notes, commit.
- Brief/fix next (expect 8/9 done).
This fulfills T08: more gates compute from validators (ok/fail) rather than manual only; live setup can satisfy checks via the integrated commands.
- console.py print_status: added explicit 'Follow the NET-WP-0018 Smooth Bootstrap Guide' block after Next safe action, with doc path + lifecycle-guide/make entrypoint. Updated 'Available actions' #9 to note the guide.
- Previously refreshed lifecycle_guide T06 DRY-RUN to 0019 + new guide.
- workplan: T06 status done + detailed 2026-06-03 completion note (supersedes old 0019 'awaits' note); start note already present.
- Pragmatic: progress events (task_id), file notes, this commit.
- UI (status + guide print + 0019 actions/validators/runbooks) now guides the sequence from docs/smooth-bootstrap-guide.md and makes the recommended path clear/hard to go wrong-order.
T06 complete. Brief/fix next (expect 5/9).
- Updated workplan: T03 status done + final 2026-06-03 completion note
- docs/security-bootstrap-retrospective.md now serves as the output: bumps from full history (incl. 0019 hygiene wins), gap matrix (audit, UE adapters, guide, tests, etc.), recs prioritizing T05 + using T02/T03 for later
- All via pragmatic: progress logs (task_id), file notes, this commit
- Brief/hub will reflect 3/9 via next fix-consistency (T02+T03 done)
T03 complete. Next: T05 (smooth guide) per retrospective recs and priorities.
- References existing audit_core bootstrap risk acceptance (production sink deferred)
- Cross-refs T03 gap matrix (includes audit), T02 (document current pragmatic audit paths), assessment gap 7 (correlation), local-identity/audit.py, contract requirements
- Answers query: pragmatic is sufficient and intended for tracking the workplan work + retrospect; do not block on establishing full production Audit Core first (risk accepted for bootstrap phase)
- Per session protocol + ADR-001 (file first)