coulomb/net-kingdom
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
215 Commits 1 Branch 0 Tags
9e5b16b21ff4154691c07eb4b4de6bfb2267dfa5
Commit Graph

215 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
tegwick
9e5b16b21f chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-03:
  - update .custodian-brief.md for net-kingdom
 2026-06-03 16:58:55 +02:00
tegwick
13a0221c42 chore(NET-WP-0018-T05): mark T05 done in workplan (status block) after guide delivery 2026-06-03 16:57:49 +02:00
tegwick
49be67f267 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-03:
  - update .custodian-brief.md for net-kingdom
 2026-06-03 16:57:26 +02:00
tegwick
7da19ef767 feat(NET-WP-0018-T05): complete smooth bootstrap guide 
- Created docs/smooth-bootstrap-guide.md as the single consolidated operator guide per T05 spec + T03 recs:
  - Full sequence (prereqs, creds/king, privacyIDEA, LLDAP/user + MFA, KeyCape, OpenBao, lifecycle via 0019, reopen, handoff)
  - Per-step evidence requirements + links to validate-*, 0019 dry-run, console subcmds/make
  - Blocked conditions, next safe action, effective preview, actor classes
  - References T02 runtime arch, T03 retrospective/matrix, console lifecycle-guide (incl. 0019), UX contracts, evidence templates
  - Pragmatic note + update pointers for console guide
- Updated workplan T05 to done + completion note
- Pragmatic: progress (task_id), file notes, this commit
- Brief/fix next (expect 4/9 done: T02-T03 + T05; T04 medium can follow or parallel)

T05 complete. T06 (align control surface) next logical (uses this guide + T02/T03).
 2026-06-03 16:56:10 +02:00
tegwick
2a21f6dcdc chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-03:
  - update .custodian-brief.md for net-kingdom
 2026-06-03 16:55:03 +02:00
tegwick
a3a63c6836 feat(NET-WP-0018-T03): complete retrospective and automation gap matrix 
- Updated workplan: T03 status done + final 2026-06-03 completion note
- docs/security-bootstrap-retrospective.md now serves as the output: bumps from full history (incl. 0019 hygiene wins), gap matrix (audit, UE adapters, guide, tests, etc.), recs prioritizing T05 + using T02/T03 for later
- All via pragmatic: progress logs (task_id), file notes, this commit
- Brief/hub will reflect 3/9 via next fix-consistency (T02+T03 done)

T03 complete. Next: T05 (smooth guide) per retrospective recs and priorities.
 2026-06-03 16:54:07 +02:00
tegwick
6f1f65980d chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-03:
  - update .custodian-brief.md for net-kingdom
 2026-06-03 16:34:01 +02:00
tegwick
3466c431dd feat(NET-WP-0018-T03): initial retrospective + gap matrix (substantial draft) 
- Created docs/security-bootstrap-retrospective.md:
  - Exec summary (wins: S6, console/0019 automation, evidence discipline, T02 arch doc; gaps: UE adapters, consolidated guide, tests, proper audit)
  - 9 bumps with diagnosis/now-automated?/remaining (realm, OIDC callbacks, LLDAP claims, OpenBao mapping, tokens, operator-state, secret taint pre-0019, audit correlation, etc.)
  - Full gap matrix table (areas, current status incl. 0019/T02, remaining, priorities)
  - Recommendations (T05 consolidate guide, T07/T08 use 0019+T02 as fixtures, T09 classify UE risk, continue pragmatic)
  - Refs to T02 doc, 0017/0019 evidence, console, assessment gap 7, pragmatic records
- Updated workplan T03 with progress note (still in_progress for expansion)
- Pragmatic tracking: progress events (with task), file notes, commit
- Builds directly on T02 + prior 0017/0019 + Coordination pragmatic guidance

Feeds T05/T06/T08/T09. Next tasks can reference this + T02.
 2026-06-03 16:31:08 +02:00
tegwick
6a1a7bf561 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-03:
  - update .custodian-brief.md for net-kingdom
 2026-06-03 16:30:03 +02:00
tegwick
d09843c17e feat(NET-WP-0018-T02): Document The Runtime Architecture 
- Created docs/NetkingdomRuntimeArchitecture.md (comprehensive, specific-as-deployed):
  - Planes (bootstrap/control/tenant + recursive trust)
  - Identity/MFA/OIDC (lightweight key-cape: LLDAP/Authelia/privacyIDEA + KeyCape https://kc.coulomb.social; clients, claims, groups)
  - Authelia handoff, OpenBao OIDC+secrets path (SOPS/age -> runtime leases/K8s/audit)
  - Bootstrap console/UI state (S6, gates, 0019 dry-run additions, web-ui, evidence)
  - State Hub relation, k8s/DNS/routes/ingress/trust (concrete hosts/ns)
  - Pragmatic audit paths (local-identity TSV, PVC+mock, State Hub/console)
  - UE integration points + 7 gaps (per assessment + boundary contract refs)
  - Operational assumptions + rebuild notes
- Updated NET-WP-0018 workplan: T02 status done + detailed 2026-06-03 completion note
- Used pragmatic tracking throughout (progress events with task_id 121ee797..., file notes, this commit)
- Per T02 spec + Coordination Notes guidance on pragmatic for impl/retrospect

This doc is now the baseline for T03 retrospective/gap matrix (incl. audit), T05 guide, T06/T08 control surface/validations, T09 risk assessment.
 2026-06-03 16:27:22 +02:00
tegwick
6e05946163 docs(NET-WP-0018): add explicit guidance in Coordination Notes on using pragmatic auditing/tracking infra (State Hub progress/decisions, workplan dated notes, git, console evidence/metadata, local audit) during 0018 implementation to feed T03 retrospective + optimization review 
- References existing audit_core bootstrap risk acceptance (production sink deferred)
- Cross-refs T03 gap matrix (includes audit), T02 (document current pragmatic audit paths), assessment gap 7 (correlation), local-identity/audit.py, contract requirements
- Answers query: pragmatic is sufficient and intended for tracking the workplan work + retrospect; do not block on establishing full production Audit Core first (risk accepted for bootstrap phase)
- Per session protocol + ADR-001 (file first)
 2026-06-03 16:17:46 +02:00
tegwick
000d263bea review(NET-WP-0018): update frontmatter, add Related section, and dated notes (2026-06-03) across T02-T09 for 0019 polish artifacts + user-engine/net-kingdom assessment 
- T04: assessment fulfills UE boundary/intent/scope review (7 gaps detailed)
- T02/T03/T05/T06/T08/T09: note post-0017/0019 state, enablers (orchestrator, console subcmds, make targets, claims helper, evidence/validators, runbook exposure), remaining work, cross-refs to assessment
- T07 note enhanced with pointer to 0019 impl
- T01 note trimmed to pointer
- updated date + Related section
- Prepares for impl readiness assessment; no status changes (still 1/9 in file/hub pending tasks)

See docs/user-engine-netkingdom-integration-assessment.md and NET-WP-0019.
 2026-06-03 11:47:41 +02:00
tegwick
1721226427 docs: persist user-engine vs net-kingdom integration assessment (new doc + cross-references in SCOPE, boundary contract, guidance, responsibility map, 0018/0019 workplans). Also updated user-engine integration doc to reference it. 2026-06-03 10:33:31 +02:00
tegwick
46d5b1dabc chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-03:
  - update .custodian-brief.md for net-kingdom
 2026-06-03 07:11:19 +02:00
tegwick
92bf7d1d1c NET-WP-0019: implement T05 (OIDC claims helper + integration in script/console) and T06 (add dry-run to runbook_payloads for web-ui exposure; cross-link update in 0018 T07). Update workplan notes. 2026-06-03 07:10:56 +02:00
tegwick
f56bca5b5d NET-WP-0019: update workplan with implementation notes and task statuses after core polish (T01-T04 done). 2026-06-03 02:23:05 +02:00
tegwick
23af9b0a84 NET-WP-0019: fix arg parsing in orchestrator for --cleanup-only early, fix delegate path in console cleanup command. 2026-06-03 02:21:22 +02:00
tegwick
33cab7be4e chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-03:
  - update .custodian-brief.md for net-kingdom
 2026-06-03 02:19:45 +02:00
tegwick
140fff6773 NET-WP-0019: register T06-adjacent polish workplan + implement core (orchestrator script, safer secret fallback in create-user, console dry-run + cleanup commands, make targets, cross-link from 0017 T06). See workplan file for task status. 2026-06-03 02:17:55 +02:00
tegwick
fe052f3a37 polish: T06-adjacent improvements to lifecycle flow (add onboarding-dry-run-template + concrete T06 dry-run execution section in lifecycle-guide; wiring for parser/dispatch/status/Makefile for consistency with T05) 2026-06-03 02:11:56 +02:00
tegwick
8a3d7a8aff chore: make T06 verify scripts executable (chmod +x for check-mfa and keycape-verify used in dry-run evidence) 2026-06-03 02:03:03 +02:00
tegwick
b45788d5b6 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-03:
  - update .custodian-brief.md for net-kingdom
 2026-06-03 02:02:41 +02:00
tegwick
bcac6076cb NET-WP-0017: complete T06 dry-run + T07 review/retire (onboarded+locked+offboarded t06-dryrun test user via T05 flow + verifs; evidence+validate pass; archived superseded 0015/16 + old NK-0003/4/5 bootstrap plans per T07; set platform_reopened; updated T06/T07 notes + frontmatter finished) 2026-06-03 02:01:38 +02:00
tegwick
8ad71f7f26 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-03:
  - update .custodian-brief.md for net-kingdom
 2026-06-03 01:56:22 +02:00
tegwick
1f0e8490fd NET-WP-0017: implement T05 first user lifecycle operator flow (console template+guide, evidence, validate support, docs integration) 2026-06-03 01:55:43 +02:00
tegwick
2036857f70 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-03:
  - update .custodian-brief.md for net-kingdom
 2026-06-03 01:53:18 +02:00
tegwick
5e7844debd NET-WP-0017: complete T03 Close Trial Taint And Retire Bootstrap Admin Paths + T04 Harden (evidence, console template, metadata flags, inventories, reviews) 2026-06-03 01:50:29 +02:00
tegwick
16b57fb773 Complete OpenBao emergency drill gate 2026-06-03 00:50:23 +02:00
tegwick
e7567b3fac chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-03:
  - update .custodian-brief.md for net-kingdom
 2026-06-03 00:48:36 +02:00
tegwick
c7bbdac03b Record OpenBao restore drill evidence 2026-06-02 17:23:20 +02:00
tegwick
eb973621e1 Record T02 audit posture progress 2026-06-02 02:02:05 +02:00
tegwick
0ab7c14ec9 Add signed custody roster workflow 2026-06-02 01:11:42 +02:00
tegwick
31e6d6660f Add NET-WP-0017 T02 closure validator 2026-06-02 00:24:18 +02:00
tegwick
cd82285efe Require emergency drill evidence validation 2026-06-02 00:08:16 +02:00
tegwick
6bd822ae71 Require concrete OpenBao restore evidence 2026-06-01 23:57:00 +02:00
tegwick
8f5bfbe20e Hand off durable audit fabric to audit-core 2026-06-01 23:44:04 +02:00
tegwick
f6053f5c0b Record OpenBao authenticated audit proof 2026-06-01 22:52:42 +02:00
tegwick
dc4fe883a5 Add OpenBao authenticated proof runbook 2026-06-01 22:46:15 +02:00
tegwick
1f09e6dcae Record OpenBao audit rollout evidence 2026-06-01 22:30:33 +02:00
tegwick
53f20bf3e6 Start OpenBao audit recovery closeout 2026-06-01 22:12:22 +02:00
tegwick
63c705b7c5 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-01:
  - update .custodian-brief.md for net-kingdom
 2026-06-01 22:11:33 +02:00
tegwick
9a8ec0d9a5 Finish NET-WP-0015 bootstrap handoff 2026-06-01 21:55:30 +02:00
tegwick
e0c278156f chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-01:
  - update .custodian-brief.md for net-kingdom
 2026-06-01 21:54:09 +02:00
tegwick
8382a11e8e Add bootstrap rebuild readiness workplan 2026-06-01 21:48:48 +02:00
tegwick
155507eeb7 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-01:
  - update .custodian-brief.md for net-kingdom
 2026-06-01 21:47:18 +02:00
tegwick
c48e076429 Close OpenBao OIDC admin bootstrap path 2026-06-01 21:20:53 +02:00
tegwick
ed2cc17165 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-01:
  - update .custodian-brief.md for net-kingdom
 2026-06-01 21:19:11 +02:00
tegwick
7ce5f5bab0 Simplify KeyCape MFA token refresh 2026-05-29 03:21:58 +02:00
tegwick
ed991860fa Fix interactive MFA repair prompt 2026-05-29 03:18:44 +02:00
tegwick
c7b82df267 Add KeyCape privacyIDEA token repair flow 2026-05-29 03:07:17 +02:00