coulomb/net-kingdom
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
158 Commits 1 Branch 0 Tags
9eabf6cd4d6227d8abf1c7fd4e23e149257e20ac
Commit Graph

158 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
tegwick
9eabf6cd4d Review OpenBao onboarding readiness workplans 2026-05-26 07:08:25 +02:00
tegwick
1edcfbb17d Use helper for OpenBao OIDC auth setup 2026-05-26 03:02:08 +02:00
tegwick
a47c707a9a Verify KeyCape discovery without container wget 2026-05-26 02:47:01 +02:00
tegwick
59c924bc18 Patch KeyCape OpenBao client without bootstrap secrets 2026-05-26 02:36:04 +02:00
tegwick
1267df148a Harden KeyCape OpenBao client action 2026-05-26 02:22:24 +02:00
tegwick
f3c8d70270 Split OpenBao admin identity tasks 2026-05-26 02:13:55 +02:00
tegwick
9dc7e140b8 Refine OpenBao taint resolution 2026-05-26 01:50:57 +02:00
tegwick
500e616202 Add OpenBao admin identity stage 2026-05-26 01:17:42 +02:00
tegwick
cfd8231849 Add OpenBao admin token action 2026-05-26 00:23:06 +02:00
tegwick
d0c7ff9f3b Clarify OpenBao rotation flow 2026-05-26 00:09:19 +02:00
tegwick
8520ae8d7d Fix OpenBao rotation commands 2026-05-25 23:56:55 +02:00
tegwick
d39dbe14b8 Add bootstrap stage rail 2026-05-25 23:36:45 +02:00
tegwick
cd043ca471 Refine bootstrap actions and runbook templates 2026-05-25 23:10:02 +02:00
tegwick
20fd300e88 Exploring multi tenancy 2026-05-25 21:47:40 +02:00
tegwick
82d69e006f Add OpenBao restore drill actions 2026-05-25 18:48:23 +02:00
tegwick
e2540529f0 Add OpenBao emergency lockdown runbook 2026-05-25 18:31:48 +02:00
tegwick
b9bad47a21 Split OpenBao initial config progress 2026-05-25 15:14:59 +02:00
tegwick
9afe30f49f Show compromised OpenBao paths as tainted 2026-05-25 14:57:53 +02:00
tegwick
907675b4f4 Track OpenBao post-unseal verification 2026-05-25 14:30:57 +02:00
tegwick
d964cf46a3 Fix OpenBao unseal command card 2026-05-25 13:54:21 +02:00
tegwick
7a060a0ee6 Add OpenBao compromise runbooks to bootstrap UI 2026-05-25 13:38:03 +02:00
tegwick
976f399342 Refine bootstrap responsibilities and command states 2026-05-25 13:13:47 +02:00
tegwick
4982c92fb1 Restructure bootstrap UI around artefact model 2026-05-25 11:49:51 +02:00
tegwick
07c98b564a Show OpenBao ceremony as next action 2026-05-25 10:50:24 +02:00
tegwick
e45dd4f9eb Guide OpenBao custody ceremony order 2026-05-25 02:02:14 +02:00
tegwick
83cf2111c1 Clarify bootstrap custody UI flow 2026-05-25 01:25:47 +02:00
tegwick
711c451d43 Record platform-root OIDC verification 2026-05-25 00:46:44 +02:00
tegwick
dc70cd9fab Configure KeyCape LLDAP people OU 2026-05-25 00:32:43 +02:00
tegwick
5af876eb8c Enable KeyCape bootstrap MFA mode 2026-05-25 00:16:05 +02:00
tegwick
4cc22bec9e Record Railiance KeyCape rollout 2026-05-24 18:12:41 +02:00
tegwick
d555a33695 bootstrapping guidance ui and missing stuff 2026-05-24 17:04:15 +02:00
tegwick
1d0b0e7330 openbao king credential bootstrapping 2026-05-24 09:26:02 +02:00
tegwick
7d55cb8bd3 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-05-24:
  - update .custodian-brief.md for net-kingdom
 2026-05-24 02:10:38 +02:00
tegwick
a9da2c1a88 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-05-24:
  - update .custodian-brief.md for net-kingdom
 2026-05-24 01:49:24 +02:00
tegwick
712106f1af chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-05-24:
  - update .custodian-brief.md for net-kingdom
 2026-05-24 01:44:36 +02:00
tegwick
a103efc1d8 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-05-24:
  - update .custodian-brief.md for net-kingdom
 2026-05-24 01:28:02 +02:00
tegwick
d30ad74e40 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-05-24:
  - update .custodian-brief.md for net-kingdom
 2026-05-24 01:24:15 +02:00
tegwick
4b77cc6f8b chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-05-24:
  - update .custodian-brief.md for net-kingdom
 2026-05-24 00:31:23 +02:00
tegwick
97423c6110 Complete user-engine boundary contracts 2026-05-22 22:26:36 +02:00
tegwick
69c57f8af5 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-05-22:
  - update .custodian-brief.md for net-kingdom
 2026-05-22 21:29:20 +02:00
tegwick
c8e2b142db Split user-engine implementation planning 2026-05-22 19:50:12 +02:00
tegwick
6892dfd758 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-05-22:
  - update .custodian-brief.md for net-kingdom
 2026-05-22 19:45:22 +02:00
tegwick
28da204cf2 Add user-engine architecture workplans 2026-05-22 19:28:00 +02:00
tegwick
6aec040046 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-05-22:
  - update .custodian-brief.md for net-kingdom
 2026-05-22 19:24:16 +02:00
tegwick
8e720dd78a Implement NK-WP-0013 playbook capability contract 2026-05-22 14:49:25 +02:00
tegwick
c3f721397a Implement NK-WP-0012 IAM profile specification 2026-05-22 14:35:31 +02:00
tegwick
48cd174b00 Register NK-WP-0013 in State Hub 
Backfill workstream and task ids from State Hub registration
(workstream 32a54d8e, 6 tasks).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-21 02:43:58 +02:00
tegwick
09534f6617 Draft NK-WP-0013: Playbook Capability Contract 
The orchestration-layer analog of the IAM Profile, realizing the
playbook-contract dependency named in ADR-0007's meta-orchestration
refinement. NetKingdom owns the contract schema (consumer-defines-contract,
IAM Profile precedent); Railiance authors playbooks and publishes
conformant declarations; execution stays in Railiance (ADR-0007 unchanged).

Six tasks: ownership ADR + versioning; capability vocabulary (aligned to
the C0-C6 ladder + responsibility-map resource kinds); parameter format
(defaults, constraints, security-sensitivity); responsibility/trust-state
claims; catalog + consumption model + conformance validator; reference
adoption with one Railiance playbook. Status proposed; not yet registered.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-21 02:41:17 +02:00
tegwick
e852c23f5f Register NK-WP-0012 in State Hub 
Backfill workstream and task ids from State Hub registration
(workstream 9b8e4afc, 6 tasks).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-21 02:25:26 +02:00
tegwick
b29d30ff10 Draft NK-WP-0012: NetKingdom IAM Profile specification 
Plan to make net-kingdom the canonical owner of the IAM Profile. A v0.1
draft exists in the-custodian canon (all-hubs, Custodian-flavored,
Keycloak as reference provider); this workplan relocates ownership and
evolves it to a provider-neutral, platform-neutral v0.2 that is tenant-
and agent-aware, carries explicit assurance evidence, specifies the claim
contract flex-auth consumes, and ships an executable conformance check.

Enables NK-WP-0011 (T6 conformance) and depends on NK-WP-0006 (recursive
tenant model). Status: proposed; not yet registered in the hub.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-21 02:21:59 +02:00