coulomb/net-kingdom
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
206 Commits 1 Branch 0 Tags
d09843c17e8bd0123d5be5e9326e39cb8e188a5a
Commit Graph

206 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
tegwick
d09843c17e feat(NET-WP-0018-T02): Document The Runtime Architecture 
- Created docs/NetkingdomRuntimeArchitecture.md (comprehensive, specific-as-deployed):
  - Planes (bootstrap/control/tenant + recursive trust)
  - Identity/MFA/OIDC (lightweight key-cape: LLDAP/Authelia/privacyIDEA + KeyCape https://kc.coulomb.social; clients, claims, groups)
  - Authelia handoff, OpenBao OIDC+secrets path (SOPS/age -> runtime leases/K8s/audit)
  - Bootstrap console/UI state (S6, gates, 0019 dry-run additions, web-ui, evidence)
  - State Hub relation, k8s/DNS/routes/ingress/trust (concrete hosts/ns)
  - Pragmatic audit paths (local-identity TSV, PVC+mock, State Hub/console)
  - UE integration points + 7 gaps (per assessment + boundary contract refs)
  - Operational assumptions + rebuild notes
- Updated NET-WP-0018 workplan: T02 status done + detailed 2026-06-03 completion note
- Used pragmatic tracking throughout (progress events with task_id 121ee797..., file notes, this commit)
- Per T02 spec + Coordination Notes guidance on pragmatic for impl/retrospect

This doc is now the baseline for T03 retrospective/gap matrix (incl. audit), T05 guide, T06/T08 control surface/validations, T09 risk assessment.
 2026-06-03 16:27:22 +02:00
tegwick
6e05946163 docs(NET-WP-0018): add explicit guidance in Coordination Notes on using pragmatic auditing/tracking infra (State Hub progress/decisions, workplan dated notes, git, console evidence/metadata, local audit) during 0018 implementation to feed T03 retrospective + optimization review 
- References existing audit_core bootstrap risk acceptance (production sink deferred)
- Cross-refs T03 gap matrix (includes audit), T02 (document current pragmatic audit paths), assessment gap 7 (correlation), local-identity/audit.py, contract requirements
- Answers query: pragmatic is sufficient and intended for tracking the workplan work + retrospect; do not block on establishing full production Audit Core first (risk accepted for bootstrap phase)
- Per session protocol + ADR-001 (file first)
 2026-06-03 16:17:46 +02:00
tegwick
000d263bea review(NET-WP-0018): update frontmatter, add Related section, and dated notes (2026-06-03) across T02-T09 for 0019 polish artifacts + user-engine/net-kingdom assessment 
- T04: assessment fulfills UE boundary/intent/scope review (7 gaps detailed)
- T02/T03/T05/T06/T08/T09: note post-0017/0019 state, enablers (orchestrator, console subcmds, make targets, claims helper, evidence/validators, runbook exposure), remaining work, cross-refs to assessment
- T07 note enhanced with pointer to 0019 impl
- T01 note trimmed to pointer
- updated date + Related section
- Prepares for impl readiness assessment; no status changes (still 1/9 in file/hub pending tasks)

See docs/user-engine-netkingdom-integration-assessment.md and NET-WP-0019.
 2026-06-03 11:47:41 +02:00
tegwick
1721226427 docs: persist user-engine vs net-kingdom integration assessment (new doc + cross-references in SCOPE, boundary contract, guidance, responsibility map, 0018/0019 workplans). Also updated user-engine integration doc to reference it. 2026-06-03 10:33:31 +02:00
tegwick
46d5b1dabc chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-03:
  - update .custodian-brief.md for net-kingdom
 2026-06-03 07:11:19 +02:00
tegwick
92bf7d1d1c NET-WP-0019: implement T05 (OIDC claims helper + integration in script/console) and T06 (add dry-run to runbook_payloads for web-ui exposure; cross-link update in 0018 T07). Update workplan notes. 2026-06-03 07:10:56 +02:00
tegwick
f56bca5b5d NET-WP-0019: update workplan with implementation notes and task statuses after core polish (T01-T04 done). 2026-06-03 02:23:05 +02:00
tegwick
23af9b0a84 NET-WP-0019: fix arg parsing in orchestrator for --cleanup-only early, fix delegate path in console cleanup command. 2026-06-03 02:21:22 +02:00
tegwick
33cab7be4e chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-03:
  - update .custodian-brief.md for net-kingdom
 2026-06-03 02:19:45 +02:00
tegwick
140fff6773 NET-WP-0019: register T06-adjacent polish workplan + implement core (orchestrator script, safer secret fallback in create-user, console dry-run + cleanup commands, make targets, cross-link from 0017 T06). See workplan file for task status. 2026-06-03 02:17:55 +02:00
tegwick
fe052f3a37 polish: T06-adjacent improvements to lifecycle flow (add onboarding-dry-run-template + concrete T06 dry-run execution section in lifecycle-guide; wiring for parser/dispatch/status/Makefile for consistency with T05) 2026-06-03 02:11:56 +02:00
tegwick
8a3d7a8aff chore: make T06 verify scripts executable (chmod +x for check-mfa and keycape-verify used in dry-run evidence) 2026-06-03 02:03:03 +02:00
tegwick
b45788d5b6 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-03:
  - update .custodian-brief.md for net-kingdom
 2026-06-03 02:02:41 +02:00
tegwick
bcac6076cb NET-WP-0017: complete T06 dry-run + T07 review/retire (onboarded+locked+offboarded t06-dryrun test user via T05 flow + verifs; evidence+validate pass; archived superseded 0015/16 + old NK-0003/4/5 bootstrap plans per T07; set platform_reopened; updated T06/T07 notes + frontmatter finished) 2026-06-03 02:01:38 +02:00
tegwick
8ad71f7f26 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-03:
  - update .custodian-brief.md for net-kingdom
 2026-06-03 01:56:22 +02:00
tegwick
1f0e8490fd NET-WP-0017: implement T05 first user lifecycle operator flow (console template+guide, evidence, validate support, docs integration) 2026-06-03 01:55:43 +02:00
tegwick
2036857f70 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-03:
  - update .custodian-brief.md for net-kingdom
 2026-06-03 01:53:18 +02:00
tegwick
5e7844debd NET-WP-0017: complete T03 Close Trial Taint And Retire Bootstrap Admin Paths + T04 Harden (evidence, console template, metadata flags, inventories, reviews) 2026-06-03 01:50:29 +02:00
tegwick
16b57fb773 Complete OpenBao emergency drill gate 2026-06-03 00:50:23 +02:00
tegwick
e7567b3fac chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-03:
  - update .custodian-brief.md for net-kingdom
 2026-06-03 00:48:36 +02:00
tegwick
c7bbdac03b Record OpenBao restore drill evidence 2026-06-02 17:23:20 +02:00
tegwick
eb973621e1 Record T02 audit posture progress 2026-06-02 02:02:05 +02:00
tegwick
0ab7c14ec9 Add signed custody roster workflow 2026-06-02 01:11:42 +02:00
tegwick
31e6d6660f Add NET-WP-0017 T02 closure validator 2026-06-02 00:24:18 +02:00
tegwick
cd82285efe Require emergency drill evidence validation 2026-06-02 00:08:16 +02:00
tegwick
6bd822ae71 Require concrete OpenBao restore evidence 2026-06-01 23:57:00 +02:00
tegwick
8f5bfbe20e Hand off durable audit fabric to audit-core 2026-06-01 23:44:04 +02:00
tegwick
f6053f5c0b Record OpenBao authenticated audit proof 2026-06-01 22:52:42 +02:00
tegwick
dc4fe883a5 Add OpenBao authenticated proof runbook 2026-06-01 22:46:15 +02:00
tegwick
1f09e6dcae Record OpenBao audit rollout evidence 2026-06-01 22:30:33 +02:00
tegwick
53f20bf3e6 Start OpenBao audit recovery closeout 2026-06-01 22:12:22 +02:00
tegwick
63c705b7c5 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-01:
  - update .custodian-brief.md for net-kingdom
 2026-06-01 22:11:33 +02:00
tegwick
9a8ec0d9a5 Finish NET-WP-0015 bootstrap handoff 2026-06-01 21:55:30 +02:00
tegwick
e0c278156f chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-01:
  - update .custodian-brief.md for net-kingdom
 2026-06-01 21:54:09 +02:00
tegwick
8382a11e8e Add bootstrap rebuild readiness workplan 2026-06-01 21:48:48 +02:00
tegwick
155507eeb7 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-01:
  - update .custodian-brief.md for net-kingdom
 2026-06-01 21:47:18 +02:00
tegwick
c48e076429 Close OpenBao OIDC admin bootstrap path 2026-06-01 21:20:53 +02:00
tegwick
ed2cc17165 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-06-01:
  - update .custodian-brief.md for net-kingdom
 2026-06-01 21:19:11 +02:00
tegwick
7ce5f5bab0 Simplify KeyCape MFA token refresh 2026-05-29 03:21:58 +02:00
tegwick
ed991860fa Fix interactive MFA repair prompt 2026-05-29 03:18:44 +02:00
tegwick
c7b82df267 Add KeyCape privacyIDEA token repair flow 2026-05-29 03:07:17 +02:00
tegwick
ab99380dec Align Authelia KeyCape token auth method 2026-05-29 02:50:29 +02:00
tegwick
d797ce5b62 Improve OpenBao OIDC login callback command 2026-05-29 02:31:54 +02:00
tegwick
dafcd329b2 Fix OpenBao public route action state 2026-05-29 02:22:52 +02:00
tegwick
e04603779c Update OpenBao onboarding readiness handoff 2026-05-29 02:11:02 +02:00
tegwick
cac59a37c1 openbao and itsec tooling integration 2026-05-27 18:56:30 +02:00
tegwick
733f77b448 Record State Hub IDs for onboarding readiness plan 2026-05-26 07:12:09 +02:00
tegwick
c3cc548060 chore(consistency): sync task status from DB [auto] 
Updated by fix-consistency on 2026-05-26:
  - update .custodian-brief.md for net-kingdom
 2026-05-26 07:10:22 +02:00
tegwick
9eabf6cd4d Review OpenBao onboarding readiness workplans 2026-05-26 07:08:25 +02:00
tegwick
1edcfbb17d Use helper for OpenBao OIDC auth setup 2026-05-26 03:02:08 +02:00