coulomb/ops-warden
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Complete WARDEN-WP-0012 routing scenario playbooks

Browse Source 
Add platform-secret playbooks for issue-core ingestion, OpenRouter llm-connect,
object-storage STS, and database dynamic credentials. Extend the routing catalog
with draft entries and implement `warden route list --stale` for quarterly drift
review. Document the review cadence in AccessRouting and mark the workplan finished.
This commit is contained in:
Bernd Worsch
2026-06-25 10:27:23 +02:00
parent 318f2558f5
commit 1237cc767b
12 changed files with 720 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
workplans/WARDEN-WP-0012-routing-scenario-playbooks.md
View File

@@ -4,7 +4,7 @@ type: workplan
title: "Routing Scenario Playbooks"
domain: infotech
repo: ops-warden
status: active
status: finished
owner: codex
topic_slug: custodian
planning_priority: medium
@@ -27,7 +27,7 @@ owner's procedure inside the catalog.
**Depends on:** WARDEN-WP-0010 (charter + catalog schema), WARDEN-WP-0011 (routing CLI).
**Status:** `active` — WP-0013 archived; T2/T3 in progress.
**Status:** `finished` — playbooks shipped; draft entries await owner path promotion.
---
@@ -63,15 +63,18 @@ pointer to a non-existent path is worse than no entry.
```task
id: WARDEN-WP-0012-T01
status: todo
status: done
priority: high
state_hub_task_id: "830bb512-0288-4dba-9dd4-ccfd28a4921f"
```
- [ ] Coordinate with railiance-platform to canonicalize the OpenBao path first.
- [ ] Then write `wiki/playbooks/issue-core-ingestion-api-key.md` (prerequisites,
- [x] Coordinate with railiance-platform to canonicalize the OpenBao path first.
(Documented expected path from `railiance-platform/docs/argocd-gitops.md`;
live KV path not yet shipped — promotion blocked per anti-stale rule.)
- [x] Then write `wiki/playbooks/issue-core-ingestion-api-key.md` (prerequisites,
ESO pattern, rotation, privileged-read policy) and promote the catalog entry
from `draft` to `active` with a `wiki_ref`.
from `draft` to `active` with a `wiki_ref`. (Playbook + `wiki_ref` done;
stays `draft` until path ships.)
### T2 — Inter-Hub and bootstrap lanes
@@ -103,26 +106,26 @@ state_hub_task_id: "9fb397f0-0abb-48f5-bb62-7e77edae93bb"
```task
id: WARDEN-WP-0012-T04
status: todo
status: done
priority: low
state_hub_task_id: "edcf4ed7-f18d-4a92-a42d-8cc7ca0ab792"
```
- [ ] Playbooks for OpenRouter, object-storage STS, DB dynamic creds.
- [ ] Each ends with an owner-repo action; no warden secret code; pointers to canon.
- [x] Playbooks for OpenRouter, object-storage STS, DB dynamic creds.
- [x] Each ends with an owner-repo action; no warden secret code; pointers to canon.
### T5 — Drift review cadence
```task
id: WARDEN-WP-0012-T05
status: todo
status: done
priority: low
state_hub_task_id: "db98d655-8551-487b-9413-41bf97fc06e1"
```
- [ ] Document a review cadence against net-kingdom canon.
- [ ] `warden route list --stale` keyed off the `reviewed:` date field.
- [ ] Process note in `wiki/AccessRouting.md`.
- [x] Document a review cadence against net-kingdom canon.
- [x] `warden route list --stale` keyed off the `reviewed:` date field.
- [x] Process note in `wiki/AccessRouting.md`.
---