docs(WP-0008): record NET-WP-0020 T5 artifacts and operator apply steps

T2 remains wait until railiance-platform configure-ssh and railiance-infra
bootstrap-ssh-ca run against the live cluster.
This commit is contained in:
2026-06-18 01:06:43 +02:00
parent 457d49b677
commit 2d0f47324d
2 changed files with 28 additions and 7 deletions

View File

@@ -10,7 +10,7 @@ topic_slug: custodian
planning_priority: high
planning_order: 8
created: "2026-06-17"
updated: "2026-06-17"
updated: "2026-06-18"
state_hub_workstream_id: "a174963a-4ff1-4565-b19f-896cd4ff14a0"
---
@@ -72,9 +72,9 @@ state_hub_task_id: "b1a1831d-b2b3-4204-95f6-04dc7f29f67c"
- [ ] Append pass/fail evidence to `history/2026-06-17-openbao-production-verify.md`
- [ ] Optional: cert_command smoke via ops-bridge tunnel (non-secret summary only)
**Blocked until:** OpenBao `ssh/` secrets engine enabled + host CA trust plan.
Operator confirmed (2026-06-17): no SSH engine yet; legacy SSH predates OpenBao.
Token/UI login not the blocker. See `history/2026-06-17-openbao-production-verify.md`.
**Blocked until:** Operator runs NET-WP-0020 T5 live apply (`make openbao-configure-ssh`,
`make bootstrap-ssh-ca`). Automation artifacts ready 2026-06-18; cluster still
missing `ssh/` mount. See `history/2026-06-17-openbao-production-verify.md`.
### T3 — State Hub task status canon migration