feat(WP-0008): reassessment, task-status canon, archive hygiene

- Post-WP-0007 reassessment and SCOPE/README updates
- AGENTS.md + workplan-convention task status canon migration
- examples/warden.production.example.yaml for production OpenBao
- Archive WP-0004 through WP-0007 to workplans/archived/260617-*
- WP-0008 T1/T3/T4 done; T2/T5 wait on operator/flex-auth
This commit is contained in:
2026-06-17 23:51:12 +02:00
parent 7e739a426d
commit e0adc10896
11 changed files with 159 additions and 40 deletions

View File

@@ -4,7 +4,7 @@ type: workplan
title: "Production SSH Path and Stewardship Closeout"
domain: custodian
repo: ops-warden
status: ready
status: active
owner: codex
topic_slug: custodian
planning_priority: high
@@ -48,20 +48,20 @@ Move ops-warden from **documented + code-shipped** (WP-0006/0007) to
```task
id: WARDEN-WP-0008-T01
status: todo
status: done
priority: high
state_hub_task_id: "05379da4-79d0-4742-8638-9e9565cccf72"
```
- [ ] Write `history/2026-06-17-post-wp0007-reassessment.md` (vector D5/A3/C4/R?)
- [ ] Update `SCOPE.md` — policy gate implemented, WP-0007 done, WP-0008 active
- [ ] Resolve remaining `PolicyGatedSigning.md (not implemented)` references in SCOPE/README
- [x] Write `history/2026-06-17-post-wp0007-reassessment.md` (vector D5/A3/C4/R2)
- [x] Update `SCOPE.md` — policy gate implemented, WP-0008 active
- [x] Resolve remaining `PolicyGatedSigning.md (not implemented)` references in SCOPE/README
### T2 — Production OpenBao end-to-end sign verification
```task
id: WARDEN-WP-0008-T02
status: todo
status: wait
priority: high
state_hub_task_id: "b1a1831d-b2b3-4204-95f6-04dc7f29f67c"
```
@@ -72,34 +72,34 @@ state_hub_task_id: "b1a1831d-b2b3-4204-95f6-04dc7f29f67c"
- [ ] Append pass/fail evidence to `history/2026-06-17-openbao-production-verify.md`
- [ ] Optional: cert_command smoke via ops-bridge tunnel (non-secret summary only)
**Blocked until:** scoped token + SSH roles on Railiance OpenBao.
**Blocked until:** scoped token + SSH roles on Railiance OpenBao. Operator guide in session notes.
### T3 — State Hub task status canon migration
```task
id: WARDEN-WP-0008-T03
status: todo
status: done
priority: medium
state_hub_task_id: "876827c4-4a86-4e58-9a1f-ac87045dc903"
```
- [ ] Update `AGENTS.md` task status values and examples (`progress`, `wait`, `cancel`)
- [ ] Update `.claude/rules/workplan-convention.md` task block examples
- [ ] Mark state-hub interface change `649102a2-4373-4621-9848-cc257e67c262` resolved
- [ ] Reply to inbox message `c4072e5a-2afb-44ba-bfa2-7d4cb9979c6e` (read + note adaptation)
- [x] Update `AGENTS.md` task status values and examples (`progress`, `wait`, `cancel`)
- [x] Update `.claude/rules/workplan-convention.md` task block examples
- [x] Mark state-hub interface change `649102a2-4373-4621-9848-cc257e67c262` resolved
- [x] Reply to inbox message `c4072e5a-2afb-44ba-bfa2-7d4cb9979c6e` (read + note adaptation)
### T4 — Production config example and archive hygiene
```task
id: WARDEN-WP-0008-T04
status: todo
status: done
priority: medium
state_hub_task_id: "75b9f366-3d7a-419d-98ad-bc10ab90a697"
```
- [ ] Add `examples/warden.production.example.yaml` (no secrets; OpenBao addr + policy off)
- [ ] Archive finished workplans → `workplans/archived/260617-WARDEN-WP-000{4,5,6,7}-*.md`
- [ ] `make fix-consistency REPO=ops-warden` after archive
- [x] Add `examples/warden.production.example.yaml` (no secrets; OpenBao addr + policy off)
- [x] Archive finished workplans → `workplans/archived/260617-WARDEN-WP-000{4,5,6,7}-*.md`
- [x] `make fix-consistency REPO=ops-warden` after archive
### T5 — flex-auth policy gate production readiness (coordination)
@@ -120,11 +120,11 @@ state_hub_task_id: "03b412a5-5b99-42df-a154-733dd4156000"
## Acceptance Criteria
- [ ] Post-WP-0007 reassessment on file; SCOPE current
- [x] Post-WP-0007 reassessment on file; SCOPE current
- [ ] Production `warden sign` evidence recorded OR explicit operator blocker logged
- [ ] AGENTS.md uses canonical task statuses
- [ ] WP-00040007 archived; hub consistency pass
- [ ] Production example config committed (no secrets)
- [x] AGENTS.md uses canonical task statuses
- [x] WP-00040007 archived; hub consistency pass
- [x] Production example config committed (no secrets)
---
@@ -141,6 +141,7 @@ state_hub_task_id: "03b412a5-5b99-42df-a154-733dd4156000"
## See also
- `history/2026-06-17-openbao-production-verify.md` — health probe (WP-0007)
- `history/2026-06-17-intent-scope-reassessment.md`pre-policy-gate assessment
- `history/2026-06-17-post-wp0007-reassessment.md`latest assessment
- `examples/warden.production.example.yaml` — operator config template
- `wiki/OpenBaoSshEngineChecklist.md`
- `wiki/PolicyGatedSigning.md` — opt-in gate (implemented WP-0007)

View File

@@ -4,7 +4,7 @@ type: workplan
title: "OpsWarden Repo Hygiene and Hub Sync"
domain: custodian
repo: ops-warden
status: finished
status: archived
owner: codex
topic_slug: custodian
created: "2026-06-17"

View File

@@ -4,7 +4,7 @@ type: workplan
title: "OpsWarden OpenBao-First Documentation Alignment"
domain: custodian
repo: ops-warden
status: finished
status: archived
owner: codex
topic_slug: custodian
created: "2026-06-17"

View File

@@ -4,7 +4,7 @@ type: workplan
title: "NetKingdom Alignment and Operational Access Stewardship"
domain: custodian
repo: ops-warden
status: finished
status: archived
owner: codex
topic_slug: custodian
planning_priority: high

View File

@@ -4,7 +4,7 @@ type: workplan
title: "Policy Gate and Production OpenBao Verification"
domain: custodian
repo: ops-warden
status: finished
status: archived
owner: codex
topic_slug: custodian
planning_priority: high