coulomb/ops-warden
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs(WP-0010): sharpen mission to "issue SSH, route the rest" + pointer catalog

Browse Source 
Implements WARDEN-WP-0010 (charter + pointer catalog). ops-warden issues
short-lived SSH certificates and routes every other credential need to the
subsystem that owns it — no desk metaphor, one execution lane.

- wiki/AccessRouting.md: role/boundary, issue-vs-route matrix, anti-patterns
- registry/routing/catalog.yaml: machine-readable pointer layer (6 active + 1
  draft). No-double-source rule enforced structurally — authored steps/cert_command
  only on the warden_executes:true SSH entry; every wiki_ref anchor resolves
- wiki/CredentialRouting.md: catalog-keyed index + no-duplicate-interfaces note
- INTENT/SCOPE/AGENTS/repo-boundary/capability: aligned to the new framing;
  SCOPE notes A3 -> A4 lands with WP-0011 warden route CLI
- WP-0011/0012 + WP-0010: state_hub id writeback; WP-0010 marked done

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
Bernd Worsch
2026-06-18 20:44:53 +02:00
parent b9c8eadcfd
commit ffc2722006
12 changed files with 338 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@@ -5,8 +5,9 @@ Signs short-lived certs for `adm` / `agt` / `atm` actors and exposes the
`cert_command` interface consumed by `ops-bridge` and other tooling.
See `INTENT.md` for direction, `SCOPE.md` for current implementation, and
`wiki/AccessManagementDirective.md` for SSH policy. Latest gap analysis:
`history/2026-06-17-post-wp0007-reassessment.md`.
`wiki/AccessManagementDirective.md` for SSH policy. ops-warden issues SSH certs
and routes every other credential need to its owner — see `wiki/AccessRouting.md`.
Latest gap analysis: `history/2026-06-17-post-wp0007-reassessment.md`.
## Install